From 83506eabe79b561633a7acbebeafe93e53e9a178 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 3 Jul 2024 13:08:50 +0100 Subject: [PATCH 001/290] add 8.15 and remove 8.13 from CI testing (#16282) --- ci/branches.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/branches.json b/ci/branches.json index 211421421..dca2ed04d 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -5,7 +5,7 @@ "branch": "main" }, { - "branch": "8.13" + "branch": "8.15" }, { "branch": "8.14" From 9872159c7165b56df6c43f4a81a597e688ff0234 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 3 Jul 2024 13:08:59 +0100 Subject: [PATCH 002/290] bump version to 8.16.0 (#16281) --- versions.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/versions.yml b/versions.yml index 768d58088..4626e47ca 100644 --- a/versions.yml +++ b/versions.yml @@ -1,7 +1,7 @@ --- # alpha and beta qualifiers are now added via VERSION_QUALIFIER environment var -logstash: 8.15.0 -logstash-core: 8.15.0 +logstash: 8.16.0 +logstash-core: 8.16.0 logstash-core-plugin-api: 2.1.16 bundled_jdk: From e3271db946edff4773d607b33ad4dda96dbb3a9b Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Wed, 3 Jul 2024 15:33:37 -0700 Subject: [PATCH 003/290] add flow-informed tuning guidance (#16265) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs: sentence-case headings * docs-style: one-line-per-sentence asciidoc convention * docs: add flow-informed tuning guidance * docs: clarify `pipeline.batch.delay` * Apply suggestions from code review Co-authored-by: João Duarte * Update docs/static/performance-checklist.asciidoc Co-authored-by: João Duarte --------- Co-authored-by: João Duarte --- docs/static/performance-checklist.asciidoc | 146 +++++++++++++++------ 1 file changed, 109 insertions(+), 37 deletions(-) diff --git a/docs/static/performance-checklist.asciidoc b/docs/static/performance-checklist.asciidoc index 4d0824f4a..814dd6535 100644 --- a/docs/static/performance-checklist.asciidoc +++ b/docs/static/performance-checklist.asciidoc @@ -1,41 +1,42 @@ [[performance-tuning]] -== Performance Tuning +== Performance tuning -This section includes the following information about tuning Logstash -performance: +This section includes the following information about tuning Logstash performance: * <> * <> [[performance-troubleshooting]] -=== Performance Troubleshooting +=== Performance troubleshooting -You can use these troubleshooting tips to quickly diagnose and resolve Logstash performance problems. -Advanced knowledge of pipeline internals is not required to understand this guide. +You can use these troubleshooting tips to quickly diagnose and resolve Logstash performance problems. +Advanced knowledge of pipeline internals is not required to understand this guide. However, the <> is recommended reading if you want to go beyond these tips. -You may be tempted to jump ahead and change settings like `pipeline.workers` -(`-w`) as a first attempt to improve performance. In our experience, changing -this setting makes it more difficult to troubleshoot performance problems -because you increase the number of variables in play. Instead, make one change -at a time and measure the results. Starting at the end of this list is a -sure-fire way to create a confusing situation. +You may be tempted to jump ahead and change settings like `pipeline.workers` (`-w`) as a first attempt to improve performance. +In our experience, changing this setting makes it more difficult to troubleshoot performance problems because you increase the number of variables in play. +Instead, make one change at a time and measure the results. +Starting at the end of this list is a sure-fire way to create a confusing situation. [float] -==== Performance Checklist +==== Performance checklist . *Check the performance of input sources and output destinations:* + -* Logstash is only as fast as the services it connects to. Logstash can only consume and produce data as fast as its input and output destinations can! +* Logstash is only as fast as the services it connects to. + Logstash can only consume and produce data as fast as its input and output destinations can! . *Check system statistics:* + * CPU -** Note whether the CPU is being heavily used. On Linux/Unix, you can run `top -H` to see process statistics broken out by thread, as well as total CPU statistics. +** Note whether the CPU is being heavily used. + On Linux/Unix, you can run `top -H` to see process statistics broken out by thread, as well as total CPU statistics. ** If CPU usage is high, skip forward to the section about checking the JVM heap and then read the section about tuning Logstash worker settings. * Memory -** Be aware of the fact that Logstash runs on the Java VM. This means that Logstash will always use the maximum amount of memory you allocate to it. -** Look for other applications that use large amounts of memory and may be causing Logstash to swap to disk. This can happen if the total memory used by applications exceeds physical memory. +** Be aware of the fact that Logstash runs on the Java VM. + This means that Logstash will always use the maximum amount of memory you allocate to it. +** Look for other applications that use large amounts of memory and may be causing Logstash to swap to disk. + This can happen if the total memory used by applications exceeds physical memory. * I/O Utilization ** Monitor disk I/O to check for disk saturation. *** Disk saturation can happen if you’re using Logstash plugins (such as the file output) that may saturate your storage. @@ -49,59 +50,130 @@ sure-fire way to create a confusing situation. + include::config-details.asciidoc[tag=heap-size-tips] -. *Tune Logstash worker settings:* +. *Tune Logstash pipeline settings:* + -* Begin by scaling up the number of pipeline workers by using the `-w` flag. This will increase the number of threads available for filters and outputs. It is safe to scale this up to a multiple of CPU cores, if need be, as the threads can become idle on I/O. -* You may also tune the output batch size. For many outputs, such as the Elasticsearch output, this setting will correspond to the size of I/O operations. In the case of the Elasticsearch output, this setting corresponds to the batch size. +* Continue on to <> to learn about tuning individual pipelines. [[tuning-logstash]] -=== Tuning and Profiling Logstash Performance +=== Tuning and profiling logstash pipeline performance -The Logstash defaults are chosen to provide fast, safe performance for most -users. However if you notice performance issues, you may need to modify -some of the defaults. Logstash provides the following configurable options -for tuning pipeline performance: `pipeline.workers`, `pipeline.batch.size`, and `pipeline.batch.delay`. For more information about setting these options, see <>. +The <> in Logstash's Monitoring API can provide excellent insight into how events are flowing through your pipelines. +They can reveal whether your pipeline is constrained for resources, which parts of your pipeline are consuming the most resources, and provide useful feedback when tuning. + +[float] +[[tuning-logstash-worker-utilization]] +==== Worker utilization + +When a pipeline's `worker_utilization` flow metric is consistently near 100, all of its workers are occupied processing the filters and outputs of the pipeline. +We can see _which_ plugins in the pipeline are consuming the available worker capacity by looking at the plugin-level `worker_utilization` and `worker_millis_per_event` flow metrics. +Using this information, we can gain intuition about how to tune the pipeline's settings to add resources, how to find and eliminate wasteful computation, or realize the need to scale up/out the capacity of downstream destinations. + +In general, plugins fit into one of two categories: + +- *CPU-bound*: plugins that perform computation on the contents of events _without_ the use of the network or disk IO tend to benefit from incrementally increasing `pipeline.workers` as long as the process has available CPU; once CPU is exhausted additional concurrency can result in _lower_ throughput as the pipeline workers contend for resources and the amount of time spent in context-switching increases. +- *IO-bound*: plugins that use the network to either enrich events or transmit events tend to benefit from incrementally increasing `pipeline.workers` and/or tuning the `pipeline.batch.*` parameters described below. + This allows them to make better use of network resources, as long as those external services are not exerting back-pressure (even if Logstash is using nearly all of its available CPU). + +The further a pipeline's `worker_utilization` is from 100, the more time its workers are spending waiting for events to arrive in the queue. +Because the volume of data in most pipelines is often inconsistent, the goal should be to tune the pipeline such that it has the resources to avoid propagating back-pressure to its inputs during peak periods. + +[float] +[[tuning-logstash-queue-backpressure]] +==== Queue back-pressure + +When a pipeline receives events faster than it can process them, the inputs eventually experience back-pressure that prevents them from receiving additional events. +Depending on the input plugin being used, back-pressure can either propagate upstream or lead to data loss. + +A pipeline's `queue_backpressure` flow metric reflects how much time the inputs are spending attempting to push events into the queue. +The metric isn't precisely comparable across pipelines, but instead allows you to compare a single pipeline's current behaviour to _itself_ over time. +When this metric is growing, look _downstream_ at the pipeline's filters and outputs to see if they are using resources effectively, have sufficient resources allocated, or are experiencing back-pressure of their own. + +NOTE: A persisted queue offers durability guarantees and can absorb back-pressure for longer than the default in-memory queue, but once it is full it too propagates back-pressure. +The `queue_persisted_growth_events` flow metric is useful measure of how much back-pressure is being actively absorbed by the persisted queue, and should trend toward zero (or less) over the pipeline's lifetime. +Negative numbers indicate that the queue is _shrinking_, and that the workers are catching up on lag that had previously developed. + +[float] +[[tuning-logstash-settings]] +==== Tuning-related settings + +The Logstash defaults are chosen to provide fast, safe performance for most users. +However if you notice performance issues, you may need to modify some of the defaults. +Logstash provides the following configurable options for tuning pipeline performance: `pipeline.workers`, `pipeline.batch.size`, and `pipeline.batch.delay`. + +For more information about setting these options, see <>. Make sure you've read the <> before modifying these options. -* The `pipeline.workers` setting determines how many threads to run for filter and output processing. If you find that events are backing up, or that the CPU is not saturated, consider increasing the value of this parameter to make better use of available processing power. Good results can even be found increasing this number past the number of available processors as these threads may spend significant time in an I/O wait state when writing to external systems. Legal values for this parameter are positive integers. +* The `pipeline.workers` setting determines how many threads to run for filter and output processing. + If you find that events are backing up, or that the CPU is not saturated, consider increasing the value of this parameter to make better use of available processing power. + Good results can even be found increasing this number past the number of available processors as these threads may spend significant time in an I/O wait state when writing to external systems. -* The `pipeline.batch.size` setting defines the maximum number of events an individual worker thread collects before attempting to execute filters and outputs. Larger batch sizes are generally more efficient, but increase memory overhead. Some hardware configurations require you to increase JVM heap space in the `jvm.options` config file to avoid performance degradation. (See <> for more info.) Values in excess of the optimum range cause performance degradation due to frequent garbage collection or JVM crashes related to out-of-memory exceptions. Output plugins can process each batch as a logical unit. The Elasticsearch output, for example, issues https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html[bulk requests] for each batch received. Tuning the `pipeline.batch.size` setting adjusts the size of bulk requests sent to Elasticsearch. +* The `pipeline.batch.size` setting defines the maximum number of events an individual worker thread collects from the queue before attempting to execute filters and outputs. + Larger batch sizes are generally more efficient, but increase memory overhead. + Output plugins can process each batch as a logical unit. + The Elasticsearch output, for example, attempts to send a single https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html[bulk request] for each batch received. + Tuning the `pipeline.batch.size` setting adjusts the size of bulk requests sent to Elasticsearch. -* The `pipeline.batch.delay` setting rarely needs to be tuned. This setting adjusts the latency of the Logstash pipeline. Pipeline batch delay is the maximum amount of time in milliseconds that Logstash waits for new messages after receiving an event in the current pipeline worker thread. After this time elapses, Logstash begins to execute filters and outputs.The maximum time that Logstash waits between receiving an event and processing that event in a filter is the product of the `pipeline.batch.delay` and `pipeline.batch.size` settings. +* The `pipeline.batch.delay` setting rarely needs to be tuned. + This setting adjusts the latency of the Logstash pipeline. + Pipeline batch delay is the maximum amount of time in milliseconds that a pipeline worker waits for each new event while its current batch is not yet full. + After this time elapses without any more events becoming available, the worker begins to execute filters and outputs. + The maximum time that the worker waits between receiving an event and processing that event in a filter is the product of the `pipeline.batch.delay` and `pipeline.batch.size` settings. [float] -==== Notes on Pipeline Configuration and Performance +==== Notes on pipeline configuration and performance If you plan to modify the default pipeline settings, take into account the following suggestions: -* The total number of inflight events is determined by the product of the `pipeline.workers` and `pipeline.batch.size` settings. This product is referred to as the _inflight count_. Keep the value of the inflight count in mind as you adjust the `pipeline.workers` and `pipeline.batch.size` settings. Pipelines that intermittently receive large events at irregular intervals require sufficient memory to handle these spikes. Set the JVM heap space accordingly in the `jvm.options` config file. (See <> for more info.) +* The total number of inflight events is determined by the product of the `pipeline.workers` and `pipeline.batch.size` settings. + This product is referred to as the _inflight count_. + Keep the value of the inflight count in mind as you adjust the `pipeline.workers` and `pipeline.batch.size` settings. + Pipelines that intermittently receive large events at irregular intervals require sufficient memory to handle these spikes. + Set the JVM heap space accordingly in the `jvm.options` config file (See <> for more info). * Measure each change to make sure it increases, rather than decreases, performance. -* Ensure that you leave enough memory available to cope with a sudden increase in event size. For example, an application that generates exceptions that are represented as large blobs of text. +* Ensure that you leave enough memory available to cope with a sudden increase in event size. + For example, an application that generates exceptions that are represented as large blobs of text. * The number of workers may be set higher than the number of CPU cores since outputs often spend idle time in I/O wait conditions. * Threads in Java have names and you can use the `jstack`, `top`, and the VisualVM graphical tools to figure out which resources a given thread uses. -* On Linux platforms, Logstash labels all the threads it can with something descriptive. For example, inputs show up as `[base]workerN`, where N is an integer. Where possible, other threads are also labeled to help you identify their purpose. +* On Linux platforms, Logstash labels its threads with descriptive names. + For example, inputs show up as `[base]workerN`, where N is an integer. + Where possible, other threads are also labeled to help you identify their purpose. [float] [[profiling-the-heap]] -==== Profiling the Heap +==== Profiling the heap -When tuning Logstash you may have to adjust the heap size. You can use the https://visualvm.github.io/[VisualVM] tool to profile the heap. The *Monitor* pane in particular is useful for checking whether your heap allocation is sufficient for the current workload. The screenshots below show sample *Monitor* panes. The first pane examines a Logstash instance configured with too many inflight events. The second pane examines a Logstash instance configured with an appropriate amount of inflight events. Note that the specific batch sizes used here are most likely not applicable to your specific workload, as the memory demands of Logstash vary in large part based on the type of messages you are sending. +When tuning Logstash you may have to adjust the heap size. +You can use the https://visualvm.github.io/[VisualVM] tool to profile the heap. +The *Monitor* pane in particular is useful for checking whether your heap allocation is sufficient for the current workload. +The screenshots below show sample *Monitor* panes. +The first pane examines a Logstash instance configured with too many inflight events. +The second pane examines a Logstash instance configured with an appropriate amount of inflight events. +Note that the specific batch sizes used here are most likely not applicable to your specific workload, as the memory demands of Logstash vary in large part based on the type of messages you are sending. image::static/images/pipeline_overload.png[] image::static/images/pipeline_correct_load.png[] -In the first example we see that the CPU isn’t being used very efficiently. In fact, the JVM is often times having to stop the VM for “full GCs”. Full garbage collections are a common symptom of excessive memory pressure. This is visible in the spiky pattern on the CPU chart. In the more efficiently configured example, the GC graph pattern is more smooth, and the CPU is used in a more uniform manner. You can also see that there is ample headroom between the allocated heap size, and the maximum allowed, giving the JVM GC a lot of room to work with. +In the first example we see that the CPU isn’t being used very efficiently. +In fact, the JVM is often times having to stop the VM for “full GCs”. +Full garbage collections are a common symptom of excessive memory pressure. +This is visible in the spiky pattern on the CPU chart. +In the more efficiently configured example, the GC graph pattern is more smooth, and the CPU is used in a more uniform manner. +You can also see that there is ample headroom between the allocated heap size, and the maximum allowed, giving the JVM GC a lot of room to work with. Examining the in-depth GC statistics with a tool similar to the excellent https://visualvm.github.io/plugins.html[VisualGC] plugin shows that the over-allocated VM spends very little time in the efficient Eden GC, compared to the time spent in the more resource-intensive Old Gen “Full” GCs. -NOTE: As long as the GC pattern is acceptable, heap sizes that occasionally increase to the maximum are acceptable. Such heap size spikes happen in response to a burst of large events passing through the pipeline. In general practice, maintain a gap between the used amount of heap memory and the maximum. -This document is not a comprehensive guide to JVM GC tuning. Read the official http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/gc01/index.html[Oracle guide] for more information on the topic. We also recommend reading https://www.semicomplete.com/blog/geekery/debugging-java-performance/[Debugging Java Performance]. +NOTE: As long as the GC pattern is acceptable, heap sizes that occasionally increase to the maximum are acceptable. + Such heap size spikes happen in response to a burst of large events passing through the pipeline. + In general practice, maintain a gap between the used amount of heap memory and the maximum. + This document is not a comprehensive guide to JVM GC tuning. + Read the official http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/gc01/index.html[Oracle guide] for more information on the topic. + We also recommend reading https://www.semicomplete.com/blog/geekery/debugging-java-performance/[Debugging Java Performance]. From b51b5392e17d27b078917ac69f241e5b536120f9 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Thu, 4 Jul 2024 01:11:46 -0700 Subject: [PATCH 004/290] Release notes for 8.14.2 (#16266) (#16286) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com> Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- docs/static/releasenotes.asciidoc | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 1d9c3ddcc..a9bd5f52c 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in the following releases: +* <> * <> * <> * <> @@ -62,6 +63,36 @@ This section summarizes the changes in the following releases: * <> +[[logstash-8-14-2]] +=== Logstash 8.14.2 Release Notes + +[[notable-8.14.2]] +==== Notable issues fixed + +* Fixes a regression from Logstash 8.7.0 that prevented pipelines from starting when they included plugins with unicode ids https://github.com/elastic/logstash/pull/15971[#15971] +* Fixes a regression from Logstash 8.12.0 that prevented pipelines from starting when they included a geoip filter that used the managed databases feature after the databases had been updated https://github.com/elastic/logstash/pull/16222[#16222] +* Fixes an issue with the dead-letter queue that could cause it to emit superfluous warning messages when age-based retention was enabled while determining whether a fully-consumed segment that had already been removed was also expired https://github.com/elastic/logstash/pull/16204[#16204] + +==== Plugins + +*Fluent Codec - 3.4.3* + +* Fix: reduce overhead of unpacking packforward-payloads by reusing a single instance https://github.com/logstash-plugins/logstash-codec-fluent/pull/32[#32] + +*Elastic_integration Filter - 0.1.10* + +* Fixes handling of array-type event fields by treating them as lists https://github.com/elastic/logstash-filter-elastic_integration/pull/146[#146] +* Syncs with Elasticsearch 8.14, including support for new user-provided GeoIP database types `ConnectionType`, `Domain` and `Isp` https://github.com/elastic/logstash-filter-elastic_integration/pull/147[#147] + +*Elasticsearch Input - 4.20.3* + +* [DOC] Update link to bypass redirect, resolving directly to correct content https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/206[#206] + +*Elasticsearch Output - 11.22.7* + +* [DOC] `ssl_key` requires PKCS#8 format https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1181[#1181] + + [[logstash-8-14-1]] === Logstash 8.14.1 Release Notes From a63d8a831dfa5f87686c78a52cdc85b812eb2f24 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Thu, 4 Jul 2024 02:08:22 -0700 Subject: [PATCH 005/290] bump ci releases for 8.14.2 (#16287) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index ceb6e6552..a8c2f3e50 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -3,11 +3,11 @@ "5.x": "5.6.16", "6.x": "6.8.23", "7.x": "7.17.22", - "8.x": "8.14.1" + "8.x": "8.14.2" }, "snapshots": { "7.x": "7.17.23-SNAPSHOT", - "8.x": "8.14.2-SNAPSHOT", + "8.x": "8.14.3-SNAPSHOT", "main": "8.15.0-SNAPSHOT" } } From db06ec415ab57aaa42b7cce742354e9f0d6875fa Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Thu, 4 Jul 2024 14:13:16 +0300 Subject: [PATCH 006/290] Remove CentOS 7 from CI (#16293) CentOS 7 is EOL since June 30 2024[^1]. All repositories and mirrors are now unreachable. This commit removes CentOS 7 from CI jobs using it. Relates https://github.com/elastic/ingest-dev/issues/3520 [^1]: https://www.redhat.com/en/topics/linux/centos-linux-eol --- .buildkite/linux_jdk_matrix_pipeline.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.buildkite/linux_jdk_matrix_pipeline.yml b/.buildkite/linux_jdk_matrix_pipeline.yml index 435fc8adb..400966838 100644 --- a/.buildkite/linux_jdk_matrix_pipeline.yml +++ b/.buildkite/linux_jdk_matrix_pipeline.yml @@ -32,8 +32,6 @@ steps: value: "rhel-9" - label: "RHEL 8" value: "rhel-8" - - label: "CentOS 7" - value: "centos-7" - label: "Oracle Linux 8" value: "oraclelinux-8" - label: "Oracle Linux 7" From ea0c16870f56894cbdb7a838e1b0b9c1af757e42 Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Mon, 8 Jul 2024 14:43:55 +0300 Subject: [PATCH 007/290] Add Ubuntu 24.04 to CI (#16299) Now that we have custom VM images for Ubuntu 24.04, this commit adds CI for Ubuntu 24.04. This is a revert of #16279 --- .buildkite/linux_jdk_matrix_pipeline.yml | 2 ++ .buildkite/scripts/common/vm-images.json | 2 +- .buildkite/scripts/exhaustive-tests/generate-steps.py | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.buildkite/linux_jdk_matrix_pipeline.yml b/.buildkite/linux_jdk_matrix_pipeline.yml index 400966838..feebfe95b 100644 --- a/.buildkite/linux_jdk_matrix_pipeline.yml +++ b/.buildkite/linux_jdk_matrix_pipeline.yml @@ -18,6 +18,8 @@ steps: multiple: true default: "${DEFAULT_MATRIX_OS}" options: + - label: "Ubuntu 24.04" + value: "ubuntu-2404" - label: "Ubuntu 22.04" value: "ubuntu-2204" - label: "Ubuntu 20.04" diff --git a/.buildkite/scripts/common/vm-images.json b/.buildkite/scripts/common/vm-images.json index 6d34fb2a1..50d48dcfb 100644 --- a/.buildkite/scripts/common/vm-images.json +++ b/.buildkite/scripts/common/vm-images.json @@ -1,7 +1,7 @@ { "#comment": "This file lists all custom vm images. We use it to make decisions about randomized CI jobs.", "linux": { - "ubuntu": ["ubuntu-2204", "ubuntu-2004"], + "ubuntu": ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004"], "debian": ["debian-12", "debian-11", "debian-10"], "rhel": ["rhel-9", "rhel-8"], "oraclelinux": ["oraclelinux-8", "oraclelinux-7"], diff --git a/.buildkite/scripts/exhaustive-tests/generate-steps.py b/.buildkite/scripts/exhaustive-tests/generate-steps.py index ac16b1234..391cb4fad 100644 --- a/.buildkite/scripts/exhaustive-tests/generate-steps.py +++ b/.buildkite/scripts/exhaustive-tests/generate-steps.py @@ -10,7 +10,7 @@ from ruamel.yaml.scalarstring import LiteralScalarString VM_IMAGES_FILE = ".buildkite/scripts/common/vm-images.json" VM_IMAGE_PREFIX = "platform-ingest-logstash-multi-jdk-" -ACCEPTANCE_LINUX_OSES = ["ubuntu-2204", "ubuntu-2004", "debian-11", "debian-10", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"] +ACCEPTANCE_LINUX_OSES = ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004", "debian-11", "debian-10", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"] CUR_PATH = os.path.dirname(os.path.abspath(__file__)) From 2404bad9a9c008d96e5536987062cebf7cc14faa Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Mon, 8 Jul 2024 22:20:59 +0100 Subject: [PATCH 008/290] [CI] fix benchmark to pull snapshot version (#16308) - fixes the CI benchmark script to always runs against the latest snapshot version - uses `/v1/versions/$VERSION/builds/latest` to get the latest build id Fixes: #16307 Co-authored-by: Ry Biesemeyer --- .buildkite/scripts/benchmark/main.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.buildkite/scripts/benchmark/main.sh b/.buildkite/scripts/benchmark/main.sh index b4bbb8b25..9d218d772 100755 --- a/.buildkite/scripts/benchmark/main.sh +++ b/.buildkite/scripts/benchmark/main.sh @@ -106,8 +106,9 @@ pull_images() { if [[ -n "$LS_VERSION" ]]; then docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION" else - LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/versions | jq -r ".versions[-1]" ) - BUILD_ID=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/branches/master/builds | jq -r ".builds[0]" ) + # select the SNAPSHOT artifact with the highest semantic version number + LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/versions | jq -r '.versions | map(select(endswith("-SNAPSHOT"))) | max_by(rtrimstr("-SNAPSHOT")|split(".")|map(tonumber))' ) + BUILD_ID=$(curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://artifacts-api.elastic.co/v1/versions/${LS_VERSION}/builds/latest" | jq -re '.build.build_id') ARCH=$(arch) IMAGE_URL="https://snapshots.elastic.co/${BUILD_ID}/downloads/logstash/logstash-$LS_VERSION-docker-image-$ARCH.tar.gz" IMAGE_FILENAME="$LS_VERSION.tar.gz" From 66aeeeef835d31547c9ae7ba24426a51b68a3713 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Tue, 9 Jul 2024 14:12:21 -0700 Subject: [PATCH 009/290] Json normalization performance (#16313) * licenses: allow elv2, standard abbreviation for Elastic License version 2 * json-dump: reduce unicode normalization cost Since the underlying JrJackson now properly (and efficiently) encodes the UTF-8 transcode of whichever strings it is given, we no longer need to pre-normalize to UTF-8 in ruby _except_ when the string is flagged as BINARY because we have alternate behaviour to preserve valid UTF-8 sequences. By emitting a _copy_ of binary-flagged strings that have been re-flagged as UTF-8, we allow the downstream (efficient) encoding operation in jrjackson to produce equivalent behaviour at much lower cost. * cleanup: remove orphan unicode normalizer --- logstash-core/lib/logstash/json.rb | 8 +++- .../lib/logstash/util/unicode_normalizer.rb | 38 ------------------- spec/compliance/license_spec.rb | 2 +- 3 files changed, 7 insertions(+), 41 deletions(-) delete mode 100644 logstash-core/lib/logstash/util/unicode_normalizer.rb diff --git a/logstash-core/lib/logstash/json.rb b/logstash-core/lib/logstash/json.rb index 9a441d4ec..a8f0abe9b 100644 --- a/logstash-core/lib/logstash/json.rb +++ b/logstash-core/lib/logstash/json.rb @@ -16,7 +16,6 @@ # under the License. require "logstash/environment" -require "logstash/util/unicode_normalizer" require "jrjackson" module LogStash @@ -51,7 +50,12 @@ module LogStash def normalize_encoding(data) case data when String - LogStash::UnicodeNormalizer.normalize_string_encoding(data) + if data.encoding == Encoding::ASCII_8BIT + # when given BINARY-flagged string, assume it is UTF-8 so that + # subsequent cleanup retains valid UTF-8 sequences + data = data.dup.force_encoding(Encoding::UTF_8) + end + data when Array data.map { |item| normalize_encoding(item) } when Hash diff --git a/logstash-core/lib/logstash/util/unicode_normalizer.rb b/logstash-core/lib/logstash/util/unicode_normalizer.rb deleted file mode 100644 index 7397a3eb3..000000000 --- a/logstash-core/lib/logstash/util/unicode_normalizer.rb +++ /dev/null @@ -1,38 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash - - # A class to normalize the invalid unicode data - class UnicodeNormalizer - - include LogStash::Util::Loggable - - # Tries to normalize input string to UTF-8 when - # input string encoding is not UTF-8, - # and replaces invalid unicode bytes with replacement characters ('uFFFD') - # string_data - The String data to be normalized. - # Returns the normalized string data. - def self.normalize_string_encoding(string_data) - # when given BINARY-flagged string, assume it is UTF-8 so that - # subsequent cleanup retains valid UTF-8 sequences - source_encoding = string_data.encoding - source_encoding = Encoding::UTF_8 if source_encoding == Encoding::BINARY - string_data.encode(Encoding::UTF_8, source_encoding, invalid: :replace, undef: :replace).scrub - end - end -end diff --git a/spec/compliance/license_spec.rb b/spec/compliance/license_spec.rb index 5167bb055..91f1f660b 100644 --- a/spec/compliance/license_spec.rb +++ b/spec/compliance/license_spec.rb @@ -31,7 +31,7 @@ describe "Project licenses" do /ruby/, /lgpl/, /epl/, - /elastic/i + /elastic|elv2/i ]) } From f728c44a0a50171478cf3240e521fac7cb4290e2 Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Wed, 10 Jul 2024 15:17:10 +0300 Subject: [PATCH 010/290] Remove Debian 10 from CI (#16300) This commit removes Debian 10 (Buster) which is EOL since July 1 2024[^1] from CI. Relates https://github.com/elastic/ingest-dev/issues/2872 --- .buildkite/linux_jdk_matrix_pipeline.yml | 2 -- .buildkite/scripts/common/vm-images.json | 2 +- .buildkite/scripts/exhaustive-tests/generate-steps.py | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.buildkite/linux_jdk_matrix_pipeline.yml b/.buildkite/linux_jdk_matrix_pipeline.yml index feebfe95b..eb42bd5ee 100644 --- a/.buildkite/linux_jdk_matrix_pipeline.yml +++ b/.buildkite/linux_jdk_matrix_pipeline.yml @@ -28,8 +28,6 @@ steps: value: "debian-12" - label: "Debian 11" value: "debian-11" - - label: "Debian 10" - value: "debian-10" - label: "RHEL 9" value: "rhel-9" - label: "RHEL 8" diff --git a/.buildkite/scripts/common/vm-images.json b/.buildkite/scripts/common/vm-images.json index 50d48dcfb..5e34672b8 100644 --- a/.buildkite/scripts/common/vm-images.json +++ b/.buildkite/scripts/common/vm-images.json @@ -2,7 +2,7 @@ "#comment": "This file lists all custom vm images. We use it to make decisions about randomized CI jobs.", "linux": { "ubuntu": ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004"], - "debian": ["debian-12", "debian-11", "debian-10"], + "debian": ["debian-12", "debian-11"], "rhel": ["rhel-9", "rhel-8"], "oraclelinux": ["oraclelinux-8", "oraclelinux-7"], "rocky": ["rocky-linux-8"], diff --git a/.buildkite/scripts/exhaustive-tests/generate-steps.py b/.buildkite/scripts/exhaustive-tests/generate-steps.py index 391cb4fad..8a4ddff55 100644 --- a/.buildkite/scripts/exhaustive-tests/generate-steps.py +++ b/.buildkite/scripts/exhaustive-tests/generate-steps.py @@ -10,7 +10,7 @@ from ruamel.yaml.scalarstring import LiteralScalarString VM_IMAGES_FILE = ".buildkite/scripts/common/vm-images.json" VM_IMAGE_PREFIX = "platform-ingest-logstash-multi-jdk-" -ACCEPTANCE_LINUX_OSES = ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004", "debian-11", "debian-10", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"] +ACCEPTANCE_LINUX_OSES = ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004", "debian-11", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"] CUR_PATH = os.path.dirname(os.path.abspath(__file__)) From 9c6550a0dfbdaeb769cc2953fb54ca908ce1db8c Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Wed, 10 Jul 2024 11:22:46 -0400 Subject: [PATCH 011/290] Doc: Update headers for plugins (LSR) (#16277) --- docs/include/filter.asciidoc | 4 ++-- docs/include/input.asciidoc | 7 ++----- docs/include/output.asciidoc | 4 ++-- docs/include/plugin_header-core.asciidoc | 2 +- docs/include/plugin_header-integration.asciidoc | 2 +- docs/include/plugin_header.asciidoc | 2 +- 6 files changed, 9 insertions(+), 12 deletions(-) diff --git a/docs/include/filter.asciidoc b/docs/include/filter.asciidoc index 23035490f..9cd984f29 100644 --- a/docs/include/filter.asciidoc +++ b/docs/include/filter.asciidoc @@ -1,10 +1,10 @@ -==== Common Options +==== Common options // Contributors: You must conditionally code all internal links and IDs in this // file to make the common files work in both the LS Reference and the versioned // plugin docs -The following configuration options are supported by all filter plugins: +These configuration options are supported by all filter plugins: ifeval::["{versioned_docs}"!="true"] [cols="<,<,<",options="header",] diff --git a/docs/include/input.asciidoc b/docs/include/input.asciidoc index d0b9b5cd0..5ef643aac 100644 --- a/docs/include/input.asciidoc +++ b/docs/include/input.asciidoc @@ -1,10 +1,10 @@ -==== Common Options +==== Common options // Contributors: You must conditionally code all internal links and IDs in this // file to make the common files work in both the LS Reference and the versioned // plugin docs -The following configuration options are supported by all input plugins: +These configuration options are supported by all input plugins: [cols="<,<,<",options="header",] ifeval::["{versioned_docs}"!="true"] @@ -34,9 +34,6 @@ endif::no_codec[] |======================================================================= endif::[] -==== Details - -  ifeval::["{versioned_docs}"!="true"] [id="plugins-{type}s-{plugin}-add_field"] diff --git a/docs/include/output.asciidoc b/docs/include/output.asciidoc index 5d8090645..8e9453c4e 100644 --- a/docs/include/output.asciidoc +++ b/docs/include/output.asciidoc @@ -1,10 +1,10 @@ -==== Common Options +==== Common options // Contributors: You must conditionally code all internal links and IDs in this // file to make the common files work in both the LS Reference and the versioned // plugin docs -The following configuration options are supported by all output plugins: +These configuration options are supported by all output plugins: ifeval::["{versioned_docs}"!="true"] [cols="<,<,<",options="header",] diff --git a/docs/include/plugin_header-core.asciidoc b/docs/include/plugin_header-core.asciidoc index 64717a25d..eec4d5901 100644 --- a/docs/include/plugin_header-core.asciidoc +++ b/docs/include/plugin_header-core.asciidoc @@ -6,7 +6,7 @@ *{ls} Core Plugin.* The {plugin} {type} plugin cannot be installed or uninstalled independently of {ls}. -==== Getting Help +==== Getting help For questions about the plugin, open a topic in the http://discuss.elastic.co[Discuss] forums. For bugs or feature requests, open an diff --git a/docs/include/plugin_header-integration.asciidoc b/docs/include/plugin_header-integration.asciidoc index 6cba76a46..525f84181 100644 --- a/docs/include/plugin_header-integration.asciidoc +++ b/docs/include/plugin_header-integration.asciidoc @@ -11,7 +11,7 @@ For other versions, see the {lsplugindocs}/{type}-{plugin}-index.html[Versioned plugin docs]. -==== Getting Help +==== Getting help For questions about the plugin, open a topic in the http://discuss.elastic.co[Discuss] forums. For bugs or feature requests, open an issue in https://github.com/logstash-plugins/logstash-integration-{integration}[Github]. diff --git a/docs/include/plugin_header.asciidoc b/docs/include/plugin_header.asciidoc index 2e5e714e8..c8a169810 100644 --- a/docs/include/plugin_header.asciidoc +++ b/docs/include/plugin_header.asciidoc @@ -18,7 +18,7 @@ For plugins not bundled by default, it is easy to install by running +bin/logsta endif::[] -==== Getting Help +==== Getting help For questions about the plugin, open a topic in the http://discuss.elastic.co[Discuss] forums. For bugs or feature requests, open an issue in https://github.com/logstash-plugins/logstash-{type}-{plugin}[Github]. For the list of Elastic supported plugins, please consult the https://www.elastic.co/support/matrix#logstash_plugins[Elastic Support Matrix]. From 01b08c7640ef8378f3461e78a47c6e055e7c6068 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Thu, 11 Jul 2024 18:10:59 +0200 Subject: [PATCH 012/290] Update logstash_releases.json after 8.14.3 (#16306) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index a8c2f3e50..5657839d1 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -3,11 +3,11 @@ "5.x": "5.6.16", "6.x": "6.8.23", "7.x": "7.17.22", - "8.x": "8.14.2" + "8.x": "8.14.3" }, "snapshots": { "7.x": "7.17.23-SNAPSHOT", - "8.x": "8.14.3-SNAPSHOT", + "8.x": "8.14.4-SNAPSHOT", "main": "8.15.0-SNAPSHOT" } } From 758098cdcd898bf6a2f1d132cb30aa6b519f55e7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 11 Jul 2024 18:12:35 +0200 Subject: [PATCH 013/290] Release notes for 8.14.3 (#16312) (#16318) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Update release notes for 8.14.3 Co-authored-by: João Duarte (cherry picked from commit a60c7cb95e805429d6c9a250e81eab0c4ec4b817) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- docs/static/releasenotes.asciidoc | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index a9bd5f52c..204454a08 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in the following releases: +* <> * <> * <> * <> @@ -63,6 +64,14 @@ This section summarizes the changes in the following releases: * <> +[[logstash-8-14-3]] +=== Logstash 8.14.3 Release Notes + +[[notable-8.14.3]] +==== Enhancements and notable issues fixed + +* Ensure pipeline metrics are cleared on shutdown https://github.com/elastic/logstash/pull/16264[#16264] + [[logstash-8-14-2]] === Logstash 8.14.2 Release Notes From e065088cd8dfa828583afaaff33315a83bf6aefe Mon Sep 17 00:00:00 2001 From: ev1yehor <146825775+ev1yehor@users.noreply.github.com> Date: Tue, 16 Jul 2024 14:38:56 +0300 Subject: [PATCH 014/290] Add GH vault plugin bot to allowed list (#16301) --- .buildkite/pull-requests.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/pull-requests.json b/.buildkite/pull-requests.json index a75d5d5b9..03d61a9b2 100644 --- a/.buildkite/pull-requests.json +++ b/.buildkite/pull-requests.json @@ -5,7 +5,7 @@ "pipeline_slug": "logstash-pull-request-pipeline", "allow_org_users": true, "allowed_repo_permissions": ["admin", "write"], - "allowed_list": ["dependabot[bot]", "mergify[bot]", "github-actions[bot]"], + "allowed_list": ["dependabot[bot]", "mergify[bot]", "github-actions[bot]", "elastic-vault-github-plugin-prod[bot]"], "set_commit_status": true, "build_on_commit": true, "build_on_comment": true, From c30aa1c7f52419c68d83f2809394a0fc35fac457 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 17 Jul 2024 10:43:57 +0100 Subject: [PATCH 015/290] regenerate webserver test certificates (#16331) --- .../generated/intermediate-ca.crt | 54 ++++----- .../generated/intermediate-ca.key | 103 ++++++++-------- .../webserver_certs/generated/root.crt | 60 +++++----- .../webserver_certs/generated/root.key | 103 ++++++++-------- .../server_from_intermediate.chain.crt | 112 +++++++++--------- .../generated/server_from_intermediate.crt | 58 ++++----- .../generated/server_from_intermediate.jks | Bin 6099 -> 6252 bytes .../generated/server_from_intermediate.key | 103 ++++++++-------- .../generated/server_from_intermediate.p12 | Bin 5950 -> 6116 bytes .../generated/server_from_root.chain.crt | 60 +++++----- .../generated/server_from_root.crt | 60 +++++----- .../generated/server_from_root.jks | Bin 4499 -> 4652 bytes .../generated/server_from_root.key | 103 ++++++++-------- .../generated/server_from_root.p12 | Bin 4462 -> 4628 bytes 14 files changed, 410 insertions(+), 406 deletions(-) diff --git a/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.crt b/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.crt index e772b2ea1..ca9ed7cba 100644 --- a/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.crt +++ b/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.crt @@ -1,32 +1,32 @@ -----BEGIN CERTIFICATE----- -MIIFgDCCA2igAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJQVDEL +MIIFgDCCA2igAwIBAgIBATANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTAL -BgNVBAMMBHJvb3QwHhcNMjExMDE5MTgyNzI4WhcNMjQwNzE1MTgyNzI4WjBVMQsw +BgNVBAMMBHJvb3QwHhcNMjQwNzE2MTUzNTAzWhcNMjcwNDEyMTUzNTAzWjBVMQsw CQYDVQQGEwJQVDELMAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UE CgwFTXlMYWIxGDAWBgNVBAMMD2ludGVybWVkaWF0ZS1jYTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPHXRKHl/LsaDFGnys0b4mlLlGQ6qJSC5ut8FZoa -B7kDeHsi8TiFVg/RENghFBClP9aGhWxndGSeQTDkg+KPxKovXBX1J9mP+z+ol47V -QVeCT++AvPQYmtLNLwZg0e5GVHFMnVq64LlTc1XjvzjlU751A5dEq/miMpovx7fS -oI2zxtVOYx+BF4hr+WA20mxbQoGXVM8ITDBWySM5IDhngKNAfmXNQZFffJgk+pwe -++I4KzRkLU02OEUnH63/YFkn+CoZBmg+II8cNItRVYCRifXb8tsO6OEwQQEe1RSk -fmxiiiTYCDMB5GUSowCRotKTwEXgWwTLKghzzUoCPJapsb/CzY2xp/ECtQt420CJ -aosx/fLmcuKmbhW847hYq4L8HqZvjs3i7E6wjuUAgn/um28kU1PrN9l6qTJhHKKP -GZUCC/Cou0g9q7Y9ad672mWgExo0I1vXm2H1KNYy94agmXaIgmelvPBTPREkEEL6 -MnfrZKiYOG5wjSMubg0L4JYKUMuToXvfXxe6o2rDofe/oTUXErGDYV4z7vr58dQg -TM5PtxpZCLmqELaBFydB5hEBQly8Fxh3SVpuwkcaCxOlXMkdvHEK9daYfE9jV0fu -StfckkCLdDZMHI+iSdQsqK6E9vc4tX2rnhzgKex0Byu0GUEg6XoFL2GKdUOvRZTJ -/tMxAgMBAAGjZjBkMB0GA1UdDgQWBBR6wQ0Is6YucsLFNwdZ3ANX1jrgsjAfBgNV -HSMEGDAWgBSWO1UVkFl5LOuplY08xBLcfGyc+jASBgNVHRMBAf8ECDAGAQH/AgEA -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEANoo45TDx1lfglAmJ -8nt/58y7fm8trxmrSQmDAIuXZKqATNsEw/+VbIXqeC9sT2lWY9URFmmFm505JP+1 -43nM68cjfAK7ihLcGS7XwQMtQCgiQzJKeZFOx/l30lN5rRje5HHbSIF+uuwO987J -LNYJ+rS7N25lB5EQY8satuZWMVtSZ7YQCMkSJve7KjfrbE3kORjHs6jn3bdyuWAr -oApgKJgCUX3JSPZyH3T/xakMneZNkYr0CC1kNi9wL4js5I/nN2Z4er0N1Zt6PIM+ -hIJcW/Qv0BtI4bzkNkGSehm+Ofr+njuqWaaQMF7kLPTGDg/0SN63Y+X59CJQMnjF -+oW0oGm30S3okFpgXSU+DDxNPlh1j3jTMoArPvIaTceImfmsBXU62JRXQWaAr1jF -EujYbTJ147/7NmsmnskFO37Mp35JxL3ELWfMeBAL/HC11mzUbGFhtvtFqhQMWMbt -5AAR9ZUaPO8xTX6Ag8/8MXF5wFRkJBqTNn6GaX5PUrWhlAKpGuAuuR1NBY5TGUHX -NcFu+bf5JtjhgSUGB0FuZfdZvw46k30NLlT39NbXayY102XYfrAsl0X0TNqjQua1 -7j7FqYrAALQVLfYeKrE0nKaH35nU6Kk1Iy42CbB71MHqcg7DTjn0MvTKZcnQ8pxv -RQwP+BXkzwfWWEp05rlVeKS0IjQ= +AQEBBQADggIPADCCAgoCggIBALUBL8nGcBsOrfv/uI555eOiBgFYD+V3etaiFDi6 +MtZynj9oazrssevjNwP045j8a2L9apjeq9U5REs2MrYoHTEPoIeOiFPNQfiBtJt/ +DjBiXYQbrSfpkjPmRREPKkTX9lFNSlEmG3y+kNMyASvR3K4IM6Bqd+FYt/GUyhZP +LFx9ZhRAiq5uulLqVaAdAp+wdjAXeSedtCTs+20aW+NKA32+Pb8vzJp6HOmh+ZXl +orlEyKKfUYI3ODu9IoXTu6ZN8XZ4LfrDu47wswgQU4n2TOn+Qm7nwE9GIjQBjYOz +s3eUYyzE/z5oyrC6t2Z2ZEq2pCwMwf7iPXRFrgSvgLJCCSdwrB/bTxghM0vmFeoV +V2vfTp3VC/WbSW59tV++iMyMQTPw+grg0NEJCrwNnFJ1DL9iT0f902z2mknxuCM+ +2HGpt2EG+FnU4kR2gHQKt4BNGIuscchp8J85CGjheoNvuHaUktVWwqUaHUL8b9MV +dav10Obfr0+bWNIY2xsufM8sX/QP3VsfJ/nFkoImYNW5SI5g7/5DTIxIE/z8Ab1a +4JT2JCzPO8wDFyle4RVOG+2WfDBUkkjIjXlfxBwLneTPzqv5jmpPIwcpdF0c9bWw +Jwb/e4hB/bAFwZvLFr0aypJ0Zqbc/67n5HDsKx8+/XUKar1qPP6AzrfecOmBwwOH +AsE7AgMBAAGjZjBkMB0GA1UdDgQWBBT5X+u4LkGBED9seTSNYgA40tXJUTAfBgNV +HSMEGDAWgBQB2VzO86glAf1wb5+bjW8YPxZlpTASBgNVHRMBAf8ECDAGAQH/AgEA +MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAGb6iGwxKXTSgxP96 +4UMtpKYFGykBuajxr105jFSjXArhjj5/U21nIHQ3vrmAGAMY6iaaeKJ78gYSfm+O +zC5o8f4PLxtPfRJGymGUISrtIpBUTz+CVNAwQw0yrAeROizoUBhpDmUVrzlSfwgm +uH3H94jvi/IpoxUezsr1tS48G8ayaVlrPLflBhgX1NXzonA0KqGNdm5AwOx3jgZi +v5PYtz6xR1NtINnGm42A078gL9XHXmZowacGPNf7flwU9UzU1LDb1snGCxOgNq0e +ABZmd4TbEqMs1mAmn6ymzAIU2wBOStcC0is1MJ1j/NVVixETrx65UY1BTMlIojDT +bV4fbYy7jo8rtoLdnwFd+DdXna2LJ8qq+7CE35f9c+ZxLkdSfqADISwkhR+J/6TB +plRVyBc4eiPdSV27qPbjMOEHKy43+rHTsBILqIOQ0sBlMe8DgD8ZXo+PUM1Ptadn +PsuHwSflCrIz6AHgG/nORSDQf+7U79mejzi3fIjwYyYpSlBemTuW+z3x1xizN6PY +CK9zuZu8K9Z/F7GQmr3xBEtWqH2rd7TcN7fQP+zmG/v++vPlE38cQFWv5vVISxJe +U6AOJmXKNvDB4QR5CPsd6UWn/Nb1K3/MlDu5ymLq9JXm/GeokaGqHuaLLR20yN7w +/kNCmGr6r+cWAxpEZkmSBUg8/ps= -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.key b/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.key index 17a1eadb3..924a05073 100644 --- a/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.key +++ b/qa/integration/fixtures/webserver_certs/generated/intermediate-ca.key @@ -1,51 +1,52 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEA8ddEoeX8uxoMUafKzRviaUuUZDqolILm63wVmhoHuQN4eyLx -OIVWD9EQ2CEUEKU/1oaFbGd0ZJ5BMOSD4o/Eqi9cFfUn2Y/7P6iXjtVBV4JP74C8 -9Bia0s0vBmDR7kZUcUydWrrguVNzVeO/OOVTvnUDl0Sr+aIymi/Ht9KgjbPG1U5j -H4EXiGv5YDbSbFtCgZdUzwhMMFbJIzkgOGeAo0B+Zc1BkV98mCT6nB774jgrNGQt -TTY4RScfrf9gWSf4KhkGaD4gjxw0i1FVgJGJ9dvy2w7o4TBBAR7VFKR+bGKKJNgI -MwHkZRKjAJGi0pPAReBbBMsqCHPNSgI8lqmxv8LNjbGn8QK1C3jbQIlqizH98uZy -4qZuFbzjuFirgvwepm+OzeLsTrCO5QCCf+6bbyRTU+s32XqpMmEcoo8ZlQIL8Ki7 -SD2rtj1p3rvaZaATGjQjW9ebYfUo1jL3hqCZdoiCZ6W88FM9ESQQQvoyd+tkqJg4 -bnCNIy5uDQvglgpQy5Ohe99fF7qjasOh97+hNRcSsYNhXjPu+vnx1CBMzk+3GlkI -uaoQtoEXJ0HmEQFCXLwXGHdJWm7CRxoLE6VcyR28cQr11ph8T2NXR+5K19ySQIt0 -Nkwcj6JJ1CyoroT29zi1faueHOAp7HQHK7QZQSDpegUvYYp1Q69FlMn+0zECAwEA -AQKCAgBirops3aHQ3wIj16njI/uxJ4v3kg/z+a4sbMeLyA9aqVXiORHhFFdXwOF0 -r5q2aBeye9W5tEVEQWcsgjJmom+HWifjNdP67MuC4FJnkBFHmf7wJcH0gI28csk7 -ewpuhfgy+yZCPXsxZCHt7C69EqanUqwSb40VIeAwFksScTneWHtL0t6TnmNx4U0y -u2wFlv9+TbfneuVL3D3ax5akLWfKNajd9XFJ1oLKulwglGwHlQ/cIvxxQyyW2y4M -G+a+upaC5w88Pg2fF81BBAE1oy1+Sy+/v0e7i6sav/AGqlCD/XmNKzG9TopZy88D -jmm4L14HpVK+lAAkzsv35Q3AFKJYaB7+BdxSOxdJrq9RaxuCzZU00sFxA3F7PPkh -tokxrIuyl3s2cnJkHE294s4/1VnWx8UAvdEx+XRsypp0d7JZT5Rm3Q1spOYWS+Zp -ShlHtq2qdhjbqRLq4ur2WYCGWHqxGkXbhkPcO0ezstxQV5WQ/qLbSK0jflH90dgy -OsjDB14Pm7sxVOCgNaShhXZXvzS1dShug31gLDc7Zg8ubazKIpFdAGtLCL/LEUp4 -hb9PEWjshrfi1VQMSCguZCwuazO2FnkKvpP9M8WsxkZ7invxw1A7xX5tdeCfHaJT -yPar945pZlnyt3ROKzx+QLt7yjs4igNuLHFJ7LUL8jdfo3zngQKCAQEA+PoJ0Vhy -gmjA2XVkpuI8EVe6LsyCpPu58qqQPryzBApWZbLvh7RNVEpKrRl5oQbrgzMKxz6d -1dfCdLVA2t+aPLLLuvmduTJvrsD4pFuvmqdLbAGn7J+Q3IhdkANsX3dnfUeR8ham -0fF6Wcha6gsxvof1wTu6k10uT9mvwxEwkxWiJogjGMV7njHwiyXAO+dAUCUFG1GK -pEKcwqJYEbQLBC4dbgYJus7TiQ/pakAXD02z76GzGnZXxFZHbKo2JQpW+i2zhaM8 -Rk9CF4VruMj9ASWsc1D+tV+0f4JYKWk/fwCFX0rpluASXDqmVcF94xgxMPLcTkX2 -S1SfhPLnMNM6CQKCAQEA+Kmy94zk6xRSEhdqyTGKaXYL6pNTuYLClHomg+9ifsbg -LULza4rOWVv1gzdfht4q0LSuR9C44+GEdQlJ093ql+EiKGXOkO5DzOV3D0uJKaaw -jXmfhzVyRKAnG9oCFSoCIVpyVVLTSYsCk4YBG1+xC7jR5iCjSfDoXmXDNTbhvZne -CBPXe5Y16Fu8VKGKMOCuluRywkdGtWplGKIYM/BRpqypMeyUNf5cV/QnpnHpKpvI -3xpN0hWkVPM4mDxeEmxbaTMYqLKBvWxJIKwHlZsCoVrIE/sit4PFxD33A0gd9RKF -ysG9U7j9ezxv01GGeWvLGJJ2Rm9InJaraNdD0/s56QKCAQA9szEVqRaPjMgl27q6 -xJvgLF5eVJ4Xpq45Hd2rPnYajTlF8Kb9eUgkmFiTNxn2NtHMbKzCHZldsh9lbrmI -xBrj6eclCdD1YTNeGkJD8Ni+ubCuLmbf89chX8XX95E2w09pM4BOfyCOLIqGj2lA -UM/eCLF1VojxFglxDmBJNgxUlurdI6WW8PGmjXev9AYEklVUxyfR0k5KUJuqfDLZ -CEYmngr7BhIJMlInyEKu6v0L9NSfkPHin+s2I6+FlVTfrwVI8GRpvL8mKWQWkiDU -5TIVw7FNzoegiPwhETsp4AQ1Q/rJV7Y1hofmRT6NR+sbiRY/rB++YgYcOvdhKhTy -+5WJAoIBAQCKta8dpDy2XbmCWgm5facmOTFggxp7K1P7m0AM7OZWrf2zgdtjrCR7 -eG616ZeiFiBwF7n4WZgplk1bM/k49Fu+qVlyi4f1FNRBYedOYuZ6k399C9FPjSLW -4Tevs6bhw3M4w8lviypNpfuj62aGrJSIY2rDIoWz42zb64w/DQRTzZcrjlXvnNUp -brLZytrZdRwvE/RoJ3ZsEJOgcBtsLax+e2ZOcRgkHmXIsmvDz1sv54Lf4T5z6Jqo -wJxbX6FiSYucXWJuCFWTIuqQDSaV78hB1fAyJS8yi5EwbRhzfjEn2lNDzVsdbt4H -dqkyihGnfdfnNxw/IiixIOMxMpOllkixAoIBAQC3PapCqrPeQRBkUNqXdz55MLZN -R0O/pdkzIsRYbepAEGj6Ylvt+qgLYmsGfFdlhkPAOi9PxClRr44M7MzvJDF5bQlO -y/pyzUKZJ7aXG7QNnhxg/qZRgm0qj+RsR0rbH/Bc8vuahDgHAa1JbMXkc7O50+fe -fwebVZ8hscXVOeTaDNM/XuzmYZl6/lLTmpiqKt9J1F34J4O5mcGI4rS7kdMd83Tb -zcYPTbPXxgltIHIlM8ZFR7hSzdM6B3GcddPbWAFGOI4gY9e9a4sHtU4wH8O6IYlg -BcmSuIGANVLApRHMEabaEbBR/+QAzSZ6dhBaxG/QlqHh6iKSM29mSEUoSlZm ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC1AS/JxnAbDq37 +/7iOeeXjogYBWA/ld3rWohQ4ujLWcp4/aGs67LHr4zcD9OOY/Gti/WqY3qvVOURL +NjK2KB0xD6CHjohTzUH4gbSbfw4wYl2EG60n6ZIz5kURDypE1/ZRTUpRJht8vpDT +MgEr0dyuCDOganfhWLfxlMoWTyxcfWYUQIqubrpS6lWgHQKfsHYwF3knnbQk7Ptt +GlvjSgN9vj2/L8yaehzpofmV5aK5RMiin1GCNzg7vSKF07umTfF2eC36w7uO8LMI +EFOJ9kzp/kJu58BPRiI0AY2Ds7N3lGMsxP8+aMqwurdmdmRKtqQsDMH+4j10Ra4E +r4CyQgkncKwf208YITNL5hXqFVdr306d1Qv1m0lufbVfvojMjEEz8PoK4NDRCQq8 +DZxSdQy/Yk9H/dNs9ppJ8bgjPthxqbdhBvhZ1OJEdoB0CreATRiLrHHIafCfOQho +4XqDb7h2lJLVVsKlGh1C/G/TFXWr9dDm369Pm1jSGNsbLnzPLF/0D91bHyf5xZKC +JmDVuUiOYO/+Q0yMSBP8/AG9WuCU9iQszzvMAxcpXuEVThvtlnwwVJJIyI15X8Qc +C53kz86r+Y5qTyMHKXRdHPW1sCcG/3uIQf2wBcGbyxa9GsqSdGam3P+u5+Rw7Csf +Pv11Cmq9ajz+gM633nDpgcMDhwLBOwIDAQABAoICACWvipCbNUoc41KdaoKXlKqx +WEi9Wgnvt26qrkUlV2JY2OPgzLqm/2BanWDAgwaeP4mLs78CVYp+ct6p+SL99R36 +3/R5U58HFF42OzFI4d5nDItt675snhkaL3Ue0DEnOcyxp/B/W6e8UZD3T1EdT7IY +WQ9kO3N6skmlLfI5J8ZWAYPj8DvjJ/4NdihxAdPXvLPEn2AFMLWjdbHAlDMdfN6Y +VmjQ/euH0y89nyZ7ekbSsGdTfnf7IUUm2uI8NEyq28RLv17/k7RuHwhlxc7qrhbl +7lUDAYI/2u0zCZDLQGl8Rq3SkkYfMVxcc8Tsj3MS1dmqClYUKrFjtJibJdN3dkoa +/I8OUSG+OO8X1H6nd0Ht63RqBXYgR7y1+P8aGVuJYnNAdnj2iMmGulQmaXthlX/O +2lpoFJmhSZT1Ih00m29yIY8XhbKXddZvjg8zhVYmgk5KEZhN2+tF1EYTsBCtxvWh +jJ3O6TXSP+WQFByeAMl07hG/1NGa9hvgOktNCT3QjSosJWGRNj3oaZL3RwtUYOnJ +UOBzbPY00jF19/KGUMy/R8t1fOS3Z8e3qD9CLeMkr9TN0VBXFGYaMSrq+AvqTgco +uA16/ctdZcj80bwOYU6JqNqycW5S4V8t2KX4MhMf5bZ5dL13OVPhVY0ltKBEdOC3 +YBO5WvQ7l6pH5QEjWoPBAoIBAQDo1p8GDY62MMqxTUtrB/Bqz/Vsa7SgCGmSmRBB +PBfkxxARI28jTX4v528au1J5h3GZNs0gzWtbQW0yUN3hvf7KaERfBOAupg3nUO8D +731JL8jcX86UjS77PxzALlvNNONItFWZcH2VIMKJCeFRp79cVaHZtqHMqOcq4Lrc +BYjZyIcNVSMEMIO9E1ZJB0t6Gesa69OPenC0v9ywBF2h0YP9XGbCN370JfR6rJwZ +yvB29et91/agCorZBlctnRhRXYjQVqBMetpsC6tet3H/B9BfUSrQ81zeEJes/roz +aAYym89Vvav3Gi/P/NP96aEefcyG19cnTTXskeSkIkpIEG+bAoIBAQDHApYSxXKK +iPsakBno9OUA747YvyuBI2Uh7+HKGbM7sVyl7UhwduI2qpxG6xjz5+NOxJe12XQI +91+KAciuKNZ3WguxtgKy5CFLlC3syV5nuvfTWwt19qg2I+EiXT1YQ09LmhG7M1WW +xwj/QI770YlbVW8NA9pB40ojPRUB6a9QynGBvj0fTdr1IDs23Eb11s/1f5pPAfmf +ENehdZG8aTuPDKbdL++yHrg2n+v/aAWS453eUvE/evk1kv2n0hqNwJomn/e7MH0h +DFfdTHNOaT9jS8W/6TvnXTnwqCPofbVdJkwIpsyqFP99JpLv2DkjWBpnER6K2sN3 +4tlFutH3fZ7hAoIBAHhQluHg1ZLNiZ+uyj7nXlNDXJWG3lInpq4LC/w5mjsspd/F +SKOcYo1McPwGOer0kz3RtJOzsjr4hv2ODemdbPCYimPzOAjC48JY7vlAoqPT3l4J +38yhW9qWVTv1eJiEMMIb9XORTkNmJz/67ARuwxJqaXT/y4He8X0VnVkePwYSeb7o +9GwwyZJFULvx2g2hIPzLSYoFggHUdqw5xUxd4G9mdO79EEwG5NsTIKKvXCyMjQB9 +PUKbz/2vKhM27x70T0Mg0DpU7VMRgJ8z+eMH3aOzZIWOi7lwJ4BMLFlt8m3qV2v9 +08OfM3+tLLozJH+GD87J77KuUiQJi3VJBstQOusCggEAbPNOg9JS5eMeTamMdcv0 +v3FnK+RlBdsB1/WDEGjHhiuQhEqGeQOszq7SxcSZsZZHDG12fRkifHIpfN2DJ022 +NDs44b66dYONctoZ1mNb6sAiQzS57ofuCU3VSEHxfqvC8qnTgUAWYGhw1YVbgiNx +5m28UUzFpYKwqOAc6yIrV7itMZGb1tKBx+cwY9Vuh9JloYqNSSnUpi/LTVqXQaX+ +9E7B36AJwuMsiMM+qWIigwtX90pDRzSk0J67fa/515cVDYZQUsu2BWzDgaUED25x +RIRMK8edgwm32bfDiNmhe/CmeaoPrCG4yaRfly0yAtaOBdUKeoxPrQelWZZwsuS0 +IQKCAQEA1bzyZGNAf39eJ8munj703lTgANCjSqKMoHb8T9Y42ikOvrM0tH/0gOTs +43CHNI8gxeJXrjv1HpUr7kfkIX5aBvRGoG4kxS4uodQUWB80KW66esbbU2XzpuGO +uB9jjmY42EhT7wXNde9PWdu288YhVHqqIXHQMbdjfp2HjQGUnKuwWVxNSDtFSeC2 +yTM4cqkUH5tkpH/2KpGgZzEUN2MtHSt0+kojkVei/RJqRqm0/YnN9h0j8wAr2DRx +6tEQIBg6JR3dqYLmOTrTJl/6Quov65hbAR5gKDCaxw+jBp68hxs+SxOCBLIKgzSz +UhU2dLCAXnNdC7uFxDlGq9G5/e6SHw== +-----END PRIVATE KEY----- diff --git a/qa/integration/fixtures/webserver_certs/generated/root.crt b/qa/integration/fixtures/webserver_certs/generated/root.crt index d5653f0e8..23c26078b 100644 --- a/qa/integration/fixtures/webserver_certs/generated/root.crt +++ b/qa/integration/fixtures/webserver_certs/generated/root.crt @@ -1,32 +1,32 @@ -----BEGIN CERTIFICATE----- -MIIFejCCA2KgAwIBAgIJAMwwXnXAAUBzMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNV -BAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlzYm9uMQ4wDAYDVQQKDAVN -eUxhYjENMAsGA1UEAwwEcm9vdDAeFw0yMTEwMTkxODI3MjdaFw0yNjEwMTkxODI3 -MjdaMEoxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlzYm9u -MQ4wDAYDVQQKDAVNeUxhYjENMAsGA1UEAwwEcm9vdDCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAMfReGxhC2tJH3y/4knTrBSrtezJb5fDs9Xy41Gdr5ng -YEQXi7JQb/MXvGst4xxX77kbBv8uo1egL6gnvZfUqbsrGS8IzhBWtRET+yaYw2ez -wZW+d9RGjsFTOGvkSpv55/VdGvtaXeMeqTbuyYZSzakNYD7AH2VDCS2q+IdF/ezm -ocOki5faj6A92yxvbHUZM1jS+Ah/v2yzJOAkrhT1XIBKyaG/g+woQxZpMS0PjpKY -K7K9XPIkU/Z2gsQkRfDQAxXTqba4Bl84/aA+aLTYqib/5WhxVuc8vjk+7g01y2qX -5aPYs3L2LToUfwPh/6leHx37d7YouPp3X3CnPyl15r20FjTFKTV6Y0he3tgmWnjC -BP0/qlCYeh1mnKFQSo688fw7K25dPhcnPctdVp5Xr6jz8GBaGgCu5hEx/QI7WzXy -qKdyyIj3gEQuHyu8RUrTUA3uruPa8TlouAu616yNNqw3EzrEjmWX+D4HRq32ofkK -FXqFxFurfzxyVJjX1P2+VP0h8fPoZJzBwfwm1hFxLpROQXVBX+b7j2S4kv/Lp156 -mV0frWXlYwTvtM+7PKONnwSIOkiTic8Zv5TcMLoW6p4RNY6b0SDzt+e90h20OeAS -R1gv7VhGfR2JYMd1C0Ke8D9i2FebX9r6T/BfRMRJBNKj6wr6OFvhz+eImNuiAaxn -AgMBAAGjYzBhMB0GA1UdDgQWBBSWO1UVkFl5LOuplY08xBLcfGyc+jAfBgNVHSME -GDAWgBSWO1UVkFl5LOuplY08xBLcfGyc+jAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAHquJcXAZlMpY3z748dmIfKGb -7F4fGgTwGJ/9PLIZdZXDRIiA/GZs9IGA+Kykv/95jJsq1ZVN7O7UoBqbTxbsddoU -EhBe3BKaJtkIuB5anRmw600lZlIFgSU1uSXyZoDBD9LnQnb13f2UQJKvzNbvoisC -f23JIVCQhGUiqVVYKF80tWlbTpnA+pIPvaWpzSI8FEjz2NGmol948aEp4OET5v/R -obWImc/X30t5Z4wO620DCNVhwx+zzomAio3dmQRnnUrVT9IwKxFmEA+0V4O4JPUz -YQMyuLuoqrvywz7JeV3GvCy+yI5uoF7u5m7e5Kh3A1G3xfbw36M3fYAQNhh/5y01 -ySimOmx6CXoX60z31RFlrXgAycLWKixkjllQTMCMvtcFOszLSpP7WoB2/l7s+9oz -iMEnjwvtUcXJ0rRHr2ENmyG8BBPKZZhKp2b/kumQnYa8Vj8FVFXGijLNF2QHyIWr -jzc9ntZyUb2LOWA2Dwtk6BxgJrKfx6N4n6itwd//mzCz0GQZEVPwlLUw0qO1qt5+ -dSP5ifsecUSsXge3nl+pZmS60Jo1/sF3QhFiFbKMRi19SqvI2X+vDwAbsS05PMdt -HpN/JLfaeabqjoYeEpCGRm7ZSIR0Os9c5qJpXo6V9kOUbQKMNwJ075pPaQEE+2Vn -IQqdInXs3f5UoI5afJQ= +MIIFhTCCA22gAwIBAgIUM0vS1bRQQCJzcfsSQBT78uhQ7lUwDQYJKoZIhvcNAQEL +BQAwSjELMAkGA1UEBhMCUFQxCzAJBgNVBAgMAk5BMQ8wDQYDVQQHDAZMaXNib24x +DjAMBgNVBAoMBU15TGFiMQ0wCwYDVQQDDARyb290MB4XDTI0MDcxNjE1MzUwM1oX +DTI5MDcxNjE1MzUwM1owSjELMAkGA1UEBhMCUFQxCzAJBgNVBAgMAk5BMQ8wDQYD +VQQHDAZMaXNib24xDjAMBgNVBAoMBU15TGFiMQ0wCwYDVQQDDARyb290MIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqtMGs9xm1Z6/B0FrYwxALZmzXk9E +HwS9mfmPbPUW+ZceZ8LcF9deWU+gtBwEZpV13ILhwHdlMacsnW0iriQtZKmX5/wU +Eg14tRj/vvDz3uOXv7dQ+h2VghlFvQD7iTxRt39a1NnbrKMmWQ+vzAwGOcuWthY/ +Ec9JZdYbvsBCS+RMCcQrd1E9xHjV+HYIdS18Hr5TVxnfW/Flm931i6tDsTFXvMwk +dqgCuajMvEKR3yhDx6rFxxRN9vIezbyMuVBjNhYsRVvv8FNQOKOMIadjb/vRrkMK +VgUL4WYi/liqjSCIV1rC+7v/DnvXPOCSaJgNBvB0zMJNPxSgTe8iH/LVnEHuCEu2 +MSnUVL+AApKOjiYK1Wr4h9ymllnRgq5XlsUwGnFkcaEkGO1UaHNFs4z89dr32hye +RO3T7B5ChQVvjbYK7piDDto69OW397i+yHVLxD681+KrZuKOeMZr9iFFZaFLeh0V +7l/hahhIlnZGdK5hGWIHZu+c+kfP1Q79drspE7Rr4AoMxVInxce7qV3lNMUp2v1a +0EjyFJ+iJquIBQdJTtX1rYWdFA5BBA00DGGRbIYiOheKOEnTcCsUevx4T8+2G0PM +pyCDTy7rj4pnXLr5ziSsfSww8JnxsU1IOijJ4L4b/qGCJ9JfQpslfgLBfwOJ94ZJ +mv7qjgAcR1HrV6cCAwEAAaNjMGEwHQYDVR0OBBYEFAHZXM7zqCUB/XBvn5uNbxg/ +FmWlMB8GA1UdIwQYMBaAFAHZXM7zqCUB/XBvn5uNbxg/FmWlMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBslT8qF4mm +B6nKUPREE/YP8Q6nTXgZ5XhhHsBAHNTP+U2/lNjfQdFUva9mHwJRts5w59phfMpw +5gTiXJqdTzZEIEN7cdKX2aNL7id6on9j7OoJsQ81MzhUu8rOGqeCYFJFlCMXeby6 +VgInIxhIoe2RrM2bJYw8turWd/+VAa34ehvS3knvGGUTEr/8sqJ14hwifpRl+YB9 +iC1CTL0k00YXJ1IFC6sUaVya0KCRzd/J3I9XnUKOvHxSavA5QosUoWjQde+lJM+J +8sJHudaM1I2bn+8M9jqSO06/SNMdoNhbapKyvRV2DUwpMbe4WT8Ufnvbxwvw7vnA ++0E7X10KcaLn4+0tKhmNLHb1hjbaGryHO9ESSFGa7uMeiQYo0OQeuLWgRb6mOsZr +x/VEuytnK+YwR0+vXBCC7PSxuZ7G/MPv374w/+6b+rsrqz6o5JdgjTu27OISbNv9 +5IxA9+DfNvqyLvSQ72M3W6BHAE5BT9/JsTppcJ0KXc1Hkb9dJEIScO05FdsDC+SH +XvTmuXCf6G5XkrLldshntu1M2MI2Usw5ZK2RP3H25F/AOPxQDim5awMp7Feo0JYC +EXJedqqTtc1M7ub8XVvIHTaT2jNoa5uuV8ujyiaLXZqZty+UUkXUFHx4UDDWnOrz +mHyg8QosOZgiGREyjq0FJNDr9337zIfNkA== -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/root.key b/qa/integration/fixtures/webserver_certs/generated/root.key index 060064008..29cef4f92 100644 --- a/qa/integration/fixtures/webserver_certs/generated/root.key +++ b/qa/integration/fixtures/webserver_certs/generated/root.key @@ -1,51 +1,52 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAx9F4bGELa0kffL/iSdOsFKu17Mlvl8Oz1fLjUZ2vmeBgRBeL -slBv8xe8ay3jHFfvuRsG/y6jV6AvqCe9l9SpuysZLwjOEFa1ERP7JpjDZ7PBlb53 -1EaOwVM4a+RKm/nn9V0a+1pd4x6pNu7JhlLNqQ1gPsAfZUMJLar4h0X97Oahw6SL -l9qPoD3bLG9sdRkzWNL4CH+/bLMk4CSuFPVcgErJob+D7ChDFmkxLQ+Okpgrsr1c -8iRT9naCxCRF8NADFdOptrgGXzj9oD5otNiqJv/laHFW5zy+OT7uDTXLapflo9iz -cvYtOhR/A+H/qV4fHft3tii4+ndfcKc/KXXmvbQWNMUpNXpjSF7e2CZaeMIE/T+q -UJh6HWacoVBKjrzx/Dsrbl0+Fyc9y11WnlevqPPwYFoaAK7mETH9AjtbNfKop3LI -iPeARC4fK7xFStNQDe6u49rxOWi4C7rXrI02rDcTOsSOZZf4PgdGrfah+QoVeoXE -W6t/PHJUmNfU/b5U/SHx8+hknMHB/CbWEXEulE5BdUFf5vuPZLiS/8unXnqZXR+t -ZeVjBO+0z7s8o42fBIg6SJOJzxm/lNwwuhbqnhE1jpvRIPO3573SHbQ54BJHWC/t -WEZ9HYlgx3ULQp7wP2LYV5tf2vpP8F9ExEkE0qPrCvo4W+HP54iY26IBrGcCAwEA -AQKCAgA4oYdtv/tKhsjjxEZQAivNF/VRjK2R56c6RcJjSTuRcuQVqE6xVNbFoL6H -6dNqHwoT/jL3c7JbjUy0bb7wHxeTsl1K1UYBn3Fly7HseHM5GtsMo5S2luCyrfFZ -srPqjONOyPpyrmPZkMEIjpiS9zjOZroWTsEXI+6gAMq7G/0hfSPvnNzrRshZ8+4A -I/wrG99Pl0swrXQFTKhw1jR4QCndOlT3AJ5U+fw5h8qmKLiRl4sa90w2XFFnkqLx -EA66d1nIf9qjrHgx2KcZGVb3mkhvEStldGna035eHxW8rLhgF3i//RSuylJ7GX/+ -C7k3uTM8fh6pg9UZN2fXN69RAtdH/8wHeGRpMVfTyFA+//ChEr8pFDudheO9elZx -ahMB9Qm+QspfJuGiA08jbkp/Kqe+vs53SXvpcWB0DCba3Y+PzKlJuQiuGJbjC0x/ -9LJjBZCB/8VyWCz2Pcg5arUyfiHz9iJIC6vfZRMwrrIvD+GQe7jTPT3bdWNeLpRQ -kVjy5AjYipblT2pSgsh0iOBwBoxqh8z+NOUgsIjcLWlMXLStQpNILuCc0qVUDfsI -LCt/BujptkezwFeicmjf4a+uavoUODDysfMxbXwyWVCPoHmcVUIj00Nib4pv4hDw -j124iEyZVy84rCUlYHb/uGpwSqE0Hw0diBdx/g6vomCMHCxLAQKCAQEA+Q2ViAWw -ekNH4wYLNDFZEhcdP9tPPP1z9OE2N6+BgpTqfiJMBa7tVMEd0HdE38GZO2Q39hpD -Lai0K8/kqjckP6CAWRoT1vgSiLVvdn2NjSKhidostZ+GZyBDbr97EBq3Q5XGGdYZ -021gQ+p27sWzwNCQfewtKeLbWWRWtgQPmrP2kwaF+xEYcfE08wy41yvypyWFmAm/ -e1KdTPiwSXjDHawUl2/Cp6S5YjvFWAMwzF7BIEkGcRqjvi4eR8+i1NEJgY/7/354 -B7/wxmPWTaqk67+8fRNSzkMR6KNafeEd1iS+TkcdF540D2kM9GJiBVBYvMboX1jF -dcNUXi6opbQqJwKCAQEAzWRQj7LkmcnDAs6HM+/UMbQ15sUHrTqDfFF85XA9/ZYA -ZHWTyLRWN5TCiRHGK6vilrVBqzYkQD3sMMepJwklhAue5SnvXLiostf61F8TzXmX -uQ0Hq2goyHGBTa9RZCD48mliuPHdjFQY3WzXGie9XvkDat8zgYtZi5ODMO27mSTc -8TnFjZ/Klp4mXgfoOzv67yTlE/DwmGQT0/HxtA+mwgB1WfKNuQqWJ3c/KKcIJ2G4 -Gf7Y/9ketF2i3pdkri1UBtnhL+/t2n9QLMjtt08hXWfrrJPfHQdAE/O4i67mbl1i -pq8OazK7YGFp//vDCCuvrfQUo+bA4TFZ8+pfIqsTwQKCAQAXfx+XaKoAru5OTdiq -wOkdWs7oomE0aNkSxlieIlG+pxwEcGnps1oyv9F3RHlb/uDdCJR7BHlICn2NEJ0L -Lg6ebh8NyPcMNfVRroRokmnTYewJnGrRa857VkDmZuxOVabqmmvJLjjbiJsnbSxx -VHej/klTh/+uzvdQ1LWVkIaEWuwtbNUhHbjHrzEGqTGbI0tOV6zl7i2BjgbHJ0NC -e0E1QHHk46dit5jB2s/AgPSOo3Xm/Ny9uPyvyZwTvFQpbdtOvO3SafUbDhHCNdMX -Gr1afIlk53jNeuhqoVa9P4rYFDlcGzt0afmRZqDRQaLry2vDy6RKso5WkOoZxJ8m -mvvLAoIBACu03xfVH6RCNQdR35+Dt4nkKVw0LVAFlZlM1eEVI3vlAaxfANXC2l31 -f/gfGiaM6yja5WCDou8wviQbOLmfzqXsuyFU7SSz/uIf57ZtjQ86grjUNv+YqKUO -0k8vsYg3JAKhvmpQva5w7uGfmZ5tOnUNVFbXrGQyvRlgiJhO3o7WM1X5zzo1+KxY -dx2nXRnNx7ZACadWrDwhf76oS6Dfe8LoyhAb92CbChzX2U7TTH7k4oJVouO+1jPX -gSMQ4FHYP3s9vhevXNQUJ4GAOGW7pwPza0lMJjxNIKueP3UqAMsXgDisI8tX/lui -HyZj8rq4YSgJOqMuJXlGQTgQdbIw6YECggEBANr5VriGXg/bynABEpz2fnYJsDPz -syxNr6262pYFhXHsuawi9RtSjndNwrUUnfEnFddSBHXzNi2BkWLXtjGdXKzF4Xuy -TTq82gXNMAxGETqC6hmof2IxyQjomoXxUvlJ5IKEoDLGRaaO9UhlG7GhsfJth5GN -hgCsij+llcgKTuJ3HJx3ThLO08wNwk4lTt4YxDdN3HcyhK4YZ1noH5nx68tjnC8u -Nd1UAPFhlPhUH1hnp9zZaFxaSU6MvnDVUIBayAMxpjQXsn9GmdG3MB13o8yAeHkP -U6MHvFri1MvZ45rd+DHresJit22GePxH/9WrYfWl37yWVSwTffh2RE0x4F8= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCq0waz3GbVnr8H +QWtjDEAtmbNeT0QfBL2Z+Y9s9Rb5lx5nwtwX115ZT6C0HARmlXXcguHAd2Uxpyyd +bSKuJC1kqZfn/BQSDXi1GP++8PPe45e/t1D6HZWCGUW9APuJPFG3f1rU2dusoyZZ +D6/MDAY5y5a2Fj8Rz0ll1hu+wEJL5EwJxCt3UT3EeNX4dgh1LXwevlNXGd9b8WWb +3fWLq0OxMVe8zCR2qAK5qMy8QpHfKEPHqsXHFE328h7NvIy5UGM2FixFW+/wU1A4 +o4whp2Nv+9GuQwpWBQvhZiL+WKqNIIhXWsL7u/8Oe9c84JJomA0G8HTMwk0/FKBN +7yIf8tWcQe4IS7YxKdRUv4ACko6OJgrVaviH3KaWWdGCrleWxTAacWRxoSQY7VRo +c0WzjPz12vfaHJ5E7dPsHkKFBW+NtgrumIMO2jr05bf3uL7IdUvEPrzX4qtm4o54 +xmv2IUVloUt6HRXuX+FqGEiWdkZ0rmEZYgdm75z6R8/VDv12uykTtGvgCgzFUifF +x7upXeU0xSna/VrQSPIUn6Imq4gFB0lO1fWthZ0UDkEEDTQMYZFshiI6F4o4SdNw +KxR6/HhPz7YbQ8ynIINPLuuPimdcuvnOJKx9LDDwmfGxTUg6KMngvhv+oYIn0l9C +myV+AsF/A4n3hkma/uqOABxHUetXpwIDAQABAoICADul3B1JxI6rE8EQ0tKPIInL +tZoky4CZQytUvQQqwI7+eZt5qyiYB1XgPBkn/1Fitvj8qp9uEWO5IBcIWKe98ivI +HEbg+pEjKxbxV7vwnvchOYe0Fw5+7gmzkWphwXM2IMKWMb1JJS+u+GD43UW+nR3p +PQLv2a36V4K7tIxyzbN6UCLI4PSU5aCJIQ3VCTcBXunNQ4SSgC+2pug6JNdUQhrJ +Q/2kusbD+8+gZX0HMbBeeuxpcQ4GxQKJoL/uKqU6sKneLC873xhnvwdH9FJ8BHjB +0YGr3xwSPwfBhk6R31vQFEuMYbFM/86q54lWUUk8brARnncxEZAJP8B208+cF4IZ +KqHPP45r1GwWQ1G8i8IPFmLhmiSZU47NiPiYglOlBsSGuG2zPLHJUWZnetEmJgFP +5h1sBL8v6OA79Y6dMWXgs/Wdu6jOrcv9ZBEPZskqnYqZ/AQknqgIKggkvegksjFG +OoGu6slQ9QRDm09bjIEvqaVKNS5aDhmGPmOvaCpmE571KsIdWFMOIBIvJjmJ34hL +6qoLJ2XoTM5QRY7ZyA0a17uEiXZCDnd4vggbEt51CCwKHkY0+WnjzT0MgU9C4Bzo +B0a2idW8UT/yGxPz1uGFY4z/RJ8kW83MwpGX5dNPYFEq/1egZVehK56saowetPlJ +LFkoJNSA7ZetxIUZvD1BAoIBAQDuPIc9WPhT1Z17R0g/uYnQ94H8ZbpPz5sqzzGw +gXTcYDIuEVixUlDE98KDh7BswGoh9O/PSGKYAWt4FhEzmUUPGSOV8U4vnPNB/tud +quVICCaVA0qYF5RfDBZkMxawaP+0wjhiReqKMZZstEEe3RBiy2uEnkHfDXmXlTER +plF5wFTc+luS7fGx6Sl5B4rSWrhdmHAZC2Qep9SOBjNPg/BwvlKthXlDUElE/eP/ +hOOO4upQBBENKM9iRZfmNW3JU3NMRZB/SFVi4nfAcKD/k8wlp3Jf3US4E7WJxhzN +WIWfYpfEHFgxxCLBrpS2axlRe9rm8h7uWLnDspVgXl5WdnEZAoIBAQC3j7s069A5 +Kw+/MbPWMZ1tGZGKnl4uBKq3LZAz/i3/mzjhleaOEHYoam76ELLLIulblc5mjHwf +8he1An7L+ZmTo0ezwT72WHBmBAjH5Nn86BgB+3DqEhed7pSDtwz28VzV5XtwH7Ug +enloX6HqxDiHyHTyo1rcERiOq2HsHURUcu+yawl/jOadv50qln0j2WVpGeAQo4kq +NwY+OUrZGOaCtd8RshX4afNKnDU05Pk2e9eytqfoa+S0/86VhkZ5cv4pc1SaW9Hf +juUWNFeTnCb58lk7PN6W+/WQaYdn6don5yrHm3ne+ThoOXlQmbjCQ4m7P81EVJ1U +bsetbqzRBWa/AoIBAQCXkE6Byv6BZ19/NIRUdlelaDF8P8PeTrfq7lIwdsvAADss +b8C7XyEfjnhjcYneRjO/UrLWbri69/xFM9TRvOrghh/Lnu8c/38LN3bEwhqITxcs +qiFkzWuJZIlCSfZfWQ2FFCMG8nAaZx3KHotndUCdecj3YC+MFmiK9VF4ZxVineff +hi+INHUVuL63zwKUfT7Z3MdER6j0j9V8XZl7Nvda4tp6pnXVS1ix2cyZnROgreBf +85Zdht8ZKClRPiCQetTZa1BYic440NdayMzEjGTOd88eCglUCsXt1uowAedQ1Uq0 +a0v4rU1nZwgZXd2Hp4JGdzcSb8QPKqg53Q+rdkLRAoIBAEwgxBdSpWzQOxukVV1D +/nI85GuE+rJDJToLH38wr4sOqSyFqrTIhviEC7qSKlStCfL90jgdk2z8TnC3tDaM +MfFVCmu2fZJVY2grzCh69R06dJp92Xp6Pmk1hUqLJElWGJZtMiByRgBOSwPKhbCD +6J4HuNjYfto+DN0+nsH58VjEwjxQwAOyQAK0cU40U3oGs1Q/cvnzmPN1FpW/1Rbs +iM00+GqyXQJFjq0m07o4LFM4UWDA+CogdR3L6bWBlsDPvDEcr73EzunUrZXj515E +qLWImRFEUVx06ocV/R5PkjZyXP+jr4uV+JrhGzseRc3rjLen4k2wef+GYjG/cNTP +VKkCggEBALOgG98jJQlbW5GD/jBkizeDiNy99H+Cl7MzmzY2PAtpfugeMbBYceL1 +2weWpWbVpbCp/Zkksqh0kYgI45phx+eZo6tLZd2IOM3A3AbnkgVDK+1gNSb6s7fq +g0Llaz6wAHrLjTf5N5vbGJNbzez2UWCJR8boxM4+Q3pcOSFQbPv8rx09zMNa1xaL +KuvHT6xTab5q+qz4BiVtrx7ZWqakOlxO3J5chYZUsxqoH3jvE5GzY4yi52ZPyt7v +rHZbCHclS/MS5pBUUCTj0Q0qCfiT03m6nP6YgN9w1rQROe5EzqPCMfQlVKo8ayQB +tiYXTiDTadKNODupVYUpbHSfZcFvRhE= +-----END PRIVATE KEY----- diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.chain.crt b/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.chain.crt index f4c8cf7f5..c2360f241 100644 --- a/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.chain.crt +++ b/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.chain.crt @@ -1,68 +1,68 @@ -----BEGIN CERTIFICATE----- -MIIFgDCCA2igAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJQVDEL +MIIFgDCCA2igAwIBAgIBATANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTAL -BgNVBAMMBHJvb3QwHhcNMjExMDE5MTgyNzI4WhcNMjQwNzE1MTgyNzI4WjBVMQsw +BgNVBAMMBHJvb3QwHhcNMjQwNzE2MTUzNTAzWhcNMjcwNDEyMTUzNTAzWjBVMQsw CQYDVQQGEwJQVDELMAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UE CgwFTXlMYWIxGDAWBgNVBAMMD2ludGVybWVkaWF0ZS1jYTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPHXRKHl/LsaDFGnys0b4mlLlGQ6qJSC5ut8FZoa -B7kDeHsi8TiFVg/RENghFBClP9aGhWxndGSeQTDkg+KPxKovXBX1J9mP+z+ol47V -QVeCT++AvPQYmtLNLwZg0e5GVHFMnVq64LlTc1XjvzjlU751A5dEq/miMpovx7fS -oI2zxtVOYx+BF4hr+WA20mxbQoGXVM8ITDBWySM5IDhngKNAfmXNQZFffJgk+pwe -++I4KzRkLU02OEUnH63/YFkn+CoZBmg+II8cNItRVYCRifXb8tsO6OEwQQEe1RSk -fmxiiiTYCDMB5GUSowCRotKTwEXgWwTLKghzzUoCPJapsb/CzY2xp/ECtQt420CJ -aosx/fLmcuKmbhW847hYq4L8HqZvjs3i7E6wjuUAgn/um28kU1PrN9l6qTJhHKKP -GZUCC/Cou0g9q7Y9ad672mWgExo0I1vXm2H1KNYy94agmXaIgmelvPBTPREkEEL6 -MnfrZKiYOG5wjSMubg0L4JYKUMuToXvfXxe6o2rDofe/oTUXErGDYV4z7vr58dQg -TM5PtxpZCLmqELaBFydB5hEBQly8Fxh3SVpuwkcaCxOlXMkdvHEK9daYfE9jV0fu -StfckkCLdDZMHI+iSdQsqK6E9vc4tX2rnhzgKex0Byu0GUEg6XoFL2GKdUOvRZTJ -/tMxAgMBAAGjZjBkMB0GA1UdDgQWBBR6wQ0Is6YucsLFNwdZ3ANX1jrgsjAfBgNV -HSMEGDAWgBSWO1UVkFl5LOuplY08xBLcfGyc+jASBgNVHRMBAf8ECDAGAQH/AgEA -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEANoo45TDx1lfglAmJ -8nt/58y7fm8trxmrSQmDAIuXZKqATNsEw/+VbIXqeC9sT2lWY9URFmmFm505JP+1 -43nM68cjfAK7ihLcGS7XwQMtQCgiQzJKeZFOx/l30lN5rRje5HHbSIF+uuwO987J -LNYJ+rS7N25lB5EQY8satuZWMVtSZ7YQCMkSJve7KjfrbE3kORjHs6jn3bdyuWAr -oApgKJgCUX3JSPZyH3T/xakMneZNkYr0CC1kNi9wL4js5I/nN2Z4er0N1Zt6PIM+ -hIJcW/Qv0BtI4bzkNkGSehm+Ofr+njuqWaaQMF7kLPTGDg/0SN63Y+X59CJQMnjF -+oW0oGm30S3okFpgXSU+DDxNPlh1j3jTMoArPvIaTceImfmsBXU62JRXQWaAr1jF -EujYbTJ147/7NmsmnskFO37Mp35JxL3ELWfMeBAL/HC11mzUbGFhtvtFqhQMWMbt -5AAR9ZUaPO8xTX6Ag8/8MXF5wFRkJBqTNn6GaX5PUrWhlAKpGuAuuR1NBY5TGUHX -NcFu+bf5JtjhgSUGB0FuZfdZvw46k30NLlT39NbXayY102XYfrAsl0X0TNqjQua1 -7j7FqYrAALQVLfYeKrE0nKaH35nU6Kk1Iy42CbB71MHqcg7DTjn0MvTKZcnQ8pxv -RQwP+BXkzwfWWEp05rlVeKS0IjQ= +AQEBBQADggIPADCCAgoCggIBALUBL8nGcBsOrfv/uI555eOiBgFYD+V3etaiFDi6 +MtZynj9oazrssevjNwP045j8a2L9apjeq9U5REs2MrYoHTEPoIeOiFPNQfiBtJt/ +DjBiXYQbrSfpkjPmRREPKkTX9lFNSlEmG3y+kNMyASvR3K4IM6Bqd+FYt/GUyhZP +LFx9ZhRAiq5uulLqVaAdAp+wdjAXeSedtCTs+20aW+NKA32+Pb8vzJp6HOmh+ZXl +orlEyKKfUYI3ODu9IoXTu6ZN8XZ4LfrDu47wswgQU4n2TOn+Qm7nwE9GIjQBjYOz +s3eUYyzE/z5oyrC6t2Z2ZEq2pCwMwf7iPXRFrgSvgLJCCSdwrB/bTxghM0vmFeoV +V2vfTp3VC/WbSW59tV++iMyMQTPw+grg0NEJCrwNnFJ1DL9iT0f902z2mknxuCM+ +2HGpt2EG+FnU4kR2gHQKt4BNGIuscchp8J85CGjheoNvuHaUktVWwqUaHUL8b9MV +dav10Obfr0+bWNIY2xsufM8sX/QP3VsfJ/nFkoImYNW5SI5g7/5DTIxIE/z8Ab1a +4JT2JCzPO8wDFyle4RVOG+2WfDBUkkjIjXlfxBwLneTPzqv5jmpPIwcpdF0c9bWw +Jwb/e4hB/bAFwZvLFr0aypJ0Zqbc/67n5HDsKx8+/XUKar1qPP6AzrfecOmBwwOH +AsE7AgMBAAGjZjBkMB0GA1UdDgQWBBT5X+u4LkGBED9seTSNYgA40tXJUTAfBgNV +HSMEGDAWgBQB2VzO86glAf1wb5+bjW8YPxZlpTASBgNVHRMBAf8ECDAGAQH/AgEA +MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAGb6iGwxKXTSgxP96 +4UMtpKYFGykBuajxr105jFSjXArhjj5/U21nIHQ3vrmAGAMY6iaaeKJ78gYSfm+O +zC5o8f4PLxtPfRJGymGUISrtIpBUTz+CVNAwQw0yrAeROizoUBhpDmUVrzlSfwgm +uH3H94jvi/IpoxUezsr1tS48G8ayaVlrPLflBhgX1NXzonA0KqGNdm5AwOx3jgZi +v5PYtz6xR1NtINnGm42A078gL9XHXmZowacGPNf7flwU9UzU1LDb1snGCxOgNq0e +ABZmd4TbEqMs1mAmn6ymzAIU2wBOStcC0is1MJ1j/NVVixETrx65UY1BTMlIojDT +bV4fbYy7jo8rtoLdnwFd+DdXna2LJ8qq+7CE35f9c+ZxLkdSfqADISwkhR+J/6TB +plRVyBc4eiPdSV27qPbjMOEHKy43+rHTsBILqIOQ0sBlMe8DgD8ZXo+PUM1Ptadn +PsuHwSflCrIz6AHgG/nORSDQf+7U79mejzi3fIjwYyYpSlBemTuW+z3x1xizN6PY +CK9zuZu8K9Z/F7GQmr3xBEtWqH2rd7TcN7fQP+zmG/v++vPlE38cQFWv5vVISxJe +U6AOJmXKNvDB4QR5CPsd6UWn/Nb1K3/MlDu5ymLq9JXm/GeokaGqHuaLLR20yN7w +/kNCmGr6r+cWAxpEZkmSBUg8/ps= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIGSTCCBDGgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJQVDEL +MIIGSTCCBDGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxGDAW -BgNVBAMMD2ludGVybWVkaWF0ZS1jYTAeFw0yMTEwMTkxODI3MzFaFw0yNDA3MTUx -ODI3MzFaMEwxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlz +BgNVBAMMD2ludGVybWVkaWF0ZS1jYTAeFw0yNDA3MTYxNTM1MDRaFw0yNzA0MTIx +NTM1MDRaMEwxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlz Ym9uMQ4wDAYDVQQKDAVNeUxhYjEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkqhkiG -9w0BAQEFAAOCAg8AMIICCgKCAgEAvkyxB/z2frDqa1F3lDqkW5L0F5L0sGZiOnzR -0kgPsPtxIjt3ntm+8SZAL7dJ4VSmH7DNo/IUtwent/ypN9b7rR11kl3EDcCoISPf -2VXqvi1cQou/M/GSZPDmZMsXW6kVWzZydOT4ub7sEbVtp+J4GhRkR/AZDLioBCme -Dw/GMg68+BHguPZL8c5oi+6YkhgLBvua2kum5vYMWkgATGneSZj6nWxbNRryFgq0 -X5qRrB7n7HQYjT/ki412EjbnfSpqfhcOAtu0RUI9XNx9QPx/s6PIxtcd3lgRfeB+ -tdPnDp4pQZGm6ySUSjZV+38+tKKCX+PF/u0gJWpQwA2x16lvIafxDNFd1DIr2bay -RC3vmmPMu58+B1hj0PILwnZcozBFMo/oii6m9lURUYuCBcHAKOyeMnroIXHEQMAD -aj9fFBGNAoB3gLT1gvHrrbkRmQ4b7pE3jDYR7kn4VUUxjIrfX5ucthpSIAqYFiRr -OmKUtTpwhPcRogOP36VoVM2bK4ShevhQdRZ5vjo2DggweIfIg0UBdLSethvct/hJ -fIrmq4JgUMwfHfW6HYR3Vn5T6Eag6+mwhlMXbg18D8r3XmzuAtMEruPJKdV3b4Ad -oZmnuYGvGBqHmY2fBMwdtnd7SJ3H3m+MPxF6/1Fks0D2JgVNGi9///nR6x4ITvjQ -joDODBkCAwEAAaOCASswggEnMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA +9w0BAQEFAAOCAg8AMIICCgKCAgEAsPeBqLtAWvBZmAtNciN1enkIgE7ffPe/8Qkz +ZK1so6LdrkQsE7v0HG8j86AdEaBTSiBfwG1+Rr5ZGpHwrPlf7Zl4GHb+v+gE3gkT +wponMN3wC8XAVExu0L7JnQBK50YEEI6/EfayQ9b80E6j2/FiyVj3rxt8MTwCAGdh +Fjb8Z8WSxLDelk9/2njOj3Swojar2QR+Yxs0mr7obOxB+ZonDSBJ21HK5xI5rOwa +wMSzyoHmW8Og7Z7TrGLei3ejvVy1RZ+pF6whQB823/JEdAGQnjIm7D01qf3WVgAP +a78IciejVm9hCRxUq18i7UQcmey0FcuQ4+ziFw6UOEILHN/NzR/3jiyRqOeNYDev +PfomSpT9YFF5kP2FRgjaoV4LrVUHPf066yTjztmqULSZClRKzdW4r96Tj6qiL2Ib +ZVigRwQ2mWf8RMKC9mS64eCIf4VgI1elYgW9/BRCYpV01ERTNRoIFfwm48MH7ARR +MKG92dAS70U8uV0x9jaaKYNhheLk+QLEbeJSdKF4NVY2Bd5qOX/ooZJA2wj1qvqB +tWbeXCjUSJy89FPJNCZygyyIGZT8LTwyqCNmVOrEGDjv+rzY2D8w357R9OyJydT0 +QUwd34K+tMTnlh017If8XoCaznPdruazpMCTaDi0EWjATGircWg0QiAeOVwW8VMe +BmtjGKMCAwEAAaOCASswggEnMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA MDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlm -aWNhdGUwHQYDVR0OBBYEFBFYhgtW76vGDcp6aW80KokkSmJgMHIGA1UdIwRrMGmA -FHrBDQizpi5ywsU3B1ncA1fWOuCyoU6kTDBKMQswCQYDVQQGEwJQVDELMAkGA1UE +aWNhdGUwHQYDVR0OBBYEFEnxgc3u39FUWRrVmLdS1+fhF4BXMHIGA1UdIwRrMGmA +FPlf67guQYEQP2x5NI1iADjS1clRoU6kTDBKMQswCQYDVQQGEwJQVDELMAkGA1UE CAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTALBgNVBAMM BHJvb3SCAQEwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBoG -A1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQUFAAOCAgEAnwfk -vd9EAll9Bo8G2Hj5ibLDnS4hdFnT3Z8J3Okgj8jme6vKInJrNm7wepWZEqq/Sqhs -B4uYCHYN86WrOalSqON3KsT0cue6gRKXSe/zjhNc9Uk2emJsR+uPNrUrfrIlL7Z8 -IQmewQTkfbsKL+AqT3VzIdPENnEK1N9u5w0ie5vxVz2xPbtVjqmsNgiFaAP3r8pA -mIKW3Pbay8q3wMEAWXw6EHTKelj9/7QpshzgR3AM9sYnbcr+pycRZTBEwuCv5Kvm -jbUFxY8BMZPS/b0ZbPgs8rBxE0BhMt+VlgpDbskeT25/0V2pPbAcyHQth6Qker5w -DcycKMaGGQYivLfyz+9kktIOm3AGoUdCHRxAc7xmSkIhFhQVzEgAnlK0QeojntOg -c65vbgy9x6WdTkSwMBRa4d9oNPSreTIq1ygUKOAwxZo+X38q4Oo4MTQrXDNOhGbR -/ylw/avihYJszGl9lCni6kIuqCw8CN2pvQTQcvU9UJTgy6LC7CzPqFfPjBXxN65P -WV+7N0dZ9MWHb+eAoVA/ykUrp52oStAqCYLRwCxC5NjDRXR6AdXtXTC9a3T3JLkR -LW7j8CqFmbMjhuys3Y8MEysgxKAg1PFggkeN5O5uOJXWqlUF8X2ipoMSnSIIa+Q6 -4C4CAspB8k7S5LNUVzw7V4RVLG4Mi1cSCy+Sggc= +A1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsFAAOCAgEAQ3yk +Hll/c8HGGi4EeA0bvIUAFRfgfBkiAyvCmm/jxarC3V4WjeXaK6qYyG7ljktT3ie6 +J+qr6WnhOveaPWJ0pvBemnn4WiiUkSRKk/jEocpbksPoA1kuaPJQxwzGl7IknkhR +tNpfgCr4XrADf7s/eYv0yqZA1ZDGrAbkJ08kfpj4HnC7Xxj00G49csFhVQq/VFAk +Y5AEiUELYNmCyq2S4yvtmsfiW6dBoxZKkZDYtfmYBM55Wmsm/vRwXW6cj+B87GY0 +w2L3CL0/496IgCRRwnDQSVANLhTJ5XhSUKcNEhEWDyXM6AIrlsJEGYYzdENqzWFh +PJDoBKnv/AKQ0nOxBOo7aOZC7WwQ3Yh/dCxDsspovUnUZRC0hD7B+kZLfggIBuK7 +F1k/SXzSKw6PNvtSAbl1V6b0LMC41TzcqoHOQuxoYYiuPoR4EwA1uOzuay6ouDSL +HHPvu1irNMtiz0PsTRHvY8G3kNujLM3MfJrxEYvE0CZvqCMVfBlxFMNexE90g11s +xdIH8Fwe5hc2DuWTrYDVcB8ZVoM7VUqgrp1KHoKfI+TbIIg6mLIthMgwpoFFbBAD +YBP0hk4bOVoRnfpi77vm+1Sc9q49JGmV7h1Zrp8b0RqmE5cgLAf+mr4YxN72Av21 +MhHKbNERB8rHVaOToLOXfE5M5Vli9ffoa6Q+E0s= -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.crt b/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.crt index 7329e46a5..c541934cc 100644 --- a/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.crt +++ b/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.crt @@ -1,36 +1,36 @@ -----BEGIN CERTIFICATE----- -MIIGSTCCBDGgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJQVDEL +MIIGSTCCBDGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxGDAW -BgNVBAMMD2ludGVybWVkaWF0ZS1jYTAeFw0yMTEwMTkxODI3MzFaFw0yNDA3MTUx -ODI3MzFaMEwxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlz +BgNVBAMMD2ludGVybWVkaWF0ZS1jYTAeFw0yNDA3MTYxNTM1MDRaFw0yNzA0MTIx +NTM1MDRaMEwxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlz Ym9uMQ4wDAYDVQQKDAVNeUxhYjEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkqhkiG -9w0BAQEFAAOCAg8AMIICCgKCAgEAvkyxB/z2frDqa1F3lDqkW5L0F5L0sGZiOnzR -0kgPsPtxIjt3ntm+8SZAL7dJ4VSmH7DNo/IUtwent/ypN9b7rR11kl3EDcCoISPf -2VXqvi1cQou/M/GSZPDmZMsXW6kVWzZydOT4ub7sEbVtp+J4GhRkR/AZDLioBCme -Dw/GMg68+BHguPZL8c5oi+6YkhgLBvua2kum5vYMWkgATGneSZj6nWxbNRryFgq0 -X5qRrB7n7HQYjT/ki412EjbnfSpqfhcOAtu0RUI9XNx9QPx/s6PIxtcd3lgRfeB+ -tdPnDp4pQZGm6ySUSjZV+38+tKKCX+PF/u0gJWpQwA2x16lvIafxDNFd1DIr2bay -RC3vmmPMu58+B1hj0PILwnZcozBFMo/oii6m9lURUYuCBcHAKOyeMnroIXHEQMAD -aj9fFBGNAoB3gLT1gvHrrbkRmQ4b7pE3jDYR7kn4VUUxjIrfX5ucthpSIAqYFiRr -OmKUtTpwhPcRogOP36VoVM2bK4ShevhQdRZ5vjo2DggweIfIg0UBdLSethvct/hJ -fIrmq4JgUMwfHfW6HYR3Vn5T6Eag6+mwhlMXbg18D8r3XmzuAtMEruPJKdV3b4Ad -oZmnuYGvGBqHmY2fBMwdtnd7SJ3H3m+MPxF6/1Fks0D2JgVNGi9///nR6x4ITvjQ -joDODBkCAwEAAaOCASswggEnMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA +9w0BAQEFAAOCAg8AMIICCgKCAgEAsPeBqLtAWvBZmAtNciN1enkIgE7ffPe/8Qkz +ZK1so6LdrkQsE7v0HG8j86AdEaBTSiBfwG1+Rr5ZGpHwrPlf7Zl4GHb+v+gE3gkT +wponMN3wC8XAVExu0L7JnQBK50YEEI6/EfayQ9b80E6j2/FiyVj3rxt8MTwCAGdh +Fjb8Z8WSxLDelk9/2njOj3Swojar2QR+Yxs0mr7obOxB+ZonDSBJ21HK5xI5rOwa +wMSzyoHmW8Og7Z7TrGLei3ejvVy1RZ+pF6whQB823/JEdAGQnjIm7D01qf3WVgAP +a78IciejVm9hCRxUq18i7UQcmey0FcuQ4+ziFw6UOEILHN/NzR/3jiyRqOeNYDev +PfomSpT9YFF5kP2FRgjaoV4LrVUHPf066yTjztmqULSZClRKzdW4r96Tj6qiL2Ib +ZVigRwQ2mWf8RMKC9mS64eCIf4VgI1elYgW9/BRCYpV01ERTNRoIFfwm48MH7ARR +MKG92dAS70U8uV0x9jaaKYNhheLk+QLEbeJSdKF4NVY2Bd5qOX/ooZJA2wj1qvqB +tWbeXCjUSJy89FPJNCZygyyIGZT8LTwyqCNmVOrEGDjv+rzY2D8w357R9OyJydT0 +QUwd34K+tMTnlh017If8XoCaznPdruazpMCTaDi0EWjATGircWg0QiAeOVwW8VMe +BmtjGKMCAwEAAaOCASswggEnMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA MDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlm -aWNhdGUwHQYDVR0OBBYEFBFYhgtW76vGDcp6aW80KokkSmJgMHIGA1UdIwRrMGmA -FHrBDQizpi5ywsU3B1ncA1fWOuCyoU6kTDBKMQswCQYDVQQGEwJQVDELMAkGA1UE +aWNhdGUwHQYDVR0OBBYEFEnxgc3u39FUWRrVmLdS1+fhF4BXMHIGA1UdIwRrMGmA +FPlf67guQYEQP2x5NI1iADjS1clRoU6kTDBKMQswCQYDVQQGEwJQVDELMAkGA1UE CAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTALBgNVBAMM BHJvb3SCAQEwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBoG -A1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQUFAAOCAgEAnwfk -vd9EAll9Bo8G2Hj5ibLDnS4hdFnT3Z8J3Okgj8jme6vKInJrNm7wepWZEqq/Sqhs -B4uYCHYN86WrOalSqON3KsT0cue6gRKXSe/zjhNc9Uk2emJsR+uPNrUrfrIlL7Z8 -IQmewQTkfbsKL+AqT3VzIdPENnEK1N9u5w0ie5vxVz2xPbtVjqmsNgiFaAP3r8pA -mIKW3Pbay8q3wMEAWXw6EHTKelj9/7QpshzgR3AM9sYnbcr+pycRZTBEwuCv5Kvm -jbUFxY8BMZPS/b0ZbPgs8rBxE0BhMt+VlgpDbskeT25/0V2pPbAcyHQth6Qker5w -DcycKMaGGQYivLfyz+9kktIOm3AGoUdCHRxAc7xmSkIhFhQVzEgAnlK0QeojntOg -c65vbgy9x6WdTkSwMBRa4d9oNPSreTIq1ygUKOAwxZo+X38q4Oo4MTQrXDNOhGbR -/ylw/avihYJszGl9lCni6kIuqCw8CN2pvQTQcvU9UJTgy6LC7CzPqFfPjBXxN65P -WV+7N0dZ9MWHb+eAoVA/ykUrp52oStAqCYLRwCxC5NjDRXR6AdXtXTC9a3T3JLkR -LW7j8CqFmbMjhuys3Y8MEysgxKAg1PFggkeN5O5uOJXWqlUF8X2ipoMSnSIIa+Q6 -4C4CAspB8k7S5LNUVzw7V4RVLG4Mi1cSCy+Sggc= +A1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsFAAOCAgEAQ3yk +Hll/c8HGGi4EeA0bvIUAFRfgfBkiAyvCmm/jxarC3V4WjeXaK6qYyG7ljktT3ie6 +J+qr6WnhOveaPWJ0pvBemnn4WiiUkSRKk/jEocpbksPoA1kuaPJQxwzGl7IknkhR +tNpfgCr4XrADf7s/eYv0yqZA1ZDGrAbkJ08kfpj4HnC7Xxj00G49csFhVQq/VFAk +Y5AEiUELYNmCyq2S4yvtmsfiW6dBoxZKkZDYtfmYBM55Wmsm/vRwXW6cj+B87GY0 +w2L3CL0/496IgCRRwnDQSVANLhTJ5XhSUKcNEhEWDyXM6AIrlsJEGYYzdENqzWFh +PJDoBKnv/AKQ0nOxBOo7aOZC7WwQ3Yh/dCxDsspovUnUZRC0hD7B+kZLfggIBuK7 +F1k/SXzSKw6PNvtSAbl1V6b0LMC41TzcqoHOQuxoYYiuPoR4EwA1uOzuay6ouDSL +HHPvu1irNMtiz0PsTRHvY8G3kNujLM3MfJrxEYvE0CZvqCMVfBlxFMNexE90g11s +xdIH8Fwe5hc2DuWTrYDVcB8ZVoM7VUqgrp1KHoKfI+TbIIg6mLIthMgwpoFFbBAD +YBP0hk4bOVoRnfpi77vm+1Sc9q49JGmV7h1Zrp8b0RqmE5cgLAf+mr4YxN72Av21 +MhHKbNERB8rHVaOToLOXfE5M5Vli9ffoa6Q+E0s= -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.jks b/qa/integration/fixtures/webserver_certs/generated/server_from_intermediate.jks index 86a0a72c5db114596865be2642915f2cbd3c467b..bbf256203ece2a53767105cd4af3cb1a8469f313 100644 GIT binary patch literal 6252 zcma)ARahL%lEq;NG7w}SxI2Tp6Wrb1g9RTT$N&R_1P$&G2#^55J-7vj;O=h0b^n#` z-fy3FAF8U)sXF!452qUp1vwxgB7>nId^7+HOaXR_jfjqz4+SBkK#5<$P~t~06jSSe zwJ>E+pqLW>&?5hY0NR`XQDI>sBIQE?onR=S4Q%%>1u8b!5G?p_hy`XvApjBi6_7|q zKzK`tl=&lpKUoRrPmz!qfk=o{U@SC@|K5lMKt%wPqX8^n3W&DID2Oa5KyF!1zT4NI z;X!6-w>(5VAQUJ-Lwfk_H;c1s#{iUDhG7THhJa&6!US5no&d_7P%U~w;yBCQ*jf@q z!-;~!IM(ObRKV#zo&Y0D)rgW7j0>eQlI}oy+u%(N)`;@>tA*uveYxq4mS(ZkE)~tr zVgvyjFT!e$w3&>gV-+LZm-5a5b8bLNx^0@XwfAz0*ofA0?JumZ+Oa zbHVYdk^%d)VwS;(2(m%5sxaqIv6Sq}4h4T}_pOi$m4qmb3DM2yDJ9<2-+Ats+~6nY zACI-nv=+<*f4eI&kGL}V=t~pS_aAxYx_|ddCE$({{>JOdU8k8V8NS)6^{-YloVKae zW_#s7DT}`h+)UTGXr&$DtnQW)mF(#4pwl0q)`;CyhMR$hvaZZ?w)-wF_Cgy_pWnsT z{3OLD4zIa78oGQD)MeC3=|YX4AV_`GZTQ}&)@|=JxMu{v?mKe|;{Y)SE_o`)du2)o zT*PMZIoXWt##NlT9HBE&*a}*w`3ZWaY?lX}3NfA6&1-n#1hp~z{-jP-6vly_6*bXx zb@TZI$?#%C_*$Rue!1JP=T_Rs4bd+N@Y6UW9rBh$ihHI1w1`{bcq=Ab_2lNZD=0fD z)EY2Je4@QMx}18E@(ouayrcQp`{(0)sGMJkDLR!;1$)*a?p&Ykkpqe2z%7-f6-I;|jUuK|c{Y4K8QrLNU8L{ny>o?26)z{%?-Tm<=qb0$-y%F+NLLO z)yW_ypFeqSCP<~X`YXK`XntLsps;+K#*9n*qR#%M zE8(jtNPG*X3BN^|`g5?K!-t5&>j3ib9GLYbcM4V{CuMxh)S6>s_TpXMws3!7^W^Qz zxSIqp^TEwp)C%kSl*sE#k{w;1}kGRY{4?78?aX0|lM zs&a$s$Z(>&^VfyDu)eLb5MtV-b_I5hoo~NvnzPuK-AQb!3s1n?`InmK#9Xq9{rKd& zF;K)QC5dwdxdtS8h`x%zQ=&h!p7-}w4ITeT?7~Bwzdb`aL%h-Jx}@Vf;>Q|;e(8Sy z`-MR~z(@)&+W2)d7;6LLh5CZ|evP&)AwD{JQdO2UbmbS@J)ZYou&kZu5LS^G`uKs# zAc44cZrjIqn}8-~f)vb`vSk2PCuzD~bge%-ZH2Nui!BD24xso5-?fnvCaEafW?=g zT?2?F?RytOpK@Tb&P!|sO2~x`I;frX|Ly=t(vb{*Zy0@>p_8z6frXv4JAQkjOO?nU z&Dt$$oypU_s8V@bVXIAK5h_j3{Dp!9)y=u&h;us_+pN<>LAF!mr z*o*3s?=W|QOxAd2X7^hJQV)9HOgIyZb6UDw=3gd9a?)W$97f1xm_*wrc#78ADW+pi z$ni~CZ)GbwUZcxw@5#F|pJ#CGACA3%@2hrB&8q za6*&w-Ln}?ovOJLcB-Z`uMm52-jgco){3%Yp1gB5!l>7JA|eO+@VKK#zpQIukK_hq zmf_E_wcpBjRa#VcrO@l!ciWapC#h)Ci}x|KlkMNu|F-IHW=R1Yt9I#w@UtUdL;z|= zM`({)K7wb6pOu$^L{c@_l<(Ap!ofv{zG8`Djus*Xk901qFvc2UHPW>sbJnUfG>ixu4?DKNq54RW1_YO2i6Bi8qLDWuif|s%sDYy3! z7)?CW3AdvnvHY4wVZ^!R1q2g?dygzE2!TM*)-;#bYR1bHq9z+NPd8Wzc$?RJVC%~z zv^MDR^Iex`&hjt4?`8Qx;djZS*{Uj9J?KQ8p?`|=IMK{9)vPP}{=D(Ol1Jgq?20N~ zspwH%k8lTqI6Z3yt)eJ#1!n_>fn|cjV$GNa^SPo7NCY>x@IvY|4^OK+=Zt%|<84W$ zHxkq`CBFKfbSEy|^SlgE$a@!~D)h@yrRS=v^QAK82Bb_BJ<_N#{CH5UcyZ2I&)^#CWPY5RZd?}?dwHpg z^|i$xKh(G?hq9s4Bnj9fd8W}nrPN4lES~KaHia@Z-Xv&%vzJE z!~3J6=b@F$1}yO}y9OZO;-&y2cp}&$cp&)vS2jnm`{(S2;DTU|;E3Rg;Pqdu%RkxX zA8h%b7)<@|1%zA#DEK;#F1A!$0^D3&yu4gsK3*X%FciDsUqk3<`B3bnf2hw$hzS3b z$bWYb|1T?<<0u^B<5bX3Yg4f_5~LQ$h_!weIbXm_>ce*X>+o`DZJ>z#9{km$ZGBRmef&|$#&`|HPs&3Yz zoTKnqlZFjZ8ivh+0`MdixWBDx3EUN@hh8ETE|Hk)B~AN97JmtHaIVEXnpz4yBm|tJ zk^3~~54v9pHi1U2b{@oXd)1Cb-rbfpu-Ff1`k1QNr>=rgxxJ$}Qk_D*zPBfyBg8$C zUX6-q@7v3ZHYf@xjalM_T?J!tWh1iLJ0~rsL}w=y3|^6x7Cg((Gt9OLYAWy!G~nCj zUC15KPIN*7e9nC5sjX(SldDMI;B=&Y6YG1sU8m`jrh(_Q`f94y?HMl5VlMlHdxA%Z z8$b4i{Csz4DWPF4d1jJ;=!@jh9oa&*_g?JZiBmoCf(#OaoyP5Qh1b!NgIRe=IdW=U zy_s>hjkxowRK)1D+t9KXmH!>pa{%k zm6N2UYIf>>@8C)%C>KdrSSOy;;2XJlk1jJWCRKXkyjWOK^SV#Gn`M^iv@c~UokNqm zi;bdS`(5c|VT*prdR|mem;w>dDQb=rZCk}#Rk7=a&|VTk}lOvUQKoH&FdFvRIo1VutaB3DWEDw{W$s zeob$F{jlH_%3zNwVvqDY&KSp@5OTd^d!VxyaV*}qcR-OqUQ{P%3+Mi4vX2#$r`+)I+3j-GLxjDa@nH)@H(kD8 zMM)9Di31@?Sz5T%)AqOfD1YdTY3t(#YAui{eLca->~y&$E4S*3@?U{m_hdWhlF$T+ zy5LkE|%BfRXC^tYUMm%zvL$=2RSfM=2=(n8NIKIie3NN6U>%gH7hs5AlCb{afvFx>oOZZ%GonFmr_rIynK zI;OUb`aM@L$F3#T2cK>^p`O?-hOT+NT+h`jI98bSGn5i}m<0UkQ01g#%kly5{Sp0%PODkE}eu^m;C2^U-QJC3o_C z#rwz!%#oL$Mu59AX(S$1x^x`RNodEUADhv?nCC(TE9l5ILQr6(rX53HuG1TZ{NoBg zKIFlZ?8iG?v+9GkuQoUxdQ4*?~dAc$+ZtN5`lg1bCxUzmUzi$WloMMe5zGe|!=dw#l1{(#8@<~bo zh6-vojr^R5xY*6=75eZQb!CzGj-zvE6EH}S1h=xuk&lx!@aZ3o#!!e3@)7nR)(orS zECZE)n7OsWCbx2qsoPgwfCF)#U7Iv6g+kyg>0@4{i6m>-;Z2%uGB{IZX zk2$|K>yu9wmYfF6$Tm|Jft=92L>N-4Wc=^-yOq- zjgmdEikCYOB@CJAp0M!_+Mm8~XP* z_T2Wyj}-iH#hKT3fI3}z5sY(A-qth|s9J+Ghwz9Nvl!;i&t_LV){?US(m@G7(QzD2 z>;R?(ZZ!@Yyw{r!i5~d%qC%f-f4cNG(To4QsVxAKy4bo3|BM&C5sxIY-EIO9==w}| zvjw?zloDQ37$~X#NV7x#ZObFV&Mx^peL2f2iXy~#Gw#8ITgK#4I8SsdAU92i63t)4>MDvxfmdUAtS49 z>$t|7f(~4i{i5^@rx?#S?LTtgqxV;LyX~!LYPo;Chypcd+38&8YvziP83nS6t)c@r z)mAYS7JW5ChHV*%21Z429v1K}0I0DTrD1w*6~E^^gx1({2pHF;DeU<6GCC0@Ijk*c zw(~kHUk}OcX{nWsmEWhEyDO6zMX{&u{!BT%owDoM?m*)3Bb;72qCP!-_K)=m234Gh zNP(`3mJ51*ln7~NHxcSx5~XmEya}laqN{VsPFIed5q#o0bIO?Da{X_ zgJni@ec1ZzFJv{s(Y=WYKAsc-2YLbeDF|Ve&%&fX0+NZ83vb-qS{yV()WYco%Vv%o zE2GWbA&RA`I!TNZUqQt`57u#NM-@k}*U-O9fP7~qIVJ9>KTZ@Oyh{HHb3v4@?6K!p>hK$ zz@@kB6c5#&_|PQ_HYxQRh{=7?_<%BdpyPa&Dc4;6w5xqgNTuAVB*PQx>_?cG%)v2E zt#}5IJZRRS*&UgoD1Rfb-U7$}@qPgnLwBcW^(){!1Yog$XP&msuw|io86l|`V$ui_ zWdmWo;1O*KYd%>O8x^-48a(Zhj737u^D3>qYS=Ys%K{@bmL+c9cP0L9V!tNd98YL~ zmoqcbqmH1TLQ zcyhA7I)8x+(0k)Fkm>TjU!ouj<7;6lkUw)e?;wb2!H(yr-G56pNt-@2b|1rfz4Vl7p&xboas-PFfLXWKgQ1J?W~v4yr2EM0U*l`$(w|5mFxz*gtRC zN+K7d^E^wviPO|rD4P>@yx!Ef@SE*vs%e9RI7c*GZ9^U0T1i~JnIRw@6(ZJlQ1B~S zb)itxMR-DAOK-W5423VvFI+0eU$`&%$YNB~Wlk*o+k^dA>mMir}5X*>TtS-0H5~V8@1N3Ev7&SqE3n73n_9v%-d>d8o z=iA$$qRpl(P~4l9X{vdJ#eI9c#_jrgZ^oMezslyJz7O4b>9pHNl%_wYt-=~TczNsn zeJG3)qX&b!s=c!|5=1^KzY^a-f8!@bA?Q+)EY`#3CP2*T{1B!X^@}P3P50|YT1v;i zGDOMgYtv1Jz=sfpohsbA$nCRu>pv}bv(56LF{KXkEFPrzX_Qvfvb^t8=2$DC?0ULJ z#JfM!sv6|nckk_3J`Kr5_=erxknd|kqrZ$y>#PQR;&;M`)y`mk_Cvak;dcS840fcE zKHf>xb0!Sb-899b*&g(LT|?7CDvTd)rA;=e|dB z`(Z5E{^Bzv5rUQ2zixc=AD|<1W<+YBu6sbR+Mf!?kk0wGVySCYv=Cc}xg8UZCU6?; zw|9+m3Zp}&a8*94_C9j;zMT?am!aH{Vi%v;PLNIK44|!|GrXI2rG{3Ibh+%OcamLw z;vXT;dD|njOCu15H1JDGhTnb&VQE1zUvR!*pk)K;16{k$0qm54CTw_6MbF%`9$s7y zt!a}YB$HEQ^A&6`5d^D(xxm=}`hiD6L`6WMB6Dgfb4x>JsIny~_RB1`Xw@Uy7G7zo nAfo8s)mOV(K_Lj2v@1U23!JG%W!X+PKnXb>Cinc$C)s}h`2fw} delta 6065 zcmY+Gbx_m+w}$Ch8drBo>F(~76r>yJ?pQj0xF9Lru!O)OjR;61jUWvY0wUcZ-CXa? zz4Og?X3o4b&pYS*{T%R2a|1kZ$T%7*`oDi~W4?;yNgyRPNgMK`$SfKyM|DID|fa&z?Ndz}4Occ3^ z?U{W$X0Y8vlS+?%*grVlubwop%+b6hdZ@u6)V24&PiZJ7@E}a2`D_@D!o!U zTijkZB{=_7qq3qUz?(VEUr*li!obLI%nHVxNRE#HDmO5bkx#Y((A>#xs)Cm= zxksLZJR$k%l>Xyf2Z3iVZMW?gQEx_9 zuiw^+TQVv7WEt<$c6V80%djs=q8j?ZmMV;BjXCW)cFm5db^@;EmCw>T8X1_vp8R}x3vE1`{JE5y(;&b;{}3RzAn6#Crz3anD^Tdzh=uw zLb*Q1hsZH&hBWs(ZaDM=py$o$cFvi33ZsY#^jn&~k|ApP2`7eC?zRl}nJB7az1NUW z<>2n+5aRKCzB+DF!{S}waC-})FnO`$lNA%vnd;RJBzZ`J$`_o0s*(MJTg@mDIh*)^ z$-TMbAICA0+aIlt6~B|EL=-69+Y|OM9>_#ip!vQhAEYnua`An`9f8*9%2Uq4`5T?f z>bCG<0*yc^^`kB>MSa=BRf-fnlB{8O1p5|`Li`Tvm@-_Elh)LrXo_=*qk2DzEh^(X z3w%x&7^B^W9^+STLMrofSXQqqMWG~bQBjyD$F@Be@RR9Re$wYlTbkj`6ET_~yVH}Z zKodNAPRfhENt{Fds4`CN3`eM@iie)6tjTexzt*9lq?7f3`ht_>%Cpamq?kP34H_25 zkPrP7!wNB_(Om_vI*yN!uYEfj;l)teWcOJHv`l1`UJ({FevVJN=3rvq@X}*lWQ#bVe=Z-I7=ZEvRE<{d=m&oTWp+~ zUor9#!kgKAP|0W0>t$DLw7D^D3~I?;DyPm;DRj7&*^tWC-U=iKeHhPu7fNJzK;Wba z5UUKmnC}G%9dc$Y?J(BUDPP*c5w`;-e5R==+vLlbwS^>xYWaJ%;IP>HVg@JYqZQ+b z)M*8oR7YVnTlrHF0wI~NBT@DNG>lIMB0@j5$*Npv&=|+Y1>CkB-2A7H*T&ySiKZNL zbWZ2_*GT*=AZnn=CivWc`SF`94~}ILAhbi%lit%h)piHHuXnE&XX7Y`!e%B74G9P9 z`7l_yc&UjT1YFQMJL>9#XIR={s%z3@L^f^c)^Az{gchUg*;1}65_4l$5@;2dm)eOl zupfIIk1iaAkB$Si*uB3~s2=+Z)ardA;#Dm6!)^6hA##mR+WktU#m$o4Ut);|n6e8V zDgfp}@qrym7B;88f&L3vP#t=m7tx+yWLjH_C|W!?nJ}i&c+qn9}sARuxkd zTy_xXk7}&XU&cC5^4L0ktH2Oza^9;B;@7#~VoeHm=-65jcI`z{?I^H}}maJt8s znOLeYJ^X;TK60%BykUibGt@}%MyToACga^FrR2gZE3;~CUZ>dq>S+3fOz(5l^Om#X z7d?d+So`VHoT8jCX{qZHt&cY_=xJ8Jr=hWU;o^B#R;Dd}8GZ^U z5Z6X-wsNN!vV}9yvUmXk^+G}_CQYJ^#wM>B3nbtsWH~{9y9f}YM8{(4KCe_+sx1!! z@^r7?q4bd^j|)k(UY8l>XJ`2r`}%@(?M6;+-2*t)L+O+H2gC6-5*Y-1E&I-tFRLaV zui5YCHHSLCAJBS=sSSFwuWwT^cFZ69_bi>{H6)2Ngp zMK~70Ub4S5#+TEhsnEBQTu{1Z{j0?=ZHszM4U$yUg1X&gXU!>DEtgWS;Qxk~ZVl>n z`h#hy_d1h2;?`M*b!L~Lyvp*1|M>@brJl1s(6@C%E{8fBt>OULh?C! zh@T}N-|Uvfpg3Sa$CX7f2?nc0qOi-=GKOs~wkodK?=mX>t^H_b%}Hy*+?A$7Jbj*}gqQ zatzKl`Yv$0nnm0_f@H3~fM1Ne(w!>iO7PjDl3o z78$iV6zxCpx%e?AMbRLKkS8x)edg!FFUom};VB#XPJIS;5@;}`VAWA%Yvx-si!Jy_ zopvSSg1B0ErZb&x99VO&Q*h5TC;L}+e~L}QZ+DaJg+DO?Y)fDcG>1{wW*vmt>r^}^PpzErQbc0!hh6cri{--#ph7MsRvR-hsH*1cTRoZ=Cn^(^tJD(g zoDI+n#>gjVX56PHLfET@(a`!V53(G)*q9aLq0aSTs$YJAyFxq*Ums2lw#oVoe;dQM zaQ}pc2!4G;g&LtbIvEN(l{D&ftoD_f4<*J_l(HjjFE@2@AW(=b!(COvRjp&MD0s! zvn+MIBr=g6cdUM{!6%T0+*vmbMG397c11tr!xvCZs6mU5PTuGF73%IAYQxlty^V;t zQT(ilNq&sZxTOaHkIDAkA>d8qZLuE2;_E(f&P5@0@z=1RR||g|A$o2P*MJc z+|8h92|8=-@qE9|;;sdT?2NiV_w3vy20VT~phwIf0gA?G0!>lv$(H`s8&39}b zYuIlptuMI{{>)U=5x;=k3~^cV$(ZLi#apK5Y<1ZPl?zi8<|4L8G!a^BA3>G|)1oGH za$Ivd?T}NGVC2TvOBI3Srzzqg7wfrX&2D@5^=CNllHsDrWqFoW1}0WEv;{Z5%>Z+} zt6V#bk~gGBs4|>hi^e;LUr~P4q&GjkByN>=)8!PIKykbJV7vf$mK1zdCH!o}0J%K6 z7z`{GnPrdlHj1QK6D}9@U8_kbgWIsi*!%d)H6KJl7}Wj(J{NXlhGImJA0nZQ^sO0( zX|8s{_4%xV>9cE$&8jE3CvO#oQg$z|H1OW{jGb~p8x_5ZbF5w$!DZZON?hR~r}#$u zWX@l$3vCGBbN2wOJzG>rO-U|H=CNx6HgRG^r0f#bqjo79-cHGv(14n5Yn3~5qer&r zoMG!iCkyl>aG4}VGXnMhuPhgV0bf$!CE4YV*uV7mo^x(U)yMmd~nG zRL1e=UdY5y9A2tcW;$M%Y;75WLNr~K)kxCS#L8IfRM5E z>c3jFD?!wsV;}s=c4H5(LZeBHwDd>yiQF9I`$-qqyE9Tq|1RN*S@A5M0zlrmrrlBtpPmoIXm*+Z=r7Ev&+NJsqK8{80Pw4#F2pf32DN zf}n&!%d~SL4tjMm_NkvW4|Q_~={yJ=RGtUn2P@Za(NPkaiJ}ii+irPB$4ipP71^0H zm}jx&(iRshVB#?u0&14ZdSo>XZ##d*Mgo86LLy)W8?z?kh2woe@36Uy9g}^lZ8C%% zUfc&X7m{mFFq^vs9r4YZ7@X}ltZ#oQh{HR<>LJ+@mWgy~??%x(`Q61*&)far_i5{n zqw*mCSCdQ3;ZPuY*th=DoZbt)3HY4u!HKQ8>vlteLO)g#w9G&} zwA!4y?H+MOR?b911C9d`H-uhl&FWaFI%;D&owWi-5&0s-UV4RJFfBbA^%euj;G)eU z*GUdGT}-tt&ViJ5RGYZp5c?G_1bsl{@iBJ2-Jffqb3uE+I@rD;@X*H$&``>ArdO@~ z%SqVnZP#lL*kx$i}Ek6BNixb`GELKTvWhw#3E$v92wd-E&-kdpnKT&&W)54yMfTtioZY0eWK{Hb0 zdCK9f-;m()vlUS(LDGOr0|UaV%w?{Zy;Cj&t$yvuu>5W3-Tf<`y{t8#@?GRW0wln1 zlal*c$|IWbcX#~dU;vR)yq}yJ$kw%1+zt5gTt?7I+&mg z9U<=(F2{*$E$@!%-X`L@(okr@I5t#hrhEhRgakp5+GpQj1sCo@W4wNy^;#yu4Ynlk zqz81oB|~g<@)leQ1dy{O;rUwsg$ubZ?n#X8w^jv6MyH5IUZc&}2u-iSc};&TX;=-{ zaOu0rX73b8dCAh*3Q>eCvo$IXuW}|vE@GUqp{|m929n0Q{K!e2_VTO)y9mRgb)0op zBM^no#@`tM6VE=508hr{+_H1xHoZS+TU<^{F}szi$(#-(1Qe{~T;KI>Z%^VVICezb z=_nTL+7%+-TOJT4f0xxVnvVLs2-mTrQa$dPvJ+k6EtO|d(omFKh{tY@`Eb!CfclYa zsa!q=_yX&DLgk_5yGTJ^9GBSqfz}$eq69;c`THcUxQ4)KBH%Ci15?;^d6u@j_67Bw zC^WFcqpKGL1P&`$TTRPJHkNAJHx`a{r5sY(*A^Qyj&stpSGmLf4u73Hm#i<2ae%rk zzI{_6{E|o9zN~^3#p(>}5}I>S$~s-tAJY%j?-?ZvP7J8My(1xZ(_}L@slH?f9SuvM zkPvpjO3^!}b(qdjZ}U&q`&*PhRM@W{!MSxVfpQl>&Pei*LwXymJu)Co85u=09@-*!ij+*yil z^U1lN_~R9td`|c*#~Uh6s+dTi^!R~@Z8o8d3w8UPo*ZlOL6%0aGES5rgF3tV*YF#3 zR$Oy{3+r>!-_|fx&|#JyctqcA{{iIhmg+va_B}b>UYJRcBL?(APM+S4aGzb+DEto$ zrXla-Gifa)9@0uOM^9))>188&l&y+Ce-ii9fl3)-+%`n0li0i!#F|c%@Z2c_q-*5_ z@k_9z+IHjnSO>p$T{v2;^Rp1;wT zIINZm>)nZoz&Xgcn346dGrcP&CdId;9EAU<;xil#0OI^9)q~h60@5q)8ZIALVyf`u zs%}q`$X`oW+=r0IadFl}reSGR|4EE_W&+!rkuF90VETvGeflGH6EELaT24B!)T|B+ zq>OsZEqF^uCzKGF&2y%xe(GO&3;O01X#Vvan}Yx+>4rl+(U1@==LLP#{;M2DWX zIY?0;M{6=K&k5@8o8j7N!^7|%#lc>)_RBJZzT2V0g`VieH_AugURuiV3*JJ2+J}%< z-8*~_og@TA@V){t?T8=+Y1WK>SPd7Rp|X%#TaKWnZQC_vQFR#VS;j;a6qINGT|ZX+ z{8INNF>@d|5p%OoO^7s%2=Yf1bx-VdZn?QhO98?&u{2&+Z`Gmx@3W=chY>cMS!*MS z*!FgB_!r&u-TWep`XJ|n>L%e4G4l};LTEQFu!!c zEvM$lhXsx?SA^a!PvEdPx>ho1E{9IxkI*~(J;@4>7NJZIQ)<9{UhNK8O~KW%b+9Np zQ9)E%HEIq2EZT~)nljk0e~waZ&ZPX$GHjc)RITf)l3D1F-R`wVJP^4QqY>lz5l(sn}Mt%gMgjfT~ZH+)!mtFWU zZ6zOtOnwo~mtaDS{Aplx&3*`c>UKH^HH~UX&zXQ~`a$Gnn#)JSYph~^&l_%hD@$dd zTelk@On9d15L-G}(yFE|13y4!Hq00VQPGe8G-(a?n^vpqdM)YsK(Oysh1b6Pfx^xy z8;gtC$Kxs|3vt48ToYteymA=sZQ;DjZSuYFwpN*)-(}v?vjcc3N!yJ=JBX1RoXW)S zC(2Dd`e&dYV%b_WkfuY_X@`>!i`t`}A)+pQ(mzMZ!j{e`B6GHJ$isAsuGsxD@G!Ce zu(3CNS^*iQzf<_u6d6L1A4MV1)zTNJTmPqsBhoFsTn)b^LQE{8OlparOIE!!XPeE$ z@B4VA2emz=;EWO!v!K^P1{p%SduVA8k!}S<7*Y@hq`Q%n4uO&GK7QXh z*ZclFKlZct^Q?7U>+iZZ7)G%M1fYUp6dy3KIieM#uRs7yKp~7G1`S3L@iz_y!$2JW zmM{uoAez4s1rUJp_agka0sve5W6(ihZ7}3tiw9;#BV?>it5t;f=Axqyi+2EPTbFd;XoswEM00@L)5%pFT*+3iKZW{0avh#tjO zw7*RVm2R^7`^P5^ZVD*l8an$r7Rxo$T|Gj4?)Ht7P)F6q*_3b*@C&62TTWNjOpC@z zo}#0$>%?`E&ABoSpm!5vgv>XHk*h*iYF-bc#9d<)ek~z>VP36cBG}hrcB-nb;)1sr z_#-3U@`ArI7Oi&s`#T3S-T*LxFJyBgPL;AP1(*)z2M6IAA^`YHDD$hVmCJcri~8p99f@a1%5IPAQ6(Gm3F zTwXta@uIstrZkJ%gw0+4Wy34yFMcq-x=z~q!NA5Y4sqfXlCJEfcpvKG^% zj_c9q?b3=AE){oq*MG7t_0s21;pdCm1g2I8W{xnMV?78g_rJIho^UUem-6H~KmwU0 z9p<#=Vd{=z8SG8<)}26&qmyi`blBjz6`s z*hAe&6+|CY(VZ5X%Di`(@=IP|MpbDLeD^6b-TQ^mv$}!EMKl?pZuNhrci=+Gkck1% z98~X9xK_rH2Y~q1l`iWx^9{-qUlJZ%Q*kXNKev=azHew!X`z9yB3we21|B`77w323oKHD zrXlw2hP0^%8k23(Z~z3?a1?fzb6wDX>}j!7ny_j=Wc~t?Y^g<`_(hjZR-}_YCGp!5 ziP!LDoz#(Y;tos|XfV9iVDn}o^b@;9 z<(}r{?3Z$5-;JRlkAf(Lu_>@a4lRH|;U#Yi6>+QeW)N*QEbA%X=QVt+g(I`Rq`m4w z1vB$(Z?O^&_`Aclj=Ehd-9?l~8bZ)LzPv5Z55-h?&h%lVKGX14ba5Ia=G>@wlh0lE zqtyC!Zrt?SQf8j^iWv}9HWPtS%dm9H~*_iXn9gB8c9i5>p055S3Lj2a55KHPq{)U3hV#Pcjsa{n8Yy$v=ld3Gi~! zXd|*ia#C%KCKFN=Po!3le{MY;_1Z0#U@jQ>81XUlg!;m#$&?LnjoDWM3N`&mP>m|R zove}}%}bRUb8y(y_pyGuNw@&<098U*>LJPU3~QIoKwI&h4&pXpkfd?)+en+-epW}@ zf=R^dgtP_KSHgqhM;z6&Rg)!eE(}ND`j;)G^=-xPqI0RV%ZGM78~QQb%6s_u{ZFpa zB^zpRK#HS3NbXfFv&BuRt>1$;wtJl|uSnBuzNUDn&ab@n8#CR?%uilE|CQ&RuSxjR zbalf8SYMayNo5s;N@h%1JPKJV~VvG$?0$+sC)(7-Jr-6=@ z9{XR2S~j4c$3Iq@m(~M~^_+fAzPWgfkUFxx2`lZjHdDd0+Is)x`7q0me7M}84Ee*= zLR&-LBDg(6Os*+?h7XYR;}U9`LWtC3m$9dvBTW)ZUor7G6*^36I>(TUvdwQWVvr*z zh>rZ3?8rWN$#=(jBq$XYwH?v6XCJU*wBeqzDE3)z`r|h*lL)^ViGv!BRLO^h_2UZf z$lT^~q76M8;IRRM_ z=XG}xA1`@-$_-#ltdHaq?%?tk)c*0dqmhl+4j?exxFSSR0O&Vc)k!-s%`sB`#&XFq zFSo^aJF3nFVQzkZm>7OTau49eB(ma03cv*-39Ix|{NCZ&RUvqqw?(_AqY+B|mL$dv zTg_m}Qdz3Zou9T7Z>BU?7bM6Hx#Y*oD1`=qzQ6jeDLr9Lx3}&mi`WRL z)xbi@8>{pPNtb-);rHNo{yX2FJBfqX$Yk($W*lAq!LAP0C=ujFg&|uhKP9aItLnqh zl8IlYh2th(h~ zI+p01iRt7D)oY4+$@(U&o>@p!$;<(UMX-kp=YWtWLo>ZIjjsLZPV*MA8bi3=IZhaD zD&W(yzqI&aloTQF2zj@iJ4m4BCks=ROo(%0fgknmCGHN#3>i9KoX$JExR;aY7C-DU zusXF)<*mFB#V()f#|1BaswOH%2q0%WezoI;+y<&0QPbX*S>FfI67M)%{U<#55M;aK z6|okAoq`LMd$d-ljdRB`>bsh)X#HGH#4wQY}H<;o8_p zCe{f`L#|_7D0GA*#J1bXZKi`}a0+j(QYs$sT3ytGesko>mh=s*mf1?b7=h`3WV6%- zQ!-{p+P7c)j7ha(y0!>jP- z=leZROTp*N7p-OTR||`8+-dZEsii!m=j`d4giX+V(a9XU>0*9=)*bbC6C?Dlvz8=y zy^~UXykKr*D4v?GE>5IA5Si`w`f?U?N$P}3!o|tW1<2`wK9;kp79;OfE-mG5g8( zqIO5|^}J`ih@~BEYb_+$&B^kt`ZCdA*qYj-1?5)ff|^l1G=)0Ybat@*O-8OBoV%u>6+n`P6>QrJ;G@~#Ho8V*iA(& zNi|HNKErHTuex!!T3(vodvMD5sz+A4r|G5}>n!LwD@`H7@2ZKLZWs3cn{@Mus5ADl zy>a*|Ua=-3ya6>|FGzSRFuJ_xy|P3~PjwnE51QIB4#wy1_Bu(l@2y^25DZt@4h0D6 zrBIr5+slq(<~J67i?K-MMZS-2iHsDD4q=eQWdb5G{htfghGxV`n~GUB&)jA3hicx= z+Xc9C*`bAyRfSe;jrwv3s4A~1>HkFZxOC$S;BeJh^2a!CUG(?8y-*B5cfjW^w3GQU zVL4`_Kx~t0E6vQfKRLCpySLgA5`p$?c)Vdho3A@t0@;H!rN)(m!#FQ2qv~FW7xWZp z$HHm8_e8f8ji?0GqboY3*~jQE{+SpLPmUB8SjQr8V>PM8e}#UTc*9so!{!sd2kiNB zA|P|Rrht1i0bF!3e!d}0WSLkO;m|QV4NzieF*RUiWxIUtJ$6#@M{U4kmXcDAaT_~6 z|2`3d>SRmD9oH2^vi9;``(7f?l`k(A91%q@{=Cax#n-Ey^%ZEl%v8*W!ZJ6s9&SAB zU|^7TC4A*z-D;rtVLXfKNlG1Gx;eKnP03OUC9Hel5fnFgqi9DFq;|}*L>hqmiO%SY_~Hb?UWT6+aC>ptZW>Q#! zicPnd59mQX<)}0vt*f9P@-VL%2-?Xtvhy>fXG=)SE>L@yw2}bFdACNR%6N^<5w7VW z?lf_KMHBdSSI2I%WZvF;=fHakXIw`WrRJ!$T>P*F?bh$wcz4C*5CbiWkQ-_v@8J~JQ7913~ zten0OV*o;bZIbVCfyWHCpjU$EKC3szzt7nQ7)V9>t7n@vW3n<1?oB=-MuiN0*$!yf7;fyFOZqhxY?e-WROBOc`=t|g{BcPe6zwq7|E9zR}#j6#n0HENl^PkDt}&$&qVykstvZ$mS6whlrUztHXZc%E|;#+L^F zVV$%XwYI^s9cX&^y_M1oS_sxEgRK0NJf^p{zs){vIX@RS2fjwL*m9C z_MJs0y%)mi*iVzPqC7EL;*SirAk}@z49>e@Ar{u6n>d-R9C|lf8huRJcdU9aVDzw# zq|`9j=)~3&lgURW^3B$3)LD%K$}O>sw9AoF%k&`WjxKZe?EdanapNCOJ;d$bss^VYXn+aZLl>gec{{C2bMOR@{O%+{v>8p@!&WisrZ=Y5pIM~ zQS{~epK7Sna1`q>Kw-ArEHRH$~8V>t^|_}H(YXoq=V+FOpB-YbqPr=G{}JthiJ4OtpGm{zu2#MD#llS zMx|Y^m(MhdTb%sK<|fHyO*3-r#&GZ|odU>H@y8xlLFbBRs95p(;K?KbvN<(B?DdH` zUW`to3^fp-cE)243=lXyo{oep?4Ox~NbbnLas<%mLEJR|*q4^1i$5*pBM zYMR+M;SqWFg@H)GThv#_Me2DAO-zo#$knd$Z;*KFMM5O6#yVA_`+UJzdebfm)bG`} z7>C@kdBX}xRORij&+M4eKxhz((Xpe~og*map$I4)GU4~M_(6IR1@L89s1r%SSR!rn zOod4!hW2@BH?*=7`&J1jEAmec>S^4Z?YFgMuZz8Gi=p|#P*eSItz!3s`)fJcba4jh z8%I;$k-Dzvx%QMeOFxsKcd)h=5t1EM9XVx&Z$BY}r}k-4AmLpq(S*EYF{#2=r{6mq z7uFB*4;$1YFaZX&deJ`)1KP-#UmrnCYKI51R}^jz(Itw?3L$rihYzGXiq* z2*&dW9asUs{gyDdaM6< zuoM^q2L1Cd4g{d1pfQlt_o&K6Dp$M-ZiyxJ581EGad1o|=U@cYS>ZC7xhkMxeF$Ll MMaU<3{AXAEA6&_gP5=M^ literal 5950 zcmY+HWn2_c*X@U40Eh0bVd$Enq`O;6q@{Ccq-$ttX^<9)K{^GI1`&`}y1PROiR<(J z?!C{wAI?5|uXWD;y#8<`g%}VG9gd^`V1hZLRidx)(6G>okmTneB>6EMNxlz9;;#PJ z!Yo4KPW+QbfoOn#*T8=rG&n6L_W$01i-rlu2R&0xATtPu;VS}x&j4Xa+-zi{)^Ct< zVRW@Fa6l`VIMmAPtZ{kE;btR7d>A{GR*T$%EPdX`TcnSBD%D@|gYsO~cU)ee8G+pK zf!c*Xg%i2wm$6k5Oe^|l3EhQrsRUUj^n|pnjf$|L%B_QA5$wJRMBD1FA>4XDZt^y2 z>qnCYT3G@*)XMGVJln13x1=De9EG={l(k?cb0ku2>j%Rt^Mjm*DTQcqxDkcw9+Yu;x@{;=E(8)E& zjW_2rfEOm#e4n`5E3DbiEz(M5V!m8A=3F$0_VSvMlR@-P3KYp)!|T*jVovLfuyJEM z{{-|D+k>oIW+CVsBzs*GUcv_`W7?GN(2Z-ZYG3Y#caX&{hiRj5EVmeqk${o&7Q`u# zg|XgeJ^qJ-LelL~5FtVmW`&5(Qp^|l9m-#|=Em9LU-L)~=TB5Bh`EK$?0b>qMmOe4 z@5tRr4oPLpY8DeP4<+3Oi{!PD^HJU8`(o!tKDsJ^Idik9MKUw@&s5=ON8xm)g7AfE zbCy$(F}zdcq=IJZP7jstc5vo^_MldElu-@E4i6F>KN-#c^Guo|pQ%c?mU|j{_mX?p zw%+3q6J2xLj?TZ;;M#~Q>k=c2dUAl#3p-YyWMYcIEHkmP+hU7IoZ?;)(5L!Fpm09< zpvMnGtbqQ=FG`uZ)Um$ia{X7V;ETv+zE(}%I0hYh1uYcggnspqb}Ys9kYAYUVo=x* z-u-$3J;?A8$I+bri*^w*>E~78@fz*EUnV@G(%dAnG}~t6Lh1$WpB;Mmw+9&>-jg7M z*R+JbM3Ja#DGLRPaG)BK(W|On;eDk&K}rtlz|-dM%wHn_tW=%b%Jo_U0uzx1BEDm< zifw+oy4MUk;Fl=d%2g!2TyrX>nl?CRwHsTK;Z3B=qI)|nA#`}gVqDsjpVi6n_Um^; z6q!Wp0}OGo2Mk<7h?Nav>0A;g5?|Ji+kR#|6p30NCFJnj)o=D%Wh(Ox{Gtx>DKCv* z@C(He6iEwtb0#4gH4}3A8)LJt@9mZv8IE-jU8;07+KC*!ReM%Es)ApOv{kS#rLS1y*pyw0WR9boWC9Vlp2i#vIK3R3_JQi;-K( zz)v*}D>b~RDdzFT_S=D=+?qNu+zEBRzwz(3Z5g8_jjkwHULC0vv!=&t?P}ns?RO^c zt)4FAK=dhCa-><q6q4ucszVXL0a4b(qtpR1WJD1sOwzOoXew1$DGkEUtNpGy)uvCO>N9r>|4 zq%6rWXrV6kdaz?sdJC?{^)u%Xz*IO^mrJllpW5TOCrX*2H*!fN4|5XCp8gK5s%IQ_ zvGu-9e?gjCXfl`FJ#jFVcmXbtpji`-2*}zbucTMa2h&>>-*3eYJT82cw%*_*s{;3fm^{H9Fz}GdgX+N}*_eS6|e7j+Evd@vM z!dJ5)e&Dc86ndTK<>$BiVtFJ^hGZ=nax~Co4$HnXtQ=*S7FNdl`}?f$%WmhV5SLe^ zGNlSVu^^+jRGVU__X85waV4KuU9g_L9-%tp1P3DR7sEtjwD8CBa_5$%)fVrfmQ0h+ zoIC@mh+VpB4wjFrUK?vDtbtUz#dAN6-!bI<;8P*RW1CzsN z9=AdBGDTx3bYx9tEMJNizf4G(K!M&Pp^?qfN-5{j2*%dDyl%idz@_{g4n?2xpONmLrNre3>u9m?`$WfWA zMh6;Nh~ArlT_!uT&%VW(6N-hy;r=`lAMw;KtQD}xo9R!0^joSiKl=zc2#q~bpiWD8 ztqx#g!h$I`H}~nKyqyBZ9Co>)$(+UEc+@_0g1 zp-=1|hBryx(Es77P=1N6)W(t#r`a1-d&+w#LgP^vho&yZ^3@kUDT(cz zT*t3L@$05}r`ux?Pdg_uC5Mc+!F`?_nq}zGZ}-yu*y$T!CSj@Kf8z0&T53FUXBEzg z+C>81?sN!EAyPhgqbhtMn;%B*RJ6Jk%uleNpD5WIStNT9Jn=i@c!$28JijoMUq8?< z7+J~H_<0OUEvL;YR-$_(xb3M%kwuuoqEnA zan+**Qr^6tO7A_=K`P`lx*-L-5PWHeCg|}`trG7vy6)2Z0|C~Nyu;yAEgUCPy7k$_ zhD?D+aqE~@W&GsRCw)jgbrC36yX-1SR_Ny-C`}OYfSGfD-gxUbbr@%EfR0IQ{9K`U zxIAmn-H;F3+hh2+)+$`C4Wf|f`HeH0N9W1WLg5pquDkN-kxAW4c!-AS&ER{LDp7I= z7@@w-;-ma*G%w}y3 zT4J2z^ex#-+EqS@i;!phjW*Vwza!_-4ls=Ec*IyNmb~yeryIm3zDz^N;!yd> zS7UH6U~}|59p%eyGD3PkEQErykOkUC_L~^?Hat1ZQ>f(_jKI_MEQEK1Bh8Q98)HRv(gar^y_O5BoiR-E*)8r*g7h!caZhj$m2sgg;` zcbLLUXo2T+OJX~WnrlFwnlzOfY;I^!fzXgxCa<84I3a%DizqE8gWyk#E$B(_v*yJT zjxVp;{0+h4SPSe`(X~@uR&kRd@5H@m;I$YK42!vxAB)W!TPqfp5K#dgYtnMCM52~8Fn@BLJwCvvU7?DoR? zt8p?ngf$vl9+Vo7g}tSGeqncp4$k2xv%g*7=F`KD)UA&)@N*AtuMaU)%Zup=!tf`A z(ptnTex>hV$9Zj%Rp5!wgw-Tv8k}_iv)DQLdA7>!kg;gz>Z~suq4VgR#J^ZO%SI?{ z<*ib8*sJlIWtUyM2$Om>f5h;weOs~dCj{V6ea`vT>?1=aPKnQsy>^nTINi#u*2f>D zA3)GmG6!%!IfD7Bu2bEwnmE?qV~|IL65mwmRoIg`Eujcrh|vCs?M9DWQ*DXHqtRI5 zvpgJ;r3$(v167FthB4dksxPcsEos$tSXl#*MfCSNU7@;`YBf7;&*ajju&WL;xFZO0 z50x3gyTh!u`1t`RgVx^5;@49*2OnFW<_)Y&@xkTS=qpL>jjAl{RS#VwDobaNK@DuR zopffVnP9e}d(cQ-dKDdG6&DB7584+6YeAIueMA==cAXF+lzVc&GUlJJUxJ}Fm)t*h z3)EJhLGI)ed0sTTXMh8k{!4&E|zDvwZjT$lW-D7!6T85ZZb?Otm&#f1vha<6p z{}0F%A;Fg*B={7L1Rwr8yO=ot2Wzm=fd5R_f1=a>M?2{Mp`Cu3Z)W$YVRQeXoqyj| zNYoGJIB6N&D@wD!3BKi=D(-YM=xr&vldgvDSzp@+ZzIcw3S*5b zY6*jgVpIZlwy(cGAywQX7%8&8`hz2G=eSe*`2}76TIn#17u^=k4T?*8p@_bZ5~Za| zUgu(Ws%Z*pEl2RMJIffK9-TgACyho<0{ z79xKKs44aEi=1Ta(QnUq^yM#tZkvUqqA2esIWr6|yM^ZgjyI2Fl3M0M$61YGu8u@VE>Xb~@ONtm<;)z9to+yW!~)FfC8980>mQ;Dg8H;1WQ zBVqCQ@+~37I1b_^ya^_oWT^`ZU)4U~RmS(ypvx&b_w~C&eY>l-Qqk;n11Q396HAc7 zni%BO6_XXE#p;4hppn|G82-k(`~m=*+=v;4@SI~ET%xu5Xp?_3ZDSqK(=ZsnygjTYb9w=voRd z8F>e3cGz4Z7^n!CAo4v@0kqa28S}3AXlvZo@31_y#Mxym8>L4+i!$u!@g%5QzB~kz z;3e_wk&XEx!@Av;=~_ zL z=KRrEH4e??9?qXIH`7~eg8#&DkE~QSsrf9@0vvkl=~HnLhGXn(MHmr&|zf^t}|hNW8dP6Tqz>1i3i#c!lr%aZ%L8PPZa1YlV)>)+kOtLbl^D zO^1T-_+*)IP~N-AS2`;bzZyAB&P(Kf^Oia9YTl?}lDYf&Hxvz#p?`GwZL2q!_k>7H z3Q|i4^;s(#`G;d%*L^|=E&4on2&Bby*j&9x=WIBdR%_18HaHRy(oeJlWG`4BC7=xU z2B;LswEQAs)Z{@isc7}TW6bChYp_e>Gg{;Y{_{K5=4NuuFyFLkbCI^vGQiy&s+K(j%-!n zdt~UaAVB(ZG8S#VV0gvj#6>CQ*K9J|;FBQnV$AX-%-WqX`EY>C7+Xf1*JUK`TI4I} zuRVs#+8~J+wCk;1Fi`P3M9nFZ)3@wQb|^kDJx$6*WSyGmDuAg}{j$5Ao&uMM=Ib ze)1-%lk+K~rb+w#s!oik{WinYz48Mxt{WjKsMob1mK^ z+=lcuUsX1+a<@7x=(QzNp3)&NmK!5gjb*f8Q6tIT^8=})Oq|0|%d9p@&%;q0fNOQ} zYER6(CEd-AZHg8HSrR;k#4{xx?zD&Wr3NiZBZ?qq?XaFRmN`^GA|a(<9m{q?$@NKr zYk(znmdGe1&ErF`zqfF(b2)Nl z8r!jP28fPDN~u z94!(!u^1N8r)KqD#u_swDVAiuAbV_L>lqVX9Qwp^TrJM0UNMo$j=*h;NwwlpLQx!H zJC(m3M_u-k3mCz&Wo6vo%;I($9bfgObC=Xz0x-6O4x7}yKPCE@vD~eiM8<3k?F6w# zve^Z$-%gqB9pu#m8@W8+|8c(Vnd!R;iJ=E;+sARK$=ZQPJF7-;O4Z_`0>zC-1Xf)O zEVRGJIAXBR+-#P|^<_vf7)2gUNN{b8t)+Z5{l(zU3v)Xmj*gP!7&-r|VNfS`YU1-A z#EK@a{il*YT%n{bbMI(BRmY6bM(TJ-@wl~B0Gj4quNcT@2Z#RObOt8lBL|V8E2fYUefK(*J!#%EwO+2Y3N&0iJ+2|5GghcK>=e00LkEa0Ivly#Gf< z{Hr$qX3PJ~a6UK$4#vdb!bb;EV*o&;RR$D#zcl3JlzVtf_FLpDWE1EXK+m?Zu$fg- Knt1;c^Zpl@O(pgK diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_root.chain.crt b/qa/integration/fixtures/webserver_certs/generated/server_from_root.chain.crt index 6ba9acb7a..c2094a7b3 100644 --- a/qa/integration/fixtures/webserver_certs/generated/server_from_root.chain.crt +++ b/qa/integration/fixtures/webserver_certs/generated/server_from_root.chain.crt @@ -1,36 +1,36 @@ -----BEGIN CERTIFICATE----- -MIIGRjCCBC6gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJQVDEL +MIIGUjCCBDqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTAL -BgNVBAMMBHJvb3QwHhcNMjExMDE5MTgyNzMyWhcNMjQwNzE1MTgyNzMyWjBMMQsw +BgNVBAMMBHJvb3QwHhcNMjQwNzE2MTUzNTA0WhcNMjcwNDEyMTUzNTA0WjBMMQsw CQYDVQQGEwJQVDELMAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UE CgwFTXlMYWIxDzANBgNVBAMMBnNlcnZlcjCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAKJZa8jP+LalBAlQ8uWWlTm8TLHWkGLFxr+rNzs23mAAfLo8FFGJ -bHQ2iIWQtjCQwHiWUrHU2eRBvL5zJ3cEWte2WF/OAkNhcZu8/JcH3jCMhbjfc3V1 -xIfRdWYEhTI+5PYaqgStNs9H24fyshMFcDubXU1pKfNXtY1sQVKfQl5XeAN5Qcif -2QSfUxNOWnvnmUdBPNOIUP3W+3pqzv+uhPt9Egj2crYPXnSnC5JZSdeya+Rz60xi -WpmSWn5/WdO6j89CVI1kYX7UXuWVhtp8QLa315cMZ9+b238SrDjzNQ+ElwQJO1Nb -oD+JfsNBJBXPy/6Tr6FOZXHOWFFvIErceImKIdG12WL6IHxPlyPpeBGTdbGCS5gy -vWKaJ8diV15Mea8rGH7D30sR2StgBtW1MJOomkarS+2oQpC78HqQrNK1Qgl3GauW -PMIKCU6TR5OPZHsb87u7iXlc+NO+tBoFtgOVK7LvN/QwQ1At4hQaLcrpEJwtjfk/ -8jrC22Ewgp1LMakAsmDjGkkOBZPL5VeNgNnUEp9/AHYfH1XmpkLUOoRmUVkVDqfs -FVcFTLLb2XDtZWtl+gJ5cXxnr87dj5X2Xowo2BMKBwwMpThmJX+i2yY420hq9uu6 -xzPjUC7NauaPnIYCIjWtaBqruXWMxX9DISED71aAVAOSqXbv2fFpKMpRAgMBAAGj -ggEzMIIBLzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhC +ADCCAgoCggIBAJT0RJKyh+dR+joDaEKF++Rd8YPKmo1HllITKIak0gmgPkWb+si6 +yfi7UrnmgIeSj2CESOaPcnMzbPSajBPCtitS1YlYgB8N4OKht80ib/Bc2fYblmED ++Z9+ySnVlPVFiAglS2DsVz3QUtRmpyOYUeqvBNpSZnfnxF/InIRxVAjQ/7FZ87NP +Xa42K8J1d5WXrkE/X8j7BfZUUxbKyGDB9ys8jMoHxmnH2P/P/LcvwZPaQQkxMzqk +tHY/p+tMOdkARFmAqJ1GC+zRQExRo+ppPBMeLWvQXxtW/57giqvwFoYXdFw+GHzU +0LSK810WsBDqIJfZXcd2q/EuW5mwWt6F5c5rFGI+tzYsuE+2C3sYWK7BF+BiHs1H +mZREG6+NCCTgfXaNakLFf/alouJyfj6irZXMVnFZvFmTLwJVai86l7cUYnV1A22a +O6pweBov7od5p1UmFDbD1etVa0u0HiYbdOE5rKxM0p4CDbO7FlbUoLdlE4li12sj +iCTR3psD3TG85cOiTSv1lQGpaa1MJU8a/jH3Ms24v3uFR3U/TAy++c3p2mBqfNyI +sDyIUCBEWAY/Y9YJxiS8VlN1A5WcKSkmiou2SbCX0EUIkaDoDaOiWFJY0QmVv8nM +/Keh2tPWS+NFoBLyU0iEr+kYhRloSJ3uD1opSYURtWYd3wEU9ZJVyDEvAgMBAAGj +ggE/MIIBOzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhC AQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1Ud -DgQWBBQGuAQ6NLkmWyZGLYEAYVc3+43eIDB6BgNVHSMEczBxgBSWO1UVkFl5LOup -lY08xBLcfGyc+qFOpEwwSjELMAkGA1UEBhMCUFQxCzAJBgNVBAgMAk5BMQ8wDQYD -VQQHDAZMaXNib24xDjAMBgNVBAoMBU15TGFiMQ0wCwYDVQQDDARyb290ggkAzDBe -dcABQHMwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBoGA1Ud -EQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQUFAAOCAgEAoUitYEBW -lzBMuuDMHvVrtwTcKNXeOXZ6PC78OXNxGCSK4CxTzOceyHjj0K30r2qOd4hNbq43 -J60Zf+69qIpkezG3hcCy/8Yu1lLyhxLvErCbgkvZ1MH4HkEyJOeoh0PJoIq1U3vu -SA2Ny6LDA5QOWaVME6c1L0ntueu5/BddrTGtqHvK4Td9E3Y8gQhtJHCkN2GbkRRS -vr2+efC2hNIWEfxFTP+RRKKGfn+B+YASPgLDvHpIapz65MVebJH+gIo/k57swPMJ -K3Zet53tXqUvnbh87vyGdaOpq897WISNfleQ/XJB28Q3G5qBdLiTu7oxYG42XhC1 -qIm4pZ/gGW5lauu3h9bvzODB2DV6ShnBujtzbd0vBBX38BMP2oOOQ3X2QgalGOKO -jd6yTCN6VO0ZiFD4xO2XsE1CKkRqPx9rRCKR85NCvlpyytC4KIZjcomf0miMl9e1 -G9Js2y9agiXgQ5lrlZSQ8XyvRD8PC1anCxeyn8HaBblYNwUZ8S6vXkq7K13MuPgX -3vw106gUcWjw6GwC3BOi7UNtcAYyoXn6jLJ2unpn2mqjpCfbQZ3mnAI7MbEoaSFa -1CTYh9bxYK6cN+8dOnYoXUyD27aDq6xfP9YJoNmQdYTW4Wwf5JCK23j2DtDB/qen -uyydJBuI6Me+ctWntImvjM97Teu8s+ssQaA= +DgQWBBRFf07E369WKOuyKog6EyuNDDWDnDCBhQYDVR0jBH4wfIAUAdlczvOoJQH9 +cG+fm41vGD8WZaWhTqRMMEoxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0G +A1UEBwwGTGlzYm9uMQ4wDAYDVQQKDAVNeUxhYjENMAsGA1UEAwwEcm9vdIIUM0vS +1bRQQCJzcfsSQBT78uhQ7lUwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsF +AAOCAgEAPW9KkG+G/oRmCiB23nxOJz7R6w0S2eM938RaKkRhtXdXBmVIusr1vdFm +QvjMA3RgoQVTyFwD2PIvpFmFAYThZrxu8a9TIXqVrgHLvHgRuWVlXbkq/fsi/AEH +BNbJS7WoO1t+QxvOVXota/hUYMhes8QvRTDqql6iXdV6/mzLMxJ7vpRmnV6zaRmo +cMegAH82IEeXz61N++Cn+Tzasy2mkH/eZ+pXaPrCKhwWD08zEDSm9ury2LJzPWCT +GbHkwgJy8TwIRLCpORlccIoZED0wyeQNAuMRS3vh5w2UpHz1CAot0dF2XzPwkJaW +eJTHmU9iRmPnn9VgCSMYLadjANT1SGFeLJlYxAHmbheMKepkFddiqyCUVjIOyN79 +7Uzgl4iPSFrHSyNgeXuIEEmNb9jQlcxPzNcyjz+XPYAeh9RihvZgi0TalPJqFc57 +HKqDoUnHfb2iyN2wmMca9xKhBgQycFxsoDr+GlWehkPMf0ZIqR757v65/0JRGQuf +2VMyTYm3CsRgIuhrI2KMCeDrOeHrRAz/A9Sa+PI7Arvu0lPaTcVCAz7Nw9DnAOhR +kfC1mK+wqPYHKZduYGyBmZsGylAOaiO9KGWyzk11qI9Bk4nmkJ8KS/0rmXYAwZB3 +dbEceSt9xvY3oY0R+qZFUEF5ztHaBiggScS9duCD60iZqwScAPY= -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_root.crt b/qa/integration/fixtures/webserver_certs/generated/server_from_root.crt index 6ba9acb7a..c2094a7b3 100644 --- a/qa/integration/fixtures/webserver_certs/generated/server_from_root.crt +++ b/qa/integration/fixtures/webserver_certs/generated/server_from_root.crt @@ -1,36 +1,36 @@ -----BEGIN CERTIFICATE----- -MIIGRjCCBC6gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJQVDEL +MIIGUjCCBDqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQGEwJQVDEL MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDTAL -BgNVBAMMBHJvb3QwHhcNMjExMDE5MTgyNzMyWhcNMjQwNzE1MTgyNzMyWjBMMQsw +BgNVBAMMBHJvb3QwHhcNMjQwNzE2MTUzNTA0WhcNMjcwNDEyMTUzNTA0WjBMMQsw CQYDVQQGEwJQVDELMAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UE CgwFTXlMYWIxDzANBgNVBAMMBnNlcnZlcjCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAKJZa8jP+LalBAlQ8uWWlTm8TLHWkGLFxr+rNzs23mAAfLo8FFGJ -bHQ2iIWQtjCQwHiWUrHU2eRBvL5zJ3cEWte2WF/OAkNhcZu8/JcH3jCMhbjfc3V1 -xIfRdWYEhTI+5PYaqgStNs9H24fyshMFcDubXU1pKfNXtY1sQVKfQl5XeAN5Qcif -2QSfUxNOWnvnmUdBPNOIUP3W+3pqzv+uhPt9Egj2crYPXnSnC5JZSdeya+Rz60xi -WpmSWn5/WdO6j89CVI1kYX7UXuWVhtp8QLa315cMZ9+b238SrDjzNQ+ElwQJO1Nb -oD+JfsNBJBXPy/6Tr6FOZXHOWFFvIErceImKIdG12WL6IHxPlyPpeBGTdbGCS5gy -vWKaJ8diV15Mea8rGH7D30sR2StgBtW1MJOomkarS+2oQpC78HqQrNK1Qgl3GauW -PMIKCU6TR5OPZHsb87u7iXlc+NO+tBoFtgOVK7LvN/QwQ1At4hQaLcrpEJwtjfk/ -8jrC22Ewgp1LMakAsmDjGkkOBZPL5VeNgNnUEp9/AHYfH1XmpkLUOoRmUVkVDqfs -FVcFTLLb2XDtZWtl+gJ5cXxnr87dj5X2Xowo2BMKBwwMpThmJX+i2yY420hq9uu6 -xzPjUC7NauaPnIYCIjWtaBqruXWMxX9DISED71aAVAOSqXbv2fFpKMpRAgMBAAGj -ggEzMIIBLzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhC +ADCCAgoCggIBAJT0RJKyh+dR+joDaEKF++Rd8YPKmo1HllITKIak0gmgPkWb+si6 +yfi7UrnmgIeSj2CESOaPcnMzbPSajBPCtitS1YlYgB8N4OKht80ib/Bc2fYblmED ++Z9+ySnVlPVFiAglS2DsVz3QUtRmpyOYUeqvBNpSZnfnxF/InIRxVAjQ/7FZ87NP +Xa42K8J1d5WXrkE/X8j7BfZUUxbKyGDB9ys8jMoHxmnH2P/P/LcvwZPaQQkxMzqk +tHY/p+tMOdkARFmAqJ1GC+zRQExRo+ppPBMeLWvQXxtW/57giqvwFoYXdFw+GHzU +0LSK810WsBDqIJfZXcd2q/EuW5mwWt6F5c5rFGI+tzYsuE+2C3sYWK7BF+BiHs1H +mZREG6+NCCTgfXaNakLFf/alouJyfj6irZXMVnFZvFmTLwJVai86l7cUYnV1A22a +O6pweBov7od5p1UmFDbD1etVa0u0HiYbdOE5rKxM0p4CDbO7FlbUoLdlE4li12sj +iCTR3psD3TG85cOiTSv1lQGpaa1MJU8a/jH3Ms24v3uFR3U/TAy++c3p2mBqfNyI +sDyIUCBEWAY/Y9YJxiS8VlN1A5WcKSkmiou2SbCX0EUIkaDoDaOiWFJY0QmVv8nM +/Keh2tPWS+NFoBLyU0iEr+kYhRloSJ3uD1opSYURtWYd3wEU9ZJVyDEvAgMBAAGj +ggE/MIIBOzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhC AQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1Ud -DgQWBBQGuAQ6NLkmWyZGLYEAYVc3+43eIDB6BgNVHSMEczBxgBSWO1UVkFl5LOup -lY08xBLcfGyc+qFOpEwwSjELMAkGA1UEBhMCUFQxCzAJBgNVBAgMAk5BMQ8wDQYD -VQQHDAZMaXNib24xDjAMBgNVBAoMBU15TGFiMQ0wCwYDVQQDDARyb290ggkAzDBe -dcABQHMwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBoGA1Ud -EQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQUFAAOCAgEAoUitYEBW -lzBMuuDMHvVrtwTcKNXeOXZ6PC78OXNxGCSK4CxTzOceyHjj0K30r2qOd4hNbq43 -J60Zf+69qIpkezG3hcCy/8Yu1lLyhxLvErCbgkvZ1MH4HkEyJOeoh0PJoIq1U3vu -SA2Ny6LDA5QOWaVME6c1L0ntueu5/BddrTGtqHvK4Td9E3Y8gQhtJHCkN2GbkRRS -vr2+efC2hNIWEfxFTP+RRKKGfn+B+YASPgLDvHpIapz65MVebJH+gIo/k57swPMJ -K3Zet53tXqUvnbh87vyGdaOpq897WISNfleQ/XJB28Q3G5qBdLiTu7oxYG42XhC1 -qIm4pZ/gGW5lauu3h9bvzODB2DV6ShnBujtzbd0vBBX38BMP2oOOQ3X2QgalGOKO -jd6yTCN6VO0ZiFD4xO2XsE1CKkRqPx9rRCKR85NCvlpyytC4KIZjcomf0miMl9e1 -G9Js2y9agiXgQ5lrlZSQ8XyvRD8PC1anCxeyn8HaBblYNwUZ8S6vXkq7K13MuPgX -3vw106gUcWjw6GwC3BOi7UNtcAYyoXn6jLJ2unpn2mqjpCfbQZ3mnAI7MbEoaSFa -1CTYh9bxYK6cN+8dOnYoXUyD27aDq6xfP9YJoNmQdYTW4Wwf5JCK23j2DtDB/qen -uyydJBuI6Me+ctWntImvjM97Teu8s+ssQaA= +DgQWBBRFf07E369WKOuyKog6EyuNDDWDnDCBhQYDVR0jBH4wfIAUAdlczvOoJQH9 +cG+fm41vGD8WZaWhTqRMMEoxCzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0G +A1UEBwwGTGlzYm9uMQ4wDAYDVQQKDAVNeUxhYjENMAsGA1UEAwwEcm9vdIIUM0vS +1bRQQCJzcfsSQBT78uhQ7lUwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsF +AAOCAgEAPW9KkG+G/oRmCiB23nxOJz7R6w0S2eM938RaKkRhtXdXBmVIusr1vdFm +QvjMA3RgoQVTyFwD2PIvpFmFAYThZrxu8a9TIXqVrgHLvHgRuWVlXbkq/fsi/AEH +BNbJS7WoO1t+QxvOVXota/hUYMhes8QvRTDqql6iXdV6/mzLMxJ7vpRmnV6zaRmo +cMegAH82IEeXz61N++Cn+Tzasy2mkH/eZ+pXaPrCKhwWD08zEDSm9ury2LJzPWCT +GbHkwgJy8TwIRLCpORlccIoZED0wyeQNAuMRS3vh5w2UpHz1CAot0dF2XzPwkJaW +eJTHmU9iRmPnn9VgCSMYLadjANT1SGFeLJlYxAHmbheMKepkFddiqyCUVjIOyN79 +7Uzgl4iPSFrHSyNgeXuIEEmNb9jQlcxPzNcyjz+XPYAeh9RihvZgi0TalPJqFc57 +HKqDoUnHfb2iyN2wmMca9xKhBgQycFxsoDr+GlWehkPMf0ZIqR757v65/0JRGQuf +2VMyTYm3CsRgIuhrI2KMCeDrOeHrRAz/A9Sa+PI7Arvu0lPaTcVCAz7Nw9DnAOhR +kfC1mK+wqPYHKZduYGyBmZsGylAOaiO9KGWyzk11qI9Bk4nmkJ8KS/0rmXYAwZB3 +dbEceSt9xvY3oY0R+qZFUEF5ztHaBiggScS9duCD60iZqwScAPY= -----END CERTIFICATE----- diff --git a/qa/integration/fixtures/webserver_certs/generated/server_from_root.jks b/qa/integration/fixtures/webserver_certs/generated/server_from_root.jks index 1596eef7b5d1c8f746867d2f31ac3484c409b2ac..11414c8e6b4e65d1bc66941eb264e538f8492343 100644 GIT binary patch literal 4652 zcma)ARag{^ww)Oo|iYv_;~VWdmCVd(BgkPZncDThvJ5v0$5 z&%NJ&zWa3V!>+aW+OK@`@0M1I$AZ_hBN4yZ?qeAP9Vk z|JB0h!$jco{0(#cZS2?t|HFEM4+P~Q@OmH!yiSPqKMX8Fh#utCf66BiE=)49=lUsC zbtMUsY>nhOjyYnaUmI{hAa)`UkP-3(8~49Ag7B~a5PEDpQ=}Zw3Ih|!iAm(X0UQG{ zGPl29HOz*I=J;YF@KkZU0Wsi-kz6W@upU`d2*VO@`d^hS4={!Sh`W(}$>8gtSE6$j&R}nh8)> zbGL-Wl8{Io1qNMo$;K_e+s4GIb001t+YMCaqx=VSI9K#RrUUBmP+>2^w-LHbrU!GB zd8Y9@Lw}~9KxzPuXUJndQWxH8aD24LRk{>kHoxPxJzAuvSTJ5z>eBh6ZinjSX47oU z>^|n3dV|DL!g(+b+nI*5ezTaF&{tGyeqxn5t2TziZvi^Wm8sEzK;&6|fQx0c;p1@) z|1@-m&IB(*q-fAHB$by@Zm@`W?oo|`R$cW@xJE4VdMUH|`Zd}j+YNn!k1BX+TQB$e zF#sG!d}71V8a%H+n^q|}evWDF9{h*dVhKO1V;`Y}>I`WmkJ_1=8nGqm0Z9`h#oVraZj0JL z=?r4GHhe7mkwnfE5T{!sb}h{6D>N$#ht5)y!}4`Go$g4e1!_ExY^;b7O}r^g!n!R9 zmRxW2<8|ja1d@gl`?~gMfXQr4=21SQT7&58c+p-Oo zbG}dUBjYk~#_#kQvjk+fx-_ozhpDd~OJ*L3NP zZ_lMEi5^r6PtgxzuX*V~I%2a%2>S!rfRgxBm^3IPPI)0tk396i@bL%zOSfDL=0O+P zVyaxylEj9R-3B9J(vCv{h6}F&?4xb9mK(w>E8YP;_Ze?S@(Uf?vLMi zx5zd~bE!;!q))P4Uz>h^NH+9l^gb{5-dG?@-|ZE5!2l}@jbjtJ(7dg!l-I(3I+);XtE{=QZhH{Rt* z_L$Af@MX5d5N2aD3Mp7{Gt0?}qmyFsZ$8SJJ`&KA$N=p$? z@heJCJw53ib4SgzQAO5u5LS8z>bYHk)E7Z+u#$fX$y%UFL*cXIl(7rkf+`m#%gJe8I%_ld5F70 zH#DQp_6*>waHX5@8j35Yu1KXG0@F?Ya!tGsMuJs2WgV|Xhm|O|T~P^j)eW))s|lTL zft8v>mLH;DteFR42KYu`=5CB$DoA7n|6t1K7=NtS2#pITQi>g~Ep5ni>?K}vg_7NW z66xO8B(x983S8vP&f)8@k+y2{!|vmPyD*8t#6!sAy~Vb9lN{9AfWCP9rm6lk;cQu~ z1@FvK{D(o|GN%@PdC%2ZXB?itr@Qr^qE6VM11&UXQ2bA$tA(N$^PX(yaCbQJ8)l+s8aOV zYo*7k=8$&RkCae_a!n?VJd@tKTzle08Y8iTWgnPa6|f>ZI!2sWQ8QCq-13Ywo{kJ{ z0Wm)*=aLel6f{2;tt`!R7pGd0PF6}PY~Vk^FLp;gy*}N?ivECuIDDr`Dd{81Ai0q0v%^1-rE-kw4 z<0Bq*c73cb${~aCxsk}{RNIemBPh&#(z{UieT?#)blNHXXvCwcd1!St$RU`CNmfX^ z+QB<7`j(k$4F2`%u-H-fr#5?2GzPx`ucH4=glI(Bh@i`OOzgTp+x#Kos)=OL^{qJH zkWi%k+-3kPr`w*vDM*FWn4G5t9B(VJ!W#7LyR-;&p)o_BOd={gHe3sSbZ?3wsi2yc za!W+18DpvH1L|>c5EjFfai2ObSLwIFzj4hs*3$AvO2-aWi#3H6tGpH5p?_+Z0B){Z zQtWJjaZV+@_MCrARNn1==2AKES7`x$Fi0JIbfm}93VPlYwqI4is2?%OfN8J8FwZPk z<#E5Q^bi%Ufd}i$VraTugO{&xKt5p)|9KYq*K$h2-S6sKu;Q6OY-83+etYFy(%VLi zCVrV-NfU-6h>lR=f!s@EM%8f1D)Q zX{*zu1OtZ#_g-DBV&kW$z}UX$ZrG9{w&n@^3sU=qU8sn}iPPMAvh1N}daR$}#CEJR zyu%D4!Kybz8YhL(>Nl*NqRK%Rx2uAbG=r~`H$jbGK+;Q|(7Q1*I#_4P$F+CPD8??# zo?6Ww=BY1*a7o;UCh0$y5nJn(C2g68`X}Y?Gb;u>OId{#useE=d`azP(1x0fxu`>x zM|(3T7d75amkmEJUvUVTclI{Z5;NL1%^JD&3P(gU)b_7%%S}#hwc-MWzXiHo20Gz( zeJSatHkN9%xkOcP#p@``2iLbhyklkWX=;37SGS$byEx!MwIQ&a9&PIKi{AZP@5)d6 zFAF1`8So2UO$g6Fat)7+7tFv2a0gfc+yGwx_9g)9zjGIW6Tsx((FNcEVfqh&oRaLoUPj6p!a-$Ca;9pL{Z9h1vVBkgNs z^=EPIUvG)De&8>v+xh=UM}PPV;k-DH`*dr(`6+6Cq9}vY( zig%)=k4Gi(yh<*kD0@|0^&{sAFth8YxblgDtM{9^(&8=#`IeZ<%m__J`}v{6Xx(5% z)zR5>7;l25i|{)~FIc^5@#y?1#MUCr_bd!_h;rBnNbT$pou zOL=PO&5bp2%6tGcueVjhJOi&C#jG&7<+MN=JQ)uTVBGifGIHzB-bkE#%(jh`Z{)to zzLXq)T@>4Md3*bF1A8}gYe4DD94*PFA)%86usNM-58{gQwxIRaZ11I)%C}lSC`{Dm zB1m@dcOTp&>O=&Gco5pyn)W-__w%RqG_$zN;)c~ZkCv0sBJN+uUjAsSYRWN6o_FDoF6#*7B$}fe z;}!6{C^R_k*z3zCX`^shj#5X+C^LD~Fr=$Ye{v8bNmde){VLxCs98&Bzxw-G5lvADh-5g+LD>Uo z3kJ6<#B%D5J7VARvZMrBHe_T!9R~Hn05lsnzrJ4vmpo~{&LYcw=ErV#MJ1q~#Q4EK zP_!k+4y4)v;G|jl?{K<^QkcVVz-AWPy_|Vyk-(BNDM#ocb_T(rglq}&4T#N>q)W>0NL!2~hgk=o)_{@W_1$v>pQK?zp zsPH??5R~wN<`j4g{VeOu2P_i)Ih*K8G$8+Eyjl}f0GG2r7ZfH?@v1NcPrW?PwYPZc zAEW%r*OI%;#o$uUOyL46xux*&wi#v>5D)!hl#$EvQ6i+_lhqf%hVUMXj2p*;Haa>@ z_4Gn`Gr!r1TC!03{pTWr9WU%L5BCQ;>(lu^=BZ?!HcIq^-E3kl)sCtpeezojD8MvM z;?Lkn6E=3?skhWGV9{j__Yx}?qf5tUZ_wTSr9fRezXX(<5nSpb!{tolQUe>n!^IvC zm*DK7-y$0DV5!96r~h@hd2;hkz|Mr-&#|jp!f0Ay2rFd_JT{(29>_ojOJ2E-!p>3a z6mXC=Zzt1coT5Y43MLnd%pc8`AQai-i3A z`e<=FFncr}9$t13fB4yJif#5~UFr=%qRk0(}#mzV9 z*0clcdBZT2_x4oxoKN{to8ExoXx57J9HL^CBHeNv6E__pr;ZWP0B{bPCg;j(PW1SM zKA|&e{KL$$h$Cr~*=IW2rF$;rWbyiQmbtHI_G;GKd-izE$2bB}Qt?c$(5)%LI}~j7 z@j5RaLzi(^il_>mu8_cj{EbR+;QZlhfb`9cRFEK2y7U~@(b6oP^@n(g=5uJ)n>-Qf zlEdmlQ`hk6xU_LS*|+by0*&?)PlGb9-+SUbYe=?uHXoxIvJg8PsTbx126Pz?==y5b zCWXArxht%BO|Z>%pRBi z4o*McM`yXS-8Y@1!>k)LnbV=(?|}|nNy>r&+?K|)U5a%{-+)7~S6^#R%FG*(%^q9i z7EFn8ly?z36W*jmQ_#fHH)*yhvq}kz ztZH|tHD8{Qu!)%R$Ph@$Nle_1I*cf=cPJUBC$7WlM}?eSYREeXFNE-)4+;o~1;AunwFr{W;Tw`6 za#KH2m=0?qVkK-9QnngP{?IvWfXUN=N!C4>_CgztbbfBVXU!0b5m-GKUin`q_Fq!< BuoVCR delta 4469 zcmV-*5sL1tB$Fe5FoF?}0s#Xsf)Pjt2`Yw2hW8Bt2LYgh5jg~c5j8M^5iu}=3H=5M zDuzgg_YDCD0ic2j?gWAf>M(){<}iW@;sy&UhDe6@4FL=a0Ro_c341Vt33o6l1_~;M zNQU?a1aiVgIVF!C2Yfnjm6@0s{bl!%zf*2}m(-R@J5?s$)!? z6swiH#n7YPLmqF>M?ff_WTTS7lG?e@8k=FN@wIhG)|X)m6T0dC*iFeSKm6`-wJ%Rj zQwsAq@+dFGRyVl)m9%t&v9R?Nj_0Ecpcpj-49nLZB{KmIg1f>V{Ms!Lf^7>zF&~~04+u(eZ#C$T0nbp<2u6$;q`B_N4EjA@ zEwK+tF(*)3{bbtAi@$!Y;Dd$>ZdN6%^6fB|Ii~S{D0%ubf_@#;xa-nSv$L}UJ=l1Q zN4A&f@DC~By$+79SkU)sk#xb!a=eer29q(f=(aRGtvqFA6$peKec4Gr$}UHccvI%} z?A@@sovol4Q_ieNw+hcr&gOY@8br7rX~C@_QxdHNis4!@yZlMd zr1b#gy^5tOCt8647S4bJ1JYqd@hGsD{2+^e!ArZw(c?^BKD#bf&I|M0*1Ogn;=hIZ zGa}DhJ^&Q}g~oox{F5FEl>78D47hiY4|QTm2}a(o0Q3gE8Hp%)>oU+hhOMmRGb{{l zeT29fn-l$YOJjubXh&x$kz{@`NZ&&8%j_l%9AtFsGi91PaLL~9Y&4iRe`M)P*@4`D z$zl;iAPa+MrFe0jSfw3-NkCFW3Q_30Gl*OkjFJsbk=X77LF z{7_pOxzZmiBRlEp_F(Rjr>a!{P~yCQ$Cg8NfZHZxr>1Yx_O}(8ghliaU*t9cD69a& zq-1q6E`E<8(zIKPFfECo1cc|{9H=jPF4i4%&#{m;5yJ_E7$D3D3V@q)E9KLcl*fy| zx8I27_>8#d`wKS&w@Mj58Yc#@s3EVNQ{K1rtq;8F#2x#H(C|%6#WxH-S6{S$Zc789-v#Y9Sxfgi{Qta{B^#4E)Wmv<_$)kFW1}S?AtY6iBu&*V9oS{^E;?lx&YPX$HcZC!*8)5QjgDOyEdgrsh z)P+%>WfxWIsRHPK{ThL_in+fk;zVEn!u!5gZB@S*RfPwjLD4@bqHa6ob7jw zdhxB=#|iVIPlQu8D{hj%WhalT??TvCzJKOlxd6crmJnAxX*eGHPJEz;=-pF)A)LjeDGx&>xCUr{ha)(G1$smP_=tKYWk%O; z;dxL367tL{F&gRdrnER>BL2I`*LF-HuZKSDa;Wmg&WzSEPxm zha=eGgTovFhlV-}@Q`Tyxr{=4iZ{v0KU{iT4qBuqhE;a%phZ_=4y#yS(w!jUsu@D# zqc72uWUbzY@C4XQ=F1D7iI1V#xD9^vNq^`&QO)uT?m z28eBcTu~ee{eDBnFQW-qW4hN$-v=wh+5!bP>OZ!|>w<#G<=2K4n%o(KzcH7S*O8T zHa0jgH8VIdFff7#ECvZGhDe6@4FLxRpn?Y-FoFje0s#Opf(H@?2`Yw2hW8Bt2LUiC z1_~;MNQUD+Edzam@^T!k~~m0s{cUP=JC4*nhe`WemBV z$dAGRZ@d)hfI^Q!SSgW2Hi5)P@Lh>X`fq zfJtZ>diK;&^_(`TGp~-VEISRO1IY}K@%oLqOujm;D(;n+WGd2TC2yX$q61tgjJk&h zo~`W_Cj?D1KfA2Zosxe<%Chof$*giy{?^@@TP$P;YN?RGVIo7#@@s_pf7ieIEWO>P zLiap$Q{c`rJPd%)K3}iLM;^kIDRDw3F59LI3}9-w&0HQ@HT-0gw4kM1w%hhk7Q1IZ zBDe`N0=xg1{MhlbFGLgy&!|>E=A(a#?<&X#XmcZQIhZYjqs}XhF9msj>FV_WfB?vT z(ods+A3zwp_xXtY>8FL=e_hZ}#24$i#nPtR$({kfUdRF0#$4Rk`#N zzv8Qw-}@Mq`$>3}%zol*ydzhU#e`d>RnS_o{*Tp@%I)mLHPue=w=LS7sx?w0PmZ?2l($1}|mlVy`H7za)GUcMzCKc7v`tB4TTA zVCoH<#eaT(>Ou5K?i?Wg-aRRZzYcruRWap(E(xH#w**|Om(!5?Py~-{RH*Mb(=gen z;ycnS)$uaclRCWM6~FH0&El-E zCSf;vX7Lh#Vcv@PZcKQK^+@Kp^)dd*e^Y&?eupake+sj{Ibf(IGn-vDixU%K6=I2A zl6(w0yC6NAY}Ooi-A6nq5d>#_F^uWBr35(N;Wac&vZqTkOr61dX`r(J@p5$)wXbcU zuA?K9C|x==!01Or`=``J_i?o}9*hq?-SdYT=wT+$J z-7D6~YC5RpgEG+hCL}Ub`xS41K@Qv!*f-gnA51KA6Pg2XA$T}4?7yvt&s3_=)P;he+f$YO_$+em3)6_A7^OzwC1=v}k30#6&5bXoWwE@yW5Gsf^Y3XP#+&(1 z8WD7ykHj6aN1c?e6MD7~We6#w_^>j=f2e>kL~lDyEc^<0;#fYsUW2n#++@sN%~aWv ziElG%A?ULavd4<*ZSWwYuRdv8)2qJC*V74@9gILd+T>bvr21_ zdcd{WAKsZpX=PB7DrcL!4YSDF;*$_KWVDYoP1po`3TR$dcswV@N_HZoTvm%ne_)cD z2hI^M$B^kCIL0U2Pe&rF^tdC{I<7ls%P3ed`2oXBdmq;}vE!xD8fQxx=@If>$5(K zxH95%@mJR=Y!4;$jBbmT7?{Izf1vBt$q;GrRjW#TLpV6VT)=9n?NdF^wFHdv&z2=g zr~Mg*d0Igqp+YDo4#*C#@-goSnPaT6o3?IhbqGpc^WtQk4GYC9V5^ESJ}@CL2?hl# z4g&%j1povT6h3xnG{ zw@dfCkAa<&em_<@cXe~74qc^B)w&%#19j|zF0n2FNZvA*(M zk#KqGEioP&6$J6h7?%0Q*t+ z%#xR~n0&k}y4rz`%6hKovoN4Lmmr+_wX#>O{i;*j!us`#R6b+NmGyDvfjti_%^tWm z2UhOs2P`9U$^JCVApfz}_(NdGtSQ_YdQB zI!H&$k00K14r zNV(aW)}>@|`11OzzRLIt$-@8|I|X$FTOPegVgRChXlT$4&z$-boxDsIh4;ijKW*Gk zuN=}Duyrwap!)+*fs8Au2RN&F{+&9zlhO6&a>0fj6g454Q&zfJ^TwVqhIU(jzU^5I zrMwo!iHX5@S7QD^QMr4(9{aEyX=Wa_)_m2fZ-cWLIniZx{E|<#Oq%)`E|*$*jc=U5 zZ=bkzlf&{%O45>8`~GzjURXV{@|PcD!Ln9~MTPnUaLFhh-j82bk30BLUK%ck^#JSlyj7`JHRvBUz3IZ!zLUFD`9=#EppwJTzWgxL ziNeAi6p<6z(0EdAE#_<^GtnAD#`XG587Z@oOvhhl13k5!_S$kkZF*AGPPw-7h{|QpN=~aiTwP$Gog%CH&M;I$ufB zx|Joyl=UXLTZ9_89wZFbp*1rT6d^rqaaBAbl*ogk#6-3>M3&k6QM{cStn2p9E3bu`l**UxW)CclFrayK zy&>yPi|!@>dCmg#M(WO5E#A1?<@KBzbSIkdUIj%22c>x1A6a7^!N{r>rcDuUaurKe zjQFbZ#2Z68wKax__|d9ty)*Y`RKv4y%WxWUhD^gp<%D#5xQZ;rqw&;2!xAfMERJ;- zSFd<(s3Dv(QPGqILF}D`(zux^;;rV$Mp59Bxrtdt+9ftakE<$93U z%fQI12Sgp#9;7v$EUlPA$L+=jUpz-w-8!r9nM(Qby*4C1dSiA^a8~Xfjnh{P_JcJ; z$Dwt2!|9idHiEOk5*p!0mcXE{#{Ehqa)W7)Sx=1%a_%|HIAyfEbGx6^zCC zS7!Zdj6m%FV>AvH5^@0;vlRr!g#CZuO~0Xdg?{>iFvcgI$ro?x;Qs}0q2BDsdGY8^ zEJVF#28n1CDi~8MsQ1K*IPxfbk$;#n#T50KGMh-dtzGydOitB6&?2m|PP`G*QN(Sh zjPBDOwfAJtr{}r4C_7yt?%lPjG099L^YVBRf@2bnu7+eV>sqn8P)~Qhd*Wbt{nIw7 zFepp*-MdYD{Krx!tRx}wCaLAl>HyHFBo+f~+tUgafOY43m7XfpF6iwGkGaGM+Yy&P z`Q-^P8^#-N|CI21YWahN2NW9f4YN;Q1IS#8Ow>OsYhY}_9nXtRFpnX;M(5+c^=GY3 zbUrkA{{esKY&qUDJD(t)^~JAO{cdD$WeXt2wFX}xx~*Q+t%|G9NFL(Tx%+gIWW)Wc z#$8WI7f6@TNcHLL6tY|k(dtxIteQb(*P64P1ud9_@Jlv^d6DdJP)7}2P1kf6koT4GNB$j;j;ZC zwHPfLYu&EMD$4Z^5(#UM>AbQi1y{V@BN-KXKGnQ#8 z55%J{FtO`AT-Nng^swCr|0ng7oo6Z2Kmldgv|zlk3Yd750hrNKi4z#}b%jMp+yQSh zI1~}t>i?^>e57&&yuxi^9MnC?>RW=t_Bt6gbxh{F9o1t##j_ldbDd7Aha7&|=B1OG zry~pV#7okEto*?tIZ9Xwc}WgnVcx)wEfr-+KUMpqvT)Q zGcWj#gWqt=%q($YMYhnb(DrpBoj5w+eO>%@EM%I;1>%V@A7y)Ysm6AvZYD_e85Vgc zGhp6`Lifhatzl|GzyHuH1#V=ksB2^zyt@ZAbe^Rnzu=v86|aB09`O1AYWjIi&y>lU z-QB-AJ%;7j46Ll49&_csqF!OXu@l1sxAa-6+#q&R_2juwI&5{+&C|7GgqWknnW@f8 zb3-nFJ>#Wvq24Whk;k4NJ}rBHqXE^iGv;kaJO0Me@9>=?WYgy$0E1p!8Hwq4DtZ9h zM5G=xn`}9lqVTEGrW48vdo*V;WO!34_&ZkQNkAdm(4s9rCUQM8wS-?QQ+IKKC_41U zwypDu2UGPCx^0nL@Z`TrEsd+BKd}beOAo%vc4iC{XvSATxhw~D5@j#y(cl^)^%HF z_}11k0bwpe`Z1~%-EUiMmM*e)=m}t|@D@Fn368@BV);@|4JwYay|ARrxFA*I* z_2ds}ogQv5dGnow)~F2_7K=0a_ADFAvhx*jtvjlGlRRAN}G*PlFBT8D);Ktk?5Ma)8|Z;)pT z9S@`5bPxzoX-jrE$c6`~(lY4w3Tj@_&)UocR(IMoyV^ESo>9u0(6hgSoQGcZ1@G$* z5`Jg1z}a}i3qwD6_h>M_u5bw1I(p5&yi7I7k$HF(8 zAVww`lu8AE?QV(}T86aBn@BFb^Te&6T7tmRy8qy)x8>(jf-R z355c3{xbI^hJE0$Dv+@3A8$Qy4By;!Kz{tGUudzpIc8Vuws=IVe|oFEgyN?pH*q_Y zjk%OlsbhKQoeM4825U|bJy5Rtk-YLJl^#ivnal!NWy4@fc<2#Oze>Vm>g6!2>E^EQUbHmvawj@ zNUq_zYnzGvX%sk4CaDuW1^>!FjqGW5YGySK+xbGNxX)^qeRkTVri`w~)M`A@T6qt5 z#@w<2x!naZl$`qf!eB=`tV1Xz6C>eT~RHwjN-CSPjzOyHKdJ0ZFl-X&A`9gwV+ z)EgN= z`()Yl*V40SaA_S!ck>5~aqWAz69e?>KBs~NW8hh6hi+AIP_krasox#_>09$=W3f8c ziKcSf6+RXA^ienG@}btAAL614ntJDG(`)u60__h~`G4dF6lC#HJoqf%rW%C|+W(~a zJn!_|cC7i66R_9GOI@d3+Fj7BKJYf0WqDPg$w-$F-lEp=`X|ik>m$KZwVlA7?3ww7 z|4~q*e$2Z#i1c>eTXYvI`h2;&CNL`DNR>LD6fq@}XuBzC_tZ~OCd&1?e&3p{493g| zaNA;F$4Si!`Na%D572@GkE&iKe$9a?m{rpgf4R2~keL2wl+%}0f_$=AQE8vD2XRRM zEXw&klHbImOC>>@LdjbozpB}JJPwJ#=`4&|2fveI#U24y^d*^GfM@t}4%aF;|8nJC zGC2S5o#ldQ5^z)Qj(RE*Nb(BQSwG*(X z@eSHu&0p*#bDcv(n8}V`HBgC-WtKT3aQF%{!E5cZ^zb0VQ*}*mJd)+jJ41XQZ3l`s z5bEuRb5VivovKjTb!KN@6S0poeg-O%B2q<@lR+qWI&|uMt8RAvA6y1DVtsncY^MW_ zin{w}p7IrK0|_(@S;_|ezTGQ=;0>k+F3mmK#0<~z5~1M&Sk^n#y}mLA{%umyYs zc>UL#1ML3hZU7g6`G2Duz!M|`;s@dW^G88OLIa@EpTLV}M9OOfz#Ow|Q%QYu!1$=@ e8T*;|;qzRW;?LPIR1Dd9aX|AZN%Vhi!~X#*r?~L| literal 4462 zcmY+HWmpv4x5a1ZZjc^eknRwHA*4fc=x&hi&XG=~q#aVa8wRBt1Qd`)I;A_V@Bg{? zzW09EXP;-Sz0cR*Iy^8!dn6z-4~&op4U;WWA@Uj*hz^9q26nzYdUx8V&2eU%&yP@!+9gbftiYg);MhAt7M^LSbn0iRz*(J-@Xd zi8YpjhhjE_O9jQU%g!V!O6{_SikkaQA^em9<3nB(mpMcHuH0M*f`w#Nr@h-XV2j?t zkP@HDEy=mW`g9Q$5;H#6evxVg#pcJjBxwpOD1b4yY9QAH(lvK5);FM*Ti4fCkI$B6 z-ff9Hh7P-sM-NluW*NI``AtaVn&wD%j#s6Hm!ej>n-t9N^Nt{+vagd1`PEjlQY5Mw zNX1h8t1cyRQY2UIX{gW+mgYq#hw;-#>RVteY~qs^ws1&$!@rl!CllX{pw=x!}Y!19jf(^8;Z7x#%;PgRc<<=jD3 zf^=OJX}15_{7ykHgCADAzVZK(nXTVT6XqJR!LV4qNTH;!1f zlSLbCbc2{U^c5~s$)h4CjCYE+ajOhOZ!Jv`)6Hd^pdMni-go$V{cC@3Wr9Q0M2Hs{46fc7nJN*WLM z&D2R(3EhX==N~_1YSF{@W+UZpMnL`f#3~0f zhc?m%kf=B49}tlg(uSdb#Iwm%t)z>QsCHkUf9t$pY>Er=Y?^OZD#jWU7ihWGkTh7a z->;_jrifVJO_UQzjq@V?I{tg|@TV$5~u=s1OM*PWN<(wRQC zPz+%VcZ9`;+ImE%=b2={IH_Bkd{ zz**4#K%4@RhonSe^qskwtS8m_8|y#A9}uxI ze|#be8J`!zAyqA(JbQ%}UT9)7;FqtAvfs3Q<%dd2osBjRi?Qk6n!EgYCf}3;&@X=T zapqWeHbTg&Pe0jhz?&!e-V4y(KBVwf(q!Y3&PgaoqBpkoY(L*AK|+-x+|JxWIL5Z% zX^Y&u$m`ahF7!Vq-FQ_z5G*^>ONE-}of|u!80f|alCJk-zNj~?FcQuFV9^a9xu}kD|As-*E4^K1T(j*e4^YRh>-+*h$Y8Iz9o%YP zsl{-AK`e;Rk};E&yoSpj-hMve5m{kFXa^;!Ybkz`GCW1H!{tUPQyyh(Et(@daNoc_ z1Lb;R)GNmnNoaBpNG;5T!@_{a%&hcbCYbxT%~P8UHuYaS2`EZ`^^cLryw(H^K6o=& zAim_Omq(~88V_c(KqRO|`b^c1(7`LFTv1*ET(v(pv|Rd2t{@Y2_D0@g(nM?E!drX2 zVDw711#~2d=0*XQGV`f+=P-SL0~l)wcAj3$9-gqMQH{SCUJmG-jkgalD*E0-t8rcN zp~hNuPO(n(JMXR@;bj<5$ht-(rr<1=G)eVvw1>MxLr{P6CbahSciv6r(s6vHSIZ=X zXp%~fe*_OwVO^9C7V_$V<|Ev_mt?sWvYrp~dS;3Sy5xwrnsjN5aEoRs_MFJi3A{{h z-QXIEzU*7xjD^Tpv9`_(&}8DWPwm>)_}9LL0|TTPD-4X>oC27_8L(#=YuUE-EYMlZy6@Z*%oGX1-f!XODiY& z#TyO%k&=0q9)=m!)w(LO_Zjv>E3^J$OSYh2CF!y-!PFM{=L&RyL-T?VlvLyUvs?SL zvNv%4uqWGCphw7m=~knClfCC5M;r;+Rf?>e2Znj}e?SO_VQ!$nFjxP|i+^hl4f}tv zhy_IYYdZfG?f)Mwk^iCPi@T$5x?2)W|IqU9x`N>v(ppvEFz-VrEi&gaR_!i}bU2d( zeL96Ox|a*tbS|4675%gBM-(dZ*U?Ahe;yFeME7mOled6wwbHO4WfMITk2%9L@d)kL zcQr9a-9i0kuuaUvvslFe$@m);oCQ+w=}$8|d;TQin0%<5>&MbED%u3!KKayWj>A+9 z8;*`J1eX(j;0^q%1#*4scZ?M!O(!j;x*Gc4MLexY!4ne;{_2oBW!pn}veuh^D|5N1 zHjh|l1GU@Z+)O5gfe9H9oG7IiluzU_@{X#lAHS(rqntg3vB~s4yXH8k&1z`wK>_^v z5{0?+(A&)2{0y}(+9Q#(XCO?$G`w|nlJQr%853+@DrH$ot6sOk?+sbRXyKNh>{^PN zCBX}B^pwU>pi^qxdssNaTD{7nzbhX)-4$uz8BZQ`**8GmV7JoEb(3oaKm=l*$Qzg7!5|x*CV>ypgq><|2p5SD zrExt}v*AC&r@6yc_k~@~kITY;D9^xfXAgES2aJ$`b+lTQ)1QJRHCI7HeqX zCIeQLh@$mv08N2&(nrY-eC94yylL?vW~(1uZ`|+TuE4Wdo7?R9UE)2p>FQebXq_)M zFFuX4U&cMGjk$>D_$J2Xy_bqjPVYpl@qc>2`HI1JzzP2lI+Kh)DWatN##9e%p~(Ri zI4*H!xWhYkV5h3UP3NFY5J|M!L9a5+I#BgXSJA1x?f|~@ySSockH#sZt(I#b=uWZh z3PCT%a~Eg#Fho}0t6qtqZlT$v;TS{Eiot#5E0YZHx*U8OL7qTJP@K5x@m;w^6wV=) zhZsKltUQ_Mh_;oJqs&LIQEmCVQ(ym}YX^sN#de060<u?fN$pUi#0#_wz_tyj(^z+CDlhB`L z81IXO;BGjL!*VVe*nSW*`w;i^XPr!X>aO(22;jJ{tiZhR%bgYS>Msu5;;_~W8&$6I zv4GB?E2OJbCq*D3Ls+mH7oMVz%ml#_vcPCWN)YnACnpNp*|?N_>aaAN3AOR8`NZO}(cLt{Znfm%(^YVb%(R(a z`@GR(@KeY6W}*+qNH&L|a*-OEt73w{P)Y#TV`r8f`>QC`^J4$ljc5AVD zV;ASA*-JY4E{HVh8)DAJ?6ctx-r8|VkMJtP9Jp^*J9sn)y^$fYaTK6?r8wFvHRKYn z($}KEC2x255&z@2&Y46om~<_)hr0ewt4G%z?Y91q^MsXdnKOy}e8w}v06cd(p_Qc= zhR~O2ZTXh3+WI$fS6i+0eLiAb#f*E96CtFOL37aaWL@u$zeGJG=zdl zo+dA{K&~Gj-*e-d6xWz=ZM>?XLq>oraL+P!uvCAaYY~I7gE|iGE5ban~qp#Rz&y);K`ZE0L+Xnj zo=nrXw&o((B9sTA`dLwA@#3&2e>=M`nM!5;8Oak%W^IR_2t$6o^5I zZ!}uiO4H}IXdDbaEWI|~<+336BterCG*lC#85m(>SjeCI+-Q;qB_}hBTzm8Wx)E)= zC;R0u91)ZD5&A$!zDtI{sTj78+m8_~Z-#pCUauyVwJv@DOS-W%qoBczwp4oQXun{& z;}^l7MxxA*)b_R9hV$o{gLka*OxwX@kI@z@SB=w`{Ss<{d}!~mNnQFsR1_A}XA~7$ z*cGDjT;wz!9q9JkxQYTJATDfFtiEb;)tW1_sTG9{r!HGsjv5%hRSy=(qc^zY!Zr^1*3L=RbQ+;y84)F=~co)PJxYyQwh9 zCG|H^2)^DN!%!s!LvYQ)E}YhgP+A28_O9ONC|)xVg7u7aGUul2B5lJ9o1Tm#6=>Vq z8Yt}7nRoEHJm6eXLuLX*zxL1ZTwdCbpEAk@a|8w~8Ds}qITIzDvda-4FT`qj&q5;- z-e3`629NeGP_(Z{1?sx8Y&N*Qz2CA+3)9zfElzcL|D)sS;y%Ymke-Bvp4X zpLP4JN=D5XoM>%=YGO$m$)#>jl-_FiV7wlXr!~@-$=o+ErO%3ge>dlvT!OS=)MS%1 z`leA~xVVynhMh;l-!1eBuX62s_MZcF*pEpZj;yAXh%MZ>in{zMLen9W{z*@2Bb41B zuep!WXN#XxmMV)%d3AWe|C`P*NqNaoNUr;%?cB2mJ&2|>l{b&x-k>L@E%9*wJ4C|E zKuZVk09XUu0p9;PO#wE4?=Ao*fa!m_3&4|ymxrDQ6AhIe4;hIP6@Wr=lDVN8^+v%a d$oVmJ*Q00{p<|wif-ymvk^d#pyyu@-_g}$9Q?>vA From 8f2dae618c6432903763f32f4378fca654829559 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 18 Jul 2024 10:08:38 +0100 Subject: [PATCH 016/290] correctly handle stack overflow errors during pipeline compilation (#16323) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit improves error handling when pipelines that are too big hit the Xss limit and throw a StackOverflowError. Currently the exception is printed outside of the logger, and doesn’t even show if log.format is json, leaving the user to wonder what happened. A couple of thoughts on the way this is implemented: * There should be a first barrier to handle pipelines that are too large based on the PipelineIR compilation. The barrier would use the detection of Xss to determine how big a pipeline could be. This however doesn't reduce the need to still handle a StackOverflow if it happens. * The catching of StackOverflowError could also be done on the WorkerLoop. However I'd suggest that this is unrelated to the Worker initialization itself, it just so happens that compiledPipeline.buildExecution is computed inside the WorkerLoop class for performance reasons. So I'd prefer logging to not come from the existing catch, but from a dedicated catch clause. Solves #16320 --- logstash-core/lib/logstash/java_pipeline.rb | 5 +++ .../spec/logstash/java_pipeline_spec.rb | 33 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/logstash-core/lib/logstash/java_pipeline.rb b/logstash-core/lib/logstash/java_pipeline.rb index 3e1aad5f1..9cec566cc 100644 --- a/logstash-core/lib/logstash/java_pipeline.rb +++ b/logstash-core/lib/logstash/java_pipeline.rb @@ -603,6 +603,11 @@ module LogStash; class JavaPipeline < AbstractPipeline "Worker loop initialization error", default_logging_keys(:error => e.message, :exception => e.class, :stacktrace => e.backtrace.join("\n"))) nil + rescue Java::java.lang.StackOverflowError => se + @logger.error( + "Stack overflow error while compiling Pipeline. Please increase thread stack size using -Xss", + default_logging_keys()) + nil end end diff --git a/logstash-core/spec/logstash/java_pipeline_spec.rb b/logstash-core/spec/logstash/java_pipeline_spec.rb index 8889b87d7..3e7439672 100644 --- a/logstash-core/spec/logstash/java_pipeline_spec.rb +++ b/logstash-core/spec/logstash/java_pipeline_spec.rb @@ -1016,6 +1016,39 @@ describe LogStash::JavaPipeline do it_behaves_like 'it flushes correctly' end end + context "Pipeline created with too many filters" do + # create pipeline with 2000 filters + # 2000 filters is more than a thread stack of size 2MB can handle + let(:config) do + <<-EOS + input { dummy_input {} } + filter { + #{" nil_flushing_filter {}\n" * 2000} + } + output { dummy_output {} } + EOS + end + let(:output) { ::LogStash::Outputs::DummyOutput.new } + + before do + allow(::LogStash::Outputs::DummyOutput).to receive(:new).with(any_args).and_return(output) + allow(LogStash::Plugin).to receive(:lookup).with("input", "dummy_input").and_return(LogStash::Inputs::DummyBlockingInput) + allow(LogStash::Plugin).to receive(:lookup).with("filter", "nil_flushing_filter").and_return(NilFlushingFilterPeriodic) + allow(LogStash::Plugin).to receive(:lookup).with("output", "dummy_output").and_return(::LogStash::Outputs::DummyOutput) + allow(LogStash::Plugin).to receive(:lookup).with("codec", "plain").and_return(LogStash::Codecs::Plain) + end + + let(:pipeline) { mock_java_pipeline_from_string(config, pipeline_settings_obj) } + + it "informs the user that a stack overflow occurred" do + allow(pipeline.logger).to receive(:error) + + pipeline.start + pipeline.shutdown + + expect(pipeline.logger).to have_received(:error).with(/Stack overflow/, anything).at_least(:once) + end + end context "Periodic Flush that intermittently returns nil" do let(:config) do <<-EOS From eff9b540df06a9d2309a6ba910bad2335ceb90a7 Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Fri, 19 Jul 2024 12:34:42 -0400 Subject: [PATCH 017/290] Doc: Reposition worker-utilization in doc (#16335) --- .../monitoring/monitoring-apis.asciidoc | 29 ++++++++----------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/docs/static/monitoring/monitoring-apis.asciidoc b/docs/static/monitoring/monitoring-apis.asciidoc index f6b44e258..897507d1e 100644 --- a/docs/static/monitoring/monitoring-apis.asciidoc +++ b/docs/static/monitoring/monitoring-apis.asciidoc @@ -499,10 +499,6 @@ Example response: "worker_concurrency" : { "current": 1.973, "lifetime": 1.721 - }, - "worker_utilization" : { - "current": 49.32, - "lifetime": 43.02 } } } @@ -540,19 +536,6 @@ Tuning a saturated pipeline to have more workers can often work to increase that A _process_ is also considered "saturated" when its top-level `worker_concurrency` flow metric approaches the _cumulative_ `pipeline.workers` across _all_ pipelines, and similarly can be addressed by tuning the <> that are saturated. -| worker_utilization | - -This is a unitless metric that indicates the percentage of available worker time being used by all plugins in a given pipeline (`duration` / (`uptime` * `pipeline.workers`). -It is useful for determining whether the pipeline has consistently-idle resources or is under resource contention. - -A _pipeline_ is considered "saturated" when its `worker_utilization` flow metric approaches 100, because it indicates that all of its workers are being kept busy. -This is typically an indication of either downstream back-pressure or insufficient resources allocated to the pipeline. -Tuning a saturated pipeline to have more workers can often work to increase that pipeline's throughput and decrease back-pressure to its queue, unless the pipeline is experiencing back-pressure from its outputs. - -A _pipeline_ is considered "starved" when its `worker_utilization` flow metric approaches 0, because it indicates that none of its workers are being kept busy. -This is typically an indication that the inputs are not receiving or retrieving enough volume to keep the pipeline workers busy. -Tuning a starved pipeline to have fewer workers can help it to consume less memory and CPU, freeing up resources for other pipelines. - | queue_backpressure | This is a unitless metric representing the cumulative time spent by all inputs blocked pushing events into their pipeline's queue, relative to wall-clock time (`queue_push_duration_in_millis` / millisecond). It is typically most useful when looking at the stats for an <>. @@ -1002,6 +985,18 @@ A positive number indicates that the queue size-on-disk is growing, and a negati NOTE: The size of a PQ on disk includes both unacknowledged events and previously-acknowledged events from pages that contain one or more unprocessed events. This means it grows gradually as individual events are added, but shrinks in large chunks each time a whole page of processed events is reclaimed (read more: <>). + +| worker_utilization | +This is a unitless metric that indicates the percentage of available worker time being used by this individual plugin (`duration` / (`uptime` * `pipeline.workers`). +It is useful for identifying which plugins in a pipeline are using the available worker resources. + +A _pipeline_ is considered "saturated" when `worker_utilization` approaches 100, because it indicates that all of its workers are being kept busy. +This is typically an indication of either downstream back-pressure or insufficient resources allocated to the pipeline. +Tuning a saturated pipeline to have more workers can often work to increase that pipeline's throughput and decrease back-pressure to its queue, unless the pipeline is experiencing back-pressure from its outputs. + +A _pipeline_ is considered "starved" when `worker_utilization` approaches 0, because it indicates that none of its workers are being kept busy. +This is typically an indication that the inputs are not receiving or retrieving enough volume to keep the pipeline workers busy. +Tuning a starved pipeline to have fewer workers can help it to consume less memory and CPU, freeing up resources for other pipelines. |=== [discrete] From c633ad25682f3376adb0ba434d658b9eb820ac92 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Wed, 24 Jul 2024 02:22:34 -0700 Subject: [PATCH 018/290] settings: add support for observing settings after post-process hooks (#16339) Because logging configuration occurs after loading the `logstash.yml` settings, deprecation logs from `LogStash::Settings::DeprecatedAlias#set` are effectively emitted to a null logger and lost. By re-emitting after the post-process hooks, we can ensure that they make their way to the deprecation log. This change adds support for any setting that responds to `Object#observe_post_process` to receive it after all post-processing hooks have been executed. Resolves: elastic/logstash#16332 --- logstash-core/lib/logstash/settings.rb | 23 ++++++++++++++++--- .../setting_with_deprecated_alias_spec.rb | 21 +++++++++++++++++ logstash-core/spec/logstash/settings_spec.rb | 12 ++++++++++ 3 files changed, 53 insertions(+), 3 deletions(-) diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index 4e23e34c3..d6238fe1c 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -197,6 +197,13 @@ module LogStash callback.call(self) end end + + # because we cannot rely on deprecation logger being wired up when the setters + # are initially used, we re-emit setter-related deprecations after all post-processing + # hooks have been activated (and therefore after logging has been configured) + @settings.each_value do |setting| + setting.observe_post_process if setting.respond_to?(:observe_post_process) + end end def on_post_process(&block) @@ -839,9 +846,7 @@ module LogStash end def set(value) - deprecation_logger.deprecated(I18n.t("logstash.settings.deprecation.set", - :deprecated_alias => name, - :canonical_name => canonical_proxy.name)) + do_log_setter_deprecation super end @@ -856,6 +861,18 @@ module LogStash # bypass deprecation warning wrapped.validate_value if set? end + + def observe_post_process + do_log_setter_deprecation if set? + end + + private + + def do_log_setter_deprecation + deprecation_logger.deprecated(I18n.t("logstash.settings.deprecation.set", + :deprecated_alias => name, + :canonical_name => canonical_proxy.name)) + end end ## diff --git a/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb b/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb index 9ddd87a78..481e387ba 100644 --- a/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb +++ b/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb @@ -52,6 +52,13 @@ describe LogStash::Setting::SettingWithDeprecatedAlias do end include_examples '#validate_value success' + + context "#observe_post_process" do + it 'does not emit a deprecation warning' do + expect(LogStash::Settings.deprecation_logger).to_not receive(:deprecated).with(a_string_including(deprecated_setting_name)) + settings.get_setting(deprecated_setting_name).observe_post_process + end + end end context "when only the deprecated alias is set" do @@ -71,6 +78,13 @@ describe LogStash::Setting::SettingWithDeprecatedAlias do include_examples '#validate_value success' + context "#observe_post_process" do + it 're-emits the deprecation warning' do + expect(LogStash::Settings.deprecation_logger).to receive(:deprecated).with(a_string_including(deprecated_setting_name)) + settings.get_setting(deprecated_setting_name).observe_post_process + end + end + it 'validates deprecated alias' do expect { settings.get_setting(canonical_setting_name).deprecated_alias.validate_value }.to_not raise_error end @@ -107,6 +121,13 @@ describe LogStash::Setting::SettingWithDeprecatedAlias do end include_examples '#validate_value success' + + context "#observe_post_process" do + it 'does not emit a deprecation warning' do + expect(LogStash::Settings.deprecation_logger).to_not receive(:deprecated).with(a_string_including(deprecated_setting_name)) + settings.get_setting(deprecated_setting_name).observe_post_process + end + end end context "when both the canonical setting and deprecated alias are set" do diff --git a/logstash-core/spec/logstash/settings_spec.rb b/logstash-core/spec/logstash/settings_spec.rb index 241ac2272..3e0b425dd 100644 --- a/logstash-core/spec/logstash/settings_spec.rb +++ b/logstash-core/spec/logstash/settings_spec.rb @@ -144,6 +144,18 @@ describe LogStash::Settings do it "should preserve original settings" do expect(settings.get("foo")).to eq("bar") end + + context 'when a registered setting responds to `observe_post_process`' do + let(:observe_post_process_setting) do + LogStash::Setting::Boolean.new("this.that", true).tap { |s| allow(s).to receive(:observe_post_process) } + end + subject(:settings) do + described_class.new.tap { |s| s.register(observe_post_process_setting) } + end + it 'it sends `observe_post_process`' do + expect(observe_post_process_setting).to have_received(:observe_post_process) + end + end end context "transient settings" do From 90f303e4016e5377cb6254e0d3a85cfbbb9a32e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 24 Jul 2024 15:48:42 +0100 Subject: [PATCH 019/290] fix line used to determine ES is up (#16349) --- x-pack/qa/integration/support/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/qa/integration/support/helpers.rb b/x-pack/qa/integration/support/helpers.rb index 06069f3a1..a216d1cd8 100644 --- a/x-pack/qa/integration/support/helpers.rb +++ b/x-pack/qa/integration/support/helpers.rb @@ -48,7 +48,7 @@ def elasticsearch(options = {}) # Launch in the background and wait for /started/ stdout cmd = "bin/elasticsearch #{settings_arguments.join(' ')}" puts "Running elasticsearch: #{cmd}" - response = Belzebuth.run(cmd, { :directory => get_elasticsearch_path, :wait_condition => /license.*valid/, :timeout => 15 * 60 }) + response = Belzebuth.run(cmd, { :directory => get_elasticsearch_path, :wait_condition => /ClusterStateLicenseService.*license.*valid/, :timeout => 15 * 60 }) unless response.successful? raise "Could not start Elasticsearch, response: #{response}" end From 629d8fe5a82264749e1bbd7f1fba72efc2d5cf8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 29 Jul 2024 12:00:43 +0100 Subject: [PATCH 020/290] add retries to snyk buildkite job (#16343) --- .buildkite/snyk_report_pipeline.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.buildkite/snyk_report_pipeline.yml b/.buildkite/snyk_report_pipeline.yml index f4306bc1f..2a1476bcb 100644 --- a/.buildkite/snyk_report_pipeline.yml +++ b/.buildkite/snyk_report_pipeline.yml @@ -9,4 +9,7 @@ steps: # reports main, previous (ex: 7.latest) and current (ex: 8.latest) release branches to Snyk - label: ":hammer: Report to Snyk" command: - - .buildkite/scripts/snyk/report.sh \ No newline at end of file + - .buildkite/scripts/snyk/report.sh + retry: + automatic: + - limit: 3 From 03841cace3fa697a07e2099ebf6cdd4dd9324356 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Tue, 30 Jul 2024 09:19:13 +0100 Subject: [PATCH 021/290] Fix 8.13.1 release notes (#16363) make a note of the fix that went to 8.13.1: #16026 Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- docs/static/releasenotes.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 204454a08..6bc416958 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -237,7 +237,7 @@ No user-facing changes in Logstash core. [[logstash-8-13-1]] === Logstash 8.13.1 Release Notes -No user-facing changes in Logstash core. +* Inject variable reference instead of variable value in `logstash.yaml` to ensure keystore values take precedence over Environment Variables https://github.com/elastic/logstash/pull/16037[#16037] [[logstash-8-13-0]] === Logstash 8.13.0 Release Notes @@ -2318,4 +2318,4 @@ We have added another flag to the Benchmark CLI to allow passing a data file wit This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] ==== Plugin releases -Plugins align with release 7.14.0 \ No newline at end of file +Plugins align with release 7.14.0 From 09a2827802b2f86cc9bf669fdbbf0e294017a8da Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Tue, 30 Jul 2024 17:17:10 +0200 Subject: [PATCH 022/290] Update logstash_releases.json (#16347) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 5657839d1..39a6ae1a2 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -2,11 +2,11 @@ "releases": { "5.x": "5.6.16", "6.x": "6.8.23", - "7.x": "7.17.22", + "7.x": "7.17.23", "8.x": "8.14.3" }, "snapshots": { - "7.x": "7.17.23-SNAPSHOT", + "7.x": "7.17.24-SNAPSHOT", "8.x": "8.14.4-SNAPSHOT", "main": "8.15.0-SNAPSHOT" } From 62ef8a08476cb57deea4ca013329501168047355 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Tue, 6 Aug 2024 11:09:26 -0700 Subject: [PATCH 023/290] [Bugfix] Resolve the array and char (single | double quote) escaped values of ${ENV} (#16365) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Properly resolve the values from ENV vars if literal array string provided with ENV var. * Docker acceptance test for persisting keys and use actual values in docker container. * Review suggestion. Simplify the code by stripping whitespace before `gsub`, no need to check comma and split. Co-authored-by: João Duarte --------- Co-authored-by: João Duarte --- .../logstash/util/substitution_variables.rb | 18 +++++- qa/docker/shared_examples/xpack.rb | 56 ++++++++++++++++--- 2 files changed, 65 insertions(+), 9 deletions(-) diff --git a/logstash-core/lib/logstash/util/substitution_variables.rb b/logstash-core/lib/logstash/util/substitution_variables.rb index c8d0ead76..e5e2ede35 100644 --- a/logstash-core/lib/logstash/util/substitution_variables.rb +++ b/logstash-core/lib/logstash/util/substitution_variables.rb @@ -56,7 +56,8 @@ module ::LogStash::Util::SubstitutionVariables end return value unless value.is_a?(String) - value.gsub(SUBSTITUTION_PLACEHOLDER_REGEX) do |placeholder| + is_placeholder_found = false + placeholder_value = value.gsub(SUBSTITUTION_PLACEHOLDER_REGEX) do |placeholder| # Note: Ruby docs claim[1] Regexp.last_match is thread-local and scoped to # the call, so this should be thread-safe. # @@ -65,6 +66,8 @@ module ::LogStash::Util::SubstitutionVariables default = Regexp.last_match(:default) logger.debug("Replacing `#{placeholder}` with actual value") + is_placeholder_found = true + #check the secret store if it exists secret_store = SECRET_STORE.instance replacement = secret_store.nil? ? nil : secret_store.retrieveSecret(SecretStoreExt.getStoreId(name)) @@ -76,6 +79,19 @@ module ::LogStash::Util::SubstitutionVariables end replacement.to_s end + + # no further action need if substitution didn't happen + return placeholder_value unless is_placeholder_found + + # ENV ${var} value may carry single quote or escaped double quote + # or single/double quoted entries in array string, needs to be refined + refined_value = placeholder_value.gsub(/[\\"\\']/, '') + if refined_value.start_with?('[') && refined_value.end_with?(']') + # remove square brackets, split by comma and cleanup leading/trailing whitespace + refined_value[1..-2].split(',').map(&:strip) + else + refined_value + end end # def replace_placeholders class << self diff --git a/qa/docker/shared_examples/xpack.rb b/qa/docker/shared_examples/xpack.rb index c1706a69f..82ff64ae0 100644 --- a/qa/docker/shared_examples/xpack.rb +++ b/qa/docker/shared_examples/xpack.rb @@ -2,21 +2,61 @@ shared_examples_for 'a container with xpack features' do |flavor| before do @image = find_image(flavor) - @container = start_container(@image, {'ENV' => env}) end after do cleanup_container(@container) end - context 'when configuring xpack settings' do - let(:env) { %w(xpack.monitoring.enabled=false xpack.monitoring.elasticsearch.hosts=["http://node1:9200","http://node2:9200"]) } + describe 'when configuring xpack settings' do - it 'persists monitoring environment var keys' do - # persisting actual value of the environment keys bring the issue where keystore looses its power - # visit https://github.com/elastic/logstash/issues/15766 for details - expect(get_settings(@container)['xpack.monitoring.enabled']).to eq("${xpack.monitoring.enabled}") - expect(get_settings(@container)['xpack.monitoring.elasticsearch.hosts']).to eq("${xpack.monitoring.elasticsearch.hosts}") + context 'when persists env var keys into logstash.yml' do + let(:env) { %w(XPACK_MONITORING_ENABLED=false XPACK_MONITORING_ELASTICSEARCH_HOSTS=["http://node1:9200","http://node2:9200"]) } + + before do + @container = start_container(@image, {'ENV' => env}) + end + + it 'saves keys instead actual value which will be resolved from keystore | env later' do + settings = get_settings(@container) + expect(settings['xpack.monitoring.enabled']).to eq("${XPACK_MONITORING_ENABLED}") + expect(settings['xpack.monitoring.elasticsearch.hosts']).to eq("${XPACK_MONITORING_ELASTICSEARCH_HOSTS}") + end + end + + context 'with running with env vars' do + let(:env) { + [ + 'XPACK_MONITORING_ENABLED=true', + 'XPACK_MONITORING_ELASTICSEARCH_HOSTS="http://node1:9200"', + 'XPACK_MANAGEMENT_ENABLED=true', + 'XPACK_MANAGEMENT_PIPELINE_ID=["*"]', # double quotes intentionally placed + 'XPACK_MANAGEMENT_ELASTICSEARCH_HOSTS=["http://node3:9200", "http://node4:9200"]' + ] + } + + it 'persists var keys into logstas.yaml and uses their resolved actual values' do + container = create_container(@image, {'ENV' => env}) + + sleep(15) # wait for container run + + settings = get_settings(container) + + expect(settings['xpack.monitoring.enabled']).to eq("${XPACK_MONITORING_ENABLED}") + expect(settings['xpack.monitoring.elasticsearch.hosts']).to eq("${XPACK_MONITORING_ELASTICSEARCH_HOSTS}") + expect(settings['xpack.management.enabled']).to eq("${XPACK_MANAGEMENT_ENABLED}") + expect(settings['xpack.management.pipeline.id']).to eq("${XPACK_MANAGEMENT_PIPELINE_ID}") + expect(settings['xpack.management.elasticsearch.hosts']).to eq("${XPACK_MANAGEMENT_ELASTICSEARCH_HOSTS}") + + # get container logs + container_logs = container.logs(stdout: true) + + # check if logs contain node3 & node4 values actually resolved and used + expect(container_logs.include?('pipeline_id=>["*"]')).to be true + # note that, we are not spinning up ES nodes, so values can be in errors or in pool update logs + expect(container_logs.include?('http://node3:9200')).to be true + expect(container_logs.include?('http://node4:9200')).to be true + end end end end From 2db2a224edf8f22ec95859c1024d5aa398889f1f Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Thu, 8 Aug 2024 11:06:48 -0400 Subject: [PATCH 024/290] Doc: Add SNMP integration to breaking changes (#16374) --- docs/static/breaking-changes.asciidoc | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/docs/static/breaking-changes.asciidoc b/docs/static/breaking-changes.asciidoc index 7a7107869..683a76a67 100644 --- a/docs/static/breaking-changes.asciidoc +++ b/docs/static/breaking-changes.asciidoc @@ -12,7 +12,22 @@ Logstash 8.0.0 and later. NOTE: Migrating directly between non-consecutive major versions (6.x to 8.x) is not recommended. -We suggest that you upgrade to {prev-major-last} before you upgrade to 8.0, +We suggest that you upgrade to {prev-major-last} before you upgrade to 8.0. + +[discrete] +[[breaking-8.15]] +=== 8.15 + +*New {ls} SNMP integration plugin* + +Prior to 8.15.0, {ls} bundled stand-alone versions of the `input-snmp` and `input-snmptrap` plugins by default. +When you upgrade to 8.15.0, the stand-alone plugins are replaced by the 4.0.0+ version contained in the new SNMP integration plugin. + +IMPORTANT: Before you upgrade to {ls} 8.15.0, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between stand-alone plugins and the new versions included in the {logstash-ref}/plugins-integrations-snmp.html[SNMP integration plugin]. +If you need to maintain current mappings for the `input-snmptrap` plugin, you have some options to {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-input-snmptrap-compat[preserve existing behavior]. + +[discrete] +=== Breaking changes in earlier releases See these topics for breaking changes in earlier releases: From 3d13ebe33e36942d60342c79006a1f46c5a467c7 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Fri, 9 Aug 2024 00:58:11 -0700 Subject: [PATCH 025/290] deprecate java less-than 17 (#16370) --- logstash-core/lib/logstash/runner.rb | 3 +++ logstash-core/locales/en.yml | 6 ++++++ .../src/main/java/org/logstash/util/JavaVersion.java | 2 ++ 3 files changed, 11 insertions(+) diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 700413785..876d3e1e1 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -321,6 +321,9 @@ class LogStash::Runner < Clamp::StrictCommand if JavaVersion::CURRENT < JavaVersion::JAVA_11 logger.warn I18n.t("logstash.runner.java.version", :java_home => java.lang.System.getProperty("java.home")) + elsif JavaVersion::CURRENT < JavaVersion::JAVA_17 + deprecation_logger.deprecated I18n.t("logstash.runner.java.version_17_minimum", + :java_home => java.lang.System.getProperty("java.home")) end logger.warn I18n.t("logstash.runner.java.home") if ENV["JAVA_HOME"] diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index bd9feedff..92dcb38ee 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -446,6 +446,12 @@ en: Running Logstash with the bundled JDK is recommended. The bundled JDK has been verified to work with each specific version of Logstash, and generally provides best performance and reliability. If you have compelling reasons for using your own JDK (organizational-specific compliance requirements, for example), you can configure LS_JAVA_HOME to use that version instead. + version_17_minimum: >- + Starting from Logstash 9.0, the minimum required version of Java will be Java 17; + your Java version from `%{java_home}` does not meet this requirement. + Running Logstash with the bundled JDK is recommended. + The bundled JDK has been verified to work with each specific version of Logstash, and generally provides best performance and reliability. + If you have compelling reasons for using your own JDK (organizational-specific compliance requirements, for example), the version you supply with LS_JAVA_HOME must meet the minimum requirements. agent: sighup: >- SIGHUP received. diff --git a/logstash-core/src/main/java/org/logstash/util/JavaVersion.java b/logstash-core/src/main/java/org/logstash/util/JavaVersion.java index 39eee187d..505e27e67 100644 --- a/logstash-core/src/main/java/org/logstash/util/JavaVersion.java +++ b/logstash-core/src/main/java/org/logstash/util/JavaVersion.java @@ -31,6 +31,8 @@ public class JavaVersion implements Comparable { public static final JavaVersion CURRENT = parse(System.getProperty("java.specification.version")); public static final JavaVersion JAVA_11 = parse("11"); + public static final JavaVersion JAVA_17 = parse("17"); + private final List version; private JavaVersion(List version){ From e104704830e421ff18666f8fe9f16ff2fa9d4c9c Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Fri, 9 Aug 2024 09:33:01 -0700 Subject: [PATCH 026/290] Exclude substitution refinement on pipelines.yml (#16375) * Exclude substitution refinement on pipelines.yml (applies on ENV vars and logstash.yml where env2yaml saves vars) * Safety integration test for pipeline config.string contains ENV . --- logstash-core/lib/logstash/config/mixin.rb | 2 +- logstash-core/lib/logstash/settings.rb | 2 +- .../logstash/util/substitution_variables.rb | 20 ++++++++++--------- .../specs/multiple_pipeline_spec.rb | 10 ++++++++++ 4 files changed, 23 insertions(+), 11 deletions(-) diff --git a/logstash-core/lib/logstash/config/mixin.rb b/logstash-core/lib/logstash/config/mixin.rb index deea9717b..0d686be3f 100644 --- a/logstash-core/lib/logstash/config/mixin.rb +++ b/logstash-core/lib/logstash/config/mixin.rb @@ -93,7 +93,7 @@ module LogStash::Config::Mixin # Resolve environment variables references params.each do |name, value| - params[name.to_s] = deep_replace(value) + params[name.to_s] = deep_replace(value, true) end # Intercept codecs that have not been instantiated diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index d6238fe1c..d8c75f220 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -187,7 +187,7 @@ module LogStash def from_yaml(yaml_path, file_name = "logstash.yml") settings = read_yaml(::File.join(yaml_path, file_name)) - self.merge(deep_replace(flatten_hash(settings)), true) + self.merge(deep_replace(flatten_hash(settings), true), true) self end diff --git a/logstash-core/lib/logstash/util/substitution_variables.rb b/logstash-core/lib/logstash/util/substitution_variables.rb index e5e2ede35..4319a3823 100644 --- a/logstash-core/lib/logstash/util/substitution_variables.rb +++ b/logstash-core/lib/logstash/util/substitution_variables.rb @@ -28,19 +28,19 @@ module ::LogStash::Util::SubstitutionVariables SECRET_STORE = ::LogStash::Util::LazySingleton.new { load_secret_store } private_constant :SECRET_STORE - # Recursive method to replace substitution variable references in parameters - def deep_replace(value) + # Recursive method to replace substitution variable references in parameters and refine if required + def deep_replace(value, refine = false) if value.is_a?(Hash) value.each do |valueHashKey, valueHashValue| - value[valueHashKey.to_s] = deep_replace(valueHashValue) + value[valueHashKey.to_s] = deep_replace(valueHashValue, refine) end else if value.is_a?(Array) value.each_with_index do |single_value, i| - value[i] = deep_replace(single_value) + value[i] = deep_replace(single_value, refine) end else - return replace_placeholders(value) + return replace_placeholders(value, refine) end end end @@ -49,9 +49,11 @@ module ::LogStash::Util::SubstitutionVariables # Process following patterns : ${VAR}, ${VAR:defaultValue} # If value matches the pattern, returns the following precedence : Secret store value, Environment entry value, default value as provided in the pattern # If the value does not match the pattern, the 'value' param returns as-is - def replace_placeholders(value) + # When setting refine to true, substituted value will be cleaned against escaped single/double quotes + # and generates array if resolved substituted value is array string + def replace_placeholders(value, refine) if value.kind_of?(::LogStash::Util::Password) - interpolated = replace_placeholders(value.value) + interpolated = replace_placeholders(value.value, refine) return ::LogStash::Util::Password.new(interpolated) end return value unless value.is_a?(String) @@ -80,8 +82,8 @@ module ::LogStash::Util::SubstitutionVariables replacement.to_s end - # no further action need if substitution didn't happen - return placeholder_value unless is_placeholder_found + # no further action need if substitution didn't happen or refine isn't required + return placeholder_value unless is_placeholder_found && refine # ENV ${var} value may carry single quote or escaped double quote # or single/double quoted entries in array string, needs to be refined diff --git a/qa/integration/specs/multiple_pipeline_spec.rb b/qa/integration/specs/multiple_pipeline_spec.rb index 314963366..cb01e56fe 100644 --- a/qa/integration/specs/multiple_pipeline_spec.rb +++ b/qa/integration/specs/multiple_pipeline_spec.rb @@ -34,6 +34,7 @@ describe "Test Logstash service when multiple pipelines are used" do let(:temporary_out_file_1) { Stud::Temporary.pathname } let(:temporary_out_file_2) { Stud::Temporary.pathname } + let(:temporary_out_file_3) { Stud::Temporary.pathname } let(:pipelines) {[ { @@ -47,6 +48,12 @@ describe "Test Logstash service when multiple pipelines are used" do "pipeline.workers" => 1, "pipeline.batch.size" => 1, "config.string" => "input { generator { count => 1 } } output { file { path => \"#{temporary_out_file_2}\" } }" + }, + { + "pipeline.id" => "config-string-with-env-var-pipeline", + "pipeline.workers" => 1, + "pipeline.batch.size" => 1, + "config.string" => "input { generator { count => 1 } } output { file { path => \"${TEMP_FILE_PATH}\" } }" } ]} @@ -65,6 +72,7 @@ describe "Test Logstash service when multiple pipelines are used" do it "executes the multiple pipelines" do logstash_service = @fixture.get_service("logstash") + logstash_service.env_variables = {'TEMP_FILE_PATH' => temporary_out_file_3} logstash_service.spawn_logstash("--path.settings", settings_dir, "--log.level=debug") try(retry_attempts) do expect(logstash_service.exited?).to be(true) @@ -74,6 +82,8 @@ describe "Test Logstash service when multiple pipelines are used" do expect(IO.readlines(temporary_out_file_1).size).to eq(1) expect(File.exist?(temporary_out_file_2)).to be(true) expect(IO.readlines(temporary_out_file_2).size).to eq(1) + expect(File.exist?(temporary_out_file_3)).to be(true) + expect(IO.readlines(temporary_out_file_3).size).to eq(1) end context 'effectively-empty pipelines.yml file' do From d4519711a692f290c0d9e87401fb5d679f9385ff Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Wed, 14 Aug 2024 09:00:37 -0400 Subject: [PATCH 027/290] Doc: Forwardport 8.15.0 release notes to main (#16388) --- docs/static/releasenotes.asciidoc | 123 ++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 6bc416958..dc4a80c83 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in the following releases: +* <> * <> * <> * <> @@ -64,6 +65,128 @@ This section summarizes the changes in the following releases: * <> +[[logstash-8-15-0]] +=== Logstash 8.15.0 Release Notes + +[[snmp-ga-8.15.0]] +==== Announcing the new {ls} SNMP integration plugin + +The new `logstash-integration-snmp` plugin is available and bundled with {ls} 8.15.0 (and later) by default. +This plugin combines our classic `logstash-input-snmp` and `logstash-input-snmptrap` plugins into a single Ruby gem at v4.0.0 and later. + +The `logstash-integration-snmp` plugin combines the +`logstash-input-snmp` and `logstash-input-snmptrap` plugins into one integrated plugin that encompasses +the capabilities of both. +This integrated plugin package provides better alignment in snmp processing, better resource management, +easier package maintenance, and a smaller installation footprint. + +[[breaking-8.15.0]] +===== Breaking change with release of `logstash-integration-snmp` + +Prior to 8.15.0, {ls} bundled stand-alone versions of the `input-snmp` and `input-snmptrap` plugins by default. +When you upgrade to 8.15.0, the stand-alone plugins are replaced by the 4.0.0+ version contained in the new integration. + +IMPORTANT: Before you upgrade to {ls} 8.15.0, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between stand-alone plugins and the new versions included in `integration-snmp`. +If you need to maintain current mappings for the `input-snmptrap` plugin, you have options to {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-input-snmptrap-compat[preserve existing behavior]. + +[[featured-8.15.0]] +==== New features and enhancements + +[[wolfi-8.15.0]] +===== Wolfi-flavored Docker Image +Starting with 8.15.0, {ls} provides an extra Docker image flavor based on the Wolfi Linux distribution: https://github.com/wolfi-dev. (https://github.com/elastic/logstash/pull/16189[#16189]). +To use the image append "-wolfi" to the image name: + +``` +docker run docker.elastic.co/logstash/logstash-wolfi:8.15.0 +``` + +This new image flavor builds on top of a smaller and more secure base image, and is planned to become the default flavor in the next major version of {ls}. + +[[notable-8.15.0]] +==== Performance improvements and notable issues fixed +* Improved performance in pipeline-to-pipeline workloads by removing lock contention in event serialization https://github.com/elastic/logstash/pull/16194[#16194] +* Fixed pqcheck handling of paths with spaces on Windows https://github.com/elastic/logstash/pull/16205[#16205] + +[[core-8.15.0]] +==== Other changes to Logstash core + +* Changed rollover strategy in log4j2.properties to delete compressed files older than 7 days https://github.com/elastic/logstash/pull/16179[#16179] +* Fixed handling and reporting of compilation error when a pipeline didn't fit the JVM's ThreadStackSize https://github.com/elastic/logstash/pull/16336[#16336] +* Fixed missing deprecation logging in deprecated Logstash core settings https://github.com/elastic/logstash/pull/16348[#16348] +* Fixed innacurate accounting of `queue_size_in_bytes` metric when using `clean_consumed` option in dead_letter_queue input plugin https://github.com/elastic/logstash/pull/16195[#16195] + +[[dependencies-8.15.0]] +==== Updates to dependencies + +* Updated bundled JDK to 21 https://github.com/elastic/logstash/pull/16055[#16055] +* Updated JRuby to 9.4.8.0 https://github.com/elastic/logstash/pull/16278[#16278] + +[[docs-8.15.0]] +==== Documentation enhancements + +* Logstash {logstash-ref}/monitoring-with-ea.html[monitoring doc] improvements https://github.com/elastic/logstash/pull/16208[#16208] +* Add ecs and datastream requirement for {logstash-ref}/ea-integrations.html#es-tips[integration filter] https://github.com/elastic/logstash/pull/16268[#16268] +* Remove reference to puppet {ls} module https://github.com/elastic/logstash/pull/12356[#12356] +* Add section to describe intended usage of {logstash-ref}/jvm-settings.html#reducing-off-heap-usage[`pipeline.buffer.type`] https://github.com/elastic/logstash/pull/16083[#16083] +* Reposition {logstash-ref}/node-stats-api.html#pipeline-stats[`worker-utilization`] stat for better placement and flow https://github.com/elastic/logstash/pull/16337[#16337] +* Add {logstash-ref}/performance-troubleshooting.html[tuning guidance] based on Flow metrics https://github.com/elastic/logstash/pull/16289[#16289] + + +[[plugins-8.15.0]] +==== Plugin releases + +*De_dot Filter - 1.1.0* + +* Add support for recursively searching sub-fields with the new `recusive =>` config option https://github.com/logstash-plugins/logstash-filter-de_dot/pull/24[#24] + +*Elastic_integration Filter - 0.1.13* + +* Update default elasticsearch tree branch to 8.15 https://github.com/elastic/logstash-filter-elastic_integration/pull/156[#156] + +*Geoip Filter - 7.3.0* + +* Added support for MaxMind GeoIP2 Enterprise and Anonymous-IP databases https://github.com/logstash-plugins/logstash-filter-geoip/pull/223[#223] +* Updated MaxMind dependencies. + +*Http Filter - 1.6.0* + +* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-filter-http/pull/52[#52] + +*Http_poller Input - 5.6.0* + +* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-input-http_poller/pull/146[#146] + +*Aws Integration - 7.1.7* + +* Remove empty temporary dirs at plugin close https://github.com/logstash-plugins/logstash-integration-aws/pull/46[#46] + +*Kafka Integration - 11.5.0* + +* Add "auto_create_topics" option to allow disabling of topic auto creation https://github.com/logstash-plugins/logstash-integration-kafka/pull/172[#172] + +*Snmp Integration - 4.0.4* + +* Introduce Snmp Integration by default, replacing Snmp Input v1.3.3 and Snmptrap Input v3.1.0 https://github.com/logstash-plugins/logstash-integration-snmp/pull/67[#67] + +*Http Output - 5.7.0* + +* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-output-http/pull/144[#144] + +*Redis Output - 5.2.0* + +* Added support to SSL/TLS configurations https://github.com/logstash-plugins/logstash-output-redis/pull/69[#69] + * `ssl_enabled` + * `ssl_certificate_authorities` + * `ssl_certificate` + * `ssl_key` + * `ssl_verification_mode` + * `ssl_supported_protocols` + * `ssl_cipher_suites` +* Added basic support for SSL https://github.com/logstash-plugins/logstash-output-redis/pull/59[#59] +* Fixed documentation of required settings https://github.com/logstash-plugins/logstash-output-redis/pull/61[#61] + + [[logstash-8-14-3]] === Logstash 8.14.3 Release Notes From b2796afc92d27a3d55d3a74ec35f11800756eb55 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Mon, 19 Aug 2024 12:49:34 -0700 Subject: [PATCH 028/290] Removing 8.14 from ci/branches.json as we have 8.15. (#16390) --- ci/branches.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/ci/branches.json b/ci/branches.json index dca2ed04d..6524ee2be 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -7,9 +7,6 @@ { "branch": "8.15" }, - { - "branch": "8.14" - }, { "branch": "7.17" } From 6e93b30c7fd809e148c1c1472954c1c56fbcd994 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Wed, 28 Aug 2024 11:10:21 +0100 Subject: [PATCH 029/290] Increase Jruby -Xmx to avoid OOM during zip task in DRA (#16408) Fix: #16406 --- .buildkite/scripts/dra/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/scripts/dra/common.sh b/.buildkite/scripts/dra/common.sh index abdf461c1..6618c6314 100755 --- a/.buildkite/scripts/dra/common.sh +++ b/.buildkite/scripts/dra/common.sh @@ -29,7 +29,7 @@ function save_docker_tarballs { # Since we are using the system jruby, we need to make sure our jvm process # uses at least 1g of memory, If we don't do this we can get OOM issues when # installing gems. See https://github.com/elastic/logstash/issues/5179 -export JRUBY_OPTS="-J-Xmx1g" +export JRUBY_OPTS="-J-Xmx2g" # Extract the version number from the version.yml file # e.g.: 8.6.0 From ac034a14ee422148483d42a51b68f07d1a38494c Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 4 Sep 2024 11:10:29 +0200 Subject: [PATCH 030/290] Generate Dataset code with meaningful fields names (#16386) This PR is intended to help Logstash developers or users that want to better understand the code that's autogenerated to model a pipeline, assigning more meaningful names to the Datasets subclasses' fields. Updates `FieldDefinition` to receive the name of the field from construction methods, so that it can be used during the code generation phase, instead of the existing incremental `field%n`. Updates `ClassFields` to propagate the explicit field name down to the `FieldDefinitions`. Update the `DatasetCompiler` that add fields to `ClassFields` to assign a proper name to generated Dataset's fields. --- .../config/ir/compiler/ClassFields.java | 8 +++ .../config/ir/compiler/DatasetCompiler.java | 61 ++++++++++--------- .../config/ir/compiler/FieldDefinition.java | 17 ++++++ 3 files changed, 58 insertions(+), 28 deletions(-) diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ClassFields.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ClassFields.java index b34131bcd..b4f5cf5e0 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ClassFields.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ClassFields.java @@ -43,6 +43,10 @@ final class ClassFields { return addField(FieldDefinition.fromValue(definitions.size(), obj)); } + public ValueSyntaxElement add(final String fieldName, final Object obj) { + return addField(FieldDefinition.fromValue(fieldName, obj)); + } + /** * Adds a mutable field of the given type, that doesn't have a default value and is not * initialized by a constructor assignment. @@ -54,6 +58,10 @@ final class ClassFields { return addField(FieldDefinition.mutableUnassigned(definitions.size(), type)); } + public ValueSyntaxElement add(final String fieldName, final Class type) { + return addField(FieldDefinition.mutableUnassigned(fieldName, type)); + } + /** * Add a {@link Closure} that should be executed in the constructor after field assignments * have been executed. diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java index 689fb0030..e3db9a010 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java @@ -24,6 +24,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Collections; +import java.util.List; import java.util.stream.Collectors; import org.jruby.RubyArray; import org.jruby.RubyHash; @@ -58,8 +59,8 @@ public final class DatasetCompiler { final EventCondition condition) { final ClassFields fields = new ClassFields(); - final ValueSyntaxElement ifData = fields.add(new ArrayList<>()); - final ValueSyntaxElement elseData = fields.add(new ArrayList<>()); + final ValueSyntaxElement ifData = fields.add("ifData", new ArrayList<>()); + final ValueSyntaxElement elseData = fields.add("elseData", new ArrayList<>()); final ValueSyntaxElement right = fields.add(DatasetCompiler.Complement.class); final VariableDefinition event = new VariableDefinition(JrubyEventExtLibrary.RubyEvent.class, "event"); @@ -75,7 +76,7 @@ public final class DatasetCompiler { ) ) ); - final ValueSyntaxElement conditionField = fields.add(condition); + final ValueSyntaxElement conditionField = fields.add("condition", condition); final DatasetCompiler.ComputeAndClear compute; if (parents.isEmpty()) { compute = withOutputBuffering( @@ -83,9 +84,8 @@ public final class DatasetCompiler { Closure.wrap(clear(elseData)), ifData, fields ); } else { - final Collection parentFields = - parents.stream().map(fields::add).collect(Collectors.toList()); - final ValueSyntaxElement inputBuffer = fields.add(new ArrayList<>()); + final Collection parentFields = createParentStatementsFields(parents, fields); + final ValueSyntaxElement inputBuffer = fields.add("inputBuffer", new ArrayList<>()); compute = withOutputBuffering( withInputBuffering( conditionalLoop(event, inputBuffer, conditionField, ifData, elseData), @@ -111,20 +111,17 @@ public final class DatasetCompiler { final AbstractFilterDelegatorExt plugin) { final ClassFields fields = new ClassFields(); - final ValueSyntaxElement outputBuffer = fields.add(new ArrayList<>()); + final ValueSyntaxElement outputBuffer = fields.add("outputBuffer", new ArrayList<>()); final Closure clear = Closure.wrap(); final Closure compute; if (parents.isEmpty()) { compute = filterBody(outputBuffer, BATCH_ARG, fields, plugin); } else { - final Collection parentFields = parents - .stream() - .map(fields::add) - .collect(Collectors.toList() - ); + final Collection parentFields = createParentStatementsFields(parents, fields); + @SuppressWarnings("rawtypes") final RubyArray inputBuffer = RubyUtil.RUBY.newArray(); clear.add(clearSyntax(parentFields)); - final ValueSyntaxElement inputBufferField = fields.add(inputBuffer); + final ValueSyntaxElement inputBufferField = fields.add("inputBuffer", inputBuffer); compute = withInputBuffering( filterBody(outputBuffer, inputBufferField, fields, plugin), parentFields, inputBufferField @@ -133,6 +130,21 @@ public final class DatasetCompiler { return prepare(withOutputBuffering(compute, clear, outputBuffer, fields)); } + private static Collection createParentStatementsFields(Collection parents, ClassFields fields) { + if (parents.size() == 1) { + return List.of(fields.add("parentStatement", parents.iterator().next())); + } + + final Collection parentFields = new ArrayList<>(); + int i = 0; + for (Dataset parent : parents) { + ValueSyntaxElement add = fields.add("parentStatement" + i, parent); + parentFields.add(add); + i++; + } + return parentFields; + } + /** *

Builds a terminal {@link Dataset} for the filters from the given parent {@link Dataset}s.

*

If the given set of parent {@link Dataset} is empty the sum is defined as the @@ -155,10 +167,7 @@ public final class DatasetCompiler { } final ClassFields fields = new ClassFields(); - final Collection parentFields = parents - .stream() - .map(fields::add) - .collect(Collectors.toList()); + final Collection parentFields = createParentStatementsFields(parents, fields); @SuppressWarnings("rawtypes") final RubyArray inputBuffer = RubyUtil.RUBY.newArray(); final ValueSyntaxElement inputBufferField = fields.add(inputBuffer); final ValueSyntaxElement outputBufferField = fields.add(new ArrayList<>()); @@ -199,10 +208,7 @@ public final class DatasetCompiler { } final ClassFields fields = new ClassFields(); - final Collection parentFields = parents - .stream() - .map(fields::add) - .collect(Collectors.toList()); + final Collection parentFields = createParentStatementsFields(parents, fields); final Closure compute = Closure.wrap(parentFields .stream() .map(DatasetCompiler::computeDataset) @@ -236,7 +242,7 @@ public final class DatasetCompiler { final ClassFields fields = new ClassFields(); final Closure clearSyntax; final Closure computeSyntax; - final ValueSyntaxElement outputField = fields.add(output); + final ValueSyntaxElement outputField = fields.add("outputDelegator", output); if (parents.isEmpty()) { clearSyntax = Closure.EMPTY; computeSyntax = Closure.wrap( @@ -244,8 +250,7 @@ public final class DatasetCompiler { invokeOutput(outputField, BATCH_ARG), unsetPluginIdForLog4j()); } else { - final Collection parentFields = - parents.stream().map(fields::add).collect(Collectors.toList()); + final Collection parentFields = createParentStatementsFields(parents, fields); @SuppressWarnings("rawtypes") final RubyArray buffer = RubyUtil.RUBY.newArray(); final Closure inlineClear; @@ -256,7 +261,7 @@ public final class DatasetCompiler { inlineClear = Closure.EMPTY; clearSyntax = clearSyntax(parentFields); } - final ValueSyntaxElement inputBuffer = fields.add(buffer); + final ValueSyntaxElement inputBuffer = fields.add("inputBuffer", buffer); computeSyntax = withInputBuffering( Closure.wrap( setPluginIdForLog4j(outputField), @@ -283,7 +288,7 @@ public final class DatasetCompiler { final ClassFields fields, final AbstractFilterDelegatorExt plugin) { - final ValueSyntaxElement filterField = fields.add(plugin); + final ValueSyntaxElement filterField = fields.add("plugin", plugin); final Closure body = Closure.wrap( setPluginIdForLog4j(filterField), buffer(outputBuffer, filterField.call("multiFilter", inputBuffer)) @@ -378,14 +383,14 @@ public final class DatasetCompiler { final boolean shutdownOnly) { final MethodLevelSyntaxElement condition; final ValueSyntaxElement flushArgs; - final ValueSyntaxElement flushFinal = fields.add(flushOpts(true)); + final ValueSyntaxElement flushFinal = fields.add("shutdownFlushOptions", flushOpts(true)); if (shutdownOnly) { condition = SyntaxFactory.and(FLUSH_ARG, SHUTDOWN_ARG); flushArgs = flushFinal; } else { condition = FLUSH_ARG; flushArgs = SyntaxFactory.ternary( - SHUTDOWN_ARG, flushFinal, fields.add(flushOpts(false)) + SHUTDOWN_ARG, flushFinal, fields.add("flushOptions", flushOpts(false)) ); } return SyntaxFactory.ifCondition( diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/FieldDefinition.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/FieldDefinition.java index b3e481e6f..4ed2ba3b2 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/FieldDefinition.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/FieldDefinition.java @@ -46,6 +46,12 @@ final class FieldDefinition implements SyntaxElement { ); } + public static FieldDefinition fromValue(final String fieldName, final Object value) { + return new FieldDefinition( + variableDefinition(value.getClass(), fieldName), false, null, value + ); + } + /** * Creates a mutable field with given type and without an assigned value. * @param index Index for naming @@ -58,6 +64,12 @@ final class FieldDefinition implements SyntaxElement { ); } + public static FieldDefinition mutableUnassigned(final String fieldName, final Class type) { + return new FieldDefinition( + variableDefinition(type, fieldName), true, null, null + ); + } + private FieldDefinition(final VariableDefinition typeDef, final boolean mutable, final SyntaxElement initializer, final Object ctorArgument) { this.def = typeDef; @@ -98,4 +110,9 @@ final class FieldDefinition implements SyntaxElement { private static VariableDefinition variableDefinition(final Class type, final int index) { return new VariableDefinition(type, String.format("field%d", index)); } + + private static VariableDefinition variableDefinition(final Class type, final String fieldName) { + return new VariableDefinition(type, String.format("%sField", fieldName)); + } + } From b88e23702c100d411da8ce340d3c6db90dd6c0d9 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Thu, 5 Sep 2024 10:57:10 +0200 Subject: [PATCH 031/290] Implements safe evaluation of conditional expressions, logging the error without killing the pipeline (#16322) This PR protects the if statements against expression evaluation errors, cancel the event under processing and log it. This avoids to crash the pipeline which encounter a runtime error during event condition evaluation, permitting to debug the root cause reporting the offending event and removing from the current processing batch. Translates the `org.jruby.exceptions.TypeError`, `IllegalArgumentException`, `org.jruby.exceptions.ArgumentError` that could happen during `EventCodition` evaluation into a custom `ConditionalEvaluationError` which bubbles up on AST tree nodes. It's catched in the `SplitDataset` node. Updates the generation of the `SplitDataset `so that the execution of `filterEvents` method inside the compute body is try-catch guarded and defer the execution to an instance of `AbstractPipelineExt.ConditionalEvaluationListener` to handle such error. In this particular case the error management consist in just logging the offending Event. --------- Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- docs/static/event-data.asciidoc | 6 + .../spec/logstash/java_pipeline_spec.rb | 139 ++++++++++++++++++ .../logstash/config/ir/CompiledPipeline.java | 23 ++- .../ir/compiler/ComputeStepSyntaxElement.java | 2 +- .../compiler/ConditionalEvaluationError.java | 20 +++ .../config/ir/compiler/DatasetCompiler.java | 57 +++++-- .../config/ir/compiler/EventCondition.java | 14 +- .../config/ir/compiler/SyntaxFactory.java | 8 + .../logstash/config/ir/compiler/Utils.java | 13 +- .../execution/AbstractPipelineExt.java | 35 ++++- .../ir/compiler/DatasetCompilerTest.java | 4 +- .../ir/cache/pipeline_reuse_baseline.conf | 4 +- 12 files changed, 299 insertions(+), 26 deletions(-) create mode 100644 logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java diff --git a/docs/static/event-data.asciidoc b/docs/static/event-data.asciidoc index 78713346f..9952fc168 100644 --- a/docs/static/event-data.asciidoc +++ b/docs/static/event-data.asciidoc @@ -149,6 +149,12 @@ filter { } ---------------------------------- +If an expression generates an error when it is evaluated, event processing stops and a warning message is written to the log. +For example, comparing integer value `100` with string value `"100"` cannot be evaluated with certainty, and so processing stops and the error is logged. + +To capture the full content of the message at the time the error occurs, set the log level to `debug`. +Check out <> for more information about how to configure logging and available log levels. + You can specify multiple expressions in a single condition: [source,js] diff --git a/logstash-core/spec/logstash/java_pipeline_spec.rb b/logstash-core/spec/logstash/java_pipeline_spec.rb index 3e7439672..d30872e14 100644 --- a/logstash-core/spec/logstash/java_pipeline_spec.rb +++ b/logstash-core/spec/logstash/java_pipeline_spec.rb @@ -377,6 +377,145 @@ describe LogStash::JavaPipeline do end end + context "when logical expression in conditional" do + extend PipelineHelpers + + let(:settings) { LogStash::SETTINGS.clone } + + config <<-CONFIG + filter { + if [path][to][value] > 100 { + mutate { add_tag => "hit" } + } else { + mutate { add_tag => "miss" } + } + } + CONFIG + + context "raise an error when it's evaluated, should cancel the event execution and log the error" do + context "when type of evaluation doesn't have same type" do + sample_one( [{ "path" => {"to" => {"value" => "101"}}}] ) do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + end + end + + context "when left and right operands of event condition are not comparable" do + context "comparing a non existing field" do + sample_one( [{ "path" => {"to" => "Rome"}}] ) do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/:/) + end + end + + context "comparing incompatible types" do + sample_one( [{ "path" => {"to" => {"value" => [101, 102]}}}] ) do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/Unexpected conditional input combination of.*List.*RubyFixnum/) + end + end + end + + context "when the offending logic expression is used in a nested conditional structure" do + config <<-CONFIG + filter { + if "a" == "a" { + if "b" == "b" { + if [path][to][value] > 100 { + mutate { add_tag => "hit" } + } else { + mutate { add_tag => "miss" } + } + } + } + } + CONFIG + + sample_one( [{ "path" => {"to" => {"value" => "101"}}}] ) do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + end + end + + context "when the offending condition is in the output section" do + before do + LogStash::PLUGIN_REGISTRY.add(:input, "spec_sampler_input", PipelineHelpers::SpecSamplerInput) + LogStash::PLUGIN_REGISTRY.add(:output, "spec_sampler_output", PipelineHelpers::SpecSamplerOutput) + end + + describe "given a pipeline executing an event that would trigger an evaluation error" do + let(:pipeline) do + settings.set_value("queue.drain", true) + LogStash::JavaPipeline.new( + org.logstash.config.ir.PipelineConfig.new( + LogStash::Config::Source::Local, :main, + SourceWithMetadata.new( + "config_string", "config_string", + "input { spec_sampler_input {} }\n output { if [path][to][value] > 100 { spec_sampler_output {} } }" + ), settings + ) + ) + end + let(:event) do + [LogStash::Event.new({ "path" => {"to" => {"value" => "101"}}})] + end + + let(:results) do + PipelineHelpers::SpecSamplerInput.set_event event + pipeline.run + PipelineHelpers::SpecSamplerOutput.seen + end + + after do + pipeline.close + end + + subject {results.length > 1 ? results : results.first} + + it "should raise an error without killing the pipeline" do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + end + end + + describe "given a pipeline executing an event with invalid UTF-8 string" do + let(:pipeline) do + settings.set_value("queue.drain", true) + LogStash::JavaPipeline.new( + org.logstash.config.ir.PipelineConfig.new( + LogStash::Config::Source::Local, :main, + SourceWithMetadata.new( + "config_string", "config_string", + "input { spec_sampler_input {} }\n output { if [message] =~ /^(NOSQL|SQL):/ { spec_sampler_output {} } }" + ), settings + ) + ) + end + let(:event) do + [LogStash::Event.new({ "message" => "abrac\xC5adabra"})] + end + + let(:results) do + PipelineHelpers::SpecSamplerInput.set_event event + pipeline.run + PipelineHelpers::SpecSamplerOutput.seen + end + + after do + pipeline.close + end + + subject {results.length > 1 ? results : results.first} + + it "should raise an error without killing the pipeline" do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/invalid byte sequence in UTF-8/) + end + end + end + end + end + context "a crashing worker terminates the pipeline and all inputs and workers" do subject { mock_java_pipeline_from_string(config, pipeline_settings_obj) } let(:config) do diff --git a/logstash-core/src/main/java/org/logstash/config/ir/CompiledPipeline.java b/logstash-core/src/main/java/org/logstash/config/ir/CompiledPipeline.java index 7bb7b71a2..e851e0fa8 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/CompiledPipeline.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/CompiledPipeline.java @@ -29,6 +29,7 @@ import org.logstash.common.SourceWithMetadata; import org.logstash.config.ir.compiler.AbstractFilterDelegatorExt; import org.logstash.config.ir.compiler.AbstractOutputDelegatorExt; import org.logstash.config.ir.compiler.ComputeStepSyntaxElement; +import org.logstash.config.ir.compiler.ConditionalEvaluationError; import org.logstash.config.ir.compiler.Dataset; import org.logstash.config.ir.compiler.DatasetCompiler; import org.logstash.config.ir.compiler.EventCondition; @@ -39,6 +40,7 @@ import org.logstash.config.ir.graph.IfVertex; import org.logstash.config.ir.graph.PluginVertex; import org.logstash.config.ir.graph.Vertex; import org.logstash.config.ir.imperative.PluginStatement; +import org.logstash.execution.AbstractPipelineExt; import org.logstash.execution.QueueBatch; import org.logstash.ext.JrubyEventExtLibrary.RubyEvent; import org.logstash.plugins.ConfigVariableExpander; @@ -96,20 +98,35 @@ public final class CompiledPipeline { */ private final RubyIntegration.PluginFactory pluginFactory; + /** + * Callback listener to manage failed condition evaluation + * */ + private final AbstractPipelineExt.ConditionalEvaluationListener conditionalErrListener; + + public static final class NoopEvaluationListener implements AbstractPipelineExt.ConditionalEvaluationListener { + + @Override + public void notify(ConditionalEvaluationError err) { + // NO-OP + } + } + public CompiledPipeline( final PipelineIR pipelineIR, final RubyIntegration.PluginFactory pluginFactory) { - this(pipelineIR, pluginFactory, null); + this(pipelineIR, pluginFactory, null, new NoopEvaluationListener()); } public CompiledPipeline( final PipelineIR pipelineIR, final RubyIntegration.PluginFactory pluginFactory, - final SecretStore secretStore) + final SecretStore secretStore, + final AbstractPipelineExt.ConditionalEvaluationListener conditionalErrListener) { this.pipelineIR = pipelineIR; this.pluginFactory = pluginFactory; + this.conditionalErrListener = conditionalErrListener; try (ConfigVariableExpander cve = new ConfigVariableExpander( secretStore, EnvironmentVariableProvider.defaultProvider())) { @@ -488,7 +505,7 @@ public final class CompiledPipeline { // by requiring its else branch. if (conditional == null) { final ComputeStepSyntaxElement prepared = - DatasetCompiler.splitDataset(dependencies, condition); + DatasetCompiler.splitDataset(dependencies, condition, conditionalErrListener); conditional = prepared.instantiate(); iffs.put(vertexId, conditional); diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ComputeStepSyntaxElement.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ComputeStepSyntaxElement.java index 42541f2a5..eb7e13161 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ComputeStepSyntaxElement.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ComputeStepSyntaxElement.java @@ -207,7 +207,7 @@ public final class ComputeStepSyntaxElement { } /** - * @return Array of constructor arguments + * @return Map of constructor arguments, key is field's name, value is the instance of the parameter to pass. */ private Map ctorArguments() { final Map result = new HashMap<>(); diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java new file mode 100644 index 000000000..2df6681b0 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java @@ -0,0 +1,20 @@ +package org.logstash.config.ir.compiler; + +import org.logstash.Event; + +/** + * Exception raised when an if-condition in a pipeline throws an error at runtime. + * */ +public class ConditionalEvaluationError extends RuntimeException { + private static final long serialVersionUID = -8633589068902565868L; + private final Event failedEvent; + + ConditionalEvaluationError(Throwable cause, Event failedEvent) { + super(cause); + this.failedEvent = failedEvent; + } + + public Event failedEvent() { + return failedEvent; + } +} diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java index e3db9a010..956bbe18f 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/DatasetCompiler.java @@ -32,6 +32,7 @@ import org.jruby.internal.runtime.methods.DynamicMethod; import org.jruby.runtime.Block; import org.jruby.runtime.builtin.IRubyObject; import org.logstash.RubyUtil; +import org.logstash.execution.AbstractPipelineExt; import org.logstash.ext.JrubyEventExtLibrary; /** @@ -56,7 +57,8 @@ public final class DatasetCompiler { public static ComputeStepSyntaxElement splitDataset( final Collection parents, - final EventCondition condition) + final EventCondition condition, + final AbstractPipelineExt.ConditionalEvaluationListener conditionalErrListener) { final ClassFields fields = new ClassFields(); final ValueSyntaxElement ifData = fields.add("ifData", new ArrayList<>()); @@ -78,20 +80,36 @@ public final class DatasetCompiler { ); final ValueSyntaxElement conditionField = fields.add("condition", condition); final DatasetCompiler.ComputeAndClear compute; + + final ValueSyntaxElement errorNotifier = fields.add(conditionalErrListener); + Closure exceptionHandlerBlock = Closure.wrap( + new SyntaxFactory.MethodCallReturnValue(SyntaxFactory.value("this"), "setDone"), + errorNotifier.call("notify", SyntaxFactory.value("ex")), + SyntaxFactory.ret(ifData)); + ValueSyntaxElement exception = SyntaxFactory.value("ex"); + if (parents.isEmpty()) { + MethodLevelSyntaxElement safeLoop = SyntaxFactory.tryBlock( + conditionalLoop(event, BATCH_ARG, conditionField, ifData, elseData), + ConditionalEvaluationError.class, exceptionHandlerBlock, exception + ); compute = withOutputBuffering( - conditionalLoop(event, BATCH_ARG, conditionField, ifData, elseData), + Closure.wrap(safeLoop), Closure.wrap(clear(elseData)), ifData, fields ); } else { - final Collection parentFields = createParentStatementsFields(parents, fields); + final Collection parentFields = + parents.stream().map(fields::add).collect(Collectors.toList()); final ValueSyntaxElement inputBuffer = fields.add("inputBuffer", new ArrayList<>()); + MethodLevelSyntaxElement safeLoop = SyntaxFactory.tryBlock( + conditionalLoop(event, inputBuffer, conditionField, ifData, elseData), + ConditionalEvaluationError.class, exceptionHandlerBlock, exception); compute = withOutputBuffering( withInputBuffering( - conditionalLoop(event, inputBuffer, conditionField, ifData, elseData), + Closure.wrap(safeLoop), parentFields, inputBuffer ), - clearSyntax(parentFields).add(clear(elseData)), ifData, fields + clearSyntax(parentFields).add(clear(elseData)).add(clear(inputBuffer)), ifData, fields ); } return ComputeStepSyntaxElement.create( @@ -122,6 +140,7 @@ public final class DatasetCompiler { @SuppressWarnings("rawtypes") final RubyArray inputBuffer = RubyUtil.RUBY.newArray(); clear.add(clearSyntax(parentFields)); final ValueSyntaxElement inputBufferField = fields.add("inputBuffer", inputBuffer); + compute = withInputBuffering( filterBody(outputBuffer, inputBufferField, fields, plugin), parentFields, inputBufferField @@ -145,6 +164,10 @@ public final class DatasetCompiler { return parentFields; } + private static boolean isContainedUnderIfStatement(Collection parents) { + return parents.size() == 1 && parents.iterator().next() instanceof SplitDataset; + } + /** *

Builds a terminal {@link Dataset} for the filters from the given parent {@link Dataset}s.

*

If the given set of parent {@link Dataset} is empty the sum is defined as the @@ -339,11 +362,15 @@ public final class DatasetCompiler { */ private static Closure withInputBuffering(final Closure compute, final Collection parents, final ValueSyntaxElement inputBuffer) { - return Closure.wrap( - parents.stream().map(par -> SyntaxFactory.value("org.logstash.config.ir.compiler.Utils") - .call("copyNonCancelledEvents", computeDataset(par), inputBuffer) - ).toArray(MethodLevelSyntaxElement[]::new) - ).add(compute).add(clear(inputBuffer)); + return computeNonCancelledEventsBlock(parents, inputBuffer) + .add(compute) + .add(clear(inputBuffer)); + } + + private static Closure computeNonCancelledEventsBlock(Collection parents, ValueSyntaxElement inputBuffer) { + return Closure.wrap(parents.stream().map(par -> SyntaxFactory.value("org.logstash.config.ir.compiler.Utils") + .call("copyNonCancelledEvents", computeDataset(par), inputBuffer) + ).toArray(MethodLevelSyntaxElement[]::new)); } /** @@ -495,9 +522,13 @@ public final class DatasetCompiler { if (done) { return data; } - parent.compute(batch, flush, shutdown); - done = true; - return data; + try { + parent.compute(batch, flush, shutdown); + done = true; + return data; + } catch (ConditionalEvaluationError ex) { + return data; + } } @Override diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/EventCondition.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/EventCondition.java index a68ec8a98..62e3a3e69 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/EventCondition.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/EventCondition.java @@ -685,19 +685,19 @@ public interface EventCondition { UnexpectedTypeException(final Expression left, final Expression right) { super( String.format( - "Unexpected input types left: %s, right: %s", getUnexpectedTypeDetails(left), getUnexpectedTypeDetails(right) + "Unexpected conditional input combination of '%s' (left) and '%s' (right)", getUnexpectedTypeDetails(left), getUnexpectedTypeDetails(right) ) ); } UnexpectedTypeException(final Object inner) { - super(String.format("Unexpected input type %s", getUnexpectedTypeDetails(inner))); + super(String.format("Unexpected conditional input type '%s'", getUnexpectedTypeDetails(inner))); } UnexpectedTypeException(final Object left, final Object right) { super( String.format( - "Unexpected input type combination left %s, right %s", getUnexpectedTypeDetails(left), getUnexpectedTypeDetails(right) + "Unexpected conditional input combination of '%s' (left) and '%s' (right)", getUnexpectedTypeDetails(left), getUnexpectedTypeDetails(right) ) ); } @@ -709,9 +709,13 @@ public interface EventCondition { details = (expression.getSourceWithMetadata() != null) ? expression.getSourceWithMetadata().toString() : expression.toString(); } else { - details = unexpected.toString(); + if (unexpected == null) { + details = ""; + } else { + details = unexpected.toString(); + } } - return String.format("%s:%s", unexpected.getClass(), details); + return String.format("%s:%s", unexpected == null ? "" : unexpected.getClass(), details); } } } diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/SyntaxFactory.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/SyntaxFactory.java index f40765602..c81347194 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/SyntaxFactory.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/SyntaxFactory.java @@ -88,6 +88,14 @@ final class SyntaxFactory { ); } + public static MethodLevelSyntaxElement tryBlock(final Closure body, final Class exceptionToCatch, Closure exceptionHandlerBlock, + ValueSyntaxElement exception) { + return () -> SyntaxFactory.join( + "try {\n", body.generateCode(), + "\n} catch (" + exceptionToCatch.getCanonicalName() + " " + exception.generateCode() + ") { " + exceptionHandlerBlock.generateCode() + " }" + ); + } + public static MethodLevelSyntaxElement ifCondition(final MethodLevelSyntaxElement condition, final Closure body) { return ifCondition(condition, body, Closure.EMPTY); diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/Utils.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/Utils.java index 3bf64beb0..cb6341058 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/Utils.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/Utils.java @@ -20,6 +20,8 @@ package org.logstash.config.ir.compiler; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.logstash.ext.JrubyEventExtLibrary; import java.util.Collection; @@ -29,6 +31,7 @@ import java.util.List; * Static utility methods that replace common blocks of generated code in the Java execution. */ public class Utils { + private static final Logger logger = LogManager.getLogger(Utils.class); @SuppressWarnings({"unchecked", "rawtypes"}) // has field1.compute(batchArg, flushArg, shutdownArg) passed as input @@ -44,7 +47,15 @@ public class Utils { public static void filterEvents(Collection input, EventCondition filter, List fulfilled, List unfulfilled) { for (JrubyEventExtLibrary.RubyEvent e : input) { - if (filter.fulfilled(e)) { + boolean isFulfilled; + try { + isFulfilled = filter.fulfilled(e); + } catch (org.jruby.exceptions.TypeError | IllegalArgumentException | org.jruby.exceptions.ArgumentError ex) { + // in case of error evaluation of an if condition, cancel the event + e.getEvent().cancel(); + throw new ConditionalEvaluationError(ex, e.getEvent()); + } + if (isFulfilled) { fulfilled.add(e); } else { unfulfilled.add(e); diff --git a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java index 82cd216e6..0ac584f15 100644 --- a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java +++ b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java @@ -21,6 +21,8 @@ package org.logstash.execution; import java.io.IOException; +import java.io.PrintWriter; +import java.io.StringWriter; import java.nio.file.FileStore; import java.nio.file.Files; import java.nio.file.Paths; @@ -76,6 +78,7 @@ import org.logstash.config.ir.PipelineConfig; import org.logstash.config.ir.PipelineIR; import org.logstash.config.ir.compiler.AbstractFilterDelegatorExt; import org.logstash.config.ir.compiler.AbstractOutputDelegatorExt; +import org.logstash.config.ir.compiler.ConditionalEvaluationError; import org.logstash.execution.queue.QueueWriter; import org.logstash.ext.JRubyAbstractQueueWriteClientExt; import org.logstash.ext.JRubyWrappedWriteClientExt; @@ -163,10 +166,33 @@ public class AbstractPipelineExt extends RubyBasicObject { private @SuppressWarnings("rawtypes") RubyArray filters; private @SuppressWarnings("rawtypes") RubyArray outputs; + private String lastErrorEvaluationReceived = ""; + public AbstractPipelineExt(final Ruby runtime, final RubyClass metaClass) { super(runtime, metaClass); } + public interface ConditionalEvaluationListener { + void notify(ConditionalEvaluationError err); + } + + public final class LogErrorEvaluationListener implements ConditionalEvaluationListener { + @Override + public void notify(ConditionalEvaluationError err) { + lastErrorEvaluationReceived = err.getCause().getMessage(); + LOGGER.warn("{}. Event was dropped, enable debug logging to see the event's payload.", lastErrorEvaluationReceived); + LOGGER.debug("Event generating the fault: {}", err.failedEvent().toMap().toString()); + + // logs the exception at debug level + try (StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw)) { + err.printStackTrace(pw); + LOGGER.debug("{}", sw); + } catch (IOException ioex) { + LOGGER.warn("Invalid operation on closing internal resources", ioex); + } + } + } + @JRubyMethod(required = 4) public AbstractPipelineExt initialize(final ThreadContext context, final IRubyObject[] args) throws IncompleteSourceWithMetadataException, NoSuchAlgorithmException { @@ -183,7 +209,8 @@ public class AbstractPipelineExt extends RubyBasicObject { ).initialize(context, args[3], this, dlqWriter(context)), RubyUtil.FILTER_DELEGATOR_CLASS ), - getSecretStore(context) + getSecretStore(context), + new LogErrorEvaluationListener() ); inputs = RubyArray.newArray(context.runtime, lirExecution.inputs()); filters = RubyArray.newArray(context.runtime, lirExecution.filters()); @@ -828,4 +855,10 @@ public class AbstractPipelineExt extends RubyBasicObject { // shutdown_requested? MUST be implemented in the concrete implementation of this class. throw new IllegalStateException("Pipeline implementation does not provide `shutdown_requested?`, which is a Logstash internal error."); } + + @VisibleForTesting + @JRubyMethod(name = "last_error_evaluation_received") + public final RubyString getLastErrorEvaluationReceived(final ThreadContext context) { + return RubyString.newString(context.runtime, lastErrorEvaluationReceived); + } } diff --git a/logstash-core/src/test/java/org/logstash/config/ir/compiler/DatasetCompilerTest.java b/logstash-core/src/test/java/org/logstash/config/ir/compiler/DatasetCompilerTest.java index 4881035a0..c38f4e29e 100644 --- a/logstash-core/src/test/java/org/logstash/config/ir/compiler/DatasetCompilerTest.java +++ b/logstash-core/src/test/java/org/logstash/config/ir/compiler/DatasetCompilerTest.java @@ -26,6 +26,7 @@ import org.junit.Test; import org.logstash.Event; import org.logstash.FieldReference; import org.logstash.RubyUtil; +import org.logstash.config.ir.CompiledPipeline; import org.logstash.config.ir.PipelineTestUtil; import org.logstash.ext.JrubyEventExtLibrary; @@ -54,7 +55,8 @@ public final class DatasetCompilerTest { public void compilesSplitDataset() { final FieldReference key = FieldReference.from("foo"); final SplitDataset left = DatasetCompiler.splitDataset( - Collections.emptyList(), event -> event.getEvent().includes(key) + Collections.emptyList(), event -> event.getEvent().includes(key), + new CompiledPipeline.NoopEvaluationListener() ).instantiate(); final Event trueEvent = new Event(); trueEvent.setField(key, "val"); diff --git a/logstash-core/src/test/resources/org/logstash/config/ir/cache/pipeline_reuse_baseline.conf b/logstash-core/src/test/resources/org/logstash/config/ir/cache/pipeline_reuse_baseline.conf index 4aa09f7dc..a612588e9 100644 --- a/logstash-core/src/test/resources/org/logstash/config/ir/cache/pipeline_reuse_baseline.conf +++ b/logstash-core/src/test/resources/org/logstash/config/ir/cache/pipeline_reuse_baseline.conf @@ -17,6 +17,7 @@ filter { if [a] { if [a] { if [a] { + noop {} noop {} if [a] { noop {} } } @@ -25,7 +26,8 @@ filter { } output { if [a] { noop {} } + else { noop {} } stdout {} stdout {} - stdout {} +# stdout {} } From 285d13a5156f0b9ec66796854cc59de1cecec682 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:10:52 +0100 Subject: [PATCH 032/290] Update logstash_releases.json (#16426) --- ci/logstash_releases.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 39a6ae1a2..8eae04e6b 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -3,11 +3,11 @@ "5.x": "5.6.16", "6.x": "6.8.23", "7.x": "7.17.23", - "8.x": "8.14.3" + "8.x": "8.15.1" }, "snapshots": { "7.x": "7.17.24-SNAPSHOT", - "8.x": "8.14.4-SNAPSHOT", - "main": "8.15.0-SNAPSHOT" + "8.x": "8.15.2-SNAPSHOT", + "main": "8.16.0-SNAPSHOT" } } From 58b6a0ac77432df1d3cc0ab4bcd0f29a54f5adbf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:12:58 +0100 Subject: [PATCH 033/290] Release notes for 8.15.1 (#16405) (#16427) * Update release notes for 8.15.1 * update release note --------- Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com> Co-authored-by: Kaise Cheng (cherry picked from commit 2fca7e39e87c20fcfcd934e984720173ce3417e8) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- docs/static/releasenotes.asciidoc | 36 ++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index dc4a80c83..fa8b56b79 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in the following releases: +* <> * <> * <> * <> @@ -65,6 +66,39 @@ This section summarizes the changes in the following releases: * <> +[[logstash-8-15-1]] +=== Logstash 8.15.1 Release Notes + +[[notable-8.15.1]] +==== Performance improvements and notable issues fixed + +* Fixed issue where `${VAR}` incorrectly treated array as a string https://github.com/elastic/logstash/pull/16375[#16375] + +[[core-8.15.1]] +==== Other changes to Logstash core + +* Emit warning message for java version less than 17. Starting from Logstash 9.0, the minimum required version of Java will be Java 17 https://github.com/elastic/logstash/pull/16370[#16370] + +[[plugins-8.15.1]] +==== Plugin releases + +*Elasticsearch Input - 4.20.4* + +* Fixed issue where the `index` parameter was being ignored when using `response_type => aggregations` https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/209[#209] + +*Redis Input - 3.7.1* + +* [Doc] Added `threads` option https://github.com/logstash-plugins/logstash-input-redis/pull/95[#95] + +*Aws Integration - 7.1.8* + +* Added support to all storage classes for s3 output https://github.com/logstash-plugins/logstash-integration-aws/pull/49[#49] + +*Kafka Integration - 11.5.1* + +* [Doc] Added only headers with UTF-8 encoded values are supported in `decorate_events` https://github.com/logstash-plugins/logstash-integration-kafka/pull/174[#174] + + [[logstash-8-15-0]] === Logstash 8.15.0 Release Notes @@ -2441,4 +2475,4 @@ We have added another flag to the Benchmark CLI to allow passing a data file wit This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] ==== Plugin releases -Plugins align with release 7.14.0 +Plugins align with release 7.14.0 \ No newline at end of file From bb7ecc203f698a56f341fa538bdc1cd4da15b28c Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Fri, 6 Sep 2024 12:09:58 +0200 Subject: [PATCH 034/290] Fix ConditionalEvaluationError to do not include the event that errored in its serialiaxed form, because it's not expected that this class is ever serialized. (#16429) Make inner field of ConditionalEvaluationError transient to be avoided during serialization. --- .../config/ir/compiler/ConditionalEvaluationError.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java index 2df6681b0..0dd464fc2 100644 --- a/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java +++ b/logstash-core/src/main/java/org/logstash/config/ir/compiler/ConditionalEvaluationError.java @@ -7,7 +7,10 @@ import org.logstash.Event; * */ public class ConditionalEvaluationError extends RuntimeException { private static final long serialVersionUID = -8633589068902565868L; - private final Event failedEvent; + + // This class is serializable because of inheritance from Throwable, however it's not expected + // to be ever transmitted on wire on stored in some binary storage. + private final transient Event failedEvent; ConditionalEvaluationError(Throwable cause, Event failedEvent) { super(cause); From 69f0fa54ca07cb3f822846745fdbdd1504175cfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 9 Sep 2024 11:33:44 +0100 Subject: [PATCH 035/290] use gnu tar compatible minitar to generate tar artifact (#16432) Using VERSION_QUALIFIER when building the tarball distribution will fail since Ruby's TarWriter implements the older POSIX88 version of tar and paths will be longer than 100 characters. For the long paths being used in Logstash's plugins, mainly due to nested folders from jar-dependencies, we need the tarball to follow either the 2001 ustar format or gnu tar, which is implemented by the minitar gem. --- Gemfile.template | 1 + rakelib/artifacts.rake | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Gemfile.template b/Gemfile.template index 9989269fb..66eea71b5 100644 --- a/Gemfile.template +++ b/Gemfile.template @@ -14,6 +14,7 @@ gem "logstash-output-elasticsearch", ">= 11.14.0" gem "polyglot", require: false gem "treetop", require: false gem "faraday", "~> 1", :require => false # due elasticsearch-transport (elastic-transport) depending faraday '~> 1' +gem "minitar", :group => :build gem "childprocess", "~> 4", :group => :build gem "fpm", "~> 1", ">= 1.14.1", :group => :build # compound due to bugfix https://github.com/jordansissel/fpm/pull/1856 gem "gems", "~> 1", :group => :build diff --git a/rakelib/artifacts.rake b/rakelib/artifacts.rake index 7d5d7e4ea..7e0c553a5 100644 --- a/rakelib/artifacts.rake +++ b/rakelib/artifacts.rake @@ -492,6 +492,7 @@ namespace "artifact" do require "zlib" require 'rubygems' require 'rubygems/package' + require 'minitar' ensure_logstash_version_constant_defined tarpath = "build/logstash#{tar_suffix}-#{LOGSTASH_VERSION}#{PACKAGE_SUFFIX}#{platform}.tar.gz" if File.exist?(tarpath) && ENV['SKIP_PREPARE'] == "1" && !source_modified_since?(File.mtime(tarpath)) @@ -500,7 +501,7 @@ namespace "artifact" do end puts("[artifact:tar] building #{tarpath}") gz = Zlib::GzipWriter.new(File.new(tarpath, "wb"), Zlib::BEST_COMPRESSION) - Gem::Package::TarWriter.new(gz) do |tar| + Minitar::Writer.open(gz) do |tar| files(exclude_paths).each do |path| write_to_tar(tar, path, "logstash-#{LOGSTASH_VERSION}#{PACKAGE_SUFFIX}/#{path}") end @@ -520,11 +521,11 @@ namespace "artifact" do def write_to_tar(tar, path, path_in_tar) stat = File.lstat(path) if stat.directory? - tar.mkdir(path_in_tar, stat.mode) + tar.mkdir(path_in_tar, :mode => stat.mode) elsif stat.symlink? - tar.add_symlink(path_in_tar, File.readlink(path), stat.mode) + tar.symlink(path_in_tar, File.readlink(path), :mode => stat.mode) else - tar.add_file_simple(path_in_tar, stat.mode, stat.size) do |io| + tar.add_file_simple(path_in_tar, :mode => stat.mode, :size => stat.size) do |io| File.open(path, 'rb') do |fd| chunk = nil size = 0 From f60e98717308ba610452cc74daf9dfdbbb93eddc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 9 Sep 2024 13:46:00 +0100 Subject: [PATCH 036/290] bump to 9.0.0 and adapt CI accordingly (#16428) --- ci/branches.json | 3 +++ ci/logstash_releases.json | 5 +++-- versions.yml | 4 ++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ci/branches.json b/ci/branches.json index 6524ee2be..470e36cc2 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -4,6 +4,9 @@ { "branch": "main" }, + { + "branch": "8.x" + }, { "branch": "8.15" }, diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 8eae04e6b..2dabec5da 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -7,7 +7,8 @@ }, "snapshots": { "7.x": "7.17.24-SNAPSHOT", - "8.x": "8.15.2-SNAPSHOT", - "main": "8.16.0-SNAPSHOT" + "8.15": "8.15.2-SNAPSHOT", + "8.x": "8.16.0-SNAPSHOT", + "main": "9.0.0-SNAPSHOT" } } diff --git a/versions.yml b/versions.yml index 4626e47ca..f8249cb19 100644 --- a/versions.yml +++ b/versions.yml @@ -1,7 +1,7 @@ --- # alpha and beta qualifiers are now added via VERSION_QUALIFIER environment var -logstash: 8.16.0 -logstash-core: 8.16.0 +logstash: 9.0.0 +logstash-core: 9.0.0 logstash-core-plugin-api: 2.1.16 bundled_jdk: From 17dba9f829a2514aba295ed7a8fa21655b55c86b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Tue, 10 Sep 2024 10:55:34 +0100 Subject: [PATCH 037/290] account for the 8.x in DRA publishing task (#16436) the current DRA publishing task computes the branch from the version contained in the version.yml This is done by taking the major.minor and confirming that a branch exists with that name. However this pattern won't be applicable for 8.x, as that branch currently points to 8.16.0 and there is no 8.16 branch. This commit falls back to reading the buildkite injected BUILDKITE_BRANCH variable. --- .buildkite/scripts/dra/publish.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.buildkite/scripts/dra/publish.sh b/.buildkite/scripts/dra/publish.sh index 598da84bb..67c6ce895 100755 --- a/.buildkite/scripts/dra/publish.sh +++ b/.buildkite/scripts/dra/publish.sh @@ -15,8 +15,9 @@ RELEASE_VER=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\. if [ -n "$(git ls-remote --heads origin $RELEASE_VER)" ] ; then RELEASE_BRANCH=$RELEASE_VER else - RELEASE_BRANCH=main + RELEASE_BRANCH="${BUILDKITE_BRANCH:="main"}" fi +echo "RELEASE BRANCH: $RELEASE_BRANCH" if [ -n "$VERSION_QUALIFIER_OPT" ]; then # Qualifier is passed from CI as optional field and specify the version postfix From 701108f88b3c16a08fb501a71d812b804a79fe68 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 10 Sep 2024 12:20:50 +0100 Subject: [PATCH 038/290] update ci release 7.17.24 (#16439) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 2dabec5da..a5aff98f5 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -2,11 +2,11 @@ "releases": { "5.x": "5.6.16", "6.x": "6.8.23", - "7.x": "7.17.23", + "7.x": "7.17.24", "8.x": "8.15.1" }, "snapshots": { - "7.x": "7.17.24-SNAPSHOT", + "7.x": "7.17.25-SNAPSHOT", "8.15": "8.15.2-SNAPSHOT", "8.x": "8.16.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" From 5195332bc6a758198cae70fea7d88dfddf0fa15a Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Tue, 10 Sep 2024 11:14:14 -0700 Subject: [PATCH 039/290] Logstash Health Report Tests Buildkite pipeline setup. (#16416) --- .buildkite/health_report_tests_pipeline.yml | 17 ++++++ .../scripts/health-report-tests/main.sh | 9 ++++ catalog-info.yaml | 54 +++++++++++++++++++ 3 files changed, 80 insertions(+) create mode 100644 .buildkite/health_report_tests_pipeline.yml create mode 100644 .buildkite/scripts/health-report-tests/main.sh diff --git a/.buildkite/health_report_tests_pipeline.yml b/.buildkite/health_report_tests_pipeline.yml new file mode 100644 index 000000000..84d9bf9d4 --- /dev/null +++ b/.buildkite/health_report_tests_pipeline.yml @@ -0,0 +1,17 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json + +agents: + image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci" + cpu: "2" + memory: "4Gi" + ephemeralStorage: "64Gi" + +steps: + # todo: add a step for 8.latest when Health Report MVP is landed + - label: ":logstash: Health Report Integration tests on main branch." + command: | + source .buildkite/scripts/common/vm-agent.sh + ./.buildkite/scripts/health-report-tests/main.sh + retry: + automatic: + - limit: 3 diff --git a/.buildkite/scripts/health-report-tests/main.sh b/.buildkite/scripts/health-report-tests/main.sh new file mode 100644 index 000000000..c31a4b120 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/main.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +set -eo pipefail + +# TODO: +# if branch is specified with X.Y, pull branches from ACTIVE_BRANCHES_URL="https://raw.githubusercontent.com/elastic/logstash/main/ci/branches.json", parse and use +# build Logstash from specificed (ex: 8.x -> translates to 8.latest, 8.16) branch, defaults to main +# install requirements of the python package and run main.py + + diff --git a/catalog-info.yaml b/catalog-info.yaml index 54a397fd9..b5330636a 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -32,6 +32,7 @@ spec: - resource:logstash-linux-jdk-matrix-pipeline - resource:logstash-windows-jdk-matrix-pipeline - resource:logstash-benchmark-pipeline + - resource:logstash-health-report-tests-pipeline # *********************************** # Declare serverless IT pipeline @@ -642,4 +643,57 @@ spec: # ******************************* # SECTION END: Benchmark pipeline +# ******************************* + +# *********************************** +# Declare Health Report Tests pipeline +# *********************************** +--- +# yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json +apiVersion: backstage.io/v1alpha1 +kind: Resource +metadata: + name: logstash-health-report-tests-pipeline + description: Buildkite pipeline for the Logstash Health Report Tests + links: + - title: ':logstash Logstash Health Report Tests (Daily, Auto) pipeline' + url: https://buildkite.com/elastic/logstash-health-report-tests-pipeline +spec: + type: buildkite-pipeline + owner: group:logstash + system: platform-ingest + implementation: + apiVersion: buildkite.elastic.dev/v1 + kind: Pipeline + metadata: + name: logstash-health-report-tests-pipeline + description: ':logstash: Logstash Health Report tests :pipeline:' + spec: + repository: elastic/logstash + pipeline_file: ".buildkite/health_report_tests_pipeline.yml" + maximum_timeout_in_minutes: 60 + provider_settings: + trigger_mode: none # don't trigger jobs from github activity + env: + ELASTIC_SLACK_NOTIFICATIONS_ENABLED: 'true' + SLACK_NOTIFICATIONS_CHANNEL: '#logstash-build' + SLACK_NOTIFICATIONS_ON_SUCCESS: 'false' + SLACK_NOTIFICATIONS_SKIP_FOR_RETRIES: 'true' + teams: + ingest-fp: + access_level: MANAGE_BUILD_AND_READ + logstash: + access_level: MANAGE_BUILD_AND_READ + ingest-eng-prod: + access_level: MANAGE_BUILD_AND_READ + everyone: + access_level: READ_ONLY + schedules: + Daily Health Report tests on main branch: + branch: main + cronline: 30 20 * * * + message: Daily trigger of Health Report Tests Pipeline + +# ******************************* +# SECTION END: Health Report Tests pipeline # ******************************* \ No newline at end of file From 5452cccf7658554f79a7f70c7e04c9ab9a830bac Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 12 Sep 2024 19:45:23 +0100 Subject: [PATCH 040/290] [CI] benchmark dashboard and pipeline for testing against multiple versions (#16421) - add becnhmark dashboard and related save objects - add one buildkite pipeline to test against multiple versions - remove null field in json - add `FLOG_FILE_CNT`, `VAULT_PATH`, `TAGS` --- .buildkite/benchmark_versions_pipeline.yml | 11 ++ .buildkite/scripts/benchmark/README.md | 21 ++ .buildkite/scripts/benchmark/all.sh | 18 ++ .buildkite/scripts/benchmark/config/uuid | 1 + .buildkite/scripts/benchmark/main.sh | 71 +++++-- .../scripts/benchmark/save-objects/README.md | 14 ++ .../save-objects/benchmark_objects.ndjson | 31 +++ .buildkite/scripts/benchmark/setup/alias | 6 + .../benchmark/setup/benchmark_summary_v2 | 179 ++++++++++++++++++ .buildkite/scripts/benchmark/util.sh | 9 + catalog-info.yaml | 50 ++++- 11 files changed, 397 insertions(+), 14 deletions(-) create mode 100644 .buildkite/benchmark_versions_pipeline.yml create mode 100644 .buildkite/scripts/benchmark/README.md create mode 100755 .buildkite/scripts/benchmark/all.sh create mode 100644 .buildkite/scripts/benchmark/config/uuid create mode 100644 .buildkite/scripts/benchmark/save-objects/README.md create mode 100644 .buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson create mode 100644 .buildkite/scripts/benchmark/setup/alias create mode 100644 .buildkite/scripts/benchmark/setup/benchmark_summary_v2 diff --git a/.buildkite/benchmark_versions_pipeline.yml b/.buildkite/benchmark_versions_pipeline.yml new file mode 100644 index 000000000..d60166ac4 --- /dev/null +++ b/.buildkite/benchmark_versions_pipeline.yml @@ -0,0 +1,11 @@ +agents: + provider: gcp + imageProject: elastic-images-prod + image: family/platform-ingest-logstash-ubuntu-2204 + machineType: "n2-standard-16" + diskSizeGb: 100 + diskType: pd-ssd + +steps: + - label: "Benchmark multiple versions" + command: .buildkite/scripts/benchmark/all.sh \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/README.md b/.buildkite/scripts/benchmark/README.md new file mode 100644 index 000000000..330e7b266 --- /dev/null +++ b/.buildkite/scripts/benchmark/README.md @@ -0,0 +1,21 @@ +## Steps to set up GCP instance to run benchmark script +- Create an instance "n2-standard-16" with Ubuntu image +- Install docker + - `sudo snap install docker` + - `sudo usermod -a -G docker $USER` +- Install jq +- Install vault + - `sudo snap install vault` + - `vault login --method github` + - `vault kv get -format json secret/ci/elastic-logstash/benchmark` +- Setup Elasticsearch index mapping and alias with `setup/*` +- Import Kibana dashboard with `save-objects/*` +- Run the benchmark script + - Send data to your own Elasticsearch. Customise `VAULT_PATH="secret/ci/elastic-logstash/your/path"` + - Run the script `main.sh` + - or run in background `nohup bash -x main.sh > log.log 2>&1 &` + +## Notes +- Benchmarks should only be compared using the same hardware setup. +- Please do not send the test metrics to the benchmark cluster. You can set `VAULT_PATH` to send data and metrics to your own server. +- Run `all.sh` as calibration which gives you a baseline of performance in different versions. \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/all.sh b/.buildkite/scripts/benchmark/all.sh new file mode 100755 index 000000000..282ed3d48 --- /dev/null +++ b/.buildkite/scripts/benchmark/all.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -eo pipefail + +# ******************************************************* +# Run benchmark for versions that have flow metrics +# Usage: +# nohup bash -x all.sh > log.log 2>&1 & +# Accept env vars: +# STACK_VERSIONS=8.15.0,8.15.1,8.16.0-SNAPSHOT # versions to test. It is comma separator string +# ******************************************************* + +IFS=',' +STACK_VERSIONS="${STACK_VERSIONS:-8.6.0,8.7.0,8.8.0,8.9.0,8.10.0,8.11.0,8.12.0,8.13.0,8.14.0,8.15.0}" +read -ra STACK_VERSIONS <<< "$STACK_VERSIONS" + +for V in "${STACK_VERSIONS[@]}" ; do + LS_VERSION="$V" "main.sh" +done \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/config/uuid b/.buildkite/scripts/benchmark/config/uuid new file mode 100644 index 000000000..b6ac241f7 --- /dev/null +++ b/.buildkite/scripts/benchmark/config/uuid @@ -0,0 +1 @@ +f74f1a28-25e9-494f-ba41-ca9f13d4446d \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/main.sh b/.buildkite/scripts/benchmark/main.sh index 9d218d772..9534ce3fc 100755 --- a/.buildkite/scripts/benchmark/main.sh +++ b/.buildkite/scripts/benchmark/main.sh @@ -36,6 +36,9 @@ source "$SCRIPT_PATH/util.sh" ## MEM=4 # number of GB for Logstash container ## QTYPE=memory # queue type to test {persisted|memory|all} ## FB_CNT=4 # number of filebeats to use in benchmark +## FLOG_FILE_CNT=4 # number of files to generate for ingestion +## VAULT_PATH=secret/path # vault path point to Elasticsearch credentials. The default value points to benchmark cluster. +## TAGS=test,other # tags with "," separator. usage() { echo "Usage: $0 [FB_CNT] [QTYPE] [CPU] [MEM]" echo "Example: $0 4 {persisted|memory|all} 2 2" @@ -82,13 +85,17 @@ parse_args() { read -ra MULTIPLIERS <<< "$MULTIPLIERS" BATCH_SIZES="${BATCH_SIZES:-500}" read -ra BATCH_SIZES <<< "$BATCH_SIZES" + # tags to json array + read -ra TAG_ARRAY <<< "$TAGS" + JSON_TAGS=$(printf '"%s",' "${TAG_ARRAY[@]}" | sed 's/,$//') + JSON_TAGS="[$JSON_TAGS]" IFS=' ' echo "filebeats: $FB_CNT, cpu: $CPU, mem: $MEM, Queue: $QTYPE, worker multiplier: ${MULTIPLIERS[@]}, batch size: ${BATCH_SIZES[@]}" } get_secret() { - VAULT_PATH=secret/ci/elastic-logstash/benchmark + VAULT_PATH=${VAULT_PATH:-secret/ci/elastic-logstash/benchmark} VAULT_DATA=$(vault kv get -format json $VAULT_PATH) BENCHMARK_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.es_host') BENCHMARK_ES_USER=$(echo $VAULT_DATA | jq -r '.data.es_user') @@ -102,10 +109,11 @@ get_secret() { pull_images() { echo "--- Pull docker images" - # pull the latest snapshot logstash image if [[ -n "$LS_VERSION" ]]; then - docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION" + # pull image if it doesn't exist in local + [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION" else + # pull the latest snapshot logstash image # select the SNAPSHOT artifact with the highest semantic version number LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/versions | jq -r '.versions | map(select(endswith("-SNAPSHOT"))) | max_by(rtrimstr("-SNAPSHOT")|split(".")|map(tonumber))' ) BUILD_ID=$(curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://artifacts-api.elastic.co/v1/versions/${LS_VERSION}/builds/latest" | jq -re '.build.build_id') @@ -125,12 +133,15 @@ pull_images() { } generate_logs() { + FLOG_FILE_CNT=${FLOG_FILE_CNT:-4} + SINGLE_SIZE=524288000 + TOTAL_SIZE="$((FLOG_FILE_CNT * SINGLE_SIZE))" FLOG_PATH="$SCRIPT_PATH/flog" mkdir -p $FLOG_PATH - if [[ ! -e "$FLOG_PATH/log4.log" ]]; then - echo "--- Generate logs in background. log: 5, size: 500mb" - docker run -d --name=flog --rm -v $FLOG_PATH:/go/src/data mingrammer/flog -t log -w -o "/go/src/data/log.log" -b 2621440000 -p 524288000 + if [[ ! -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" ]]; then + echo "--- Generate logs in background. log: ${FLOG_FILE_CNT}, each size: 500mb" + docker run -d --name=flog --rm -v $FLOG_PATH:/go/src/data mingrammer/flog -t log -w -o "/go/src/data/log.log" -b $TOTAL_SIZE -p $SINGLE_SIZE fi } @@ -138,7 +149,7 @@ check_logs() { echo "--- Check log generation" local cnt=0 - until [[ -e "$FLOG_PATH/log4.log" || $cnt -gt 600 ]]; do + until [[ -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" || $cnt -gt 600 ]]; do echo "wait 30s" && sleep 30 cnt=$((cnt + 30)) done @@ -152,6 +163,7 @@ start_logstash() { cp $CONFIG_PATH/pipelines.yml $LS_CONFIG_PATH/pipelines.yml cp $CONFIG_PATH/logstash.yml $LS_CONFIG_PATH/logstash.yml + cp $CONFIG_PATH/uuid $LS_CONFIG_PATH/uuid LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xmx${XMX}g} docker run -d --name=ls --net=host --cpus=$CPU --memory=${MEM}g -e LS_JAVA_OPTS="$LS_JAVA_OPTS" \ @@ -160,6 +172,7 @@ start_logstash() { -e MONITOR_ES_HOST="$MONITOR_ES_HOST" -e MONITOR_ES_USER="$MONITOR_ES_USER" -e MONITOR_ES_PW="$MONITOR_ES_PW" \ -v $LS_CONFIG_PATH/logstash.yml:/usr/share/logstash/config/logstash.yml:ro \ -v $LS_CONFIG_PATH/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro \ + -v $LS_CONFIG_PATH/uuid:/usr/share/logstash/data/uuid:ro \ docker.elastic.co/logstash/logstash:$LS_VERSION } @@ -211,13 +224,39 @@ aggregate_stats() { send_summary() { echo "--- Send summary to Elasticsearch" + # build json + local timestamp timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S") + SUMMARY="{\"timestamp\": \"$timestamp\", \"version\": \"$LS_VERSION\", \"cpu\": \"$CPU\", \"mem\": \"$MEM\", \"workers\": \"$WORKER\", \"batch_size\": \"$BATCH_SIZE\", \"queue_type\": \"$QTYPE\"" + not_empty "$TOTAL_EVENTS_OUT" && SUMMARY="$SUMMARY, \"total_events_out\": \"$TOTAL_EVENTS_OUT\"" + not_empty "$MAX_EPS_1M" && SUMMARY="$SUMMARY, \"max_eps_1m\": \"$MAX_EPS_1M\"" + not_empty "$MAX_EPS_5M" && SUMMARY="$SUMMARY, \"max_eps_5m\": \"$MAX_EPS_5M\"" + not_empty "$MAX_WORKER_UTIL" && SUMMARY="$SUMMARY, \"max_worker_utilization\": \"$MAX_WORKER_UTIL\"" + not_empty "$MAX_WORKER_CONCURR" && SUMMARY="$SUMMARY, \"max_worker_concurrency\": \"$MAX_WORKER_CONCURR\"" + not_empty "$AVG_CPU_PERCENT" && SUMMARY="$SUMMARY, \"avg_cpu_percentage\": \"$AVG_CPU_PERCENT\"" + not_empty "$AVG_HEAP" && SUMMARY="$SUMMARY, \"avg_heap\": \"$AVG_HEAP\"" + not_empty "$AVG_NON_HEAP" && SUMMARY="$SUMMARY, \"avg_non_heap\": \"$AVG_NON_HEAP\"" + not_empty "$AVG_VIRTUAL_MEM" && SUMMARY="$SUMMARY, \"avg_virtual_memory\": \"$AVG_VIRTUAL_MEM\"" + not_empty "$MAX_Q_EVENT_CNT" && SUMMARY="$SUMMARY, \"max_queue_events\": \"$MAX_Q_EVENT_CNT\"" + not_empty "$MAX_Q_SIZE" && SUMMARY="$SUMMARY, \"max_queue_bytes_size\": \"$MAX_Q_SIZE\"" + not_empty "$TAGS" && SUMMARY="$SUMMARY, \"tags\": $JSON_TAGS" + SUMMARY="$SUMMARY}" + tee summary.json << EOF {"index": {}} -{"timestamp": "$timestamp", "version": "$LS_VERSION", "cpu": "$CPU", "mem": "$MEM", "workers": "$WORKER", "batch_size": "$BATCH_SIZE", "queue_type": "$QTYPE", "total_events_out": "$TOTAL_EVENTS_OUT", "max_eps_1m": "$MAX_EPS_1M", "max_eps_5m": "$MAX_EPS_5M", "max_worker_utilization": "$MAX_WORKER_UTIL", "max_worker_concurrency": "$MAX_WORKER_CONCURR", "avg_cpu_percentage": "$AVG_CPU_PERCENT", "avg_heap": "$AVG_HEAP", "avg_non_heap": "$AVG_NON_HEAP", "avg_virtual_memory": "$AVG_VIRTUAL_MEM", "max_queue_events": "$MAX_Q_EVENT_CNT", "max_queue_bytes_size": "$MAX_Q_SIZE"} +$SUMMARY EOF - curl -X POST -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" "$BENCHMARK_ES_HOST/benchmark_summary/_bulk" -H 'Content-Type: application/json' --data-binary @"summary.json" - echo "" + + # send to ES + local resp + local err_status + resp=$(curl -s -X POST -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" "$BENCHMARK_ES_HOST/benchmark_summary/_bulk" -H 'Content-Type: application/json' --data-binary @"summary.json") + echo "$resp" + err_status=$(echo "$resp" | jq -r ".errors") + if [[ "$err_status" == "true" ]]; then + echo "Failed to send summary" + exit 1 + fi } # $1: snapshot index @@ -225,7 +264,7 @@ node_stats() { NS_JSON="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_$1.json" # m_w8b1000_0.json # curl inside container because docker on mac cannot resolve localhost to host network interface - docker exec -it ls curl localhost:9600/_node/stats > "$NS_JSON" 2> /dev/null + docker exec -i ls curl localhost:9600/_node/stats > "$NS_JSON" 2> /dev/null } # $1: index @@ -302,6 +341,13 @@ stop_pipeline() { # https://github.com/elastic/logstash/pull/16191#discussion_r1647050216 } +clean_up() { + # stop log generation if it has not done yet + [[ -n $(docker ps | grep flog) ]] && docker stop flog || true + # remove image + docker image rm docker.elastic.co/logstash/logstash:$LS_VERSION +} + main() { parse_args "$@" get_secret @@ -317,8 +363,7 @@ main() { worker fi - # stop log generation if it has not done yet - [[ -n $(docker ps | grep flog) ]] && docker stop flog || true + clean_up } main "$@" diff --git a/.buildkite/scripts/benchmark/save-objects/README.md b/.buildkite/scripts/benchmark/save-objects/README.md new file mode 100644 index 000000000..264207618 --- /dev/null +++ b/.buildkite/scripts/benchmark/save-objects/README.md @@ -0,0 +1,14 @@ +benchmark_objects.ndjson contains the following resources + +- Dashboards + - daily snapshot + - released versions +- Data Views + - benchmark + - runtime fields + - | Fields Name | Type | Comment | + |--------------|---------------------------------------------------------------------------------------|--------------------------------------------------| + | versions_num | long | convert semantic versioning to number for graph sorting | + | release | boolean | `true` for released version. `false` for snapshot version. It is for graph filtering. | + +To import objects to Kibana, navigate to Stack Management > Save Objects and click Import \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson new file mode 100644 index 000000000..e68a8fc77 --- /dev/null +++ b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson @@ -0,0 +1,31 @@ +{"attributes":{"allowHidden":false,"fieldAttrs":"{\"5m_num\":{\"customLabel\":\"\"},\"avg_heap_num\":{\"customLabel\":\"\"},\"avg_non_heap_num\":{\"customLabel\":\"\"},\"max_worker_utilization_num\":{\"customLabel\":\"\"},\"max_worker_concurrency_num\":{\"customLabel\":\"\"},\"max_queue_events\":{\"customLabel\":\"\"},\"max_queue_events_num\":{\"customLabel\":\"\"},\"total_events_out_num\":{\"customLabel\":\"\"},\"avg_cpu_percentage_num\":{\"customLabel\":\"\"},\"release\":{},\"version_num\":{}}","fieldFormatMap":"{\"5m_num\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}},\"avg_heap_num\":{\"id\":\"number\"},\"avg_non_heap_num\":{\"id\":\"number\"},\"max_worker_utilization_num\":{\"id\":\"number\"},\"max_worker_concurrency_num\":{\"id\":\"number\"},\"max_queue_events\":{\"id\":\"number\"},\"max_queue_events_num\":{\"id\":\"number\"},\"avg_cpu_percentage_num\":{\"id\":\"number\"}}","fields":"[{\"name\":\"5m_num\",\"script\":\"return Integer.parseInt(doc['max_eps_5m.keyword'].value)\",\"lang\":\"painless\",\"type\":\"number\",\"scripted\":true,\"customLabel\":\"\"}]","name":"benchmark","runtimeFieldMap":"{\"release\":{\"type\":\"boolean\",\"script\":{\"source\":\"def version = doc['version.keyword'].value;\\nif (version.endsWith(\\\"-SNAPSHOT\\\")) {\\n\\temit(false);\\n}\\nelse {\\n\\temit(true);\\n}\"}},\"version_num\":{\"type\":\"long\",\"script\":{\"source\":\"if (doc.containsKey('version.keyword') && !doc['version.keyword'].empty) {\\n // Get the version string\\n String version = doc['version.keyword'].value;\\n \\n // Remove any suffix after the patch number (e.g., -SNAPSHOT)\\n int dashIndex = version.indexOf('-');\\n if (dashIndex != -1) {\\n version = version.substring(0, dashIndex);\\n }\\n \\n // Find positions of dots\\n int firstDot = version.indexOf('.');\\n int secondDot = version.indexOf('.', firstDot + 1);\\n \\n // Extract major, minor, and patch parts of the version\\n int major = Integer.parseInt(version.substring(0, firstDot));\\n int minor = Integer.parseInt(version.substring(firstDot + 1, secondDot));\\n int patch = Integer.parseInt(version.substring(secondDot + 1));\\n \\n // Combine into a sortable numeric value\\n emit(major * 10000 + minor * 100 + patch);\\n}\\n\\nemit(0);\"}}}","sourceFilters":"[]","timeFieldName":"timestamp","title":"benchmark_*"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"c5493557-3fd6-4929-8dc2-40d248303942","managed":false,"references":[],"type":"index-pattern","typeMigrationVersion":"8.0.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzcyNiw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":100},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Release EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:29.581Z","id":"2c017667-7403-402c-b027-3cc790945a27","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:29.581Z","version":"WzEzOTMsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[MQ][R] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:13.413Z","id":"9546a73b-5937-4d3d-850f-30625d6e1405","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:13.413Z","version":"WzEzOTEsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"2786f33f-2ad1-4722-8706-9cba9613662e","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:00.945Z","id":"6fba7dff-2564-450b-b885-8c6cf97fa727","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"2786f33f-2ad1-4722-8706-9cba9613662e","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:00.945Z","version":"WzEzODksN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"368034aa-1121-464d-8aed-8a4312274fa8","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ][R] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:50.960Z","id":"6295535b-736d-4704-99d3-1cc0c4bb4cb4","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"368034aa-1121-464d-8aed-8a4312274fa8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:50.960Z","version":"WzEzODcsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"0586bc7c-4662-41bd-8e6d-2337477ca621","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[MQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:40.740Z","id":"a577558f-f9a6-4c86-b562-7618b2c71db0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"0586bc7c-4662-41bd-8e6d-2337477ca621","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:40.740Z","version":"WzEzODUsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"d556c1f1-16ab-45de-adda-366de4703635","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[PQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:31.089Z","id":"1872e84f-56f2-4a17-9426-3d25d6e03931","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"d556c1f1-16ab-45de-adda-366de4703635","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:31.089Z","version":"WzEzODQsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"a22f82f6-c7b8-4e06-b2f5-69e25c5aefc4","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[PQ][R] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:52.744Z","id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"a22f82f6-c7b8-4e06-b2f5-69e25c5aefc4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:52.744Z","version":"WzEzODAsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_queue_events","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_queue_events"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"48ba7011-43c1-48fc-bc36-858bcec74547","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"events in queue"}},"title":"[PQ][R] events in queue by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:43.703Z","id":"d79b8742-6284-4842-ac44-65640d090179","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"48ba7011-43c1-48fc-bc36-858bcec74547","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:43.703Z","version":"WzEzNzgsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"b16664e5-7dda-45f4-853a-0ae2a0e0a692","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[PQ][R] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:33.831Z","id":"64d0f8a7-afe3-4443-88e1-7551d666fee8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"b16664e5-7dda-45f4-853a-0ae2a0e0a692","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:33.831Z","version":"WzEzNzcsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"9f57d841-9266-4f58-af56-7fa5e40d8da7","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[PQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:25.955Z","id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"9f57d841-9266-4f58-af56-7fa5e40d8da7","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:25.955Z","version":"WzEzNzYsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"release","index":"0e2f84c5-7f78-4388-ad55-1230425efb24","key":"release","negate":false,"params":{"query":false},"type":"phrase"},"query":{"match_phrase":{"release":false}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Daily EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"0e2f84c5-7f78-4388-ad55-1230425efb24","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzczOCw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"ba0999ad-bf15-429c-ba76-93b1ff919cea","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[MQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"ba0999ad-bf15-429c-ba76-93b1ff919cea","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0NCw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"8e8a8743-f0a4-47ed-a4f0-21e21971e264","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[MQ] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"8cbdba7b-e921-42b9-b55b-da567717e259","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"8e8a8743-f0a4-47ed-a4f0-21e21971e264","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Nyw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_queue_events","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_queue_events"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"738fa511-8000-4f6a-b892-4a767bd733ab","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"events in queue"}},"title":"[PQ] events in queue by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"7a2c9e96-8e48-4546-b736-065757a52c47","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"738fa511-8000-4f6a-b892-4a767bd733ab","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Myw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"6dab2bf1-e8cd-4d30-99d6-4e8038c8d19b","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[PQ] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"daa3722a-cab7-49ba-b5bb-033e81133096","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"6dab2bf1-e8cd-4d30-99d6-4e8038c8d19b","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0MSw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"columns":{"0ad565fc-0a55-492b-ba69-1be57f501e13":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"962f0beb-0dd8-4449-a652-878d0d2c63e8","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[PQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"4d1f7bef-c184-4457-b159-465128d2d70b","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"962f0beb-0dd8-4449-a652-878d0d2c63e8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzczOSw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[PQ] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Miw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Niw3XQ=="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":false},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":false}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":14,\"i\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},\"panelIndex\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\",\"embeddableConfig\":{\"enhancements\":{},\"attributes\":{\"title\":\"Daily EPS by queue & worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"axisTitlesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"seriesType\":\"line\",\"xAccessor\":\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"splitAccessor\":\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"accessors\":[\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#207f8c\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#0055fc\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#99e6e8\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#c3513a\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#fd1900\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#e88888\"},\"touched\":true}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}}}],\"yTitle\":\"5m eps\"},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"datasourceStates\":{\"formBased\":{\"layers\":{\"999c9564-cba1-4f3b-af99-ccbacb8e034f\":{\"columns\":{\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\":{\"label\":\"Top values of workers.keyword + 1 other\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":6,\"orderBy\":{\"type\":\"column\",\"columnId\":\"be033d18-2c04-44f2-b403-0b88d888143d\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"multi_terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"secondaryFields\":[\"queue_type.keyword\"]}},\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"be033d18-2c04-44f2-b403-0b88d888143d\":{\"label\":\"Median of 5m_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"5m_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"type\":\"index-pattern\"}],\"type\":\"lens\"}},\"panelRefName\":\"panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":14,\"w\":16,\"h\":14,\"i\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\"},\"panelIndex\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_3fc59b3e-512e-4a47-baa4-e89e4978b685\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":14,\"w\":16,\"h\":14,\"i\":\"6294036c-7c92-4e51-990d-ace6af0de939\"},\"panelIndex\":\"6294036c-7c92-4e51-990d-ace6af0de939\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_6294036c-7c92-4e51-990d-ace6af0de939\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":28,\"w\":16,\"h\":8,\"i\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\"},\"panelIndex\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\",\"embeddableConfig\":{\"attributes\":{\"title\":\"PQ max q events by worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\",\"isInside\":true,\"showSingleSeries\":true,\"legendSize\":\"small\",\"shouldTruncate\":true,\"verticalAlignment\":\"bottom\",\"horizontalAlignment\":\"left\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"yTitle\":\"events in queue\",\"hideEndzones\":false,\"showCurrentTimeMarker\":false,\"valuesInLegend\":false,\"axisTitlesVisibilitySettings\":{\"x\":false,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"seriesType\":\"line\",\"splitAccessor\":\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"accessors\":[\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"4\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":0},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"8\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":1},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"16\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":2},\"touched\":false}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}},\"xAccessor\":\"9542ed03-9691-42a3-b5c2-407bcaab221c\"}]},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"index\":\"599131c3-0cd9-4a1f-b9da-9894538d58cc\",\"key\":\"queue_type.keyword\",\"field\":\"queue_type.keyword\",\"params\":{\"query\":\"persisted\"},\"type\":\"phrase\"},\"query\":{\"match_phrase\":{\"queue_type.keyword\":\"persisted\"}},\"$state\":{\"store\":\"appState\"}}],\"datasourceStates\":{\"formBased\":{\"layers\":{\"eb818eba-fa75-45d1-a9ee-6619eecc9280\":{\"columns\":{\"0da92b64-fe48-439e-9b3a-47775ce1a149\":{\"label\":\"workers\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":3,\"orderBy\":{\"type\":\"column\",\"columnId\":\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"accuracyMode\":false},\"customLabel\":true},\"9542ed03-9691-42a3-b5c2-407bcaab221c\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\":{\"label\":\"Median of max_queue_events_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"max_queue_events_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"9542ed03-9691-42a3-b5c2-407bcaab221c\",\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"type\":\"index-pattern\"}],\"type\":\"lens\"},\"enhancements\":{}},\"panelRefName\":\"panel_77d40890-d175-436f-aac3-7bcc9f7beacc\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\"},\"panelIndex\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_8bd920f9-5be7-4481-b733-ba83bdd127d5\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":16,\"i\":\"23581637-2ff1-4cae-a839-345620c3d180\"},\"panelIndex\":\"23581637-2ff1-4cae-a839-345620c3d180\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_23581637-2ff1-4cae-a839-345620c3d180\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":28,\"w\":16,\"h\":16,\"i\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\"},\"panelIndex\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_c7ab44aa-4607-40b7-b268-d69136bfdcde\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":14,\"w\":16,\"h\":14,\"i\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\"},\"panelIndex\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_01628fc9-19c2-4c65-bc9f-3f284f77c309\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-2M","timeRestore":true,"timeTo":"now","title":"Logstash daily benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:44:20.764Z","id":"9ef273e3-bee2-48bb-9976-7edc19454b93","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","name":"3fc59b3e-512e-4a47-baa4-e89e4978b685:panel_3fc59b3e-512e-4a47-baa4-e89e4978b685","type":"lens"},{"id":"8cbdba7b-e921-42b9-b55b-da567717e259","name":"6294036c-7c92-4e51-990d-ace6af0de939:panel_6294036c-7c92-4e51-990d-ace6af0de939","type":"lens"},{"id":"7a2c9e96-8e48-4546-b736-065757a52c47","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:panel_77d40890-d175-436f-aac3-7bcc9f7beacc","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"daa3722a-cab7-49ba-b5bb-033e81133096","name":"8bd920f9-5be7-4481-b733-ba83bdd127d5:panel_8bd920f9-5be7-4481-b733-ba83bdd127d5","type":"lens"},{"id":"4d1f7bef-c184-4457-b159-465128d2d70b","name":"23581637-2ff1-4cae-a839-345620c3d180:panel_23581637-2ff1-4cae-a839-345620c3d180","type":"lens"},{"id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","name":"c7ab44aa-4607-40b7-b268-d69136bfdcde:panel_c7ab44aa-4607-40b7-b268-d69136bfdcde","type":"lens"},{"id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","name":"01628fc9-19c2-4c65-bc9f-3f284f77c309:panel_01628fc9-19c2-4c65-bc9f-3f284f77c309","type":"lens"}],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2024-09-09T13:44:20.764Z","version":"WzEyNTEsN10="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":true},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":true}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":19,\"i\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\"},\"panelIndex\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_329684df-6ec4-4973-8c96-bc91eaa23fe9\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":19,\"w\":16,\"h\":17,\"i\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},\"panelIndex\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":19,\"w\":16,\"h\":17,\"i\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\"},\"panelIndex\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_485385cb-cd2b-408b-a119-5e7b15c15eeb\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":19,\"w\":16,\"h\":17,\"i\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},\"panelIndex\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":36,\"w\":16,\"h\":16,\"i\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\"},\"panelIndex\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_2934659f-462a-41b1-bdc0-344a7a4a2267\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":36,\"w\":16,\"h\":16,\"i\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},\"panelIndex\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\"},\"panelIndex\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_99c4094f-8906-4ded-b56f-8e20107a8f3b\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":44,\"w\":16,\"h\":8,\"i\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\"},\"panelIndex\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_a8dd132b-9212-4c33-83ef-19ec5152448e\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-1y","timeRestore":true,"timeTo":"now","title":"Logstash release benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:43:43.023Z","id":"901317cf-f97a-4d20-8420-53f0bf67c606","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"2c017667-7403-402c-b027-3cc790945a27","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:panel_329684df-6ec4-4973-8c96-bc91eaa23fe9","type":"lens"},{"id":"a577558f-f9a6-4c86-b562-7618b2c71db0","name":"68db206a-6de8-40a8-bd6c-b82d78a41ac7:panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7","type":"lens"},{"id":"9546a73b-5937-4d3d-850f-30625d6e1405","name":"485385cb-cd2b-408b-a119-5e7b15c15eeb:panel_485385cb-cd2b-408b-a119-5e7b15c15eeb","type":"lens"},{"id":"6fba7dff-2564-450b-b885-8c6cf97fa727","name":"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce:panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce","type":"lens"},{"id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","name":"2934659f-462a-41b1-bdc0-344a7a4a2267:panel_2934659f-462a-41b1-bdc0-344a7a4a2267","type":"lens"},{"id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","name":"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2:panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2","type":"lens"},{"id":"d79b8742-6284-4842-ac44-65640d090179","name":"99c4094f-8906-4ded-b56f-8e20107a8f3b:panel_99c4094f-8906-4ded-b56f-8e20107a8f3b","type":"lens"},{"id":"1872e84f-56f2-4a17-9426-3d25d6e03931","name":"a8dd132b-9212-4c33-83ef-19ec5152448e:panel_a8dd132b-9212-4c33-83ef-19ec5152448e","type":"lens"}],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2024-09-09T13:43:43.023Z","version":"WzEyNDUsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[PQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"07700ebe-b8c9-498f-9a91-30efb0c48784","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0MCw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"4e0f2401-369e-4818-8a1f-52b64ff175df","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"29ebb6b1-bee6-4f15-b3dc-aac083d5d2f5","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"4e0f2401-369e-4818-8a1f-52b64ff175df","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0NSw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"string","isBucketed":true,"label":"Top 100 values of version.keyword","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","negate":false,"params":[{"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}},{"meta":{"alias":null,"disabled":false,"field":"release","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"release","negate":false,"params":{"query":true},"type":"phrase"},"query":{"match_phrase":{"release":true}}}],"relation":"AND","type":"combined"},"query":{}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[MQ][R] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"26ec195e-e4a9-4417-be97-6d1fbc6b63c0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0OSw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"string","isBucketed":true,"label":"Top 100 values of version.keyword","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"da1edddb-a868-406c-b3a3-e02cf1069e50","negate":false,"params":[{"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}},{"meta":{"alias":null,"disabled":false,"field":"release","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"release","negate":false,"params":{"query":true},"type":"phrase"},"query":{"match_phrase":{"release":true}}}],"relation":"AND","type":"combined"},"query":{}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[PQ][R] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"bb65f9af-1246-4e75-8b61-dea93d920da8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"da1edddb-a868-406c-b3a3-e02cf1069e50","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1MCw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"8171fdc1-2ff4-4f45-8796-dffd31749c63","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"max 5m_eps"}},"title":"[MQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"5c7f9518-5dac-4a3f-b8e1-6ece4135a8be","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1MSw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"4e1e2474-ea84-47f5-bb34-0bda229814df","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"max 5m_eps"}},"title":"[PQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f24fc69c-7714-40d3-b34e-3d90fa9b7023","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"4e1e2474-ea84-47f5-bb34-0bda229814df","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1Miw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"637adce1-2cf3-4869-a35d-ead85c340ab9","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[PQ] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"fc548f47-c5ab-491f-a234-4f24ce439d55","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"637adce1-2cf3-4869-a35d-ead85c340ab9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1Myw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"26183784-8280-42c4-ae7c-71c4e9a5908c","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[MQ] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"b3c44ade-7f2f-497a-bc9b-f4b53695d975","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"26183784-8280-42c4-ae7c-71c4e9a5908c","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1NCw3XQ=="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"904fa8c5-7ce1-45ec-bc0d-a52929cabaa6":{"columnOrder":["3dfc74bb-0629-4809-8416-282f6924ecf6","2e3311e8-099f-48bc-81e8-f8dd643cee72","c62ffb65-c24f-49fe-b8ed-683257e60808"],"columns":{"2e3311e8-099f-48bc-81e8-f8dd643cee72":{"dataType":"number","isBucketed":false,"label":"Moving average of Last value of 5m_num","operationType":"moving_average","params":{"window":5},"references":["c62ffb65-c24f-49fe-b8ed-683257e60808"],"scale":"ratio"},"3dfc74bb-0629-4809-8416-282f6924ecf6":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"c62ffb65-c24f-49fe-b8ed-683257e60808":{"dataType":"number","filter":{"language":"kuery","query":"\"5m_num\": *"},"isBucketed":false,"label":"Last value of 5m_num","operationType":"last_value","params":{"showArrayValues":true,"sortField":"timestamp"},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"None","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["2e3311e8-099f-48bc-81e8-f8dd643cee72"],"colorMapping":{"assignments":[],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"904fa8c5-7ce1-45ec-bc0d-a52929cabaa6","layerType":"data","position":"top","seriesType":"bar","showGridlines":false,"xAccessor":"3dfc74bb-0629-4809-8416-282f6924ecf6"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"bar","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide"}},"title":"logstash_5m_eps","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-07-08T16:56:26.170Z","id":"af3a2cb0-138f-4b4a-aaf8-49ff4325386d","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-904fa8c5-7ce1-45ec-bc0d-a52929cabaa6","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-07-08T16:56:26.170Z","version":"WzQzLDRd"} +{"excludedObjects":[],"excludedObjectsCount":0,"exportedCount":30,"missingRefCount":0,"missingReferences":[]} \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/setup/alias b/.buildkite/scripts/benchmark/setup/alias new file mode 100644 index 000000000..efa658a4d --- /dev/null +++ b/.buildkite/scripts/benchmark/setup/alias @@ -0,0 +1,6 @@ +POST /_aliases +{ + "actions": [ + { "add": { "index": "benchmark_summary_v2", "alias": "benchmark_summary" } } + ] +} \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/setup/benchmark_summary_v2 b/.buildkite/scripts/benchmark/setup/benchmark_summary_v2 new file mode 100644 index 000000000..57c80f8c7 --- /dev/null +++ b/.buildkite/scripts/benchmark/setup/benchmark_summary_v2 @@ -0,0 +1,179 @@ +PUT /benchmark_summary_v2/_mapping +{ + "properties": { + "avg_cpu_percentage": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "avg_heap": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "avg_non_heap": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "avg_virtual_memory": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "batch_size": { + "type": "integer", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "cpu": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_eps_1m": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_eps_5m": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_queue_bytes_size": { + "type": "integer", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_queue_events": { + "type": "integer", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_worker_concurrency": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "max_worker_utilization": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "mem": { + "type": "float", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "queue_type": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "tag": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "timestamp": { + "type": "date" + }, + "total_events_out": { + "type": "integer", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "version": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "workers": { + "type": "integer", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "tags" : { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + } + } +} diff --git a/.buildkite/scripts/benchmark/util.sh b/.buildkite/scripts/benchmark/util.sh index d7e714e0b..ac036d59e 100755 --- a/.buildkite/scripts/benchmark/util.sh +++ b/.buildkite/scripts/benchmark/util.sh @@ -30,3 +30,12 @@ jqavg() { jqmax() { jq -r "$1 | select(. != null)" $2 | jq -s . | jq 'max' } + +# return true if $1 is non empty and not "null" +not_empty() { + if [[ -n "$1" && "$1" != "null" ]]; then + return 0 + else + return 1 + fi +} \ No newline at end of file diff --git a/catalog-info.yaml b/catalog-info.yaml index b5330636a..9f1dfa94d 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -614,7 +614,7 @@ spec: kind: Pipeline metadata: name: logstash-benchmark-pipeline - description: ':logstash: The Benchmark pipeline' + description: ':logstash: The Benchmark pipeline for snapshot version' spec: repository: elastic/logstash pipeline_file: ".buildkite/benchmark_pipeline.yml" @@ -645,6 +645,54 @@ spec: # SECTION END: Benchmark pipeline # ******************************* +# *********************************** +# SECTION START: Benchmark multiple Logstash versions +# *********************************** +--- +# yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json +apiVersion: backstage.io/v1alpha1 +kind: Resource +metadata: + name: logstash-benchmark-versions-pipeline + description: Buildkite pipeline for benchmarking multiple versions + links: + - title: 'Logstash benchmark pipeline for multiple versions' + url: https://buildkite.com/elastic/logstash-benchmark-versions-pipeline +spec: + type: buildkite-pipeline + owner: group:logstash + system: platform-ingest + implementation: + apiVersion: buildkite.elastic.dev/v1 + kind: Pipeline + metadata: + name: logstash-benchmark-versions-pipeline + description: ':logstash: The Benchmark pipeline for multiple versions' + spec: + repository: elastic/logstash + pipeline_file: ".buildkite/benchmark_versions_pipeline.yml" + maximum_timeout_in_minutes: 480 + provider_settings: + trigger_mode: none # don't trigger jobs from github activity + env: + ELASTIC_SLACK_NOTIFICATIONS_ENABLED: 'false' + SLACK_NOTIFICATIONS_CHANNEL: '#logstash-build' + SLACK_NOTIFICATIONS_ON_SUCCESS: 'false' + SLACK_NOTIFICATIONS_SKIP_FOR_RETRIES: 'true' + teams: + ingest-fp: + access_level: MANAGE_BUILD_AND_READ + logstash: + access_level: MANAGE_BUILD_AND_READ + ingest-eng-prod: + access_level: MANAGE_BUILD_AND_READ + everyone: + access_level: READ_ONLY + +# ******************************* +# SECTION END: Benchmark multiple Logstash versions +# ******************************* + # *********************************** # Declare Health Report Tests pipeline # *********************************** From 2ebf2658ff86678125b04c8826958b468ee0da1f Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Thu, 12 Sep 2024 13:24:53 -0700 Subject: [PATCH 041/290] Make health report test runner script executable. (#16446) --- .buildkite/scripts/health-report-tests/main.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 .buildkite/scripts/health-report-tests/main.sh diff --git a/.buildkite/scripts/health-report-tests/main.sh b/.buildkite/scripts/health-report-tests/main.sh old mode 100644 new mode 100755 From 1ec37b7c4186d25f2c5f3ab7d4f3afe7e37e91f2 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Fri, 13 Sep 2024 17:33:16 +0200 Subject: [PATCH 042/290] Drop JDK 11 support (#16443) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a user runs Logstash with a hosted JDK and not the one bundled with Logstash distribution, like setting a specific LS_JAVA_HOME, which is minor than JDK 17 then Logstash refuses to start. Has to provide at least a JDK 17 or unset the LS_JAVA_HOME and let Logstash uses the bundled JDK. Updates the jvm.options and JvmOptionsParser to remove support for JDK 11. If the options parser identifies that the running JVM is less than 17, it refuses to start. --------- Co-authored-by: João Duarte --- .buildkite/linux_jdk_matrix_pipeline.yml | 6 ------ .buildkite/windows_jdk_matrix_pipeline.yml | 6 ------ config/jvm.options | 10 +--------- docs/static/jvm.asciidoc | 14 +++++++------- docs/static/running-logstash-windows.asciidoc | 2 -- logstash-core/lib/logstash/runner.rb | 5 +---- logstash-core/locales/en.yml | 8 +------- .../main/java/org/logstash/util/JavaVersion.java | 1 - .../java/org/logstash/launchers/JavaVersion.java | 4 ++-- .../org/logstash/launchers/JvmOptionsParser.java | 6 +++--- 10 files changed, 15 insertions(+), 47 deletions(-) diff --git a/.buildkite/linux_jdk_matrix_pipeline.yml b/.buildkite/linux_jdk_matrix_pipeline.yml index eb42bd5ee..65d80d6b4 100644 --- a/.buildkite/linux_jdk_matrix_pipeline.yml +++ b/.buildkite/linux_jdk_matrix_pipeline.yml @@ -60,20 +60,14 @@ steps: value: "adoptiumjdk_21" - label: "Adoptium JDK 17 (Eclipse Temurin)" value: "adoptiumjdk_17" - - label: "Adoptium JDK 11 (Eclipse Temurin)" - value: "adoptiumjdk_11" - label: "OpenJDK 21" value: "openjdk_21" - label: "OpenJDK 17" value: "openjdk_17" - - label: "OpenJDK 11" - value: "openjdk_11" - label: "Zulu 21" value: "zulu_21" - label: "Zulu 17" value: "zulu_17" - - label: "Zulu 11" - value: "zulu_11" - wait: ~ if: build.source != "schedule" && build.source != "trigger_job" diff --git a/.buildkite/windows_jdk_matrix_pipeline.yml b/.buildkite/windows_jdk_matrix_pipeline.yml index 2c336e141..a54e7eca5 100644 --- a/.buildkite/windows_jdk_matrix_pipeline.yml +++ b/.buildkite/windows_jdk_matrix_pipeline.yml @@ -33,20 +33,14 @@ steps: value: "adoptiumjdk_21" - label: "Adoptium JDK 17 (Eclipse Temurin)" value: "adoptiumjdk_17" - - label: "Adoptium JDK 11 (Eclipse Temurin)" - value: "adoptiumjdk_11" - label: "OpenJDK 21" value: "openjdk_21" - label: "OpenJDK 17" value: "openjdk_17" - - label: "OpenJDK 11" - value: "openjdk_11" - label: "Zulu 21" value: "zulu_21" - label: "Zulu 17" value: "zulu_17" - - label: "Zulu 11" - value: "zulu_11" - wait: ~ if: build.source != "schedule" && build.source != "trigger_job" diff --git a/config/jvm.options b/config/jvm.options index b729fce91..f84e904ce 100644 --- a/config/jvm.options +++ b/config/jvm.options @@ -16,10 +16,6 @@ ## ################################################################ -## GC configuration -11-13:-XX:+UseConcMarkSweepGC -11-13:-XX:CMSInitiatingOccupancyFraction=75 -11-13:-XX:+UseCMSInitiatingOccupancyOnly ## Locale # Set the locale language @@ -59,11 +55,7 @@ #-XX:HeapDumpPath=${LOGSTASH_HOME}/heapdump.hprof ## GC logging -#-Xlog:gc*,gc+age=trace,safepoint:file=@loggc@:utctime,pid,tags:filecount=32,filesize=64m - -# log GC status to a file with time stamps -# ensure the directory exists -#-Xloggc:${LS_GC_LOG_FILE} +#-Xlog:gc*,gc+age=trace,safepoint:file=${LS_GC_LOG_FILE}:utctime,pid,tags:filecount=32,filesize=64m # Entropy source for randomness -Djava.security.egd=file:/dev/urandom diff --git a/docs/static/jvm.asciidoc b/docs/static/jvm.asciidoc index 88765d907..51d735b55 100644 --- a/docs/static/jvm.asciidoc +++ b/docs/static/jvm.asciidoc @@ -4,8 +4,8 @@ {ls} requires one of these versions: -* Java 11 * Java 17 (default). Check out <> for settings info. +* Java 21 Use the http://www.oracle.com/technetwork/java/javase/downloads/index.html[official @@ -17,13 +17,13 @@ for the official word on supported versions across releases. [[bundled-jdk]] .Bundled JDK [NOTE] -===== +===== {ls} offers architecture-specific https://www.elastic.co/downloads/logstash[downloads] that include -Adoptium Eclipse Temurin 17, the latest long term support (LTS) release of the JDK. +Adoptium Eclipse Temurin 17, a long term support (LTS) release of the JDK. Use the LS_JAVA_HOME environment variable if you want to use a JDK other than the -version that is bundled. +version that is bundled. If you have the LS_JAVA_HOME environment variable set to use a custom JDK, Logstash will continue to use the JDK version you have specified, even after you upgrade. ===== @@ -40,9 +40,9 @@ On systems with Java installed, this command produces output similar to the foll [source,shell] ----- -java version "11.0.1" 2018-10-16 LTS -Java(TM) SE Runtime Environment 18.9 (build 11.0.1+13-LTS) -Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.1+13-LTS, mixed mode) +openjdk version "17.0.12" 2024-07-16 +OpenJDK Runtime Environment Temurin-17.0.12+7 (build 17.0.12+7) +OpenJDK 64-Bit Server VM Temurin-17.0.12+7 (build 17.0.12+7, mixed mode) ----- [float] diff --git a/docs/static/running-logstash-windows.asciidoc b/docs/static/running-logstash-windows.asciidoc index 7a3819c58..36a98233e 100644 --- a/docs/static/running-logstash-windows.asciidoc +++ b/docs/static/running-logstash-windows.asciidoc @@ -46,8 +46,6 @@ Java(TM) SE Runtime Environment 18.9 (build 11.0.3+12-LTS) Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.3+12-LTS, mixed mode) ----- -NOTE: As of the publication of this document, please review this https://github.com/elastic/logstash/issues/10496[known issue that impacts Java 11] before proceeding. - Once you have <> and validated JVM pre-requisites, you may proceed. NOTE: For the examples listed below, we are running Windows Server 2016, Java 11.0.3, diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 876d3e1e1..bdd66cbfd 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -318,10 +318,7 @@ class LogStash::Runner < Clamp::StrictCommand deprecation_logger.deprecated msg end - if JavaVersion::CURRENT < JavaVersion::JAVA_11 - logger.warn I18n.t("logstash.runner.java.version", - :java_home => java.lang.System.getProperty("java.home")) - elsif JavaVersion::CURRENT < JavaVersion::JAVA_17 + if JavaVersion::CURRENT < JavaVersion::JAVA_17 deprecation_logger.deprecated I18n.t("logstash.runner.java.version_17_minimum", :java_home => java.lang.System.getProperty("java.home")) end diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index 92dcb38ee..10d7a8822 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -440,14 +440,8 @@ en: Running Logstash with the bundled JDK is recommended. The bundled JDK has been verified to work with each specific version of Logstash, and generally provides best performance and reliability. If you have compelling reasons for using your own JDK (organizational-specific compliance requirements, for example), you can configure LS_JAVA_HOME to use that version instead. - version: >- - Starting from Logstash 8.0, the minimum required version of Java is Java 11; your Java version from - %{java_home} does not meet this requirement. Please reconfigure your version of Java to one that is supported. - Running Logstash with the bundled JDK is recommended. - The bundled JDK has been verified to work with each specific version of Logstash, and generally provides best performance and reliability. - If you have compelling reasons for using your own JDK (organizational-specific compliance requirements, for example), you can configure LS_JAVA_HOME to use that version instead. version_17_minimum: >- - Starting from Logstash 9.0, the minimum required version of Java will be Java 17; + Starting from Logstash 9.0, the minimum required version of Java is Java 17; your Java version from `%{java_home}` does not meet this requirement. Running Logstash with the bundled JDK is recommended. The bundled JDK has been verified to work with each specific version of Logstash, and generally provides best performance and reliability. diff --git a/logstash-core/src/main/java/org/logstash/util/JavaVersion.java b/logstash-core/src/main/java/org/logstash/util/JavaVersion.java index 505e27e67..c1d619e98 100644 --- a/logstash-core/src/main/java/org/logstash/util/JavaVersion.java +++ b/logstash-core/src/main/java/org/logstash/util/JavaVersion.java @@ -30,7 +30,6 @@ import java.util.Objects; public class JavaVersion implements Comparable { public static final JavaVersion CURRENT = parse(System.getProperty("java.specification.version")); - public static final JavaVersion JAVA_11 = parse("11"); public static final JavaVersion JAVA_17 = parse("17"); private final List version; diff --git a/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JavaVersion.java b/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JavaVersion.java index 0e4d0cf51..7aa3f484d 100644 --- a/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JavaVersion.java +++ b/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JavaVersion.java @@ -30,10 +30,10 @@ import java.util.Objects; public class JavaVersion implements Comparable { public static final JavaVersion CURRENT = parse(System.getProperty("java.specification.version")); - public static final JavaVersion JAVA_11 = parse("11"); + public static final JavaVersion JAVA_17 = parse("17"); private final List version; - private JavaVersion(List version){ + private JavaVersion(List version) { this.version = version; } diff --git a/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JvmOptionsParser.java b/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JvmOptionsParser.java index 84799da1c..d19b5f547 100644 --- a/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JvmOptionsParser.java +++ b/tools/jvm-options-parser/src/main/java/org/logstash/launchers/JvmOptionsParser.java @@ -114,11 +114,11 @@ public class JvmOptionsParser { handleJvmOptions(args, System.getenv("LS_JAVA_OPTS")); } - static void bailOnOldJava(){ - if (JavaVersion.CURRENT.compareTo(JavaVersion.JAVA_11) < 0) { + static void bailOnOldJava() { + if (JavaVersion.CURRENT.compareTo(JavaVersion.JAVA_17) < 0) { final String message = String.format( Locale.ROOT, - "The minimum required Java version is 11; your Java version from [%s] does not meet this requirement", + "The minimum required Java version is 17; your Java version from [%s] does not meet this requirement", System.getProperty("java.home") ); System.err.println(message); From 4e82655cd50a48e4d37988ebc2633b0f3206929b Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Mon, 16 Sep 2024 15:57:51 +0100 Subject: [PATCH 043/290] remove ingest-converter (#16453) Removed the tool Ingest Converter --- .fossa.yml | 4 - bin/ingest-convert.bat | 10 - bin/ingest-convert.sh | 4 - docs/index.asciidoc | 2 - docs/static/filebeat-modules.asciidoc | 4 - docs/static/ingest-convert.asciidoc | 90 ------- rakelib/artifacts.rake | 1 - settings.gradle | 3 +- tools/ingest-converter/build.gradle | 63 ----- tools/ingest-converter/gradle.properties | 2 - .../main/java/org/logstash/ingest/Append.java | 37 --- .../java/org/logstash/ingest/Convert.java | 37 --- .../main/java/org/logstash/ingest/Date.java | 37 --- .../main/java/org/logstash/ingest/GeoIp.java | 34 --- .../main/java/org/logstash/ingest/Grok.java | 37 --- .../main/java/org/logstash/ingest/Gsub.java | 34 --- .../org/logstash/ingest/IngestAppend.java | 72 ------ .../org/logstash/ingest/IngestConvert.java | 66 ----- .../org/logstash/ingest/IngestConverter.java | 231 ------------------ .../java/org/logstash/ingest/IngestDate.java | 97 -------- .../java/org/logstash/ingest/IngestGeoIp.java | 85 ------- .../java/org/logstash/ingest/IngestGrok.java | 99 -------- .../java/org/logstash/ingest/IngestGsub.java | 67 ----- .../java/org/logstash/ingest/IngestJson.java | 79 ------ .../org/logstash/ingest/IngestLowercase.java | 67 ----- .../org/logstash/ingest/IngestPipeline.java | 136 ----------- .../org/logstash/ingest/IngestRename.java | 66 ----- .../java/org/logstash/ingest/IngestSet.java | 80 ------ .../main/java/org/logstash/ingest/JsUtil.java | 210 ---------------- .../main/java/org/logstash/ingest/Json.java | 36 --- .../java/org/logstash/ingest/Lowercase.java | 37 --- .../java/org/logstash/ingest/Pipeline.java | 37 --- .../main/java/org/logstash/ingest/Rename.java | 33 --- .../main/java/org/logstash/ingest/Set.java | 36 --- .../java/org/logstash/ingest/AppendTest.java | 39 --- .../java/org/logstash/ingest/ConvertTest.java | 39 --- .../java/org/logstash/ingest/DateTest.java | 39 --- .../java/org/logstash/ingest/GeoIpTest.java | 39 --- .../java/org/logstash/ingest/GrokTest.java | 39 --- .../java/org/logstash/ingest/GsubTest.java | 39 --- .../java/org/logstash/ingest/IngestTest.java | 102 -------- .../java/org/logstash/ingest/JsonTest.java | 39 --- .../org/logstash/ingest/LowercaseTest.java | 39 --- .../org/logstash/ingest/PipelineTest.java | 55 ----- .../java/org/logstash/ingest/RenameTest.java | 39 --- .../java/org/logstash/ingest/SetTest.java | 39 --- .../org/logstash/ingest/ingestAppend.json | 11 - .../logstash/ingest/ingestAppendScalar.json | 11 - .../logstash/ingest/ingestComplexCase1.json | 52 ---- .../logstash/ingest/ingestComplexCase2.json | 41 ---- .../logstash/ingest/ingestComplexCase3.json | 35 --- .../logstash/ingest/ingestComplexCase4.json | 41 ---- .../org/logstash/ingest/ingestConvert.json | 10 - .../logstash/ingest/ingestConvertBoolean.json | 10 - .../logstash/ingest/ingestConvertString.json | 10 - .../org/logstash/ingest/ingestDate.json | 12 - .../ingest/ingestDateExtraFields.json | 14 -- .../ingest/ingestDotsInAppendField.json | 11 - .../ingest/ingestDotsInConvertField.json | 11 - .../ingest/ingestDotsInDateField.json | 14 -- .../ingest/ingestDotsInGeoIpField.json | 13 - .../ingest/ingestDotsInJsonField.json | 11 - .../ingest/ingestDotsInRenameField.json | 11 - .../logstash/ingest/ingestDotsInSetField.json | 11 - .../logstash/ingest/ingestGeoIpSimple.json | 16 -- .../org/logstash/ingest/ingestGrok.json | 15 -- .../ingestGrokMultiplePatternDefinitions.json | 19 -- .../ingest/ingestGrokPatternDefinition.json | 18 -- .../org/logstash/ingest/ingestGsubSimple.json | 12 - .../org/logstash/ingest/ingestJson.json | 10 - .../ingest/ingestJsonExtraFields.json | 11 - .../logstash/ingest/ingestLowercaseDots.json | 10 - .../ingest/ingestLowercaseSimple.json | 10 - .../org/logstash/ingest/ingestRename.json | 11 - .../org/logstash/ingest/ingestSet.json | 12 - .../org/logstash/ingest/ingestSetNumber.json | 11 - .../org/logstash/ingest/logstashAppend.conf | 15 -- .../logstash/ingest/logstashAppendScalar.conf | 12 - .../logstash/ingest/logstashComplexCase1.conf | 46 ---- .../logstash/ingest/logstashComplexCase2.conf | 33 --- .../logstash/ingest/logstashComplexCase3.conf | 31 --- .../logstash/ingest/logstashComplexCase4.conf | 36 --- .../org/logstash/ingest/logstashConvert.conf | 12 - .../ingest/logstashConvertBoolean.conf | 12 - .../ingest/logstashConvertString.conf | 12 - .../org/logstash/ingest/logstashDate.conf | 15 -- .../ingest/logstashDateExtraFields.conf | 17 -- .../ingest/logstashDotsInAppendField.conf | 15 -- .../ingest/logstashDotsInConvertField.conf | 12 - .../ingest/logstashDotsInDateField.conf | 17 -- .../ingest/logstashDotsInGeoIpField.conf | 15 -- .../ingest/logstashDotsInJsonField.conf | 11 - .../ingest/logstashDotsInRenameField.conf | 12 - .../ingest/logstashDotsInSetField.conf | 12 - .../logstash/ingest/logstashGeoIpSimple.conf | 15 -- .../org/logstash/ingest/logstashGrok.conf | 15 -- ...ogstashGrokMultiplePatternDefinitions.conf | 19 -- .../ingest/logstashGrokPatternDefinition.conf | 18 -- .../logstash/ingest/logstashGsubSimple.conf | 12 - .../org/logstash/ingest/logstashJson.conf | 10 - .../ingest/logstashJsonExtraFields.conf | 11 - .../ingest/logstashLowercaseDots.conf | 10 - .../ingest/logstashLowercaseSimple.conf | 10 - .../org/logstash/ingest/logstashRename.conf | 12 - .../org/logstash/ingest/logstashSet.conf | 12 - .../logstash/ingest/logstashSetNumber.conf | 12 - 106 files changed, 1 insertion(+), 3454 deletions(-) delete mode 100644 bin/ingest-convert.bat delete mode 100755 bin/ingest-convert.sh delete mode 100644 docs/static/ingest-convert.asciidoc delete mode 100644 tools/ingest-converter/build.gradle delete mode 100644 tools/ingest-converter/gradle.properties delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Append.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Convert.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Date.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/GeoIp.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Grok.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Gsub.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestAppend.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConvert.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConverter.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestDate.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGeoIp.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGrok.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGsub.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestJson.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestLowercase.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestPipeline.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestRename.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/IngestSet.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/JsUtil.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Json.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Lowercase.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Pipeline.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Rename.java delete mode 100644 tools/ingest-converter/src/main/java/org/logstash/ingest/Set.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/AppendTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/ConvertTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/DateTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/GeoIpTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/GrokTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/GsubTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/IngestTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/JsonTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/LowercaseTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/PipelineTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/RenameTest.java delete mode 100644 tools/ingest-converter/src/test/java/org/logstash/ingest/SetTest.java delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppend.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppendScalar.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase1.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase2.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase3.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase4.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvert.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertBoolean.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertString.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDate.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDateExtraFields.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInAppendField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInConvertField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInDateField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInGeoIpField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInJsonField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInRenameField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInSetField.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGeoIpSimple.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrok.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokMultiplePatternDefinitions.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokPatternDefinition.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGsubSimple.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJson.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJsonExtraFields.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseDots.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseSimple.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestRename.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSet.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSetNumber.json delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppend.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppendScalar.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase1.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase2.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase3.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase4.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvert.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertBoolean.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertString.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDate.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDateExtraFields.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInAppendField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInConvertField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInDateField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInGeoIpField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInJsonField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInRenameField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInSetField.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGeoIpSimple.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrok.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokMultiplePatternDefinitions.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokPatternDefinition.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGsubSimple.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJson.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJsonExtraFields.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseDots.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseSimple.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashRename.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSet.conf delete mode 100644 tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSetNumber.conf diff --git a/.fossa.yml b/.fossa.yml index 55e69801b..60fd562b6 100755 --- a/.fossa.yml +++ b/.fossa.yml @@ -21,10 +21,6 @@ analyze: type: gradle target: 'dependencies-report:' path: . - - name: ingest-converter - type: gradle - target: 'ingest-converter:' - path: . - name: logstash-core type: gradle target: 'logstash-core:' diff --git a/bin/ingest-convert.bat b/bin/ingest-convert.bat deleted file mode 100644 index e9067f428..000000000 --- a/bin/ingest-convert.bat +++ /dev/null @@ -1,10 +0,0 @@ -@echo off -setlocal enabledelayedexpansion - -cd /d "%~dp0\.." -for /f %%i in ('cd') do set RESULT=%%i - -"%JAVACMD%" -cp "!RESULT!\tools\ingest-converter\build\libs\ingest-converter.jar;*" ^ - org.logstash.ingest.Pipeline %* - -endlocal diff --git a/bin/ingest-convert.sh b/bin/ingest-convert.sh deleted file mode 100755 index 1205cebc5..000000000 --- a/bin/ingest-convert.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env bash - -java -cp "$(cd `dirname $0`/..; pwd)"'/tools/ingest-converter/build/libs/ingest-converter.jar:*' \ - org.logstash.ingest.Pipeline "$@" diff --git a/docs/index.asciidoc b/docs/index.asciidoc index 34dad2ee3..adbd2ce6a 100644 --- a/docs/index.asciidoc +++ b/docs/index.asciidoc @@ -116,8 +116,6 @@ include::static/managing-multiline-events.asciidoc[] include::static/glob-support.asciidoc[] -include::static/ingest-convert.asciidoc[] - include::static/field-reference.asciidoc[] //The `field-reference.asciidoc` file (included above) contains a diff --git a/docs/static/filebeat-modules.asciidoc b/docs/static/filebeat-modules.asciidoc index 404e21cf2..257bc8623 100644 --- a/docs/static/filebeat-modules.asciidoc +++ b/docs/static/filebeat-modules.asciidoc @@ -134,10 +134,6 @@ For a full example, see <>. //* <> //* <> // -//TIP: {ls} provides an <> -//to help you migrate ingest pipeline definitions to {ls} configs. The tool does -//not currently support all the processors that are available for ingest node, but -//it's a good starting point. // //[[parsing-apache2]] //==== Apache 2 Logs diff --git a/docs/static/ingest-convert.asciidoc b/docs/static/ingest-convert.asciidoc deleted file mode 100644 index b263faebd..000000000 --- a/docs/static/ingest-convert.asciidoc +++ /dev/null @@ -1,90 +0,0 @@ -[[ingest-converter]] -=== Converting Ingest Node Pipelines - -After implementing {ref}/ingest.html[ingest] pipelines to parse your data, you -might decide that you want to take advantage of the richer transformation -capabilities in Logstash. For example, you may need to use Logstash instead of -ingest pipelines if you want to: - -* Ingest from more inputs. Logstash can natively ingest data from many other -sources like TCP, UDP, syslog, and relational databases. - -* Use multiple outputs. Ingest node was designed to only support Elasticsearch -as an output, but you may want to use more than one output. For example, you may -want to archive your incoming data to S3 as well as indexing it in -Elasticsearch. - -* Take advantage of the richer transformation capabilities in Logstash, such as -external lookups. - -* Use the persistent queue feature to handle spikes when ingesting data (from -Beats and other sources). - -To make it easier for you to migrate your configurations, Logstash provides an -ingest pipeline conversion tool. The conversion tool takes the ingest pipeline -definition as input and, when possible, creates the equivalent Logstash -configuration as output. - -See <> for a full list of tool limitations. - -[[ingest-converter-run]] -==== Running the tool - -You'll find the conversion tool in the `bin` directory of your Logstash -installation. See <> to find the location of `bin` on your system. - -To run the conversion tool, use the following command: - -[source,shell] ------ -bin/ingest-convert.sh --input INPUT_FILE_URI --output OUTPUT_FILE_URI [--append-stdio] ------ - -Where: - -* `INPUT_FILE_URI` is a file URI that specifies the full path to the JSON file -that defines the ingest node pipeline. - -* `OUTPUT_FILE_URI` is the file URI of the Logstash DSL file that will be -generated by the tool. - -* `--append-stdio` is an optional flag that adds stdin and stdout sections to -the config instead of adding the default Elasticsearch output. - -This command expects a file URI, so make sure you use forward slashes and -specify the full path to the file. - -For example: - -[source,text] ------ -bin/ingest-convert.sh --input file:///tmp/ingest/apache.json --output file:///tmp/ingest/apache.conf ------ - - -[[ingest-converter-limitations]] -==== Limitations - -* Painless script conversion is not supported. - -* Only a subset of available processors are -<> for conversion. For -processors that are not supported, the tool produces a warning and continues -with a best-effort conversion. - -[[ingest-converter-supported-processors]] -==== Supported Processors - -The following ingest node processors are currently supported for conversion by -the tool: - -* Append -* Convert -* Date -* GeoIP -* Grok -* Gsub -* Json -* Lowercase -* Rename -* Set diff --git a/rakelib/artifacts.rake b/rakelib/artifacts.rake index 7e0c553a5..f4a8657c4 100644 --- a/rakelib/artifacts.rake +++ b/rakelib/artifacts.rake @@ -50,7 +50,6 @@ namespace "artifact" do "logstash-core-plugin-api/*.gemspec", "patterns/**/*", - "tools/ingest-converter/build/libs/ingest-converter.jar", "vendor/??*/**/*", # To include ruby-maven's hidden ".mvn" directory, we need to # do add the line below. This directory contains a file called diff --git a/settings.gradle b/settings.gradle index 4415c1417..aa27de379 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,10 +1,9 @@ rootProject.name = "logstash" -include ':logstash-core', 'logstash-core-benchmarks', 'ingest-converter', 'benchmark-cli', 'jvm-options-parser', 'logstash-integration-tests', 'dependencies-report' +include ':logstash-core', 'logstash-core-benchmarks', 'benchmark-cli', 'jvm-options-parser', 'logstash-integration-tests', 'dependencies-report' project(':logstash-core').projectDir = new File('./logstash-core') project(':logstash-core-benchmarks').projectDir = new File('./logstash-core/benchmarks') project(':logstash-integration-tests').projectDir = new File('./qa/integration') -project(':ingest-converter').projectDir = new File('./tools/ingest-converter') project(':benchmark-cli').projectDir = new File('./tools/benchmark-cli') project(':dependencies-report').projectDir = new File('./tools/dependencies-report') project(':jvm-options-parser').projectDir = new File('./tools/jvm-options-parser') diff --git a/tools/ingest-converter/build.gradle b/tools/ingest-converter/build.gradle deleted file mode 100644 index 62e4437a6..000000000 --- a/tools/ingest-converter/build.gradle +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import org.yaml.snakeyaml.Yaml - -// fetch version from Logstash's main versions.yml file -def versionMap = (Map) (new Yaml()).load(new File("$projectDir/../../versions.yml").text) - -description = """Ingest JSON to Logstash Grok Config Converter""" -version = versionMap['logstash-core'] -String jacksonDatabindVersion = versionMap['jackson-databind'] - -repositories { - mavenCentral() -} - -buildscript { - repositories { - mavenCentral() - gradlePluginPortal() - } - dependencies { - classpath "org.yaml:snakeyaml:${snakeYamlVersion}" - classpath "com.github.johnrengelman:shadow:${shadowGradlePluginVersion}" - } -} - -dependencies { - implementation 'net.sf.jopt-simple:jopt-simple:4.6' - implementation "com.fasterxml.jackson.core:jackson-databind:${jacksonDatabindVersion}" - testImplementation "junit:junit:4.13.2" - testImplementation 'commons-io:commons-io:2.16.1' -} - -javadoc { - enabled = true -} - -apply plugin: 'com.github.johnrengelman.shadow' - -shadowJar { - archiveBaseName = 'ingest-converter' - archiveClassifier = null - archiveVersion = '' -} - -assemble.dependsOn shadowJar diff --git a/tools/ingest-converter/gradle.properties b/tools/ingest-converter/gradle.properties deleted file mode 100644 index 7f7a1fae0..000000000 --- a/tools/ingest-converter/gradle.properties +++ /dev/null @@ -1,2 +0,0 @@ -isDistributedArtifact=false - diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Append.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Append.java deleted file mode 100644 index 131805f22..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Append.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Append DSL to Logstash mutate Transpiler. - */ -public final class Append { - - private Append() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_append_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Convert.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Convert.java deleted file mode 100644 index 802eb4e39..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Convert.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Convert DSL to Logstash Date Transpiler. - */ -public final class Convert { - - private Convert() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_convert_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Date.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Date.java deleted file mode 100644 index 91237ff07..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Date.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Date DSL to Logstash Date Transpiler. - */ -public final class Date { - - private Date() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_to_logstash_date"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/GeoIp.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/GeoIp.java deleted file mode 100644 index 949ca243f..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/GeoIp.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -public final class GeoIp { - - private GeoIp() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_to_logstash_geoip"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Grok.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Grok.java deleted file mode 100644 index 44d9f1890..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Grok.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest JSON DSL to Logstash Grok Transpiler. - */ -public final class Grok { - - private Grok() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_to_logstash_grok"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Gsub.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Gsub.java deleted file mode 100644 index 29ee3d01f..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Gsub.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -public final class Gsub { - - private Gsub() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_to_logstash_gsub"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestAppend.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestAppend.java deleted file mode 100644 index eee5d8dfb..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestAppend.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestAppend { - - /** - * Converts Ingest Append JSON to LS mutate filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestAppend::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", appendHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String appendHash(Map processor) { - Map append_json = processor.get("append"); - Object value = append_json.get("value"); - Object value_contents; - if (value instanceof List) { - value_contents = IngestConverter.createArray((List) value); - } else { - value_contents = IngestConverter.quoteString((String) value); - } - Object mutate_contents = IngestConverter.createField( - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) append_json.get("field"))), - (String) value_contents); - return IngestConverter.createField("add_field", IngestConverter.wrapInCurly((String) mutate_contents)); - } - - public static boolean has_append(Map processor) { - return processor.containsKey("append"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConvert.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConvert.java deleted file mode 100644 index 6c1128264..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConvert.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestConvert { - - /** - * Converts Ingest Convert JSON to LS Date filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestConvert::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", convertHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String convertHash(Map processor) { - Map convert_json = processor.get("convert"); - - Object mutate_contents = IngestConverter.createField( - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) convert_json.get("field"))), - IngestConverter.quoteString((String) convert_json.get("type"))); - return IngestConverter.createField("convert", IngestConverter.wrapInCurly((String) mutate_contents)); - } - - public static boolean has_convert(Map processor) { - return processor.containsKey("convert"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConverter.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConverter.java deleted file mode 100644 index 16bc91e3c..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestConverter.java +++ /dev/null @@ -1,231 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.logstash.ingest; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; -import java.util.stream.Collectors; - -public class IngestConverter { - - /** - * Translates the JSON naming pattern (`name.qualifier.sub`) into the LS pattern - * [name][qualifier][sub] for all applicable tokens in the given string. - * This function correctly identifies and omits renaming of string literals. - * @param content to replace naming pattern in - * @returns {string} with Json naming translated into grok naming - */ - public static String dotsToSquareBrackets(String content) { - final Pattern pattern = Pattern.compile("\\(\\?:%\\{.*\\|-\\)"); - final Matcher matcher = pattern.matcher(content); - List tokens = new ArrayList<>(); - String right = content; - while (matcher.find()) { - final int start = matcher.start(); - final int end = matcher.end(); - final String matchContent = content.substring(start, end); - right = content.substring(end); - tokens.add(tokenDotsToSquareBrackets(content.substring(0, start))); - tokens.add(matchContent); - } - tokens.add(tokenDotsToSquareBrackets(right)); - return String.join("", tokens); - } - - private static String tokenDotsToSquareBrackets(String content) { - //Break out if this is not a naming pattern we convert - final String adjusted; - if (Pattern.compile("([\\w_]+\\.)+[\\w_]+").matcher(content).find()) { - adjusted = content.replaceAll("(\\w*)\\.(\\w*)", "$1][$2") - .replaceAll("\\[(\\w+)(}|$)", "[$1]$2") - .replaceAll("\\{(\\w+):(\\w+)]", "{$1:[$2]") - .replaceAll("^(\\w+)]\\[", "[$1]["); - } else { - adjusted = content; - } - return adjusted; - } - - public static String quoteString(String content) { - return "\"" + content.replace("\"", "\\\"") + "\""; - } - - public static String wrapInCurly(String content) { - return "{\n" + content + "\n}"; - } - - public static String createField(String fieldName, String content) { - return fieldName + " => " + content; - } - - public static String createHash(String fieldName, String content) { - return fieldName + " " + wrapInCurly(content); - } - - /** - * All hash fields in LS start on a new line. - * @param fields Array of Strings of Serialized Hash Fields - * @returns {string} Joined Serialization of Hash Fields - */ - public static String joinHashFields(String... fields) { - return String.join("\n", fields); - } - - /** - * Fixes indentation in LS string. - * @param content LS string to fix indentation in, that has no indentation intentionally with - * all lines starting on a token without preceding spaces. - * @return LS string indented by 3 spaces per level - */ - public static String fixIndent(String content) { - final String[] lines = content.split("\n"); - int count = 0; - for (int i = 0; i < lines.length; i++) { - if (Pattern.compile("(\\{|\\[)$").matcher(lines[i]).find()) { - lines[i] = indent(lines[i], count); - ++count; - } else if (Pattern.compile("(\\}|\\])$").matcher(lines[i]).find()) { - --count; - lines[i] = indent(lines[i], count); - // Only indent line if previous line ended on relevant control char. - } else if (i > 0 && Pattern.compile("(=>\\s+\".+\"|,|\\{|\\}|\\[|\\])$").matcher(lines[i - 1]).find()) { - lines[i] = indent(lines[i], count); - } - } - - return String.join("\n", lines); - } - - private static String indent(String content, int shifts) { - StringBuilder spacing = new StringBuilder(); - for (int i = 0; i < shifts * 3; i++) { - spacing.append(" "); - } - return spacing.append(content).toString(); - } - - /** - * Converts Ingest/JSON style pattern array to LS pattern array, performing necessary variable - * name and quote escaping adjustments. - * @param patterns Pattern Array in JSON formatting - * @return Pattern array in LS formatting - */ - public static String createPatternArray(String... patterns) { - final String body = Arrays.stream(patterns) - .map(IngestConverter::dotsToSquareBrackets) - .map(IngestConverter::quoteString) - .collect(Collectors.joining(",\n")); - return "[\n" + body + "\n]"; - } - - public static String createArray(List ingestArray) { - final String body = ingestArray.stream() - .map(IngestConverter::quoteString) - .collect(Collectors.joining(",\n")); - return "[\n" + body + "\n]"; - } - - - /** - * Converts Ingest/JSON style pattern array to LS pattern array or string if the given array - * contains a single element only, performing necessary variable name and quote escaping - * adjustments. - * @param patterns Pattern Array in JSON formatting - * @return Pattern array or string in LS formatting - */ - public static String createPatternArrayOrField(String... patterns) { - return patterns.length == 1 - ? quoteString(dotsToSquareBrackets(patterns[0])) - : createPatternArray(patterns); - } - - public static String filterHash(String contents) { - return fixIndent(createHash("filter", contents)); - } - - public static String filtersToFile(String... filters) { - return String.join("\n\n", filters) + "\n"; - } - - /** - * Does it have an on_failure field? - * @param processor Json - * @param name Name of the processor - * @return true if has on failure - */ - @SuppressWarnings("rawtypes") - public static boolean hasOnFailure(Map processor, String name) { - final List onFailure = (List) processor.get(name).get("on_failure"); - return onFailure != null && !onFailure.isEmpty(); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - public static List> getOnFailure(Map processor, String name) { - return (List>) processor.get(name).get("on_failure"); - } - - /** - * Creates an if clause with the tag name - * @param tag String tag name to find in [tags] field - * @param onFailurePipeline The on failure pipeline converted to LS to tack on in the conditional - * @return a string representing a conditional logic - */ - public static String createTagConditional(String tag, String onFailurePipeline) { - return "if " + quoteString(tag) + " in [tags] {\n" + - onFailurePipeline + "\n" + - "}"; - } - - public static String getElasticsearchOutput() { - return fixIndent("output {\n" + - "elasticsearch {\n" + - "hosts => \"localhost\"\n" + - "}\n" + - "}"); - } - - public static String getStdinInput() { - return fixIndent("input {\n" + - "stdin {\n" + - "}\n" + - "}"); - } - - public static String getStdoutOutput() { - return fixIndent("output {\n" + - "stdout {\n" + - "codec => \"rubydebug\"\n" + - "}\n" + - "}"); - } - - public static String appendIoPlugins(List filtersPipeline, boolean appendStdio) { - // TODO create unique list to join all - String filtersPipelineStr = String.join("\n", filtersPipeline); - if (appendStdio) { - return String.join("\n", IngestConverter.getStdinInput(), filtersPipelineStr, IngestConverter.getStdoutOutput()); - } else { - return String.join("\n", filtersPipelineStr, IngestConverter.getElasticsearchOutput()); - } - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestDate.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestDate.java deleted file mode 100644 index 6aea685e8..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestDate.java +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestDate { - - /** - * Converts Ingest Date JSON to LS Date filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestDate::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("date", dateHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String dateHash(Map processor) { - Map date_json = processor.get("date"); - List formats = (List) date_json.get("formats"); - - final String firstElem = IngestConverter.dotsToSquareBrackets((String) date_json.get("field")); - List match_contents = new ArrayList<>(); - match_contents.add(firstElem); - for (String f : formats) { - match_contents.add(f); - } - String date_contents = IngestConverter.createField( - "match", - IngestConverter.createPatternArray(match_contents.toArray(new String[0]))); - if (JsUtil.isNotEmpty((String) date_json.get("target_field"))) { - String target = IngestConverter.createField( - "target", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) date_json.get("target_field")) - ) - ); - date_contents = IngestConverter.joinHashFields(date_contents, target); - } - if (JsUtil.isNotEmpty((String) date_json.get("timezone"))) { - String timezone = IngestConverter.createField( - "timezone", - IngestConverter.quoteString((String) date_json.get("timezone")) - ); - date_contents = IngestConverter.joinHashFields(date_contents, timezone); - } - if (JsUtil.isNotEmpty((String) date_json.get("locale"))) { - String locale = IngestConverter.createField( - "locale", - IngestConverter.quoteString((String) date_json.get("locale")) - ); - date_contents = IngestConverter.joinHashFields(date_contents, locale); - } - return date_contents; - } - - public static boolean has_date(Map processor) { - return processor.containsKey("date"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGeoIp.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGeoIp.java deleted file mode 100644 index 3394ba52d..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGeoIp.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestGeoIp { - - - /** - * Converts Ingest Date JSON to LS Date filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestGeoIp::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("geoip", geoIpHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String geoIpHash(Map processor) { - Map geoip_data = processor.get("geoip"); - final String sourceField = IngestConverter.createField( - "source", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) geoip_data.get("field")) - ) - ); - - final String targetField = IngestConverter.createField( - "target", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) geoip_data.get("target_field")) - ) - ); - - if (geoip_data.containsKey("properties")) { - String fields = IngestConverter.createField( - "fields", - IngestConverter.createPatternArray(((List) geoip_data.get("properties")).toArray(new String[0]) - )); - return IngestConverter.joinHashFields(sourceField, targetField, fields); - } else { - return IngestConverter.joinHashFields(sourceField, targetField); - } - } - - public static boolean has_geoip(Map processor) { - return processor.containsKey("geoip"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGrok.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGrok.java deleted file mode 100644 index 9c8c8067b..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGrok.java +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestGrok { - - /** - * Converts Ingest JSON to LS Grok. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestGrok::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("grok", grokHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String grokHash(Map processor) { - Map grok_data = processor.get("grok"); - String grok_contents = createHashField("match", - IngestConverter.createField( - IngestConverter.quoteString((String) grok_data.get("field")), - IngestConverter.createPatternArrayOrField(((List) grok_data.get("patterns")).toArray(new String[0])) - )); - if (grok_data.containsKey("pattern_definitions")) { - grok_contents = IngestConverter.joinHashFields( - grok_contents, - createPatternDefinitionHash((Map) grok_data.get("pattern_definitions")) - ); - } - return grok_contents; - } - - private static String createHashField(String name, String content) { - return IngestConverter.createField(name, IngestConverter.wrapInCurly(content)); - } - - private static String createPatternDefinitionHash(Map definitions) { - List content = new ArrayList<>(); - for(Map.Entry entry : definitions.entrySet()) { - content.add(IngestConverter.createField( - IngestConverter.quoteString(entry.getKey()), - IngestConverter.quoteString(entry.getValue()))); - } - - final String patternDefs = content.stream().map(IngestConverter::dotsToSquareBrackets) - .collect(Collectors.joining("\n")); - - return createHashField( - "pattern_definitions", - patternDefs - ); - } - - public static boolean has_grok(Map processor) { - return processor.containsKey(get_name()); - } - - public static String get_name() { - return "grok"; - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGsub.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGsub.java deleted file mode 100644 index 1ff3e3b51..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestGsub.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestGsub { - - /** - * Converts Ingest JSON to LS Grok. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestGsub::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", gsubHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String gsubHash(Map processor) { - Map gsub_data = processor.get("gsub"); - final String body = String.join(", ", - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) gsub_data.get("field"))), - IngestConverter.quoteString((String) gsub_data.get("pattern")), - IngestConverter.quoteString((String) gsub_data.get("replacement"))); - - return IngestConverter.createField("gsub", "[\n" + body + "\n]"); - } - - public static boolean has_gsub(Map processor) { - return processor.containsKey("gsub"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestJson.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestJson.java deleted file mode 100644 index 77a9b37df..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestJson.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestJson { - - /** - * Converts Ingest json processor to LS json filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestJson::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("json", jsonHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String jsonHash(Map processor) { - Map json_data = processor.get("json"); - - List parts = new ArrayList(); - parts.add(IngestConverter.createField("source", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) json_data.get("field")) - ) - )); - - if (json_data.containsKey("target_field")) { - parts.add(IngestConverter.createField( - "target", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) json_data.get("target_field")) - ) - )); - } - return IngestConverter.joinHashFields(parts.toArray(new String[0])); - } - - public static boolean has_json(Map processor) { - return processor.containsKey("json"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestLowercase.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestLowercase.java deleted file mode 100644 index 09b3c703a..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestLowercase.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestLowercase { - - /** - * Converts Ingest Lowercase JSON to LS mutate filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestLowercase::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", lowercaseHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String lowercaseHash(Map processor) { - Map lowercase_data = processor.get("lowercase"); - return IngestConverter.createField( - "lowercase", - IngestConverter.quoteString( - IngestConverter.dotsToSquareBrackets((String) lowercase_data.get("field")) - ) - ); - } - - public static boolean has_lowercase(Map processor) { - return processor.containsKey("lowercase"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestPipeline.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestPipeline.java deleted file mode 100644 index 1084f680c..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestPipeline.java +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestPipeline { - - /** - * Converts Ingest JSON to LS. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestPipeline::mapProcessor).collect(Collectors.toList()); - - String logstash_pipeline = IngestConverter.filterHash( - IngestConverter.joinHashFields(filters_pipeline.toArray(new String[0]))); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(Collections.singletonList(logstash_pipeline), appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - List filter_blocks = new ArrayList<>(); - if (IngestGrok.has_grok(processor)) { - filter_blocks.add(IngestConverter.createHash(IngestGrok.get_name(), IngestGrok.grokHash(processor))); - - if (IngestConverter.hasOnFailure(processor, IngestGrok.get_name())) { - filter_blocks.add( - handle_on_failure_pipeline( - IngestConverter.getOnFailure(processor, IngestGrok.get_name()), - "_grokparsefailure" - ) - ); - } - } - boolean processed = false; - if (IngestDate.has_date(processor)) { - filter_blocks.add( - IngestConverter.createHash("date", IngestDate.dateHash(processor)) - ); - processed = true; - } - if (IngestGeoIp.has_geoip(processor)) { - filter_blocks.add( - IngestConverter.createHash("geoip", IngestGeoIp.geoIpHash(processor)) - ); - processed = true; - } - if (IngestConvert.has_convert(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestConvert.convertHash(processor)) - ); - processed = true; - } - if (IngestGsub.has_gsub(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestGsub.gsubHash(processor)) - ); - processed = true; - } - if (IngestAppend.has_append(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestAppend.appendHash(processor)) - ); - processed = true; - } - if (IngestJson.has_json(processor)) { - filter_blocks.add( - IngestConverter.createHash("json", IngestJson.jsonHash(processor)) - ); - processed = true; - } - if (IngestRename.has_rename(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestRename.renameHash(processor)) - ); - processed = true; - } - if (IngestLowercase.has_lowercase(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestLowercase.lowercaseHash(processor)) - ); - processed = true; - } - if (IngestSet.has_set(processor)) { - filter_blocks.add( - IngestConverter.createHash("mutate", IngestSet.setHash(processor)) - ); - processed = true; - } - if (!processed) { - System.out.println("WARN Found unrecognized processor named: " + processor.keySet().iterator().next()); - } - return IngestConverter.joinHashFields(filter_blocks.toArray(new String[0])); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String handle_on_failure_pipeline(List on_failure_json, String tag_name) { - final List mapped = on_failure_json.stream().map(IngestPipeline::mapProcessor).collect(Collectors.toList()); - return IngestConverter.createTagConditional(tag_name, - IngestConverter.joinHashFields(mapped.toArray(new String[0])) - ); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestRename.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestRename.java deleted file mode 100644 index a21c81f53..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestRename.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestRename { - - /** - * Converts Ingest Rename JSON to LS mutate filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestRename::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", renameHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String renameHash(Map processor) { - Map rename_json = processor.get("rename"); - final String mutateContents = IngestConverter.createField( - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) rename_json.get("field"))), - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) rename_json.get("target_field"))) - ); - return IngestConverter.createField("rename", IngestConverter.wrapInCurly(mutateContents)); - } - - public static boolean has_rename(Map processor) { - return processor.containsKey("rename"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestSet.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestSet.java deleted file mode 100644 index 044d787ed..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/IngestSet.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.ingest; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -public class IngestSet { - - /** - * Converts Ingest Set JSON to LS mutate filter. - */ - @SuppressWarnings({"rawtypes", "unchecked"}) - public static String toLogstash(String json, boolean appendStdio) throws JsonProcessingException { - ObjectMapper mapper = new ObjectMapper(); - TypeReference> typeRef = new TypeReference>() {}; - final HashMap jsonDefinition = mapper.readValue(json, typeRef); - final List processors = (List) jsonDefinition.get("processors"); - List filters_pipeline = processors.stream().map(IngestSet::mapProcessor).collect(Collectors.toList()); - - return IngestConverter.filtersToFile( - IngestConverter.appendIoPlugins(filters_pipeline, appendStdio)); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - private static String mapProcessor(Map processor) { - return IngestConverter.filterHash(IngestConverter.createHash("mutate", setHash(processor))); - } - - @SuppressWarnings({"rawtypes", "unchecked"}) - static String setHash(Map processor) { - Map set_json = processor.get("set"); - final Object value = set_json.get("value"); - final Object value_contents; - if (value instanceof String) { - value_contents = IngestConverter.quoteString((String) value); - } else { - value_contents = value; - } - if (set_json.containsKey("if") && set_json.get("if") != null) { - String painless_condition = (String) set_json.get("if"); - if (!painless_condition.isEmpty()) { - System.out.println("WARN Found in 'set' processor an 'if' painless condition not translated: " + painless_condition); - } - - } - - String mutate_contents = IngestConverter.createField( - IngestConverter.quoteString(IngestConverter.dotsToSquareBrackets((String) set_json.get("field"))), - value_contents.toString()); - return IngestConverter.createField("add_field", IngestConverter.wrapInCurly(mutate_contents)); - } - - public static boolean has_set(Map processor) { - return processor.containsKey("set"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/JsUtil.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/JsUtil.java deleted file mode 100644 index 806c2f36f..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/JsUtil.java +++ /dev/null @@ -1,210 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.Reader; -import java.net.URI; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Paths; -import javax.script.Invocable; -import javax.script.ScriptEngine; -import javax.script.ScriptEngineManager; -import javax.script.ScriptException; -import joptsimple.OptionException; -import joptsimple.OptionParser; -import joptsimple.OptionSet; -import joptsimple.OptionSpec; - -final class JsUtil { - - /** - * Script names used by the converter in correct load order. - */ - - private static final String[] SCRIPTS = { - "shared", "date", "grok", "geoip", "gsub", "pipeline", "convert", "append", "json", - "rename", "lowercase", "set" - }; - - private JsUtil() { - // Utility Class - } - - /** - * Sets up a {@link ScriptEngine} with all Ingest to LS DSL Converter JS scripts loaded. - * @return {@link ScriptEngine} for Ingest to LS DSL Converter - */ - public static ScriptEngine engine() { - final ScriptEngine engine = - new ScriptEngineManager().getEngineByName("nashorn"); - try { - for (final String file : SCRIPTS) { - add(engine, String.format("/ingest-%s.js", file)); - } - } catch (final IOException | ScriptException ex) { - throw new IllegalStateException(ex); - } - return engine; - } - - /** - * Converts the given files from ingest to LS conf using the javascript function - * @param args CLI Arguments - * @param jsFunc JS function to call - * @throws ScriptException - * @throws NoSuchMethodException - */ - public static void convert(final String[] args, final String jsFunc) - throws ScriptException, NoSuchMethodException { - final OptionParser parser = new OptionParser(); - final OptionSpec input = parser.accepts( - "input", - "Input JSON file location URI. Only supports 'file://' as URI schema." - ).withRequiredArg().ofType(URI.class).required().forHelp(); - final OptionSpec output = parser.accepts( - "output", - "Output Logstash DSL file location URI. Only supports 'file://' as URI schema." - ).withRequiredArg().ofType(URI.class).required().forHelp(); - final OptionSpec appendStdio = parser.accepts( - "append-stdio", - "Flag to append stdin and stdout as outputs instead of the default ES output." - ).forHelp(); - try { - final OptionSet options; - try { - options = parser.parse(args); - } catch (final OptionException ex) { - parser.printHelpOn(System.out); - throw ex; - } - switch (jsFunc) { - case "ingest_append_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestAppend.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_convert_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestConvert.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_to_logstash_date": - Files.write( - Paths.get(options.valueOf(output)), - IngestDate.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_to_logstash_geoip": - Files.write( - Paths.get(options.valueOf(output)), - IngestGeoIp.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_to_logstash_grok": - Files.write( - Paths.get(options.valueOf(output)), - IngestGrok.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_to_logstash_gsub": - Files.write( - Paths.get(options.valueOf(output)), - IngestGsub.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_json_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestJson.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_lowercase_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestLowercase.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_rename_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestRename.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_set_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestSet.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - case "ingest_pipeline_to_logstash": - Files.write( - Paths.get(options.valueOf(output)), - IngestPipeline.toLogstash(input(options.valueOf(input)), options.has(appendStdio)).getBytes(StandardCharsets.UTF_8) - ); - break; - - default: { - throw new IllegalArgumentException("Can't recognize " + jsFunc + " processor"); - } - } - - } catch (final IOException ex) { - throw new IllegalStateException(ex); - } - } - - /** - * Retrieves the input Ingest JSON from a given {@link URI}. - * @param uri {@link URI} of Ingest JSON - * @return Json String - * @throws IOException On failure to load Ingest JSON - */ - private static String input(final URI uri) throws IOException { - if ("file".equals(uri.getScheme())) { - return new String( - Files.readAllBytes(Paths.get(uri)), StandardCharsets.UTF_8 - ); - } - throw new IllegalArgumentException("--input must be of schema file://"); - } - - private static void add(final ScriptEngine engine, final String file) - throws IOException, ScriptException { - try (final Reader reader = - new InputStreamReader(JsUtil.class.getResourceAsStream(file))) { - engine.eval(reader); - } - } - - /*** - * Not empty check with nullability - * @param s string to check - * @return true iff s in not null and not empty - */ - static boolean isNotEmpty(String s) { - return s != null && !s.isEmpty(); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Json.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Json.java deleted file mode 100644 index 21b10d856..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Json.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest JSON processor DSL to Logstash json Transpiler. - */ -public class Json { - private Json() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_json_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Lowercase.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Lowercase.java deleted file mode 100644 index 77ccb8c64..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Lowercase.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Lowercase DSL to Logstash mutate Transpiler. - */ -public final class Lowercase { - - private Lowercase() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_lowercase_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Pipeline.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Pipeline.java deleted file mode 100644 index e888852f7..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Pipeline.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Full DSL to Logstash DSL Transpiler. - */ -public final class Pipeline { - - private Pipeline() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_pipeline_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Rename.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Rename.java deleted file mode 100644 index dac5129a0..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Rename.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -public class Rename { - private Rename() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_rename_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/main/java/org/logstash/ingest/Set.java b/tools/ingest-converter/src/main/java/org/logstash/ingest/Set.java deleted file mode 100644 index 587295869..000000000 --- a/tools/ingest-converter/src/main/java/org/logstash/ingest/Set.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import javax.script.ScriptException; - -/** - * Ingest Set DSL to Logstash mutate Transpiler. - */ -public class Set { - private Set() { - // Utility Wrapper for JS Script. - } - - public static void main(final String... args) throws ScriptException, NoSuchMethodException { - JsUtil.convert(args, "ingest_set_to_logstash"); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/AppendTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/AppendTest.java deleted file mode 100644 index 0fa5cd43d..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/AppendTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class AppendTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Append", "DotsInAppendField", "AppendScalar"); - } - - @Test - public void convertsAppendProcessorCorrectly() throws Exception { - assertCorrectConversion(Append.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/ConvertTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/ConvertTest.java deleted file mode 100644 index e2197e116..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/ConvertTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class ConvertTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Convert", "DotsInConvertField", "ConvertBoolean", "ConvertString"); - } - - @Test - public void convertsConvertProcessorCorrectly() throws Exception { - assertCorrectConversion(Convert.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/DateTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/DateTest.java deleted file mode 100644 index 49a475d2a..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/DateTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class DateTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Date", "DateExtraFields", "DotsInDateField"); - } - - @Test - public void convertsDateFieldCorrectly() throws Exception { - assertCorrectConversion(Date.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/GeoIpTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/GeoIpTest.java deleted file mode 100644 index fb83ad3be..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/GeoIpTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class GeoIpTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("GeoIpSimple", "DotsInGeoIpField"); - } - - @Test - public void convertsGeoIpFieldCorrectly() throws Exception { - assertCorrectConversion(GeoIp.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/GrokTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/GrokTest.java deleted file mode 100644 index d423baf5f..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/GrokTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class GrokTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Grok", "GrokPatternDefinition", "GrokMultiplePatternDefinitions"); - } - - @Test - public void convertsGrokFieldCorrectly() throws Exception { - assertCorrectConversion(Grok.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/GsubTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/GsubTest.java deleted file mode 100644 index 26f422c13..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/GsubTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Collections; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class GsubTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Collections.singletonList("GsubSimple"); - } - - @Test - public void convertsGsubCorrectly() throws Exception { - assertCorrectConversion(Gsub.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/IngestTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/IngestTest.java deleted file mode 100644 index d8983abe1..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/IngestTest.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.nio.charset.StandardCharsets; -import java.util.regex.Pattern; -import org.apache.commons.io.IOUtils; -import org.junit.Rule; -import org.junit.rules.TemporaryFolder; -import org.junit.runner.RunWith; -import org.junit.runners.Parameterized; - -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.junit.runners.Parameterized.Parameter; - -/** - * Base class for ingest migration tests - */ -@RunWith(Parameterized.class) -public abstract class IngestTest { - - /** - * Used to normalize line endings since static reference result files have Unix line endings. - */ - private static final Pattern CR_LF = - Pattern.compile("\\r\\n"); - - /** - * Used to normalize line endings since static reference result files have Unix line endings. - */ - private static final Pattern CARRIAGE_RETURN = Pattern.compile("\\r"); - - @Rule - public TemporaryFolder temp = new TemporaryFolder(); - - @Parameter - public String testCase; - - protected final void assertCorrectConversion(final Class clazz) throws Exception { - final URL append = getResultPath(temp); - clazz.getMethod("main", String[].class).invoke( - null, - (Object) new String[]{ - String.format("--input=%s", resourcePath(String.format("ingest%s.json", testCase))), - String.format("--output=%s", append) - } - ); - assertThat( - utf8File(append), is(utf8File(resourcePath(String.format("logstash%s.conf", testCase)))) - ); - } - - /** - * Reads a file, normalizes line endings to Unix line endings and returns the whole content - * as a String. - * @param path Url to read - * @return String content of the URL - * @throws IOException On failure to read from given URL - */ - private static String utf8File(final URL path) throws IOException { - final ByteArrayOutputStream baos = new ByteArrayOutputStream(); - try (final InputStream input = path.openStream()) { - IOUtils.copy(input, baos); - } - return CARRIAGE_RETURN.matcher( - CR_LF.matcher( - baos.toString(StandardCharsets.UTF_8.name()) - ).replaceAll("\n") - ).replaceAll("\n"); - } - - private static URL resourcePath(final String name) { - return IngestTest.class.getResource(name); - } - - private static URL getResultPath(TemporaryFolder temp) throws IOException { - return temp.newFolder().toPath().resolve("converted").toUri().toURL(); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/JsonTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/JsonTest.java deleted file mode 100644 index cb7bf65b0..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/JsonTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class JsonTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Json", "DotsInJsonField", "JsonExtraFields"); - } - - @Test - public void convertsConvertProcessorCorrectly() throws Exception { - assertCorrectConversion(Json.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/LowercaseTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/LowercaseTest.java deleted file mode 100644 index e6231dc60..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/LowercaseTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class LowercaseTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("LowercaseSimple", "LowercaseDots"); - } - - @Test - public void convertsAppendProcessorCorrectly() throws Exception { - assertCorrectConversion(Lowercase.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/PipelineTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/PipelineTest.java deleted file mode 100644 index 830f5c466..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/PipelineTest.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.ArrayList; -import java.util.Collection; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class PipelineTest extends IngestTest { - - @Parameters - public static Iterable data() { - final Collection cases = new ArrayList<>(); - cases.add("ComplexCase1"); - cases.add("ComplexCase2"); - cases.add("ComplexCase3"); - cases.add("ComplexCase4"); - GeoIpTest.data().forEach(cases::add); - DateTest.data().forEach(cases::add); - GrokTest.data().forEach(cases::add); - ConvertTest.data().forEach(cases::add); - GsubTest.data().forEach(cases::add); - AppendTest.data().forEach(cases::add); - JsonTest.data().forEach(cases::add); - RenameTest.data().forEach(cases::add); - LowercaseTest.data().forEach(cases::add); - SetTest.data().forEach(cases::add); - return cases; - } - - @Test - public void convertsComplexCaseCorrectly() throws Exception { - assertCorrectConversion(Pipeline.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/RenameTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/RenameTest.java deleted file mode 100644 index 2ecd074eb..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/RenameTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class RenameTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Rename", "DotsInRenameField"); - } - - @Test - public void convertsConvertProcessorCorrectly() throws Exception { - assertCorrectConversion(Rename.class); - } -} diff --git a/tools/ingest-converter/src/test/java/org/logstash/ingest/SetTest.java b/tools/ingest-converter/src/test/java/org/logstash/ingest/SetTest.java deleted file mode 100644 index 8682b616c..000000000 --- a/tools/ingest-converter/src/test/java/org/logstash/ingest/SetTest.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - -package org.logstash.ingest; - -import java.util.Arrays; -import org.junit.Test; - -import static org.junit.runners.Parameterized.Parameters; - -public final class SetTest extends IngestTest { - - @Parameters - public static Iterable data() { - return Arrays.asList("Set", "DotsInSetField", "SetNumber"); - } - - @Test - public void convertsSetProcessorCorrectly() throws Exception { - assertCorrectConversion(Set.class); - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppend.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppend.json deleted file mode 100644 index 471d4337c..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppend.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "append": { - "field" : "client", - "value": ["host1", "host2"] - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppendScalar.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppendScalar.json deleted file mode 100644 index 34ad59e5e..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestAppendScalar.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "append": { - "field" : "foo", - "value": "bar" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase1.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase1.json deleted file mode 100644 index 370fd72d6..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase1.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": [ - "%{COMBINEDAPACHELOG}" - ] - } - }, - { - "date": { - "field": "timestamp", - "target_field": "@timestamp", - "formats": [ - "dd/MMM/YYYY:HH:mm:ss Z" - ], - "locale": "en" - } - }, - { - "geoip": { - "field": "client.ip", - "target_field": "geo" - } - }, - { - "convert": { - "field" : "bytes", - "type": "integer" - } - }, - { - "append": { - "field" : "response_code", - "value": ["200", "400", "503"] - } - }, - { - "json": { - "field": "string_source" - } - }, - { - "rename": { - "field": "foo", - "target_field": "foobar" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase2.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase2.json deleted file mode 100644 index 054f6e3fb..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase2.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": [ - "%{COMBINEDAPACHELOG}" - ] - } - }, - { - "date": { - "field": "timestamp", - "target_field": "@timestamp", - "formats": [ - "dd/MMM/YYYY:HH:mm:ss Z" - ], - "locale": "en" - } - }, - { - "geoip": { - "field": "client.ip", - "target_field": "client.geo" - } - }, - { - "geoip": { - "field": "source.ip", - "target_field": "source.geo" - } - }, - { - "convert": { - "field" : "[client][bytes]", - "type": "integer" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase3.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase3.json deleted file mode 100644 index d059b3536..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase3.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": ["%{COMBINEDAPACHELOG}"], - "on_failure" : [ - { - "set" : { - "field" : "error", - "value" : "field does not exist" - } - } - ] - } - }, - { - "date": { - "field": "timestamp", - "target_field": "@timestamp", - "formats": [ - "dd/MMM/YYYY:HH:mm:ss Z" - ], - "locale": "en" - } - }, - { - "geoip": { - "field": "clientip", - "target_field": "geo" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase4.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase4.json deleted file mode 100644 index c63bda673..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestComplexCase4.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": ["%{COMBINEDAPACHELOG}"], - "on_failure" : [ - { - "set" : { - "field" : "error", - "value" : "field does not exist" - } - }, - { - "convert": { - "field" : "client.ip", - "type": "integer" - } - } - ] - } - }, - { - "date": { - "field": "timestamp", - "target_field": "@timestamp", - "formats": [ - "dd/MMM/YYYY:HH:mm:ss Z" - ], - "locale": "en" - } - }, - { - "geoip": { - "field": "clientip", - "target_field": "geo" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvert.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvert.json deleted file mode 100644 index 11b730dcd..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvert.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "processors": [ - { - "convert": { - "field" : "bytes", - "type": "integer" - } - } -] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertBoolean.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertBoolean.json deleted file mode 100644 index 3904f5ab8..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertBoolean.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "processors": [ - { - "convert": { - "field" : "delete", - "type": "boolean" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertString.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertString.json deleted file mode 100644 index e61614c56..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestConvertString.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "processors": [ - { - "convert": { - "field" : "blah", - "type": "string" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDate.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDate.json deleted file mode 100644 index b93104bc2..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDate.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "description" : "...", - "processors" : [ - { - "date" : { - "field" : "initial_date", - "target_field" : "timestamp", - "formats" : ["dd/MM/yyyy hh:mm:ss", "dd/MM/yyyy"] - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDateExtraFields.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDateExtraFields.json deleted file mode 100644 index 8a342f95a..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDateExtraFields.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "description" : "...", - "processors" : [ - { - "date" : { - "field" : "initial_date", - "target_field" : "timestamp", - "formats" : ["dd/MM/yyyy hh:mm:ss", "dd/MM/yyyy"], - "timezone" : "Europe/Amsterdam", - "locale": "en" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInAppendField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInAppendField.json deleted file mode 100644 index 70989b354..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInAppendField.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "append": { - "field" : "client.ip", - "value": ["127.0.0.1", "127.0.0.2"] - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInConvertField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInConvertField.json deleted file mode 100644 index c8ac73b1b..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInConvertField.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "Pipeline to parse Apache logs", - "processors": [ - { - "convert": { - "field" : "client.bytes", - "type": "float" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInDateField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInDateField.json deleted file mode 100644 index 4a9a35766..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInDateField.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "description" : "...", - "processors" : [ - { - "date" : { - "field" : "initial_date", - "target_field" : "apache.timestamp", - "formats" : ["dd/MM/yyyy hh:mm:ss", "dd/MM/yyyy"], - "timezone" : "Europe/Amsterdam", - "locale": "en" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInGeoIpField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInGeoIpField.json deleted file mode 100644 index 4a3b7fe18..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInGeoIpField.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "description" : "Add geoip info", - "processors" : [ - { - "geoip" : { - "field" : "ip", - "target_field" : "apache.geo", - "database_file" : "GeoLite2-Country.mmdb.gz", - "properties": ["continent_name", "country_iso_code"] - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInJsonField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInJsonField.json deleted file mode 100644 index ed4f41f1f..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInJsonField.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "ExampleJson", - "processors": [ - { - "json": { - "field": "[foo][string_source]", - "target_field": "[bar][json_target]" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInRenameField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInRenameField.json deleted file mode 100644 index 33aa582a6..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInRenameField.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "ExampleRename", - "processors": [ - { - "rename": { - "field": "foo.bar", - "target_field": "foo.baz" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInSetField.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInSetField.json deleted file mode 100644 index 7112b7131..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestDotsInSetField.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "SetExample", - "processors": [ - { - "set": { - "field": "foo.bar", - "value": "baz" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGeoIpSimple.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGeoIpSimple.json deleted file mode 100644 index 2554b92c4..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGeoIpSimple.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "description": "Add geoip info", - "processors": [ - { - "geoip": { - "field": "ip", - "target_field": "geo", - "database_file": "GeoLite2-Country.mmdb.gz", - "properties": [ - "continent_name", - "country_iso_code" - ] - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrok.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrok.json deleted file mode 100644 index 36db975a1..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrok.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "description": "Pipeline for parsing apache error logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": [ - "%{IPORHOST:apache2.access.remote_ip} - %{DATA:apache2.access.user_name} \\[%{HTTPDATE:apache2.access.time}\\] \"%{WORD:apache2.access.method} %{DATA:apache2.access.url} HTTP/%{NUMBER:apache2.access.http_version}\" %{NUMBER:apache2.access.response_code} (?:%{NUMBER:apache2.access.body_sent.bytes}|-)( \"%{DATA:apache2.access.referrer}\")?( \"%{DATA:apache2.access.agent}\")?", - "%{IPORHOST:apache2.access.remote_ip} - %{DATA:apache2.access.user_name} \\[%{HTTPDATE:apache2.access.time}\\] \"-\" %{NUMBER:apache2.access.response_code} -" - ], - "ignore_missing": true - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokMultiplePatternDefinitions.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokMultiplePatternDefinitions.json deleted file mode 100644 index e3a2ce60e..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokMultiplePatternDefinitions.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "description":"Syslog", - "processors":[ - { - "grok":{ - "field":"message", - "patterns":[ - "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{SYSLOGHOST:system.syslog.hostname} %{DATA:system.syslog.program}(?:\\[%{POSINT:system.syslog.pid}\\])?: %{GREEDYMULTILINE:system.syslog.message}", - "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{GREEDYMULTILINE:system.syslog.message}" - ], - "pattern_definitions":{ - "GREEDYMULTILINE":"(.|\\n)*", - "AUDIT_TYPE": "^type=%{NOTSPACE:auditd.log.record_type}" - }, - "ignore_missing":true - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokPatternDefinition.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokPatternDefinition.json deleted file mode 100644 index bb123eed1..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGrokPatternDefinition.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "description":"Syslog", - "processors":[ - { - "grok":{ - "field":"message", - "patterns":[ - "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{SYSLOGHOST:system.syslog.hostname} %{DATA:system.syslog.program}(?:\\[%{POSINT:system.syslog.pid}\\])?: %{GREEDYMULTILINE:system.syslog.message}", - "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{GREEDYMULTILINE:system.syslog.message}" - ], - "pattern_definitions":{ - "GREEDYMULTILINE":"(.|\\n)*" - }, - "ignore_missing":true - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGsubSimple.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGsubSimple.json deleted file mode 100644 index 14835baa0..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestGsubSimple.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "description": "ExampleGsub", - "processors": [ - { - "gsub": { - "field": "field1", - "pattern": "\\.", - "replacement": "_" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJson.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJson.json deleted file mode 100644 index 54a8adf66..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJson.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "description": "ExampleJson", - "processors": [ - { - "json": { - "field": "string_source" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJsonExtraFields.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJsonExtraFields.json deleted file mode 100644 index e95bedc27..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestJsonExtraFields.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "ExampleJson", - "processors": [ - { - "json": { - "field": "string_source", - "target_field": "json_target" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseDots.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseDots.json deleted file mode 100644 index 2f375b36e..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseDots.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "description": "ExampleLowercase", - "processors": [ - { - "lowercase": { - "field": "foo.bar" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseSimple.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseSimple.json deleted file mode 100644 index 8ae738f19..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestLowercaseSimple.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "description": "ExampleLowercase", - "processors": [ - { - "lowercase": { - "field": "foo" - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestRename.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestRename.json deleted file mode 100644 index 7a2d89ed4..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestRename.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "ExampleRename", - "processors": [ - { - "rename": { - "field": "foo", - "target_field": "foobar" - } - } - ] -} \ No newline at end of file diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSet.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSet.json deleted file mode 100644 index 3ae6f3c39..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSet.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "description": "SetExample", - "processors": [ - { - "set": { - "field": "field1", - "value": "bar" - } - } - ] -} - diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSetNumber.json b/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSetNumber.json deleted file mode 100644 index 70558bd52..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/ingestSetNumber.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "description": "SetExample", - "processors": [ - { - "set": { - "field": "field1", - "value": 5344.4 - } - } - ] -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppend.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppend.conf deleted file mode 100644 index 40372d15c..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppend.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - mutate { - add_field => { - "client" => [ - "host1", - "host2" - ] - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppendScalar.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppendScalar.conf deleted file mode 100644 index f40d36e38..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashAppendScalar.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - add_field => { - "foo" => "bar" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase1.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase1.conf deleted file mode 100644 index be27a7bc6..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase1.conf +++ /dev/null @@ -1,46 +0,0 @@ -filter { - grok { - match => { - "message" => "%{COMBINEDAPACHELOG}" - } - } - date { - match => [ - "timestamp", - "dd/MMM/YYYY:HH:mm:ss Z" - ] - target => "@timestamp" - locale => "en" - } - geoip { - source => "[client][ip]" - target => "geo" - } - mutate { - convert => { - "bytes" => "integer" - } - } - mutate { - add_field => { - "response_code" => [ - "200", - "400", - "503" - ] - } - } - json { - source => "string_source" - } - mutate { - rename => { - "foo" => "foobar" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase2.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase2.conf deleted file mode 100644 index 20b94771d..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase2.conf +++ /dev/null @@ -1,33 +0,0 @@ -filter { - grok { - match => { - "message" => "%{COMBINEDAPACHELOG}" - } - } - date { - match => [ - "timestamp", - "dd/MMM/YYYY:HH:mm:ss Z" - ] - target => "@timestamp" - locale => "en" - } - geoip { - source => "[client][ip]" - target => "[client][geo]" - } - geoip { - source => "[source][ip]" - target => "[source][geo]" - } - mutate { - convert => { - "[client][bytes]" => "integer" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase3.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase3.conf deleted file mode 100644 index 20ae4380e..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase3.conf +++ /dev/null @@ -1,31 +0,0 @@ -filter { - grok { - match => { - "message" => "%{COMBINEDAPACHELOG}" - } - } - if "_grokparsefailure" in [tags] { - mutate { - add_field => { - "error" => "field does not exist" - } - } - } - date { - match => [ - "timestamp", - "dd/MMM/YYYY:HH:mm:ss Z" - ] - target => "@timestamp" - locale => "en" - } - geoip { - source => "clientip" - target => "geo" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase4.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase4.conf deleted file mode 100644 index 4da212f20..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashComplexCase4.conf +++ /dev/null @@ -1,36 +0,0 @@ -filter { - grok { - match => { - "message" => "%{COMBINEDAPACHELOG}" - } - } - if "_grokparsefailure" in [tags] { - mutate { - add_field => { - "error" => "field does not exist" - } - } - mutate { - convert => { - "[client][ip]" => "integer" - } - } - } - date { - match => [ - "timestamp", - "dd/MMM/YYYY:HH:mm:ss Z" - ] - target => "@timestamp" - locale => "en" - } - geoip { - source => "clientip" - target => "geo" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvert.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvert.conf deleted file mode 100644 index 1771fe204..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvert.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - convert => { - "bytes" => "integer" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertBoolean.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertBoolean.conf deleted file mode 100644 index 0d98c5a47..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertBoolean.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - convert => { - "delete" => "boolean" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertString.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertString.conf deleted file mode 100644 index 6a872cf7a..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashConvertString.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - convert => { - "blah" => "string" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDate.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDate.conf deleted file mode 100644 index 0533a7f52..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDate.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - date { - match => [ - "initial_date", - "dd/MM/yyyy hh:mm:ss", - "dd/MM/yyyy" - ] - target => "timestamp" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDateExtraFields.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDateExtraFields.conf deleted file mode 100644 index 52cb3e471..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDateExtraFields.conf +++ /dev/null @@ -1,17 +0,0 @@ -filter { - date { - match => [ - "initial_date", - "dd/MM/yyyy hh:mm:ss", - "dd/MM/yyyy" - ] - target => "timestamp" - timezone => "Europe/Amsterdam" - locale => "en" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInAppendField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInAppendField.conf deleted file mode 100644 index 8ee177213..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInAppendField.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - mutate { - add_field => { - "[client][ip]" => [ - "127.0.0.1", - "127.0.0.2" - ] - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInConvertField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInConvertField.conf deleted file mode 100644 index 8bbe66ce5..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInConvertField.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - convert => { - "[client][bytes]" => "float" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInDateField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInDateField.conf deleted file mode 100644 index 881d9e47b..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInDateField.conf +++ /dev/null @@ -1,17 +0,0 @@ -filter { - date { - match => [ - "initial_date", - "dd/MM/yyyy hh:mm:ss", - "dd/MM/yyyy" - ] - target => "[apache][timestamp]" - timezone => "Europe/Amsterdam" - locale => "en" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInGeoIpField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInGeoIpField.conf deleted file mode 100644 index fbcd2b202..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInGeoIpField.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - geoip { - source => "ip" - target => "[apache][geo]" - fields => [ - "continent_name", - "country_iso_code" - ] - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInJsonField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInJsonField.conf deleted file mode 100644 index 57032dfcb..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInJsonField.conf +++ /dev/null @@ -1,11 +0,0 @@ -filter { - json { - source => "[foo][string_source]" - target => "[bar][json_target]" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInRenameField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInRenameField.conf deleted file mode 100644 index aedde2200..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInRenameField.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - rename => { - "[foo][bar]" => "[foo][baz]" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInSetField.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInSetField.conf deleted file mode 100644 index 3b63d8f0f..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashDotsInSetField.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - add_field => { - "[foo][bar]" => "baz" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGeoIpSimple.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGeoIpSimple.conf deleted file mode 100644 index 218e672c5..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGeoIpSimple.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - geoip { - source => "ip" - target => "geo" - fields => [ - "continent_name", - "country_iso_code" - ] - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrok.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrok.conf deleted file mode 100644 index ddf6150c1..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrok.conf +++ /dev/null @@ -1,15 +0,0 @@ -filter { - grok { - match => { - "message" => [ - "%{IPORHOST:[apache2][access][remote_ip]} - %{DATA:[apache2][access][user_name]} \[%{HTTPDATE:[apache2][access][time]}\] \"%{WORD:[apache2][access][method]} %{DATA:[apache2][access][url]} HTTP/%{NUMBER:[apache2][access][http_version]}\" %{NUMBER:[apache2][access][response_code]} (?:%{NUMBER:apache2.access.body_sent.bytes}|-)( \"%{DATA:[apache2][access][referrer]}\")?( \"%{DATA:[apache2][access][agent]}\")?", - "%{IPORHOST:[apache2][access][remote_ip]} - %{DATA:[apache2][access][user_name]} \[%{HTTPDATE:[apache2][access][time]}\] \"-\" %{NUMBER:[apache2][access][response_code]} -" - ] - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokMultiplePatternDefinitions.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokMultiplePatternDefinitions.conf deleted file mode 100644 index e89065b71..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokMultiplePatternDefinitions.conf +++ /dev/null @@ -1,19 +0,0 @@ -filter { - grok { - match => { - "message" => [ - "%{SYSLOGTIMESTAMP:[system][syslog][timestamp]} %{SYSLOGHOST:[system][syslog][hostname]} %{DATA:[system][syslog][program]}(?:\[%{POSINT:[system][syslog][pid]}\])?: %{GREEDYMULTILINE:[system][syslog][message]}", - "%{SYSLOGTIMESTAMP:[system][syslog][timestamp]} %{GREEDYMULTILINE:[system][syslog][message]}" - ] - } - pattern_definitions => { - "GREEDYMULTILINE" => "(.|\n)*" - "AUDIT_TYPE" => "^type=%{NOTSPACE:[auditd][log][record_type]}" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokPatternDefinition.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokPatternDefinition.conf deleted file mode 100644 index 0a24c2676..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGrokPatternDefinition.conf +++ /dev/null @@ -1,18 +0,0 @@ -filter { - grok { - match => { - "message" => [ - "%{SYSLOGTIMESTAMP:[system][syslog][timestamp]} %{SYSLOGHOST:[system][syslog][hostname]} %{DATA:[system][syslog][program]}(?:\[%{POSINT:[system][syslog][pid]}\])?: %{GREEDYMULTILINE:[system][syslog][message]}", - "%{SYSLOGTIMESTAMP:[system][syslog][timestamp]} %{GREEDYMULTILINE:[system][syslog][message]}" - ] - } - pattern_definitions => { - "GREEDYMULTILINE" => "(.|\n)*" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGsubSimple.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGsubSimple.conf deleted file mode 100644 index bc4092a80..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashGsubSimple.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - gsub => [ - "field1", "\.", "_" - ] - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJson.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJson.conf deleted file mode 100644 index 1936d3c34..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJson.conf +++ /dev/null @@ -1,10 +0,0 @@ -filter { - json { - source => "string_source" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJsonExtraFields.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJsonExtraFields.conf deleted file mode 100644 index dfe7c2d48..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashJsonExtraFields.conf +++ /dev/null @@ -1,11 +0,0 @@ -filter { - json { - source => "string_source" - target => "json_target" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseDots.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseDots.conf deleted file mode 100644 index 9f070e367..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseDots.conf +++ /dev/null @@ -1,10 +0,0 @@ -filter { - mutate { - lowercase => "[foo][bar]" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseSimple.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseSimple.conf deleted file mode 100644 index 49229ab26..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashLowercaseSimple.conf +++ /dev/null @@ -1,10 +0,0 @@ -filter { - mutate { - lowercase => "foo" - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashRename.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashRename.conf deleted file mode 100644 index daf5725ec..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashRename.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - rename => { - "foo" => "foobar" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSet.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSet.conf deleted file mode 100644 index 204cb5424..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSet.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - add_field => { - "field1" => "bar" - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} diff --git a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSetNumber.conf b/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSetNumber.conf deleted file mode 100644 index 36a98a3f5..000000000 --- a/tools/ingest-converter/src/test/resources/org/logstash/ingest/logstashSetNumber.conf +++ /dev/null @@ -1,12 +0,0 @@ -filter { - mutate { - add_field => { - "field1" => 5344.4 - } - } -} -output { - elasticsearch { - hosts => "localhost" - } -} From 7c64c7394bf47e8b5316710876ed55350df46d61 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Tue, 17 Sep 2024 06:46:19 -0700 Subject: [PATCH 044/290] Fixes the issue where LS wipes out all quotes from docker env variables. (#16456) * Fixes the issue where LS wipes out all quotes from docker env variables. This is an issue when running LS on docker with CONFIG_STRING, needs to keep quotes with env variable. * Add a docker acceptance integration test. --- .../logstash/util/substitution_variables.rb | 22 ++++++- .../util/substitution_variables_spec.rb | 63 +++++++++++++++++++ .../shared_examples/container_options.rb | 36 +++++++++++ qa/docker/shared_examples/xpack.rb | 2 +- 4 files changed, 120 insertions(+), 3 deletions(-) create mode 100644 logstash-core/spec/logstash/util/substitution_variables_spec.rb diff --git a/logstash-core/lib/logstash/util/substitution_variables.rb b/logstash-core/lib/logstash/util/substitution_variables.rb index 4319a3823..61b938503 100644 --- a/logstash-core/lib/logstash/util/substitution_variables.rb +++ b/logstash-core/lib/logstash/util/substitution_variables.rb @@ -87,15 +87,33 @@ module ::LogStash::Util::SubstitutionVariables # ENV ${var} value may carry single quote or escaped double quote # or single/double quoted entries in array string, needs to be refined - refined_value = placeholder_value.gsub(/[\\"\\']/, '') + refined_value = strip_enclosing_char(strip_enclosing_char(placeholder_value, "'"), '"') if refined_value.start_with?('[') && refined_value.end_with?(']') # remove square brackets, split by comma and cleanup leading/trailing whitespace - refined_value[1..-2].split(',').map(&:strip) + refined_array = refined_value[1..-2].split(',').map(&:strip) + refined_array.each_with_index do |str, index| + refined_array[index] = strip_enclosing_char(strip_enclosing_char(str, "'"), '"') + end + refined_array else refined_value end end # def replace_placeholders + private + + # removes removed_char of string_value if string_value is wrapped with removed_char + def strip_enclosing_char(string_value, remove_char) + return string_value unless string_value.is_a?(String) + return string_value if string_value.empty? + + if string_value.start_with?(remove_char) && string_value.end_with?(remove_char) + string_value[1..-2] # Remove the first and last characters + else + string_value + end + end + class << self private diff --git a/logstash-core/spec/logstash/util/substitution_variables_spec.rb b/logstash-core/spec/logstash/util/substitution_variables_spec.rb new file mode 100644 index 000000000..13c5c93c4 --- /dev/null +++ b/logstash-core/spec/logstash/util/substitution_variables_spec.rb @@ -0,0 +1,63 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require "spec_helper" +require "logstash/util/substitution_variables" + +describe LogStash::Util::SubstitutionVariables do + + subject { Class.new { extend LogStash::Util::SubstitutionVariables } } + + context "ENV or Keystore ${VAR} with single/double quotes" do + # single or double quotes come from ENV/Keystore ${VAR} value + let(:xpack_monitoring_host) { '"http://node1:9200"' } + let(:xpack_monitoring_hosts) { "'[\"http://node3:9200\", \"http://node4:9200\"]'" } + let(:xpack_management_pipeline_id) { '"*"' } + let(:config_string) { + "'input { + stdin { } + beats { port => 5040 } + } + output { + elasticsearch { + hosts => [\"https://es:9200\"] + user => \"elastic\" + password => 'changeme' + } + }'" + } + + # this happens mostly when running LS with docker + it "stripes out quotes" do + expect(subject.send(:strip_enclosing_char, xpack_monitoring_host, '"')).to eql('http://node1:9200') + expect(subject.send(:strip_enclosing_char, xpack_monitoring_hosts, "'")).to eql('["http://node3:9200", "http://node4:9200"]') + expect(subject.send(:strip_enclosing_char, xpack_management_pipeline_id, '"')).to eql('*') + # make sure we keep the hosts, user and password param enclosed quotes + expect(subject.send(:strip_enclosing_char, config_string, "'")).to eql('input { + stdin { } + beats { port => 5040 } + } + output { + elasticsearch { + hosts => ["https://es:9200"] + user => "elastic" + password => \'changeme\' + } + }') + end + end +end \ No newline at end of file diff --git a/qa/docker/shared_examples/container_options.rb b/qa/docker/shared_examples/container_options.rb index 1d5108bff..48c51d382 100644 --- a/qa/docker/shared_examples/container_options.rb +++ b/qa/docker/shared_examples/container_options.rb @@ -56,4 +56,40 @@ shared_examples_for 'it applies settings correctly' do |flavor| expect(get_settings(@container)['pipeline.unsafe_shutdown']).to be_truthy end end + + context 'when setting config.string' do + let(:options) { + { + 'ENV' => [ + 'USER=kimchy', + 'CONFIG_STRING=input { + beats { port => 5040 } + } + output { + elasticsearch { + hosts => ["https://es:9200"] + user => "${USER}" + password => \'changeme\' + } + }' + ] + } + } + + it "persists ${CONFIG_STRING} key in logstash.yml, resolves when running and spins up without issue" do + settings = get_settings(@container) + expect(settings['config.string']).to eq("${CONFIG_STRING}") + + pipeline_config = get_pipeline_stats(@container) + input_plugins = pipeline_config.dig('plugins', 'inputs') + expect(input_plugins[0].dig('name')).to eql('beats') + + output_plugins = pipeline_config.dig('plugins', 'outputs') + expect(output_plugins[0].dig('name')).to eql('elasticsearch') + + # check if logs contain the ES request with the resolved ${USER} + container_logs = @container.logs(stdout: true) + expect(container_logs.include?('https://kimchy:xxxxxx@es:9200')).to be true + end + end end diff --git a/qa/docker/shared_examples/xpack.rb b/qa/docker/shared_examples/xpack.rb index 82ff64ae0..254e0354c 100644 --- a/qa/docker/shared_examples/xpack.rb +++ b/qa/docker/shared_examples/xpack.rb @@ -35,7 +35,7 @@ shared_examples_for 'a container with xpack features' do |flavor| ] } - it 'persists var keys into logstas.yaml and uses their resolved actual values' do + it 'persists var keys into logstash.yml and uses their resolved actual values' do container = create_container(@image, {'ENV' => env}) sleep(15) # wait for container run From 3e98cb16253b6135ed2cbd894ead3bed439f0185 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 17 Sep 2024 22:29:02 +0100 Subject: [PATCH 045/290] [CI] fix benchmark marathon (#16447) - split main.sh to core.sh and main.sh - rename all.sh to marathon.sh - fix vault expiry issue for long running task - fix unable to call main function - update save object runtime field `release` to return true when `version` contains "SNAPSHOT" --- ...ne.yml => benchmark_marathon_pipeline.yml} | 4 +- .buildkite/scripts/benchmark/all.sh | 18 - .buildkite/scripts/benchmark/core.sh | 315 +++++++++++++++++ .buildkite/scripts/benchmark/main.sh | 316 +----------------- .buildkite/scripts/benchmark/marathon.sh | 41 +++ .../benchmark/save-objects/CHANGELOG.md | 5 + .../save-objects/benchmark_objects.ndjson | 6 +- catalog-info.yaml | 20 +- 8 files changed, 379 insertions(+), 346 deletions(-) rename .buildkite/{benchmark_versions_pipeline.yml => benchmark_marathon_pipeline.yml} (68%) delete mode 100755 .buildkite/scripts/benchmark/all.sh create mode 100755 .buildkite/scripts/benchmark/core.sh create mode 100755 .buildkite/scripts/benchmark/marathon.sh create mode 100644 .buildkite/scripts/benchmark/save-objects/CHANGELOG.md diff --git a/.buildkite/benchmark_versions_pipeline.yml b/.buildkite/benchmark_marathon_pipeline.yml similarity index 68% rename from .buildkite/benchmark_versions_pipeline.yml rename to .buildkite/benchmark_marathon_pipeline.yml index d60166ac4..d2f8b6577 100644 --- a/.buildkite/benchmark_versions_pipeline.yml +++ b/.buildkite/benchmark_marathon_pipeline.yml @@ -7,5 +7,5 @@ agents: diskType: pd-ssd steps: - - label: "Benchmark multiple versions" - command: .buildkite/scripts/benchmark/all.sh \ No newline at end of file + - label: "Benchmark Marathon" + command: .buildkite/scripts/benchmark/marathon.sh \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/all.sh b/.buildkite/scripts/benchmark/all.sh deleted file mode 100755 index 282ed3d48..000000000 --- a/.buildkite/scripts/benchmark/all.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env bash -set -eo pipefail - -# ******************************************************* -# Run benchmark for versions that have flow metrics -# Usage: -# nohup bash -x all.sh > log.log 2>&1 & -# Accept env vars: -# STACK_VERSIONS=8.15.0,8.15.1,8.16.0-SNAPSHOT # versions to test. It is comma separator string -# ******************************************************* - -IFS=',' -STACK_VERSIONS="${STACK_VERSIONS:-8.6.0,8.7.0,8.8.0,8.9.0,8.10.0,8.11.0,8.12.0,8.13.0,8.14.0,8.15.0}" -read -ra STACK_VERSIONS <<< "$STACK_VERSIONS" - -for V in "${STACK_VERSIONS[@]}" ; do - LS_VERSION="$V" "main.sh" -done \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/core.sh b/.buildkite/scripts/benchmark/core.sh new file mode 100755 index 000000000..a7bb73371 --- /dev/null +++ b/.buildkite/scripts/benchmark/core.sh @@ -0,0 +1,315 @@ +#!/usr/bin/env bash +set -eo pipefail + +SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")" +CONFIG_PATH="$SCRIPT_PATH/config" +source "$SCRIPT_PATH/util.sh" + +usage() { + echo "Usage: $0 [FB_CNT] [QTYPE] [CPU] [MEM]" + echo "Example: $0 4 {persisted|memory|all} 2 2" + exit 1 +} + +parse_args() { + while [[ "$#" -gt 0 ]]; do + if [ -z "$FB_CNT" ]; then + FB_CNT=$1 + elif [ -z "$QTYPE" ]; then + case $1 in + all | persisted | memory) + QTYPE=$1 + ;; + *) + echo "Error: wrong queue type $1" + usage + ;; + esac + elif [ -z "$CPU" ]; then + CPU=$1 + elif [ -z "$MEM" ]; then + MEM=$1 + else + echo "Error: Too many arguments" + usage + fi + shift + done + + # set default value + # number of filebeat + FB_CNT=${FB_CNT:-4} + # all | persisted | memory + QTYPE=${QTYPE:-all} + CPU=${CPU:-4} + MEM=${MEM:-4} + XMX=$((MEM / 2)) + + IFS=',' + # worker multiplier: 1,2,4 + MULTIPLIERS="${MULTIPLIERS:-1,2,4}" + read -ra MULTIPLIERS <<< "$MULTIPLIERS" + BATCH_SIZES="${BATCH_SIZES:-500}" + read -ra BATCH_SIZES <<< "$BATCH_SIZES" + # tags to json array + read -ra TAG_ARRAY <<< "$TAGS" + JSON_TAGS=$(printf '"%s",' "${TAG_ARRAY[@]}" | sed 's/,$//') + JSON_TAGS="[$JSON_TAGS]" + + IFS=' ' + echo "filebeats: $FB_CNT, cpu: $CPU, mem: $MEM, Queue: $QTYPE, worker multiplier: ${MULTIPLIERS[@]}, batch size: ${BATCH_SIZES[@]}" +} + +get_secret() { + VAULT_PATH=${VAULT_PATH:-secret/ci/elastic-logstash/benchmark} + VAULT_DATA=$(vault kv get -format json $VAULT_PATH) + BENCHMARK_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.es_host') + BENCHMARK_ES_USER=$(echo $VAULT_DATA | jq -r '.data.es_user') + BENCHMARK_ES_PW=$(echo $VAULT_DATA | jq -r '.data.es_pw') + + MONITOR_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.monitor_es_host') + MONITOR_ES_USER=$(echo $VAULT_DATA | jq -r '.data.monitor_es_user') + MONITOR_ES_PW=$(echo $VAULT_DATA | jq -r '.data.monitor_es_pw') +} + +pull_images() { + echo "--- Pull docker images" + + if [[ -n "$LS_VERSION" ]]; then + # pull image if it doesn't exist in local + [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION" + else + # pull the latest snapshot logstash image + # select the SNAPSHOT artifact with the highest semantic version number + LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/versions | jq -r '.versions | map(select(endswith("-SNAPSHOT"))) | max_by(rtrimstr("-SNAPSHOT")|split(".")|map(tonumber))' ) + BUILD_ID=$(curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://artifacts-api.elastic.co/v1/versions/${LS_VERSION}/builds/latest" | jq -re '.build.build_id') + ARCH=$(arch) + IMAGE_URL="https://snapshots.elastic.co/${BUILD_ID}/downloads/logstash/logstash-$LS_VERSION-docker-image-$ARCH.tar.gz" + IMAGE_FILENAME="$LS_VERSION.tar.gz" + + echo "Download $LS_VERSION from $IMAGE_URL" + [[ ! -e $IMAGE_FILENAME ]] && curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o "$IMAGE_FILENAME" "$IMAGE_URL" + [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker load -i "$IMAGE_FILENAME" + fi + + # pull filebeat image + FB_DEFAULT_VERSION="8.13.4" + FB_VERSION=${FB_VERSION:-$FB_DEFAULT_VERSION} + docker pull "docker.elastic.co/beats/filebeat:$FB_VERSION" +} + +generate_logs() { + FLOG_FILE_CNT=${FLOG_FILE_CNT:-4} + SINGLE_SIZE=524288000 + TOTAL_SIZE="$((FLOG_FILE_CNT * SINGLE_SIZE))" + FLOG_PATH="$SCRIPT_PATH/flog" + mkdir -p $FLOG_PATH + + if [[ ! -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" ]]; then + echo "--- Generate logs in background. log: ${FLOG_FILE_CNT}, each size: 500mb" + docker run -d --name=flog --rm -v $FLOG_PATH:/go/src/data mingrammer/flog -t log -w -o "/go/src/data/log.log" -b $TOTAL_SIZE -p $SINGLE_SIZE + fi +} + +check_logs() { + echo "--- Check log generation" + + local cnt=0 + until [[ -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" || $cnt -gt 600 ]]; do + echo "wait 30s" && sleep 30 + cnt=$((cnt + 30)) + done + + ls -lah $FLOG_PATH +} + +start_logstash() { + LS_CONFIG_PATH=$SCRIPT_PATH/ls/config + mkdir -p $LS_CONFIG_PATH + + cp $CONFIG_PATH/pipelines.yml $LS_CONFIG_PATH/pipelines.yml + cp $CONFIG_PATH/logstash.yml $LS_CONFIG_PATH/logstash.yml + cp $CONFIG_PATH/uuid $LS_CONFIG_PATH/uuid + + LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xmx${XMX}g} + docker run -d --name=ls --net=host --cpus=$CPU --memory=${MEM}g -e LS_JAVA_OPTS="$LS_JAVA_OPTS" \ + -e QTYPE="$QTYPE" -e WORKER="$WORKER" -e BATCH_SIZE="$BATCH_SIZE" \ + -e BENCHMARK_ES_HOST="$BENCHMARK_ES_HOST" -e BENCHMARK_ES_USER="$BENCHMARK_ES_USER" -e BENCHMARK_ES_PW="$BENCHMARK_ES_PW" \ + -e MONITOR_ES_HOST="$MONITOR_ES_HOST" -e MONITOR_ES_USER="$MONITOR_ES_USER" -e MONITOR_ES_PW="$MONITOR_ES_PW" \ + -v $LS_CONFIG_PATH/logstash.yml:/usr/share/logstash/config/logstash.yml:ro \ + -v $LS_CONFIG_PATH/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro \ + -v $LS_CONFIG_PATH/uuid:/usr/share/logstash/data/uuid:ro \ + docker.elastic.co/logstash/logstash:$LS_VERSION +} + +start_filebeat() { + for ((i = 0; i < FB_CNT; i++)); do + FB_PATH="$SCRIPT_PATH/fb${i}" + mkdir -p $FB_PATH + + cp $CONFIG_PATH/filebeat.yml $FB_PATH/filebeat.yml + + docker run -d --name=fb$i --net=host --user=root \ + -v $FB_PATH/filebeat.yml:/usr/share/filebeat/filebeat.yml \ + -v $SCRIPT_PATH/flog:/usr/share/filebeat/flog \ + docker.elastic.co/beats/filebeat:$FB_VERSION filebeat -e --strict.perms=false + done +} + +capture_stats() { + CURRENT=$(jq -r '.flow.output_throughput.current' $NS_JSON) + local eps_1m=$(jq -r '.flow.output_throughput.last_1_minute' $NS_JSON) + local eps_5m=$(jq -r '.flow.output_throughput.last_5_minutes' $NS_JSON) + local worker_util=$(jq -r '.pipelines.main.flow.worker_utilization.last_1_minute' $NS_JSON) + local worker_concurr=$(jq -r '.pipelines.main.flow.worker_concurrency.last_1_minute' $NS_JSON) + local cpu_percent=$(jq -r '.process.cpu.percent' $NS_JSON) + local heap=$(jq -r '.jvm.mem.heap_used_in_bytes' $NS_JSON) + local non_heap=$(jq -r '.jvm.mem.non_heap_used_in_bytes' $NS_JSON) + local q_event_cnt=$(jq -r '.pipelines.main.queue.events_count' $NS_JSON) + local q_size=$(jq -r '.pipelines.main.queue.queue_size_in_bytes' $NS_JSON) + TOTAL_EVENTS_OUT=$(jq -r '.pipelines.main.events.out' $NS_JSON) + printf "current: %s, 1m: %s, 5m: %s, worker_utilization: %s, worker_concurrency: %s, cpu: %s, heap: %s, non-heap: %s, q_events: %s, q_size: %s, total_events_out: %s\n" \ + $CURRENT $eps_1m $eps_5m $worker_util $worker_concurr $cpu_percent $heap $non_heap $q_event_cnt $q_size $TOTAL_EVENTS_OUT +} + +aggregate_stats() { + local file_glob="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_*.json" + MAX_EPS_1M=$( jqmax '.flow.output_throughput.last_1_minute' "$file_glob" ) + MAX_EPS_5M=$( jqmax '.flow.output_throughput.last_5_minutes' "$file_glob" ) + MAX_WORKER_UTIL=$( jqmax '.pipelines.main.flow.worker_utilization.last_1_minute' "$file_glob" ) + MAX_WORKER_CONCURR=$( jqmax '.pipelines.main.flow.worker_concurrency.last_1_minute' "$file_glob" ) + MAX_Q_EVENT_CNT=$( jqmax '.pipelines.main.queue.events_count' "$file_glob" ) + MAX_Q_SIZE=$( jqmax '.pipelines.main.queue.queue_size_in_bytes' "$file_glob" ) + + AVG_CPU_PERCENT=$( jqavg '.process.cpu.percent' "$file_glob" ) + AVG_VIRTUAL_MEM=$( jqavg '.process.mem.total_virtual_in_bytes' "$file_glob" ) + AVG_HEAP=$( jqavg '.jvm.mem.heap_used_in_bytes' "$file_glob" ) + AVG_NON_HEAP=$( jqavg '.jvm.mem.non_heap_used_in_bytes' "$file_glob" ) +} + +send_summary() { + echo "--- Send summary to Elasticsearch" + + # build json + local timestamp + timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S") + SUMMARY="{\"timestamp\": \"$timestamp\", \"version\": \"$LS_VERSION\", \"cpu\": \"$CPU\", \"mem\": \"$MEM\", \"workers\": \"$WORKER\", \"batch_size\": \"$BATCH_SIZE\", \"queue_type\": \"$QTYPE\"" + not_empty "$TOTAL_EVENTS_OUT" && SUMMARY="$SUMMARY, \"total_events_out\": \"$TOTAL_EVENTS_OUT\"" + not_empty "$MAX_EPS_1M" && SUMMARY="$SUMMARY, \"max_eps_1m\": \"$MAX_EPS_1M\"" + not_empty "$MAX_EPS_5M" && SUMMARY="$SUMMARY, \"max_eps_5m\": \"$MAX_EPS_5M\"" + not_empty "$MAX_WORKER_UTIL" && SUMMARY="$SUMMARY, \"max_worker_utilization\": \"$MAX_WORKER_UTIL\"" + not_empty "$MAX_WORKER_CONCURR" && SUMMARY="$SUMMARY, \"max_worker_concurrency\": \"$MAX_WORKER_CONCURR\"" + not_empty "$AVG_CPU_PERCENT" && SUMMARY="$SUMMARY, \"avg_cpu_percentage\": \"$AVG_CPU_PERCENT\"" + not_empty "$AVG_HEAP" && SUMMARY="$SUMMARY, \"avg_heap\": \"$AVG_HEAP\"" + not_empty "$AVG_NON_HEAP" && SUMMARY="$SUMMARY, \"avg_non_heap\": \"$AVG_NON_HEAP\"" + not_empty "$AVG_VIRTUAL_MEM" && SUMMARY="$SUMMARY, \"avg_virtual_memory\": \"$AVG_VIRTUAL_MEM\"" + not_empty "$MAX_Q_EVENT_CNT" && SUMMARY="$SUMMARY, \"max_queue_events\": \"$MAX_Q_EVENT_CNT\"" + not_empty "$MAX_Q_SIZE" && SUMMARY="$SUMMARY, \"max_queue_bytes_size\": \"$MAX_Q_SIZE\"" + not_empty "$TAGS" && SUMMARY="$SUMMARY, \"tags\": $JSON_TAGS" + SUMMARY="$SUMMARY}" + + tee summary.json << EOF +{"index": {}} +$SUMMARY +EOF + + # send to ES + local resp + local err_status + resp=$(curl -s -X POST -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" "$BENCHMARK_ES_HOST/benchmark_summary/_bulk" -H 'Content-Type: application/json' --data-binary @"summary.json") + echo "$resp" + err_status=$(echo "$resp" | jq -r ".errors") + if [[ "$err_status" == "true" ]]; then + echo "Failed to send summary" + exit 1 + fi +} + +# $1: snapshot index +node_stats() { + NS_JSON="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_$1.json" # m_w8b1000_0.json + + # curl inside container because docker on mac cannot resolve localhost to host network interface + docker exec -i ls curl localhost:9600/_node/stats > "$NS_JSON" 2> /dev/null +} + +# $1: index +snapshot() { + node_stats $1 + capture_stats +} + +create_directory() { + NS_DIR="fb${FB_CNT}c${CPU}m${MEM}" # fb4c4m4 + mkdir -p "$SCRIPT_PATH/$NS_DIR" +} + +queue() { + for QTYPE in "persisted" "memory"; do + worker + done +} + +worker() { + for m in "${MULTIPLIERS[@]}"; do + WORKER=$((CPU * m)) + batch + done +} + +batch() { + for BATCH_SIZE in "${BATCH_SIZES[@]}"; do + run_pipeline + stop_pipeline + done +} + +run_pipeline() { + echo "--- Run pipeline. queue type: $QTYPE, worker: $WORKER, batch size: $BATCH_SIZE" + + start_logstash + start_filebeat + docker ps + + echo "(0) sleep 3m" && sleep 180 + snapshot "0" + + for i in {1..8}; do + echo "($i) sleep 30s" && sleep 30 + snapshot "$i" + + # print docker log when ingestion rate is zero + # remove '.' in number and return max val + [[ $(max -g "${CURRENT/./}" "0") -eq 0 ]] && + docker logs fb0 && + docker logs ls + done + + aggregate_stats + send_summary +} + +stop_pipeline() { + echo "--- Stop Pipeline" + + for ((i = 0; i < FB_CNT; i++)); do + docker stop fb$i + docker rm fb$i + done + + docker stop ls + docker rm ls + + curl -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" -X DELETE $BENCHMARK_ES_HOST/_data_stream/logs-generic-default + echo " data stream deleted " + + # TODO: clean page caches, reduce memory fragmentation + # https://github.com/elastic/logstash/pull/16191#discussion_r1647050216 +} + +clean_up() { + # stop log generation if it has not done yet + [[ -n $(docker ps | grep flog) ]] && docker stop flog || true + # remove image + docker image rm docker.elastic.co/logstash/logstash:$LS_VERSION +} diff --git a/.buildkite/scripts/benchmark/main.sh b/.buildkite/scripts/benchmark/main.sh index 9534ce3fc..3d615fcb4 100755 --- a/.buildkite/scripts/benchmark/main.sh +++ b/.buildkite/scripts/benchmark/main.sh @@ -15,9 +15,8 @@ set -eo pipefail # - The script sends a summary of EPS and resource usage to index `benchmark_summary` # ******************************************************* -SCRIPT_PATH="$(cd "$(dirname "$0")"; pwd)" -CONFIG_PATH="$SCRIPT_PATH/config" -source "$SCRIPT_PATH/util.sh" +SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")" +source "$SCRIPT_PATH/core.sh" ## usage: ## main.sh FB_CNT QTYPE CPU MEM @@ -39,315 +38,6 @@ source "$SCRIPT_PATH/util.sh" ## FLOG_FILE_CNT=4 # number of files to generate for ingestion ## VAULT_PATH=secret/path # vault path point to Elasticsearch credentials. The default value points to benchmark cluster. ## TAGS=test,other # tags with "," separator. -usage() { - echo "Usage: $0 [FB_CNT] [QTYPE] [CPU] [MEM]" - echo "Example: $0 4 {persisted|memory|all} 2 2" - exit 1 -} - -parse_args() { - while [[ "$#" -gt 0 ]]; do - if [ -z "$FB_CNT" ]; then - FB_CNT=$1 - elif [ -z "$QTYPE" ]; then - case $1 in - all | persisted | memory) - QTYPE=$1 - ;; - *) - echo "Error: wrong queue type $1" - usage - ;; - esac - elif [ -z "$CPU" ]; then - CPU=$1 - elif [ -z "$MEM" ]; then - MEM=$1 - else - echo "Error: Too many arguments" - usage - fi - shift - done - - # set default value - # number of filebeat - FB_CNT=${FB_CNT:-4} - # all | persisted | memory - QTYPE=${QTYPE:-all} - CPU=${CPU:-4} - MEM=${MEM:-4} - XMX=$((MEM / 2)) - - IFS=',' - # worker multiplier: 1,2,4 - MULTIPLIERS="${MULTIPLIERS:-1,2,4}" - read -ra MULTIPLIERS <<< "$MULTIPLIERS" - BATCH_SIZES="${BATCH_SIZES:-500}" - read -ra BATCH_SIZES <<< "$BATCH_SIZES" - # tags to json array - read -ra TAG_ARRAY <<< "$TAGS" - JSON_TAGS=$(printf '"%s",' "${TAG_ARRAY[@]}" | sed 's/,$//') - JSON_TAGS="[$JSON_TAGS]" - - IFS=' ' - echo "filebeats: $FB_CNT, cpu: $CPU, mem: $MEM, Queue: $QTYPE, worker multiplier: ${MULTIPLIERS[@]}, batch size: ${BATCH_SIZES[@]}" -} - -get_secret() { - VAULT_PATH=${VAULT_PATH:-secret/ci/elastic-logstash/benchmark} - VAULT_DATA=$(vault kv get -format json $VAULT_PATH) - BENCHMARK_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.es_host') - BENCHMARK_ES_USER=$(echo $VAULT_DATA | jq -r '.data.es_user') - BENCHMARK_ES_PW=$(echo $VAULT_DATA | jq -r '.data.es_pw') - - MONITOR_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.monitor_es_host') - MONITOR_ES_USER=$(echo $VAULT_DATA | jq -r '.data.monitor_es_user') - MONITOR_ES_PW=$(echo $VAULT_DATA | jq -r '.data.monitor_es_pw') -} - -pull_images() { - echo "--- Pull docker images" - - if [[ -n "$LS_VERSION" ]]; then - # pull image if it doesn't exist in local - [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION" - else - # pull the latest snapshot logstash image - # select the SNAPSHOT artifact with the highest semantic version number - LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s https://artifacts-api.elastic.co/v1/versions | jq -r '.versions | map(select(endswith("-SNAPSHOT"))) | max_by(rtrimstr("-SNAPSHOT")|split(".")|map(tonumber))' ) - BUILD_ID=$(curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://artifacts-api.elastic.co/v1/versions/${LS_VERSION}/builds/latest" | jq -re '.build.build_id') - ARCH=$(arch) - IMAGE_URL="https://snapshots.elastic.co/${BUILD_ID}/downloads/logstash/logstash-$LS_VERSION-docker-image-$ARCH.tar.gz" - IMAGE_FILENAME="$LS_VERSION.tar.gz" - - echo "Download $LS_VERSION from $IMAGE_URL" - [[ ! -e $IMAGE_FILENAME ]] && curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o "$IMAGE_FILENAME" "$IMAGE_URL" - [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker load -i "$IMAGE_FILENAME" - fi - - # pull filebeat image - FB_DEFAULT_VERSION="8.13.4" - FB_VERSION=${FB_VERSION:-$FB_DEFAULT_VERSION} - docker pull "docker.elastic.co/beats/filebeat:$FB_VERSION" -} - -generate_logs() { - FLOG_FILE_CNT=${FLOG_FILE_CNT:-4} - SINGLE_SIZE=524288000 - TOTAL_SIZE="$((FLOG_FILE_CNT * SINGLE_SIZE))" - FLOG_PATH="$SCRIPT_PATH/flog" - mkdir -p $FLOG_PATH - - if [[ ! -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" ]]; then - echo "--- Generate logs in background. log: ${FLOG_FILE_CNT}, each size: 500mb" - docker run -d --name=flog --rm -v $FLOG_PATH:/go/src/data mingrammer/flog -t log -w -o "/go/src/data/log.log" -b $TOTAL_SIZE -p $SINGLE_SIZE - fi -} - -check_logs() { - echo "--- Check log generation" - - local cnt=0 - until [[ -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" || $cnt -gt 600 ]]; do - echo "wait 30s" && sleep 30 - cnt=$((cnt + 30)) - done - - ls -lah $FLOG_PATH -} - -start_logstash() { - LS_CONFIG_PATH=$SCRIPT_PATH/ls/config - mkdir -p $LS_CONFIG_PATH - - cp $CONFIG_PATH/pipelines.yml $LS_CONFIG_PATH/pipelines.yml - cp $CONFIG_PATH/logstash.yml $LS_CONFIG_PATH/logstash.yml - cp $CONFIG_PATH/uuid $LS_CONFIG_PATH/uuid - - LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xmx${XMX}g} - docker run -d --name=ls --net=host --cpus=$CPU --memory=${MEM}g -e LS_JAVA_OPTS="$LS_JAVA_OPTS" \ - -e QTYPE="$QTYPE" -e WORKER="$WORKER" -e BATCH_SIZE="$BATCH_SIZE" \ - -e BENCHMARK_ES_HOST="$BENCHMARK_ES_HOST" -e BENCHMARK_ES_USER="$BENCHMARK_ES_USER" -e BENCHMARK_ES_PW="$BENCHMARK_ES_PW" \ - -e MONITOR_ES_HOST="$MONITOR_ES_HOST" -e MONITOR_ES_USER="$MONITOR_ES_USER" -e MONITOR_ES_PW="$MONITOR_ES_PW" \ - -v $LS_CONFIG_PATH/logstash.yml:/usr/share/logstash/config/logstash.yml:ro \ - -v $LS_CONFIG_PATH/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro \ - -v $LS_CONFIG_PATH/uuid:/usr/share/logstash/data/uuid:ro \ - docker.elastic.co/logstash/logstash:$LS_VERSION -} - -start_filebeat() { - for ((i = 0; i < FB_CNT; i++)); do - FB_PATH="$SCRIPT_PATH/fb${i}" - mkdir -p $FB_PATH - - cp $CONFIG_PATH/filebeat.yml $FB_PATH/filebeat.yml - - docker run -d --name=fb$i --net=host --user=root \ - -v $FB_PATH/filebeat.yml:/usr/share/filebeat/filebeat.yml \ - -v $SCRIPT_PATH/flog:/usr/share/filebeat/flog \ - docker.elastic.co/beats/filebeat:$FB_VERSION filebeat -e --strict.perms=false - done -} - -capture_stats() { - CURRENT=$(jq -r '.flow.output_throughput.current' $NS_JSON) - local eps_1m=$(jq -r '.flow.output_throughput.last_1_minute' $NS_JSON) - local eps_5m=$(jq -r '.flow.output_throughput.last_5_minutes' $NS_JSON) - local worker_util=$(jq -r '.pipelines.main.flow.worker_utilization.last_1_minute' $NS_JSON) - local worker_concurr=$(jq -r '.pipelines.main.flow.worker_concurrency.last_1_minute' $NS_JSON) - local cpu_percent=$(jq -r '.process.cpu.percent' $NS_JSON) - local heap=$(jq -r '.jvm.mem.heap_used_in_bytes' $NS_JSON) - local non_heap=$(jq -r '.jvm.mem.non_heap_used_in_bytes' $NS_JSON) - local q_event_cnt=$(jq -r '.pipelines.main.queue.events_count' $NS_JSON) - local q_size=$(jq -r '.pipelines.main.queue.queue_size_in_bytes' $NS_JSON) - TOTAL_EVENTS_OUT=$(jq -r '.pipelines.main.events.out' $NS_JSON) - printf "current: %s, 1m: %s, 5m: %s, worker_utilization: %s, worker_concurrency: %s, cpu: %s, heap: %s, non-heap: %s, q_events: %s, q_size: %s, total_events_out: %s\n" \ - $CURRENT $eps_1m $eps_5m $worker_util $worker_concurr $cpu_percent $heap $non_heap $q_event_cnt $q_size $TOTAL_EVENTS_OUT -} - -aggregate_stats() { - local file_glob="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_*.json" - MAX_EPS_1M=$( jqmax '.flow.output_throughput.last_1_minute' "$file_glob" ) - MAX_EPS_5M=$( jqmax '.flow.output_throughput.last_5_minutes' "$file_glob" ) - MAX_WORKER_UTIL=$( jqmax '.pipelines.main.flow.worker_utilization.last_1_minute' "$file_glob" ) - MAX_WORKER_CONCURR=$( jqmax '.pipelines.main.flow.worker_concurrency.last_1_minute' "$file_glob" ) - MAX_Q_EVENT_CNT=$( jqmax '.pipelines.main.queue.events_count' "$file_glob" ) - MAX_Q_SIZE=$( jqmax '.pipelines.main.queue.queue_size_in_bytes' "$file_glob" ) - - AVG_CPU_PERCENT=$( jqavg '.process.cpu.percent' "$file_glob" ) - AVG_VIRTUAL_MEM=$( jqavg '.process.mem.total_virtual_in_bytes' "$file_glob" ) - AVG_HEAP=$( jqavg '.jvm.mem.heap_used_in_bytes' "$file_glob" ) - AVG_NON_HEAP=$( jqavg '.jvm.mem.non_heap_used_in_bytes' "$file_glob" ) -} - -send_summary() { - echo "--- Send summary to Elasticsearch" - - # build json - local timestamp - timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S") - SUMMARY="{\"timestamp\": \"$timestamp\", \"version\": \"$LS_VERSION\", \"cpu\": \"$CPU\", \"mem\": \"$MEM\", \"workers\": \"$WORKER\", \"batch_size\": \"$BATCH_SIZE\", \"queue_type\": \"$QTYPE\"" - not_empty "$TOTAL_EVENTS_OUT" && SUMMARY="$SUMMARY, \"total_events_out\": \"$TOTAL_EVENTS_OUT\"" - not_empty "$MAX_EPS_1M" && SUMMARY="$SUMMARY, \"max_eps_1m\": \"$MAX_EPS_1M\"" - not_empty "$MAX_EPS_5M" && SUMMARY="$SUMMARY, \"max_eps_5m\": \"$MAX_EPS_5M\"" - not_empty "$MAX_WORKER_UTIL" && SUMMARY="$SUMMARY, \"max_worker_utilization\": \"$MAX_WORKER_UTIL\"" - not_empty "$MAX_WORKER_CONCURR" && SUMMARY="$SUMMARY, \"max_worker_concurrency\": \"$MAX_WORKER_CONCURR\"" - not_empty "$AVG_CPU_PERCENT" && SUMMARY="$SUMMARY, \"avg_cpu_percentage\": \"$AVG_CPU_PERCENT\"" - not_empty "$AVG_HEAP" && SUMMARY="$SUMMARY, \"avg_heap\": \"$AVG_HEAP\"" - not_empty "$AVG_NON_HEAP" && SUMMARY="$SUMMARY, \"avg_non_heap\": \"$AVG_NON_HEAP\"" - not_empty "$AVG_VIRTUAL_MEM" && SUMMARY="$SUMMARY, \"avg_virtual_memory\": \"$AVG_VIRTUAL_MEM\"" - not_empty "$MAX_Q_EVENT_CNT" && SUMMARY="$SUMMARY, \"max_queue_events\": \"$MAX_Q_EVENT_CNT\"" - not_empty "$MAX_Q_SIZE" && SUMMARY="$SUMMARY, \"max_queue_bytes_size\": \"$MAX_Q_SIZE\"" - not_empty "$TAGS" && SUMMARY="$SUMMARY, \"tags\": $JSON_TAGS" - SUMMARY="$SUMMARY}" - - tee summary.json << EOF -{"index": {}} -$SUMMARY -EOF - - # send to ES - local resp - local err_status - resp=$(curl -s -X POST -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" "$BENCHMARK_ES_HOST/benchmark_summary/_bulk" -H 'Content-Type: application/json' --data-binary @"summary.json") - echo "$resp" - err_status=$(echo "$resp" | jq -r ".errors") - if [[ "$err_status" == "true" ]]; then - echo "Failed to send summary" - exit 1 - fi -} - -# $1: snapshot index -node_stats() { - NS_JSON="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_$1.json" # m_w8b1000_0.json - - # curl inside container because docker on mac cannot resolve localhost to host network interface - docker exec -i ls curl localhost:9600/_node/stats > "$NS_JSON" 2> /dev/null -} - -# $1: index -snapshot() { - node_stats $1 - capture_stats -} - -create_directory() { - NS_DIR="fb${FB_CNT}c${CPU}m${MEM}" # fb4c4m4 - mkdir -p "$SCRIPT_PATH/$NS_DIR" -} - -queue() { - for QTYPE in "persisted" "memory"; do - worker - done -} - -worker() { - for m in "${MULTIPLIERS[@]}"; do - WORKER=$((CPU * m)) - batch - done -} - -batch() { - for BATCH_SIZE in "${BATCH_SIZES[@]}"; do - run_pipeline - stop_pipeline - done -} - -run_pipeline() { - echo "--- Run pipeline. queue type: $QTYPE, worker: $WORKER, batch size: $BATCH_SIZE" - - start_logstash - start_filebeat - docker ps - - echo "(0) sleep 3m" && sleep 180 - snapshot "0" - - for i in {1..8}; do - echo "($i) sleep 30s" && sleep 30 - snapshot "$i" - - # print docker log when ingestion rate is zero - # remove '.' in number and return max val - [[ $(max -g "${CURRENT/./}" "0") -eq 0 ]] && - docker logs fb0 && - docker logs ls - done - - aggregate_stats - send_summary -} - -stop_pipeline() { - echo "--- Stop Pipeline" - - for ((i = 0; i < FB_CNT; i++)); do - docker stop fb$i - docker rm fb$i - done - - docker stop ls - docker rm ls - - curl -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" -X DELETE $BENCHMARK_ES_HOST/_data_stream/logs-generic-default - echo " data stream deleted " - - # TODO: clean page caches, reduce memory fragmentation - # https://github.com/elastic/logstash/pull/16191#discussion_r1647050216 -} - -clean_up() { - # stop log generation if it has not done yet - [[ -n $(docker ps | grep flog) ]] && docker stop flog || true - # remove image - docker image rm docker.elastic.co/logstash/logstash:$LS_VERSION -} - main() { parse_args "$@" get_secret @@ -366,4 +56,4 @@ main() { clean_up } -main "$@" +main "$@" \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/marathon.sh b/.buildkite/scripts/benchmark/marathon.sh new file mode 100755 index 000000000..4878a2d39 --- /dev/null +++ b/.buildkite/scripts/benchmark/marathon.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash +set -eo pipefail + +# ******************************************************* +# Run benchmark for versions that have flow metrics +# When the hardware changes, run the marathon task to establish a new baseline. +# Usage: +# nohup bash -x all.sh > log.log 2>&1 & +# Accept env vars: +# STACK_VERSIONS=8.15.0,8.15.1,8.16.0-SNAPSHOT # versions to test. It is comma separator string +# ******************************************************* + +SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")" +source "$SCRIPT_PATH/core.sh" + +parse_stack_versions() { + IFS=',' + STACK_VERSIONS="${STACK_VERSIONS:-8.6.0,8.7.0,8.8.0,8.9.0,8.10.0,8.11.0,8.12.0,8.13.0,8.14.0,8.15.0}" + read -ra STACK_VERSIONS <<< "$STACK_VERSIONS" +} + +main() { + parse_stack_versions + parse_args "$@" + get_secret + generate_logs + check_logs + + for V in "${STACK_VERSIONS[@]}" ; do + LS_VERSION="$V" + pull_images + create_directory + if [[ $QTYPE == "all" ]]; then + queue + else + worker + fi + done +} + +main "$@" \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md b/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md new file mode 100644 index 000000000..335acb0ac --- /dev/null +++ b/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md @@ -0,0 +1,5 @@ +## 20240912 +Updated runtime field `release` to return `true` when `version` contains "SNAPSHOT" + +## 20240912 +Initial dashboards \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson index e68a8fc77..ef4511357 100644 --- a/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson +++ b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson @@ -1,4 +1,4 @@ -{"attributes":{"allowHidden":false,"fieldAttrs":"{\"5m_num\":{\"customLabel\":\"\"},\"avg_heap_num\":{\"customLabel\":\"\"},\"avg_non_heap_num\":{\"customLabel\":\"\"},\"max_worker_utilization_num\":{\"customLabel\":\"\"},\"max_worker_concurrency_num\":{\"customLabel\":\"\"},\"max_queue_events\":{\"customLabel\":\"\"},\"max_queue_events_num\":{\"customLabel\":\"\"},\"total_events_out_num\":{\"customLabel\":\"\"},\"avg_cpu_percentage_num\":{\"customLabel\":\"\"},\"release\":{},\"version_num\":{}}","fieldFormatMap":"{\"5m_num\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}},\"avg_heap_num\":{\"id\":\"number\"},\"avg_non_heap_num\":{\"id\":\"number\"},\"max_worker_utilization_num\":{\"id\":\"number\"},\"max_worker_concurrency_num\":{\"id\":\"number\"},\"max_queue_events\":{\"id\":\"number\"},\"max_queue_events_num\":{\"id\":\"number\"},\"avg_cpu_percentage_num\":{\"id\":\"number\"}}","fields":"[{\"name\":\"5m_num\",\"script\":\"return Integer.parseInt(doc['max_eps_5m.keyword'].value)\",\"lang\":\"painless\",\"type\":\"number\",\"scripted\":true,\"customLabel\":\"\"}]","name":"benchmark","runtimeFieldMap":"{\"release\":{\"type\":\"boolean\",\"script\":{\"source\":\"def version = doc['version.keyword'].value;\\nif (version.endsWith(\\\"-SNAPSHOT\\\")) {\\n\\temit(false);\\n}\\nelse {\\n\\temit(true);\\n}\"}},\"version_num\":{\"type\":\"long\",\"script\":{\"source\":\"if (doc.containsKey('version.keyword') && !doc['version.keyword'].empty) {\\n // Get the version string\\n String version = doc['version.keyword'].value;\\n \\n // Remove any suffix after the patch number (e.g., -SNAPSHOT)\\n int dashIndex = version.indexOf('-');\\n if (dashIndex != -1) {\\n version = version.substring(0, dashIndex);\\n }\\n \\n // Find positions of dots\\n int firstDot = version.indexOf('.');\\n int secondDot = version.indexOf('.', firstDot + 1);\\n \\n // Extract major, minor, and patch parts of the version\\n int major = Integer.parseInt(version.substring(0, firstDot));\\n int minor = Integer.parseInt(version.substring(firstDot + 1, secondDot));\\n int patch = Integer.parseInt(version.substring(secondDot + 1));\\n \\n // Combine into a sortable numeric value\\n emit(major * 10000 + minor * 100 + patch);\\n}\\n\\nemit(0);\"}}}","sourceFilters":"[]","timeFieldName":"timestamp","title":"benchmark_*"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"c5493557-3fd6-4929-8dc2-40d248303942","managed":false,"references":[],"type":"index-pattern","typeMigrationVersion":"8.0.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzcyNiw3XQ=="} +{"attributes":{"allowHidden":false,"fieldAttrs":"{\"5m_num\":{\"customLabel\":\"\"},\"avg_heap_num\":{\"customLabel\":\"\"},\"avg_non_heap_num\":{\"customLabel\":\"\"},\"max_worker_utilization_num\":{\"customLabel\":\"\"},\"max_worker_concurrency_num\":{\"customLabel\":\"\"},\"max_queue_events\":{\"customLabel\":\"\"},\"max_queue_events_num\":{\"customLabel\":\"\"},\"total_events_out_num\":{\"customLabel\":\"\"},\"avg_cpu_percentage_num\":{\"customLabel\":\"\"},\"release\":{},\"version_num\":{}}","fieldFormatMap":"{\"5m_num\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}},\"avg_heap_num\":{\"id\":\"number\"},\"avg_non_heap_num\":{\"id\":\"number\"},\"max_worker_utilization_num\":{\"id\":\"number\"},\"max_worker_concurrency_num\":{\"id\":\"number\"},\"max_queue_events\":{\"id\":\"number\"},\"max_queue_events_num\":{\"id\":\"number\"},\"avg_cpu_percentage_num\":{\"id\":\"number\"}}","fields":"[{\"name\":\"5m_num\",\"script\":\"return Integer.parseInt(doc['max_eps_5m.keyword'].value)\",\"lang\":\"painless\",\"type\":\"number\",\"scripted\":true,\"customLabel\":\"\"}]","name":"benchmark","runtimeFieldMap":"{\"release\":{\"type\":\"boolean\",\"script\":{\"source\":\"def version = doc['version.keyword'].value;\\nif (version.contains(\\\"SNAPSHOT\\\")) {\\n\\temit(false);\\n}\\nelse {\\n\\temit(true);\\n}\"}},\"version_num\":{\"type\":\"long\",\"script\":{\"source\":\"if (doc.containsKey('version.keyword') && !doc['version.keyword'].empty) {\\n // Get the version string\\n String version = doc['version.keyword'].value;\\n \\n // Remove any suffix after the patch number (e.g., -SNAPSHOT)\\n int dashIndex = version.indexOf('-');\\n if (dashIndex != -1) {\\n version = version.substring(0, dashIndex);\\n }\\n \\n // Find positions of dots\\n int firstDot = version.indexOf('.');\\n int secondDot = version.indexOf('.', firstDot + 1);\\n \\n // Extract major, minor, and patch parts of the version\\n int major = Integer.parseInt(version.substring(0, firstDot));\\n int minor = Integer.parseInt(version.substring(firstDot + 1, secondDot));\\n int patch = Integer.parseInt(version.substring(secondDot + 1));\\n \\n // Combine into a sortable numeric value\\n emit(major * 10000 + minor * 100 + patch);\\n}\\n\\nemit(0);\"}}}","sourceFilters":"[]","timeFieldName":"timestamp","title":"benchmark_*"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"c5493557-3fd6-4929-8dc2-40d248303942","managed":false,"references":[],"type":"index-pattern","typeMigrationVersion":"8.0.0","updated_at":"2024-09-12T20:34:35.037Z","updated_by":"u_4132377203_cloud","version":"WzE1NjYsOF0="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":100},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Release EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:29.581Z","id":"2c017667-7403-402c-b027-3cc790945a27","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:29.581Z","version":"WzEzOTMsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[MQ][R] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:13.413Z","id":"9546a73b-5937-4d3d-850f-30625d6e1405","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:13.413Z","version":"WzEzOTEsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"2786f33f-2ad1-4722-8706-9cba9613662e","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:00.945Z","id":"6fba7dff-2564-450b-b885-8c6cf97fa727","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"2786f33f-2ad1-4722-8706-9cba9613662e","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:00.945Z","version":"WzEzODksN10="} @@ -17,8 +17,8 @@ {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"columns":{"0ad565fc-0a55-492b-ba69-1be57f501e13":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"962f0beb-0dd8-4449-a652-878d0d2c63e8","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[PQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"4d1f7bef-c184-4457-b159-465128d2d70b","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"962f0beb-0dd8-4449-a652-878d0d2c63e8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzczOSw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[PQ] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Miw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Niw3XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":false},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":false}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":14,\"i\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},\"panelIndex\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\",\"embeddableConfig\":{\"enhancements\":{},\"attributes\":{\"title\":\"Daily EPS by queue & worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"axisTitlesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"seriesType\":\"line\",\"xAccessor\":\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"splitAccessor\":\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"accessors\":[\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#207f8c\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#0055fc\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#99e6e8\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#c3513a\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#fd1900\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#e88888\"},\"touched\":true}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}}}],\"yTitle\":\"5m eps\"},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"datasourceStates\":{\"formBased\":{\"layers\":{\"999c9564-cba1-4f3b-af99-ccbacb8e034f\":{\"columns\":{\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\":{\"label\":\"Top values of workers.keyword + 1 other\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":6,\"orderBy\":{\"type\":\"column\",\"columnId\":\"be033d18-2c04-44f2-b403-0b88d888143d\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"multi_terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"secondaryFields\":[\"queue_type.keyword\"]}},\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"be033d18-2c04-44f2-b403-0b88d888143d\":{\"label\":\"Median of 5m_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"5m_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"type\":\"index-pattern\"}],\"type\":\"lens\"}},\"panelRefName\":\"panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":14,\"w\":16,\"h\":14,\"i\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\"},\"panelIndex\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_3fc59b3e-512e-4a47-baa4-e89e4978b685\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":14,\"w\":16,\"h\":14,\"i\":\"6294036c-7c92-4e51-990d-ace6af0de939\"},\"panelIndex\":\"6294036c-7c92-4e51-990d-ace6af0de939\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_6294036c-7c92-4e51-990d-ace6af0de939\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":28,\"w\":16,\"h\":8,\"i\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\"},\"panelIndex\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\",\"embeddableConfig\":{\"attributes\":{\"title\":\"PQ max q events by worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\",\"isInside\":true,\"showSingleSeries\":true,\"legendSize\":\"small\",\"shouldTruncate\":true,\"verticalAlignment\":\"bottom\",\"horizontalAlignment\":\"left\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"yTitle\":\"events in queue\",\"hideEndzones\":false,\"showCurrentTimeMarker\":false,\"valuesInLegend\":false,\"axisTitlesVisibilitySettings\":{\"x\":false,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"seriesType\":\"line\",\"splitAccessor\":\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"accessors\":[\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"4\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":0},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"8\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":1},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"16\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":2},\"touched\":false}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}},\"xAccessor\":\"9542ed03-9691-42a3-b5c2-407bcaab221c\"}]},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"index\":\"599131c3-0cd9-4a1f-b9da-9894538d58cc\",\"key\":\"queue_type.keyword\",\"field\":\"queue_type.keyword\",\"params\":{\"query\":\"persisted\"},\"type\":\"phrase\"},\"query\":{\"match_phrase\":{\"queue_type.keyword\":\"persisted\"}},\"$state\":{\"store\":\"appState\"}}],\"datasourceStates\":{\"formBased\":{\"layers\":{\"eb818eba-fa75-45d1-a9ee-6619eecc9280\":{\"columns\":{\"0da92b64-fe48-439e-9b3a-47775ce1a149\":{\"label\":\"workers\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":3,\"orderBy\":{\"type\":\"column\",\"columnId\":\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"accuracyMode\":false},\"customLabel\":true},\"9542ed03-9691-42a3-b5c2-407bcaab221c\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\":{\"label\":\"Median of max_queue_events_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"max_queue_events_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"9542ed03-9691-42a3-b5c2-407bcaab221c\",\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"type\":\"index-pattern\"}],\"type\":\"lens\"},\"enhancements\":{}},\"panelRefName\":\"panel_77d40890-d175-436f-aac3-7bcc9f7beacc\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\"},\"panelIndex\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_8bd920f9-5be7-4481-b733-ba83bdd127d5\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":16,\"i\":\"23581637-2ff1-4cae-a839-345620c3d180\"},\"panelIndex\":\"23581637-2ff1-4cae-a839-345620c3d180\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_23581637-2ff1-4cae-a839-345620c3d180\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":28,\"w\":16,\"h\":16,\"i\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\"},\"panelIndex\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_c7ab44aa-4607-40b7-b268-d69136bfdcde\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":14,\"w\":16,\"h\":14,\"i\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\"},\"panelIndex\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_01628fc9-19c2-4c65-bc9f-3f284f77c309\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-2M","timeRestore":true,"timeTo":"now","title":"Logstash daily benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:44:20.764Z","id":"9ef273e3-bee2-48bb-9976-7edc19454b93","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","name":"3fc59b3e-512e-4a47-baa4-e89e4978b685:panel_3fc59b3e-512e-4a47-baa4-e89e4978b685","type":"lens"},{"id":"8cbdba7b-e921-42b9-b55b-da567717e259","name":"6294036c-7c92-4e51-990d-ace6af0de939:panel_6294036c-7c92-4e51-990d-ace6af0de939","type":"lens"},{"id":"7a2c9e96-8e48-4546-b736-065757a52c47","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:panel_77d40890-d175-436f-aac3-7bcc9f7beacc","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"daa3722a-cab7-49ba-b5bb-033e81133096","name":"8bd920f9-5be7-4481-b733-ba83bdd127d5:panel_8bd920f9-5be7-4481-b733-ba83bdd127d5","type":"lens"},{"id":"4d1f7bef-c184-4457-b159-465128d2d70b","name":"23581637-2ff1-4cae-a839-345620c3d180:panel_23581637-2ff1-4cae-a839-345620c3d180","type":"lens"},{"id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","name":"c7ab44aa-4607-40b7-b268-d69136bfdcde:panel_c7ab44aa-4607-40b7-b268-d69136bfdcde","type":"lens"},{"id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","name":"01628fc9-19c2-4c65-bc9f-3f284f77c309:panel_01628fc9-19c2-4c65-bc9f-3f284f77c309","type":"lens"}],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2024-09-09T13:44:20.764Z","version":"WzEyNTEsN10="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":true},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":true}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":19,\"i\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\"},\"panelIndex\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_329684df-6ec4-4973-8c96-bc91eaa23fe9\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":19,\"w\":16,\"h\":17,\"i\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},\"panelIndex\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":19,\"w\":16,\"h\":17,\"i\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\"},\"panelIndex\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_485385cb-cd2b-408b-a119-5e7b15c15eeb\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":19,\"w\":16,\"h\":17,\"i\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},\"panelIndex\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":36,\"w\":16,\"h\":16,\"i\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\"},\"panelIndex\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_2934659f-462a-41b1-bdc0-344a7a4a2267\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":36,\"w\":16,\"h\":16,\"i\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},\"panelIndex\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\"},\"panelIndex\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_99c4094f-8906-4ded-b56f-8e20107a8f3b\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":44,\"w\":16,\"h\":8,\"i\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\"},\"panelIndex\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_a8dd132b-9212-4c33-83ef-19ec5152448e\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-1y","timeRestore":true,"timeTo":"now","title":"Logstash release benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:43:43.023Z","id":"901317cf-f97a-4d20-8420-53f0bf67c606","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"2c017667-7403-402c-b027-3cc790945a27","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:panel_329684df-6ec4-4973-8c96-bc91eaa23fe9","type":"lens"},{"id":"a577558f-f9a6-4c86-b562-7618b2c71db0","name":"68db206a-6de8-40a8-bd6c-b82d78a41ac7:panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7","type":"lens"},{"id":"9546a73b-5937-4d3d-850f-30625d6e1405","name":"485385cb-cd2b-408b-a119-5e7b15c15eeb:panel_485385cb-cd2b-408b-a119-5e7b15c15eeb","type":"lens"},{"id":"6fba7dff-2564-450b-b885-8c6cf97fa727","name":"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce:panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce","type":"lens"},{"id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","name":"2934659f-462a-41b1-bdc0-344a7a4a2267:panel_2934659f-462a-41b1-bdc0-344a7a4a2267","type":"lens"},{"id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","name":"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2:panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2","type":"lens"},{"id":"d79b8742-6284-4842-ac44-65640d090179","name":"99c4094f-8906-4ded-b56f-8e20107a8f3b:panel_99c4094f-8906-4ded-b56f-8e20107a8f3b","type":"lens"},{"id":"1872e84f-56f2-4a17-9426-3d25d6e03931","name":"a8dd132b-9212-4c33-83ef-19ec5152448e:panel_a8dd132b-9212-4c33-83ef-19ec5152448e","type":"lens"}],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2024-09-09T13:43:43.023Z","version":"WzEyNDUsN10="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":false},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":false}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":14,\"i\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},\"panelIndex\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\",\"embeddableConfig\":{\"enhancements\":{},\"attributes\":{\"title\":\"Daily EPS by queue & worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"axisTitlesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"seriesType\":\"line\",\"xAccessor\":\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"splitAccessor\":\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"accessors\":[\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#207f8c\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#0055fc\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#99e6e8\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#c3513a\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#fd1900\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#e88888\"},\"touched\":true}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}}}],\"yTitle\":\"5m eps\"},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"datasourceStates\":{\"formBased\":{\"layers\":{\"999c9564-cba1-4f3b-af99-ccbacb8e034f\":{\"columns\":{\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\":{\"label\":\"Top values of workers.keyword + 1 other\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":6,\"orderBy\":{\"type\":\"column\",\"columnId\":\"be033d18-2c04-44f2-b403-0b88d888143d\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"multi_terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"secondaryFields\":[\"queue_type.keyword\"]}},\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"be033d18-2c04-44f2-b403-0b88d888143d\":{\"label\":\"Median of 5m_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"5m_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"type\":\"index-pattern\"}],\"type\":\"lens\"}},\"panelRefName\":\"panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":14,\"w\":16,\"h\":14,\"i\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\"},\"panelIndex\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_3fc59b3e-512e-4a47-baa4-e89e4978b685\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":14,\"w\":16,\"h\":14,\"i\":\"6294036c-7c92-4e51-990d-ace6af0de939\"},\"panelIndex\":\"6294036c-7c92-4e51-990d-ace6af0de939\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_6294036c-7c92-4e51-990d-ace6af0de939\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":28,\"w\":16,\"h\":8,\"i\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\"},\"panelIndex\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\",\"embeddableConfig\":{\"attributes\":{\"title\":\"PQ max q events by worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\",\"isInside\":true,\"showSingleSeries\":true,\"legendSize\":\"small\",\"shouldTruncate\":true,\"verticalAlignment\":\"bottom\",\"horizontalAlignment\":\"left\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"yTitle\":\"events in queue\",\"hideEndzones\":false,\"showCurrentTimeMarker\":false,\"valuesInLegend\":false,\"axisTitlesVisibilitySettings\":{\"x\":false,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"seriesType\":\"line\",\"splitAccessor\":\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"accessors\":[\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"4\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":0},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"8\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":1},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"16\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":2},\"touched\":false}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}},\"xAccessor\":\"9542ed03-9691-42a3-b5c2-407bcaab221c\"}]},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"index\":\"599131c3-0cd9-4a1f-b9da-9894538d58cc\",\"key\":\"queue_type.keyword\",\"field\":\"queue_type.keyword\",\"params\":{\"query\":\"persisted\"},\"type\":\"phrase\"},\"query\":{\"match_phrase\":{\"queue_type.keyword\":\"persisted\"}},\"$state\":{\"store\":\"appState\"}}],\"datasourceStates\":{\"formBased\":{\"layers\":{\"eb818eba-fa75-45d1-a9ee-6619eecc9280\":{\"columns\":{\"0da92b64-fe48-439e-9b3a-47775ce1a149\":{\"label\":\"workers\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":3,\"orderBy\":{\"type\":\"column\",\"columnId\":\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"accuracyMode\":false},\"customLabel\":true},\"9542ed03-9691-42a3-b5c2-407bcaab221c\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\":{\"label\":\"Median of max_queue_events_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"max_queue_events_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"9542ed03-9691-42a3-b5c2-407bcaab221c\",\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"type\":\"index-pattern\"}],\"type\":\"lens\"},\"enhancements\":{}},\"panelRefName\":\"panel_77d40890-d175-436f-aac3-7bcc9f7beacc\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\"},\"panelIndex\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_8bd920f9-5be7-4481-b733-ba83bdd127d5\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":16,\"i\":\"23581637-2ff1-4cae-a839-345620c3d180\"},\"panelIndex\":\"23581637-2ff1-4cae-a839-345620c3d180\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_23581637-2ff1-4cae-a839-345620c3d180\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":28,\"w\":16,\"h\":16,\"i\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\"},\"panelIndex\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_c7ab44aa-4607-40b7-b268-d69136bfdcde\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":14,\"w\":16,\"h\":14,\"i\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\"},\"panelIndex\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_01628fc9-19c2-4c65-bc9f-3f284f77c309\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-2M","timeRestore":true,"timeTo":"now","title":"Logstash daily benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:44:20.764Z","id":"9ef273e3-bee2-48bb-9976-7edc19454b93","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","name":"3fc59b3e-512e-4a47-baa4-e89e4978b685:panel_3fc59b3e-512e-4a47-baa4-e89e4978b685","type":"lens"},{"id":"8cbdba7b-e921-42b9-b55b-da567717e259","name":"6294036c-7c92-4e51-990d-ace6af0de939:panel_6294036c-7c92-4e51-990d-ace6af0de939","type":"lens"},{"id":"7a2c9e96-8e48-4546-b736-065757a52c47","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:panel_77d40890-d175-436f-aac3-7bcc9f7beacc","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"daa3722a-cab7-49ba-b5bb-033e81133096","name":"8bd920f9-5be7-4481-b733-ba83bdd127d5:panel_8bd920f9-5be7-4481-b733-ba83bdd127d5","type":"lens"},{"id":"4d1f7bef-c184-4457-b159-465128d2d70b","name":"23581637-2ff1-4cae-a839-345620c3d180:panel_23581637-2ff1-4cae-a839-345620c3d180","type":"lens"},{"id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","name":"c7ab44aa-4607-40b7-b268-d69136bfdcde:panel_c7ab44aa-4607-40b7-b268-d69136bfdcde","type":"lens"},{"id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","name":"01628fc9-19c2-4c65-bc9f-3f284f77c309:panel_01628fc9-19c2-4c65-bc9f-3f284f77c309","type":"lens"}],"type":"dashboard","typeMigrationVersion":"10.2.0","updated_at":"2024-09-09T13:44:20.764Z","version":"WzE0ODksOF0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":true},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":true}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":19,\"i\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\"},\"panelIndex\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_329684df-6ec4-4973-8c96-bc91eaa23fe9\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":19,\"w\":16,\"h\":17,\"i\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},\"panelIndex\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":19,\"w\":16,\"h\":17,\"i\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\"},\"panelIndex\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_485385cb-cd2b-408b-a119-5e7b15c15eeb\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":19,\"w\":16,\"h\":17,\"i\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},\"panelIndex\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":36,\"w\":16,\"h\":16,\"i\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\"},\"panelIndex\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_2934659f-462a-41b1-bdc0-344a7a4a2267\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":36,\"w\":16,\"h\":16,\"i\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},\"panelIndex\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\"},\"panelIndex\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_99c4094f-8906-4ded-b56f-8e20107a8f3b\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":44,\"w\":16,\"h\":8,\"i\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\"},\"panelIndex\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_a8dd132b-9212-4c33-83ef-19ec5152448e\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-1y","timeRestore":true,"timeTo":"now","title":"Logstash release benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:43:43.023Z","id":"901317cf-f97a-4d20-8420-53f0bf67c606","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"2c017667-7403-402c-b027-3cc790945a27","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:panel_329684df-6ec4-4973-8c96-bc91eaa23fe9","type":"lens"},{"id":"a577558f-f9a6-4c86-b562-7618b2c71db0","name":"68db206a-6de8-40a8-bd6c-b82d78a41ac7:panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7","type":"lens"},{"id":"9546a73b-5937-4d3d-850f-30625d6e1405","name":"485385cb-cd2b-408b-a119-5e7b15c15eeb:panel_485385cb-cd2b-408b-a119-5e7b15c15eeb","type":"lens"},{"id":"6fba7dff-2564-450b-b885-8c6cf97fa727","name":"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce:panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce","type":"lens"},{"id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","name":"2934659f-462a-41b1-bdc0-344a7a4a2267:panel_2934659f-462a-41b1-bdc0-344a7a4a2267","type":"lens"},{"id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","name":"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2:panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2","type":"lens"},{"id":"d79b8742-6284-4842-ac44-65640d090179","name":"99c4094f-8906-4ded-b56f-8e20107a8f3b:panel_99c4094f-8906-4ded-b56f-8e20107a8f3b","type":"lens"},{"id":"1872e84f-56f2-4a17-9426-3d25d6e03931","name":"a8dd132b-9212-4c33-83ef-19ec5152448e:panel_a8dd132b-9212-4c33-83ef-19ec5152448e","type":"lens"}],"type":"dashboard","typeMigrationVersion":"10.2.0","updated_at":"2024-09-09T13:43:43.023Z","version":"WzE0OTAsOF0="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[PQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"07700ebe-b8c9-498f-9a91-30efb0c48784","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0MCw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"4e0f2401-369e-4818-8a1f-52b64ff175df","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"29ebb6b1-bee6-4f15-b3dc-aac083d5d2f5","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"4e0f2401-369e-4818-8a1f-52b64ff175df","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0NSw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"string","isBucketed":true,"label":"Top 100 values of version.keyword","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","negate":false,"params":[{"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}},{"meta":{"alias":null,"disabled":false,"field":"release","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"release","negate":false,"params":{"query":true},"type":"phrase"},"query":{"match_phrase":{"release":true}}}],"relation":"AND","type":"combined"},"query":{}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[MQ][R] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"26ec195e-e4a9-4417-be97-6d1fbc6b63c0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0OSw3XQ=="} diff --git a/catalog-info.yaml b/catalog-info.yaml index 9f1dfa94d..c5367ea66 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -614,7 +614,7 @@ spec: kind: Pipeline metadata: name: logstash-benchmark-pipeline - description: ':logstash: The Benchmark pipeline for snapshot version' + description: ':running: The Benchmark pipeline for snapshot version' spec: repository: elastic/logstash pipeline_file: ".buildkite/benchmark_pipeline.yml" @@ -646,18 +646,18 @@ spec: # ******************************* # *********************************** -# SECTION START: Benchmark multiple Logstash versions +# SECTION START: Benchmark Marathon # *********************************** --- # yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json apiVersion: backstage.io/v1alpha1 kind: Resource metadata: - name: logstash-benchmark-versions-pipeline - description: Buildkite pipeline for benchmarking multiple versions + name: logstash-benchmark-marathon-pipeline + description: Buildkite pipeline for benchmarking multi-version links: - - title: 'Logstash benchmark pipeline for multiple versions' - url: https://buildkite.com/elastic/logstash-benchmark-versions-pipeline + - title: 'Logstash Benchmark Marathon' + url: https://buildkite.com/elastic/logstash-benchmark-marathon-pipeline spec: type: buildkite-pipeline owner: group:logstash @@ -666,11 +666,11 @@ spec: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline metadata: - name: logstash-benchmark-versions-pipeline - description: ':logstash: The Benchmark pipeline for multiple versions' + name: logstash-benchmark-marathon-pipeline + description: ':running: The Benchmark Marathon for multi-version' spec: repository: elastic/logstash - pipeline_file: ".buildkite/benchmark_versions_pipeline.yml" + pipeline_file: ".buildkite/benchmark_marathon_pipeline.yml" maximum_timeout_in_minutes: 480 provider_settings: trigger_mode: none # don't trigger jobs from github activity @@ -690,7 +690,7 @@ spec: access_level: READ_ONLY # ******************************* -# SECTION END: Benchmark multiple Logstash versions +# SECTION END: Benchmark Marathon # ******************************* # *********************************** From b54caf3fd8e907c526ab2b8897ce4de4656c2fd5 Mon Sep 17 00:00:00 2001 From: Luca Belluccini Date: Thu, 19 Sep 2024 19:32:14 +0200 Subject: [PATCH 046/290] Known issue for 8.15.1 related to env vars references (#16455) --- docs/static/releasenotes.asciidoc | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index fa8b56b79..81c1db94c 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -69,6 +69,15 @@ This section summarizes the changes in the following releases: [[logstash-8-15-1]] === Logstash 8.15.1 Release Notes +[[known-issues-8-15-1]] +==== Known issues + +* **{ls} may fail to start under some circumstances.** Single and double quotes are stripped from a pipeline configuration if the configuration includes environment or keystore variable references. +If this situation occurs, {ls} may fail to start or some plugins may use a malformed configuration. +Check out issue https://github.com/elastic/logstash/issues/16437[#16437] for details. ++ +Workaround: Downgrade to {ls} 8.15.0, or temporarily avoid using environment and keystore variable references. + [[notable-8.15.1]] ==== Performance improvements and notable issues fixed @@ -2475,4 +2484,4 @@ We have added another flag to the Benchmark CLI to allow passing a data file wit This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] ==== Plugin releases -Plugins align with release 7.14.0 \ No newline at end of file +Plugins align with release 7.14.0 From 0ef4c7da3280dca2175d00886d3e19f23e2deb9b Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 20 Sep 2024 19:58:20 +0100 Subject: [PATCH 047/290] [ci] fix wrong queue type in benchmark marathon (#16465) --- .buildkite/scripts/benchmark/marathon.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.buildkite/scripts/benchmark/marathon.sh b/.buildkite/scripts/benchmark/marathon.sh index 4878a2d39..eecbc7d8e 100755 --- a/.buildkite/scripts/benchmark/marathon.sh +++ b/.buildkite/scripts/benchmark/marathon.sh @@ -26,8 +26,11 @@ main() { generate_logs check_logs + USER_QTYPE="$QTYPE" + for V in "${STACK_VERSIONS[@]}" ; do LS_VERSION="$V" + QTYPE="$USER_QTYPE" pull_images create_directory if [[ $QTYPE == "all" ]]; then From 51cca7320e5c54865ab3fe2d4101496bd69cacca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 25 Sep 2024 13:15:14 +0100 Subject: [PATCH 048/290] bump .ruby_version to jruby-9.4.8.0 (#16477) --- .ruby-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ruby-version b/.ruby-version index 57fc792f8..dac625a87 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -jruby-9.3.10.0 +jruby-9.4.8.0 From 5c57adebb9707e761886b9aa90db21feebd85838 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 25 Sep 2024 14:38:52 +0100 Subject: [PATCH 049/290] simplify snyk scanning (#16475) * remove docker image scanning as that's handled by infosec * run buildkite job on a docker image instead of vm (no need to test docker any more) --- .buildkite/scripts/snyk/report.sh | 73 ----------------------------- .buildkite/snyk_report_pipeline.yml | 9 ++-- 2 files changed, 4 insertions(+), 78 deletions(-) diff --git a/.buildkite/scripts/snyk/report.sh b/.buildkite/scripts/snyk/report.sh index 7dab7c5e3..0d666f777 100755 --- a/.buildkite/scripts/snyk/report.sh +++ b/.buildkite/scripts/snyk/report.sh @@ -4,12 +4,6 @@ set -e TARGET_BRANCHES=("main") -install_java() { - # TODO: let's think about using BK agent which has Java installed - # Current caveat is Logstash BK agent doesn't support docker operatioins in it - sudo apt update && sudo apt install -y openjdk-17-jdk && sudo apt install -y openjdk-17-jre -} - # Resolves the branches we are going to track resolve_latest_branches() { source .buildkite/scripts/snyk/resolve_stack_version.sh @@ -55,7 +49,6 @@ report() { ./snyk monitor --prune-repeated-subdependencies --all-projects --org=logstash --remote-repo-url="$REMOTE_REPO_URL" --target-reference="$REMOTE_REPO_URL" --detection-depth=6 --exclude=qa,tools,devtools,requirements.txt --project-tags=branch="$TARGET_BRANCH",git_head="$GIT_HEAD" || : } -install_java resolve_latest_branches download_auth_snyk @@ -72,69 +65,3 @@ do echo "$TARGET_BRANCH branch doesn't exist." fi done - -# Scan Logstash docker images and report -REPOSITORY_BASE_URL="docker.elastic.co/logstash/" - -report_docker_image() { - image=$1 - project_name=$2 - platform=$3 - echo "Reporting $image to Snyk started..." - docker pull "$image" - if [[ $platform != null ]]; then - ./snyk container monitor "$image" --org=logstash --platform="$platform" --project-name="$project_name" --project-tags=version="$version" || : - else - ./snyk container monitor "$image" --org=logstash --project-name="$project_name" --project-tags=version="$version" || : - fi -} - -report_docker_images() { - version=$1 - echo "Version value: $version" - - image=$REPOSITORY_BASE_URL"logstash:$version-SNAPSHOT" - snyk_project_name="logstash-$version-SNAPSHOT" - report_docker_image "$image" "$snyk_project_name" - - image=$REPOSITORY_BASE_URL"logstash-oss:$version-SNAPSHOT" - snyk_project_name="logstash-oss-$version-SNAPSHOT" - report_docker_image "$image" "$snyk_project_name" - - image=$REPOSITORY_BASE_URL"logstash:$version-SNAPSHOT-arm64" - snyk_project_name="logstash-$version-SNAPSHOT-arm64" - report_docker_image "$image" "$snyk_project_name" "linux/arm64" - - image=$REPOSITORY_BASE_URL"logstash:$version-SNAPSHOT-amd64" - snyk_project_name="logstash-$version-SNAPSHOT-amd64" - report_docker_image "$image" "$snyk_project_name" "linux/amd64" - - image=$REPOSITORY_BASE_URL"logstash-oss:$version-SNAPSHOT-arm64" - snyk_project_name="logstash-oss-$version-SNAPSHOT-arm64" - report_docker_image "$image" "$snyk_project_name" "linux/arm64" - - image=$REPOSITORY_BASE_URL"logstash-oss:$version-SNAPSHOT-amd64" - snyk_project_name="logstash-oss-$version-SNAPSHOT-amd64" - report_docker_image "$image" "$snyk_project_name" "linux/amd64" -} - -resolve_version_and_report_docker_images() { - git reset --hard HEAD # reset if any generated files appeared - git checkout "$1" - - # parse version (ex: 8.8.2 from 8.8 branch, or 8.9.0 from main branch) - versions_file="$PWD/versions.yml" - version=$(awk '/logstash:/ { print $2 }' "$versions_file") - report_docker_images "$version" -} - -# resolve docker artifact and report -#for TARGET_BRANCH in "${TARGET_BRANCHES[@]}" -#do -# if git show-ref --quiet refs/heads/"$TARGET_BRANCH"; then -# echo "Using $TARGET_BRANCH branch for docker images." -# resolve_version_and_report_docker_images "$TARGET_BRANCH" -# else -# echo "$TARGET_BRANCH branch doesn't exist." -# fi -#done \ No newline at end of file diff --git a/.buildkite/snyk_report_pipeline.yml b/.buildkite/snyk_report_pipeline.yml index 2a1476bcb..4f541256a 100644 --- a/.buildkite/snyk_report_pipeline.yml +++ b/.buildkite/snyk_report_pipeline.yml @@ -1,9 +1,8 @@ agents: - provider: gcp - imageProject: elastic-images-prod - image: family/platform-ingest-logstash-ubuntu-2204 - machineType: "n2-standard-4" - diskSizeGb: 120 + image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci" + cpu: "2" + memory: "4Gi" + ephemeralStorage: "64Gi" steps: # reports main, previous (ex: 7.latest) and current (ex: 8.latest) release branches to Snyk From f35e10d79251b4ce3a5a0aa0fbb43c2e96205ba1 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Thu, 26 Sep 2024 18:25:32 +0200 Subject: [PATCH 050/290] Updated CI releases inventory after 8.15.2 (#16474) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index a5aff98f5..0e63fc37a 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -3,11 +3,11 @@ "5.x": "5.6.16", "6.x": "6.8.23", "7.x": "7.17.24", - "8.x": "8.15.1" + "8.x": "8.15.2" }, "snapshots": { "7.x": "7.17.25-SNAPSHOT", - "8.15": "8.15.2-SNAPSHOT", + "8.15": "8.15.3-SNAPSHOT", "8.x": "8.16.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" } From 2fe91226ebce9f3ff6c118d3136c0e718518dd47 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 1 Oct 2024 13:28:26 -0400 Subject: [PATCH 051/290] Release notes for 8.15.2 (#16471) (#16486) Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com> Co-authored-by: andsel Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> (cherry picked from commit 01dc76f3b55333f0c49d7190c0cd4ca14b74a7c0) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- docs/static/releasenotes.asciidoc | 35 ++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 81c1db94c..72d3dcbab 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in the following releases: +* <> * <> * <> * <> @@ -66,6 +67,38 @@ This section summarizes the changes in the following releases: * <> +[[logstash-8-15-2]] +=== Logstash 8.15.2 Release Notes + +[[notable-8.15.2]] +==== Notable issues fixed + +* Fixed a https://github.com/elastic/logstash/issues/16437[regression] from {ls} 8.15.1 in which {ls} removes all quotes from docker env variables, possibly causing {ls} not to start https://github.com/elastic/logstash/pull/16456[#16456] + +==== Plugins + +*Beats Input - 6.8.4* + +* Fix to populate the `@metadata` fields even if the source's metadata value is `nil` https://github.com/logstash-plugins/logstash-input-beats/pull/502[#502] + +*Dead_letter_queue Input - 2.0.1* + +* Fix NullPointerException when the plugin closes https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/53[#53] + +*Elastic_serverless_forwarder Input - 0.1.5* + +* [DOC] Fix attributes to accurately set and clear default codec values https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/8[#8] + +*Logstash Integration - 1.0.3* + +* [DOC] Fix attributes to accurately set and clear default codec values https://github.com/logstash-plugins/logstash-integration-logstash/pull/23[#23] + +*Elasticsearch Output - 11.22.9* + +* Vendor ECS template for Elasticsearch 9.x in built gem https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1188[#1188] +* Added ECS template for Elasticsearch 9.x https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1187[#1187] + + [[logstash-8-15-1]] === Logstash 8.15.1 Release Notes @@ -2484,4 +2517,4 @@ We have added another flag to the Benchmark CLI to allow passing a data file wit This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] ==== Plugin releases -Plugins align with release 7.14.0 +Plugins align with release 7.14.0 \ No newline at end of file From 8368c00367cac0c5f5e0090c26be8795b2e8c7d2 Mon Sep 17 00:00:00 2001 From: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Date: Tue, 1 Oct 2024 20:33:35 +0200 Subject: [PATCH 052/290] Change LogStash::Util::SubstitutionVariables#replace_placeholders refine argument to optional (#16485) --- logstash-core/lib/logstash/util/substitution_variables.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logstash-core/lib/logstash/util/substitution_variables.rb b/logstash-core/lib/logstash/util/substitution_variables.rb index 61b938503..a6d2fd86e 100644 --- a/logstash-core/lib/logstash/util/substitution_variables.rb +++ b/logstash-core/lib/logstash/util/substitution_variables.rb @@ -51,7 +51,7 @@ module ::LogStash::Util::SubstitutionVariables # If the value does not match the pattern, the 'value' param returns as-is # When setting refine to true, substituted value will be cleaned against escaped single/double quotes # and generates array if resolved substituted value is array string - def replace_placeholders(value, refine) + def replace_placeholders(value, refine = false) if value.kind_of?(::LogStash::Util::Password) interpolated = replace_placeholders(value.value, refine) return ::LogStash::Util::Password.new(interpolated) From 61de60fe26394a7cd1eadf99bc9a41d42df46d79 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 2 Oct 2024 09:09:47 +0200 Subject: [PATCH 053/290] [Spacetime] Reimplement config Setting classe in java (#15679) Reimplement the root Ruby Setting class in Java and use it from the Ruby one moving the original Ruby class to a shell wrapping the Java instance. In particular create a new symmetric hierarchy (at the time just for `Setting`, `Coercible` and `Boolean` classes) to the Ruby one, moving also the feature for setting deprecation. In this way the new `org.logstash.settings.Boolean` is syntactically and semantically equivalent to the old Ruby Boolean class, which replaces. --- config/log4j2.properties | 2 +- logstash-core/lib/logstash/settings.rb | 155 +++++++------ .../org/logstash/settings/BaseSetting.java | 203 ++++++++++++++++++ .../java/org/logstash/settings/Boolean.java | 50 +++++ .../java/org/logstash/settings/Coercible.java | 50 +++++ .../logstash/settings/DeprecatedAlias.java | 66 ++++++ .../logstash/settings/NullableSetting.java | 40 ++++ .../java/org/logstash/settings/Setting.java | 50 +++++ .../logstash/settings/SettingDelegator.java | 89 ++++++++ .../settings/SettingWithDeprecatedAlias.java | 106 +++++++++ .../org/logstash/settings/BooleanTest.java | 46 ++++ qa/integration/specs/monitoring_api_spec.rb | 16 +- 12 files changed, 797 insertions(+), 76 deletions(-) create mode 100644 logstash-core/src/main/java/org/logstash/settings/BaseSetting.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/Boolean.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/Coercible.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/NullableSetting.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/Setting.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/SettingDelegator.java create mode 100644 logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java create mode 100644 logstash-core/src/test/java/org/logstash/settings/BooleanTest.java diff --git a/config/log4j2.properties b/config/log4j2.properties index 1c676fefe..92acf87be 100644 --- a/config/log4j2.properties +++ b/config/log4j2.properties @@ -154,7 +154,7 @@ appender.deprecation_rolling.policies.size.size = 100MB appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy appender.deprecation_rolling.strategy.max = 30 -logger.deprecation.name = org.logstash.deprecation, deprecation +logger.deprecation.name = org.logstash.deprecation logger.deprecation.level = WARN logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_plain_rolling logger.deprecation.additivity = false diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index d8c75f220..d5381c977 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -86,7 +86,10 @@ module LogStash end def register(setting) - return setting.map { |s| register(s) } if setting.kind_of?(Array) + # Method #with_deprecated_alias returns collection containing couple of other settings. + # In case the method is implemented in Ruby returns an Array while for the Java implementation + # return a List, so the following type checking before going deep by one layer. + return setting.map { |s| register(s) } if setting.kind_of?(Array) || setting.kind_of?(java.util.List) if @settings.key?(setting.name) raise ArgumentError.new("Setting \"#{setting.name}\" has already been registered as #{setting.inspect}") @@ -244,54 +247,73 @@ module LogStash class Setting include LogStash::Settings::LOGGABLE_PROXY - attr_reader :name, :default + attr_reader :wrapped_setting def initialize(name, klass, default = nil, strict = true, &validator_proc) - @name = name unless klass.is_a?(Class) - raise ArgumentError.new("Setting \"#{@name}\" must be initialized with a class (received #{klass})") + raise ArgumentError.new("Setting \"#{name}\" must be initialized with a class (received #{klass})") end + setting_builder = Java::org.logstash.settings.BaseSetting.create(name) + .defaultValue(default) + .strict(strict) + if validator_proc + setting_builder = setting_builder.validator(validator_proc) + end + + @wrapped_setting = setting_builder.build() + @klass = klass @validator_proc = validator_proc - @value = nil - @value_is_set = false - @strict = strict - validate(default) if @strict - @default = default + validate(default) if strict? + end + + def default + @wrapped_setting.default + end + + def name + @wrapped_setting.name + end + + def initialize_copy(original) + @wrapped_setting = original.wrapped_setting.clone + end + + # To be used only internally + def update_wrapper(wrapped_setting) + @wrapped_setting = wrapped_setting end def value - @value_is_set ? @value : default + @wrapped_setting.value() end def set? - @value_is_set + @wrapped_setting.set? end def strict? - @strict + @wrapped_setting.strict? end def set(value) - validate(value) if @strict - @value = value - @value_is_set = true - @value + validate(value) if strict? + @wrapped_setting.set(value) + @wrapped_setting.value end def reset - @value = nil - @value_is_set = false + @wrapped_setting.reset end def to_hash { - "name" => @name, + "name" => @wrapped_setting.name, "klass" => @klass, - "value" => @value, - "value_is_set" => @value_is_set, - "default" => @default, + "value" => @wrapped_setting.value, + "value_is_set" => @wrapped_setting.set?, + "default" => @wrapped_setting.default, # Proc#== will only return true if it's the same obj # so no there's no point in comparing it # also thereś no use case atm to return the proc @@ -301,7 +323,7 @@ module LogStash end def inspect - "<#{self.class.name}(#{name}): #{value.inspect}" + (@value_is_set ? '' : ' (DEFAULT)') + ">" + "<#{self.class.name}(#{name}): #{value.inspect}" + (@wrapped_setting.set? ? '' : ' (DEFAULT)') + ">" end def ==(other) @@ -323,58 +345,65 @@ module LogStash end def format(output) - effective_value = self.value - default_value = self.default - setting_name = self.name + @wrapped_setting.format(output) + end - if default_value == value # print setting and its default value - output << "#{setting_name}: #{effective_value.inspect}" unless effective_value.nil? - elsif default_value.nil? # print setting and warn it has been set - output << "*#{setting_name}: #{effective_value.inspect}" - elsif effective_value.nil? # default setting not set by user - output << "#{setting_name}: #{default_value.inspect}" - else # print setting, warn it has been set, and show default value - output << "*#{setting_name}: #{effective_value.inspect} (default: #{default_value.inspect})" - end + def clone(*args) + copy = self.dup + copy.update_wrapper(@wrapped_setting.clone()) + copy end protected def validate(input) if !input.is_a?(@klass) - raise ArgumentError.new("Setting \"#{@name}\" must be a #{@klass}. Received: #{input} (#{input.class})") + raise ArgumentError.new("Setting \"#{@wrapped_setting.name}\" must be a #{@klass}. Received: #{input} (#{input.class})") end if @validator_proc && !@validator_proc.call(input) - raise ArgumentError.new("Failed to validate setting \"#{@name}\" with value: #{input}") + raise ArgumentError.new("Failed to validate setting \"#{@wrapped_setting.name}\" with value: #{input}") end end class Coercible < Setting def initialize(name, klass, default = nil, strict = true, &validator_proc) - @name = name unless klass.is_a?(Class) - raise ArgumentError.new("Setting \"#{@name}\" must be initialized with a class (received #{klass})") + raise ArgumentError.new("Setting \"#{name}\" must be initialized with a class (received #{klass})") end + @klass = klass @validator_proc = validator_proc - @value = nil - @value_is_set = false + + # needed to have the name method accessible when invoking validate + @wrapped_setting = Java::org.logstash.settings.BaseSetting.create(name) + .defaultValue(default) + .strict(strict) + .build() if strict coerced_default = coerce(default) validate(coerced_default) - @default = coerced_default + updated_default = coerced_default else - @default = default + updated_default = default end + + # default value must be coerced to the right type before being set + setting_builder = Java::org.logstash.settings.BaseSetting.create(name) + .defaultValue(updated_default) + .strict(strict) + if validator_proc + setting_builder = setting_builder.validator(validator_proc) + end + + @wrapped_setting = setting_builder.build() end def set(value) coerced_value = coerce(value) validate(coerced_value) - @value = coerce(coerced_value) - @value_is_set = true - @value + @wrapped_setting.set(coerced_value) + coerced_value end def coerce(value) @@ -383,22 +412,7 @@ module LogStash end ### Specific settings ##### - class Boolean < Coercible - def initialize(name, default, strict = true, &validator_proc) - super(name, Object, default, strict, &validator_proc) - end - - def coerce(value) - case value - when TrueClass, "true" - true - when FalseClass, "false" - false - else - raise ArgumentError.new("could not coerce #{value} into a boolean") - end - end - end + java_import org.logstash.settings.Boolean class Numeric < Coercible def initialize(name, default = nil, strict = true) @@ -733,15 +747,15 @@ module LogStash protected def validate(input) if !input.is_a?(@klass) - raise ArgumentError.new("Setting \"#{@name}\" must be a #{@klass}. Received: #{input} (#{input.class})") + raise ArgumentError.new("Setting \"#{@wrapped_setting.name}\" must be a #{@klass}. Received: #{input} (#{input.class})") end unless input.all? {|el| el.kind_of?(@element_class) } - raise ArgumentError.new("Values of setting \"#{@name}\" must be #{@element_class}. Received: #{input.map(&:class)}") + raise ArgumentError.new("Values of setting \"#{@wrapped_setting.name}\" must be #{@element_class}. Received: #{input.map(&:class)}") end if @validator_proc && !@validator_proc.call(input) - raise ArgumentError.new("Failed to validate setting \"#{@name}\" with value: #{input}") + raise ArgumentError.new("Failed to validate setting \"#{@wrapped_setting.name}\" with value: #{input}") end end end @@ -782,7 +796,7 @@ module LogStash return unless invalid_value.any? raise ArgumentError, - "Failed to validate the setting \"#{@name}\" value(s): #{invalid_value.inspect}. Valid options are: #{@possible_strings.inspect}" + "Failed to validate the setting \"#{@wrapped_setting.name}\" value(s): #{invalid_value.inspect}. Valid options are: #{@possible_strings.inspect}" end end @@ -792,9 +806,9 @@ module LogStash end def set(value) - @value = coerce(value) - @value_is_set = true - @value + coerced_value = coerce(value) + @wrapped_setting.set(coerced_value) + coerced_value end def coerce(value) @@ -839,8 +853,7 @@ module LogStash @canonical_proxy = canonical_proxy clone = @canonical_proxy.canonical_setting.clone - clone.instance_variable_set(:@name, alias_name) - clone.instance_variable_set(:@default, nil) + clone.update_wrapper(clone.wrapped_setting.deprecate(alias_name)) super(clone) end diff --git a/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java new file mode 100644 index 000000000..a6de390b9 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java @@ -0,0 +1,203 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +import java.util.List; +import java.util.Objects; +import java.util.function.Predicate; + +/** + * Root class for all setting definitions. + * */ +public class BaseSetting implements Setting { + + private String name; // not final because can be updated by deprecate + T defaultValue; + private T value = null; + private final boolean strict; + private final Predicate validator; + private boolean valueIsSet = false; + + @Override + @SuppressWarnings("unchecked") + public BaseSetting clone() { + try { + BaseSetting clone = (BaseSetting) super.clone(); + // copy mutable state here, so the clone can't change the internals of the original + clone.value = value; + clone.valueIsSet = valueIsSet; + return clone; + } catch (CloneNotSupportedException e) { + throw new AssertionError(); + } + } + + public static final class Builder { + private final String name; + private boolean strict = true; + private T defaultValue = null; + private Predicate validator = noValidator(); + + public Builder(String name) { + this.name = name; + } + + public Builder defaultValue(T defaultValue) { + this.defaultValue = defaultValue; + return this; + } + + public Builder strict(boolean strict) { + this.strict = strict; + return this; + } + + public Builder validator(Predicate validator) { + this.validator = validator; + return this; + } + + public BaseSetting build() { + return new BaseSetting<>(name, defaultValue, strict, validator); + } + } + + public static Builder create(String name) { + return new Builder<>(name); + } + + /** + * Specifically used by Coercible subclass to initialize doing validation in a second phase. + * */ + protected BaseSetting(String name, boolean strict, Predicate validator) { + Objects.requireNonNull(name); + Objects.requireNonNull(validator); + this.name = name; + this.strict = strict; + this.validator = validator; + } + protected BaseSetting(String name, T defaultValue, boolean strict, Predicate validator) { + Objects.requireNonNull(name); + Objects.requireNonNull(validator); + this.name = name; + this.defaultValue = defaultValue; + this.strict = strict; + this.validator = validator; + if (strict) { + validate(defaultValue); + } + } + + /** + * Creates a copy of the setting with the original name to deprecate + * */ + protected BaseSetting deprecate(String deprecatedName) { + // this force to get a copy of the original Setting, in case of a BooleanSetting it retains also all of its + // coercing mechanisms + BaseSetting clone = this.clone(); + clone.updateName(deprecatedName); + return clone; + } + + private void updateName(String deprecatedName) { + this.name = deprecatedName; + } + + protected static Predicate noValidator() { + return t -> true; + } + + public void validate(T input) throws IllegalArgumentException { + if (!validator.test(input)) { + throw new IllegalArgumentException("Failed to validate setting " + this.name + " with value: " + input); + } + } + + public String getName() { + return name; + } + + public T value() { + if (valueIsSet) { + return value; + } else { + return defaultValue; + } + } + + public boolean isSet() { + return this.valueIsSet; + } + + public boolean isStrict() { + return strict; + } + + public void setSafely(T newValue) { + if (strict) { + validate(newValue); + } + this.value = newValue; + this.valueIsSet = true; + } + + public void reset() { + this.value = null; + this.valueIsSet = false; + } + + public void validateValue() { + validate(this.value); + } + + public T getDefault() { + return this.defaultValue; + } + + public void format(List output) { + T effectiveValue = this.value; + String settingName = this.name; + + if (effectiveValue != null && effectiveValue.equals(defaultValue)) { + // print setting and its default value + output.add(String.format("%s: %s", settingName, effectiveValue)); + } else if (defaultValue == null) { + // print setting and warn it has been set + output.add(String.format("*%s: %s", settingName, effectiveValue)); + } else if (effectiveValue == null) { + // default setting not set by user + output.add(String.format("%s: %s", settingName, defaultValue)); + } else { + // print setting, warn it has been set, and show default value + output.add(String.format("*%s: %s (default: %s)", settingName, effectiveValue, defaultValue)); + } + } + + public List> withDeprecatedAlias(String deprecatedAlias) { + return SettingWithDeprecatedAlias.wrap(this, deprecatedAlias); + } + + public Setting nullable() { + return new NullableSetting<>(this); + } + } + + + diff --git a/logstash-core/src/main/java/org/logstash/settings/Boolean.java b/logstash-core/src/main/java/org/logstash/settings/Boolean.java new file mode 100644 index 000000000..2b9feb6f4 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/Boolean.java @@ -0,0 +1,50 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +public class Boolean extends Coercible { + + public Boolean(String name, boolean defaultValue) { + super(name, defaultValue, true, noValidator()); + } + + public Boolean(String name, boolean defaultValue, boolean strict) { + super(name, defaultValue, strict, noValidator()); + } + + @Override + public java.lang.Boolean coerce(Object obj) { + if (obj instanceof String) { + switch((String) obj) { + case "true": return true; + case "false": return false; + default: throw new IllegalArgumentException(coercionFailureMessage(obj)); + } + } + if (obj instanceof java.lang.Boolean) { + return (java.lang.Boolean) obj; + } + throw new IllegalArgumentException(coercionFailureMessage(obj)); + } + + private String coercionFailureMessage(Object obj) { + return String.format("Cannot coerce `%s` to boolean (%s)", obj, getName()); + } +} \ No newline at end of file diff --git a/logstash-core/src/main/java/org/logstash/settings/Coercible.java b/logstash-core/src/main/java/org/logstash/settings/Coercible.java new file mode 100644 index 000000000..a9cd952fd --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/Coercible.java @@ -0,0 +1,50 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +import java.util.function.Predicate; + +public abstract class Coercible extends BaseSetting { + public Coercible(String name, T defaultValue, boolean strict, Predicate validator) { + super(name, strict, validator); + + if (strict) { + T coercedDefault = coerce(defaultValue); + validate(coercedDefault); + this.defaultValue = coercedDefault; + } else { + this.defaultValue = defaultValue; + } + } + + @Override + public void set(Object value) { + T coercedValue = coerce(value); + validate(coercedValue); + super.setSafely(coercedValue); + } + + @Override + public void setSafely(T value) { + this.set(value); + } + + public abstract T coerce(Object obj); +} diff --git a/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java b/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java new file mode 100644 index 000000000..d2b8eac17 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java @@ -0,0 +1,66 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +import co.elastic.logstash.api.DeprecationLogger; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.logstash.log.DefaultDeprecationLogger; + +/** + * A DeprecatedAlias provides a deprecated alias for a setting, and is meant + * to be used exclusively through @see org.logstash.settings.SettingWithDeprecatedAlias#wrap() + * */ +public final class DeprecatedAlias extends SettingDelegator { + private static final Logger LOGGER = LogManager.getLogger(); + + private static final DeprecationLogger DEPRECATION_LOGGER = new DefaultDeprecationLogger(LOGGER); + + private SettingWithDeprecatedAlias canonicalProxy; + + DeprecatedAlias(SettingWithDeprecatedAlias canonicalProxy, String aliasName) { + super(canonicalProxy.getCanonicalSetting().deprecate(aliasName)); + this.canonicalProxy = canonicalProxy; + } + + // Because loggers are configure after the Settings declaration, this method is intended for lazy-logging + // check https://github.com/elastic/logstash/pull/16339 + public void observePostProcess() { + if (isSet()) { + DEPRECATION_LOGGER.deprecated("The setting `{}` is a deprecated alias for `{}` and will be removed in a " + + "future release of Logstash. Please use `{}` instead", getName(), canonicalProxy.getName(), canonicalProxy.getName()); + } + } + + @Override + public T value() { + LOGGER.warn("The value of setting `{}` has been queried by its deprecated alias `{}`. " + + "Code should be updated to query `{}` instead", canonicalProxy.getName(), getName(), canonicalProxy.getName()); + return super.value(); + } + + @Override + public void validateValue() { + // bypass deprecation warning + if (isSet()) { + getDelegate().validateValue(); + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/settings/NullableSetting.java b/logstash-core/src/main/java/org/logstash/settings/NullableSetting.java new file mode 100644 index 000000000..0b1b27e3c --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/NullableSetting.java @@ -0,0 +1,40 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.settings; + +public class NullableSetting extends SettingDelegator { + + NullableSetting(BaseSetting delegate) { + super(delegate); + } + + @Override + public void validate(T input) throws IllegalArgumentException { + if (input == null) { + return; + } + getDelegate().validate(input); + } + + // prevent delegate from intercepting + @Override + public void validateValue() { + validate(value()); + } +} diff --git a/logstash-core/src/main/java/org/logstash/settings/Setting.java b/logstash-core/src/main/java/org/logstash/settings/Setting.java new file mode 100644 index 000000000..f97f9055c --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/Setting.java @@ -0,0 +1,50 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.settings; + +import java.util.List; + +public interface Setting extends Cloneable { + + String getName(); + + T value(); + + boolean isSet(); + + boolean isStrict(); + + void setSafely(T newValue); + + @SuppressWarnings("unchecked") + default void set(Object newValue) { + //this could throw a class cast error + setSafely((T) newValue); + } + + void reset(); + + void validateValue(); + + void validate(T input); + + T getDefault(); + + void format(List output); +} diff --git a/logstash-core/src/main/java/org/logstash/settings/SettingDelegator.java b/logstash-core/src/main/java/org/logstash/settings/SettingDelegator.java new file mode 100644 index 000000000..bc0bf9250 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/SettingDelegator.java @@ -0,0 +1,89 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +import java.util.List; +import java.util.Objects; + +abstract class SettingDelegator implements Setting { + private BaseSetting delegate; + + /** + * Use this constructor to wrap another setting. + * */ + SettingDelegator(BaseSetting delegate) { + Objects.requireNonNull(delegate); + this.delegate = delegate; + } + + BaseSetting getDelegate() { + return delegate; + } + + @Override + public String getName() { + return delegate.getName(); + } + + @Override + public T value() { + return delegate.value(); + } + + @Override + public boolean isSet() { + return delegate.isSet(); + } + + @Override + public boolean isStrict() { + return delegate.isStrict(); + } + + @Override + public void setSafely(T newValue) { + delegate.setSafely(newValue); + } + + @Override + public void reset() { + delegate.reset(); + } + + @Override + public void validateValue() { + delegate.validateValue(); + } + + @Override + public T getDefault() { + return delegate.getDefault(); + } + + @Override + public void format(List output) { + delegate.format(output); + } + + @Override + public void validate(T input) { + delegate.validate(input); + } +} diff --git a/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java new file mode 100644 index 000000000..6a7e53b74 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java @@ -0,0 +1,106 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.settings; + +import java.util.Arrays; +import java.util.List; + + +/** + * A SettingWithDeprecatedAlias wraps any Setting to provide a deprecated + * alias, and hooks @see org.logstash.settings.Setting#validate_value() to ensure that a deprecation + * warning is fired when the setting is provided by its deprecated alias, + * or to produce an error when both the canonical name and deprecated + * alias are used together. + * */ +// This class is public else the getDeprecatedAlias method can't be seen from setting_with_deprecated_alias_spec.rb +public class SettingWithDeprecatedAlias extends SettingDelegator { + + /** + * Wraps the provided setting, returning a pair of connected settings + * including the canonical setting and a deprecated alias. + * @param canonicalSetting the setting to wrap + * @param deprecatedAliasName the name for the deprecated alias + * + * @return List of [SettingWithDeprecatedAlias, DeprecatedAlias] + * */ + static List> wrap(BaseSetting canonicalSetting, String deprecatedAliasName) { + final SettingWithDeprecatedAlias settingProxy = new SettingWithDeprecatedAlias<>(canonicalSetting, deprecatedAliasName); + return Arrays.asList(settingProxy, settingProxy.deprecatedAlias); + } + + private DeprecatedAlias deprecatedAlias; + + protected SettingWithDeprecatedAlias(BaseSetting canonicalSetting, String deprecatedAliasName) { + super(canonicalSetting); + + this.deprecatedAlias = new DeprecatedAlias(this, deprecatedAliasName); + } + + BaseSetting getCanonicalSetting() { + return getDelegate(); + } + + public DeprecatedAlias getDeprecatedAlias() { + return deprecatedAlias; + } + + @Override + public void setSafely(T value) { + getCanonicalSetting().setSafely(value); + } + + @Override + public T value() { + if (getCanonicalSetting().isSet()) { + return super.value(); + } + // bypass warning by querying the wrapped setting's value + if (deprecatedAlias.isSet()) { + return deprecatedAlias.getDelegate().value(); + } + return getDefault(); + } + + @Override + public boolean isSet() { + return getCanonicalSetting().isSet() || deprecatedAlias.isSet(); + } + + @Override + public void format(List output) { + if (!(deprecatedAlias.isSet() && !getCanonicalSetting().isSet())) { + super.format(output); + return; + } + output.add(String.format("*%s: %s (via deprecated `%s`; default: %s)", + getName(), value(), deprecatedAlias.getName(), getDefault())); + } + + @Override + public void validateValue() { + if (deprecatedAlias.isSet() && getCanonicalSetting().isSet()) { + throw new IllegalStateException(String.format("Both `%s` and its deprecated alias `%s` have been set.\n" + + "Please only set `%s`", getCanonicalSetting().getName(), deprecatedAlias.getName(), getCanonicalSetting().getName())); + } + super.validateValue(); + } + +} diff --git a/logstash-core/src/test/java/org/logstash/settings/BooleanTest.java b/logstash-core/src/test/java/org/logstash/settings/BooleanTest.java new file mode 100644 index 000000000..0886f6710 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/settings/BooleanTest.java @@ -0,0 +1,46 @@ +package org.logstash.settings; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.MatcherAssert.assertThat; + +public class BooleanTest { + + + private Boolean sut; + + @Before + public void setUp() { + sut = new Boolean("api.enabled", true); + } + + @Test + public void givenLiteralBooleanStringValueWhenCoercedToBooleanValueThenIsValidBooleanSetting() { + sut.set("false"); + + Assert.assertFalse(sut.value()); + } + + @Test + public void givenBooleanInstanceWhenCoercedThenReturnValidBooleanSetting() { + sut.set(java.lang.Boolean.FALSE); + + Assert.assertFalse(sut.value()); + } + + @Test + public void givenInvalidStringLiteralForBooleanValueWhenCoercedThenThrowsAnError() { + IllegalArgumentException exception = Assert.assertThrows(IllegalArgumentException.class, () -> sut.set("bananas")); + assertThat(exception.getMessage(), equalTo("Cannot coerce `bananas` to boolean (api.enabled)")); + } + + @Test + public void givenInvalidTypeInstanceForBooleanValueWhenCoercedThenThrowsAnError() { + IllegalArgumentException exception = Assert.assertThrows(IllegalArgumentException.class, () -> sut.set(1)); + assertThat(exception.getMessage(), equalTo("Cannot coerce `1` to boolean (api.enabled)")); + } + +} \ No newline at end of file diff --git a/qa/integration/specs/monitoring_api_spec.rb b/qa/integration/specs/monitoring_api_spec.rb index 830ddc0bc..19dabc16f 100644 --- a/qa/integration/specs/monitoring_api_spec.rb +++ b/qa/integration/specs/monitoring_api_spec.rb @@ -389,14 +389,14 @@ describe "Test Monitoring API" do end #default - logging_get_assert logstash_service, "INFO", "TRACE", + logging_get_assert logstash_service, ["WARN", "INFO"], "TRACE", skip: 'logstash.licensechecker.licensereader' #custom (ERROR) level to start with #root logger - does not apply to logger.slowlog logging_put_assert logstash_service.monitoring_api.logging_put({"logger." => "WARN"}) logging_get_assert logstash_service, "WARN", "TRACE" logging_put_assert logstash_service.monitoring_api.logging_put({"logger." => "INFO"}) - logging_get_assert logstash_service, "INFO", "TRACE" + logging_get_assert logstash_service, ["WARN", "INFO"], "TRACE" #package logger logging_put_assert logstash_service.monitoring_api.logging_put({"logger.logstash.agent" => "DEBUG"}) @@ -422,7 +422,7 @@ describe "Test Monitoring API" do # all log levels should be reset to original values logging_put_assert logstash_service.monitoring_api.logging_reset - logging_get_assert logstash_service, "INFO", "TRACE" + logging_get_assert logstash_service, ["WARN", "INFO"], "TRACE" end @@ -433,7 +433,15 @@ describe "Test Monitoring API" do result["loggers"].each do |k, v| next if !k.empty? && k.eql?(skip) if k.start_with? "logstash", "org.logstash" #logstash is the ruby namespace, and org.logstash for java - expect(v).to eq(logstash_level), "logstash logger '#{k}' has logging level: #{v} expected: #{logstash_level}" + if logstash_level.is_a?(Array) + if logstash_level.size == 1 + expect(v).to eq(logstash_level[0]), "logstash logger '#{k}' has logging level: #{v} expected: #{logstash_level[0]}" + else + expect(logstash_level).to include(v), "logstash logger '#{k}' has logging level: #{v} expected to be one of: #{logstash_level}" + end + else + expect(v).to eq(logstash_level), "logstash logger '#{k}' has logging level: #{v} expected: #{logstash_level}" + end elsif k.start_with? "slowlog" expect(v).to eq(slowlog_level), "slowlog logger '#{k}' has logging level: #{v} expected: #{slowlog_level}" end From fd1de39005cf4646d8faa3f89b1963c716ec6088 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Wed, 2 Oct 2024 01:30:22 -0700 Subject: [PATCH 054/290] Use jruby-9.4.8.0 in exhaustive CIs. (#16489) --- .buildkite/scripts/exhaustive-tests/generate-steps.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/scripts/exhaustive-tests/generate-steps.py b/.buildkite/scripts/exhaustive-tests/generate-steps.py index 8a4ddff55..ab1a37e4c 100644 --- a/.buildkite/scripts/exhaustive-tests/generate-steps.py +++ b/.buildkite/scripts/exhaustive-tests/generate-steps.py @@ -150,7 +150,7 @@ source /etc/os-release if [[ "$$(echo $$ID_LIKE | tr '[:upper:]' '[:lower:]')" =~ (rhel|fedora) && "$${VERSION_ID%.*}" -le 7 ]]; then # jruby-9.3.10.0 unavailable on centos-7 / oel-7, see https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 / https://github.com/jruby/jruby/issues/7695 # we only need a working jruby to run the acceptance test framework -- the packages have been prebuilt in a previous stage - rbenv local jruby-9.4.5.0 + rbenv local jruby-9.4.8.0 fi ci/acceptance_tests.sh"""), } From b69d993d718dfd639603cdb5d340947b09a6687a Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 2 Oct 2024 12:23:54 +0200 Subject: [PATCH 055/290] DLQ-ing events that trigger an conditional evaluation error. (#16423) When a conditional evaluation encounter an error in the expression the event that triggered the issue is sent to pipeline's DLQ, if enabled for the executing pipeline. This PR engage with the work done in #16322, the `ConditionalEvaluationListener` that is receives notifications about if-statements evaluation failure, is improved to also send the event to DLQ (if enabled in the pipeline) and not just logging it. --- docs/static/dead-letter-queues.asciidoc | 12 +++-- .../spec/logstash/java_pipeline_spec.rb | 50 ++++++++++++++++--- .../execution/AbstractPipelineExt.java | 27 +++++++++- 3 files changed, 78 insertions(+), 11 deletions(-) diff --git a/docs/static/dead-letter-queues.asciidoc b/docs/static/dead-letter-queues.asciidoc index ae377d769..70afd8337 100644 --- a/docs/static/dead-letter-queues.asciidoc +++ b/docs/static/dead-letter-queues.asciidoc @@ -21,9 +21,10 @@ loss in this situation, you can <> to write unsuccessful events to a dead letter queue instead of dropping them. NOTE: The dead letter queue is currently supported only for the -<>. The dead letter queue is used for -documents with response codes of 400 or 404, both of which indicate an event +<> and <>. +The dead letter queue is used for documents with response codes of 400 or 404, both of which indicate an event that cannot be retried. +It's also used when a conditional evaluation encounter an error. Each event written to the dead letter queue includes the original event, metadata that describes the reason the event could not be processed, information @@ -57,7 +58,12 @@ status code per entry to indicate why the action could not be performed. If the DLQ is configured, individual indexing failures are routed there. Even if you regularly process events, events remain in the dead letter queue. -The dead letter queue requires <> to clear it. +The dead letter queue requires <> to clear it. + +[[conditionals-dlq]] +==== Conditional statements and the dead letter queue +When a conditional statement reaches an error in processing an event, such as comparing string and integer values, +the event, as it is at the time of evaluation, is inserted into the dead letter queue. [[configuring-dlq]] ==== Configuring {ls} to use dead letter queues diff --git a/logstash-core/spec/logstash/java_pipeline_spec.rb b/logstash-core/spec/logstash/java_pipeline_spec.rb index d30872e14..24bcb3adc 100644 --- a/logstash-core/spec/logstash/java_pipeline_spec.rb +++ b/logstash-core/spec/logstash/java_pipeline_spec.rb @@ -443,9 +443,8 @@ describe LogStash::JavaPipeline do LogStash::PLUGIN_REGISTRY.add(:output, "spec_sampler_output", PipelineHelpers::SpecSamplerOutput) end - describe "given a pipeline executing an event that would trigger an evaluation error" do + context "given a pipeline executing an event that would trigger an evaluation error" do let(:pipeline) do - settings.set_value("queue.drain", true) LogStash::JavaPipeline.new( org.logstash.config.ir.PipelineConfig.new( LogStash::Config::Source::Local, :main, @@ -470,11 +469,50 @@ describe LogStash::JavaPipeline do pipeline.close end - subject {results.length > 1 ? results : results.first} + describe "when DLQ is disabled" do + let(:settings) do + s = super() + s.set_value("queue.drain", true) + s + end - it "should raise an error without killing the pipeline" do - expect(subject).to be nil - expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + subject {results.length > 1 ? results : results.first} + + it "should raise an error without killing the pipeline" do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + end + end + + describe "when DLQ is enabled" do + let(:dlq_path) { Dir.mktmpdir } + + let(:settings) do + s = super() + s.set_value("queue.drain", true) + s.set_value("pipeline.id", "test_dlq") + s.set_value("dead_letter_queue.enable", true) + s.set_value("path.dead_letter_queue", dlq_path) + s + end + + after do + FileUtils.rm_rf(settings.get_value("path.dead_letter_queue")) + end + + subject {results.length > 1 ? results : results.first} + + it "should raise an error without killing the pipeline and insert the event into DLQ" do + expect(subject).to be nil + expect(pipeline.last_error_evaluation_received).to match(/no implicit conversion of nil into Integer/) + dlq_path = java.nio.file.Paths.get(settings.get_value("path.dead_letter_queue"), "test_dlq") + dlq_reader = org.logstash.common.io.DeadLetterQueueReader.new(dlq_path) + entry = dlq_reader.pollEntry(40) + expect(entry).to_not be_nil + expect(entry.reason).to match(/condition evaluation error.*no implicit conversion of nil into Integer/) + expect(entry.plugin_id).to eq("if-statement") + expect(entry.plugin_type).to eq("if-statement") + end end end diff --git a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java index 0ac584f15..5440f1af0 100644 --- a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java +++ b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java @@ -167,6 +167,7 @@ public class AbstractPipelineExt extends RubyBasicObject { private @SuppressWarnings("rawtypes") RubyArray outputs; private String lastErrorEvaluationReceived = ""; + private DeadLetterQueueWriter javaDlqWriter; public AbstractPipelineExt(final Ruby runtime, final RubyClass metaClass) { super(runtime, metaClass); @@ -180,10 +181,32 @@ public class AbstractPipelineExt extends RubyBasicObject { @Override public void notify(ConditionalEvaluationError err) { lastErrorEvaluationReceived = err.getCause().getMessage(); - LOGGER.warn("{}. Event was dropped, enable debug logging to see the event's payload.", lastErrorEvaluationReceived); + if (isDLQEnabled()) { + LOGGER.warn("{}. Failing event was sent to dead letter queue", lastErrorEvaluationReceived); + } else { + LOGGER.warn("{}. Event was dropped, enable debug logging to see the event's payload", lastErrorEvaluationReceived); + } LOGGER.debug("Event generating the fault: {}", err.failedEvent().toMap().toString()); // logs the exception at debug level + if (LOGGER.isDebugEnabled()) { + debugLogStackTrace(err); + } + + if (isDLQEnabled()) { + try { + javaDlqWriter.writeEntry(err.failedEvent(), "if-statement", "if-statement", "condition evaluation error, " + lastErrorEvaluationReceived); + } catch (IOException ioex) { + LOGGER.error("Can't write in DLQ", ioex); + } + } + } + + private boolean isDLQEnabled() { + return javaDlqWriter != null; + } + + private void debugLogStackTrace(ConditionalEvaluationError err) { try (StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw)) { err.printStackTrace(pw); LOGGER.debug("{}", sw); @@ -372,7 +395,7 @@ public class AbstractPipelineExt extends RubyBasicObject { public final IRubyObject dlqWriter(final ThreadContext context) { if (dlqWriter == null) { if (dlqEnabled(context).isTrue()) { - final DeadLetterQueueWriter javaDlqWriter = createDeadLetterQueueWriterFromSettings(context); + javaDlqWriter = createDeadLetterQueueWriterFromSettings(context); dlqWriter = JavaUtil.convertJavaToUsableRubyObject(context.runtime, javaDlqWriter); } else { dlqWriter = RubyUtil.DUMMY_DLQ_WRITER_CLASS.callMethod(context, "new"); From 4e49adc6f37c77a17c3a404fd85dbc827aede1ee Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 2 Oct 2024 15:28:37 +0200 Subject: [PATCH 056/290] Fix jdk21 warnings (#16496) Suppress some warnings compared with JDK 21 - this-escape uses this before it is completely initialised. - avoid a non serialisable DeadLetterQueueWriter field from serialisable instance. --- .../main/java/org/logstash/execution/AbstractPipelineExt.java | 2 +- .../src/main/java/org/logstash/settings/BaseSetting.java | 2 ++ .../src/main/java/org/logstash/settings/Coercible.java | 2 ++ .../java/org/logstash/settings/SettingWithDeprecatedAlias.java | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java index 5440f1af0..068e529ef 100644 --- a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java +++ b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java @@ -167,7 +167,7 @@ public class AbstractPipelineExt extends RubyBasicObject { private @SuppressWarnings("rawtypes") RubyArray outputs; private String lastErrorEvaluationReceived = ""; - private DeadLetterQueueWriter javaDlqWriter; + private transient DeadLetterQueueWriter javaDlqWriter; public AbstractPipelineExt(final Ruby runtime, final RubyClass metaClass) { super(runtime, metaClass); diff --git a/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java index a6de390b9..b08408393 100644 --- a/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java +++ b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java @@ -93,6 +93,8 @@ public class BaseSetting implements Setting { this.strict = strict; this.validator = validator; } + + @SuppressWarnings("this-escape") protected BaseSetting(String name, T defaultValue, boolean strict, Predicate validator) { Objects.requireNonNull(name); Objects.requireNonNull(validator); diff --git a/logstash-core/src/main/java/org/logstash/settings/Coercible.java b/logstash-core/src/main/java/org/logstash/settings/Coercible.java index a9cd952fd..ec6688969 100644 --- a/logstash-core/src/main/java/org/logstash/settings/Coercible.java +++ b/logstash-core/src/main/java/org/logstash/settings/Coercible.java @@ -22,6 +22,8 @@ package org.logstash.settings; import java.util.function.Predicate; public abstract class Coercible extends BaseSetting { + + @SuppressWarnings("this-escape") public Coercible(String name, T defaultValue, boolean strict, Predicate validator) { super(name, strict, validator); diff --git a/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java index 6a7e53b74..3b3b0678e 100644 --- a/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java +++ b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java @@ -48,6 +48,7 @@ public class SettingWithDeprecatedAlias extends SettingDelegator { private DeprecatedAlias deprecatedAlias; + @SuppressWarnings("this-escape") protected SettingWithDeprecatedAlias(BaseSetting canonicalSetting, String deprecatedAliasName) { super(canonicalSetting); From 07c01f8231daf14113b2ce57791712ec74365799 Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Wed, 2 Oct 2024 19:07:16 +0300 Subject: [PATCH 057/290] Don't use an older JRuby with oraclelinux-7 (#16499) A recent PR (elastic/ci-agent-images/pull/932) modernized the VM images and removed JRuby 9.4.5.0 and some older versions. This ended up breaking exhaustive test on Oracle Linux 7 that hard coded JRuby 9.4.5.0. PR https://github.com/elastic/logstash/pull/16489 worked around the problem by pinning to the new JRuby, but actually we don't need the conditional anymore since the original issue https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 has been resolved and none of our releasable branches (apart from 7.17 which uses `9.2.20.1`) specify `9.3.x.y` in `/.ruby-version`. Therefore, this commit removes conditional setting of JRuby for OracleLinux 7 agents in exhaustive tests (and relies on whatever `/.ruby-version` defines). --- .buildkite/scripts/exhaustive-tests/generate-steps.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.buildkite/scripts/exhaustive-tests/generate-steps.py b/.buildkite/scripts/exhaustive-tests/generate-steps.py index ab1a37e4c..bcbee4e62 100644 --- a/.buildkite/scripts/exhaustive-tests/generate-steps.py +++ b/.buildkite/scripts/exhaustive-tests/generate-steps.py @@ -147,11 +147,6 @@ rake artifact:deb artifact:rpm set -eo pipefail source .buildkite/scripts/common/vm-agent-multi-jdk.sh source /etc/os-release -if [[ "$$(echo $$ID_LIKE | tr '[:upper:]' '[:lower:]')" =~ (rhel|fedora) && "$${VERSION_ID%.*}" -le 7 ]]; then - # jruby-9.3.10.0 unavailable on centos-7 / oel-7, see https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 / https://github.com/jruby/jruby/issues/7695 - # we only need a working jruby to run the acceptance test framework -- the packages have been prebuilt in a previous stage - rbenv local jruby-9.4.8.0 -fi ci/acceptance_tests.sh"""), } steps.append(step) From 60670087cb1ee5cbf178ace4873cf532fe7102fe Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Thu, 3 Oct 2024 10:29:58 +0300 Subject: [PATCH 058/290] [ci] Skip slack for retries JDK matrix jobs (#16316) With this commit we shush slack alerts for JDK matrix CI jobs that succeed after (automatic) retries. --- catalog-info.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/catalog-info.yaml b/catalog-info.yaml index c5367ea66..8b3608c45 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -406,6 +406,7 @@ spec: ELASTIC_SLACK_NOTIFICATIONS_ENABLED: 'true' SLACK_NOTIFICATIONS_CHANNEL: '#logstash-build' SLACK_NOTIFICATIONS_ON_SUCCESS: 'false' + SLACK_NOTIFICATIONS_SKIP_FOR_RETRIES: 'true' teams: ingest-fp: access_level: MANAGE_BUILD_AND_READ From e84fb458ce2f092e065c63df649222f8cbda8c44 Mon Sep 17 00:00:00 2001 From: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Date: Thu, 3 Oct 2024 11:08:42 +0200 Subject: [PATCH 059/290] Improve pipeline bootstrap error logs (#16495) This PR adds the cause errors details on the pipeline converge state error logs --- logstash-core/lib/logstash/agent.rb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/logstash-core/lib/logstash/agent.rb b/logstash-core/lib/logstash/agent.rb index 487e9c3a8..7f99abe22 100644 --- a/logstash-core/lib/logstash/agent.rb +++ b/logstash-core/lib/logstash/agent.rb @@ -395,7 +395,13 @@ class LogStash::Agent ) end rescue SystemExit, Exception => e - logger.error("Failed to execute action", :action => action, :exception => e.class.name, :message => e.message, :backtrace => e.backtrace) + error_details = { :action => action, :exception => e.class.name, :message => e.message, :backtrace => e.backtrace } + cause = e.cause + if cause && e != cause + error_details[:cause] = { :exception => cause.class, :message => cause.message } + error_details[:cause][:backtrace] = cause.backtrace if cause.backtrace + end + logger.error('Failed to execute action', error_details) converge_result.add(action, LogStash::ConvergeResult::FailedAction.from_exception(e)) end end From 5aabeda5fdeac5159a3b20ddddb7392edbb16990 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Fri, 4 Oct 2024 09:13:12 +0100 Subject: [PATCH 060/290] fix snapshot branch detection for snyk (#16484) * handle two 8. branches --- .buildkite/scripts/snyk/report.sh | 9 +-------- .buildkite/scripts/snyk/resolve_stack_version.sh | 11 +++-------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/.buildkite/scripts/snyk/report.sh b/.buildkite/scripts/snyk/report.sh index 0d666f777..a9e8d09f1 100755 --- a/.buildkite/scripts/snyk/report.sh +++ b/.buildkite/scripts/snyk/report.sh @@ -7,13 +7,6 @@ TARGET_BRANCHES=("main") # Resolves the branches we are going to track resolve_latest_branches() { source .buildkite/scripts/snyk/resolve_stack_version.sh - for SNAPSHOT_VERSION in "${SNAPSHOT_VERSIONS[@]}" - do - IFS='.' - read -a versions <<< "$SNAPSHOT_VERSION" - version=${versions[0]}.${versions[1]} - TARGET_BRANCHES+=("$version") - done } # Build Logstash specific branch to generate Gemlock file where Snyk scans @@ -36,7 +29,7 @@ download_auth_snyk() { report() { REMOTE_REPO_URL=$1 echo "Reporting $REMOTE_REPO_URL branch." - if [ "$REMOTE_REPO_URL" != "main" ]; then + if [ "$REMOTE_REPO_URL" != "main" ] && [ "$REMOTE_REPO_URL" != "8.x" ]; then MAJOR_VERSION=$(echo "$REMOTE_REPO_URL"| cut -d'.' -f 1) REMOTE_REPO_URL="$MAJOR_VERSION".latest echo "Using '$REMOTE_REPO_URL' remote repo url." diff --git a/.buildkite/scripts/snyk/resolve_stack_version.sh b/.buildkite/scripts/snyk/resolve_stack_version.sh index 5430fe8e1..088051b23 100755 --- a/.buildkite/scripts/snyk/resolve_stack_version.sh +++ b/.buildkite/scripts/snyk/resolve_stack_version.sh @@ -6,14 +6,9 @@ set -e -VERSION_URL="https://raw.githubusercontent.com/elastic/logstash/main/ci/logstash_releases.json" +VERSION_URL="https://raw.githubusercontent.com/elastic/logstash/main/ci/branches.json" echo "Fetching versions from $VERSION_URL" VERSIONS=$(curl --silent $VERSION_URL) -SNAPSHOT_KEYS=$(echo "$VERSIONS" | jq -r '.snapshots | .[]') - -SNAPSHOT_VERSIONS=() -while IFS= read -r line; do - SNAPSHOT_VERSIONS+=("$line") - echo "Resolved snapshot version: $line" -done <<< "$SNAPSHOT_KEYS" \ No newline at end of file +TARGET_BRANCHES=$(echo "$VERSIONS" | jq -r '.branches | map(.branch) | join(" ")') +TARGET_BRANCHES=($TARGET_BRANCHES) From 5d4825f00091ade30c75036bc210f17758aaeff1 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Fri, 4 Oct 2024 16:46:00 +0200 Subject: [PATCH 061/290] Avoid to access Java DeprecatedAlias value other than Ruby's one (#16506) Update Settings to_hash method to also skip Java DeprecatedAlias and not just the Ruby one. With PR #15679 was introduced org.logstash.settings.DeprecatedAlias which mirrors the behaviour of Ruby class Setting::DeprecatedAlias. The equality check at Logstash::Settings, as descibed in #16505 (comment), is implemented comparing the maps. The conversion of Settings to the corresponding maps filtered out the Ruby implementation of DeprecatedAlias but not the Java one. This PR adds also the Java one to the list of filter. --- logstash-core/lib/logstash/settings.rb | 2 +- logstash-core/spec/logstash/settings_spec.rb | 22 ++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index d5381c977..5d2fbd588 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -154,7 +154,7 @@ module LogStash def to_hash hash = {} @settings.each do |name, setting| - next if setting.kind_of? Setting::DeprecatedAlias + next if (setting.kind_of? Setting::DeprecatedAlias) || (setting.kind_of? Java::org.logstash.settings.DeprecatedAlias) hash[name] = setting.value end hash diff --git a/logstash-core/spec/logstash/settings_spec.rb b/logstash-core/spec/logstash/settings_spec.rb index 3e0b425dd..31f67d38f 100644 --- a/logstash-core/spec/logstash/settings_spec.rb +++ b/logstash-core/spec/logstash/settings_spec.rb @@ -62,6 +62,28 @@ describe LogStash::Settings do end end + describe "#to_hash" do + let(:java_deprecated_alias) { LogStash::Setting::Boolean.new("java.actual", true).with_deprecated_alias("java.deprecated") } + let(:ruby_deprecated_alias) { LogStash::Setting::PortRange.new("ruby.actual", 9600..9700).with_deprecated_alias("ruby.deprecated") } + let(:non_deprecated) { LogStash::Setting::Boolean.new("plain_setting", false) } + + before :each do + subject.register(java_deprecated_alias) + subject.register(ruby_deprecated_alias) + subject.register(non_deprecated) + end + + it "filter deprecated alias settings" do + generated_settings_hash = subject.to_hash + + expect(generated_settings_hash).not_to have_key("java.deprecated") + expect(generated_settings_hash).not_to have_key("ruby.deprecated") + expect(generated_settings_hash).to have_key("java.actual") + expect(generated_settings_hash).to have_key("ruby.actual") + expect(generated_settings_hash).to have_key("plain_setting") + end + end + describe "#get_subset" do let(:numeric_setting_1) { LogStash::Setting.new("num.1", Numeric, 1) } let(:numeric_setting_2) { LogStash::Setting.new("num.2", Numeric, 2) } From 3480c32b6ee64f5b1193f5c3b4f0f722731c0fda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 7 Oct 2024 13:30:25 +0100 Subject: [PATCH 062/290] install jdk 11 in agent for snyk 7.17 scanning (#16510) --- .buildkite/scripts/snyk/report.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.buildkite/scripts/snyk/report.sh b/.buildkite/scripts/snyk/report.sh index a9e8d09f1..529fd887b 100755 --- a/.buildkite/scripts/snyk/report.sh +++ b/.buildkite/scripts/snyk/report.sh @@ -4,6 +4,10 @@ set -e TARGET_BRANCHES=("main") +install_java_11() { + curl -L -s "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.24%2B8/OpenJDK11U-jdk_x64_linux_hotspot_11.0.24_8.tar.gz" | tar -zxf - +} + # Resolves the branches we are going to track resolve_latest_branches() { source .buildkite/scripts/snyk/resolve_stack_version.sh @@ -48,6 +52,12 @@ download_auth_snyk # clone Logstash repo, build and report for TARGET_BRANCH in "${TARGET_BRANCHES[@]}" do + if [ "$TARGET_BRANCH" == "7.17" ]; then + echo "Installing and configuring JDK11." + export OLD_PATH=$PATH + install_java_11 + export PATH=$PWD/jdk-11.0.24+8/bin:$PATH + fi git reset --hard HEAD # reset if any generated files appeared # check if target branch exists echo "Checking out $TARGET_BRANCH branch." @@ -57,4 +67,10 @@ do else echo "$TARGET_BRANCH branch doesn't exist." fi + if [ "$TARGET_BRANCH" == "7.17" ]; then + # reset state + echo "Removing JDK11 installation." + rm -rf jdk-11.0.24+8 + export PATH=$OLD_PATH + fi done From a4eddb8a2a79c7e1eb7696140795580427792cb1 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 8 Oct 2024 13:49:59 +0100 Subject: [PATCH 063/290] add deprecation log for `--event_api.tags.illegal` (#16507) - move `--event_api.tags.illegal` from option to deprecated_option - add deprecation log when the flag is explicitly used relates: #16356 Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> --- logstash-core/lib/logstash/patches/clamp.rb | 10 +++++++- logstash-core/lib/logstash/runner.rb | 10 ++++---- logstash-core/locales/en.yml | 4 +++- logstash-core/spec/logstash/runner_spec.rb | 26 +++++++++++++++++++++ 4 files changed, 44 insertions(+), 6 deletions(-) diff --git a/logstash-core/lib/logstash/patches/clamp.rb b/logstash-core/lib/logstash/patches/clamp.rb index 149d2f02c..ad690d776 100644 --- a/logstash-core/lib/logstash/patches/clamp.rb +++ b/logstash-core/lib/logstash/patches/clamp.rb @@ -79,8 +79,16 @@ module Clamp new_flag = opts[:new_flag] new_value = opts.fetch(:new_value, value) passthrough = opts.fetch(:passthrough, false) + deprecated_msg = opts[:deprecated_msg] - LogStash::DeprecationMessage.instance << "DEPRECATION WARNING: The flag #{option.switches} has been deprecated, please use \"--#{new_flag}=#{new_value}\" instead." + LogStash::DeprecationMessage.instance << + if new_flag + "DEPRECATION WARNING: The flag #{option.switches} has been deprecated, please use \"--#{new_flag}=#{new_value}\" instead." + elsif deprecated_msg + deprecated_msg + else + "DEPRECATION WARNING: The flag #{option.switches} has been deprecated and may be removed in a future release." + end if passthrough LogStash::SETTINGS.set(option.attribute_name, value) diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index bdd66cbfd..27d3e6005 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -92,10 +92,6 @@ class LogStash::Runner < Clamp::StrictCommand :default => LogStash::SETTINGS.get_default("config.field_reference.escape_style"), :attribute_name => "config.field_reference.escape_style" - option ["--event_api.tags.illegal"], "STRING", - I18n.t("logstash.runner.flag.event_api.tags.illegal"), - :default => LogStash::SETTINGS.get_default("event_api.tags.illegal"), - :attribute_name => "event_api.tags.illegal" # Module settings option ["--modules"], "MODULES", @@ -267,6 +263,12 @@ class LogStash::Runner < Clamp::StrictCommand I18n.t("logstash.runner.flag.http_port"), :new_flag => "api.http.port", :passthrough => true # use settings to disambiguate + deprecated_option ["--event_api.tags.illegal"], "STRING", + I18n.t("logstash.runner.flag.event_api.tags.illegal"), + :default => LogStash::SETTINGS.get_default("event_api.tags.illegal"), + :attribute_name => "event_api.tags.illegal", :passthrough => true, + :deprecated_msg => I18n.t("logstash.runner.tags-illegal-deprecated") + # We configure the registry and load any plugin that can register hooks # with logstash, this needs to be done before any operation. SYSTEM_SETTINGS = LogStash::SETTINGS.clone diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index 10d7a8822..ac2319554 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -139,9 +139,11 @@ en: configtest-flag-information: |- You may be interested in the '--configtest' flag which you can use to validate logstash's configuration before you choose to restart a running system. + tags-illegal-deprecated: >- + The flag '--event_api.tags.illegal' is deprecated and will be removed in version 9. tags-illegal-warning: >- Setting `event_api.tags.illegal` to `warn` allows illegal values in the reserved `tags` field, which may crash pipeline unexpectedly. - This flag value is deprecated and may be removed in a future release. + This flag is deprecated and will be removed in version 9. # YAML named reference to the logstash.runner.configuration # so we can later alias it from logstash.agent.configuration configuration: &runner_configuration diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index ffcb9ef92..cb07fde6d 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -380,6 +380,32 @@ describe LogStash::Runner do end end + context "event_api.tags.illegal" do + let(:runner_deprecation_logger_stub) { double("DeprecationLogger(Runner)").as_null_object } + let(:args) { ["--event_api.tags.illegal", "warn", "-e", pipeline_string] } + before(:each) { allow(runner).to receive(:deprecation_logger).and_return(runner_deprecation_logger_stub) } + DEPRECATED_MSG="The flag '--event_api.tags.illegal' is deprecated and will be removed in version 9" + + it "gives deprecation message when setting to `warn`" do + expect(runner_deprecation_logger_stub).to receive(:deprecated) + .with(a_string_including "This flag is deprecated and will be removed in version 9") + .with(a_string_including DEPRECATED_MSG) + subject.run("bin/logstash", args) + end + + it "gives deprecation message when setting to `rename`" do + expect(runner_deprecation_logger_stub).to receive(:deprecated) + .with(a_string_including DEPRECATED_MSG) + subject.run("bin/logstash", args) + end + + it "does not give deprecation message when unset" do + expect(runner_deprecation_logger_stub).not_to receive(:deprecated) + .with(a_string_including DEPRECATED_MSG) + subject.run("bin/logstash", ["-e", pipeline_string]) + end + end + context "when :pipeline_workers is not defined by the user" do it "should not pass the value to the pipeline" do expect(LogStash::Agent).to receive(:new) do |settings| From dc24f029721080fcaed3c97789a74cafe927bb69 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 9 Oct 2024 15:28:02 -0700 Subject: [PATCH 064/290] Fix QA failure introduced by Health API changes and update rspec dependency of the QA package. (#16521) (#16522) * Update rspec dependency of the QA package. * Update qa/Gemfile Align on rspec 3.13.x Co-authored-by: Ry Biesemeyer * Fix the QA test failure caused after reflecting Health Report status to the Node stats. --------- Co-authored-by: Ry Biesemeyer (cherry picked from commit 1e5105fcd89d71b04efd0fe27aad28895bcde56f) Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> --- qa/Gemfile | 2 +- qa/docker/spec/spec_helper.rb | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/qa/Gemfile b/qa/Gemfile index 90de65993..05b792e79 100644 --- a/qa/Gemfile +++ b/qa/Gemfile @@ -1,5 +1,5 @@ source "https://rubygems.org" -gem "rspec", "~> 3.1.0" +gem "rspec", "~> 3.13" gem "rake" gem "stud" gem "pry", :group => :test diff --git a/qa/docker/spec/spec_helper.rb b/qa/docker/spec/spec_helper.rb index 52298fcc8..b62d4d1f6 100644 --- a/qa/docker/spec/spec_helper.rb +++ b/qa/docker/spec/spec_helper.rb @@ -38,7 +38,8 @@ end def wait_for_logstash(container) Stud.try(40.times, [NoMethodError, Docker::Error::ConflictError, RSpec::Expectations::ExpectationNotMetError, TypeError]) do expect(logstash_available?(container)).to be true - expect(get_logstash_status(container)).to eql 'green' + # unknown or red status may be also meaningful while testing + expect(%w(unknown green yellow red).include?(get_logstash_status(container))).to be true end end From 648472106f92d50d72a4283dfe571dae057f9714 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Thu, 10 Oct 2024 18:57:34 +0200 Subject: [PATCH 065/290] [test] Fix xpack test to check for http_address stats only if the webserver is enabled (#16525) Set the 'api.enabled' setting to reflect the flag webserver_enabled and consequently test for http_address presence in settings iff the web server is enabled. --- .../metrics/stats_event_factory_spec.rb | 40 +++++++++++-------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb b/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb index c563306fc..90387e5cb 100644 --- a/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb +++ b/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb @@ -50,6 +50,7 @@ describe LogStash::Inputs::Metrics::StatsEventFactory do let(:pipeline_settings) { LogStash::Runner::SYSTEM_SETTINGS.clone.merge({ "pipeline.id" => "main", "config.string" => config, + "api.enabled" => webserver_enabled, }) } let(:agent) { LogStash::Agent.new(pipeline_settings) } @@ -70,14 +71,16 @@ describe LogStash::Inputs::Metrics::StatsEventFactory do # easily observable, feel free to refactor with a better "timing" test here. wait(60).for { collector.snapshot_metric.metric_store.size }.to be >= 72 - # Wait http server is up - wait(120).for { - begin - collector.snapshot_metric.metric_store.get_shallow(:http_address) - rescue LogStash::Instrument::MetricStore::MetricNotFound => e - nil - end - }.not_to be_nil + if webserver_enabled + # Wait http server is up + wait(120).for { + begin + collector.snapshot_metric.metric_store.get_shallow(:http_address) + rescue LogStash::Instrument::MetricStore::MetricNotFound => e + nil + end + }.not_to be_nil + end end after :each do @@ -86,14 +89,19 @@ describe LogStash::Inputs::Metrics::StatsEventFactory do LogStash::SETTINGS.set_value("monitoring.enabled", false) end - context "new model" do - it_behaves_like("new model monitoring event with webserver setting") do - let(:webserver_enabled) {false} - end - it_behaves_like("new model monitoring event with webserver setting") do - let(:webserver_enabled) {true} - end - end + context "new model" do + context "with webserver disabled" do + it_behaves_like("new model monitoring event with webserver setting") do + let(:webserver_enabled) {false} + end + end + + context "with webserver enabled" do + it_behaves_like("new model monitoring event with webserver setting") do + let(:webserver_enabled) {true} + end + end + end # TODO: fix issue https://github.com/elastic/logstash/issues/12711 xcontext "old model" do From 7f7af057f06651799068803fa65fb89172a25d72 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:17:14 -0700 Subject: [PATCH 066/290] Feature: health report api (#16520) (#16523) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [health] bootstrap HealthObserver from agent to API (#16141) * [health] bootstrap HealthObserver from agent to API * specs: mocked agent needs health observer * add license headers * Merge `main` into `feature/health-report-api` (#16397) * Add GH vault plugin bot to allowed list (#16301) * regenerate webserver test certificates (#16331) * correctly handle stack overflow errors during pipeline compilation (#16323) This commit improves error handling when pipelines that are too big hit the Xss limit and throw a StackOverflowError. Currently the exception is printed outside of the logger, and doesn’t even show if log.format is json, leaving the user to wonder what happened. A couple of thoughts on the way this is implemented: * There should be a first barrier to handle pipelines that are too large based on the PipelineIR compilation. The barrier would use the detection of Xss to determine how big a pipeline could be. This however doesn't reduce the need to still handle a StackOverflow if it happens. * The catching of StackOverflowError could also be done on the WorkerLoop. However I'd suggest that this is unrelated to the Worker initialization itself, it just so happens that compiledPipeline.buildExecution is computed inside the WorkerLoop class for performance reasons. So I'd prefer logging to not come from the existing catch, but from a dedicated catch clause. Solves #16320 * Doc: Reposition worker-utilization in doc (#16335) * settings: add support for observing settings after post-process hooks (#16339) Because logging configuration occurs after loading the `logstash.yml` settings, deprecation logs from `LogStash::Settings::DeprecatedAlias#set` are effectively emitted to a null logger and lost. By re-emitting after the post-process hooks, we can ensure that they make their way to the deprecation log. This change adds support for any setting that responds to `Object#observe_post_process` to receive it after all post-processing hooks have been executed. Resolves: elastic/logstash#16332 * fix line used to determine ES is up (#16349) * add retries to snyk buildkite job (#16343) * Fix 8.13.1 release notes (#16363) make a note of the fix that went to 8.13.1: #16026 Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> * Update logstash_releases.json (#16347) * [Bugfix] Resolve the array and char (single | double quote) escaped values of ${ENV} (#16365) * Properly resolve the values from ENV vars if literal array string provided with ENV var. * Docker acceptance test for persisting keys and use actual values in docker container. * Review suggestion. Simplify the code by stripping whitespace before `gsub`, no need to check comma and split. Co-authored-by: João Duarte --------- Co-authored-by: João Duarte * Doc: Add SNMP integration to breaking changes (#16374) * deprecate java less-than 17 (#16370) * Exclude substitution refinement on pipelines.yml (#16375) * Exclude substitution refinement on pipelines.yml (applies on ENV vars and logstash.yml where env2yaml saves vars) * Safety integration test for pipeline config.string contains ENV . * Doc: Forwardport 8.15.0 release notes to main (#16388) * Removing 8.14 from ci/branches.json as we have 8.15. (#16390) --------- Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com> Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> Co-authored-by: Andrea Selva Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * Squashed merge from 8.x * Failure injector plugin implementation. (#16466) * Test purpose only failure injector integration (filter and output) plugins implementation. Add unit tests and include license notes. * Fix the degrate method name typo. Co-authored-by: Andrea Selva * Add explanation to the config params and rebuild plugin gem. --------- Co-authored-by: Andrea Selva * Health report integration tests bootstrapper and initial tests implementation (#16467) * Health Report integration tests bootstrapper and initial slow start scenario implementation. * Apply suggestions from code review Renaming expectation check method name. Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> * Changed to branch concept, YAML structure simplified as changed to Dict. * Apply suggestions from code review Reflect `help_url` to the integration test. --------- Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> * health api: expose `GET /_health_report` with pipelines/*/status probe (#16398) Adds a `GET /_health_report` endpoint with per-pipeline status probes, and wires the resulting report status into the other API responses, replacing their hard-coded `green` with a meaningful status indication. --------- Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * docs: health report API, and diagnosis links (feature-targeted) (#16518) * docs: health report API, and diagnosis links * Remove plus-for-passthrough markers Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> --------- Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * merge 8.x into feature branch... (#16519) * Add GH vault plugin bot to allowed list (#16301) * regenerate webserver test certificates (#16331) * correctly handle stack overflow errors during pipeline compilation (#16323) This commit improves error handling when pipelines that are too big hit the Xss limit and throw a StackOverflowError. Currently the exception is printed outside of the logger, and doesn’t even show if log.format is json, leaving the user to wonder what happened. A couple of thoughts on the way this is implemented: * There should be a first barrier to handle pipelines that are too large based on the PipelineIR compilation. The barrier would use the detection of Xss to determine how big a pipeline could be. This however doesn't reduce the need to still handle a StackOverflow if it happens. * The catching of StackOverflowError could also be done on the WorkerLoop. However I'd suggest that this is unrelated to the Worker initialization itself, it just so happens that compiledPipeline.buildExecution is computed inside the WorkerLoop class for performance reasons. So I'd prefer logging to not come from the existing catch, but from a dedicated catch clause. Solves #16320 * Doc: Reposition worker-utilization in doc (#16335) * settings: add support for observing settings after post-process hooks (#16339) Because logging configuration occurs after loading the `logstash.yml` settings, deprecation logs from `LogStash::Settings::DeprecatedAlias#set` are effectively emitted to a null logger and lost. By re-emitting after the post-process hooks, we can ensure that they make their way to the deprecation log. This change adds support for any setting that responds to `Object#observe_post_process` to receive it after all post-processing hooks have been executed. Resolves: elastic/logstash#16332 * fix line used to determine ES is up (#16349) * add retries to snyk buildkite job (#16343) * Fix 8.13.1 release notes (#16363) make a note of the fix that went to 8.13.1: #16026 Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> * Update logstash_releases.json (#16347) * [Bugfix] Resolve the array and char (single | double quote) escaped values of ${ENV} (#16365) * Properly resolve the values from ENV vars if literal array string provided with ENV var. * Docker acceptance test for persisting keys and use actual values in docker container. * Review suggestion. Simplify the code by stripping whitespace before `gsub`, no need to check comma and split. Co-authored-by: João Duarte --------- Co-authored-by: João Duarte * Doc: Add SNMP integration to breaking changes (#16374) * deprecate java less-than 17 (#16370) * Exclude substitution refinement on pipelines.yml (#16375) * Exclude substitution refinement on pipelines.yml (applies on ENV vars and logstash.yml where env2yaml saves vars) * Safety integration test for pipeline config.string contains ENV . * Doc: Forwardport 8.15.0 release notes to main (#16388) * Removing 8.14 from ci/branches.json as we have 8.15. (#16390) * Increase Jruby -Xmx to avoid OOM during zip task in DRA (#16408) Fix: #16406 * Generate Dataset code with meaningful fields names (#16386) This PR is intended to help Logstash developers or users that want to better understand the code that's autogenerated to model a pipeline, assigning more meaningful names to the Datasets subclasses' fields. Updates `FieldDefinition` to receive the name of the field from construction methods, so that it can be used during the code generation phase, instead of the existing incremental `field%n`. Updates `ClassFields` to propagate the explicit field name down to the `FieldDefinitions`. Update the `DatasetCompiler` that add fields to `ClassFields` to assign a proper name to generated Dataset's fields. * Implements safe evaluation of conditional expressions, logging the error without killing the pipeline (#16322) This PR protects the if statements against expression evaluation errors, cancel the event under processing and log it. This avoids to crash the pipeline which encounter a runtime error during event condition evaluation, permitting to debug the root cause reporting the offending event and removing from the current processing batch. Translates the `org.jruby.exceptions.TypeError`, `IllegalArgumentException`, `org.jruby.exceptions.ArgumentError` that could happen during `EventCodition` evaluation into a custom `ConditionalEvaluationError` which bubbles up on AST tree nodes. It's catched in the `SplitDataset` node. Updates the generation of the `SplitDataset `so that the execution of `filterEvents` method inside the compute body is try-catch guarded and defer the execution to an instance of `AbstractPipelineExt.ConditionalEvaluationListener` to handle such error. In this particular case the error management consist in just logging the offending Event. --------- Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> * Update logstash_releases.json (#16426) * Release notes for 8.15.1 (#16405) (#16427) * Update release notes for 8.15.1 * update release note --------- Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com> Co-authored-by: Kaise Cheng (cherry picked from commit 2fca7e39e87c20fcfcd934e984720173ce3417e8) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Fix ConditionalEvaluationError to do not include the event that errored in its serialiaxed form, because it's not expected that this class is ever serialized. (#16429) (#16430) Make inner field of ConditionalEvaluationError transient to be avoided during serialization. (cherry picked from commit bb7ecc203f698a56f341fa538bdc1cd4da15b28c) Co-authored-by: Andrea Selva * use gnu tar compatible minitar to generate tar artifact (#16432) (#16434) Using VERSION_QUALIFIER when building the tarball distribution will fail since Ruby's TarWriter implements the older POSIX88 version of tar and paths will be longer than 100 characters. For the long paths being used in Logstash's plugins, mainly due to nested folders from jar-dependencies, we need the tarball to follow either the 2001 ustar format or gnu tar, which is implemented by the minitar gem. (cherry picked from commit 69f0fa54ca07cb3f822846745fdbdd1504175cfb) Co-authored-by: João Duarte * account for the 8.x in DRA publishing task (#16436) (#16440) the current DRA publishing task computes the branch from the version contained in the version.yml This is done by taking the major.minor and confirming that a branch exists with that name. However this pattern won't be applicable for 8.x, as that branch currently points to 8.16.0 and there is no 8.16 branch. This commit falls back to reading the buildkite injected BUILDKITE_BRANCH variable. (cherry picked from commit 17dba9f829a2514aba295ed7a8fa21655b55c86b) Co-authored-by: João Duarte * Fixes the issue where LS wipes out all quotes from docker env variables. (#16456) (#16459) * Fixes the issue where LS wipes out all quotes from docker env variables. This is an issue when running LS on docker with CONFIG_STRING, needs to keep quotes with env variable. * Add a docker acceptance integration test. (cherry picked from commit 7c64c7394bf47e8b5316710876ed55350df46d61) Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * Known issue for 8.15.1 related to env vars references (#16455) (#16469) (cherry picked from commit b54caf3fd8e907c526ab2b8897ce4de4656c2fd5) Co-authored-by: Luca Belluccini * bump .ruby_version to jruby-9.4.8.0 (#16477) (#16480) (cherry picked from commit 51cca7320e5c54865ab3fe2d4101496bd69cacca) Co-authored-by: João Duarte * Release notes for 8.15.2 (#16471) (#16478) Co-authored-by: andsel Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> (cherry picked from commit 01dc76f3b55333f0c49d7190c0cd4ca14b74a7c0) * Change LogStash::Util::SubstitutionVariables#replace_placeholders refine argument to optional (#16485) (#16488) (cherry picked from commit 8368c00367cac0c5f5e0090c26be8795b2e8c7d2) Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> * Use jruby-9.4.8.0 in exhaustive CIs. (#16489) (#16491) (cherry picked from commit fd1de39005cf4646d8faa3f89b1963c716ec6088) Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * Don't use an older JRuby with oraclelinux-7 (#16499) (#16501) A recent PR (elastic/ci-agent-images/pull/932) modernized the VM images and removed JRuby 9.4.5.0 and some older versions. This ended up breaking exhaustive test on Oracle Linux 7 that hard coded JRuby 9.4.5.0. PR https://github.com/elastic/logstash/pull/16489 worked around the problem by pinning to the new JRuby, but actually we don't need the conditional anymore since the original issue https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 has been resolved and none of our releasable branches (apart from 7.17 which uses `9.2.20.1`) specify `9.3.x.y` in `/.ruby-version`. Therefore, this commit removes conditional setting of JRuby for OracleLinux 7 agents in exhaustive tests (and relies on whatever `/.ruby-version` defines). (cherry picked from commit 07c01f8231daf14113b2ce57791712ec74365799) Co-authored-by: Dimitrios Liappis * Improve pipeline bootstrap error logs (#16495) (#16504) This PR adds the cause errors details on the pipeline converge state error logs (cherry picked from commit e84fb458ce2f092e065c63df649222f8cbda8c44) Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> * Logstash Health Report Tests Buildkite pipeline setup. (#16416) (#16511) (cherry picked from commit 5195332bc6a758198cae70fea7d88dfddf0fa15a) Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * Make health report test runner script executable. (#16446) (#16512) (cherry picked from commit 2ebf2658ff86678125b04c8826958b468ee0da1f) Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> * Backport PR #16423 to 8.x: DLQ-ing events that trigger an conditional evaluation error. (#16493) * DLQ-ing events that trigger an conditional evaluation error. (#16423) When a conditional evaluation encounter an error in the expression the event that triggered the issue is sent to pipeline's DLQ, if enabled for the executing pipeline. This PR engage with the work done in #16322, the `ConditionalEvaluationListener` that is receives notifications about if-statements evaluation failure, is improved to also send the event to DLQ (if enabled in the pipeline) and not just logging it. (cherry picked from commit b69d993d718dfd639603cdb5d340947b09a6687a) * Fixed warning about non serializable field DeadLetterQueueWriter in serializable AbstractPipelineExt --------- Co-authored-by: Andrea Selva * add deprecation log for `--event_api.tags.illegal` (#16507) (#16515) - move `--event_api.tags.illegal` from option to deprecated_option - add deprecation log when the flag is explicitly used relates: #16356 Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> (cherry picked from commit a4eddb8a2a79c7e1eb7696140795580427792cb1) Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> --------- Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com> Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> Co-authored-by: Andrea Selva Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Luca Belluccini Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Co-authored-by: Dimitrios Liappis --------- Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com> Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> Co-authored-by: Andrea Selva Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com> Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Luca Belluccini Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Co-authored-by: Dimitrios Liappis (cherry picked from commit 7eb5185b4e75061cfa0a091a8bafb622eab5a2f2) Co-authored-by: Ry Biesemeyer --- .../scripts/health-report-tests/README.md | 18 ++ .../scripts/health-report-tests/__init__.py | 0 .../scripts/health-report-tests/bootstrap.py | 101 +++++++++ .../health-report-tests/config/pipelines.yml | 1 + .../health-report-tests/config_validator.py | 69 ++++++ .../logstash_health_report.py | 16 ++ .../scripts/health-report-tests/main.py | 87 ++++++++ .../scripts/health-report-tests/main.sh | 8 +- .../health-report-tests/requirements.txt | 2 + .../health-report-tests/scenario_executor.py | 65 ++++++ .../tests/abnormal-termination.yaml | 31 +++ .../tests/normal-termination.yaml | 29 +++ .../health-report-tests/tests/slow-start.yaml | 30 +++ .../scripts/health-report-tests/util.py | 35 +++ .../monitoring/monitoring-apis.asciidoc | 156 ++++++++++++- docs/static/releasenotes.asciidoc | 2 +- .../health-pipeline-status.asciidoc | 37 ++++ .../troubleshoot/troubleshooting.asciidoc | 1 + logstash-core/build.gradle | 18 ++ logstash-core/lib/logstash/agent.rb | 30 +++ .../lib/logstash/api/command_factory.rb | 2 + .../logstash/api/commands/default_metadata.rb | 24 +- .../logstash/api/commands/health_report.rb | 31 +++ .../lib/logstash/api/modules/health_report.rb | 49 +++++ logstash-core/lib/logstash/api/rack_app.rb | 2 + logstash-core/lib/logstash/java_pipeline.rb | 11 + .../lib/logstash/pipeline_action/create.rb | 8 + .../lib/logstash/pipeline_action/delete.rb | 5 + .../pipeline_action/stop_and_delete.rb | 5 + .../lib/logstash/pipelines_registry.rb | 16 ++ .../spec/logstash/java_pipeline_spec.rb | 3 + .../logstash/pipeline_action/create_spec.rb | 6 + .../logstash/pipeline_action/delete_spec.rb | 78 +++++++ .../pipeline_action/stop_and_delete_spec.rb | 79 +++++++ logstash-core/spec/logstash/webserver_spec.rb | 8 +- .../src/main/java/org/logstash/Logstash.java | 20 ++ .../ext/JrubyWrappedSynchronousQueueExt.java | 1 + .../org/logstash/health/ApiHealthReport.java | 60 +++++ .../java/org/logstash/health/Diagnosis.java | 113 ++++++++++ .../org/logstash/health/HealthObserver.java | 64 ++++++ .../java/org/logstash/health/HelpUrl.java | 68 ++++++ .../main/java/org/logstash/health/Impact.java | 111 ++++++++++ .../java/org/logstash/health/ImpactArea.java | 43 ++++ .../java/org/logstash/health/Indicator.java | 31 +++ .../org/logstash/health/MultiIndicator.java | 164 ++++++++++++++ .../logstash/health/PipelineIndicator.java | 195 +++++++++++++++++ .../main/java/org/logstash/health/Probe.java | 93 ++++++++ .../org/logstash/health/ProbeIndicator.java | 205 ++++++++++++++++++ .../org/logstash/health/ReportContext.java | 58 +++++ .../main/java/org/logstash/health/Status.java | 67 ++++++ .../logstash/health/ProbeIndicatorTest.java | 128 +++++++++++ .../java/org/logstash/health/StatusTest.java | 106 +++++++++ .../README.md | 10 + .../lib/logstash/filters/failure_injector.rb | 91 ++++++++ .../lib/logstash/outputs/failure_injector.rb | 91 ++++++++ .../logstash/utils/failure_injector_util.rb | 37 ++++ ...ash-integration-failure_injector-0.0.1.gem | Bin 0 -> 7168 bytes ...stash-integration-failure_injector.gemspec | 26 +++ .../spec/unit/failure_injector_spec.rb | 129 +++++++++++ 59 files changed, 2955 insertions(+), 19 deletions(-) create mode 100644 .buildkite/scripts/health-report-tests/README.md create mode 100644 .buildkite/scripts/health-report-tests/__init__.py create mode 100644 .buildkite/scripts/health-report-tests/bootstrap.py create mode 100644 .buildkite/scripts/health-report-tests/config/pipelines.yml create mode 100644 .buildkite/scripts/health-report-tests/config_validator.py create mode 100644 .buildkite/scripts/health-report-tests/logstash_health_report.py create mode 100644 .buildkite/scripts/health-report-tests/main.py create mode 100644 .buildkite/scripts/health-report-tests/requirements.txt create mode 100644 .buildkite/scripts/health-report-tests/scenario_executor.py create mode 100644 .buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml create mode 100644 .buildkite/scripts/health-report-tests/tests/normal-termination.yaml create mode 100644 .buildkite/scripts/health-report-tests/tests/slow-start.yaml create mode 100644 .buildkite/scripts/health-report-tests/util.py create mode 100644 docs/static/troubleshoot/health-pipeline-status.asciidoc create mode 100644 logstash-core/lib/logstash/api/commands/health_report.rb create mode 100644 logstash-core/lib/logstash/api/modules/health_report.rb create mode 100644 logstash-core/spec/logstash/pipeline_action/delete_spec.rb create mode 100644 logstash-core/spec/logstash/pipeline_action/stop_and_delete_spec.rb create mode 100644 logstash-core/src/main/java/org/logstash/health/ApiHealthReport.java create mode 100644 logstash-core/src/main/java/org/logstash/health/Diagnosis.java create mode 100644 logstash-core/src/main/java/org/logstash/health/HealthObserver.java create mode 100644 logstash-core/src/main/java/org/logstash/health/HelpUrl.java create mode 100644 logstash-core/src/main/java/org/logstash/health/Impact.java create mode 100644 logstash-core/src/main/java/org/logstash/health/ImpactArea.java create mode 100644 logstash-core/src/main/java/org/logstash/health/Indicator.java create mode 100644 logstash-core/src/main/java/org/logstash/health/MultiIndicator.java create mode 100644 logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java create mode 100644 logstash-core/src/main/java/org/logstash/health/Probe.java create mode 100644 logstash-core/src/main/java/org/logstash/health/ProbeIndicator.java create mode 100644 logstash-core/src/main/java/org/logstash/health/ReportContext.java create mode 100644 logstash-core/src/main/java/org/logstash/health/Status.java create mode 100644 logstash-core/src/test/java/org/logstash/health/ProbeIndicatorTest.java create mode 100644 logstash-core/src/test/java/org/logstash/health/StatusTest.java create mode 100644 qa/support/logstash-integration-failure_injector/README.md create mode 100644 qa/support/logstash-integration-failure_injector/lib/logstash/filters/failure_injector.rb create mode 100644 qa/support/logstash-integration-failure_injector/lib/logstash/outputs/failure_injector.rb create mode 100644 qa/support/logstash-integration-failure_injector/lib/logstash/utils/failure_injector_util.rb create mode 100644 qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector-0.0.1.gem create mode 100644 qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector.gemspec create mode 100644 qa/support/logstash-integration-failure_injector/spec/unit/failure_injector_spec.rb diff --git a/.buildkite/scripts/health-report-tests/README.md b/.buildkite/scripts/health-report-tests/README.md new file mode 100644 index 000000000..99bd198a8 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/README.md @@ -0,0 +1,18 @@ +## Description +This package for integration tests of the Health Report API. +Export `LS_BRANCH` to run on a specific branch. By default, it uses the main branch. + +## How to run the Health Report Integration test? +### Prerequisites +Make sure you have python installed. Install the integration test dependencies with the following command: +```shell +python3 -mpip install -r .buildkite/scripts/health-report-tests/requirements.txt +``` + +### Run the integration tests +```shell +python3 .buildkite/scripts/health-report-tests/main.py +``` + +### Troubleshooting +- If you get `WARNING: pip is configured with locations that require TLS/SSL,...` warning message, make sure you have python >=3.12.4 installed. \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/__init__.py b/.buildkite/scripts/health-report-tests/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/.buildkite/scripts/health-report-tests/bootstrap.py b/.buildkite/scripts/health-report-tests/bootstrap.py new file mode 100644 index 000000000..180592b4e --- /dev/null +++ b/.buildkite/scripts/health-report-tests/bootstrap.py @@ -0,0 +1,101 @@ +""" +Health Report Integration test bootstrapper with Python script + - A script to resolve Logstash version if not provided + - Download LS docker image and spin up + - When tests finished, teardown the Logstash +""" +import os +import subprocess +import util +import yaml + + +class Bootstrap: + ELASTIC_STACK_VERSIONS_URL = "https://artifacts-api.elastic.co/v1/versions" + + def __init__(self) -> None: + f""" + A constructor of the {Bootstrap}. + Returns: + Resolves Logstash branch considering provided LS_BRANCH + Checks out git branch + """ + logstash_branch = os.environ.get("LS_BRANCH") + if logstash_branch is None: + # version is not specified, use the main branch, no need to git checkout + print(f"LS_BRANCH is not specified, using main branch.") + else: + # LS_BRANCH accepts major latest as a major.x or specific branch as X.Y + if logstash_branch.find(".x") == -1: + print(f"Using specified branch: {logstash_branch}") + util.git_check_out_branch(logstash_branch) + else: + major_version = logstash_branch.split(".")[0] + if major_version and major_version.isnumeric(): + resolved_version = self.__resolve_latest_stack_version_for(major_version) + minor_version = resolved_version.split(".")[1] + branch = major_version + "." + minor_version + print(f"Using resolved branch: {branch}") + util.git_check_out_branch(branch) + else: + raise ValueError(f"Invalid value set to LS_BRANCH. Please set it properly (ex: 8.x or 9.0) and " + f"rerun again") + + def __resolve_latest_stack_version_for(self, major_version: str) -> str: + resolved_version = "" + response = util.call_url_with_retry(self.ELASTIC_STACK_VERSIONS_URL) + release_versions = response.json()["versions"] + for release_version in reversed(release_versions): + if release_version.find("SNAPSHOT") > 0: + continue + if release_version.split(".")[0] == major_version: + print(f"Resolved latest version for {major_version} is {release_version}.") + resolved_version = release_version + break + + if resolved_version == "": + raise ValueError(f"Cannot resolve latest version for {major_version} major") + return resolved_version + + def install_plugin(self, plugin_path: str) -> None: + util.run_or_raise_error( + ["bin/logstash-plugin", "install", plugin_path], + f"Failed to install {plugin_path}") + + def build_logstash(self): + print(f"Building Logstash.") + util.run_or_raise_error( + ["./gradlew", "clean", "bootstrap", "assemble", "installDefaultGems"], + "Failed to build Logstash") + print(f"Logstash has successfully built.") + + def apply_config(self, config: dict) -> None: + with open(os.getcwd() + "/.buildkite/scripts/health-report-tests/config/pipelines.yml", 'w') as pipelines_file: + yaml.dump(config, pipelines_file) + + def run_logstash(self, full_start_required: bool) -> subprocess.Popen: + # --config.reload.automatic is to make instance active + # it is helpful when testing crash pipeline cases + config_path = os.getcwd() + "/.buildkite/scripts/health-report-tests/config" + process = subprocess.Popen(["bin/logstash", "--config.reload.automatic", "--path.settings", config_path, + "-w 1"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True, shell=False) + if process.poll() is not None: + print(f"Logstash failed to run, check the the config and logs, then rerun.") + return None + + # Read stdout and stderr in real-time + logs = [] + for stdout_line in iter(process.stdout.readline, ""): + logs.append(stdout_line.strip()) + # we don't wait for Logstash fully start as we also test slow pipeline start scenarios + if full_start_required is False and "Starting pipeline" in stdout_line: + break + if full_start_required is True and "Pipeline started" in stdout_line: + break + if "Logstash shut down" in stdout_line or "Logstash stopped" in stdout_line: + print(f"Logstash couldn't spin up.") + print(logs) + return None + + print(f"Logstash is running with PID: {process.pid}.") + return process diff --git a/.buildkite/scripts/health-report-tests/config/pipelines.yml b/.buildkite/scripts/health-report-tests/config/pipelines.yml new file mode 100644 index 000000000..cfa2d9632 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/config/pipelines.yml @@ -0,0 +1 @@ +# Intentionally left blank \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/config_validator.py b/.buildkite/scripts/health-report-tests/config_validator.py new file mode 100644 index 000000000..a0b6df9b7 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/config_validator.py @@ -0,0 +1,69 @@ +import yaml +from typing import Any, List, Dict + + +class ConfigValidator: + REQUIRED_KEYS = { + "root": ["name", "config", "conditions", "expectation"], + "config": ["pipeline.id", "config.string"], + "conditions": ["full_start_required"], + "expectation": ["status", "symptom", "indicators"], + "indicators": ["pipelines"], + "pipelines": ["status", "symptom", "indicators"], + "DYNAMIC": ["status", "symptom", "diagnosis", "impacts", "details"], + "details": ["status"], + "status": ["state"] + } + + def __init__(self): + self.yaml_content = None + + def __has_valid_keys(self, data: any, key_path: str, repeated: bool) -> bool: + if isinstance(data, str) or isinstance(data, bool): # we reached values + return True + + # we have two indicators section and for the next repeated ones, we go deeper + first_key = next(iter(data)) + data = data[first_key] if repeated and key_path == "indicators" else data + + if isinstance(data, dict): + # pipeline-id is a DYNAMIC + required = self.REQUIRED_KEYS.get("DYNAMIC" if repeated and key_path == "indicators" else key_path, []) + repeated = not repeated if key_path == "indicators" else repeated + for key in required: + if key not in data: + print(f"Missing key '{key}' in '{key_path}'") + return False + else: + dic_keys_result = self.__has_valid_keys(data[key], key, repeated) + if dic_keys_result is False: + return False + elif isinstance(data, list): + for item in data: + list_keys_result = self.__has_valid_keys(item, key_path, repeated) + if list_keys_result is False: + return False + return True + + def load(self, file_path: str) -> None: + """Load the YAML file content into self.yaml_content.""" + self.yaml_content: [Dict[str, Any]] = None + try: + with open(file_path, 'r') as file: + self.yaml_content = yaml.safe_load(file) + except yaml.YAMLError as exc: + print(f"Error in YAML file: {exc}") + self.yaml_content = None + + def is_valid(self) -> bool: + """Validate the entire YAML structure.""" + if self.yaml_content is None: + print(f"YAML content is empty.") + return False + + if not isinstance(self.yaml_content, dict): + print(f"YAML structure is not as expected, it should start with a Dict.") + return False + + result = self.__has_valid_keys(self.yaml_content, "root", False) + return True if result is True else False diff --git a/.buildkite/scripts/health-report-tests/logstash_health_report.py b/.buildkite/scripts/health-report-tests/logstash_health_report.py new file mode 100644 index 000000000..6b00cff07 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/logstash_health_report.py @@ -0,0 +1,16 @@ +""" +A class to provide information about Logstash node stats. +""" + +import util + + +class LogstashHealthReport: + LOGSTASH_HEALTH_REPORT_URL = "http://localhost:9600/_health_report" + + def __init__(self): + pass + + def get(self): + response = util.call_url_with_retry(self.LOGSTASH_HEALTH_REPORT_URL) + return response.json() diff --git a/.buildkite/scripts/health-report-tests/main.py b/.buildkite/scripts/health-report-tests/main.py new file mode 100644 index 000000000..bccfe7fe0 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/main.py @@ -0,0 +1,87 @@ +""" + Main entry point of the LS health report API integration test suites +""" +import glob +import os +import time +import traceback +import yaml +from bootstrap import Bootstrap +from scenario_executor import ScenarioExecutor +from config_validator import ConfigValidator + + +class BootstrapContextManager: + + def __init__(self): + pass + + def __enter__(self): + print(f"Starting Logstash Health Report Integration test.") + self.bootstrap = Bootstrap() + self.bootstrap.build_logstash() + + plugin_path = os.getcwd() + "/qa/support/logstash-integration-failure_injector/logstash-integration" \ + "-failure_injector-*.gem" + matching_files = glob.glob(plugin_path) + if len(matching_files) == 0: + raise ValueError(f"Could not find logstash-integration-failure_injector plugin.") + + self.bootstrap.install_plugin(matching_files[0]) + print(f"logstash-integration-failure_injector successfully installed.") + return self.bootstrap + + def __exit__(self, exc_type, exc_value, exc_traceback): + if exc_type is not None: + print(traceback.format_exception(exc_type, exc_value, exc_traceback)) + + +def main(): + with BootstrapContextManager() as bootstrap: + scenario_executor = ScenarioExecutor() + config_validator = ConfigValidator() + + working_dir = os.getcwd() + scenario_files_path = working_dir + "/.buildkite/scripts/health-report-tests/tests/*.yaml" + scenario_files = glob.glob(scenario_files_path) + + for scenario_file in scenario_files: + print(f"Validating {scenario_file} scenario file.") + config_validator.load(scenario_file) + if config_validator.is_valid() is False: + print(f"{scenario_file} scenario file is not valid.") + return + else: + print(f"Validation succeeded.") + + has_failed_scenario = False + for scenario_file in scenario_files: + with open(scenario_file, 'r') as file: + # scenario_content: Dict[str, Any] = None + scenario_content = yaml.safe_load(file) + print(f"Testing `{scenario_content.get('name')}` scenario.") + scenario_name = scenario_content['name'] + + is_full_start_required = next(sub.get('full_start_required') for sub in + scenario_content.get('conditions') if 'full_start_required' in sub) + config = scenario_content['config'] + if config is not None: + bootstrap.apply_config(config) + expectations = scenario_content.get("expectation") + process = bootstrap.run_logstash(is_full_start_required) + if process is not None: + try: + scenario_executor.on(scenario_name, expectations) + except Exception as e: + print(e) + has_failed_scenario = True + process.terminate() + time.sleep(5) # leave some window to terminate the process + + if has_failed_scenario: + # intentionally fail due to visibility + raise Exception("Some of scenarios failed, check the log for details.") + + +if __name__ == "__main__": + main() diff --git a/.buildkite/scripts/health-report-tests/main.sh b/.buildkite/scripts/health-report-tests/main.sh index c31a4b120..8b0dd00cd 100755 --- a/.buildkite/scripts/health-report-tests/main.sh +++ b/.buildkite/scripts/health-report-tests/main.sh @@ -1,9 +1,5 @@ #!/usr/bin/env bash set -eo pipefail -# TODO: -# if branch is specified with X.Y, pull branches from ACTIVE_BRANCHES_URL="https://raw.githubusercontent.com/elastic/logstash/main/ci/branches.json", parse and use -# build Logstash from specificed (ex: 8.x -> translates to 8.latest, 8.16) branch, defaults to main -# install requirements of the python package and run main.py - - +python3 -mpip install -r .buildkite/scripts/health-report-tests/requirements.txt +python3 .buildkite/scripts/health-report-tests/main.py diff --git a/.buildkite/scripts/health-report-tests/requirements.txt b/.buildkite/scripts/health-report-tests/requirements.txt new file mode 100644 index 000000000..c48e50211 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/requirements.txt @@ -0,0 +1,2 @@ +requests==2.32.3 +pyyaml==6.0.2 \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/scenario_executor.py b/.buildkite/scripts/health-report-tests/scenario_executor.py new file mode 100644 index 000000000..2db8a31d8 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/scenario_executor.py @@ -0,0 +1,65 @@ +""" +A class to execute the given scenario for Logstash Health Report integration test +""" +import time +from logstash_health_report import LogstashHealthReport + + +class ScenarioExecutor: + logstash_health_report_api = LogstashHealthReport() + + def __init__(self): + pass + + def __has_intersection(self, expects, results): + # we expect expects to be existing in results + for expect in expects: + for result in results: + if result.get('help_url') and "health-report-pipeline-status.html#" not in result.get('help_url'): + return False + if not all(key in result and result[key] == value for key, value in expect.items()): + return False + return True + + def __get_difference(self, differences: list, expectations: dict, reports: dict) -> dict: + for key in expectations.keys(): + + if type(expectations.get(key)) != type(reports.get(key)): + differences.append(f"Scenario expectation and Health API report structure differs for {key}.") + return differences + + if isinstance(expectations.get(key), str): + if expectations.get(key) != reports.get(key): + differences.append({key: {"expected": expectations.get(key), "got": reports.get(key)}}) + continue + elif isinstance(expectations.get(key), dict): + self.__get_difference(differences, expectations.get(key), reports.get(key)) + elif isinstance(expectations.get(key), list): + if not self.__has_intersection(expectations.get(key), reports.get(key)): + differences.append({key: {"expected": expectations.get(key), "got": reports.get(key)}}) + return differences + + def __is_expected(self, expectations: dict) -> None: + reports = self.logstash_health_report_api.get() + differences = self.__get_difference([], expectations, reports) + if differences: + print("Differences found in 'expectation' section between YAML content and stats:") + for diff in differences: + print(f"Difference: {diff}") + return False + else: + return True + + def on(self, scenario_name: str, expectations: dict) -> None: + # retriable check the expectations + attempts = 5 + while self.__is_expected(expectations) is False: + attempts = attempts - 1 + if attempts == 0: + break + time.sleep(1) + + if attempts == 0: + raise Exception(f"{scenario_name} failed.") + else: + print(f"Scenario `{scenario_name}` expectaion meets the health report stats.") diff --git a/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml b/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml new file mode 100644 index 000000000..219d8e93b --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml @@ -0,0 +1,31 @@ +name: "Abnormally terminated pipeline" +config: + - pipeline.id: abnormally-terminated-pp + config.string: | + input { heartbeat { interval => 1 } } + filter { failure_injector { crash_at => filter } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + - full_start_required: true +expectation: + status: "red" + symptom: "1 indicator is unhealthy (`pipelines`)" + indicators: + pipelines: + status: "red" + symptom: "1 indicator is unhealthy (`abnormally-terminated-pp`)" + indicators: + abnormally-terminated-pp: + status: "red" + symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline is not running, likely because it has encountered an error" + - action: "view logs to determine the cause of abnormal pipeline shutdown" + impacts: + - description: "the pipeline is not currently processing" + - impact_areas: ["pipeline_execution"] + details: + status: + state: "TERMINATED" \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml b/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml new file mode 100644 index 000000000..86a05deb5 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml @@ -0,0 +1,29 @@ +name: "Successfully terminated pipeline" +config: + - pipeline.id: normally-terminated-pp + config.string: | + input { generator { count => 1 } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + - full_start_required: true +expectation: + status: "yellow" + symptom: "1 indicator is concerning (`pipelines`)" + indicators: + pipelines: + status: "yellow" + symptom: "1 indicator is concerning (`normally-terminated-pp`)" + indicators: + normally-terminated-pp: + status: "yellow" + symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline has finished running because its inputs have been closed and events have been processed" + - action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events" + impacts: + - impact_areas: ["pipeline_execution"] + details: + status: + state: "FINISHED" \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/slow-start.yaml b/.buildkite/scripts/health-report-tests/tests/slow-start.yaml new file mode 100644 index 000000000..d036391a9 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/slow-start.yaml @@ -0,0 +1,30 @@ +name: "Slow start pipeline" +config: + - pipeline.id: slow-start-pp + config.string: | + input { heartbeat {} } + filter { failure_injector { degrade_at => [register] } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + - full_start_required: false +expectation: + status: "yellow" + symptom: "1 indicator is concerning (`pipelines`)" + indicators: + pipelines: + status: "yellow" + symptom: "1 indicator is concerning (`slow-start-pp`)" + indicators: + slow-start-pp: + status: "yellow" + symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline is loading" + - action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled" + impacts: + - impact_areas: ["pipeline_execution"] + details: + status: + state: "LOADING" \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/util.py b/.buildkite/scripts/health-report-tests/util.py new file mode 100644 index 000000000..c7e840f06 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/util.py @@ -0,0 +1,35 @@ +import requests +import subprocess +from requests.adapters import HTTPAdapter, Retry + + +def call_url_with_retry(url: str, max_retries: int = 5, delay: int = 1) -> requests.Response: + f""" + Calls the given {url} with maximum of {max_retries} retries with {delay} delay. + """ + schema = "https://" if "https://" in url else "http://" + session = requests.Session() + # retry on most common failures such as connection timeout(408), etc... + retries = Retry(total=max_retries, backoff_factor=delay, status_forcelist=[408, 502, 503, 504]) + session.mount(schema, HTTPAdapter(max_retries=retries)) + return session.get(url) + + +def git_check_out_branch(branch_name: str) -> None: + f""" + Checks out specified branch or fails with error if checkout operation fails. + """ + run_or_raise_error(["git", "checkout", branch_name], + "Error occurred while checking out the " + branch_name + " branch") + + +def run_or_raise_error(commands: list, error_message): + f""" + Executes the {list} commands and raises an {Exception} if opration fails. + """ + result = subprocess.run(commands, universal_newlines=True, stdout=subprocess.PIPE) + if result.returncode != 0: + full_error_message = (error_message + ", output: " + result.stdout.decode('utf-8')) \ + if result.stdout else error_message + raise Exception(f"{full_error_message}") + diff --git a/docs/static/monitoring/monitoring-apis.asciidoc b/docs/static/monitoring/monitoring-apis.asciidoc index 897507d1e..68b4a0b83 100644 --- a/docs/static/monitoring/monitoring-apis.asciidoc +++ b/docs/static/monitoring/monitoring-apis.asciidoc @@ -2,13 +2,13 @@ [[monitoring]] == APIs for monitoring {ls} -{ls} provides monitoring APIs for retrieving runtime metrics -about {ls}: +{ls} provides monitoring APIs for retrieving runtime information about {ls}: * <> * <> * <> * <> +* <> You can use the root resource to retrieve general information about the Logstash instance, including @@ -1184,3 +1184,155 @@ Example of a human-readable response: org.jruby.internal.runtime.NativeThread.join(NativeThread.java:75) -------------------------------------------------- + + +[[logstash-health-report-api]] +=== Health report API + +An API that reports the health status of Logstash. + +[source,js] +-------------------------------------------------- +curl -XGET 'localhost:9600/_health_report?pretty' +-------------------------------------------------- + +==== Description + +The health API returns a report with the health status of Logstash and the pipelines that are running inside of it. +The report contains a list of indicators that compose Logstash functionality. + +Each indicator has a health status of: `green`, `unknown`, `yellow`, or `red`. +The indicator will provide an explanation and metadata describing the reason for its current health status. + +The top-level status is controlled by the worst indicator status. + +In the event that an indicator's status is non-green, a list of impacts may be present in the indicator result which detail the functionalities that are negatively affected by the health issue. +Each impact carries with it a severity level, an area of the system that is affected, and a simple description of the impact on the system. + +Some health indicators can determine the root cause of a health problem and prescribe a set of steps that can be performed in order to improve the health of the system. +The root cause and remediation steps are encapsulated in a `diagnosis`. +A diagnosis contains a cause detailing a root cause analysis, an action containing a brief description of the steps to take to fix the problem, and the URL for detailed troubleshooting help. + +NOTE: The health indicators perform root cause analysis of non-green health statuses. + This can be computationally expensive when called frequently. + +==== Response body + +`status`:: +(Optional, string) Health status of {ls}, based on the aggregated status of all indicators. Statuses are: + +`green`::: +{ls} is healthy. + +`unknown`::: +The health of {ls} could not be determined. + +`yellow`::: +The functionality of {ls} is in a degraded state and may need remediation to avoid the health becoming `red`. + +`red`::: +{ls} is experiencing an outage or certain features are unavailable for use. + +`indicators`:: +(object) Information about the health of the {ls} indicators. + ++ +.Properties of `indicators` +[%collapsible%open] +==== +``:: +(object) Contains health results for an indicator. ++ +.Properties of `` +[%collapsible%open] +======= +`status`:: +(string) Health status of the indicator. Statuses are: + +`green`::: +The indicator is healthy. + +`unknown`::: +The health of the indicator could not be determined. + +`yellow`::: +The functionality of an indicator is in a degraded state and may need remediation to avoid the health becoming `red`. + +`red`::: +The indicator is experiencing an outage or certain features are unavailable for use. + +`symptom`:: +(string) A message providing information about the current health status. + +`details`:: +(Optional, object) An object that contains additional information about the indicator that has lead to the current health status result. +Each indicator has <>. + +`impacts`:: +(Optional, array) If a non-healthy status is returned, indicators may include a list of impacts that this health status will have on {ls}. ++ +.Properties of `impacts` +[%collapsible%open] +======== +`severity`:: +(integer) How important this impact is to the functionality of {ls}. +A value of 1 is the highest severity, with larger values indicating lower severity. + +`description`:: +(string) A description of the impact on {ls}. + +`impact_areas`:: +(array of strings) The areas {ls} functionality that this impact affects. +Possible values are: ++ +-- +* `pipeline_execution` +-- + +======== + +`diagnosis`:: +(Optional, array) If a non-healthy status is returned, indicators may include a list of diagnosis that encapsulate the cause of the health issue and an action to take in order to remediate the problem. ++ +.Properties of `diagnosis` +[%collapsible%open] +======== +`cause`:: +(string) A description of a root cause of this health problem. + +`action`:: +(string) A brief description the steps that should be taken to remediate the problem. +A more detailed step-by-step guide to remediate the problem is provided by the `help_url` field. + +`help_url`:: +(string) A link to the troubleshooting guide that'll fix the health problem. +======== +======= +==== + +[role="child_attributes"] +[[logstash-health-api-response-details]] +==== Indicator Details + +Each health indicator in the health API returns a set of details that further explains the state of the system. +The details have contents and a structure that is unique to each indicator. + +[[logstash-health-api-response-details-pipeline]] +===== Pipeline Indicator Details + +`pipelines/indicators//details`:: +(object) Information about the specified pipeline. ++ +.Properties of `pipelines/indicators//details` +[%collapsible%open] +==== +`status`:: +(object) Details related to the pipeline's current status and run-state. ++ +.Properties of `status` +[%collapsible%open] +======== +`state`:: +(string) The current state of the pipeline, including whether it is `loading`, `running`, `finished`, or `terminated`. +======== +==== diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 72d3dcbab..0151b278a 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -2517,4 +2517,4 @@ We have added another flag to the Benchmark CLI to allow passing a data file wit This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] ==== Plugin releases -Plugins align with release 7.14.0 \ No newline at end of file +Plugins align with release 7.14.0 diff --git a/docs/static/troubleshoot/health-pipeline-status.asciidoc b/docs/static/troubleshoot/health-pipeline-status.asciidoc new file mode 100644 index 000000000..095ef85f9 --- /dev/null +++ b/docs/static/troubleshoot/health-pipeline-status.asciidoc @@ -0,0 +1,37 @@ +[[health-report-pipeline-status]] +=== Health Report Pipeline Status + +The Pipeline indicator has a `status` probe that is capable of producing one of several diagnoses about the pipeline's lifecycle, indicating whether the pipeline is currently running. + +[[health-report-pipeline-status-diagnosis-loading]] +==== [[loading]]Loading Pipeline + +A pipeline that is loading is not yet processing data, and is considered a temporarily-degraded pipeline state. +Some plugins perform actions or pre-validation that can delay the starting of the pipeline, such as when a plugin pre-establishes a connection to an external service before allowing the pipeline to start. +When these plugins take significant time to start up, the whole pipeline can remain in a loading state for an extended time. + +If your pipeline does not come up in a reasonable amount of time, consider checking the Logstash logs to see if the plugin shows evidence of being caught in a retry loop. + +[[health-report-pipeline-status-diagnosis-finished]] +==== [[finished]]Finished Pipeline + +A logstash pipeline whose input plugins have all completed will be shut down once events have finished processing. + +Many plugins can be configured to run indefinitely, either by listening for new inbound events or by polling for events on a schedule. +A finished pipeline will not produce or process any more events until it is restarted, which will occur if the pipeline's definition is changed and pipeline reloads are enabled. +If you wish to keep your pipeline runing, consider configuring its input to run on a schedule or otherwise listen for new events. + +[[health-report-pipeline-status-diagnosis-terminated]] +==== [[terminated]]Terminated Pipeline + +When a Logstash pipeline's filter or output plugins crash, the entire pipeline is terminated and intervention is required. + +A terminated pipeline will not produce or process any more events until it is restarted, which will occur if the pipeline's definition is changed and pipeline reloads are enabled. +Check the logs to determine the cause of the crash, and report the issue to the plugin maintainers. + +[[health-report-pipeline-status-diagnosis-unknown]] +==== [[unknown]]Unknown Pipeline + +When a Logstash pipeline either cannot be created or has recently been deleted the health report doesn't know enough to produce a meaningful status. + +Check the logs to determine if the pipeline crashed during creation, and report the issue to the plugin maintainers. diff --git a/docs/static/troubleshoot/troubleshooting.asciidoc b/docs/static/troubleshoot/troubleshooting.asciidoc index b4c8ee7a0..66bb60f45 100644 --- a/docs/static/troubleshoot/troubleshooting.asciidoc +++ b/docs/static/troubleshoot/troubleshooting.asciidoc @@ -28,3 +28,4 @@ include::ts-logstash.asciidoc[] include::ts-plugins-general.asciidoc[] include::ts-plugins.asciidoc[] include::ts-other-issues.asciidoc[] +include::health-pipeline-status.asciidoc[] diff --git a/logstash-core/build.gradle b/logstash-core/build.gradle index 8cb891418..831f0fefd 100644 --- a/logstash-core/build.gradle +++ b/logstash-core/build.gradle @@ -57,6 +57,7 @@ def versionMap = (Map) (new Yaml()).load(new File("$projectDir/../versions.yml") description = """Logstash Core Java""" +String logstashCoreVersion = versionMap['logstash-core'] String jacksonVersion = versionMap['jackson'] String jacksonDatabindVersion = versionMap['jackson-databind'] String jrubyVersion = versionMap['jruby']['version'] @@ -183,6 +184,23 @@ artifacts { } } +task generateVersionInfoResources(type: DefaultTask) { + ext.outDir = layout.buildDirectory.dir("generated-resources/version-info").get() + + inputs.property("version-info:logstash-core", logstashCoreVersion) + outputs.dir(ext.outDir) + + doLast { + mkdir outDir; + def resourceFile = outDir.file('version-info.properties').asFile + resourceFile.text = "logstash-core: ${logstashCoreVersion}" + } +} +sourceSets { + main { output.dir(generateVersionInfoResources.outputs.files) } +} +processResources.dependsOn generateVersionInfoResources + configurations { provided } diff --git a/logstash-core/lib/logstash/agent.rb b/logstash-core/lib/logstash/agent.rb index 7f99abe22..d1f8e0069 100644 --- a/logstash-core/lib/logstash/agent.rb +++ b/logstash-core/lib/logstash/agent.rb @@ -40,6 +40,8 @@ class LogStash::Agent attr_reader :metric, :name, :settings, :dispatcher, :ephemeral_id, :pipeline_bus attr_accessor :logger + attr_reader :health_observer + # initialize method for LogStash::Agent # @param params [Hash] potential parameters are: # :name [String] - identifier for the agent @@ -51,6 +53,9 @@ class LogStash::Agent @auto_reload = setting("config.reload.automatic") @ephemeral_id = SecureRandom.uuid + java_import("org.logstash.health.HealthObserver") + @health_observer ||= HealthObserver.new + # Mutex to synchronize in the exclusive method # Initial usage for the Ruby pipeline initialization which is not thread safe @webserver_control_lock = Mutex.new @@ -151,6 +156,31 @@ class LogStash::Agent transition_to_stopped end + include org.logstash.health.PipelineIndicator::PipelineDetailsProvider + def pipeline_details(pipeline_id) + logger.trace("fetching pipeline details for `#{pipeline_id}`") + pipeline_id = pipeline_id.to_sym + + java_import org.logstash.health.PipelineIndicator + + pipeline_state = @pipelines_registry.states.get(pipeline_id) + if pipeline_state.nil? + return PipelineIndicator::Details.new(PipelineIndicator::Status::UNKNOWN) + end + + status = pipeline_state.synchronize do |sync_state| + case + when sync_state.loading? then PipelineIndicator::Status::LOADING + when sync_state.crashed? then PipelineIndicator::Status::TERMINATED + when sync_state.running? then PipelineIndicator::Status::RUNNING + when sync_state.finished? then PipelineIndicator::Status::FINISHED + else PipelineIndicator::Status::UNKNOWN + end + end + + return PipelineIndicator::Details.new(status) + end + def auto_reload? @auto_reload end diff --git a/logstash-core/lib/logstash/api/command_factory.rb b/logstash-core/lib/logstash/api/command_factory.rb index 6ed9e5701..0b246f140 100644 --- a/logstash-core/lib/logstash/api/command_factory.rb +++ b/logstash-core/lib/logstash/api/command_factory.rb @@ -18,6 +18,7 @@ require "logstash/api/service" require "logstash/api/commands/system/basicinfo_command" require "logstash/api/commands/system/plugins_command" +require "logstash/api/commands/health_report" require "logstash/api/commands/stats" require "logstash/api/commands/node" require "logstash/api/commands/default_metadata" @@ -34,6 +35,7 @@ module LogStash :plugins_command => ::LogStash::Api::Commands::System::Plugins, :stats => ::LogStash::Api::Commands::Stats, :node => ::LogStash::Api::Commands::Node, + :health_report => ::LogStash::Api::Commands::HealthReport, :default_metadata => ::LogStash::Api::Commands::DefaultMetadata } end diff --git a/logstash-core/lib/logstash/api/commands/default_metadata.rb b/logstash-core/lib/logstash/api/commands/default_metadata.rb index 26f4af313..635e3e5f4 100644 --- a/logstash-core/lib/logstash/api/commands/default_metadata.rb +++ b/logstash-core/lib/logstash/api/commands/default_metadata.rb @@ -22,20 +22,14 @@ module LogStash module Commands class DefaultMetadata < Commands::Base def all - res = {:host => host, - :version => version, - :http_address => http_address, - :id => service.agent.id, - :name => service.agent.name, - :ephemeral_id => service.agent.ephemeral_id, - :status => "green", # This is hard-coded to mirror x-pack behavior - :snapshot => ::BUILD_INFO["build_snapshot"], + res = base_info.merge({ + :status => service.agent.health_observer.status, :pipeline => { :workers => LogStash::SETTINGS.get("pipeline.workers"), :batch_size => LogStash::SETTINGS.get("pipeline.batch.size"), :batch_delay => LogStash::SETTINGS.get("pipeline.batch.delay"), }, - } + }) monitoring = {} if enabled_xpack_monitoring? monitoring = monitoring.merge({ @@ -49,6 +43,18 @@ module LogStash res.merge(monitoring.empty? ? {} : {:monitoring => monitoring}) end + def base_info + { + :host => host, + :version => version, + :http_address => http_address, + :id => service.agent.id, + :name => service.agent.name, + :ephemeral_id => service.agent.ephemeral_id, + :snapshot => ::BUILD_INFO["build_snapshot"], + } + end + def host @@host ||= Socket.gethostname end diff --git a/logstash-core/lib/logstash/api/commands/health_report.rb b/logstash-core/lib/logstash/api/commands/health_report.rb new file mode 100644 index 000000000..d53a313b4 --- /dev/null +++ b/logstash-core/lib/logstash/api/commands/health_report.rb @@ -0,0 +1,31 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require "logstash/api/commands/base" + +module LogStash + module Api + module Commands + class HealthReport < Commands::Base + + def all(selected_fields = []) + service.agent.health_observer.report + end + end + end + end +end \ No newline at end of file diff --git a/logstash-core/lib/logstash/api/modules/health_report.rb b/logstash-core/lib/logstash/api/modules/health_report.rb new file mode 100644 index 000000000..ff5728d94 --- /dev/null +++ b/logstash-core/lib/logstash/api/modules/health_report.rb @@ -0,0 +1,49 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +module LogStash + module Api + module Modules + class HealthReport < ::LogStash::Api::Modules::Base + + get "/" do + payload = health_report.all.then do |health_report_pojo| + # The app_helper needs a ruby-hash. + # Manually creating a map of properties works around the issue. + base_metadata.merge({ + status: health_report_pojo.status, + symptom: health_report_pojo.symptom, + indicators: health_report_pojo.indicators, + }) + end + + respond_with(payload, {exclude_default_metadata: true}) + end + + private + + def health_report + @health_report ||= factory.build(:health_report) + end + + def base_metadata + @factory.build(:default_metadata).base_info + end + end + end + end +end \ No newline at end of file diff --git a/logstash-core/lib/logstash/api/rack_app.rb b/logstash-core/lib/logstash/api/rack_app.rb index c14bdf26a..ee3e409e9 100644 --- a/logstash-core/lib/logstash/api/rack_app.rb +++ b/logstash-core/lib/logstash/api/rack_app.rb @@ -18,6 +18,7 @@ require "rack" require "sinatra/base" require "logstash/api/modules/base" +require "logstash/api/modules/health_report" require "logstash/api/modules/node" require "logstash/api/modules/node_stats" require "logstash/api/modules/plugins" @@ -123,6 +124,7 @@ module LogStash def self.rack_namespaces(agent) { + "/_health_report" => LogStash::Api::Modules::HealthReport, "/_node" => LogStash::Api::Modules::Node, "/_stats" => LogStash::Api::Modules::Stats, "/_node/stats" => LogStash::Api::Modules::NodeStats, diff --git a/logstash-core/lib/logstash/java_pipeline.rb b/logstash-core/lib/logstash/java_pipeline.rb index 9cec566cc..b30d11e2b 100644 --- a/logstash-core/lib/logstash/java_pipeline.rb +++ b/logstash-core/lib/logstash/java_pipeline.rb @@ -65,6 +65,7 @@ module LogStash; class JavaPipeline < AbstractPipeline @flushing = java.util.concurrent.atomic.AtomicBoolean.new(false) @flushRequested = java.util.concurrent.atomic.AtomicBoolean.new(false) @shutdownRequested = java.util.concurrent.atomic.AtomicBoolean.new(false) + @crash_detected = Concurrent::AtomicBoolean.new(false) @outputs_registered = Concurrent::AtomicBoolean.new(false) # @finished_execution signals that the pipeline thread has finished its execution @@ -87,6 +88,10 @@ module LogStash; class JavaPipeline < AbstractPipeline @finished_execution.true? end + def finished_run? + @finished_run.true? + end + def ready? @ready.value end @@ -229,6 +234,10 @@ module LogStash; class JavaPipeline < AbstractPipeline @running.false? end + def crashed? + @crash_detected.true? + end + # register_plugins calls #register_plugin on the plugins list and upon exception will call Plugin#do_close on all registered plugins # @param plugins [Array[Plugin]] the list of plugins to register def register_plugins(plugins) @@ -305,6 +314,7 @@ module LogStash; class JavaPipeline < AbstractPipeline rescue => e # WorkerLoop.run() catches all Java Exception class and re-throws as IllegalStateException with the # original exception as the cause + @crash_detected.make_true @logger.error( "Pipeline worker error, the pipeline will be stopped", default_logging_keys(:error => e.cause.message, :exception => e.cause.class, :backtrace => e.cause.backtrace) @@ -319,6 +329,7 @@ module LogStash; class JavaPipeline < AbstractPipeline begin start_inputs rescue => e + @crash_detected.make_true # if there is any exception in starting inputs, make sure we shutdown workers. # exception will already by logged in start_inputs shutdown_workers diff --git a/logstash-core/lib/logstash/pipeline_action/create.rb b/logstash-core/lib/logstash/pipeline_action/create.rb index ffd097777..6f0fff001 100644 --- a/logstash-core/lib/logstash/pipeline_action/create.rb +++ b/logstash-core/lib/logstash/pipeline_action/create.rb @@ -46,13 +46,21 @@ module LogStash module PipelineAction # The execute assume that the thread safety access of the pipeline # is managed by the caller. def execute(agent, pipelines_registry) + attach_health_indicator(agent) new_pipeline = LogStash::JavaPipeline.new(@pipeline_config, @metric, agent) success = pipelines_registry.create_pipeline(pipeline_id, new_pipeline) do new_pipeline.start # block until the pipeline is correctly started or crashed end + LogStash::ConvergeResult::ActionResult.create(self, success) end + def attach_health_indicator(agent) + health_observer = agent.health_observer + health_observer.detach_pipeline_indicator(pipeline_id) # just in case ... + health_observer.attach_pipeline_indicator(pipeline_id, agent) + end + def to_s "PipelineAction::Create<#{pipeline_id}>" end diff --git a/logstash-core/lib/logstash/pipeline_action/delete.rb b/logstash-core/lib/logstash/pipeline_action/delete.rb index 1a19509ba..c072e70bf 100644 --- a/logstash-core/lib/logstash/pipeline_action/delete.rb +++ b/logstash-core/lib/logstash/pipeline_action/delete.rb @@ -27,10 +27,15 @@ module LogStash module PipelineAction def execute(agent, pipelines_registry) success = pipelines_registry.delete_pipeline(@pipeline_id) + detach_health_indicator(agent) if success LogStash::ConvergeResult::ActionResult.create(self, success) end + def detach_health_indicator(agent) + agent.health_observer.detach_pipeline_indicator(pipeline_id) + end + def to_s "PipelineAction::Delete<#{pipeline_id}>" end diff --git a/logstash-core/lib/logstash/pipeline_action/stop_and_delete.rb b/logstash-core/lib/logstash/pipeline_action/stop_and_delete.rb index c627087ed..4c8e6ded0 100644 --- a/logstash-core/lib/logstash/pipeline_action/stop_and_delete.rb +++ b/logstash-core/lib/logstash/pipeline_action/stop_and_delete.rb @@ -31,10 +31,15 @@ module LogStash module PipelineAction end success = pipelines_registry.delete_pipeline(@pipeline_id) + detach_health_indicator(agent) if success LogStash::ConvergeResult::ActionResult.create(self, success) end + def detach_health_indicator(agent) + agent.health_observer.detach_pipeline_indicator(pipeline_id) + end + def to_s "PipelineAction::StopAndDelete<#{pipeline_id}>" end diff --git a/logstash-core/lib/logstash/pipelines_registry.rb b/logstash-core/lib/logstash/pipelines_registry.rb index 3810201e8..375200347 100644 --- a/logstash-core/lib/logstash/pipelines_registry.rb +++ b/logstash-core/lib/logstash/pipelines_registry.rb @@ -28,6 +28,7 @@ module LogStash @lock = Monitor.new end + # a terminated pipeline has either crashed OR finished normally def terminated? @lock.synchronize do # a loading pipeline is never considered terminated @@ -35,6 +36,20 @@ module LogStash end end + # a finished pipeline finished _normally_ without exception + def finished? + @lock.synchronize do + # a loading pipeline is never considered terminated + @loading.false? && @pipeline.finished_run? + end + end + + def crashed? + @lock.synchronize do + @pipeline&.crashed? + end + end + def running? @lock.synchronize do # not terminated and not loading @@ -104,6 +119,7 @@ module LogStash end end + def empty? @lock.synchronize do @states.empty? diff --git a/logstash-core/spec/logstash/java_pipeline_spec.rb b/logstash-core/spec/logstash/java_pipeline_spec.rb index 24bcb3adc..c64d92754 100644 --- a/logstash-core/spec/logstash/java_pipeline_spec.rb +++ b/logstash-core/spec/logstash/java_pipeline_spec.rb @@ -587,6 +587,7 @@ describe LogStash::JavaPipeline do # wait until there is no more worker thread since we have a single worker that should have died wait(5).for {subject.worker_threads.any?(&:alive?)}.to be_falsey + expect(subject.crashed?).to be true # at this point the input plugin should have been asked to stop wait(5).for {dummyinput.stop?}.to be_truthy @@ -614,6 +615,7 @@ describe LogStash::JavaPipeline do # wait until there is no more worker thread since we have a single worker that should have died wait(5).for {subject.worker_threads.any?(&:alive?)}.to be_falsey + expect(subject.crashed?).to be true # at this point the input plugin should have been asked to stop wait(5).for {dummyinput.stop?}.to be_truthy @@ -779,6 +781,7 @@ describe LogStash::JavaPipeline do expect(input).to receive(:do_close).once pipeline.start pipeline.shutdown + expect(pipeline.crashed?).to be false end end end diff --git a/logstash-core/spec/logstash/pipeline_action/create_spec.rb b/logstash-core/spec/logstash/pipeline_action/create_spec.rb index 16cabacb0..553576b54 100644 --- a/logstash-core/spec/logstash/pipeline_action/create_spec.rb +++ b/logstash-core/spec/logstash/pipeline_action/create_spec.rb @@ -30,6 +30,7 @@ describe LogStash::PipelineAction::Create do before do clear_data_dir + allow(agent).to receive(:health_observer).and_return(double("HealthObserver").as_null_object) end subject { described_class.new(pipeline_config, metric) } @@ -66,6 +67,11 @@ describe LogStash::PipelineAction::Create do it "returns a successful execution status" do expect(subject.execute(agent, pipelines)).to be_truthy end + + it "attached an indicator to the agent's health observer" do + expect(agent.health_observer).to receive(:attach_pipeline_indicator).with(:main, agent) + subject.execute(agent, pipelines) + end end context "when the pipeline doesn't start" do diff --git a/logstash-core/spec/logstash/pipeline_action/delete_spec.rb b/logstash-core/spec/logstash/pipeline_action/delete_spec.rb new file mode 100644 index 000000000..73193389a --- /dev/null +++ b/logstash-core/spec/logstash/pipeline_action/delete_spec.rb @@ -0,0 +1,78 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require "spec_helper" +require_relative "../../support/helpers" +require_relative "../../support/matchers" +require "logstash/pipelines_registry" +require "logstash/pipeline_action/delete" +require "logstash/inputs/generator" + + +describe LogStash::PipelineAction::Delete do + let(:pipeline_config) { "input { dummyblockinginput {} } output { null {} }" } + let(:pipeline_id) { :main } + let(:pipeline) { mock_java_pipeline_from_string(pipeline_config) } + let(:pipelines) do + LogStash::PipelinesRegistry.new.tap do |chm| + chm.create_pipeline(pipeline_id, pipeline) { true } + end + end + let(:agent) { double("agent") } + + subject { described_class.new(pipeline_id) } + + before do + clear_data_dir + allow(agent).to receive(:health_observer).and_return(double("HealthObserver").as_null_object) + pipeline.start + end + + after do + pipeline.shutdown + end + + it "returns the pipeline_id" do + expect(subject.pipeline_id).to eq(:main) + end + + context "when the pipeline is still running" do + + it 'fails to delete the pipeline' do + action_result = subject.execute(agent, pipelines) + expect(action_result).to_not be_successful + + expect(pipelines.get_pipeline(pipeline_id)).to_not be_nil + end + end + + context "when the pipeline has completed" do + let(:pipeline_config) { "input { generator { count => 1 } } output { null {} }"} + + before(:each) do + sleep(0.1) until pipelines.non_running_pipelines.keys.include?(pipeline_id) + end + + it 'deletes the pipeline' do + action_result = subject.execute(agent, pipelines) + expect(action_result).to be_successful + + expect(pipelines.get_pipeline(pipeline_id)).to be_nil + expect(agent.health_observer).to have_received(:detach_pipeline_indicator).with(pipeline_id) + end + end +end \ No newline at end of file diff --git a/logstash-core/spec/logstash/pipeline_action/stop_and_delete_spec.rb b/logstash-core/spec/logstash/pipeline_action/stop_and_delete_spec.rb new file mode 100644 index 000000000..a32ed5eb0 --- /dev/null +++ b/logstash-core/spec/logstash/pipeline_action/stop_and_delete_spec.rb @@ -0,0 +1,79 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require "spec_helper" +require_relative "../../support/helpers" +require_relative "../../support/matchers" +require "logstash/pipelines_registry" +require "logstash/pipeline_action/delete" +require "logstash/inputs/generator" + + +describe LogStash::PipelineAction::StopAndDelete do + let(:pipeline_config) { "input { dummyblockinginput {} } output { null {} }" } + let(:pipeline_id) { :main } + let(:pipeline) { mock_java_pipeline_from_string(pipeline_config) } + let(:pipelines) do + LogStash::PipelinesRegistry.new.tap do |chm| + chm.create_pipeline(pipeline_id, pipeline) { true } + end + end + let(:agent) { double("agent") } + + subject { described_class.new(pipeline_id) } + + before do + clear_data_dir + allow(agent).to receive(:health_observer).and_return(double("HealthObserver").as_null_object) + pipeline.start + end + + after do + pipeline.shutdown + end + + it "returns the pipeline_id" do + expect(subject.pipeline_id).to eq(:main) + end + + context "when the pipeline is still running" do + it 'stops and deletes the pipeline' do + action_result = subject.execute(agent, pipelines) + expect(action_result).to be_successful + + expect(pipelines.get_pipeline(pipeline_id)).to be_nil + expect(agent.health_observer).to have_received(:detach_pipeline_indicator).with(pipeline_id) + end + end + + context "when the pipeline has completed" do + let(:pipeline_config) { "input { generator { count => 1 } } output { null {} }"} + + before(:each) do + sleep(0.1) until pipelines.non_running_pipelines.keys.include?(pipeline_id) + end + + it 'deletes the pipeline' do + action_result = subject.execute(agent, pipelines) + expect(action_result).to be_successful + + expect(pipelines.get_pipeline(pipeline_id)).to be_nil + + expect(agent.health_observer).to have_received(:detach_pipeline_indicator).with(pipeline_id) + end + end +end \ No newline at end of file diff --git a/logstash-core/spec/logstash/webserver_spec.rb b/logstash-core/spec/logstash/webserver_spec.rb index 50c90911e..e766be329 100644 --- a/logstash-core/spec/logstash/webserver_spec.rb +++ b/logstash-core/spec/logstash/webserver_spec.rb @@ -55,7 +55,13 @@ describe LogStash::WebServer do end let(:logger) { LogStash::Logging::Logger.new("testing") } - let(:agent) { OpenStruct.new({:webserver => webserver_block, :http_address => "127.0.0.1", :id => "myid", :name => "myname"}) } + let(:agent) { OpenStruct.new({ + webserver: webserver_block, + http_address: "127.0.0.1", + id: "myid", + name: "myname", + health_observer: org.logstash.health.HealthObserver.new, + }) } let(:webserver_block) { OpenStruct.new({}) } subject(:webserver) { LogStash::WebServer.new(logger, agent, webserver_options) } diff --git a/logstash-core/src/main/java/org/logstash/Logstash.java b/logstash-core/src/main/java/org/logstash/Logstash.java index eb9c823f3..04ce1b182 100644 --- a/logstash-core/src/main/java/org/logstash/Logstash.java +++ b/logstash-core/src/main/java/org/logstash/Logstash.java @@ -26,6 +26,7 @@ import java.io.InputStream; import java.io.PrintStream; import java.nio.file.Path; import java.nio.file.Paths; +import java.util.Properties; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -45,6 +46,25 @@ import javax.annotation.Nullable; */ public final class Logstash implements Runnable, AutoCloseable { + public static final String VERSION_FULL; + public static final String VERSION_MAJOR; + public static final String VERSION_MINOR; + public static final String VERSION_PATCH; + + static { + final Properties properties = new Properties(); + try { + properties.load(Logstash.class.getResourceAsStream("/version-info.properties")); + VERSION_FULL = properties.getProperty("logstash-core"); + final String[] versions = VERSION_FULL.split("\\."); + VERSION_MAJOR = versions[0]; + VERSION_MINOR = versions[1]; + VERSION_PATCH = versions[2]; + } catch (IOException e) { + throw new RuntimeException(e); + } + } + private static final Logger LOGGER = LogManager.getLogger(Logstash.class); /** diff --git a/logstash-core/src/main/java/org/logstash/ext/JrubyWrappedSynchronousQueueExt.java b/logstash-core/src/main/java/org/logstash/ext/JrubyWrappedSynchronousQueueExt.java index e905d922c..dbbfb97de 100644 --- a/logstash-core/src/main/java/org/logstash/ext/JrubyWrappedSynchronousQueueExt.java +++ b/logstash-core/src/main/java/org/logstash/ext/JrubyWrappedSynchronousQueueExt.java @@ -22,6 +22,7 @@ package org.logstash.ext; import java.util.concurrent.ArrayBlockingQueue; import java.util.concurrent.BlockingQueue; + import org.jruby.Ruby; import org.jruby.RubyClass; import org.jruby.RubyNumeric; diff --git a/logstash-core/src/main/java/org/logstash/health/ApiHealthReport.java b/logstash-core/src/main/java/org/logstash/health/ApiHealthReport.java new file mode 100644 index 000000000..d2d1cbf68 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/ApiHealthReport.java @@ -0,0 +1,60 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; + +import java.io.IOException; +import java.util.Map; + +@JsonSerialize(using = ApiHealthReport.JsonSerializer.class) +public class ApiHealthReport { + private final MultiIndicator.Report delegate; + + public ApiHealthReport(final MultiIndicator.Report delegate) { + this.delegate = delegate; + } + + public Status getStatus() { + return delegate.status(); + } + + public String getSymptom() { + return delegate.symptom(); + } + + public Map getIndicators() { + return delegate.indicators(); + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(final ApiHealthReport apiHealthReport, + final JsonGenerator jsonGenerator, + final SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + jsonGenerator.writeObjectField("status", apiHealthReport.getStatus()); + jsonGenerator.writeObjectField("symptom", apiHealthReport.getSymptom()); + jsonGenerator.writeObjectField("indicators", apiHealthReport.getIndicators()); + jsonGenerator.writeEndObject(); + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/Diagnosis.java b/logstash-core/src/main/java/org/logstash/health/Diagnosis.java new file mode 100644 index 000000000..7e64f5556 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/Diagnosis.java @@ -0,0 +1,113 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; + +import java.io.IOException; +import java.util.Objects; +import java.util.function.UnaryOperator; + +@JsonSerialize(using = Diagnosis.JsonSerializer.class) +public final class Diagnosis { + public final String id; + public final String cause; + public final String action; + public final String helpUrl; + + private Diagnosis(final Builder builder) { + this.id = builder.id; + this.cause = builder.cause; + this.action = builder.action; + this.helpUrl = builder.helpUrl; + } + + static Builder builder() { + return new Builder(); + } + + public static class Builder { + private final String id; + private final String cause; + private final String action; + private final String helpUrl; + + public Builder() { + this(null, null, null, null); + } + + Builder(final String id, + final String cause, + final String action, + final String helpUrl) { + this.id = id; + this.cause = cause; + this.action = action; + this.helpUrl = helpUrl; + } + + public Builder withId(final String id) { + if (Objects.equals(id, this.id)) { + return this; + } + return new Builder(id, cause, action, helpUrl); + } + + public Builder withCause(final String cause) { + if (Objects.equals(cause, this.cause)) { + return this; + } + return new Builder(id, cause, action, helpUrl); + } + public Builder withAction(final String action) { + if (Objects.equals(action, this.action)) { + return this; + } + return new Builder(id, cause, action, helpUrl); + } + public Builder withHelpUrl(final String helpUrl) { + if (Objects.equals(helpUrl, this.helpUrl)) { + return this; + } + return new Builder(id, cause, action, helpUrl); + } + public Builder transform(final UnaryOperator configurator) { + return configurator.apply(this); + } + public synchronized Diagnosis build() { + return new Diagnosis(this); + } + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(Diagnosis diagnosis, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + if (diagnosis.id != null) { + jsonGenerator.writeStringField("id", diagnosis.id); + } + jsonGenerator.writeStringField("cause", diagnosis.cause); + jsonGenerator.writeStringField("action", diagnosis.action); + jsonGenerator.writeStringField("help_url", diagnosis.helpUrl); + jsonGenerator.writeEndObject(); + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/HealthObserver.java b/logstash-core/src/main/java/org/logstash/health/HealthObserver.java new file mode 100644 index 000000000..63a461a74 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/HealthObserver.java @@ -0,0 +1,64 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +public class HealthObserver { + + private static final Logger LOGGER = LogManager.getLogger(); + + private final MultiIndicator rootIndicator = new MultiIndicator(); + private final MultiIndicator pipelinesIndicator = new MultiIndicator(); + + public HealthObserver() { + this.rootIndicator.attachIndicator("pipelines", this.pipelinesIndicator); + } + + public final Status getStatus() { + return getReport().getStatus(); + } + + public MultiIndicator getIndicator() { + return this.rootIndicator; + } + + public ApiHealthReport getReport() { + return new ApiHealthReport(this.rootIndicator.report()); + } + + public void attachPipelineIndicator(final String pipelineId, final PipelineIndicator.PipelineDetailsProvider detailsProvider) { + try { + this.pipelinesIndicator.attachIndicator(pipelineId, PipelineIndicator.forPipeline(pipelineId, detailsProvider)); + LOGGER.debug(String.format("attached pipeline indicator [%s]", pipelineId)); + } catch (final Exception e) { + LOGGER.warn(String.format("failed to attach pipeline indicator [%s]", pipelineId), e); + } + } + + public void detachPipelineIndicator(final String pipelineId) { + try { + this.pipelinesIndicator.detachIndicator(pipelineId, null); + LOGGER.debug(String.format("detached pipeline indicator [%s]", pipelineId)); + } catch (final Exception e) { + LOGGER.warn(String.format("failed to detach pipeline indicator [%s]", pipelineId), e); + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/HelpUrl.java b/logstash-core/src/main/java/org/logstash/health/HelpUrl.java new file mode 100644 index 000000000..db2586765 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/HelpUrl.java @@ -0,0 +1,68 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import org.logstash.Logstash; + +import java.util.Objects; + +public class HelpUrl { + static final String BASE_URL; + static { + final String versionAnchor; + if (Integer.parseInt(Logstash.VERSION_MAJOR) >= 9) { + versionAnchor = "master"; + } else { + versionAnchor = String.format("%s.%s", Logstash.VERSION_MAJOR, Logstash.VERSION_MINOR); + } + BASE_URL = String.format("https://www.elastic.co/guide/en/logstash/%s/", versionAnchor); + } + + public HelpUrl(final String page) { + this(page, null); + } + + public HelpUrl withAnchor(final String anchor) { + return new HelpUrl(this.page, anchor); + } + + private HelpUrl(final String page, final String anchor) { + Objects.requireNonNull(page, "page cannot be null"); + this.page = page; + this.anchor = anchor; + } + + private final String page; + private final String anchor; + + private transient String resolved; + + @Override + public String toString() { + if (resolved == null) { + final StringBuilder sb = new StringBuilder(BASE_URL); + sb.append(page).append(".html"); + if (anchor != null) { + sb.append("#").append(anchor); + } + resolved = sb.toString(); + } + return resolved; + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/Impact.java b/logstash-core/src/main/java/org/logstash/health/Impact.java new file mode 100644 index 000000000..3ccda5de2 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/Impact.java @@ -0,0 +1,111 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; + +import java.io.IOException; +import java.util.*; +import java.util.function.UnaryOperator; + +@JsonSerialize(using=Impact.JsonSerializer.class) +public final class Impact { + public final String id; + public final int severity; + public final String description; + public final Set impactAreas; + + public Impact(final Builder builder) { + this.id = builder.id; + this.severity = Objects.requireNonNullElse(builder.severity, 0); + this.description = builder.description; + this.impactAreas = Set.copyOf(builder.impactAreas); + } + + static Builder builder() { + return new Builder(); + } + + public static class Builder { + private String id; + private Integer severity; + private String description; + private Set impactAreas; + + public Builder() { + this.impactAreas = Set.of(); + } + + private Builder(String id, Integer severity, String description, Set impactAreas) { + this.id = id; + this.severity = severity; + this.description = description; + this.impactAreas = Set.copyOf(impactAreas); + } + + public synchronized Builder withId(final String id) { + return new Builder(id, severity, description, impactAreas); + } + + public synchronized Builder withSeverity(int severity) { + return new Builder(id, severity, description, impactAreas); + } + + public synchronized Builder withDescription(String description) { + return new Builder(id, severity, description, impactAreas); + } + + public synchronized Builder withAdditionalImpactArea(ImpactArea impactArea) { + final Set mergedImpactAreas = new HashSet<>(impactAreas); + if (!mergedImpactAreas.add(impactArea)) { + return this; + } else { + return this.withImpactAreas(mergedImpactAreas); + } + } + + public synchronized Builder withImpactAreas(Collection impactAreas) { + return new Builder(id, severity, description, Set.copyOf(impactAreas)); + } + + public synchronized Builder transform(final UnaryOperator configurator) { + return configurator.apply(this); + } + + public synchronized Impact build() { + return new Impact(this); + } + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(Impact impact, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + if (impact.id != null) { + jsonGenerator.writeStringField("id", impact.id); + } + jsonGenerator.writeNumberField("severity", impact.severity); + jsonGenerator.writeStringField("description", impact.description); + jsonGenerator.writeObjectField("impact_areas", impact.impactAreas); + jsonGenerator.writeEndObject(); + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/ImpactArea.java b/logstash-core/src/main/java/org/logstash/health/ImpactArea.java new file mode 100644 index 000000000..94679c79a --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/ImpactArea.java @@ -0,0 +1,43 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.annotation.JsonValue; + +import java.util.Objects; + +public enum ImpactArea { + PIPELINE_EXECUTION, + ; + + private final String externalValue; + + ImpactArea(final String externalValue) { + this.externalValue = Objects.requireNonNullElseGet(externalValue, () -> name().toLowerCase()); + } + + ImpactArea() { + this(null); + } + + @JsonValue + public String externalValue() { + return this.externalValue; + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/Indicator.java b/logstash-core/src/main/java/org/logstash/health/Indicator.java new file mode 100644 index 000000000..df646e135 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/Indicator.java @@ -0,0 +1,31 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +public interface Indicator { + REPORT report(ReportContext reportContext); + + default REPORT report() { + return report(ReportContext.EMPTY); + } + + interface Report { + Status status(); + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/MultiIndicator.java b/logstash-core/src/main/java/org/logstash/health/MultiIndicator.java new file mode 100644 index 000000000..d0699f768 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/MultiIndicator.java @@ -0,0 +1,164 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import java.io.IOException; +import java.util.*; +import java.util.concurrent.ConcurrentHashMap; + +/** + * A {@code MultiIndicator} is an {@link Indicator} that combines multiple sub-{@link Indicator}s and produces a + * summarized {@link Report}. + */ +public class MultiIndicator implements Indicator { + private static final Logger LOGGER = LogManager.getLogger(); + + private final Map> indicators = new ConcurrentHashMap<>(); + + public void attachIndicator(final String name, + final Indicator indicatorToAttach) { + final Indicator existing = indicators.putIfAbsent(name, indicatorToAttach); + if (Objects.nonNull(existing) && !Objects.equals(existing, indicatorToAttach)) { + throw new IllegalArgumentException(String.format("Cannot attach indicator %s (%s) because a different one of the same name is already attached (%s).", name, indicatorToAttach, existing)); + } + LOGGER.debug("attached indicator {}=>{} (res:{})", name, indicatorToAttach, this); + } + + public void detachIndicator(final String name, + final Indicator indicatorToDetach) { + final Indicator remaining = indicators.computeIfPresent(name, (key, existing) -> Objects.isNull(indicatorToDetach) || Objects.equals(indicatorToDetach, existing) ? null : existing); + if (Objects.nonNull(remaining)) { + throw new IllegalArgumentException("Cannot detach indicator " + name + " because a different one of the same name is attached."); + } + LOGGER.debug("detached indicator {}<={} (res:{})", name, indicatorToDetach, this); + } + + public > Optional getIndicator(final String name, + final Class indicatorClass) { + return getIndicator(name).map(indicatorClass::cast); + } + + public Optional> getIndicator(final String name) { + return Optional.ofNullable(indicators.get(name)); + } + + @Override + public Report report(final ReportContext reportContext) { + LOGGER.debug("report starting with indicators {} for {}", this.indicators, reportContext); + final Status.Holder combinedStatus = new Status.Holder(); + + final Map reports = new HashMap<>(); + final Map> indicatorNamesByStatus = new HashMap<>(); + + this.indicators.forEach((indicatorName, indicator) -> { + if (reportContext.isMuted(indicatorName)) { + LOGGER.trace("sub-indicator {} is muted for {}", indicatorName, reportContext); + } else { + reportContext.descend(indicatorName, (scopedContext) -> { + final Indicator.Report report = indicator.report(scopedContext); + + combinedStatus.reduce(report.status()); + reports.put(indicatorName, report); + indicatorNamesByStatus.computeIfAbsent(report.status(), k -> new HashSet<>()).add(indicatorName); + }); + } + }); + + final StringBuilder symptom = new StringBuilder(); + // to highlight indicators by most-degraded status, we summarize in reverse-order + final List summaryByStatus = new ArrayList<>(indicatorNamesByStatus.size()); + for (int i = Status.values().length - 1; i >= 0; i--) { + final Status summarizingStatus = Status.values()[i]; + if (indicatorNamesByStatus.containsKey(summarizingStatus)) { + final Set indicatorNames = indicatorNamesByStatus.get(summarizingStatus); + summaryByStatus.add(String.format("%s "+(indicatorNames.size()==1 ? "indicator is" : "indicators are")+" %s (`%s`)", + indicatorNames.size(), + summarizingStatus.descriptiveValue(), + String.join("`, `", indicatorNames))); + } + } + if (summaryByStatus.isEmpty()) { + symptom.append("no indicators"); + } else if (summaryByStatus.size() == 1) { + symptom.append(summaryByStatus.get(0)); + } else if (summaryByStatus.size() == 2) { + symptom.append(summaryByStatus.get(0)).append(" and ").append(summaryByStatus.get(1)); + } else { + final int lastIndex = summaryByStatus.size() - 1; + symptom.append(String.join(", ", summaryByStatus.subList(0, lastIndex))) + .append(", and ").append(summaryByStatus.get(lastIndex)); + } + + return new Report(combinedStatus.value(), symptom.toString(), reports); + } + + @Override + public String toString() { + return "MultiIndicator{" + + "indicators=" + indicators + + '}'; + } + + @JsonSerialize(using=Report.JsonSerializer.class) + public static class Report implements Indicator.Report { + private final Status status; + private final String symptom; + private final Map indicators; + + Report(final Status status, + final String symptom, + final Map indicators) { + this.status = status; + this.symptom = symptom; + this.indicators = Map.copyOf(indicators); + } + + @Override + public Status status() { + return this.status; + } + + public String symptom() { + return this.symptom; + } + + public Map indicators() { + return this.indicators; + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(final Report report, + final JsonGenerator jsonGenerator, + final SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + jsonGenerator.writeObjectField("status", report.status()); + jsonGenerator.writeStringField("symptom", report.symptom); + jsonGenerator.writeObjectField("indicators", report.indicators()); + jsonGenerator.writeEndObject(); + } + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java b/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java new file mode 100644 index 000000000..3f6821fec --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java @@ -0,0 +1,195 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; + +import java.io.IOException; +import java.util.Objects; + +import static org.logstash.health.Status.*; + +/** + * A {@code PipelineIndicator} is a specialized {@link ProbeIndicator} that is meant for assessing the health of + * an individual pipeline. + */ +public class PipelineIndicator extends ProbeIndicator { + + public static PipelineIndicator forPipeline(final String pipelineId, + final PipelineDetailsProvider pipelineDetailsProvider) { + PipelineIndicator pipelineIndicator = new PipelineIndicator(new DetailsSupplier(pipelineId, pipelineDetailsProvider)); + pipelineIndicator.attachProbe("status", new StatusProbe()); + return pipelineIndicator; + } + + private PipelineIndicator(final DetailsSupplier detailsSupplier) { + super("pipeline", detailsSupplier::get); + } + + @JsonSerialize(using = Status.JsonSerializer.class) + public static class Status { + public enum State { + UNKNOWN, + LOADING, + RUNNING, + FINISHED, + TERMINATED, + } + + public static final Status UNKNOWN = new Status(State.UNKNOWN); + public static final Status LOADING = new Status(State.LOADING); + public static final Status RUNNING = new Status(State.RUNNING); + public static final Status FINISHED = new Status(State.FINISHED); + public static final Status TERMINATED = new Status(State.TERMINATED); + + private final State state; + public Status(final State state) { + this.state = state; + } + public State getState() { + return state; + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(Status value, JsonGenerator gen, SerializerProvider serializers) throws IOException { + gen.writeStartObject(); + gen.writeStringField("state", value.getState().toString()); + gen.writeEndObject(); + } + } + } + + @JsonSerialize(using = Details.JsonSerializer.class) + public static class Details implements Observation { + private final Status status; + + public Details(final Status status) { + this.status = Objects.requireNonNull(status, "status cannot be null"); + } + public Status getStatus() { + return this.status; + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer

{ + @Override + public void serialize(final Details details, + final JsonGenerator jsonGenerator, + final SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + jsonGenerator.writeObjectField("status", details.getStatus()); + jsonGenerator.writeEndObject(); + } + } + } + + /** + * This interface is implemented by the ruby-Agent + */ + @FunctionalInterface + public interface PipelineDetailsProvider { + Details pipelineDetails(final String pipelineId); + } + + public static class DetailsSupplier { + private final String pipelineId; + private final PipelineDetailsProvider pipelineDetailsProvider; + DetailsSupplier(final String pipelineId, + final PipelineDetailsProvider pipelineDetailsProvider) { + this.pipelineId = pipelineId; + this.pipelineDetailsProvider = pipelineDetailsProvider; + } + + public Details get() { + return this.pipelineDetailsProvider.pipelineDetails(pipelineId); + } + } + + static class StatusProbe implements Probe
{ + static final Impact.Builder NOT_PROCESSING = Impact.builder() + .withId(impactId("not_processing")) + .withDescription("the pipeline is not currently processing") + .withAdditionalImpactArea(ImpactArea.PIPELINE_EXECUTION); + + static final HelpUrl HELP_URL = new HelpUrl("health-report-pipeline-status"); + + @Override + public Analysis analyze(final Details details) { + switch (details.getStatus().getState()) { + case LOADING: + return Analysis.builder() + .withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("loading")) + .withCause("pipeline is loading") + .withAction("if pipeline does not come up quickly, you may need to check the logs to see if it is stalled") + .withHelpUrl(HELP_URL.withAnchor("loading").toString())) + .withImpact(NOT_PROCESSING.withSeverity(1).withDescription("pipeline is loading").build()) + .build(); + case RUNNING: + return Analysis.builder() + .withStatus(GREEN) + .build(); + case FINISHED: + return Analysis.builder() + .withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("finished")) + .withCause("pipeline has finished running because its inputs have been closed and events have been processed") + .withAction("if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events") + .withHelpUrl(HELP_URL.withAnchor("finished").toString())) + .withImpact(NOT_PROCESSING.withSeverity(10).withDescription("pipeline has finished running").build()) + .build(); + case TERMINATED: + return Analysis.builder() + .withStatus(RED) + .withDiagnosis(db -> db + .withId(diagnosisId("terminated")) + .withCause("pipeline is not running, likely because it has encountered an error") + .withAction("view logs to determine the cause of abnormal pipeline shutdown") + .withHelpUrl(HELP_URL.withAnchor("terminated").toString())) + .withImpact(NOT_PROCESSING.withSeverity(1).build()) + .build(); + case UNKNOWN: + default: + return Analysis.builder() + .withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("unknown")) + .withCause("pipeline is not known; it may have been recently deleted or failed to start") + .withAction("view logs to determine if the pipeline failed to start") + .withHelpUrl(HELP_URL.withAnchor("unknown").toString())) + .withImpact(NOT_PROCESSING.withSeverity(2).build()) + .build(); + } + } + + static String diagnosisId(final String state) { + return String.format("logstash:health:pipeline:status:diagnosis:%s", state); + } + + static String impactId(final String state) { + return String.format("logstash:health:pipeline:status:impact:%s", state); + } + + + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/Probe.java b/logstash-core/src/main/java/org/logstash/health/Probe.java new file mode 100644 index 000000000..ec9cf71d2 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/Probe.java @@ -0,0 +1,93 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import java.util.Objects; +import java.util.function.UnaryOperator; + +public interface Probe { + Analysis analyze(OBSERVATION observation); + + final class Analysis { + public final Status status; + public final Diagnosis diagnosis; + public final Impact impact; + + Analysis(final Builder builder) { + this.status = builder.status; + this.diagnosis = builder.diagnosis; + this.impact = builder.impact; + } + + public static Builder builder() { + return new Builder(); + } + + public static class Builder { + private final Status status; + private final Diagnosis diagnosis; + private final Impact impact; + + public Builder() { + this(Status.UNKNOWN, null, null); + } + + public Builder(final Status status, + final Diagnosis diagnosis, + final Impact impact) { + this.status = status; + this.diagnosis = diagnosis; + this.impact = impact; + } + + public Builder withStatus(final Status status) { + if (Objects.equals(this.status, status)) { + return this; + } + return new Builder(status, this.diagnosis, this.impact); + } + + public Builder withDiagnosis(final Diagnosis diagnosis) { + if (Objects.equals(this.diagnosis, diagnosis)) { + return this; + } + return new Builder(status, diagnosis, impact); + } + + public Builder withDiagnosis(final UnaryOperator diagnosisConfigurator) { + return this.withDiagnosis(Diagnosis.builder().transform(diagnosisConfigurator).build()); + } + + public synchronized Builder withImpact(final Impact impact) { + if (Objects.equals(this.impact, impact)) { + return this; + } + return new Builder(status, this.diagnosis, impact); + } + + public Builder withImpact(final UnaryOperator impactConfigurator) { + return this.withImpact(Impact.builder().transform(impactConfigurator).build()); + } + + public synchronized Analysis build() { + return new Analysis(this); + } + } + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/ProbeIndicator.java b/logstash-core/src/main/java/org/logstash/health/ProbeIndicator.java new file mode 100644 index 000000000..ddb4fce6c --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/ProbeIndicator.java @@ -0,0 +1,205 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; +import java.util.function.Supplier; + +/** + * A {@code ProbeIndicator} is an {@link Indicator} that has one or more {@link Probe}s attached, and can be used + * to produce a {@link Report}. + */ +public class ProbeIndicator implements Indicator> { + private static final Logger LOGGER = LogManager.getLogger(); + + // Marker Interface + public interface Observation {} + + @FunctionalInterface + public interface Observer extends Supplier {} + + private final String subject; + private final Observer observer; + + private final Map> probes = new ConcurrentHashMap<>(); + + public ProbeIndicator(final String subject, + final Observer observer, + final Map> probes) { + this(subject, observer); + probes.forEach(this::attachProbe); + } + + public ProbeIndicator(final String subject, + final Observer observer) { + this.subject = subject; + this.observer = observer; + } + + public final void attachProbe(final String name, + final Probe probeToAttach) { + final Probe existing = probes.putIfAbsent(name, probeToAttach); + if (Objects.nonNull(existing) && !Objects.equals(existing, probeToAttach)) { + throw new IllegalArgumentException("Cannot attach probe " + name + " because a different one of the same name is already attached."); + } + } + + public final void detachProbe(final String name, + final Probe probeToDetach) { + Probe remaining = probes.computeIfPresent(name, (key, existing) -> Objects.equals(probeToDetach, existing) ? null : existing); + if (Objects.nonNull(remaining)) { + throw new IllegalArgumentException("Cannot detach probe " + name + " because a different one of the same name is attached."); + } + } + + public final void detachProbe(final String name) { + probes.remove(name); + } + + Probe getProbe(final String name) { + return probes.get(name); + } + + @Override + public Report report(final ReportContext reportContext) { + + LOGGER.debug("report starting with {} probes {}", this.probes.keySet(), reportContext); + final OBSERVATION observation = observer.get(); + + final Status.Holder combinedStatus = new Status.Holder(); + final List diagnoses = new ArrayList<>(); + final List impacts = new ArrayList<>(); + final Set distinctImpactAreas = new HashSet<>(); + + for (Map.Entry> probeEntry : this.probes.entrySet()) { + final String probeName = probeEntry.getKey(); + final Probe.Analysis probeAnalysis = probeEntry.getValue().analyze(observation); + LOGGER.trace("probe {}: {}", probeName, probeAnalysis); + + if (reportContext.isMuted(probeName)) { + LOGGER.trace("probe {} is muted", probeName); + } else { + combinedStatus.reduce(probeAnalysis.status); + Optional.ofNullable(probeAnalysis.diagnosis) + .ifPresent(diagnoses::add); + Optional.ofNullable(probeAnalysis.impact) + .filter(impacts::add) + .map(impact -> impact.impactAreas) + .ifPresent(distinctImpactAreas::addAll); + } + } + + final Status status = combinedStatus.value(); + final StringBuilder symptomBuilder = new StringBuilder(); + symptomBuilder.append(String.format("The %s is %s", this.subject, status.descriptiveValue())); + if (distinctImpactAreas.size() + diagnoses.size() > 0) { + symptomBuilder.append("; ") + .append(String.format(distinctImpactAreas.size() == 1 ? "%s area is impacted" : "%s areas are impacted", distinctImpactAreas.size())) + .append(" and ") + .append(String.format(diagnoses.size() == 1 ? "%s diagnosis is available" : "%s diagnoses are available", diagnoses.size())); + } + final String symptom = symptomBuilder.toString(); + + return new Report<>(status, observation, symptom, diagnoses, impacts); + } + + @Override + public String toString() { + return "ProbeIndicator{" + + "observer=" + observer + + ", probes=" + probes + + '}'; + } + + @JsonSerialize(using=Report.JsonSerializer.class) + public static class Report
implements Indicator.Report { + private final Status status; + private final DETAILS details; + private final String symptom; + private final List diagnosis; + + private final List impacts; + + public Report(final Status status, + final DETAILS details, + final String symptom, + final List diagnosis, + final List impacts) { + this.status = status; + this.details = details; + this.symptom = symptom; + this.diagnosis = List.copyOf(diagnosis); + this.impacts = List.copyOf(impacts); + } + public Status status() { + return status; + } + public DETAILS details() { + return details; + } + public String symptom() { + return symptom; + } + public List diagnosis() { + return diagnosis; + } + public List impacts() { + return impacts; + } + + public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer> { + @Override + public void serialize(final Report report, + final JsonGenerator jsonGenerator, + final SerializerProvider serializerProvider) throws IOException { + jsonGenerator.writeStartObject(); + + jsonGenerator.writeObjectField("status", report.status); + jsonGenerator.writeStringField("symptom", report.symptom); + + if (Objects.nonNull(report.diagnosis) && !report.diagnosis.isEmpty()) { + jsonGenerator.writeObjectField("diagnosis", report.diagnosis); + } + + if (Objects.nonNull(report.impacts) && !report.impacts.isEmpty()) { + jsonGenerator.writeObjectField("impacts", report.impacts); + } + + jsonGenerator.writeObjectField("details", report.details); + + jsonGenerator.writeEndObject(); + } + } + + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/ReportContext.java b/logstash-core/src/main/java/org/logstash/health/ReportContext.java new file mode 100644 index 000000000..9dc2970fc --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/ReportContext.java @@ -0,0 +1,58 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import java.util.ArrayList; +import java.util.List; +import java.util.function.Consumer; + +/** + * A {@code ReportContext} is used when building an {@link Indicator.Report} to provide contextual configuration + * for a specific {@link Indicator} that is being reported on. + */ +public class ReportContext { + private final List path; + + public static final ReportContext EMPTY = new ReportContext(List.of()); + + ReportContext(final List path) { + this.path = List.copyOf(path); + } + + public ReportContext descend(final String node) { + final ArrayList newPath = new ArrayList<>(path); + newPath.add(node); + return new ReportContext(newPath); + } + + public void descend(final String node, final Consumer consumer) { + consumer.accept(this.descend(node)); + } + + public boolean isMuted(final String childNodeName) { + return false; + } + + @Override + public String toString() { + return "ReportContext{" + + "path=" + path + + '}'; + } +} diff --git a/logstash-core/src/main/java/org/logstash/health/Status.java b/logstash-core/src/main/java/org/logstash/health/Status.java new file mode 100644 index 000000000..ba0ce68a3 --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/health/Status.java @@ -0,0 +1,67 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.logstash.health; + +import com.fasterxml.jackson.annotation.JsonValue; + +public enum Status { + GREEN("healthy"), + UNKNOWN("unknown"), + YELLOW("concerning"), + RED("unhealthy"), + ; + + private final String externalValue = name().toLowerCase(); + private final String descriptiveValue; + + Status(String descriptiveValue) { + this.descriptiveValue = descriptiveValue; + } + + @JsonValue + public String externalValue() { + return externalValue; + } + + public String descriptiveValue() { return descriptiveValue; } + + /** + * Combine this status with another status. + * This method is commutative. + * @param status the other status + * @return the more-degraded of the two statuses. + */ + public Status reduce(Status status) { + if (compareTo(status) >= 0) { + return this; + } else { + return status; + } + } + + public static class Holder { + private Status status = Status.GREEN; + public synchronized Status reduce(Status status) { + return this.status = this.status.reduce(status); + } + public synchronized Status value() { + return this.status; + } + } +} diff --git a/logstash-core/src/test/java/org/logstash/health/ProbeIndicatorTest.java b/logstash-core/src/test/java/org/logstash/health/ProbeIndicatorTest.java new file mode 100644 index 000000000..0ec860111 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/health/ProbeIndicatorTest.java @@ -0,0 +1,128 @@ +package org.logstash.health; + +import org.junit.Test; + +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.junit.Assert.assertThrows; + +public class ProbeIndicatorTest { + + @Test + public void attachProbeWhenNotExists() throws Exception { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + + final Probe probeToAdd = new ProbeImplementation(); + probeIndicator.attachProbe("new", probeToAdd); + + assertThat(probeIndicator.getProbe("new"), is(probeToAdd)); + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + } + + @Test + public void attachProbeWhenExists() throws Exception { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + + final Probe probeToAdd = new ProbeImplementation(); + assertThrows(IllegalArgumentException.class, () -> probeIndicator.attachProbe("existing", probeToAdd)); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + } + + @Test + public void attachProbeWhenAttached() throws Exception { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + + // attach it again + probeIndicator.attachProbe("existing", existingProbe); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + } + + + @Test + public void detachProbeByNameWhenAttached() { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + final Probe existingProbeToRemove = new ProbeImplementation(); + probeIndicator.attachProbe("to_remove", existingProbeToRemove); + + probeIndicator.detachProbe("to_remove"); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + assertThat(probeIndicator.getProbe("to_remove"), is(nullValue())); + } + + @Test + public void detachProbeByNameWhenDetached() { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + + probeIndicator.detachProbe("to_remove"); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + assertThat(probeIndicator.getProbe("to_remove"), is(nullValue())); + } + + @Test + public void detachProbeByValueWhenAttached() { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + final Probe existingProbeToRemove = new ProbeImplementation(); + probeIndicator.attachProbe("to_remove", existingProbeToRemove); + + probeIndicator.detachProbe("to_remove", existingProbeToRemove); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + assertThat(probeIndicator.getProbe("to_remove"), is(nullValue())); + } + + @Test + public void detachProbeByValueWhenDetached() { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + final Probe existingProbeToRemove = new ProbeImplementation(); + + probeIndicator.detachProbe("to_remove", existingProbeToRemove); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + assertThat(probeIndicator.getProbe("to_remove"), is(nullValue())); + } + + @Test + public void detachProbeByValueWhenConflict() { + final ProbeIndicator probeIndicator = new ProbeIndicator<>("subject", ProbeSubject::new); + final Probe existingProbe = new ProbeImplementation(); + probeIndicator.attachProbe("existing", existingProbe); + final Probe anotherProbeToRemove = new ProbeImplementation(); + + assertThrows(IllegalArgumentException.class, () -> probeIndicator.detachProbe("existing", anotherProbeToRemove)); + + assertThat(probeIndicator.getProbe("existing"), is(existingProbe)); + assertThat(probeIndicator.getProbe("to_remove"), is(nullValue())); + } + + @Test + public void report() { + } + + private static class ProbeSubject implements ProbeIndicator.Observation {} + + private static class ProbeImplementation implements Probe { + @Override + public Analysis analyze(ProbeSubject observation) { + return Analysis.builder().build(); + } + } +} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/health/StatusTest.java b/logstash-core/src/test/java/org/logstash/health/StatusTest.java new file mode 100644 index 000000000..32eca41d5 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/health/StatusTest.java @@ -0,0 +1,106 @@ +package org.logstash.health; + +import com.fasterxml.jackson.databind.ObjectMapper; +import org.junit.Test; +import org.junit.experimental.runners.Enclosed; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; +import org.junit.runners.Parameterized.Parameters; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.EnumSet; +import java.util.List; +import java.util.stream.Collectors; + +import static com.google.common.collect.Collections2.orderedPermutations; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.logstash.health.Status.*; + +@RunWith(Enclosed.class) +public class StatusTest { + + public static class Tests { + @Test + public void testReduceUnknown() { + assertThat(UNKNOWN.reduce(UNKNOWN), is(UNKNOWN)); + assertThat(UNKNOWN.reduce(GREEN), is(UNKNOWN)); + assertThat(UNKNOWN.reduce(YELLOW), is(YELLOW)); + assertThat(UNKNOWN.reduce(RED), is(RED)); + } + + @Test + public void testReduceGreen() { + assertThat(GREEN.reduce(UNKNOWN), is(UNKNOWN)); + assertThat(GREEN.reduce(GREEN), is(GREEN)); + assertThat(GREEN.reduce(YELLOW), is(YELLOW)); + assertThat(GREEN.reduce(RED), is(RED)); + } + + @Test + public void testReduceYellow() { + assertThat(YELLOW.reduce(UNKNOWN), is(YELLOW)); + assertThat(YELLOW.reduce(GREEN), is(YELLOW)); + assertThat(YELLOW.reduce(YELLOW), is(YELLOW)); + assertThat(YELLOW.reduce(RED), is(RED)); + } + + @Test + public void testReduceRed() { + assertThat(RED.reduce(UNKNOWN), is(RED)); + assertThat(RED.reduce(GREEN), is(RED)); + assertThat(RED.reduce(YELLOW), is(RED)); + assertThat(RED.reduce(RED), is(RED)); + } + } + + @RunWith(Parameterized.class) + public static class JacksonSerialization { + @Parameters(name = "{0}") + public static Iterable data() { + return EnumSet.allOf(Status.class); + } + + @Parameter + public Status status; + + private final ObjectMapper mapper = new ObjectMapper(); + + @Test + public void testSerialization() throws Exception { + assertThat(mapper.writeValueAsString(status), is(equalTo('"' + status.name().toLowerCase() + '"'))); + } + } + + @RunWith(Parameterized.class) + public static class ReduceCommutativeSpecification { + @Parameters(name = "{0}<=>{1}") + public static Collection data() { + return getCombinations(EnumSet.allOf(Status.class), 2); + } + + @Parameter(0) + public Status statusA; + @Parameter(1) + public Status statusB; + + @Test + public void testReduceCommutative() { + assertThat(statusA.reduce(statusB), is(statusB.reduce(statusA))); + } + + private static > List getCombinations(Collection source, int count) { + return orderedPermutations(source).stream() + .map((l) -> l.subList(0, count)) + .map(ArrayList::new).peek(Collections::sort) + .collect(Collectors.toSet()) + .stream() + .map(List::toArray) + .collect(Collectors.toList()); + } + } +} \ No newline at end of file diff --git a/qa/support/logstash-integration-failure_injector/README.md b/qa/support/logstash-integration-failure_injector/README.md new file mode 100644 index 000000000..bfa4a0197 --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/README.md @@ -0,0 +1,10 @@ +# About the plugin + +This plugin is for Logstash pipelines test purpose _only_. + +# How to apply changes + +When you change the source code, make sure to build a gem file. +```shell +gem build logstash-integration-failure_injector.gemspec +``` diff --git a/qa/support/logstash-integration-failure_injector/lib/logstash/filters/failure_injector.rb b/qa/support/logstash-integration-failure_injector/lib/logstash/filters/failure_injector.rb new file mode 100644 index 000000000..919118a0f --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/lib/logstash/filters/failure_injector.rb @@ -0,0 +1,91 @@ +# encoding: utf-8 + +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require 'logstash/inputs/base' +require 'logstash/namespace' + +require_relative '../utils/failure_injector_util' + +class LogStash::Filters::FailureInjector < LogStash::Filters::Base + + config_name "failure_injector" + + # Defines the phases where plugin needs to make a pipeline degraded state. + # Accepts one or any of [register, filter, close] + # Note that, order of the phases doesn't matter as it obeys on plugin phase + # Example config to degrade the pipeline status at register and receive phase: + # failure_injector { + # degrade_at => ['register', 'filter'] + # } + config :degrade_at, :validate => :array, :default => [] + + # Defines the phases where plugin needs to be crashed, causes pipeline terminated. + # Accepts one of [register, filter, close] + # Example config to degrade the pipeline status at register and receive phase: + # failure_injector { + # crash_at => 'register' + # } + # + # Note that, order of the phases doesn't matter as it obeys on plugin phase + # Plugin doesn't validate the order, if `crash_at` is combined with `degrade_at`, and plugin cannot simulate degraded state after crash phase + # Example, + # failure_injector { + # crash_at => 'register' + # degrade_at => ['filter'] + # } + config :crash_at, :validate => :string + + def initialize(params) + FailureInjectorUtils.validate_config('filter', params) + super + end + + def register + @logger.debug("Registering plugin") + degrade_or_crash_if_required('register') + end + + def filter(event) + @logger.trace("Received the event to filter: #{event}") + degrade_or_crash_if_required('filter') + end + + def close + @logger.debug("Plugin is closing") + degrade_or_crash_if_required('close') + end + + def degrade_or_crash_if_required(phase) + degrade(phase) if @degrade_at.include?(phase) + crash(phase) if @crash_at && @crash_at == phase + end + + def degrade(phase) + @logger.debug("Degraded at #{phase} phase") + (1..100).each { |i| + sleep(i * 0.005) + } + end + + def crash(phase) + @logger.debug("Crashing at #{phase} phase") + raise "`logstash-filter-failure_injector` is crashing at #{phase} phase" + end + +end diff --git a/qa/support/logstash-integration-failure_injector/lib/logstash/outputs/failure_injector.rb b/qa/support/logstash-integration-failure_injector/lib/logstash/outputs/failure_injector.rb new file mode 100644 index 000000000..5e836a93f --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/lib/logstash/outputs/failure_injector.rb @@ -0,0 +1,91 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# encoding: utf-8 + +require 'logstash/inputs/base' +require 'logstash/namespace' + +require_relative '../utils/failure_injector_util' + +class LogStash::Outputs::FailureInjector < LogStash::Outputs::Base + + config_name "failure_injector" + + # Defines the phases where plugin needs to make a pipeline degraded state. + # Accepts one or any of [register, receive, close] + # Note that, order of the phases doesn't matter as it obeys on plugin phase + # Example config to degrade the pipeline status at register and receive phase: + # failure_injector { + # degrade_at => ['register', 'receive'] + # } + config :degrade_at, :validate => :array, :default => [] + + # Defines the phases where plugin needs to be crashed, causes pipeline terminated. + # Accepts one of [register, receive, close] + # Example config to degrade the pipeline status at register and receive phase: + # failure_injector { + # crash_at => 'register' + # } + # + # Note that, order of the phases doesn't matter as it obeys on plugin phase + # Plugin doesn't validate the order, if `crash_at` is combined with `degrade_at`, and plugin cannot simulate degraded state after crash phase + # Example, + # failure_injector { + # crash_at => 'register' + # degrade_at => ['receive'] + # } + config :crash_at, :validate => :string + + def initialize(params) + FailureInjectorUtils.validate_config('output', params) + super + end + + def register + @logger.debug("Registering plugin") + degrade_or_crash_if_required('register') + end + + def multi_receive(events) + @logger.trace("Received #{events.size} size of events") + degrade_or_crash_if_required('receive') + end + + def close + @logger.debug("Plugin is closing") + degrade_or_crash_if_required('close') + end + + def degrade_or_crash_if_required(phase) + degrade(phase) if @degrade_at.include?(phase) + crash(phase) if @crash_at && @crash_at == phase + end + + def degrade(phase) + @logger.debug("Degraded at #{phase} phase") + (1..100).each { |i| + sleep(i * 0.01) + } + end + + def crash(phase) + @logger.debug("Crashing at #{phase} phase") + raise "`logstash-output-failure_injector` is crashing at #{phase} phase" + end + +end diff --git a/qa/support/logstash-integration-failure_injector/lib/logstash/utils/failure_injector_util.rb b/qa/support/logstash-integration-failure_injector/lib/logstash/utils/failure_injector_util.rb new file mode 100644 index 000000000..7a2f0af9c --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/lib/logstash/utils/failure_injector_util.rb @@ -0,0 +1,37 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# encoding: utf-8 + +class FailureInjectorUtils + + def self.validate_config(type, params) + type_error_message = "`logstash-integration-failure_injector` accepts 'filter' or 'output' type." + raise type_error_message unless type + raise type_error_message unless %w(filter output).include?(type) + + plugin_phase = type == 'output' ? 'receive' : 'filter' + accepted_configs = ['register', "#{plugin_phase}", 'close'] + config_error_message = "failure_injector #{type} plugin accepts #{accepted_configs} configs but received" + params['degrade_at']&.each do | degrade_phase | + raise "#{config_error_message} #{degrade_phase}" unless accepted_configs.include?(degrade_phase) + end + + crash_at = params['crash_at'] + raise "#{config_error_message} #{crash_at}" if crash_at && !accepted_configs.include?(crash_at) + end +end \ No newline at end of file diff --git a/qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector-0.0.1.gem b/qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector-0.0.1.gem new file mode 100644 index 0000000000000000000000000000000000000000..e241aaf94208b7e964965854f865c25539304c5e GIT binary patch literal 7168 zcmeHLS5y;Nw+;vr0Yd@-l_p3KDMEnIMJdun0-*#!TIe9X2q;B5QX~SQ4OK$Npmda` zG^I*#s1ChLCvt^3VO}!Tqw&S^J#5_W8~^-&)^(WaDLNZRuqxZ08U7 zyA1xr5C{a|cmKow>_x>TqyVA_Nhv9DxVWgqk9DHr2nk657yR!k=wI`CdwN-V{3yxS z-p0oHUju&{|6lR{IoltH`_uM+>h$V!Aiz1|)RvMwY^dc*goB%ojZ$eHMCK|T!ihj| za?unr>@I``9K&uWDJosFmH+)LphH9QxJ0v^dgNjEYFhuSU!VpSwi|tMPj+a}cdF?L z-BV*Twka!K=^Z7(JTwDua)WnPy)fjHvJ;KL8!M&rbjipqLe1RyGG!INgu(v&7^H0I zHbMvYQGLN^jKmvf2c&Bn`kD;O#bISc9zz}I?t~JM*atDX|(xP`~?JQkIf-f zP3QSLX{{7L>?K71=V{zR2E(ZmD?Eo4Y1-oUxw6z%GD^Z?Ez99R4Xbt zgl^~2Krhp=z~GTH%r8MT)MX^A(|*q#*ZtOO&4vCKC#XbTji+4X<*H80Jn+@J^ueLU zT`=}4RkrN3J)L}e_+Tl&l5EYw!ghqewo{H$uA%0HQ}{LIy_h3mRjI47aoTZku5e1$ zOytd{{@xGYA8($CDKB&_!0sE}lgwuj{mdW2SzmtlP_sEAF;cJM!UP3F)-Yo|j~-~k z4=GyY=VWZd)?1o9V$l&aVyQ>mX}_W=zrZ6mH$eOviR5^9;Y@cRmpeY#0IIXpx%oK8 z!R-L7@Wk{@PS_nuR)azN!T@+#yYT8esfwOA$4)^^x z>FYDvJH{+ZE8!!8-_E1g93Pa1Mi-==Q~2KJBD>lRnsIg!0sv zm%cO$Qx4f1Xv9Ppg39T4ChY#M(f5mE8=cOsT_n>emD5s}d(KQd z-gA8p{^>0J(M;uSmgRvh4KSB|d22d(9^qa2x2ssQsaHHqo4_c9TMIkLFT`(5)S-y! zX^T``7gd?zK~pPizAG+XvNaF!#-4^4x+Bc%UcAuy^dtC$lK&0Qy5@y{>L>gU*7e`q z|APVlgZwWch4|n64;TN*|NkG);t&2`V{`Hx@6gRY6s$mEu$-(gUK5v*8#T^?arg>i z<(#z`EAwqiwQVb~f*Z|XNe}tkWI!+gsOvS{<)isnD6yr<*VWaRf%cHV)`8(JPW4i| zl_bPG37NM{5lc{O7BlZC&H&Y}yX_sl|MqRR(?tHMLC~Gi@zK$hJKqA1ylQL5gDBnP zPJiJ$z4>LlAyV+%FbZrVX(?n%;XA%l;$hxht&N`Rq)6yEhwUEBZ$_|=&q?eX!_W%W z_dv=5uzl+M;yc_T6WOL%6$&j4c2UMcYu3Wp19uqeb`O^!K%Tf17LV${3t`)M3u7TN zmU9PlYfJOoA?g^|loE!b@CuGeA(=_IOX&V@FChbX#TMQK9#%%q);RulSC|bZJ+G@p zs$TQ(@ihvGEERAgQ&yd~7+YG{Le5C2hmkwJTDRwGO67E%xl zIezh~h$5tHl$W6jp!|9!R5v(Q|R) zO-tMugX>@6#_cb^O|;G8^h>hV^NQ3b*!Ipw-A@D5wkRJHwTyxHgeiKw8`I{dJv{a{ zC36nIRnOkVcNVHYf*&aIVGeR2@$|P2D?m%sz+ro^X*ADm5|U*`-&h7%sclvXNg(Q3 zz|xSW%r7PtaIl^ZFg1iKtR*V-%RcxCZ2AHnMJSbX<`=*OJ*^f2!YH>X`XyYO2B9|? z0CIx1JuBeIlS&3{eLxfF!adowcDa)|6m;vY^`Y0J(xTECN3>dC`e0$p5Q5;GRk%JO zW^9^L`)5&(r8dD`m0rc^qPn;xfY)4MKa_fQDNYK_}7sTxWL>4AtRgK?APiuTU-s zXwe@5>!>A~8hSPM?F|cpMOWJJ_1v{VkvZIR*+(hupE*Ji%%PxZp6$L*BoK-Nw!?j+ zyjF1AWqQE(hH zQwdekS~U#4W|ZCtk40#3C)u_<4DTf{b`hqpq3bF-Sf3JGXj~;k2Jz>`(CdjmvC_3j zL)#E{7GIcm3VENC?CH3<80UxgXn0eTzl^rw&UG|6=z1$>?qr$mla|a<+%BA}>3}=v zhKk8-qukkx2uO=MM#NaKvw5k>PPH|B#R!HJthkS2%D(IkpggK*znfUPjgHQ{Mz}jR z(Y6`X6vd5G3rwY6GlnQ93brlk9!@Dve?AN3T>5OqylmjS`AL{Pr}Am})IvH|RJC-Y zVc=oa!}Igt`s-H@J0n1W5V4dhX+L#;;oZxuPs}QxDjvy_M7Cs9$F$c_pK>YPzm2j^ zC6c!CSK5ZVXKft~g-+a?_kz%CB( z43_7hC+X5_bm}N$;d}>7%DTUqqFBC1YKuQ6_gav%{1rJ?%pZ%OSICCY8@>({uFGVf zW4Rv%?0ao=HQGdZAj3K=R??+Z4#gj;V zugUr1n{>ohzPidqth~vtvh@qP*T`yBAvgKc@Nwy2RLO z`k8*CAyJz4_=~;)wewQzL{nh8k>lZzr`oSJ=n?5lwCdJF{MxT$U?46`BsW3v3sT{| zBxRbZ2r((@o_*>FB-XJe0`fJPdu#9A4HOSm85N8PS?8EWdHp1b?~CTewLZevP?cb2 zaJiTX(bWGk%^ENDw0;O|7ACSOl%8PVbzA;3;TOK3z^5xe*f!zA`U^EbWl|R$4%Maf zib#BE>%my~4Eo3}#u6hfNsUXAk1W{p#OIpc`I>ZnD~Y%6x$qR>2#P;34PL}LyyJff zb-dcp(rDPI&3QHJO8*qJJJF#d^FFmjW`}WJ_9d(CXUr~F^pska;;bac#_yYzT1X-0 zY0JK!vF;Sjd+Dp)alOG&*>;JSt!ZYtKJ@9%hseoDKy2DzV4yv!U<=TZY{XUR%HM#D z<|}vovKmwkUf`K|!Y(SHC@{F*H=ZtsP%%qa!Rn-4B2Y=9i%_p=>A;xoux_4ox1!|C zjs4v4<;GKvlWmT`Lz0P|qOb){D3-~2ctwLUn3YO8ds^Dxb8@HPnbh+-Q_kb5e7UTX z*Kf)D0fapx64@-sSDZZB6C}Bl-Fve5Hk-W2hWXVcc2eI)`(#=h4V=hiUCKC1#e+!r zORp`)%{V)SY#D6t+Tt=L~h z*r6@Q^{!BZtPDcJ@70{Q^--;uHg{jkW9W3hY;DK(nC}^_Zw1Jcz9A6DU{;!*`ln^Pbv8}brd)PVtfftjLpNC$2f@o{6qR9QH&qQyKz zupI$tqJ3Ia+;w%Hbmdg2d$2jWR8*YDVV}^X8R@9~wx{F$Fzw)UtH(~XzYKjmqObY}u`A6TDDpsvJ-@gBVV2pmi zpJL`BB^naO0x0Ys}JuA2`%&XY!@HZ=eg;^THCNUWbyzE!p{?29-d{&HLmcVD)kgfmn7+X z~9ar`au|e=mR-*q+ zMUNMsH8Q*EFGt9-cnCYvqiE}8d2SvSI>20nWdwrsVyg;}<#Is+H}pN}tG9Q% zSqB_~tP~dc9OzzpE?>OjQrt#&7*Nw^IKtnIG_+_}lR7Nct&!}q;y}~l$f_w~k-U3O z)?ze?pT*`ovA!%NSR*4Dm2C5G!#wGq;_lIFMqhL&@y!l%sf_N|8}?V~Z<|%9&U#^{ zRfE>Gx}k?0)fBNF@Txs8N?d<_fVeQ()NODQT4?eev--NDSA%z>D7nDV+H8%#Kx%Nk zsu&vH#~{O&QM|M;W}30O+I+_IyL2Fv&jF(HG2H;wzYr1_dmD_Cr}raIVL!`9&VP>z z{Jk~y7yUmtLPG3M{Xc}HsMJsW_ZQdpZwvjQ|7>1}8dAZ5caP=UeGFH5z+5AvqXCpa z3!B;TPeU2i#K41{$noz!en9~$DY(yjN5;N7&Br^P`=6O7uPc>og0{oogKak2cyE?D zeRRI&i%wdWq<<9^(FQk4fAYAwtTE_xI}4DgQz8Vh0@pZuU)pMQ#3CD+^xO13cNss- zu;|h;(RUR_@-v*+J-DCQ0ZhiMM%hqTOE$LnaM&kT^~ZAsPcBKwDj_3t#X(N(lewkU z4^$M>@mcxPFCX~FP@m`A=5!2R6r`~jHD*@K3&MeD)Dy%p9gbD8?-{9MdE$)_vk%_; z?FrnfM~UMNZp~fqk1qV^hP>M-$vBd7%RED!v}9UmTVYj_R-O@Gt@g+|_;$pTLyA|X ZC7NF;{%wH&O!O0hp9uU!;2(m(e*r}?7_k5V literal 0 HcmV?d00001 diff --git a/qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector.gemspec b/qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector.gemspec new file mode 100644 index 000000000..5525dcf4f --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/logstash-integration-failure_injector.gemspec @@ -0,0 +1,26 @@ + +Gem::Specification.new do |s| + s.name = "logstash-integration-failure_injector" + s.version = "0.0.1" + s.licenses = ["Apache-2.0"] + s.summary = "A collection of Logstash plugins that halp simulating abnormal cases during the tests." + s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname." + s.authors = ["Elastic"] + s.email = "info@elastic.co" + s.homepage = "https://www.elastic.co/logstash" + s.metadata = { + "logstash_plugin" => "true", + "logstash_group" => "integration", + "integration_plugins" => %w( + logstash-filter-failure_injector + logstash-output-failure_injector + ).join(",") + } + + s.files = Dir["lib/**/*","spec/**/*","*.gemspec"] + s.test_files = s.files.grep(%r{^(test|spec|features)/}) + + s.add_runtime_dependency "logstash-core-plugin-api", ">= 2.1.12", "<= 2.99" + + s.add_development_dependency "logstash-devutils" +end diff --git a/qa/support/logstash-integration-failure_injector/spec/unit/failure_injector_spec.rb b/qa/support/logstash-integration-failure_injector/spec/unit/failure_injector_spec.rb new file mode 100644 index 000000000..d455d8b66 --- /dev/null +++ b/qa/support/logstash-integration-failure_injector/spec/unit/failure_injector_spec.rb @@ -0,0 +1,129 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# encoding: utf-8 + +require "logstash/devutils/rspec/spec_helper" +require "logstash/filters/failure_injector" +require "logstash/outputs/failure_injector" + +%w(filter output).each do | plugin_type | + instance = plugin_type == 'filter' ? LogStash::Filters::FailureInjector : LogStash::Outputs::FailureInjector + phase = plugin_type == 'filter' ? 'filter' : 'receive' + describe instance do + let(:params) { { 'degrade_at' => [], 'crash_at' => nil } } + let(:event) { LogStash::Event.new } + let(:plugin) { described_class.new(params) } + + before do + allow(plugin).to receive(:@logger).and_return(double('logger', :debug => nil, :trace => nil)) + end + + describe 'plugin base' do + subject { described_class } + it { is_expected.to be_a_kind_of Class } + it { is_expected.to be <= (plugin_type == 'filter' ? LogStash::Filters::Base : LogStash::Outputs::Base) } + it { is_expected.to have_attributes(:config_name => "failure_injector") } + end + + shared_examples 'a phase that can degrade or crash' do |phase| + context "when degrades at #{phase}" do + let(:params) { { 'degrade_at' => [phase] } } + + it 'calls the degrade method' do + expect(plugin).to receive(:degrade).with(phase) + case phase + when 'filter' + plugin.filter(event) + when 'receive' + plugin.multi_receive([event]) + else + plugin.send(phase) + end + end + end + + context "when crashes at #{phase}" do + let(:params) { { 'crash_at' => phase } } + + it 'raises a crash error' do + case phase + when 'filter' + expect { plugin.filter(event) }.to raise_error(RuntimeError, /crashing at #{phase}/) + when 'receive' + expect { plugin.multi_receive([event]) }.to raise_error(RuntimeError, /crashing at #{phase}/) + else + expect { plugin.send(phase) }.to raise_error(RuntimeError, /crashing at #{phase}/) + end + end + end + end + + describe '#initialize' do + context 'when valid params are passed' do + let(:params) { { 'degrade_at' => [], 'crash_at' => nil } } + + it 'does not raise any error' do + expect { described_class.new(params) }.not_to raise_error + end + end + + context 'when invalid params are passed' do + it 'raises an error on invalid config' do + configs = ["register", plugin_type == 'filter' ? "filter" : "receive", "close"] + expect { + described_class.new('degrade_at' => ['invalid'], 'crash_at' => 'invalid') + }.to raise_error("failure_injector #{plugin_type} plugin accepts #{configs} configs but received invalid") + end + end + end + + describe '#register' do + it_behaves_like 'a phase that can degrade or crash', 'register' + end + + if plugin_type == 'filter' + describe '#filter' do + it_behaves_like 'a phase that can degrade or crash', 'filter' + end + end + + if plugin_type == 'output' + describe '#receive' do + it_behaves_like 'a phase that can degrade or crash', 'receive' + end + end + + describe '#close' do + it_behaves_like 'a phase that can degrade or crash', 'close' + end + + describe '#degrade' do + it 'sleeps for a certain period of time' do + expect(plugin).to receive(:sleep).at_least(:once) + plugin.degrade('filter') + end + end + + describe '#crash' do + it 'raises an error with the phase' do + expect { plugin.crash(phase) }.to raise_error(RuntimeError, /crashing at #{phase}/) + end + end + end +end + From 4037adfc4ab8f3a9bec970fe2f37f702746ea10c Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:57:41 -0700 Subject: [PATCH 067/290] Health api minor followups (#16533) * Utilize default agent for Health API CI. Call python scripts from directly CI step. * Change BK agent to support both Java and python. Install pip manually and send env vars to subprocess. --- .buildkite/health_report_tests_pipeline.yml | 27 ++++++++++--------- .../scripts/health-report-tests/bootstrap.py | 2 +- .../scripts/health-report-tests/main.sh | 18 ++++++++++--- .../scripts/health-report-tests/util.py | 3 ++- qa/docker/shared_examples/container.rb | 2 +- 5 files changed, 34 insertions(+), 18 deletions(-) diff --git a/.buildkite/health_report_tests_pipeline.yml b/.buildkite/health_report_tests_pipeline.yml index 84d9bf9d4..93dd4d7ac 100644 --- a/.buildkite/health_report_tests_pipeline.yml +++ b/.buildkite/health_report_tests_pipeline.yml @@ -1,17 +1,20 @@ # yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json agents: - image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci" - cpu: "2" - memory: "4Gi" - ephemeralStorage: "64Gi" + provider: gcp + imageProject: elastic-images-prod + image: family/platform-ingest-logstash-ubuntu-2204 + machineType: "n2-standard-4" + diskSizeGb: 64 steps: - # todo: add a step for 8.latest when Health Report MVP is landed - - label: ":logstash: Health Report Integration tests on main branch." - command: | - source .buildkite/scripts/common/vm-agent.sh - ./.buildkite/scripts/health-report-tests/main.sh - retry: - automatic: - - limit: 3 + - group: ":logstash: Health API integration tests" + key: "testing-phase" + steps: + - label: "main branch" + key: "integ-tests-on-main-branch" + command: + - .buildkite/scripts/health-report-tests/main.sh + retry: + automatic: + - limit: 3 \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/bootstrap.py b/.buildkite/scripts/health-report-tests/bootstrap.py index 180592b4e..bb24e6d58 100644 --- a/.buildkite/scripts/health-report-tests/bootstrap.py +++ b/.buildkite/scripts/health-report-tests/bootstrap.py @@ -63,7 +63,7 @@ class Bootstrap: f"Failed to install {plugin_path}") def build_logstash(self): - print(f"Building Logstash.") + print(f"Building Logstash...") util.run_or_raise_error( ["./gradlew", "clean", "bootstrap", "assemble", "installDefaultGems"], "Failed to build Logstash") diff --git a/.buildkite/scripts/health-report-tests/main.sh b/.buildkite/scripts/health-report-tests/main.sh index 8b0dd00cd..2fcc25252 100755 --- a/.buildkite/scripts/health-report-tests/main.sh +++ b/.buildkite/scripts/health-report-tests/main.sh @@ -1,5 +1,17 @@ -#!/usr/bin/env bash -set -eo pipefail +#!/bin/bash +set -euo pipefail + +export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:/opt/buildkite-agent/.java/bin:$PATH" +export JAVA_HOME="/opt/buildkite-agent/.java" +eval "$(rbenv init -)" +eval "$(pyenv init -)" + +echo "--- Installing pip" +sudo apt-get install python3-pip -y + +echo "--- Installing dependencies" python3 -mpip install -r .buildkite/scripts/health-report-tests/requirements.txt -python3 .buildkite/scripts/health-report-tests/main.py + +echo "--- Running tests" +python3 .buildkite/scripts/health-report-tests/main.py \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/util.py b/.buildkite/scripts/health-report-tests/util.py index c7e840f06..86db9d571 100644 --- a/.buildkite/scripts/health-report-tests/util.py +++ b/.buildkite/scripts/health-report-tests/util.py @@ -1,3 +1,4 @@ +import os import requests import subprocess from requests.adapters import HTTPAdapter, Retry @@ -27,7 +28,7 @@ def run_or_raise_error(commands: list, error_message): f""" Executes the {list} commands and raises an {Exception} if opration fails. """ - result = subprocess.run(commands, universal_newlines=True, stdout=subprocess.PIPE) + result = subprocess.run(commands, env=os.environ.copy(), universal_newlines=True, stdout=subprocess.PIPE) if result.returncode != 0: full_error_message = (error_message + ", output: " + result.stdout.decode('utf-8')) \ if result.stdout else error_message diff --git a/qa/docker/shared_examples/container.rb b/qa/docker/shared_examples/container.rb index 2c3afed69..72ae9a5c5 100644 --- a/qa/docker/shared_examples/container.rb +++ b/qa/docker/shared_examples/container.rb @@ -29,7 +29,7 @@ shared_examples_for 'the container is configured correctly' do |flavor| it 'should be running an API server on port 9600' do wait_for_logstash(@container) - expect(get_logstash_status(@container)).to eql 'green' + expect(get_logstash_status(@container)).not_to be_nil end end From 065769636b383b2594c9cc19bc13d0d26bfade5e Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Thu, 10 Oct 2024 16:35:06 -0700 Subject: [PATCH 068/290] health: add `logstash.forceApiStatus: green` escape hatch (#16535) --- .../org/logstash/health/HealthObserver.java | 11 +++ .../logstash/health/HealthObserverTest.java | 93 +++++++++++++++++++ 2 files changed, 104 insertions(+) create mode 100644 logstash-core/src/test/java/org/logstash/health/HealthObserverTest.java diff --git a/logstash-core/src/main/java/org/logstash/health/HealthObserver.java b/logstash-core/src/main/java/org/logstash/health/HealthObserver.java index 63a461a74..fdc091133 100644 --- a/logstash-core/src/main/java/org/logstash/health/HealthObserver.java +++ b/logstash-core/src/main/java/org/logstash/health/HealthObserver.java @@ -25,6 +25,8 @@ public class HealthObserver { private static final Logger LOGGER = LogManager.getLogger(); + static final String FORCE_API_STATUS_PROPERTY = "logstash.forceApiStatus"; + private final MultiIndicator rootIndicator = new MultiIndicator(); private final MultiIndicator pipelinesIndicator = new MultiIndicator(); @@ -33,6 +35,15 @@ public class HealthObserver { } public final Status getStatus() { + // Short-term escape-hatch + final String forceApiStatus = System.getProperty(FORCE_API_STATUS_PROPERTY); + if (forceApiStatus != null) { + if (forceApiStatus.equals("green")) { + return Status.GREEN; + } else { + LOGGER.warn("Unsupported `logstash.forceApiStatus`: {} (health report status will be propagated)", forceApiStatus); + } + } return getReport().getStatus(); } diff --git a/logstash-core/src/test/java/org/logstash/health/HealthObserverTest.java b/logstash-core/src/test/java/org/logstash/health/HealthObserverTest.java new file mode 100644 index 000000000..77313a17e --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/health/HealthObserverTest.java @@ -0,0 +1,93 @@ +package org.logstash.health; + +import org.hamcrest.Matchers; +import org.junit.Test; + +import java.util.Objects; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.logstash.health.HealthObserver.FORCE_API_STATUS_PROPERTY; + +public class HealthObserverTest { + + private final HealthObserver healthObserver = new HealthObserver(); + + @Test + public void testStatusWhenNotForcedPropagates() { + withUnsetSystemProperty(FORCE_API_STATUS_PROPERTY, () -> { + for (Status reportStatus : Status.values()) { + withIndicator(new TestIndicator(reportStatus), () -> { + assertThat(String.format("Status[%s] should propagate", reportStatus), healthObserver.getStatus(), Matchers.is(reportStatus)); + }); + } + }); + } + + @Test + public void testStatusWhenForcedGreenEmitsGreen() { + withSystemProperty(FORCE_API_STATUS_PROPERTY, "green", () -> { + for (Status reportStatus : Status.values()) { + withIndicator(new TestIndicator(reportStatus), () -> { + assertThat(String.format("Status[%s] should not propagate", reportStatus), healthObserver.getStatus(), Matchers.is(Status.GREEN)); + }); + } + }); + } + + @Test + public void testStatusWhenForcedNonsensePropagates() { + withSystemProperty(FORCE_API_STATUS_PROPERTY, "nonsense", () -> { + for (Status reportStatus : Status.values()) { + withIndicator(new TestIndicator(reportStatus), () -> { + assertThat(String.format("Status[%s] should propagate", reportStatus), healthObserver.getStatus(), Matchers.is(reportStatus)); + }); + } + }); + } + + void withUnsetSystemProperty(final String propertyName, final Runnable action) { + withSystemProperty(propertyName, null, action); + } + + void withSystemProperty(final String name, final String value, final Runnable action) { + synchronized (System.class) { + final String oldValue; + if (Objects.isNull(value)) { + oldValue = System.clearProperty(name); + } else { + oldValue = System.setProperty(name, value); + } + try { + action.run(); + } finally { + if (oldValue != null) { + System.setProperty(name, oldValue); + } else { + System.clearProperty(name); + } + } + } + } + + void withIndicator(Indicator indicator, Runnable runnable) { + this.healthObserver.getIndicator().attachIndicator("single", indicator); + try { + runnable.run(); + } finally { + this.healthObserver.getIndicator().detachIndicator("single", indicator); + } + } + + static class TestIndicator implements Indicator { + private final Status status; + + public TestIndicator(final Status status) { + this.status = status; + } + + @Override + public Report report(ReportContext reportContext) { + return () -> this.status; + } + } +} \ No newline at end of file From a931b2cde6e4b7abeb9f3ba2e503fdef68b146e9 Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Thu, 10 Oct 2024 17:56:22 -0700 Subject: [PATCH 069/290] Flow worker utilization probe (#16532) * flow: refactor pipeline refs to keep worker flows separate * health: add worker_utilization probe pipeline is: - RED "completely blocked" when last_5_minutes >= 99.999 - YELLOW "nearly blocked" when last_5_minutes > 95 - and inludes "recovering" info when last_1_minute < 80 - YELLOW "completely blocked" when last_1_minute >= 99.999 - YELLOW "nearly blocked" when last_1_minute > 95 * tests: improve coverage of PipelineIndicator probes * Apply suggestions from code review --- ...-pipeline-flow-worker-utilization.asciidoc | 44 +++++ .../troubleshoot/troubleshooting.asciidoc | 1 + logstash-core/lib/logstash/agent.rb | 20 +- .../execution/AbstractPipelineExt.java | 73 +++++-- .../logstash/health/PipelineIndicator.java | 145 +++++++++++++- .../main/java/org/logstash/health/Probe.java | 2 +- .../health/PipelineIndicatorTest.java | 182 ++++++++++++++++++ 7 files changed, 441 insertions(+), 26 deletions(-) create mode 100644 docs/static/troubleshoot/health-pipeline-flow-worker-utilization.asciidoc create mode 100644 logstash-core/src/test/java/org/logstash/health/PipelineIndicatorTest.java diff --git a/docs/static/troubleshoot/health-pipeline-flow-worker-utilization.asciidoc b/docs/static/troubleshoot/health-pipeline-flow-worker-utilization.asciidoc new file mode 100644 index 000000000..f778c43fb --- /dev/null +++ b/docs/static/troubleshoot/health-pipeline-flow-worker-utilization.asciidoc @@ -0,0 +1,44 @@ +[[health-report-pipeline-flow-worker-utilization]] +=== Health Report Pipeline Flow: Worker Utilization + +The Pipeline indicator has a `flow:worker_utilization` probe that is capable of producing one of several diagnoses about blockages in the pipeline. + +A pipeline is considered "blocked" when its workers are fully-utilized, because if they are consistently spending 100% of their time processing events, they are unable to pick up new events from the queue. +This can cause back-pressure to cascade to upstream services, which can result in data loss or duplicate processing depending on upstream configuration. + +The issue typically stems from one or more causes: + +* a downstream resource being blocked, +* a plugin consuming more resources than expected, and/or +* insufficient resources being allocated to the pipeline. + +To address the issue, observe the <> from the <>, and identify which plugins have the highest `worker_utilization`. +This will tell you which plugins are spending the most of the pipeline's worker resources. + +* If the offending plugin connects to a downstream service or another pipeline that is exerting back-pressure, the issue needs to be addressed in the downstream service or pipeline. +* If the offending plugin connects to a downstream service with high network latency, throughput for the pipeline may be improved by <>. +* If the offending plugin is a computation-heavy filter such as `grok` or `kv`, its configuration may need to be tuned to eliminate wasted computation. + +[[health-report-pipeline-flow-worker-utilization-diagnosis-blocked-5m]] +==== [[blocked-5m]]Blocked Pipeline (5 minutes) + +A pipeline that has been completely blocked for five minutes or more represents a critical blockage to the flow of events through your pipeline that needs to be addressed immediately to avoid or limit data loss. +See above for troubleshooting steps. + +[[health-report-pipeline-flow-worker-utilization-diagnosis-nearly-blocked-5m]] +==== [[nearly-blocked-5m]]Nearly Blocked Pipeline (5 minutes) + +A pipeline that has been nearly blocked for five minutes or more may be creating intermittent blockage to the flow of events through your pipeline, which can result in the risk of data loss. +See above for troubleshooting steps. + +[[health-report-pipeline-flow-worker-utilization-diagnosis-blocked-1m]] +==== [[blocked-1m]]Blocked Pipeline (1 minute) + +A pipeline that has been completely blocked for one minute or more represents a high-risk or upcoming blockage to the flow of events through your pipeline that likely needs to be addressed soon to avoid or limit data loss. +See above for troubleshooting steps. + +[[health-report-pipeline-flow-worker-utilization-diagnosis-nearly-blocked-1m]] +==== [[nearly-blocked-1m]]Nearly Blocked Pipeline (1 minute) + +A pipeline that has been nearly blocked for one minute or more may be creating intermittent blockage to the flow of events through your pipeline, which can result in the risk of data loss. +See above for troubleshooting steps. diff --git a/docs/static/troubleshoot/troubleshooting.asciidoc b/docs/static/troubleshoot/troubleshooting.asciidoc index 66bb60f45..e8bd68ce0 100644 --- a/docs/static/troubleshoot/troubleshooting.asciidoc +++ b/docs/static/troubleshoot/troubleshooting.asciidoc @@ -29,3 +29,4 @@ include::ts-plugins-general.asciidoc[] include::ts-plugins.asciidoc[] include::ts-other-issues.asciidoc[] include::health-pipeline-status.asciidoc[] +include::health-pipeline-flow-worker-utilization.asciidoc[] diff --git a/logstash-core/lib/logstash/agent.rb b/logstash-core/lib/logstash/agent.rb index d1f8e0069..4ab6c6846 100644 --- a/logstash-core/lib/logstash/agent.rb +++ b/logstash-core/lib/logstash/agent.rb @@ -168,17 +168,17 @@ class LogStash::Agent return PipelineIndicator::Details.new(PipelineIndicator::Status::UNKNOWN) end - status = pipeline_state.synchronize do |sync_state| - case - when sync_state.loading? then PipelineIndicator::Status::LOADING - when sync_state.crashed? then PipelineIndicator::Status::TERMINATED - when sync_state.running? then PipelineIndicator::Status::RUNNING - when sync_state.finished? then PipelineIndicator::Status::FINISHED - else PipelineIndicator::Status::UNKNOWN - end - end + pipeline_state.synchronize do |sync_state| + status = case + when sync_state.loading? then PipelineIndicator::Status::LOADING + when sync_state.crashed? then PipelineIndicator::Status::TERMINATED + when sync_state.running? then PipelineIndicator::Status::RUNNING + when sync_state.finished? then PipelineIndicator::Status::FINISHED + else PipelineIndicator::Status::UNKNOWN + end - return PipelineIndicator::Details.new(status) + PipelineIndicator::Details.new(status, sync_state.pipeline&.to_java.collectWorkerUtilizationFlowObservation) + end end def auto_reload? diff --git a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java index 068e529ef..c169ee053 100644 --- a/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java +++ b/logstash-core/src/main/java/org/logstash/execution/AbstractPipelineExt.java @@ -35,12 +35,16 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.List; +import java.util.Map; import java.util.Objects; import java.util.Optional; import java.util.UUID; +import java.util.concurrent.ConcurrentHashMap; +import java.util.function.Predicate; import java.util.function.Supplier; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.util.stream.Collectors; import java.util.stream.Stream; import com.google.common.annotations.VisibleForTesting; @@ -82,6 +86,7 @@ import org.logstash.config.ir.compiler.ConditionalEvaluationError; import org.logstash.execution.queue.QueueWriter; import org.logstash.ext.JRubyAbstractQueueWriteClientExt; import org.logstash.ext.JRubyWrappedWriteClientExt; +import org.logstash.health.PipelineIndicator; import org.logstash.instrument.metrics.AbstractMetricExt; import org.logstash.instrument.metrics.AbstractNamespacedMetricExt; import org.logstash.instrument.metrics.FlowMetric; @@ -161,7 +166,7 @@ public class AbstractPipelineExt extends RubyBasicObject { private QueueReadClientBase filterQueueClient; - private ArrayList flowMetrics = new ArrayList<>(); + private transient final ScopedFlowMetrics scopedFlowMetrics = new ScopedFlowMetrics(); private @SuppressWarnings("rawtypes") RubyArray inputs; private @SuppressWarnings("rawtypes") RubyArray filters; private @SuppressWarnings("rawtypes") RubyArray outputs; @@ -563,34 +568,34 @@ public class AbstractPipelineExt extends RubyBasicObject { final LongCounter eventsInCounter = initOrGetCounterMetric(context, eventsNamespace, IN_KEY); final FlowMetric inputThroughput = createFlowMetric(INPUT_THROUGHPUT_KEY, eventsInCounter, uptimeInPreciseSeconds); - this.flowMetrics.add(inputThroughput); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, inputThroughput); storeMetric(context, flowNamespace, inputThroughput); final LongCounter eventsFilteredCounter = initOrGetCounterMetric(context, eventsNamespace, FILTERED_KEY); final FlowMetric filterThroughput = createFlowMetric(FILTER_THROUGHPUT_KEY, eventsFilteredCounter, uptimeInPreciseSeconds); - this.flowMetrics.add(filterThroughput); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, filterThroughput); storeMetric(context, flowNamespace, filterThroughput); final LongCounter eventsOutCounter = initOrGetCounterMetric(context, eventsNamespace, OUT_KEY); final FlowMetric outputThroughput = createFlowMetric(OUTPUT_THROUGHPUT_KEY, eventsOutCounter, uptimeInPreciseSeconds); - this.flowMetrics.add(outputThroughput); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, outputThroughput); storeMetric(context, flowNamespace, outputThroughput); final TimerMetric queuePushWaitInMillis = initOrGetTimerMetric(context, eventsNamespace, PUSH_DURATION_KEY); final FlowMetric backpressureFlow = createFlowMetric(QUEUE_BACKPRESSURE_KEY, queuePushWaitInMillis, uptimeInPreciseMillis); - this.flowMetrics.add(backpressureFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, backpressureFlow); storeMetric(context, flowNamespace, backpressureFlow); final TimerMetric durationInMillis = initOrGetTimerMetric(context, eventsNamespace, DURATION_IN_MILLIS_KEY); final FlowMetric concurrencyFlow = createFlowMetric(WORKER_CONCURRENCY_KEY, durationInMillis, uptimeInPreciseMillis); - this.flowMetrics.add(concurrencyFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, concurrencyFlow); storeMetric(context, flowNamespace, concurrencyFlow); final int workerCount = getSetting(context, SettingKeyDefinitions.PIPELINE_WORKERS).convertToInteger().getIntValue(); final UpScaledMetric percentScaledDurationInMillis = new UpScaledMetric(durationInMillis, 100); final UpScaledMetric availableWorkerTimeInMillis = new UpScaledMetric(uptimeInPreciseMillis, workerCount); final FlowMetric utilizationFlow = createFlowMetric(WORKER_UTILIZATION_KEY, percentScaledDurationInMillis, availableWorkerTimeInMillis); - this.flowMetrics.add(utilizationFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, utilizationFlow); storeMetric(context, flowNamespace, utilizationFlow); initializePqFlowMetrics(context, flowNamespace, uptimeMetric); @@ -600,10 +605,22 @@ public class AbstractPipelineExt extends RubyBasicObject { @JRubyMethod(name = "collect_flow_metrics") public final IRubyObject collectFlowMetrics(final ThreadContext context) { - this.flowMetrics.forEach(FlowMetric::capture); + this.scopedFlowMetrics.captureAll(); return context.nil; } + // short-term limits the scope of what is included in the flow observations + public final PipelineIndicator.FlowObservation collectWorkerUtilizationFlowObservation() { + return this.collectFlowObservation(WORKER_UTILIZATION_KEY.asJavaString()::equals); + } + + public final PipelineIndicator.FlowObservation collectFlowObservation(final Predicate filter) { + Map> collect = this.scopedFlowMetrics.getFlowMetrics(ScopedFlowMetrics.Scope.WORKER).stream() + .filter(fm -> filter.test(fm.getName())) + .collect(Collectors.toUnmodifiableMap(FlowMetric::getName, FlowMetric::getValue)); + return new PipelineIndicator.FlowObservation(collect); + } + private static FlowMetric createFlowMetric(final RubySymbol name, final Metric numeratorMetric, final Metric denominatorMetric) { @@ -671,12 +688,13 @@ public class AbstractPipelineExt extends RubyBasicObject { final Supplier eventsGaugeMetricSupplier = () -> initOrGetNumberGaugeMetric(context, queueNamespace, EVENTS_KEY).orElse(null); final FlowMetric growthEventsFlow = createFlowMetric(QUEUE_PERSISTED_GROWTH_EVENTS_KEY, eventsGaugeMetricSupplier, () -> uptimeInPreciseSeconds); - this.flowMetrics.add(growthEventsFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, growthEventsFlow); storeMetric(context, flowNamespace, growthEventsFlow); final Supplier queueSizeInBytesMetricSupplier = () -> initOrGetNumberGaugeMetric(context, queueCapacityNamespace, QUEUE_SIZE_IN_BYTES_KEY).orElse(null); final FlowMetric growthBytesFlow = createFlowMetric(QUEUE_PERSISTED_GROWTH_BYTES_KEY, queueSizeInBytesMetricSupplier, () -> uptimeInPreciseSeconds); - this.flowMetrics.add(growthBytesFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.WORKER, growthBytesFlow); + storeMetric(context, flowNamespace, growthBytesFlow); } } @@ -705,7 +723,7 @@ public class AbstractPipelineExt extends RubyBasicObject { final LongCounter eventsOut = initOrGetCounterMetric(context, eventsNamespace, OUT_KEY); final FlowMetric throughputFlow = createFlowMetric(PLUGIN_THROUGHPUT_KEY, eventsOut, uptimeInPreciseSeconds); - this.flowMetrics.add(throughputFlow); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.PLUGIN, throughputFlow); final RubySymbol[] flowNamespace = buildNamespace(PLUGINS_KEY, INPUTS_KEY, RubyUtil.RUBY.newString(id).intern(), FLOW_KEY); storeMetric(context, flowNamespace, throughputFlow); @@ -718,12 +736,12 @@ public class AbstractPipelineExt extends RubyBasicObject { final TimerMetric durationInMillis = initOrGetTimerMetric(context, eventsNamespace, DURATION_IN_MILLIS_KEY); final LongCounter counterEvents = initOrGetCounterMetric(context, eventsNamespace, IN_KEY); final FlowMetric workerCostPerEvent = createFlowMetric(WORKER_MILLIS_PER_EVENT_KEY, durationInMillis, counterEvents); - this.flowMetrics.add(workerCostPerEvent); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.PLUGIN, workerCostPerEvent); final UpScaledMetric percentScaledDurationInMillis = new UpScaledMetric(durationInMillis, 100); final UpScaledMetric availableWorkerTimeInMillis = new UpScaledMetric(uptimeInPreciseMillis, workerCount); final FlowMetric workerUtilization = createFlowMetric(WORKER_UTILIZATION_KEY, percentScaledDurationInMillis, availableWorkerTimeInMillis); - this.flowMetrics.add(workerUtilization); + this.scopedFlowMetrics.register(ScopedFlowMetrics.Scope.PLUGIN, workerUtilization); final RubySymbol[] flowNamespace = buildNamespace(PLUGINS_KEY, key, RubyUtil.RUBY.newString(id).intern(), FLOW_KEY); storeMetric(context, flowNamespace, workerCostPerEvent); @@ -884,4 +902,33 @@ public class AbstractPipelineExt extends RubyBasicObject { public final RubyString getLastErrorEvaluationReceived(final ThreadContext context) { return RubyString.newString(context.runtime, lastErrorEvaluationReceived); } + + private static class ScopedFlowMetrics { + enum Scope { + WORKER, + PLUGIN + } + private final Map> flowsByScope = new ConcurrentHashMap<>(); + + void register(final Scope scope, final FlowMetric metric) { + flowsByScope.compute(scope, (s, scopedFlows) -> { + if (scopedFlows == null) { + return List.of(metric); + } else { + final ArrayList mutable = new ArrayList<>(scopedFlows.size() + 1); + mutable.addAll(scopedFlows); + mutable.add(metric); + return List.copyOf(mutable); + } + }); + } + + void captureAll() { + flowsByScope.values().stream().flatMap(List::stream).forEach(FlowMetric::capture); + } + + List getFlowMetrics(final Scope scope) { + return flowsByScope.getOrDefault(scope, List.of()); + } + } } diff --git a/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java b/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java index 3f6821fec..ce6a5ed10 100644 --- a/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java +++ b/logstash-core/src/main/java/org/logstash/health/PipelineIndicator.java @@ -21,9 +21,13 @@ package org.logstash.health; import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.databind.SerializerProvider; import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.logstash.instrument.metrics.MetricKeys; import java.io.IOException; +import java.util.Map; import java.util.Objects; +import java.util.OptionalDouble; +import java.util.stream.Collectors; import static org.logstash.health.Status.*; @@ -37,6 +41,7 @@ public class PipelineIndicator extends ProbeIndicator final PipelineDetailsProvider pipelineDetailsProvider) { PipelineIndicator pipelineIndicator = new PipelineIndicator(new DetailsSupplier(pipelineId, pipelineDetailsProvider)); pipelineIndicator.attachProbe("status", new StatusProbe()); + pipelineIndicator.attachProbe("flow:worker_utilization", new FlowWorkerUtilizationProbe()); return pipelineIndicator; } @@ -81,13 +86,21 @@ public class PipelineIndicator extends ProbeIndicator @JsonSerialize(using = Details.JsonSerializer.class) public static class Details implements Observation { private final Status status; + private final FlowObservation flow; + + public Details(Status status, FlowObservation flow) { + this.status = Objects.requireNonNull(status, "status cannot be null"); + this.flow = Objects.requireNonNullElse(flow, FlowObservation.EMPTY); + } public Details(final Status status) { - this.status = Objects.requireNonNull(status, "status cannot be null"); + this(status, null); } + public Status getStatus() { return this.status; } + public FlowObservation getFlow() { return this.flow; } public static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer
{ @Override @@ -96,11 +109,52 @@ public class PipelineIndicator extends ProbeIndicator final SerializerProvider serializerProvider) throws IOException { jsonGenerator.writeStartObject(); jsonGenerator.writeObjectField("status", details.getStatus()); + FlowObservation flow = details.getFlow(); + if (flow != null && !flow.isEmpty()) { + jsonGenerator.writeObjectField("flow", flow); + } jsonGenerator.writeEndObject(); } } } + @JsonSerialize(using = FlowObservation.JsonSerializer.class) + public static class FlowObservation { + private static FlowObservation EMPTY = new FlowObservation(Map.of()); + final Map> capture; + + public FlowObservation(final Map> capture) { + this.capture = Objects.requireNonNull(capture, "capture cannot be null").entrySet() + .stream() + .collect(Collectors.toUnmodifiableMap(Map.Entry::getKey, (e) -> Map.copyOf(e.getValue()))); + } + + public OptionalDouble getRate(final String flowMetricName, final String flowMetricWindow) { + final Map flowMetrics = capture.get(flowMetricName); + if (flowMetrics == null) { + return OptionalDouble.empty(); + } + final Double rate = flowMetrics.get(flowMetricWindow); + if (rate == null) { + return OptionalDouble.empty(); + } else { + return OptionalDouble.of(rate); + } + } + + public boolean isEmpty() { + return capture.isEmpty() || capture.values().stream().allMatch(Map::isEmpty); + } + + static class JsonSerializer extends com.fasterxml.jackson.databind.JsonSerializer { + @Override + public void serialize(FlowObservation value, JsonGenerator gen, SerializerProvider serializers) throws IOException { + gen.writeObject(value.capture); + } + } + } + + /** * This interface is implemented by the ruby-Agent */ @@ -171,7 +225,7 @@ public class PipelineIndicator extends ProbeIndicator case UNKNOWN: default: return Analysis.builder() - .withStatus(YELLOW) + .withStatus(UNKNOWN) .withDiagnosis(db -> db .withId(diagnosisId("unknown")) .withCause("pipeline is not known; it may have been recently deleted or failed to start") @@ -192,4 +246,91 @@ public class PipelineIndicator extends ProbeIndicator } + + static class FlowWorkerUtilizationProbe implements Probe
{ + static final String LAST_1_MINUTE = "last_1_minute"; + static final String LAST_5_MINUTES = "last_5_minutes"; + + static final String WORKER_UTILIZATION = MetricKeys.WORKER_UTILIZATION_KEY.asJavaString(); + + static final Impact.Builder BLOCKED_PROCESSING = Impact.builder() + .withId(impactId("blocked_processing")) + .withDescription("the pipeline is blocked") + .withAdditionalImpactArea(ImpactArea.PIPELINE_EXECUTION); + + static final HelpUrl HELP_URL = new HelpUrl("health-report-pipeline-flow-worker-utilization"); + + @Override + public Analysis analyze(Details observation) { + + final OptionalDouble lastFiveMinutes = observation.flow.getRate(WORKER_UTILIZATION, LAST_5_MINUTES); + final OptionalDouble lastOneMinute = observation.flow.getRate(WORKER_UTILIZATION, LAST_1_MINUTE); + + if (lastFiveMinutes.isPresent()) { + if (lastFiveMinutes.getAsDouble() > 99.999) { + return Analysis.builder() + .withStatus(RED) + .withDiagnosis(db -> db + .withId(diagnosisId("5m-blocked")) + .withCause(diagnosisCause("completely blocked", "five minutes", false)) + .withAction("address bottleneck or add resources") + .withHelpUrl(HELP_URL.withAnchor("blocked-5m").toString())) + .withImpact(BLOCKED_PROCESSING.withSeverity(1).build()) + .build(); + } else if (lastFiveMinutes.getAsDouble() >= 95.00) { + final boolean isRecovering = lastOneMinute.isPresent() && lastOneMinute.getAsDouble() <= 80.00; + return Analysis.builder() + .withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("5m-nearly-blocked")) + .withCause(diagnosisCause("nearly blocked", "five minutes", isRecovering)) + .withAction(isRecovering ? "continue to monitor" : "address bottleneck or add resources") + .withHelpUrl(HELP_URL.withAnchor("nearly-blocked-5m").toString())) + .withImpact(BLOCKED_PROCESSING.withSeverity(1).build()) + .build(); + } + } + + if (lastOneMinute.isPresent()) { + if (lastOneMinute.getAsDouble() > 99.999) { + return Analysis.builder().withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("1m-blocked")) + .withCause(diagnosisCause("completely blocked", "one minute", false)) + .withAction("address bottleneck or add resources") + .withHelpUrl(HELP_URL.withAnchor("blocked-1m").toString())) + .withImpact(BLOCKED_PROCESSING.withSeverity(2).build()) + .build(); + } else if (lastOneMinute.getAsDouble() >= 95.00) { + return Analysis.builder().withStatus(YELLOW) + .withDiagnosis(db -> db + .withId(diagnosisId("1m-nearly-blocked")) + .withCause(diagnosisCause("nearly blocked", "one minute", false)) + .withAction("address bottleneck or add resources") + .withHelpUrl(HELP_URL.withAnchor("nearly-blocked-1m").toString())) + .withImpact(BLOCKED_PROCESSING.withSeverity(2).build()) + .build(); + } + } + + + return Analysis.builder().build(); + } + + static String diagnosisCause(String condition, String period, boolean isRecovering) { + final StringBuilder cause = new StringBuilder("pipeline workers have been ").append(condition).append(" for at least ").append(period); + if (isRecovering) { + cause.append(", but they appear to be recovering"); + } + return cause.toString(); + } + + static String diagnosisId(final String state) { + return String.format("logstash:health:pipeline:flow:worker_utilization:diagnosis:%s", state); + } + + static String impactId(final String state) { + return String.format("logstash:health:pipeline:flow:impact:%s", state); + } + } } diff --git a/logstash-core/src/main/java/org/logstash/health/Probe.java b/logstash-core/src/main/java/org/logstash/health/Probe.java index ec9cf71d2..32d0b0bf8 100644 --- a/logstash-core/src/main/java/org/logstash/health/Probe.java +++ b/logstash-core/src/main/java/org/logstash/health/Probe.java @@ -45,7 +45,7 @@ public interface Probe { private final Impact impact; public Builder() { - this(Status.UNKNOWN, null, null); + this(Status.GREEN, null, null); } public Builder(final Status status, diff --git a/logstash-core/src/test/java/org/logstash/health/PipelineIndicatorTest.java b/logstash-core/src/test/java/org/logstash/health/PipelineIndicatorTest.java new file mode 100644 index 000000000..3b242dee7 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/health/PipelineIndicatorTest.java @@ -0,0 +1,182 @@ +package org.logstash.health; + +import org.junit.Test; +import org.junit.experimental.runners.Enclosed; +import org.junit.runner.RunWith; + +import java.util.Map; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.both; +import static org.hamcrest.Matchers.contains; +import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.is; +import static org.hamcrest.Matchers.notNullValue; +import static org.hamcrest.Matchers.nullValue; + +@RunWith(Enclosed.class) +public class PipelineIndicatorTest { + public static class StatusProbeTest { + private static final PipelineIndicator.StatusProbe statusProbe = new PipelineIndicator.StatusProbe(); + + @Test + public void testRunning() { + final PipelineIndicator.Details details = detailsForStatus(PipelineIndicator.Status.RUNNING); + + final Probe.Analysis analysis = statusProbe.analyze(details); + assertThat(analysis.status, is(Status.GREEN)); + assertThat(analysis.diagnosis, is(nullValue())); + assertThat(analysis.impact, is(nullValue())); + } + + @Test + public void testLoading() { + final PipelineIndicator.Details details = detailsForStatus(PipelineIndicator.Status.LOADING); + + final Probe.Analysis analysis = statusProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis, is(notNullValue())); + assertThat(analysis.diagnosis.cause, containsString("loading")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-status.html#loading")); + assertThat(analysis.impact, is(notNullValue())); + assertThat(analysis.impact.id, containsString("not_processing")); + assertThat(analysis.impact.impactAreas, contains(ImpactArea.PIPELINE_EXECUTION)); + } + + @Test + public void testFinished() { + final PipelineIndicator.Details details = detailsForStatus(PipelineIndicator.Status.FINISHED); + + final Probe.Analysis analysis = statusProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis, is(notNullValue())); + assertThat(analysis.diagnosis.cause, containsString("finished")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-status.html#finished")); + assertThat(analysis.impact, is(notNullValue())); + assertThat(analysis.impact.id, containsString("not_processing")); + assertThat(analysis.impact.impactAreas, contains(ImpactArea.PIPELINE_EXECUTION)); + } + + @Test + public void testTerminated() { + final PipelineIndicator.Details details = detailsForStatus(PipelineIndicator.Status.TERMINATED); + + final Probe.Analysis analysis = statusProbe.analyze(details); + assertThat(analysis.status, is(Status.RED)); + assertThat(analysis.diagnosis, is(notNullValue())); + assertThat(analysis.diagnosis.cause, containsString("error")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-status.html#terminated")); + assertThat(analysis.impact, is(notNullValue())); + assertThat(analysis.impact.id, containsString("not_processing")); + assertThat(analysis.impact.impactAreas, contains(ImpactArea.PIPELINE_EXECUTION)); + } + + @Test + public void testUnknown() { + final PipelineIndicator.Details details = detailsForStatus(PipelineIndicator.Status.UNKNOWN); + + final Probe.Analysis analysis = statusProbe.analyze(details); + assertThat(analysis.status, is(Status.UNKNOWN)); + assertThat(analysis.diagnosis, is(notNullValue())); + assertThat(analysis.diagnosis.cause, containsString("not known")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-status.html#unknown")); + assertThat(analysis.impact, is(notNullValue())); + assertThat(analysis.impact.id, containsString("not_processing")); + assertThat(analysis.impact.impactAreas, contains(ImpactArea.PIPELINE_EXECUTION)); + } + + static PipelineIndicator.Details detailsForStatus(PipelineIndicator.Status status) { + return new PipelineIndicator.Details(status); + } + } + + public static class FlowWorkerUtilizationProbeTest { + + private static final String WORKER_UTILIZATION = "worker_utilization"; + private static final PipelineIndicator.FlowWorkerUtilizationProbe flowWorkerUtilizationProbe = new PipelineIndicator.FlowWorkerUtilizationProbe(); + + @Test + public void testFlowWorkerUtilizationNew() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.GREEN)); + } + + @Test + public void testFlowWorkerUtilizationOK() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 38.4, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.GREEN)); + } + + @Test + public void testFlowWorkerUtilizationNearlyBlockedOneMinute() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 97.1, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis.cause, containsString("nearly blocked")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-flow-worker-utilization.html#nearly-blocked-1m")); + } + + @Test + public void testFlowWorkerUtilizationCompletelyBlockedOneMinute() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 100, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis.cause, containsString("completely blocked")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-flow-worker-utilization.html#blocked-1m")); + } + + @Test + public void testFlowWorkerUtilizationNearlyBlockedFiveMinutes() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 97.1, 96.1, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis.cause, containsString("nearly blocked")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-flow-worker-utilization.html#nearly-blocked-5m")); + } + + @Test + public void testFlowWorkerUtilizationCompletelyBlockedFiveMinutes() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 100, 100, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.RED)); + assertThat(analysis.diagnosis.cause, containsString("completely blocked")); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-flow-worker-utilization.html#blocked-5m")); + } + + @Test + public void testFlowWorkerUtilizationNearlyBlockedFiveMinutesRecovering() throws Exception { + final PipelineIndicator.Details details = detailsForFlow(Map.of(WORKER_UTILIZATION, flowAnalysis(30.2, 79, 97, 87.0))); + + Probe.Analysis analysis = flowWorkerUtilizationProbe.analyze(details); + assertThat(analysis.status, is(Status.YELLOW)); + assertThat(analysis.diagnosis.cause, both(containsString("nearly blocked")).and(containsString("recovering"))); + assertThat(analysis.diagnosis.helpUrl, containsString("/health-report-pipeline-flow-worker-utilization.html#nearly-blocked-5m")); + } + + private static PipelineIndicator.Details detailsForFlow(final Map> flow) { + return detailsForFlow(PipelineIndicator.Status.RUNNING, flow); + } + + private static PipelineIndicator.Details detailsForFlow(final PipelineIndicator.Status status, final Map> flow) { + return new PipelineIndicator.Details(status, new PipelineIndicator.FlowObservation(flow)); + } + + private static Map flowAnalysis(final double current, final double lifetime) { + return Map.of("current", current, "lifetime", lifetime); + } + private static Map flowAnalysis(final double current, final double lastOneMinute, final double lifetime) { + return Map.of("current", current, "last_1_minute", lastOneMinute, "lifetime", lifetime); + } + private static Map flowAnalysis(final double current, final double lastOneMinute, final double lastFiveMinutes, final double lifetime) { + return Map.of("current", current, "last_1_minute", lastOneMinute, "last_5_minutes", lastFiveMinutes, "lifetime", lifetime); + } + } +} \ No newline at end of file From 6064587bc48d2e542cf7be7022f4e7cbcd661afa Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Fri, 11 Oct 2024 15:26:53 +0200 Subject: [PATCH 070/290] Keeps global settings aligned across entities used in the test for StatsEventFactory Fixes a potential flaky test, due to shared (LogStash:SETTINGS) fixture across the test base. Forward port the commit 609155a61b693d7e38945b8e4a4aae4b7c27411b used to fix the non clean backport PR #16531 of #16525 to 8.x. LogStash:SETTINGS is used in the constructor of LogStash::Inputs::Metrics::StatsEventFactory to query the value of api.enabled. This PR keeps updated the value for the setting provided to the Agent constructor and to the StatsEventFactory. --- .../spec/monitoring/inputs/metrics/stats_event_factory_spec.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb b/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb index 90387e5cb..b37b13a26 100644 --- a/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb +++ b/x-pack/spec/monitoring/inputs/metrics/stats_event_factory_spec.rb @@ -59,6 +59,8 @@ describe LogStash::Inputs::Metrics::StatsEventFactory do let(:agent_task) { start_agent(agent) } before :each do + @existing_api_enabled = LogStash::SETTINGS.get_value("api.enabled") + LogStash::SETTINGS.set_value("api.enabled", webserver_enabled) agent agent_task @@ -86,6 +88,7 @@ describe LogStash::Inputs::Metrics::StatsEventFactory do after :each do agent.shutdown agent_task.wait + LogStash::SETTINGS.set_value("api.enabled", @existing_api_enabled) LogStash::SETTINGS.set_value("monitoring.enabled", false) end From 8cd0fa8767cc63b579e6f9ac4927c2eb51858ea9 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 11 Oct 2024 21:22:29 +0100 Subject: [PATCH 071/290] refactor log for event_api.tags.illegal (#16545) - add `obsoleted_version` and remove `deprecated_msg` from `deprecated_option` for consistent warning message --- logstash-core/lib/logstash/patches/clamp.rb | 15 ++++++--------- logstash-core/lib/logstash/runner.rb | 2 +- logstash-core/locales/en.yml | 2 -- logstash-core/spec/logstash/runner_spec.rb | 2 +- 4 files changed, 8 insertions(+), 13 deletions(-) diff --git a/logstash-core/lib/logstash/patches/clamp.rb b/logstash-core/lib/logstash/patches/clamp.rb index ad690d776..1fc953718 100644 --- a/logstash-core/lib/logstash/patches/clamp.rb +++ b/logstash-core/lib/logstash/patches/clamp.rb @@ -79,16 +79,13 @@ module Clamp new_flag = opts[:new_flag] new_value = opts.fetch(:new_value, value) passthrough = opts.fetch(:passthrough, false) - deprecated_msg = opts[:deprecated_msg] + obsoleted_version = opts[:obsoleted_version] - LogStash::DeprecationMessage.instance << - if new_flag - "DEPRECATION WARNING: The flag #{option.switches} has been deprecated, please use \"--#{new_flag}=#{new_value}\" instead." - elsif deprecated_msg - deprecated_msg - else - "DEPRECATION WARNING: The flag #{option.switches} has been deprecated and may be removed in a future release." - end + dmsg = "DEPRECATION WARNING: The flag #{option.switches} has been deprecated" + dmsg += obsoleted_version.nil? ? " and may be removed in a future release" : " and will be removed in version #{obsoleted_version}" + dmsg += new_flag.nil? ? ".": ", please use \"--#{new_flag}=#{new_value}\" instead." + + LogStash::DeprecationMessage.instance << dmsg if passthrough LogStash::SETTINGS.set(option.attribute_name, value) diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 27d3e6005..20119d904 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -267,7 +267,7 @@ class LogStash::Runner < Clamp::StrictCommand I18n.t("logstash.runner.flag.event_api.tags.illegal"), :default => LogStash::SETTINGS.get_default("event_api.tags.illegal"), :attribute_name => "event_api.tags.illegal", :passthrough => true, - :deprecated_msg => I18n.t("logstash.runner.tags-illegal-deprecated") + :obsoleted_version => "9" # We configure the registry and load any plugin that can register hooks # with logstash, this needs to be done before any operation. diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index ac2319554..2521a6825 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -139,8 +139,6 @@ en: configtest-flag-information: |- You may be interested in the '--configtest' flag which you can use to validate logstash's configuration before you choose to restart a running system. - tags-illegal-deprecated: >- - The flag '--event_api.tags.illegal' is deprecated and will be removed in version 9. tags-illegal-warning: >- Setting `event_api.tags.illegal` to `warn` allows illegal values in the reserved `tags` field, which may crash pipeline unexpectedly. This flag is deprecated and will be removed in version 9. diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index cb07fde6d..0408e9de1 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -384,7 +384,7 @@ describe LogStash::Runner do let(:runner_deprecation_logger_stub) { double("DeprecationLogger(Runner)").as_null_object } let(:args) { ["--event_api.tags.illegal", "warn", "-e", pipeline_string] } before(:each) { allow(runner).to receive(:deprecation_logger).and_return(runner_deprecation_logger_stub) } - DEPRECATED_MSG="The flag '--event_api.tags.illegal' is deprecated and will be removed in version 9" + DEPRECATED_MSG="The flag [\"--event_api.tags.illegal\"] has been deprecated and will be removed in version 9" it "gives deprecation message when setting to `warn`" do expect(runner_deprecation_logger_stub).to receive(:deprecated) From 937a9ea49fdbe072bbadd88d8509cbeef20f686b Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Fri, 11 Oct 2024 15:10:11 -0700 Subject: [PATCH 072/290] docs: add health details for flow/worker_utilization (#16544) * docs: add health details for flow/worker_utilization * plus-append to indent flow details under flow --- .../monitoring/monitoring-apis.asciidoc | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/docs/static/monitoring/monitoring-apis.asciidoc b/docs/static/monitoring/monitoring-apis.asciidoc index 68b4a0b83..c9d8d7c70 100644 --- a/docs/static/monitoring/monitoring-apis.asciidoc +++ b/docs/static/monitoring/monitoring-apis.asciidoc @@ -528,6 +528,18 @@ This metric is expressed in events-per-second, and is the rate of events flowing | output_throughput | This metric is expressed in events-per-second, and is the rate of events flowing through the output phase of the pipeline(s) relative to wall-clock time (`events.out` / second). +| [[flow-pipeline-worker_utilization]]worker_utilization | +This is a unitless metric that indicates the percentage of allocated worker time being utilized (`duration` / (`uptime` * `pipeline.workers`). +It is useful for identifying whether a pipeline has the resources it needs to complete its work. + +A _pipeline_ is considered "saturated" when `worker_utilization` approaches 100, because it indicates that all of its workers are being kept busy. +This is typically an indication of either downstream back-pressure or insufficient resources allocated to the pipeline. +Tuning a saturated pipeline to have more workers can often work to increase that pipeline's throughput and decrease back-pressure to its queue, unless the pipeline is experiencing back-pressure from its outputs. + +A _pipeline_ is considered "starved" when `worker_utilization` approaches 0, because it indicates that none of its workers are being kept busy. +This is typically an indication that the inputs are not receiving or retrieving enough volume to keep the pipeline workers busy. +Tuning a starved pipeline to have fewer workers can help it to consume less memory and CPU, freeing up resources for other pipelines. + | worker_concurrency | This is a unitless metric representing the cumulative time spent by all workers relative to wall-clock time (`duration_in_millis` / millisecond). @@ -1335,4 +1347,25 @@ The details have contents and a structure that is unique to each indicator. `state`:: (string) The current state of the pipeline, including whether it is `loading`, `running`, `finished`, or `terminated`. ======== +`flow`:: +(object) A mapping of `` to its rate values in various windows. ++ +.Available ``-s: +[%collapsible%open] +========== +`worker_utilization`::: A unitless metric indicating the percent of allocated worker-time that is being spent processing work (see: <>). +========== ++ +.Properties of each `` are the value of the metric over various windows of time: +[%collapsible%open] +========== +`current`::: the near-instantaneous _current_ rate +`last_1_minute`::: the rate over the last minute (available when the pipeline has been running for at least one minute) +`last_5_minutes`::: the rate over the last five minutes (available when the pipeline has been running for at least five minutes) +`last_15_minutes`::: the rate over the last fifteen minutes (available when the pipeline has been running for at least fifteen minutes) +`last_1_hour`::: the rate over the last hour (available when the pipeline has been running for at least one hour) +`last_24_hours`::: the rate over the last twenty-four hours (available when the pipeline has been running for at least twenty-four hours) +`lifetime`::: the _lifetime_ rate, since the pipeline was started +========== + ==== From fc119df24ab9e8ecf40a0c0e90742063f4a0806a Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Mon, 14 Oct 2024 11:10:15 -0400 Subject: [PATCH 073/290] Doc: Update 8.15.0 release notes to future proof link (#16554) --- docs/static/releasenotes.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 0151b278a..902fa4463 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -204,7 +204,7 @@ This new image flavor builds on top of a smaller and more secure base image, and * Logstash {logstash-ref}/monitoring-with-ea.html[monitoring doc] improvements https://github.com/elastic/logstash/pull/16208[#16208] * Add ecs and datastream requirement for {logstash-ref}/ea-integrations.html#es-tips[integration filter] https://github.com/elastic/logstash/pull/16268[#16268] * Remove reference to puppet {ls} module https://github.com/elastic/logstash/pull/12356[#12356] -* Add section to describe intended usage of {logstash-ref}/jvm-settings.html#reducing-off-heap-usage[`pipeline.buffer.type`] https://github.com/elastic/logstash/pull/16083[#16083] +* Add section to describe intended usage of https://www.elastic.co/guide/en/logstash/8.15/jvm-settings.html#reducing-off-heap-usage[`pipeline.buffer.type`] https://github.com/elastic/logstash/pull/16083[#16083] * Reposition {logstash-ref}/node-stats-api.html#pipeline-stats[`worker-utilization`] stat for better placement and flow https://github.com/elastic/logstash/pull/16337[#16337] * Add {logstash-ref}/performance-troubleshooting.html[tuning guidance] based on Flow metrics https://github.com/elastic/logstash/pull/16289[#16289] From b571e8f3e30284e3ecf3844d2a7ad00ae5018450 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 15 Oct 2024 14:03:53 +0100 Subject: [PATCH 074/290] remove deprecated modules netflow, fb_apache and azure (#16514) This commit removes files related to netflow, fb_apache and azure modules Fix: #16357 --- docs/index.asciidoc | 4 - docs/static/modules.asciidoc | 2 - modules/README.md | 98 +- modules/fb_apache/README.md | 4 - .../elasticsearch/fb_apache.json | 674 -- .../dashboard/Filebeat-Apache2-Dashboard.json | 13 - .../kibana/dashboard/fb_apache.json | 1 - .../kibana/index-pattern/fb_apache.json | 6 - .../kibana/search/Apache2-access-logs.json | 19 - .../kibana/search/Apache2-errors-log.json | 19 - .../Apache2-access-unique-IPs-map.json | 11 - .../visualization/Apache2-browsers.json | 11 - .../Apache2-error-logs-over-time.json | 11 - .../Apache2-operating-systems.json | 11 - .../Apache2-response-codes-of-top-URLs.json | 11 - .../Apache2-response-codes-over-time.json | 11 - .../configuration/logstash/fb_apache.conf.erb | 49 - modules/fb_apache/lib/logstash_registry.rb | 18 - modules/netflow/README.md | 27 - .../configuration/elasticsearch/netflow.json | 1052 --- .../04157d70-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../0809c1f0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../10584050-6234-11e7-8236-19b4b4941e22.json | 1 - .../310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../653cf1e0-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../a932b600-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../d7e31d40-6589-11e7-bfc3-d74b7bb89482.json | 1 - .../kibana/5.x/dashboard/netflow.json | 1 - .../kibana/5.x/index-pattern/netflow.json | 6 - .../0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../kibana/5.x/search/netflow.json | 1 - .../00248240-6593-11e7-b8de-af19b696fa44.json | 1 - .../02e25f10-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../04990fe0-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../0927de10-6556-11e7-b27e-8f8b3770f1df.json | 1 - .../0de63e90-6558-11e7-8547-3d133170b50d.json | 1 - .../1026edb0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../12ca1180-6593-11e7-9bf4-ed832088be20.json | 1 - .../1418ce10-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../16438600-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../178b0af0-6230-11e7-9a50-efc26ded795d.json | 1 - .../1e7d8770-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../1fa2c100-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../206d6e90-6593-11e7-8b83-5b2419db46fa.json | 1 - .../231fe630-6558-11e7-8547-3d133170b50d.json | 1 - .../23d6dc80-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../264fb270-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json | 1 - .../2aeac270-6230-11e7-84f1-9728c106b1b6.json | 1 - .../2c9567c0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../3026fe40-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../313a9880-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../324b0a00-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../326fae40-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../3277ea90-6578-11e7-8471-e5432f50acbd.json | 1 - .../399c9fe0-657e-11e7-bd38-dd04615e7f62.json | 1 - .../39e3dab0-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../39ecd800-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../3ee07620-6556-11e7-995a-3584c2c6482c.json | 1 - .../3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json | 1 - .../41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../43e698c0-657e-11e7-99b6-af4533b21b46.json | 1 - .../4440e130-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../44b3cb70-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../47d426a0-2fc8-11e7-8b06-97426538fddd.json | 1 - .../4898db90-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../4a548ff0-657e-11e7-9748-5d4091219eef.json | 1 - .../4a6f6030-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../4f3525d0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../51006340-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../52279a00-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../55be8550-655e-11e7-9dda-9f993e2ba58b.json | 1 - .../55f66b20-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../56a23ac0-628e-11e7-a842-b787fa3508ce.json | 1 - .../5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../5e58cc00-6556-11e7-995a-3584c2c6482c.json | 1 - .../5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../622844d0-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../64b144f0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../65f3b500-6557-11e7-87c3-994b88f84501.json | 1 - .../6702de70-2fca-11e7-8fcd-8dc6c60d4592.json | 1 - .../691cda40-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../69f864d0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../6a597070-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../6ad67290-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../6c67b990-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json | 1 - .../71272b10-6579-11e7-8471-e5432f50acbd.json | 1 - .../735d6c70-628e-11e7-a842-b787fa3508ce.json | 1 - .../73c37440-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../793a6f00-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../7f7aac00-2fc8-11e7-8bc1-177080983dbf.json | 1 - .../82fcfc50-657b-11e7-8471-e5432f50acbd.json | 1 - .../835e6090-6557-11e7-87c3-994b88f84501.json | 1 - .../836b2010-657e-11e7-9748-5d4091219eef.json | 1 - .../84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../8500a670-6579-11e7-8471-e5432f50acbd.json | 1 - .../87dbc0a0-657e-11e7-99b6-af4533b21b46.json | 1 - .../8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../8c6ce180-657e-11e7-bd38-dd04615e7f62.json | 1 - .../8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../8dcbcce0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../8f35efc0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../91ae4100-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../97f430b0-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../99382ab0-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../99c1a4a0-2f60-11e7-8936-6f5fd5520124.json | 1 - .../99e49de0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../9a4938d0-6592-11e7-b8de-af19b696fa44.json | 1 - .../9accd4a0-657a-11e7-8471-e5432f50acbd.json | 1 - .../9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../9f113d80-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../9f9e54b0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../a13402f0-6557-11e7-a3eb-4b30743c9370.json | 1 - .../a2099810-657b-11e7-8471-e5432f50acbd.json | 1 - .../a3541940-6556-11e7-a807-e52f264c6cfd.json | 1 - .../a4ade270-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json | 1 - .../a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json | 1 - .../a8eadac0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../af1425a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../af23cb20-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../b02faaf0-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../b13956f0-657a-11e7-8471-e5432f50acbd.json | 1 - .../b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../b2d02df0-6556-11e7-a807-e52f264c6cfd.json | 1 - .../b3e2af90-657b-11e7-8471-e5432f50acbd.json | 1 - .../b58e1380-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../b61f84d0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../b74bbb70-2fd6-11e7-a82c-3146dd695923.json | 1 - .../b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json | 1 - .../bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json | 1 - .../bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../bfec6260-6592-11e7-9bf4-ed832088be20.json | 1 - .../c4987cc0-657b-11e7-8471-e5432f50acbd.json | 1 - .../c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../c6319680-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../c6b36620-2fc8-11e7-87d6-cdce05879baf.json | 1 - .../ca786e30-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../caea3760-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d297fe60-2fd7-11e7-af27-99e728e71e91.json | 1 - .../d2a2db30-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../d4a408a0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../daa62090-6557-11e7-a3eb-4b30743c9370.json | 1 - .../dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../de9b3dd0-2fc8-11e7-844c-67b9b101127b.json | 1 - .../de9da770-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../e2a7fc60-6592-11e7-8b83-5b2419db46fa.json | 1 - .../e2f43d10-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../e3ef9130-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json | 1 - .../ef7699a0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../f11380e0-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../f2fea250-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../f5f79b00-6555-11e7-b27e-8f8b3770f1df.json | 1 - .../f687e140-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../f6be96c0-622f-11e7-abbc-93bb293f5057.json | 1 - .../f8731d50-2fd6-11e7-97a8-85d8d5a99269.json | 1 - .../fd081e50-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../kibana/5.x/visualization/netflow.json | 1 - .../04157d70-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../0809c1f0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../10584050-6234-11e7-8236-19b4b4941e22.json | 1 - .../310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../653cf1e0-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../a932b600-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../d7e31d40-6589-11e7-bfc3-d74b7bb89482.json | 1 - .../kibana/6.x/dashboard/netflow.json | 11 - .../kibana/6.x/index-pattern/netflow.json | 6 - .../0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../kibana/6.x/search/netflow.json | 1 - .../00248240-6593-11e7-b8de-af19b696fa44.json | 1 - .../02e25f10-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../0de63e90-6558-11e7-8547-3d133170b50d.json | 1 - .../1fa2c100-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../206d6e90-6593-11e7-8b83-5b2419db46fa.json | 1 - .../23d6dc80-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../264fb270-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json | 1 - .../2c9567c0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../3026fe40-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../324b0a00-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../326fae40-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../3277ea90-6578-11e7-8471-e5432f50acbd.json | 1 - .../399c9fe0-657e-11e7-bd38-dd04615e7f62.json | 1 - .../39ecd800-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../3ee07620-6556-11e7-995a-3584c2c6482c.json | 1 - .../3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json | 1 - .../4440e130-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../47d426a0-2fc8-11e7-8b06-97426538fddd.json | 1 - .../4898db90-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../4a548ff0-657e-11e7-9748-5d4091219eef.json | 1 - .../51006340-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../52279a00-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../55be8550-655e-11e7-9dda-9f993e2ba58b.json | 1 - .../56a23ac0-628e-11e7-a842-b787fa3508ce.json | 1 - .../5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../622844d0-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../64b144f0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../65f3b500-6557-11e7-87c3-994b88f84501.json | 1 - .../6702de70-2fca-11e7-8fcd-8dc6c60d4592.json | 1 - .../69f864d0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../6a597070-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../6ad67290-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../6c67b990-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../71272b10-6579-11e7-8471-e5432f50acbd.json | 1 - .../735d6c70-628e-11e7-a842-b787fa3508ce.json | 1 - .../793a6f00-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../82fcfc50-657b-11e7-8471-e5432f50acbd.json | 1 - .../836b2010-657e-11e7-9748-5d4091219eef.json | 1 - .../8500a670-6579-11e7-8471-e5432f50acbd.json | 1 - .../8c6ce180-657e-11e7-bd38-dd04615e7f62.json | 1 - .../8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../8dcbcce0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../91ae4100-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../97f430b0-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../99382ab0-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../99c1a4a0-2f60-11e7-8936-6f5fd5520124.json | 1 - .../9a4938d0-6592-11e7-b8de-af19b696fa44.json | 1 - .../9accd4a0-657a-11e7-8471-e5432f50acbd.json | 1 - .../9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../9f113d80-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../a13402f0-6557-11e7-a3eb-4b30743c9370.json | 1 - .../a2099810-657b-11e7-8471-e5432f50acbd.json | 1 - .../a3541940-6556-11e7-a807-e52f264c6cfd.json | 1 - .../a4ade270-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json | 1 - .../a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json | 1 - .../ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../b13956f0-657a-11e7-8471-e5432f50acbd.json | 1 - .../b3e2af90-657b-11e7-8471-e5432f50acbd.json | 1 - .../b58e1380-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../b61f84d0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json | 1 - .../bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../c4987cc0-657b-11e7-8471-e5432f50acbd.json | 1 - .../caea3760-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../d4a408a0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../de9da770-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../e2a7fc60-6592-11e7-8b83-5b2419db46fa.json | 1 - .../ef7699a0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../f5f79b00-6555-11e7-b27e-8f8b3770f1df.json | 1 - .../f6be96c0-622f-11e7-abbc-93bb293f5057.json | 1 - .../f8731d50-2fd6-11e7-97a8-85d8d5a99269.json | 1 - .../kibana/6.x/visualization/netflow.json | 1 - .../04157d70-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../0809c1f0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../10584050-6234-11e7-8236-19b4b4941e22.json | 1 - .../310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../653cf1e0-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../a932b600-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../d7e31d40-6589-11e7-bfc3-d74b7bb89482.json | 1 - .../kibana/7.x/dashboard/netflow.json | 1 - .../kibana/7.x/index-pattern/netflow.json | 6 - .../0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../kibana/7.x/search/netflow.json | 1 - .../00248240-6593-11e7-b8de-af19b696fa44.json | 1 - .../02e25f10-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../04990fe0-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../0927de10-6556-11e7-b27e-8f8b3770f1df.json | 1 - .../0de63e90-6558-11e7-8547-3d133170b50d.json | 1 - .../1026edb0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../12ca1180-6593-11e7-9bf4-ed832088be20.json | 1 - .../1418ce10-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../16438600-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../178b0af0-6230-11e7-9a50-efc26ded795d.json | 1 - .../1e7d8770-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../1fa2c100-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../206d6e90-6593-11e7-8b83-5b2419db46fa.json | 1 - .../231fe630-6558-11e7-8547-3d133170b50d.json | 1 - .../23d6dc80-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../264fb270-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json | 1 - .../2aeac270-6230-11e7-84f1-9728c106b1b6.json | 1 - .../2c9567c0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../3026fe40-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../313a9880-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../324b0a00-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../326fae40-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../3277ea90-6578-11e7-8471-e5432f50acbd.json | 1 - .../399c9fe0-657e-11e7-bd38-dd04615e7f62.json | 1 - .../39e3dab0-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../39ecd800-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../3ee07620-6556-11e7-995a-3584c2c6482c.json | 1 - .../3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json | 1 - .../41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../43e698c0-657e-11e7-99b6-af4533b21b46.json | 1 - .../4440e130-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../44b3cb70-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../47d426a0-2fc8-11e7-8b06-97426538fddd.json | 1 - .../4898db90-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../4a548ff0-657e-11e7-9748-5d4091219eef.json | 1 - .../4a6f6030-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../4f3525d0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../51006340-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../52279a00-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../55be8550-655e-11e7-9dda-9f993e2ba58b.json | 1 - .../55f66b20-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../56a23ac0-628e-11e7-a842-b787fa3508ce.json | 1 - .../5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../5e58cc00-6556-11e7-995a-3584c2c6482c.json | 1 - .../5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../622844d0-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../64b144f0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../65f3b500-6557-11e7-87c3-994b88f84501.json | 1 - .../6702de70-2fca-11e7-8fcd-8dc6c60d4592.json | 1 - .../691cda40-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../69f864d0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../6a597070-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../6ad67290-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../6c67b990-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json | 1 - .../71272b10-6579-11e7-8471-e5432f50acbd.json | 1 - .../735d6c70-628e-11e7-a842-b787fa3508ce.json | 1 - .../73c37440-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../793a6f00-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../7f7aac00-2fc8-11e7-8bc1-177080983dbf.json | 1 - .../82fcfc50-657b-11e7-8471-e5432f50acbd.json | 1 - .../835e6090-6557-11e7-87c3-994b88f84501.json | 1 - .../836b2010-657e-11e7-9748-5d4091219eef.json | 1 - .../84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../8500a670-6579-11e7-8471-e5432f50acbd.json | 1 - .../87dbc0a0-657e-11e7-99b6-af4533b21b46.json | 1 - .../8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../8c6ce180-657e-11e7-bd38-dd04615e7f62.json | 1 - .../8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../8dcbcce0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../8f35efc0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../91ae4100-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../97f430b0-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../99382ab0-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../99c1a4a0-2f60-11e7-8936-6f5fd5520124.json | 1 - .../99e49de0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../9a4938d0-6592-11e7-b8de-af19b696fa44.json | 1 - .../9accd4a0-657a-11e7-8471-e5432f50acbd.json | 1 - .../9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../9f113d80-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../9f9e54b0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../a13402f0-6557-11e7-a3eb-4b30743c9370.json | 1 - .../a2099810-657b-11e7-8471-e5432f50acbd.json | 1 - .../a3541940-6556-11e7-a807-e52f264c6cfd.json | 1 - .../a4ade270-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json | 1 - .../a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json | 1 - .../a8eadac0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../af1425a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../af23cb20-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../b02faaf0-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../b13956f0-657a-11e7-8471-e5432f50acbd.json | 1 - .../b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../b2d02df0-6556-11e7-a807-e52f264c6cfd.json | 1 - .../b3e2af90-657b-11e7-8471-e5432f50acbd.json | 1 - .../b58e1380-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../b61f84d0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../b74bbb70-2fd6-11e7-a82c-3146dd695923.json | 1 - .../b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json | 1 - .../bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json | 1 - .../bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../bfec6260-6592-11e7-9bf4-ed832088be20.json | 1 - .../c4987cc0-657b-11e7-8471-e5432f50acbd.json | 1 - .../c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../c6319680-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../c6b36620-2fc8-11e7-87d6-cdce05879baf.json | 1 - .../ca786e30-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../caea3760-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d297fe60-2fd7-11e7-af27-99e728e71e91.json | 1 - .../d2a2db30-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../d4a408a0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../daa62090-6557-11e7-a3eb-4b30743c9370.json | 1 - .../dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../de9b3dd0-2fc8-11e7-844c-67b9b101127b.json | 1 - .../de9da770-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../e2a7fc60-6592-11e7-8b83-5b2419db46fa.json | 1 - .../e2f43d10-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../e3ef9130-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json | 1 - .../ef7699a0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../f11380e0-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../f2fea250-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../f5f79b00-6555-11e7-b27e-8f8b3770f1df.json | 1 - .../f687e140-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../f6be96c0-622f-11e7-abbc-93bb293f5057.json | 1 - .../f8731d50-2fd6-11e7-97a8-85d8d5a99269.json | 1 - .../fd081e50-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../kibana/7.x/visualization/netflow.json | 1 - .../04157d70-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../0809c1f0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../10584050-6234-11e7-8236-19b4b4941e22.json | 1 - .../310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../653cf1e0-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../a932b600-2fd2-11e7-99ed-49759aed30f5.json | 1 - .../ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json | 1 - .../d7e31d40-6589-11e7-bfc3-d74b7bb89482.json | 1 - .../kibana/dashboard/netflow.json | 1 - .../kibana/index-pattern/netflow.json | 6 - .../0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../configuration/kibana/search/netflow.json | 1 - .../00248240-6593-11e7-b8de-af19b696fa44.json | 1 - .../02e25f10-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../04990fe0-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../0927de10-6556-11e7-b27e-8f8b3770f1df.json | 1 - .../0de63e90-6558-11e7-8547-3d133170b50d.json | 1 - .../1026edb0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../12ca1180-6593-11e7-9bf4-ed832088be20.json | 1 - .../1418ce10-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../16438600-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../178b0af0-6230-11e7-9a50-efc26ded795d.json | 1 - .../1e7d8770-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../1fa2c100-6592-11e7-bfc3-d74b7bb89482.json | 1 - .../206d6e90-6593-11e7-8b83-5b2419db46fa.json | 1 - .../231fe630-6558-11e7-8547-3d133170b50d.json | 1 - .../23d6dc80-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../264fb270-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json | 1 - .../2aeac270-6230-11e7-84f1-9728c106b1b6.json | 1 - .../2c9567c0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../3026fe40-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../313a9880-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../324b0a00-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../326fae40-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../3277ea90-6578-11e7-8471-e5432f50acbd.json | 1 - .../399c9fe0-657e-11e7-bd38-dd04615e7f62.json | 1 - .../39e3dab0-2fcb-11e7-befb-31e033c79e4e.json | 1 - .../39ecd800-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../3ee07620-6556-11e7-995a-3584c2c6482c.json | 1 - .../3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json | 1 - .../41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../43e698c0-657e-11e7-99b6-af4533b21b46.json | 1 - .../4440e130-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../44b3cb70-2fd6-11e7-bc99-41245d9394f2.json | 1 - .../47d426a0-2fc8-11e7-8b06-97426538fddd.json | 1 - .../4898db90-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../4a548ff0-657e-11e7-9748-5d4091219eef.json | 1 - .../4a6f6030-6558-11e7-bea4-0f5fadb995cc.json | 1 - .../4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json | 1 - .../4f3525d0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../51006340-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../52279a00-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../55be8550-655e-11e7-9dda-9f993e2ba58b.json | 1 - .../55f66b20-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../56a23ac0-628e-11e7-a842-b787fa3508ce.json | 1 - .../5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json | 1 - .../5e58cc00-6556-11e7-995a-3584c2c6482c.json | 1 - .../5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../622844d0-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../64b144f0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../65f3b500-6557-11e7-87c3-994b88f84501.json | 1 - .../6702de70-2fca-11e7-8fcd-8dc6c60d4592.json | 1 - .../691cda40-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../69f864d0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../6a597070-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../6ad67290-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../6c67b990-628c-11e7-95ed-8966ac93bd5a.json | 1 - .../6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json | 1 - .../71272b10-6579-11e7-8471-e5432f50acbd.json | 1 - .../735d6c70-628e-11e7-a842-b787fa3508ce.json | 1 - .../73c37440-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../793a6f00-2fdd-11e7-afd7-595689f3f18c.json | 1 - .../7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../7f7aac00-2fc8-11e7-8bc1-177080983dbf.json | 1 - .../82fcfc50-657b-11e7-8471-e5432f50acbd.json | 1 - .../835e6090-6557-11e7-87c3-994b88f84501.json | 1 - .../836b2010-657e-11e7-9748-5d4091219eef.json | 1 - .../84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json | 1 - .../8500a670-6579-11e7-8471-e5432f50acbd.json | 1 - .../87dbc0a0-657e-11e7-99b6-af4533b21b46.json | 1 - .../8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../8c6ce180-657e-11e7-bd38-dd04615e7f62.json | 1 - .../8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../8dcbcce0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../8f35efc0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../91ae4100-6288-11e7-bcd8-a16ef1d32773.json | 1 - .../97f430b0-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../99382ab0-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../99c1a4a0-2f60-11e7-8936-6f5fd5520124.json | 1 - .../99e49de0-2fcc-11e7-842d-39925ea8ac40.json | 1 - .../9a4938d0-6592-11e7-b8de-af19b696fa44.json | 1 - .../9accd4a0-657a-11e7-8471-e5432f50acbd.json | 1 - .../9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json | 1 - .../9f113d80-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../9f9e54b0-2fd6-11e7-a82c-3146dd695923.json | 1 - .../a13402f0-6557-11e7-a3eb-4b30743c9370.json | 1 - .../a2099810-657b-11e7-8471-e5432f50acbd.json | 1 - .../a3541940-6556-11e7-a807-e52f264c6cfd.json | 1 - .../a4ade270-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json | 1 - .../a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json | 1 - .../a8eadac0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json | 1 - .../af1425a0-2fc7-11e7-8936-6f5fd5520124.json | 1 - .../af23cb20-2fc9-11e7-8224-a900ea73fa5f.json | 1 - .../b02faaf0-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../b13956f0-657a-11e7-8471-e5432f50acbd.json | 1 - .../b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json | 1 - .../b2d02df0-6556-11e7-a807-e52f264c6cfd.json | 1 - .../b3e2af90-657b-11e7-8471-e5432f50acbd.json | 1 - .../b58e1380-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../b61f84d0-6289-11e7-bcd8-a16ef1d32773.json | 1 - .../b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../b74bbb70-2fd6-11e7-a82c-3146dd695923.json | 1 - .../b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json | 1 - .../bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json | 1 - .../bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json | 1 - .../bfec6260-6592-11e7-9bf4-ed832088be20.json | 1 - .../c4987cc0-657b-11e7-8471-e5432f50acbd.json | 1 - .../c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json | 1 - .../c6319680-2fc9-11e7-823a-89e4bb55eaa1.json | 1 - .../c6b36620-2fc8-11e7-87d6-cdce05879baf.json | 1 - .../ca786e30-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../caea3760-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d297fe60-2fd7-11e7-af27-99e728e71e91.json | 1 - .../d2a2db30-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../d4a408a0-671a-11e7-b5b8-29fbded8e37c.json | 1 - .../d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json | 1 - .../d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json | 1 - .../daa62090-6557-11e7-a3eb-4b30743c9370.json | 1 - .../dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json | 1 - .../de9b3dd0-2fc8-11e7-844c-67b9b101127b.json | 1 - .../de9da770-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../e2a7fc60-6592-11e7-8b83-5b2419db46fa.json | 1 - .../e2f43d10-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../e3ef9130-658a-11e7-bfc3-d74b7bb89482.json | 1 - .../e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json | 1 - .../ef7699a0-6719-11e7-b5b8-29fbded8e37c.json | 1 - .../f11380e0-6591-11e7-bfc3-d74b7bb89482.json | 1 - .../f2fea250-2fcb-11e7-8df8-b363df28ab61.json | 1 - .../f5f79b00-6555-11e7-b27e-8f8b3770f1df.json | 1 - .../f687e140-622d-11e7-b0a5-e9bda2f6d168.json | 1 - .../f6be96c0-622f-11e7-abbc-93bb293f5057.json | 1 - .../f8731d50-2fd6-11e7-97a8-85d8d5a99269.json | 1 - .../fd081e50-6556-11e7-be5f-c5cca8dd73b6.json | 1 - .../kibana/visualization/netflow.json | 1 - .../dictionaries/iana_protocol_numbers.yml | 138 - .../dictionaries/iana_service_names_dccp.yml | 8 - .../dictionaries/iana_service_names_sctp.yml | 68 - .../dictionaries/iana_service_names_tcp.yml | 5842 ----------------- .../dictionaries/iana_service_names_udp.yml | 5515 ---------------- .../logstash/dictionaries/tcp_flags.yml | 256 - .../configuration/logstash/netflow.conf.erb | 627 -- modules/netflow/lib/logstash_registry.rb | 18 - x-pack/lib/x-pack/logstash_registry.rb | 5 +- x-pack/modules/azure/README.md | 115 - .../configuration/elasticsearch/azure.json | 44 - .../06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json | 12 - .../16302750-1223-11e8-8c94-a3d8d0cfd62b.json | 12 - .../91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json | 12 - .../9adef750-08b0-11e8-93e5-299e2b5c963a.json | 12 - .../aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json | 12 - .../kibana/6.x/dashboard/azure.json | 8 - .../f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json | 12 - .../kibana/6.x/index-pattern/azure.json | 5 - .../3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json | 17 - .../5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json | 17 - .../9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json | 16 - .../f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json | 20 - .../009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json | 10 - .../053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json | 10 - .../13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json | 10 - .../15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json | 10 - .../176bd440-1226-11e8-8c94-a3d8d0cfd62b.json | 10 - .../19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json | 10 - .../1c509130-0853-11e8-93e5-299e2b5c963a.json | 10 - .../1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2060bce0-0840-11e8-adb5-e1a2d559cdf5.json | 10 - .../20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json | 10 - .../23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json | 10 - .../25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json | 10 - .../27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json | 10 - .../33072240-137f-11e8-8c94-a3d8d0cfd62b.json | 10 - .../35de9400-1526-11e8-8c94-a3d8d0cfd62b.json | 10 - .../381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json | 10 - .../3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json | 10 - .../418ce210-07e4-11e8-adb5-e1a2d559cdf5.json | 10 - .../4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json | 10 - .../518cb600-0842-11e8-adb5-e1a2d559cdf5.json | 10 - .../5465b680-0809-11e8-adb5-e1a2d559cdf5.json | 10 - .../59510c50-0c9e-11e8-93e5-299e2b5c963a.json | 10 - .../5c934df0-07db-11e8-adb5-e1a2d559cdf5.json | 10 - .../5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json | 10 - .../5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json | 10 - .../5ff32870-08a4-11e8-93e5-299e2b5c963a.json | 10 - .../647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json | 10 - .../65e23580-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../68bd4dd0-0851-11e8-93e5-299e2b5c963a.json | 10 - .../68dd8530-083f-11e8-adb5-e1a2d559cdf5.json | 10 - .../6bab50c0-0877-11e8-93e5-299e2b5c963a.json | 10 - .../6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json | 10 - .../727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json | 10 - .../72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json | 10 - .../74680350-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../79085650-0985-11e8-93e5-299e2b5c963a.json | 10 - .../7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json | 10 - .../820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json | 10 - .../849be630-0985-11e8-93e5-299e2b5c963a.json | 10 - .../85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json | 10 - .../880a53f0-080f-11e8-adb5-e1a2d559cdf5.json | 10 - .../88dcf980-084c-11e8-93e5-299e2b5c963a.json | 10 - .../890f3af0-093a-11e8-93e5-299e2b5c963a.json | 10 - .../8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json | 10 - .../90045780-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../90ed5940-0850-11e8-93e5-299e2b5c963a.json | 10 - .../934c6780-138b-11e8-8c94-a3d8d0cfd62b.json | 10 - .../94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json | 10 - .../983722f0-087b-11e8-93e5-299e2b5c963a.json | 10 - .../9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json | 10 - .../a0340090-1389-11e8-8c94-a3d8d0cfd62b.json | 10 - .../a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json | 10 - .../aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json | 10 - .../af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json | 10 - .../b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json | 10 - .../b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json | 10 - .../be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json | 10 - .../cf876780-0c98-11e8-93e5-299e2b5c963a.json | 10 - .../d02c64c0-08a0-11e8-93e5-299e2b5c963a.json | 10 - .../d49fb650-0851-11e8-93e5-299e2b5c963a.json | 10 - .../db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json | 10 - .../de505970-1396-11e8-8c94-a3d8d0cfd62b.json | 10 - .../df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json | 10 - .../e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json | 10 - .../e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json | 10 - .../e9391690-1226-11e8-8c94-a3d8d0cfd62b.json | 10 - .../eafc2880-0850-11e8-93e5-299e2b5c963a.json | 10 - .../eb4363d0-0986-11e8-93e5-299e2b5c963a.json | 10 - .../ebeaf080-08ac-11e8-93e5-299e2b5c963a.json | 10 - .../f057a350-138a-11e8-8c94-a3d8d0cfd62b.json | 10 - .../f0d7f540-0c97-11e8-93e5-299e2b5c963a.json | 10 - .../f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json | 10 - .../f819a870-0c9d-11e8-93e5-299e2b5c963a.json | 10 - .../f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json | 10 - .../fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json | 10 - .../06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json | 12 - .../16302750-1223-11e8-8c94-a3d8d0cfd62b.json | 12 - .../91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json | 12 - .../9adef750-08b0-11e8-93e5-299e2b5c963a.json | 12 - .../aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json | 12 - .../kibana/7.x/dashboard/azure.json | 8 - .../f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json | 12 - .../kibana/7.x/index-pattern/azure.json | 5 - .../3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json | 17 - .../5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json | 17 - .../9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json | 16 - .../f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json | 20 - .../009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json | 10 - .../053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json | 10 - .../0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json | 10 - .../13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json | 10 - .../15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json | 10 - .../176bd440-1226-11e8-8c94-a3d8d0cfd62b.json | 10 - .../19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json | 10 - .../1c509130-0853-11e8-93e5-299e2b5c963a.json | 10 - .../1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2060bce0-0840-11e8-adb5-e1a2d559cdf5.json | 10 - .../20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json | 10 - .../23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json | 10 - .../25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json | 10 - .../27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json | 10 - .../2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json | 10 - .../33072240-137f-11e8-8c94-a3d8d0cfd62b.json | 10 - .../35de9400-1526-11e8-8c94-a3d8d0cfd62b.json | 10 - .../381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json | 10 - .../3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json | 10 - .../418ce210-07e4-11e8-adb5-e1a2d559cdf5.json | 10 - .../4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json | 10 - .../518cb600-0842-11e8-adb5-e1a2d559cdf5.json | 10 - .../5465b680-0809-11e8-adb5-e1a2d559cdf5.json | 10 - .../59510c50-0c9e-11e8-93e5-299e2b5c963a.json | 10 - .../5c934df0-07db-11e8-adb5-e1a2d559cdf5.json | 10 - .../5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json | 10 - .../5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json | 10 - .../5ff32870-08a4-11e8-93e5-299e2b5c963a.json | 10 - .../647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json | 10 - .../65e23580-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../68bd4dd0-0851-11e8-93e5-299e2b5c963a.json | 10 - .../68dd8530-083f-11e8-adb5-e1a2d559cdf5.json | 10 - .../6bab50c0-0877-11e8-93e5-299e2b5c963a.json | 10 - .../6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json | 10 - .../727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json | 10 - .../72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json | 10 - .../74680350-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../79085650-0985-11e8-93e5-299e2b5c963a.json | 10 - .../7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json | 10 - .../820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json | 10 - .../849be630-0985-11e8-93e5-299e2b5c963a.json | 10 - .../85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json | 10 - .../880a53f0-080f-11e8-adb5-e1a2d559cdf5.json | 10 - .../88dcf980-084c-11e8-93e5-299e2b5c963a.json | 10 - .../890f3af0-093a-11e8-93e5-299e2b5c963a.json | 10 - .../8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json | 10 - .../90045780-1382-11e8-8c94-a3d8d0cfd62b.json | 10 - .../90ed5940-0850-11e8-93e5-299e2b5c963a.json | 10 - .../934c6780-138b-11e8-8c94-a3d8d0cfd62b.json | 10 - .../94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json | 10 - .../983722f0-087b-11e8-93e5-299e2b5c963a.json | 10 - .../9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json | 10 - .../a0340090-1389-11e8-8c94-a3d8d0cfd62b.json | 10 - .../a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json | 10 - .../aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json | 10 - .../af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json | 10 - .../b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json | 10 - .../b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json | 10 - .../be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json | 10 - .../cf876780-0c98-11e8-93e5-299e2b5c963a.json | 10 - .../d02c64c0-08a0-11e8-93e5-299e2b5c963a.json | 10 - .../d49fb650-0851-11e8-93e5-299e2b5c963a.json | 10 - .../db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json | 10 - .../de505970-1396-11e8-8c94-a3d8d0cfd62b.json | 10 - .../df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json | 10 - .../e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json | 10 - .../e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json | 10 - .../e9391690-1226-11e8-8c94-a3d8d0cfd62b.json | 10 - .../eafc2880-0850-11e8-93e5-299e2b5c963a.json | 10 - .../eb4363d0-0986-11e8-93e5-299e2b5c963a.json | 10 - .../ebeaf080-08ac-11e8-93e5-299e2b5c963a.json | 10 - .../f057a350-138a-11e8-8c94-a3d8d0cfd62b.json | 10 - .../f0d7f540-0c97-11e8-93e5-299e2b5c963a.json | 10 - .../f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json | 10 - .../f819a870-0c9d-11e8-93e5-299e2b5c963a.json | 10 - .../f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json | 10 - .../fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json | 10 - .../fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json | 10 - .../configuration/logstash/azure.conf.erb | 59 - .../lib/azure_module_config_generator.rb | 101 - .../modules/azure/lib/filters/azure_event.rb | 248 - .../azure_module_config_generator_spec.rb | 143 - .../modules/azure/filters/azure_event_spec.rb | 496 -- .../samples/activity_log/administrative1.json | 84 - .../samples/activity_log/administrative2.json | 15 - .../samples/activity_log/administrative3.json | 53 - .../azure/samples/activity_log/alert1.json | 57 - .../azure/samples/activity_log/alert2.json | 16 - .../samples/activity_log/auto_scale1.json | 53 - .../samples/activity_log/auto_scale2.json | 50 - .../azure/samples/activity_log/security1.json | 56 - .../azure/samples/activity_log/security2.json | 12 - .../samples/activity_log/service_health1.json | 53 - .../samples/activity_log/service_health2.json | 16 - .../azure/samples/sql_diagnostics/blocks.json | 17 - .../database_wait_statistics.json | 20 - .../azure/samples/sql_diagnostics/errors.json | 20 - .../azure/samples/sql_diagnostics/metric.json | 11 - .../querystore_runtime_statistics.json | 42 - .../querystore_wait_statistics.json | 29 - .../samples/sql_diagnostics/sql_insights.json | 48 - .../samples/sql_diagnostics/timeouts.json | 16 - .../azure/samples/yaml/logstash.advanced.yml | 11 - .../yaml/logstash.advanced_invalid1.yml | 9 - .../yaml/logstash.advanced_invalid2.yml | 7 - .../azure/samples/yaml/logstash.basic.yml | 11 - .../samples/yaml/logstash.basic_invalid1.yml | 13 - .../samples/yaml/logstash.basic_invalid2.yml | 8 - 812 files changed, 3 insertions(+), 19038 deletions(-) delete mode 100644 modules/fb_apache/README.md delete mode 100644 modules/fb_apache/configuration/elasticsearch/fb_apache.json delete mode 100644 modules/fb_apache/configuration/kibana/dashboard/Filebeat-Apache2-Dashboard.json delete mode 100644 modules/fb_apache/configuration/kibana/dashboard/fb_apache.json delete mode 100644 modules/fb_apache/configuration/kibana/index-pattern/fb_apache.json delete mode 100644 modules/fb_apache/configuration/kibana/search/Apache2-access-logs.json delete mode 100644 modules/fb_apache/configuration/kibana/search/Apache2-errors-log.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-access-unique-IPs-map.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-browsers.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-error-logs-over-time.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-operating-systems.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-of-top-URLs.json delete mode 100644 modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-over-time.json delete mode 100644 modules/fb_apache/configuration/logstash/fb_apache.conf.erb delete mode 100644 modules/fb_apache/lib/logstash_registry.rb delete mode 100644 modules/netflow/README.md delete mode 100644 modules/netflow/configuration/elasticsearch/netflow.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/dashboard/netflow.json delete mode 100644 modules/netflow/configuration/kibana/5.x/index-pattern/netflow.json delete mode 100644 modules/netflow/configuration/kibana/5.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/search/netflow.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/5.x/visualization/netflow.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/dashboard/netflow.json delete mode 100644 modules/netflow/configuration/kibana/6.x/index-pattern/netflow.json delete mode 100644 modules/netflow/configuration/kibana/6.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/search/netflow.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/6.x/visualization/netflow.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/dashboard/netflow.json delete mode 100644 modules/netflow/configuration/kibana/7.x/index-pattern/netflow.json delete mode 100644 modules/netflow/configuration/kibana/7.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/search/netflow.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/7.x/visualization/netflow.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/dashboard/netflow.json delete mode 100644 modules/netflow/configuration/kibana/index-pattern/netflow.json delete mode 100644 modules/netflow/configuration/kibana/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/search/netflow.json delete mode 100644 modules/netflow/configuration/kibana/visualization/00248240-6593-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json delete mode 100644 modules/netflow/configuration/kibana/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/visualization/231fe630-6558-11e7-8547-3d133170b50d.json delete mode 100644 modules/netflow/configuration/kibana/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json delete mode 100644 modules/netflow/configuration/kibana/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json delete mode 100644 modules/netflow/configuration/kibana/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json delete mode 100644 modules/netflow/configuration/kibana/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json delete mode 100644 modules/netflow/configuration/kibana/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json delete mode 100644 modules/netflow/configuration/kibana/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json delete mode 100644 modules/netflow/configuration/kibana/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json delete mode 100644 modules/netflow/configuration/kibana/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json delete mode 100644 modules/netflow/configuration/kibana/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json delete mode 100644 modules/netflow/configuration/kibana/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/835e6090-6557-11e7-87c3-994b88f84501.json delete mode 100644 modules/netflow/configuration/kibana/visualization/836b2010-657e-11e7-9748-5d4091219eef.json delete mode 100644 modules/netflow/configuration/kibana/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json delete mode 100644 modules/netflow/configuration/kibana/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json delete mode 100644 modules/netflow/configuration/kibana/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json delete mode 100644 modules/netflow/configuration/kibana/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json delete mode 100644 modules/netflow/configuration/kibana/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json delete mode 100644 modules/netflow/configuration/kibana/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json delete mode 100644 modules/netflow/configuration/kibana/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json delete mode 100644 modules/netflow/configuration/kibana/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json delete mode 100644 modules/netflow/configuration/kibana/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json delete mode 100644 modules/netflow/configuration/kibana/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json delete mode 100644 modules/netflow/configuration/kibana/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json delete mode 100644 modules/netflow/configuration/kibana/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json delete mode 100644 modules/netflow/configuration/kibana/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json delete mode 100644 modules/netflow/configuration/kibana/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json delete mode 100644 modules/netflow/configuration/kibana/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json delete mode 100644 modules/netflow/configuration/kibana/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json delete mode 100644 modules/netflow/configuration/kibana/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json delete mode 100644 modules/netflow/configuration/kibana/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json delete mode 100644 modules/netflow/configuration/kibana/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json delete mode 100644 modules/netflow/configuration/kibana/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json delete mode 100644 modules/netflow/configuration/kibana/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json delete mode 100644 modules/netflow/configuration/kibana/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json delete mode 100644 modules/netflow/configuration/kibana/visualization/netflow.json delete mode 100644 modules/netflow/configuration/logstash/dictionaries/iana_protocol_numbers.yml delete mode 100644 modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml delete mode 100644 modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml delete mode 100644 modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml delete mode 100644 modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml delete mode 100644 modules/netflow/configuration/logstash/dictionaries/tcp_flags.yml delete mode 100644 modules/netflow/configuration/logstash/netflow.conf.erb delete mode 100644 modules/netflow/lib/logstash_registry.rb delete mode 100644 x-pack/modules/azure/README.md delete mode 100644 x-pack/modules/azure/configuration/elasticsearch/azure.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/azure.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/index-pattern/azure.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/6.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/azure.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/index-pattern/azure.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/kibana/7.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json delete mode 100644 x-pack/modules/azure/configuration/logstash/azure.conf.erb delete mode 100644 x-pack/modules/azure/lib/azure_module_config_generator.rb delete mode 100644 x-pack/modules/azure/lib/filters/azure_event.rb delete mode 100644 x-pack/spec/modules/azure/azure_module_config_generator_spec.rb delete mode 100644 x-pack/spec/modules/azure/filters/azure_event_spec.rb delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/administrative1.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/administrative2.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/administrative3.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/alert1.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/alert2.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/auto_scale1.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/auto_scale2.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/security1.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/security2.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/service_health1.json delete mode 100644 x-pack/spec/modules/azure/samples/activity_log/service_health2.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/blocks.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/database_wait_statistics.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/errors.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/metric.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_runtime_statistics.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_wait_statistics.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/sql_insights.json delete mode 100644 x-pack/spec/modules/azure/samples/sql_diagnostics/timeouts.json delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.advanced.yml delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid1.yml delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid2.yml delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.basic.yml delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid1.yml delete mode 100644 x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid2.yml diff --git a/docs/index.asciidoc b/docs/index.asciidoc index adbd2ce6a..87c8040e7 100644 --- a/docs/index.asciidoc +++ b/docs/index.asciidoc @@ -142,10 +142,6 @@ include::static/modules.asciidoc[] include::static/arcsight-module.asciidoc[] -include::static/netflow-module.asciidoc[] - -include::static/azure-module.asciidoc[] - // Working with Filebeat Modules include::static/filebeat-modules.asciidoc[] diff --git a/docs/static/modules.asciidoc b/docs/static/modules.asciidoc index b47e24074..8b596e96a 100644 --- a/docs/static/modules.asciidoc +++ b/docs/static/modules.asciidoc @@ -7,8 +7,6 @@ visualizing it with purpose-built dashboards. These modules are available: * <> -* <> -* <> Each module comes pre-packaged with Logstash configurations, Kibana dashboards, and other meta files that make it easier for you to set up the Elastic Stack for diff --git a/modules/README.md b/modules/README.md index a1cbe3b62..eaced0a77 100644 --- a/modules/README.md +++ b/modules/README.md @@ -1,96 +1,2 @@ -# Module settings and structure - -## settings - -### logstash.yml - -``` -modules: - - name: netflow - var.output.elasticsearch.host: "es.mycloud.com" - var.output.elasticsearch.user: "foo" - var.output.elasticsearch.password: "password" - var.input.tcp.port: 5606 -``` - -### command-line - -``` -bin/logstash \ - --modules netflow \ - -M "netflow.var.output.elasticsearch.host=es.mycloud.com" \ - -M "netflow.var.output.elasticsearch.user=foo" \ - -M "netflow.var.output.elasticsearch.password=password" \ - -M "netflow.var.input.tcp.port=5606" -``` - -## Current Gem structure -``` -GEM File structure -logstash-module-netflow -├── configuration -│ ├── elasticsearch -│ │ └── netflow.json -│ ├── kibana -│ │ ├── dashboard -│ │ │ └── netflow.json (contains '["dash1", "dash2"]') -│ │ │ └── dash1.json ("panelJSON" contains refs to visualization panels 1,2 and search 1) -│ │ │ └── dash2.json ("panelJSON" contains refs to visualization panel 3 and search 2) -│ │ ├── index-pattern -| | | └── netflow.json -│ │ ├── search -| | | └── search1.json -| | | └── search2.json -│ │ └── vizualization -| | | └── panel1.json -| | | └── panel2.json -| | | └── panel3.json -│ └── logstash -│ └── netflow.conf.erb -├── lib -│ └── logstash_registry.rb -└── logstash-module-netflow.gemspec -``` -## Proposed multi-version Gem structure -``` -GEM File structure -logstash-module-netflow -├── configuration -│ ├── elasticsearch -│ │ └── netflow.json -│ ├── kibana -│ │ ├── dashboard -│ │ │ └── netflow.json (contains '{"v5.5.0": ["dash1", "dash2"], "v6.0.4": ["dash1", "dash2"]') -│ │ │ └── v5.5.0 -│ │ │ | └── dash1.json ("panelJSON" contains refs to visualization panels 1,2 and search 1) -│ │ │ | └── dash2.json ("panelJSON" contains refs to visualization panel 3 and search 2) -│ │ │ └── v6.0.4 -│ │ │ └── dash1.json ("panelJSON" contains refs to visualization panels 1,2 and search 1) -│ │ │ └── dash2.json ("panelJSON" contains refs to visualization panel 3 and search 2) -│ │ ├── index-pattern -│ │ │ └── v5 -| | | | └── netflow.json -│ │ │ └── v6 -| | | └── netflow.json -│ │ ├── search -│ │ │ └── v5 -| | | | └── search1.json -| | | | └── search2.json -│ │ │ └── v6 -| | | └── search1.json -| | | └── search2.json -│ │ └── vizualization -│ │ │ └── v5 -| | | | └── panel1.json -| | | | └── panel2.json -| | | | └── panel3.json -│ │ │ └── v6 -| | | └── panel1.json -| | | └── panel2.json -| | | └── panel3.json -│ └── logstash -│ └── netflow.conf.erb -├── lib -│ └── logstash_registry.rb -└── logstash-module-netflow.gemspec -``` +This file keeps `/modules` non empty for build. +Keep the file until Arcsight module is removed. \ No newline at end of file diff --git a/modules/fb_apache/README.md b/modules/fb_apache/README.md deleted file mode 100644 index 6e8faeb24..000000000 --- a/modules/fb_apache/README.md +++ /dev/null @@ -1,4 +0,0 @@ -# IMPORTANT - -This module is only here for testing and should not be used in production. - diff --git a/modules/fb_apache/configuration/elasticsearch/fb_apache.json b/modules/fb_apache/configuration/elasticsearch/fb_apache.json deleted file mode 100644 index 1c1a6bbed..000000000 --- a/modules/fb_apache/configuration/elasticsearch/fb_apache.json +++ /dev/null @@ -1,674 +0,0 @@ -{ - "mappings": { - "_meta": { - "version": "5.4.0" - }, - "date_detection": false, - "dynamic_templates": [ - { - "strings_as_keyword": { - "mapping": { - "ignore_above": 1024, - "type": "keyword" - }, - "match_mapping_type": "string" - } - } - ], - "properties": { - "@timestamp": { - "type": "date" - }, - "apache2": { - "properties": { - "access": { - "properties": { - "agent": { - "norms": false, - "type": "text" - }, - "body_sent": { - "properties": { - "bytes": { - "type": "long" - } - } - }, - "geoip": { - "properties": { - "continent_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "location": { - "type": "geo_point" - } - } - }, - "http_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "method": { - "ignore_above": 1024, - "type": "keyword" - }, - "referrer": { - "ignore_above": 1024, - "type": "keyword" - }, - "remote_ip": { - "ignore_above": 1024, - "type": "keyword" - }, - "response_code": { - "type": "long" - }, - "url": { - "ignore_above": 1024, - "type": "keyword" - }, - "user_agent": { - "properties": { - "device": { - "ignore_above": 1024, - "type": "keyword" - }, - "major": { - "type": "long" - }, - "minor": { - "type": "long" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "os": { - "ignore_above": 1024, - "type": "keyword" - }, - "os_major": { - "type": "long" - }, - "os_minor": { - "type": "long" - }, - "os_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "patch": { - "type": "long" - } - } - }, - "user_name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "error": { - "properties": { - "client": { - "ignore_above": 1024, - "type": "keyword" - }, - "level": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "norms": false, - "type": "text" - }, - "module": { - "ignore_above": 1024, - "type": "keyword" - }, - "pid": { - "type": "long" - }, - "tid": { - "type": "long" - } - } - } - } - }, - "auditd": { - "properties": { - "log": { - "properties": { - "a0": { - "ignore_above": 1024, - "type": "keyword" - }, - "acct": { - "ignore_above": 1024, - "type": "keyword" - }, - "geoip": { - "properties": { - "city_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "continent_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "location": { - "type": "geo_point" - }, - "region_name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "item": { - "ignore_above": 1024, - "type": "keyword" - }, - "items": { - "ignore_above": 1024, - "type": "keyword" - }, - "new_auid": { - "ignore_above": 1024, - "type": "keyword" - }, - "new_ses": { - "ignore_above": 1024, - "type": "keyword" - }, - "old_auid": { - "ignore_above": 1024, - "type": "keyword" - }, - "old_ses": { - "ignore_above": 1024, - "type": "keyword" - }, - "pid": { - "ignore_above": 1024, - "type": "keyword" - }, - "ppid": { - "ignore_above": 1024, - "type": "keyword" - }, - "record_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "res": { - "ignore_above": 1024, - "type": "keyword" - }, - "sequence": { - "type": "long" - } - } - } - } - }, - "beat": { - "properties": { - "hostname": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "error": { - "ignore_above": 1024, - "type": "keyword" - }, - "fields": { - "properties": {} - }, - "fileset": { - "properties": { - "module": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "input_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "norms": false, - "type": "text" - }, - "meta": { - "properties": { - "cloud": { - "properties": { - "availability_zone": { - "ignore_above": 1024, - "type": "keyword" - }, - "instance_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "machine_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "project_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "provider": { - "ignore_above": 1024, - "type": "keyword" - }, - "region": { - "ignore_above": 1024, - "type": "keyword" - } - } - } - } - }, - "mysql": { - "properties": { - "error": { - "properties": { - "level": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "norms": false, - "type": "text" - }, - "thread_id": { - "type": "long" - }, - "timestamp": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "slowlog": { - "properties": { - "host": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "type": "long" - }, - "ip": { - "ignore_above": 1024, - "type": "keyword" - }, - "lock_time": { - "properties": { - "sec": { - "type": "float" - } - } - }, - "query": { - "ignore_above": 1024, - "type": "keyword" - }, - "query_time": { - "properties": { - "sec": { - "type": "float" - } - } - }, - "rows_examined": { - "type": "long" - }, - "rows_sent": { - "type": "long" - }, - "timestamp": { - "type": "long" - }, - "user": { - "ignore_above": 1024, - "type": "keyword" - } - } - } - } - }, - "nginx": { - "properties": { - "access": { - "properties": { - "agent": { - "norms": false, - "type": "text" - }, - "body_sent": { - "properties": { - "bytes": { - "type": "long" - } - } - }, - "geoip": { - "properties": { - "continent_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "location": { - "type": "geo_point" - } - } - }, - "http_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "method": { - "ignore_above": 1024, - "type": "keyword" - }, - "referrer": { - "ignore_above": 1024, - "type": "keyword" - }, - "remote_ip": { - "ignore_above": 1024, - "type": "keyword" - }, - "response_code": { - "type": "long" - }, - "url": { - "ignore_above": 1024, - "type": "keyword" - }, - "user_agent": { - "properties": { - "device": { - "ignore_above": 1024, - "type": "keyword" - }, - "major": { - "type": "long" - }, - "minor": { - "type": "long" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "os": { - "ignore_above": 1024, - "type": "keyword" - }, - "os_major": { - "type": "long" - }, - "os_minor": { - "type": "long" - }, - "os_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "patch": { - "type": "long" - } - } - }, - "user_name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "error": { - "properties": { - "connection_id": { - "type": "long" - }, - "level": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "norms": false, - "type": "text" - }, - "pid": { - "type": "long" - }, - "tid": { - "type": "long" - } - } - } - } - }, - "offset": { - "type": "long" - }, - "read_timestamp": { - "ignore_above": 1024, - "type": "keyword" - }, - "source": { - "ignore_above": 1024, - "type": "keyword" - }, - "system": { - "properties": { - "auth": { - "properties": { - "groupadd": { - "properties": { - "gid": { - "type": "long" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hostname": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "ignore_above": 1024, - "type": "keyword" - }, - "pid": { - "type": "long" - }, - "program": { - "ignore_above": 1024, - "type": "keyword" - }, - "ssh": { - "properties": { - "dropped_ip": { - "type": "ip" - }, - "event": { - "ignore_above": 1024, - "type": "keyword" - }, - "geoip": { - "properties": { - "city_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "continent_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "location": { - "type": "geo_point" - }, - "region_name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "ip": { - "type": "ip" - }, - "method": { - "ignore_above": 1024, - "type": "keyword" - }, - "port": { - "type": "long" - }, - "signature": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "sudo": { - "properties": { - "command": { - "ignore_above": 1024, - "type": "keyword" - }, - "error": { - "ignore_above": 1024, - "type": "keyword" - }, - "pwd": { - "ignore_above": 1024, - "type": "keyword" - }, - "tty": { - "ignore_above": 1024, - "type": "keyword" - }, - "user": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "timestamp": { - "ignore_above": 1024, - "type": "keyword" - }, - "user": { - "ignore_above": 1024, - "type": "keyword" - }, - "useradd": { - "properties": { - "gid": { - "type": "long" - }, - "home": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "shell": { - "ignore_above": 1024, - "type": "keyword" - }, - "uid": { - "type": "long" - } - } - } - } - }, - "syslog": { - "properties": { - "hostname": { - "ignore_above": 1024, - "type": "keyword" - }, - "message": { - "ignore_above": 1024, - "type": "keyword" - }, - "pid": { - "ignore_above": 1024, - "type": "keyword" - }, - "program": { - "ignore_above": 1024, - "type": "keyword" - }, - "timestamp": { - "ignore_above": 1024, - "type": "keyword" - } - } - } - } - }, - "tags": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "order": 0, - "settings": { - "index.mapping.total_fields.limit": 10000, - "index.refresh_interval": "5s" - }, - "index_patterns": "fb_apache-*" -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/dashboard/Filebeat-Apache2-Dashboard.json b/modules/fb_apache/configuration/kibana/dashboard/Filebeat-Apache2-Dashboard.json deleted file mode 100644 index 82612f05d..000000000 --- a/modules/fb_apache/configuration/kibana/dashboard/Filebeat-Apache2-Dashboard.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "hits": 0, - "timeRestore": false, - "description": "", - "title": "Filebeat Apache2 Dashboard", - "uiStateJSON": "{\"P-1\":{\"mapCenter\":[40.713955826286046,-0.17578125]}}", - "panelsJSON": "[{\"col\":1,\"id\":\"Apache2-access-unique-IPs-map\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Apache2-response-codes-of-top-URLs\",\"panelIndex\":2,\"row\":6,\"size_x\":8,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"Apache2-browsers\",\"panelIndex\":3,\"row\":6,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":11,\"id\":\"Apache2-operating-systems\",\"panelIndex\":4,\"row\":4,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Apache2-error-logs-over-time\",\"panelIndex\":5,\"row\":9,\"size_x\":12,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Apache2-response-codes-over-time\",\"panelIndex\":6,\"row\":4,\"size_x\":10,\"size_y\":2,\"type\":\"visualization\"},{\"id\":\"Apache2-errors-log\",\"type\":\"search\",\"panelIndex\":7,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":11,\"columns\":[\"apache2.error.client\",\"apache2.error.level\",\"apache2.error.module\",\"apache2.error.message\"],\"sort\":[\"@timestamp\",\"desc\"]}]", - "optionsJSON": "{\"darkTheme\":false}", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/dashboard/fb_apache.json b/modules/fb_apache/configuration/kibana/dashboard/fb_apache.json deleted file mode 100644 index bc849e9c4..000000000 --- a/modules/fb_apache/configuration/kibana/dashboard/fb_apache.json +++ /dev/null @@ -1 +0,0 @@ -["Filebeat-Apache2-Dashboard"] diff --git a/modules/fb_apache/configuration/kibana/index-pattern/fb_apache.json b/modules/fb_apache/configuration/kibana/index-pattern/fb_apache.json deleted file mode 100644 index c084edc2b..000000000 --- a/modules/fb_apache/configuration/kibana/index-pattern/fb_apache.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "fields": "[{\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"beat.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"beat.hostname\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"beat.version\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"@timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"date\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"tags\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"fields\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.provider\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.instance_id\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.machine_type\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.availability_zone\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.project_id\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"meta.cloud.region\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"source\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"offset\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"type\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"input_type\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"error\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"read_timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"fileset.module\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"fileset.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.remote_ip\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.method\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.url\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.http_version\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.response_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.body_sent.bytes\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.referrer\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"apache2.access.agent\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.device\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.major\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.minor\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.patch\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.os\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.os_major\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.os_minor\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.user_agent.os_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.geoip.continent_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.geoip.country_iso_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.access.geoip.location\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"geo_point\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.error.level\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.error.client\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"apache2.error.message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.error.pid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.error.tid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"apache2.error.module\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.record_type\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.old_auid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.new_auid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.old_ses\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.new_ses\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.sequence\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.acct\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.pid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.ppid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.items\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.item\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.a0\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.res\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.geoip.continent_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.geoip.city_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.geoip.region_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.geoip.country_iso_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"auditd.log.geoip.location\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"geo_point\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.error.timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.error.thread_id\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.error.level\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"mysql.error.message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.user\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.host\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.ip\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.query_time.sec\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.lock_time.sec\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.rows_sent\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.rows_examined\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.query\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"mysql.slowlog.id\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.remote_ip\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.method\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.url\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.http_version\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.response_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.body_sent.bytes\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.referrer\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"nginx.access.agent\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.device\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.major\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.minor\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.patch\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.os\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.os_major\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.os_minor\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.user_agent.os_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.geoip.continent_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.geoip.country_iso_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.access.geoip.location\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"geo_point\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.error.level\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.error.pid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.error.tid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"nginx.error.connection_id\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"nginx.error.message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.hostname\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.program\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.pid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.user\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.event\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.method\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.ip\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.dropped_ip\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.port\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.signature\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.geoip.continent_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.geoip.city_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.geoip.region_name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.geoip.country_iso_code\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.ssh.geoip.location\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"geo_point\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.sudo.error\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.sudo.tty\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.sudo.pwd\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.sudo.user\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.sudo.command\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.useradd.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.useradd.uid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.useradd.gid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.useradd.home\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.useradd.shell\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.groupadd.name\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.auth.groupadd.gid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"number\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.syslog.timestamp\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.syslog.hostname\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.syslog.program\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.syslog.pid\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"system.syslog.message\", \"searchable\": true, \"indexed\": true, \"doc_values\": true, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"_id\", \"searchable\": false, \"indexed\": false, \"doc_values\": false, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": true, \"name\": \"_type\", \"searchable\": true, \"indexed\": false, \"doc_values\": false, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"_index\", \"searchable\": false, \"indexed\": false, \"doc_values\": false, \"type\": \"string\", \"scripted\": false}, {\"count\": 0, \"analyzed\": false, \"aggregatable\": false, \"name\": \"_score\", \"searchable\": false, \"indexed\": false, \"doc_values\": false, \"type\": \"number\", \"scripted\": false}]", - "fieldFormatMap": "{\"@timestamp\": {\"id\": \"date\"}, \"nginx.access.body_sent.bytes\": {\"id\": \"bytes\"}, \"apache2.access.body_sent.bytes\": {\"id\": \"bytes\"}}", - "timeFieldName": "@timestamp", - "title": "fb_apache-*" -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/search/Apache2-access-logs.json b/modules/fb_apache/configuration/kibana/search/Apache2-access-logs.json deleted file mode 100644 index c637adaf9..000000000 --- a/modules/fb_apache/configuration/kibana/search/Apache2-access-logs.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "sort": [ - "@timestamp", - "desc" - ], - "hits": 0, - "description": "", - "title": "Apache2 access logs", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"fb_apache-*\",\"query\":{\"query_string\":{\"query\":\"_exists_:apache2.access\",\"analyze_wildcard\":true}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" - }, - "columns": [ - "apache2.access.remote_ip", - "apache2.access.method", - "apache2.access.url", - "apache2.access.response_code" - ] -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/search/Apache2-errors-log.json b/modules/fb_apache/configuration/kibana/search/Apache2-errors-log.json deleted file mode 100644 index 42cde4909..000000000 --- a/modules/fb_apache/configuration/kibana/search/Apache2-errors-log.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "sort": [ - "@timestamp", - "desc" - ], - "hits": 0, - "description": "", - "title": "Apache2 errors log", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"fb_apache-*\",\"query\":{\"query_string\":{\"query\":\"_exists_:apache2.error\",\"analyze_wildcard\":true}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" - }, - "columns": [ - "apache2.error.client", - "apache2.error.level", - "apache2.error.module", - "apache2.error.message" - ] -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-access-unique-IPs-map.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-access-unique-IPs-map.json deleted file mode 100644 index 2a6b48ca8..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-access-unique-IPs-map.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 access unique IPs map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[15,5],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"apache2.access.remote_ip\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.geoip.location\",\"autoPrecision\":true}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 access unique IPs map", - "uiStateJSON": "{\"mapCenter\":[14.944784875088372,5.09765625]}", - "version": 1, - "savedSearchId": "Apache2-access-logs", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-browsers.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-browsers.json deleted file mode 100644 index db6bd7b8e..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-browsers.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 browsers\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"apache2.access.remote_ip\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.user_agent.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.user_agent.major\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 browsers", - "uiStateJSON": "{}", - "version": 1, - "savedSearchId": "Apache2-access-logs", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-error-logs-over-time.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-error-logs-over-time.json deleted file mode 100644 index caab40732..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-error-logs-over-time.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 error logs over time\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"apache2.error.level\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 error logs over time", - "uiStateJSON": "{}", - "version": 1, - "savedSearchId": "Apache2-errors-log", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-operating-systems.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-operating-systems.json deleted file mode 100644 index 47f388e89..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-operating-systems.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 operating systems\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"apache2.access.remote_ip\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.user_agent.os_name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.user_agent.os_major\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 operating systems", - "uiStateJSON": "{}", - "version": 1, - "savedSearchId": "Apache2-access-logs", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-of-top-URLs.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-of-top-URLs.json deleted file mode 100644 index a7aba5f73..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-of-top-URLs.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 response codes of top URLs\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"apache2.access.url\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"URL\",\"row\":false}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"apache2.access.response_code\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 response codes of top URLs", - "uiStateJSON": "{\"vis\":{\"colors\":{\"200\":\"#7EB26D\",\"404\":\"#EF843C\"}}}", - "version": 1, - "savedSearchId": "Apache2-access-logs", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-over-time.json b/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-over-time.json deleted file mode 100644 index 7c24a1ea0..000000000 --- a/modules/fb_apache/configuration/kibana/visualization/Apache2-response-codes-over-time.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "visState": "{\"title\":\"Apache2 response codes over time\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"apache2.access.response_code\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", - "description": "", - "title": "Apache2 response codes over time", - "uiStateJSON": "{\"vis\":{\"colors\":{\"200\":\"#629E51\",\"404\":\"#EF843C\"}}}", - "version": 1, - "savedSearchId": "Apache2-access-logs", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[]}" - } -} \ No newline at end of file diff --git a/modules/fb_apache/configuration/logstash/fb_apache.conf.erb b/modules/fb_apache/configuration/logstash/fb_apache.conf.erb deleted file mode 100644 index f99616653..000000000 --- a/modules/fb_apache/configuration/logstash/fb_apache.conf.erb +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -input { - beats { - port => <%= setting('var.input.beats.port', '5044') %> - } -} - -filter { - grok { - match => { "message" => [ '%{IPORHOST:apache2.access.remote_ip} - %{DATA:apache2.access.user_name} \[%{HTTPDATE:apache2.access.time}\] "%{WORD:apache2.access.method} %{DATA:apache2.access.url} HTTP/%{NUMBER:apache2.access.http_version}" %{NUMBER:apache2.access.response_code} (?:%{NUMBER:apache2.access.body_sent.bytes}|-)( "%{DATA:apache2.access.referrer}")?( "%{DATA:apache2.access.agent}")?', '%{IPORHOST:apache2.access.remote_ip} - %{DATA:apache2.access.user_name} \[%{HTTPDATE:apache2.access.time}\] "-" %{NUMBER:apache2.access.response_code} -'] } - remove_field => [ "message" ] - } - - date { - match => [ "apache2.access.time", "dd/MMM/YYYY:HH:mm:ss Z" ] - remove_field => [ "apache2.access.time" ] - } - - useragent { - source => "apache2.access.agent" - target => "apache2.access.user_agent" - remove_field => [ "apache2.access.agent" ] - } - - geoip { - source => "apache2.access.remote_ip" - target => "apache2.access.geoip" - } -} - -output { - <%= elasticsearch_output_config() %> -} diff --git a/modules/fb_apache/lib/logstash_registry.rb b/modules/fb_apache/lib/logstash_registry.rb deleted file mode 100644 index 53edefa05..000000000 --- a/modules/fb_apache/lib/logstash_registry.rb +++ /dev/null @@ -1,18 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -LogStash::PLUGIN_REGISTRY.add(:modules, "fb_apache", LogStash::Modules::Scaffold.new("fb_apache", File.join(File.dirname(__FILE__), "..", "configuration"))) diff --git a/modules/netflow/README.md b/modules/netflow/README.md deleted file mode 100644 index d745af6e9..000000000 --- a/modules/netflow/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# Netflow Module README - -## Configuration - -There is only one variable associated with netflow, which is the port on which to listen for traffic. - -The default port is `2055`. - -For Elasticsearch-specific configuration—which is common to all modules—see the official Logstash documentation. - -### Launching from the command-line - -``` -$LS_HOME/bin/logstash --modules netflow -M netflow.var.input.udp.port=XXXX -``` - -### Adding to `logstash.yml` - -Ensure these lines are properly added to your `logstash.yml`: - -``` -modules: - - name: netflow - var.input.udp.port: XXXX -``` - -With this properly configured, when Logstash is started, it will run the module. \ No newline at end of file diff --git a/modules/netflow/configuration/elasticsearch/netflow.json b/modules/netflow/configuration/elasticsearch/netflow.json deleted file mode 100644 index fede75f70..000000000 --- a/modules/netflow/configuration/elasticsearch/netflow.json +++ /dev/null @@ -1,1052 +0,0 @@ -{ - "order": 0, - "index_patterns": "netflow-*", - "mappings": { - "_meta": { - "version": "8.0.0" - }, - "dynamic_templates": [ - { - "application_id": { - "path_match": "netflow.application_id", - "mapping": { - "type": "integer" - } - } - }, - { - "bgp_ipv4_next_hop": { - "path_match": "netflow.bgp_ipv4_next_hop", - "mapping": { - "type": "ip" - } - } - }, - { - "bgp_ipv6_next_hop": { - "path_match": "netflow.bgp_ipv6_next_hop", - "mapping": { - "type": "ip" - } - } - }, - { - "conn_id": { - "path_match": "netflow.conn_id", - "mapping": { - "type": "integer" - } - } - }, - { - "dst_as": { - "path_match": "netflow.dst_as", - "mapping": { - "type": "integer" - } - } - }, - { - "dst_tos": { - "path_match": "netflow.dst_tos", - "mapping": { - "type": "integer" - } - } - }, - { - "dst_vlan": { - "path_match": "netflow.dst_vlan", - "mapping": { - "type": "integer" - } - } - }, - { - "engine_id": { - "path_match": "netflow.engine_id", - "mapping": { - "type": "integer" - } - } - }, - { - "engine_type": { - "path_match": "netflow.engine_type", - "mapping": { - "type": "integer" - } - } - }, - { - "event_time_msec": { - "path_match": "netflow.event_time_msec", - "mapping": { - "type": "long" - } - } - }, - { - "flow_active_timeout": { - "path_match": "netflow.flow_active_timeout", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_end_reason": { - "path_match": "netflow.flow_end_reason", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_inactive_timeout": { - "path_match": "netflow.flow_inactive_timeout", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_records": { - "path_match": "netflow.flow_records", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_sampler_id": { - "path_match": "netflow.flow_sampler_id", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_sampler_mode": { - "path_match": "netflow.flow_sampler_mode", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_sampler_random_interval": { - "path_match": "netflow.flow_sampler_random_interval", - "mapping": { - "type": "integer" - } - } - }, - { - "flow_start_msec": { - "path_match": "netflow.flow_start_msec", - "mapping": { - "type": "long" - } - } - }, - { - "flows": { - "path_match": "netflow.flows", - "mapping": { - "type": "integer" - } - } - }, - { - "flowset_id": { - "path_match": "netflow.flowset_id", - "mapping": { - "type": "integer" - } - } - }, - { - "fw_event": { - "path_match": "netflow.fw_event", - "mapping": { - "type": "integer" - } - } - }, - { - "fw_ext_event": { - "path_match": "netflow.fw_ext_event", - "mapping": { - "type": "integer" - } - } - }, - { - "fwd_flow_delta_bytes": { - "path_match": "netflow.fwd_flow_delta_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "icmp_code": { - "path_match": "netflow.icmp_code", - "mapping": { - "type": "integer" - } - } - }, - { - "icmp_code_ipv6": { - "path_match": "netflow.icmp_code_ipv6", - "mapping": { - "type": "integer" - } - } - }, - { - "icmp_type": { - "path_match": "netflow.icmp_type", - "mapping": { - "type": "integer" - } - } - }, - { - "icmp_type_ipv6": { - "path_match": "netflow.icmp_type_ipv6", - "mapping": { - "type": "integer" - } - } - }, - { - "if_desc": { - "path_match": "netflow.if_desc", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "if_name": { - "path_match": "netflow.if_name", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "in_bytes": { - "path_match": "netflow.in_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "in_dst_mac": { - "path_match": "netflow.in_dst_mac", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "in_permanent_bytes": { - "path_match": "netflow.in_permanent_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "in_permanent_pkts": { - "path_match": "netflow.in_permanent_pkts", - "mapping": { - "type": "long" - } - } - }, - { - "in_pkts": { - "path_match": "netflow.in_pkts", - "mapping": { - "type": "long" - } - } - }, - { - "in_src_mac": { - "path_match": "netflow.in_src_mac", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "ip_protocol_version": { - "path_match": "netflow.ip_protocol_version", - "mapping": { - "type": "integer" - } - } - }, - { - "ipv4_dst_addr": { - "path_match": "netflow.ipv4_dst_addr", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv4_dst_prefix": { - "path_match": "netflow.ipv4_dst_prefix", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv4_ident": { - "path_match": "netflow.ipv4_ident", - "mapping": { - "type": "integer" - } - } - }, - { - "ipv4_next_hop": { - "path_match": "netflow.ipv4_next_hop", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv4_src_addr": { - "path_match": "netflow.ipv4_src_addr", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv4_src_prefix": { - "path_match": "netflow.ipv4_src_prefix", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv6_dst_addr": { - "path_match": "netflow.ipv6_dst_addr", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv6_dst_mask": { - "path_match": "netflow.ipv6_dst_mask", - "mapping": { - "type": "integer" - } - } - }, - { - "ipv6_flow_label": { - "path_match": "netflow.ipv6_flow_label", - "mapping": { - "type": "integer" - } - } - }, - { - "ipv6_next_hop": { - "path_match": "netflow.ipv6_next_hop", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv6_option_headers": { - "path_match": "netflow.ipv6_option_headers", - "mapping": { - "type": "integer" - } - } - }, - { - "ipv6_src_addr": { - "path_match": "netflow.ipv6_src_addr", - "mapping": { - "type": "ip" - } - } - }, - { - "ipv6_src_mask": { - "path_match": "netflow.ipv6_src_mask", - "mapping": { - "type": "integer" - } - } - }, - { - "l4_dst_port": { - "path_match": "netflow.l4_dst_port", - "mapping": { - "type": "integer" - } - } - }, - { - "l4_src_port": { - "path_match": "netflow.l4_src_port", - "mapping": { - "type": "integer" - } - } - }, - { - "max_pkt_length": { - "path_match": "netflow.max_pkt_length", - "mapping": { - "type": "integer" - } - } - }, - { - "max_ttl": { - "path_match": "netflow.max_ttl", - "mapping": { - "type": "integer" - } - } - }, - { - "min_pkt_length": { - "path_match": "netflow.min_pkt_length", - "mapping": { - "type": "integer" - } - } - }, - { - "min_ttl": { - "path_match": "netflow.min_ttl", - "mapping": { - "type": "integer" - } - } - }, - { - "mpls_label_stack_octets.bottom_of_stack": { - "path_match": "netflow.mpls_label_stack_octets.bottom_of_stack", - "mapping": { - "type": "integer" - } - } - }, - { - "mpls_label_stack_octets.experimental": { - "path_match": "netflow.mpls_label_stack_octets.experimental", - "mapping": { - "type": "integer" - } - } - }, - { - "mpls_label_stack_octets.label": { - "path_match": "netflow.mpls_label_stack_octets.label", - "mapping": { - "type": "integer" - } - } - }, - { - "mpls_label_stack_octets.ttl": { - "path_match": "netflow.mpls_label_stack_octets.ttl", - "mapping": { - "type": "integer" - } - } - }, - { - "mpls_top_label_ip_addr": { - "path_match": "netflow.mpls_top_label_ip_addr", - "mapping": { - "type": "ip" - } - } - }, - { - "mpls_top_label_type": { - "path_match": "netflow.mpls_top_label_type", - "mapping": { - "type": "integer" - } - } - }, - { - "mul_dst_bytes": { - "path_match": "netflow.mul_dst_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "mul_dst_pkts": { - "path_match": "netflow.mul_dst_pkts", - "mapping": { - "type": "long" - } - } - }, - { - "mul_igmp_type": { - "path_match": "netflow.mul_igmp_type", - "mapping": { - "type": "integer" - } - } - }, - { - "out_bytes": { - "path_match": "netflow.out_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "out_dst_mac": { - "path_match": "netflow.out_dst_mac", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "out_pkts": { - "path_match": "netflow.out_pkts", - "mapping": { - "type": "long" - } - } - }, - { - "out_src_mac": { - "path_match": "netflow.out_src_mac", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "rev_flow_delta_bytes": { - "path_match": "netflow.rev_flow_delta_bytes", - "mapping": { - "type": "long" - } - } - }, - { - "sampler_name": { - "path_match": "netflow.sampler_name", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "sampling_algorithm": { - "path_match": "netflow.sampling_algorithm", - "mapping": { - "type": "integer" - } - } - }, - { - "src_as": { - "path_match": "netflow.src_as", - "mapping": { - "type": "integer" - } - } - }, - { - "src_mask": { - "path_match": "netflow.src_mask", - "mapping": { - "type": "integer" - } - } - }, - { - "src_tos": { - "path_match": "netflow.src_tos", - "mapping": { - "type": "integer" - } - } - }, - { - "src_vlan": { - "path_match": "netflow.src_vlan", - "mapping": { - "type": "integer" - } - } - }, - { - "tcp_dst_port": { - "path_match": "netflow.tcp_dst_port", - "mapping": { - "type": "integer" - } - } - }, - { - "tcp_src_port": { - "path_match": "netflow.tcp_src_port", - "mapping": { - "type": "integer" - } - } - }, - { - "total_bytes_exp": { - "path_match": "netflow.total_bytes_exp", - "mapping": { - "type": "long" - } - } - }, - { - "total_flows_exp": { - "path_match": "netflow.total_flows_exp", - "mapping": { - "type": "long" - } - } - }, - { - "total_pkts_exp": { - "path_match": "netflow.total_pkts_exp", - "mapping": { - "type": "long" - } - } - }, - { - "udp_dst_port": { - "path_match": "netflow.udp_dst_port", - "mapping": { - "type": "integer" - } - } - }, - { - "udp_src_port": { - "path_match": "netflow.udp_src_port", - "mapping": { - "type": "integer" - } - } - }, - { - "username": { - "path_match": "netflow.username", - "mapping": { - "type": "keyword", - "norms": false - } - } - }, - { - "xlate_dst_addr_ipv4": { - "path_match": "netflow.xlate_dst_addr_ipv4", - "mapping": { - "type": "ip" - } - } - }, - { - "xlate_dst_addr_ipv6": { - "path_match": "netflow.xlate_dst_addr_ipv6", - "mapping": { - "type": "ip" - } - } - }, - { - "xlate_dst_port": { - "path_match": "netflow.xlate_dst_port", - "mapping": { - "type": "integer" - } - } - }, - { - "xlate_src_addr_ipv4": { - "path_match": "netflow.xlate_src_addr_ipv4", - "mapping": { - "type": "ip" - } - } - }, - { - "xlate_src_addr_ipv6": { - "path_match": "netflow.xlate_src_addr_ipv6", - "mapping": { - "type": "ip" - } - } - }, - { - "xlate_src_port": { - "path_match": "netflow.xlate_src_port", - "mapping": { - "type": "integer" - } - } - }, - { - "string_fields": { - "mapping": { - "norms": false, - "type": "keyword" - }, - "match_mapping_type": "string", - "match": "*" - } - } - ], - "properties": { - "@version": { - "type": "keyword" - }, - "@timestamp": { - "type": "date" - }, - "geoip": { - "dynamic": true, - "properties": { - "asn": { - "type": "keyword", - "norms": false - }, - "as_org": { - "type": "keyword", - "norms": false - }, - "autonomous_system": { - "type": "keyword", - "norms": false - }, - "city_name": { - "type": "keyword", - "norms": false - }, - "continent_code": { - "type": "keyword", - "norms": false - }, - "country_code2": { - "type": "keyword", - "norms": false - }, - "country_code3": { - "type": "keyword", - "norms": false - }, - "country_name": { - "type": "keyword", - "norms": false - }, - "dma_code": { - "type": "integer" - }, - "ip": { - "type": "ip" - }, - "latitude": { - "type": "float" - }, - "location": { - "type": "geo_point" - }, - "longitude": { - "type": "float" - }, - "postal_code": { - "type": "keyword", - "norms": false - }, - "region_code": { - "type": "keyword", - "norms": false - }, - "region_name": { - "type": "keyword", - "norms": false - }, - "timezone": { - "type": "keyword", - "norms": false - } - } - }, - "geoip_dst": { - "dynamic": true, - "properties": { - "asn": { - "type": "keyword", - "norms": false - }, - "as_org": { - "type": "keyword", - "norms": false - }, - "autonomous_system": { - "type": "keyword", - "norms": false - }, - "city_name": { - "type": "keyword", - "norms": false - }, - "continent_code": { - "type": "keyword", - "norms": false - }, - "country_code2": { - "type": "keyword", - "norms": false - }, - "country_code3": { - "type": "keyword", - "norms": false - }, - "country_name": { - "type": "keyword", - "norms": false - }, - "dma_code": { - "type": "integer" - }, - "ip": { - "type": "ip" - }, - "latitude": { - "type": "float" - }, - "location": { - "type": "geo_point" - }, - "longitude": { - "type": "float" - }, - "postal_code": { - "type": "keyword", - "norms": false - }, - "region_code": { - "type": "keyword", - "norms": false - }, - "region_name": { - "type": "keyword", - "norms": false - }, - "timezone": { - "type": "keyword", - "norms": false - } - } - }, - "geoip_src": { - "dynamic": true, - "properties": { - "asn": { - "type": "keyword", - "norms": false - }, - "as_org": { - "type": "keyword", - "norms": false - }, - "autonomous_system": { - "type": "keyword", - "norms": false - }, - "city_name": { - "type": "keyword", - "norms": false - }, - "continent_code": { - "type": "keyword", - "norms": false - }, - "country_code2": { - "type": "keyword", - "norms": false - }, - "country_code3": { - "type": "keyword", - "norms": false - }, - "country_name": { - "type": "keyword", - "norms": false - }, - "dma_code": { - "type": "integer" - }, - "ip": { - "type": "ip" - }, - "latitude": { - "type": "float" - }, - "location": { - "type": "geo_point" - }, - "longitude": { - "type": "float" - }, - "postal_code": { - "type": "keyword", - "norms": false - }, - "region_code": { - "type": "keyword", - "norms": false - }, - "region_name": { - "type": "keyword", - "norms": false - }, - "timezone": { - "type": "keyword", - "norms": false - } - } - }, - "netflow": { - "dynamic": true, - "type": "object", - "properties": { - "bytes": { - "type": "long" - }, - "direction": { - "type": "keyword", - "norms": false - }, - "dst_addr": { - "type": "ip" - }, - "dst_mask_len": { - "type": "integer" - }, - "dst_port": { - "type": "keyword", - "norms": false - }, - "dst_port_name": { - "type": "keyword", - "norms": false - }, - "first_switched": { - "type": "date" - }, - "flow_seq_num": { - "type": "long" - }, - "input_snmp": { - "type": "keyword", - "norms": false - }, - "ip_version": { - "type": "keyword", - "norms": false - }, - "last_switched": { - "type": "date" - }, - "next_hop": { - "type": "ip" - }, - "output_snmp": { - "type": "keyword", - "norms": false - }, - "packets": { - "type": "long" - }, - "protocol": { - "type": "keyword", - "norms": false - }, - "protocol_name": { - "type": "keyword", - "norms": false - }, - "sampling_interval": { - "type": "integer" - }, - "src_addr": { - "type": "ip" - }, - "src_mask_len": { - "type": "integer" - }, - "src_port": { - "type": "keyword", - "norms": false - }, - "src_port_name": { - "type": "keyword", - "norms": false - }, - "tcp_flags": { - "type": "integer" - }, - "tcp_flags_label": { - "type": "keyword", - "norms": false - }, - "tos": { - "type": "keyword", - "norms": false - }, - "version": { - "type": "keyword", - "norms": false - }, - "vlan": { - "type": "keyword", - "norms": false - } - } - } - } - }, - "aliases": { } -} diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 713735210..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Exporters", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f8731d50-2fd6-11e7-97a8-85d8d5a99269\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"caea3760-6591-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"1fa2c100-6592-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":2},{\"size_x\":6,\"size_y\":2,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"00248240-6593-11e7-b8de-af19b696fa44\",\"col\":7,\"row\":4},{\"size_x\":6,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"206d6e90-6593-11e7-8b83-5b2419db46fa\",\"col\":7,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"e2a7fc60-6592-11e7-8b83-5b2419db46fa\",\"col\":1,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":10,\"type\":\"visualization\",\"id\":\"9a4938d0-6592-11e7-b8de-af19b696fa44\",\"col\":1,\"row\":4}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 9c796b400..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Top-N", "uiStateJSON": "{\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-5\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-7\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-8\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":5,\"panelIndex\":2,\"type\":\"visualization\",\"id\":\"b58e1380-6719-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"9f113d80-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"02e25f10-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"ef7699a0-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"326fae40-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"51006340-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"d4a408a0-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":17},{\"size_x\":6,\"size_y\":5,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"7e9cb7e0-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":17}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json b/modules/netflow/configuration/kibana/5.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json deleted file mode 100644 index f4f375179..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Traffic Analysis", "uiStateJSON": "{\"P-15\":{\"vis\":{\"legendOpen\":true}},\"P-26\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-27\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-29\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-30\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-48\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-49\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-50\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-51\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-52\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-53\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":7,\"id\":\"6a597070-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":1,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"6c67b990-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":5,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"52279a00-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":6,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"622844d0-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":7,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"2c9567c0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":9,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b61f84d0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":10,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"6ad67290-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":11,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"91ae4100-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":12,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"735d6c70-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":13,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"56a23ac0-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":14,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"7c2cfd10-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":15,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a8b68cb0-2fc8-11e7-8d8b-45ec51795dad\",\"panelIndex\":16,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"5fd2fe30-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":17,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"47d426a0-2fc8-11e7-8b06-97426538fddd\",\"panelIndex\":18,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":19,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":20,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":21,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"324b0a00-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":23,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"9b5d3b80-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":24,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"65f3b500-6557-11e7-87c3-994b88f84501\",\"panelIndex\":25,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"55be8550-655e-11e7-9dda-9f993e2ba58b\",\"panelIndex\":26,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"3277ea90-6578-11e7-8471-e5432f50acbd\",\"panelIndex\":27,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"a3541940-6556-11e7-a807-e52f264c6cfd\",\"panelIndex\":28,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"8500a670-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":29,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"71272b10-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":30,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8d2cb120-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":31,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"99382ab0-6555-11e7-8d48-19b0c51bbbbd\",\"panelIndex\":34,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f5f79b00-6555-11e7-b27e-8f8b3770f1df\",\"panelIndex\":35,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"3ee07620-6556-11e7-995a-3584c2c6482c\",\"panelIndex\":38,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"caf2c4b0-6556-11e7-be5f-c5cca8dd73b6\",\"panelIndex\":42,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a13402f0-6557-11e7-a3eb-4b30743c9370\",\"panelIndex\":44,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"0de63e90-6558-11e7-8547-3d133170b50d\",\"panelIndex\":45,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"39ecd800-6558-11e7-bea4-0f5fadb995cc\",\"panelIndex\":47,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"9accd4a0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":48,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"b13956f0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":49,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":2,\"size_y\":2,\"panelIndex\":50,\"type\":\"visualization\",\"id\":\"a2099810-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":20},{\"size_x\":2,\"size_y\":2,\"panelIndex\":51,\"type\":\"visualization\",\"id\":\"c4987cc0-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":52,\"type\":\"visualization\",\"id\":\"b3e2af90-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":53,\"type\":\"visualization\",\"id\":\"82fcfc50-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":20}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 973bb0e48..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"a7a47e70-2fde-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":4,\"size_x\":12,\"size_y\":5,\"type\":\"visualization\"},{\"col\":9,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4440e130-2fdd-11e7-afd7-595689f3f18c\",\"panelIndex\":3,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"4898db90-2fdb-11e7-84e6-333bd21ad9fd\",\"panelIndex\":4,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":5,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/5.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 7421e03d0..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Overview", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":12,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"23d6dc80-2fd6-11e7-bc99-41245d9394f2\",\"panelIndex\":13,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"8dcbcce0-2fd6-11e7-a82c-3146dd695923\",\"panelIndex\":14,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":15,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":17,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":9,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":21,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":23,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f6be96c0-622f-11e7-abbc-93bb293f5057\",\"panelIndex\":24,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"3fa5f6f0-2fca-11e7-ab32-99f279b941ef\",\"panelIndex\":25,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":26,\"type\":\"visualization\",\"id\":\"64b144f0-658e-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":27,\"type\":\"visualization\",\"id\":\"a4ade270-658e-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":29,\"type\":\"visualization\",\"id\":\"3026fe40-658f-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":8}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/5.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 2afa15599..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Geo Location", "uiStateJSON": "{\"P-16\":{\"mapCenter\":[20.632784250388028,16.69921875],\"mapZoom\":2}}", "panelsJSON": "[{\"col\":5,\"id\":\"99c1a4a0-2f60-11e7-8936-6f5fd5520124\",\"panelIndex\":16,\"row\":2,\"size_x\":8,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":17,\"type\":\"visualization\",\"id\":\"6702de70-2fca-11e7-8fcd-8dc6c60d4592\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":18,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":1,\"row\":4},{\"size_x\":4,\"size_y\":2,\"panelIndex\":19,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":1,\"row\":6},{\"size_x\":12,\"size_y\":1,\"panelIndex\":20,\"type\":\"visualization\",\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":1}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 5e0a41544..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"P-3\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":4,\"id\":\"6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":2,\"row\":2,\"size_x\":9,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":3,\"row\":2,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":12,\"size_y\":4,\"panelIndex\":5,\"type\":\"search\",\"id\":\"0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":4,\"columns\":[\"netflow.src_addr\",\"netflow.src_port_name\",\"netflow.dst_addr\",\"netflow.dst_port_name\",\"netflow.protocol_name\",\"netflow.bytes\",\"netflow.packets\"],\"sort\":[\"@timestamp\",\"desc\"]}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9557f34a2..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Autonomous Systems", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8c6ce180-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":2,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"836b2010-657e-11e7-9748-5d4091219eef\",\"panelIndex\":3,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"399c9fe0-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":4,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4a548ff0-657e-11e7-9748-5d4091219eef\",\"panelIndex\":5,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"7aaa68d0-658a-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":9,\"row\":2}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/dashboard/netflow.json b/modules/netflow/configuration/kibana/5.x/dashboard/netflow.json deleted file mode 100644 index 57fb3d414..000000000 --- a/modules/netflow/configuration/kibana/5.x/dashboard/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["a932b600-2fd2-11e7-99ed-49759aed30f5", "10584050-6234-11e7-8236-19b4b4941e22", "d7e31d40-6589-11e7-bfc3-d74b7bb89482", "310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5", "653cf1e0-2fd2-11e7-99ed-49759aed30f5", "04157d70-6591-11e7-bfc3-d74b7bb89482", "ca480720-2fdf-11e7-9d02-3f49bde5c1d5", "0809c1f0-6719-11e7-b5b8-29fbded8e37c"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/index-pattern/netflow.json b/modules/netflow/configuration/kibana/5.x/index-pattern/netflow.json deleted file mode 100644 index 714ccae0f..000000000 --- a/modules/netflow/configuration/kibana/5.x/index-pattern/netflow.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title":"netflow-*", - "timeFieldName":"@timestamp", - "notExpandable":true, - "fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"geoip.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.direction\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_vlan\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.first_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_records\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_seq_num\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flowset_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.input_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_protocol_version\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.last_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.next_hop\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.output_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.packets\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_algorithm\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_interval\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flag_tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tos\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.vlan\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 77c89dbcb..000000000 --- a/modules/netflow/configuration/kibana/5.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"sort": ["@timestamp", "desc"], "hits": 0, "description": "", "title": "Netflow: Flow Records", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"highlightAll\":true,\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"version\":true}"}, "columns": ["netflow.src_addr", "netflow.src_port_name", "netflow.dst_addr", "netflow.dst_port_name", "netflow.protocol_name", "netflow.bytes", "netflow.packets"]} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/search/netflow.json b/modules/netflow/configuration/kibana/5.x/search/netflow.json deleted file mode 100644 index 733ef3aa6..000000000 --- a/modules/netflow/configuration/kibana/5.x/search/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/5.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 287e7eead..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index a29c7298e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Source Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Source Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9d5447463..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/5.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index ffef433ab..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/5.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 10bdcbf9f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/5.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index 72a927e76..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/5.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c4d99f23e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 044779e36..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/5.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index edeaa0c0f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json b/modules/netflow/configuration/kibana/5.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json deleted file mode 100644 index 0be4bd9ec..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 651863dc9..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8e85e5b5c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/5.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 780c8bfdd..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/5.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 41a84a30a..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/5.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index adc7f588e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/5.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d4c9cd130..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 824d78d96..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Dashboard Navigation\",\"type\":\"markdown\",\"params\":{\"markdown\":\"[Overview](#/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5) | [Conversation Partners](#/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5) | [Traffic Analysis](#/dashboard/10584050-6234-11e7-8236-19b4b4941e22) | [Top-N](#/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c) | [Geo Location](#/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5) | [Autonomous Systems](#/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482) | [Flow Exporters](#/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482) | [Raw Flow Records](#/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5)\\n***\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Dashboard Navigation", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json b/modules/netflow/configuration/kibana/5.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json deleted file mode 100644 index e0df55dfc..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/5.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index a90386061..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 439a66ec7..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/5.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index ea92c668c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/5.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index 14aa3dc20..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index dc7bc7990..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Protocols\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Protocols", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 7e635a2eb..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.src_addr\",\"customLabel\":\"Sources\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Source Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/5.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index 8502a7159..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/5.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index 4a175ff05..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/5.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index 321546703..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/5.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index 9f31eb410..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json b/modules/netflow/configuration/kibana/5.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json deleted file mode 100644 index 52ab78c12..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index cd08fa420..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/5.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index aa96a138b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/5.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 28d8290e5..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/5.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index 55b294e2f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json b/modules/netflow/configuration/kibana/5.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json deleted file mode 100644 index 1ce79aace..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/5.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d68f4c33d..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/5.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 041d8adc8..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/5.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index d5deb3d27..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/5.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index d58a47e30..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/5.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index dceaf28c9..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 002986eeb..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 72a9f6e4f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 5cb7ec44c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Autonomous Systems\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Autonomous Systems", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/5.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index d9e1be23c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json b/modules/netflow/configuration/kibana/5.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json deleted file mode 100644 index 65bdb5add..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Count\",\"type\":\"metric\",\"params\":{\"handleNoResults\":true,\"fontSize\":\"32\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.dst_addr\",\"customLabel\":\"Destinations\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Count", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/5.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 4e215a933..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/5.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index ac903fd95..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/5.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index 203bd5538..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/5.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index b05776a8c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 41433dc1d..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/5.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index d012edf9e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f5c588cf6..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/5.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index f84a2a03f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json b/modules/netflow/configuration/kibana/5.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json deleted file mode 100644 index cf3908f9c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/5.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index 3441317a1..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/5.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 6eea98f5d..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/5.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 8831c4f8f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index b66c1f49f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Flow Records\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.last_switched\",\"interval\":\"s\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timeline\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/5.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index b81b1fbd2..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/5.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index fadc7dfca..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json b/modules/netflow/configuration/kibana/5.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json deleted file mode 100644 index 6ce6aea70..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 92cecc9c6..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"customLabel\": \"Source Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/5.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index a36c13993..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4a690fc0b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/5.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 50fb5a1ed..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f59fe89db..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 0b476ff94..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 400104775..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 6130531e3..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Flow Exporters\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"host\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Flow Exporters", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json b/modules/netflow/configuration/kibana/5.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json deleted file mode 100644 index 819ce3c20..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index f818ef5ec..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"customLabel\":\"TCP Flag States\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/5.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index 077d090bf..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/5.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index 23c6fdcff..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/5.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index eda88c1d6..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index c178c829e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"customLabel\": \"Destination Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/5.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index 0870127bd..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 1834df905..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/5.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index e3fc1fd84..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/5.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 4b0204c67..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/5.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index d4303ca39..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/5.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index c3818b58b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/5.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39e5c1963..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 8e684f027..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/5.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 42b758d7e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json deleted file mode 100644 index bc876cd22..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Geo Location Heatmap\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Heatmap\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":\"0.32\",\"heatRadius\":\"24\",\"heatBlur\":\"16\",\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[15,5],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"precision\":2,\"customLabel\":\"Location\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Geo Location Heatmap", "uiStateJSON": "{\"mapCenter\":[8.407168163601076,9.4921875]}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/5.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index b33bf5844..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/5.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 5bf13524a..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 81e822cc4..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: ToS Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tos\",\"customLabel\":\"Types of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: ToS Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/5.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index b090e4edc..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 335b17d0b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destinations\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destinations", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/5.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index 5958480c9..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/5.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index 19fe02da6..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 2a0f7aa07..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous System Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.autonomous_system\",\"customLabel\":\"Autonomous Systems\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous System Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/5.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8b15e7be6..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9f1db8814..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 3ed157264..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Conversation Partners\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json b/modules/netflow/configuration/kibana/5.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json deleted file mode 100644 index 31e9491f3..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 78466c9b2..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Destination Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Destination Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 7a5f6bd30..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 46dcb5544..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/5.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 9a448e61a..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/5.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 392445794..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/5.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index 63c839f71..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index d0302eeda..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLAN Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.vlan\",\"customLabel\":\"VLANs\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLAN Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6dbda475a..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/5.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8c142fdb2..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index e2ed3b6e0..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Country Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.country_name\",\"customLabel\":\"Countries\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Country Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 79a84236c..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Sources\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Sources", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/5.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39cb5931b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/5.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 81a54099b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/5.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index dc66b8395..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json b/modules/netflow/configuration/kibana/5.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json deleted file mode 100644 index d69c6798d..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json b/modules/netflow/configuration/kibana/5.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json deleted file mode 100644 index 18f82618e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/5.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 6e50cf6d1..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/5.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c11358aed..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/5.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 721d37d97..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: City Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.city_name\",\"customLabel\":\"Cities\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: City Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4896722ab..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Source Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Source Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/5.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index b72f29aaa..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json b/modules/netflow/configuration/kibana/5.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json deleted file mode 100644 index 12569f797..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 33dee4b2b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index c614b431e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/5.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index c41547f1f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/5.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index bdf3d88ae..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json b/modules/netflow/configuration/kibana/5.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json deleted file mode 100644 index 3c083014e..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 2485949c8..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 121ee308b..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Cities\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":true,\"showTotal\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Country\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.city_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Cities", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/5.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 5726f7273..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/5.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 5140e74fc..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/5.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index bc4d21c02..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/5.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index b5c28766f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json b/modules/netflow/configuration/kibana/5.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json deleted file mode 100644 index 00f3c1814..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/5.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index e576bf57d..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/5.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 21445a0ce..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8caead0e1..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 21b84b4db..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json b/modules/netflow/configuration/kibana/5.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json deleted file mode 100644 index ce99c6763..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/5.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index d2e84a449..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destination Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destination Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/5.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6988e1057..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/5.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index d11744ec2..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/5.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index e0f66eec5..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/5.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index dd617f198..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json b/modules/netflow/configuration/kibana/5.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json deleted file mode 100644 index 8dcf4e344..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/5.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 05d2e79dc..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Flow Exporter\",\"field\":\"host\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"title\":\"Netflow: Flow Exporters (flow records)\",\"type\":\"pie\"}", "description": "", "title": "Netflow: Flow Exporters (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/5.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index 5a1e3199f..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/5.x/visualization/netflow.json b/modules/netflow/configuration/kibana/5.x/visualization/netflow.json deleted file mode 100644 index 3943af169..000000000 --- a/modules/netflow/configuration/kibana/5.x/visualization/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["39e3dab0-2fcb-11e7-befb-31e033c79e4e", "1026edb0-2fcc-11e7-842d-39925ea8ac40", "b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2", "99c1a4a0-2f60-11e7-8936-6f5fd5520124", "b02faaf0-2fcb-11e7-8df8-b363df28ab61", "d07a2870-2fcc-11e7-9bae-a35d2fe38fc2", "8f35efc0-2fcc-11e7-842d-39925ea8ac40", "de9da770-2fcb-11e7-8df8-b363df28ab61", "d8f24780-2fcc-11e7-9bae-a35d2fe38fc2", "99e49de0-2fcc-11e7-842d-39925ea8ac40", "f2fea250-2fcb-11e7-8df8-b363df28ab61", "ad5cb080-622e-11e7-b0a5-e9bda2f6d168", "7e9a7980-622e-11e7-b0a5-e9bda2f6d168", "97f430b0-622e-11e7-b0a5-e9bda2f6d168", "2aeac270-6230-11e7-84f1-9728c106b1b6", "178b0af0-6230-11e7-9a50-efc26ded795d", "f6be96c0-622f-11e7-abbc-93bb293f5057", "8d2cb120-6233-11e7-aa4b-5f8c56ec33b8", "6a597070-6233-11e7-aa4b-5f8c56ec33b8", "dcf88c60-6233-11e7-aa4b-5f8c56ec33b8", "6ad67290-6289-11e7-bcd8-a16ef1d32773", "2c9567c0-6289-11e7-bcd8-a16ef1d32773", "b61f84d0-6289-11e7-bcd8-a16ef1d32773", "52279a00-628c-11e7-95ed-8966ac93bd5a", "56a23ac0-628e-11e7-a842-b787fa3508ce", "735d6c70-628e-11e7-a842-b787fa3508ce", "a3541940-6556-11e7-a807-e52f264c6cfd", "f5f79b00-6555-11e7-b27e-8f8b3770f1df", "65f3b500-6557-11e7-87c3-994b88f84501", "b2d02df0-6556-11e7-a807-e52f264c6cfd", "0927de10-6556-11e7-b27e-8f8b3770f1df", "0de63e90-6558-11e7-8547-3d133170b50d", "a13402f0-6557-11e7-a3eb-4b30743c9370", "231fe630-6558-11e7-8547-3d133170b50d", "daa62090-6557-11e7-a3eb-4b30743c9370", "39ecd800-6558-11e7-bea4-0f5fadb995cc", "835e6090-6557-11e7-87c3-994b88f84501", "4a6f6030-6558-11e7-bea4-0f5fadb995cc", "a7a47e70-2fde-11e7-9d02-3f49bde5c1d5", "bb8e3d90-2fca-11e7-9fcf-99b4b8159f98", "6702de70-2fca-11e7-8fcd-8dc6c60d4592", "3fa5f6f0-2fca-11e7-ab32-99f279b941ef", "691cda40-2fc9-11e7-823a-89e4bb55eaa1", "49a2d6b0-2fc9-11e7-8224-a900ea73fa5f", "324b0a00-2fc9-11e7-bd31-a722d271a9cc", "c6319680-2fc9-11e7-823a-89e4bb55eaa1", "99382ab0-6555-11e7-8d48-19b0c51bbbbd", "6c67b990-628c-11e7-95ed-8966ac93bd5a", "ca786e30-622d-11e7-b0a5-e9bda2f6d168", "f687e140-622d-11e7-b0a5-e9bda2f6d168", "ac4cbc90-622d-11e7-b0a5-e9bda2f6d168", "d9fdbd80-6555-11e7-8d48-19b0c51bbbbd", "af23cb20-2fc9-11e7-8224-a900ea73fa5f", "9b5d3b80-2fc9-11e7-bd31-a722d271a9cc", "84e4c9f0-2fd7-11e7-97a8-85d8d5a99269", "69f864d0-2fd7-11e7-97a8-85d8d5a99269", "4dc994a0-2fd7-11e7-97a8-85d8d5a99269", "e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10", "b88a8790-2fd7-11e7-bd03-932d3e38a4ff", "d297fe60-2fd7-11e7-af27-99e728e71e91", "793a6f00-2fdd-11e7-afd7-595689f3f18c", "4440e130-2fdd-11e7-afd7-595689f3f18c", "af1425a0-2fc7-11e7-8936-6f5fd5520124", "4f3525d0-2fc7-11e7-8936-6f5fd5520124", "5fd2fe30-2fc7-11e7-8936-6f5fd5520124", "55f66b20-2fdd-11e7-afd7-595689f3f18c", "8a52f7a0-2fc7-11e7-8936-6f5fd5520124", "1e7d8770-2fc7-11e7-8936-6f5fd5520124", "7c2cfd10-2fc7-11e7-8936-6f5fd5520124", "9accd4a0-657a-11e7-8471-e5432f50acbd", "3277ea90-6578-11e7-8471-e5432f50acbd", "b13956f0-657a-11e7-8471-e5432f50acbd", "55be8550-655e-11e7-9dda-9f993e2ba58b", "a2099810-657b-11e7-8471-e5432f50acbd", "82fcfc50-657b-11e7-8471-e5432f50acbd", "b3e2af90-657b-11e7-8471-e5432f50acbd", "c4987cc0-657b-11e7-8471-e5432f50acbd", "bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5", "399c9fe0-657e-11e7-bd38-dd04615e7f62", "43e698c0-657e-11e7-99b6-af4533b21b46", "e3ef9130-658a-11e7-bfc3-d74b7bb89482", "836b2010-657e-11e7-9748-5d4091219eef", "7aaa68d0-658a-11e7-bfc3-d74b7bb89482", "d2a2db30-658a-11e7-bfc3-d74b7bb89482", "8c6ce180-657e-11e7-bd38-dd04615e7f62", "4a548ff0-657e-11e7-9748-5d4091219eef", "87dbc0a0-657e-11e7-99b6-af4533b21b46", "73c37440-658e-11e7-bfc3-d74b7bb89482", "64b144f0-658e-11e7-bfc3-d74b7bb89482", "f8731d50-2fd6-11e7-97a8-85d8d5a99269", "a4ade270-658e-11e7-bfc3-d74b7bb89482", "16438600-2fcb-11e7-befb-31e033c79e4e", "6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5", "b2c9a3d0-658e-11e7-bfc3-d74b7bb89482", "41a7e3a0-658f-11e7-bfc3-d74b7bb89482", "4ea0a8d0-658f-11e7-bfc3-d74b7bb89482", "3026fe40-658f-11e7-bfc3-d74b7bb89482", "9a4938d0-6592-11e7-b8de-af19b696fa44", "bfec6260-6592-11e7-9bf4-ed832088be20", "f11380e0-6591-11e7-bfc3-d74b7bb89482", "04990fe0-6592-11e7-bfc3-d74b7bb89482", "1fa2c100-6592-11e7-bfc3-d74b7bb89482", "e2f43d10-6591-11e7-bfc3-d74b7bb89482", "1418ce10-6592-11e7-bfc3-d74b7bb89482", "caea3760-6591-11e7-bfc3-d74b7bb89482", "8500a670-6579-11e7-8471-e5432f50acbd", "e2a7fc60-6592-11e7-8b83-5b2419db46fa", "206d6e90-6593-11e7-8b83-5b2419db46fa", "00248240-6593-11e7-b8de-af19b696fa44", "47d426a0-2fc8-11e7-8b06-97426538fddd", "12ca1180-6593-11e7-9bf4-ed832088be20", "5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd", "264fb270-2fdb-11e7-84e6-333bd21ad9fd", "4898db90-2fdb-11e7-84e6-333bd21ad9fd", "44b3cb70-2fd6-11e7-bc99-41245d9394f2", "23d6dc80-2fd6-11e7-bc99-41245d9394f2", "622844d0-6288-11e7-bcd8-a16ef1d32773", "6f6d05b0-2fc8-11e7-bf24-57efade8fd83", "5e58cc00-6556-11e7-995a-3584c2c6482c", "7f7aac00-2fc8-11e7-8bc1-177080983dbf", "71272b10-6579-11e7-8471-e5432f50acbd", "313a9880-2fd6-11e7-bc99-41245d9394f2", "8dcbcce0-2fd6-11e7-a82c-3146dd695923", "caf2c4b0-6556-11e7-be5f-c5cca8dd73b6", "91ae4100-6288-11e7-bcd8-a16ef1d32773", "de9b3dd0-2fc8-11e7-844c-67b9b101127b", "c6b36620-2fc8-11e7-87d6-cdce05879baf", "a8b68cb0-2fc8-11e7-8d8b-45ec51795dad", "fd081e50-6556-11e7-be5f-c5cca8dd73b6", "a8eadac0-658c-11e7-bfc3-d74b7bb89482", "c61bd8b0-658c-11e7-bfc3-d74b7bb89482", "9f9e54b0-2fd6-11e7-a82c-3146dd695923", "b74bbb70-2fd6-11e7-a82c-3146dd695923", "3ee07620-6556-11e7-995a-3584c2c6482c", "d4a408a0-671a-11e7-b5b8-29fbded8e37c", "51006340-671a-11e7-b5b8-29fbded8e37c", "ef7699a0-6719-11e7-b5b8-29fbded8e37c", "9f113d80-6719-11e7-b5b8-29fbded8e37c", "02e25f10-671a-11e7-b5b8-29fbded8e37c", "326fae40-671a-11e7-b5b8-29fbded8e37c", "7e9cb7e0-671a-11e7-b5b8-29fbded8e37c", "b58e1380-6719-11e7-b5b8-29fbded8e37c", "26e166f0-2fe2-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 713735210..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Exporters", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f8731d50-2fd6-11e7-97a8-85d8d5a99269\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"caea3760-6591-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"1fa2c100-6592-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":2},{\"size_x\":6,\"size_y\":2,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"00248240-6593-11e7-b8de-af19b696fa44\",\"col\":7,\"row\":4},{\"size_x\":6,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"206d6e90-6593-11e7-8b83-5b2419db46fa\",\"col\":7,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"e2a7fc60-6592-11e7-8b83-5b2419db46fa\",\"col\":1,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":10,\"type\":\"visualization\",\"id\":\"9a4938d0-6592-11e7-b8de-af19b696fa44\",\"col\":1,\"row\":4}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 9c796b400..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Top-N", "uiStateJSON": "{\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-5\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-7\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-8\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":5,\"panelIndex\":2,\"type\":\"visualization\",\"id\":\"b58e1380-6719-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"9f113d80-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"02e25f10-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"ef7699a0-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"326fae40-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"51006340-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"d4a408a0-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":17},{\"size_x\":6,\"size_y\":5,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"7e9cb7e0-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":17}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json b/modules/netflow/configuration/kibana/6.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json deleted file mode 100644 index f4f375179..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Traffic Analysis", "uiStateJSON": "{\"P-15\":{\"vis\":{\"legendOpen\":true}},\"P-26\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-27\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-29\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-30\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-48\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-49\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-50\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-51\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-52\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-53\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":7,\"id\":\"6a597070-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":1,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"6c67b990-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":5,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"52279a00-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":6,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"622844d0-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":7,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"2c9567c0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":9,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b61f84d0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":10,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"6ad67290-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":11,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"91ae4100-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":12,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"735d6c70-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":13,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"56a23ac0-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":14,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"7c2cfd10-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":15,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a8b68cb0-2fc8-11e7-8d8b-45ec51795dad\",\"panelIndex\":16,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"5fd2fe30-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":17,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"47d426a0-2fc8-11e7-8b06-97426538fddd\",\"panelIndex\":18,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":19,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":20,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":21,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"324b0a00-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":23,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"9b5d3b80-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":24,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"65f3b500-6557-11e7-87c3-994b88f84501\",\"panelIndex\":25,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"55be8550-655e-11e7-9dda-9f993e2ba58b\",\"panelIndex\":26,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"3277ea90-6578-11e7-8471-e5432f50acbd\",\"panelIndex\":27,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"a3541940-6556-11e7-a807-e52f264c6cfd\",\"panelIndex\":28,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"8500a670-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":29,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"71272b10-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":30,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8d2cb120-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":31,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"99382ab0-6555-11e7-8d48-19b0c51bbbbd\",\"panelIndex\":34,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f5f79b00-6555-11e7-b27e-8f8b3770f1df\",\"panelIndex\":35,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"3ee07620-6556-11e7-995a-3584c2c6482c\",\"panelIndex\":38,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"caf2c4b0-6556-11e7-be5f-c5cca8dd73b6\",\"panelIndex\":42,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a13402f0-6557-11e7-a3eb-4b30743c9370\",\"panelIndex\":44,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"0de63e90-6558-11e7-8547-3d133170b50d\",\"panelIndex\":45,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"39ecd800-6558-11e7-bea4-0f5fadb995cc\",\"panelIndex\":47,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"9accd4a0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":48,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"b13956f0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":49,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":2,\"size_y\":2,\"panelIndex\":50,\"type\":\"visualization\",\"id\":\"a2099810-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":20},{\"size_x\":2,\"size_y\":2,\"panelIndex\":51,\"type\":\"visualization\",\"id\":\"c4987cc0-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":52,\"type\":\"visualization\",\"id\":\"b3e2af90-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":53,\"type\":\"visualization\",\"id\":\"82fcfc50-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":20}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 973bb0e48..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"a7a47e70-2fde-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":4,\"size_x\":12,\"size_y\":5,\"type\":\"visualization\"},{\"col\":9,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4440e130-2fdd-11e7-afd7-595689f3f18c\",\"panelIndex\":3,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"4898db90-2fdb-11e7-84e6-333bd21ad9fd\",\"panelIndex\":4,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":5,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/6.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 7421e03d0..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Overview", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":12,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"23d6dc80-2fd6-11e7-bc99-41245d9394f2\",\"panelIndex\":13,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"8dcbcce0-2fd6-11e7-a82c-3146dd695923\",\"panelIndex\":14,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":15,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":17,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":9,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":21,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":23,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f6be96c0-622f-11e7-abbc-93bb293f5057\",\"panelIndex\":24,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"3fa5f6f0-2fca-11e7-ab32-99f279b941ef\",\"panelIndex\":25,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":26,\"type\":\"visualization\",\"id\":\"64b144f0-658e-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":27,\"type\":\"visualization\",\"id\":\"a4ade270-658e-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":29,\"type\":\"visualization\",\"id\":\"3026fe40-658f-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":8}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/6.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 2afa15599..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Geo Location", "uiStateJSON": "{\"P-16\":{\"mapCenter\":[20.632784250388028,16.69921875],\"mapZoom\":2}}", "panelsJSON": "[{\"col\":5,\"id\":\"99c1a4a0-2f60-11e7-8936-6f5fd5520124\",\"panelIndex\":16,\"row\":2,\"size_x\":8,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":17,\"type\":\"visualization\",\"id\":\"6702de70-2fca-11e7-8fcd-8dc6c60d4592\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":18,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":1,\"row\":4},{\"size_x\":4,\"size_y\":2,\"panelIndex\":19,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":1,\"row\":6},{\"size_x\":12,\"size_y\":1,\"panelIndex\":20,\"type\":\"visualization\",\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":1}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 5e0a41544..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"P-3\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":4,\"id\":\"6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":2,\"row\":2,\"size_x\":9,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":3,\"row\":2,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":12,\"size_y\":4,\"panelIndex\":5,\"type\":\"search\",\"id\":\"0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":4,\"columns\":[\"netflow.src_addr\",\"netflow.src_port_name\",\"netflow.dst_addr\",\"netflow.dst_port_name\",\"netflow.protocol_name\",\"netflow.bytes\",\"netflow.packets\"],\"sort\":[\"@timestamp\",\"desc\"]}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9557f34a2..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Autonomous Systems", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8c6ce180-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":2,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"836b2010-657e-11e7-9748-5d4091219eef\",\"panelIndex\":3,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"399c9fe0-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":4,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4a548ff0-657e-11e7-9748-5d4091219eef\",\"panelIndex\":5,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"7aaa68d0-658a-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":9,\"row\":2}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/dashboard/netflow.json b/modules/netflow/configuration/kibana/6.x/dashboard/netflow.json deleted file mode 100644 index 565cc92c2..000000000 --- a/modules/netflow/configuration/kibana/6.x/dashboard/netflow.json +++ /dev/null @@ -1,11 +0,0 @@ -[ - "a932b600-2fd2-11e7-99ed-49759aed30f5", - "10584050-6234-11e7-8236-19b4b4941e22", - "d7e31d40-6589-11e7-bfc3-d74b7bb89482", - "310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5", - "653cf1e0-2fd2-11e7-99ed-49759aed30f5", - "04157d70-6591-11e7-bfc3-d74b7bb89482", - "ca480720-2fdf-11e7-9d02-3f49bde5c1d5", - "0809c1f0-6719-11e7-b5b8-29fbded8e37c" -] - diff --git a/modules/netflow/configuration/kibana/6.x/index-pattern/netflow.json b/modules/netflow/configuration/kibana/6.x/index-pattern/netflow.json deleted file mode 100644 index 714ccae0f..000000000 --- a/modules/netflow/configuration/kibana/6.x/index-pattern/netflow.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title":"netflow-*", - "timeFieldName":"@timestamp", - "notExpandable":true, - "fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"geoip.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.direction\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_vlan\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.first_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_records\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_seq_num\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flowset_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.input_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_protocol_version\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.last_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.next_hop\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.output_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.packets\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_algorithm\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_interval\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flag_tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tos\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.vlan\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 77c89dbcb..000000000 --- a/modules/netflow/configuration/kibana/6.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"sort": ["@timestamp", "desc"], "hits": 0, "description": "", "title": "Netflow: Flow Records", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"highlightAll\":true,\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"version\":true}"}, "columns": ["netflow.src_addr", "netflow.src_port_name", "netflow.dst_addr", "netflow.dst_port_name", "netflow.protocol_name", "netflow.bytes", "netflow.packets"]} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/search/netflow.json b/modules/netflow/configuration/kibana/6.x/search/netflow.json deleted file mode 100644 index 733ef3aa6..000000000 --- a/modules/netflow/configuration/kibana/6.x/search/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/6.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 287e7eead..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index a29c7298e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Source Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Source Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/6.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 10bdcbf9f..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8e85e5b5c..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/6.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 780c8bfdd..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/6.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index adc7f588e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/6.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d4c9cd130..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 824d78d96..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Dashboard Navigation\",\"type\":\"markdown\",\"params\":{\"markdown\":\"[Overview](#/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5) | [Conversation Partners](#/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5) | [Traffic Analysis](#/dashboard/10584050-6234-11e7-8236-19b4b4941e22) | [Top-N](#/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c) | [Geo Location](#/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5) | [Autonomous Systems](#/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482) | [Flow Exporters](#/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482) | [Raw Flow Records](#/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5)\\n***\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Dashboard Navigation", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/6.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index a90386061..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 439a66ec7..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/6.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index 14aa3dc20..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index dc7bc7990..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Protocols\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Protocols", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 7e635a2eb..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.src_addr\",\"customLabel\":\"Sources\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Source Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/6.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index 8502a7159..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/6.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index 321546703..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/6.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index 9f31eb410..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json b/modules/netflow/configuration/kibana/6.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json deleted file mode 100644 index 52ab78c12..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/6.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 28d8290e5..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json b/modules/netflow/configuration/kibana/6.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json deleted file mode 100644 index 1ce79aace..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/6.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d68f4c33d..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/6.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index d5deb3d27..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 5cb7ec44c..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Autonomous Systems\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Autonomous Systems", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/6.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index d9e1be23c..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json b/modules/netflow/configuration/kibana/6.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json deleted file mode 100644 index 65bdb5add..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Count\",\"type\":\"metric\",\"params\":{\"handleNoResults\":true,\"fontSize\":\"32\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.dst_addr\",\"customLabel\":\"Destinations\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Count", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/6.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index ac903fd95..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/6.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 41433dc1d..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/6.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index d012edf9e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f5c588cf6..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/6.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index f84a2a03f..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json b/modules/netflow/configuration/kibana/6.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json deleted file mode 100644 index cf3908f9c..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/6.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 6eea98f5d..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/6.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 8831c4f8f..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index b66c1f49f..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Flow Records\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.last_switched\",\"interval\":\"s\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timeline\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/6.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index b81b1fbd2..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/6.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index fadc7dfca..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 92cecc9c6..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"customLabel\": \"Source Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/6.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index a36c13993..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/6.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 50fb5a1ed..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f59fe89db..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/6.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 0b476ff94..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 6130531e3..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Flow Exporters\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"host\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Flow Exporters", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index f818ef5ec..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"customLabel\":\"TCP Flag States\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/6.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index 23c6fdcff..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index c178c829e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"customLabel\": \"Destination Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/6.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index e3fc1fd84..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/6.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 4b0204c67..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/6.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index d4303ca39..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/6.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39e5c1963..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/6.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 8e684f027..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/6.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 42b758d7e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/6.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json deleted file mode 100644 index bc876cd22..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Geo Location Heatmap\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Heatmap\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":\"0.32\",\"heatRadius\":\"24\",\"heatBlur\":\"16\",\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[15,5],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"precision\":2,\"customLabel\":\"Location\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Geo Location Heatmap", "uiStateJSON": "{\"mapCenter\":[8.407168163601076,9.4921875]}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/6.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 5bf13524a..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 81e822cc4..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: ToS Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tos\",\"customLabel\":\"Types of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: ToS Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/6.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index b090e4edc..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 335b17d0b..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destinations\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destinations", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/6.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index 19fe02da6..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 2a0f7aa07..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous System Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.autonomous_system\",\"customLabel\":\"Autonomous Systems\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous System Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/6.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8b15e7be6..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9f1db8814..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 3ed157264..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Conversation Partners\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json b/modules/netflow/configuration/kibana/6.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json deleted file mode 100644 index 31e9491f3..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/6.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 7a5f6bd30..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index d0302eeda..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLAN Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.vlan\",\"customLabel\":\"VLANs\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLAN Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index e2ed3b6e0..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Country Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.country_name\",\"customLabel\":\"Countries\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Country Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 79a84236c..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Sources\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Sources", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/6.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39cb5931b..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json b/modules/netflow/configuration/kibana/6.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json deleted file mode 100644 index d69c6798d..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/6.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 6e50cf6d1..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/6.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 721d37d97..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: City Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.city_name\",\"customLabel\":\"Cities\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: City Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/6.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index c614b431e..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/6.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index c41547f1f..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 121ee308b..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Cities\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":true,\"showTotal\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Country\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.city_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Cities", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/6.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index e576bf57d..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/6.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 21445a0ce..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/6.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index d2e84a449..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destination Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destination Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/6.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index e0f66eec5..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json b/modules/netflow/configuration/kibana/6.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json deleted file mode 100644 index 8dcf4e344..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/6.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 05d2e79dc..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Flow Exporter\",\"field\":\"host\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"title\":\"Netflow: Flow Exporters (flow records)\",\"type\":\"pie\"}", "description": "", "title": "Netflow: Flow Exporters (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/6.x/visualization/netflow.json b/modules/netflow/configuration/kibana/6.x/visualization/netflow.json deleted file mode 100644 index 2f65b14d6..000000000 --- a/modules/netflow/configuration/kibana/6.x/visualization/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["99c1a4a0-2f60-11e7-8936-6f5fd5520124", "6702de70-2fca-11e7-8fcd-8dc6c60d4592", "793a6f00-2fdd-11e7-afd7-595689f3f18c", "264fb270-2fdb-11e7-84e6-333bd21ad9fd", "26e166f0-2fe2-11e7-9d02-3f49bde5c1d5", "6a597070-6233-11e7-aa4b-5f8c56ec33b8", "6c67b990-628c-11e7-95ed-8966ac93bd5a", "52279a00-628c-11e7-95ed-8966ac93bd5a", "622844d0-6288-11e7-bcd8-a16ef1d32773", "2c9567c0-6289-11e7-bcd8-a16ef1d32773", "b61f84d0-6289-11e7-bcd8-a16ef1d32773", "6ad67290-6289-11e7-bcd8-a16ef1d32773", "91ae4100-6288-11e7-bcd8-a16ef1d32773", "735d6c70-628e-11e7-a842-b787fa3508ce", "56a23ac0-628e-11e7-a842-b787fa3508ce", "7c2cfd10-2fc7-11e7-8936-6f5fd5520124", "a8b68cb0-2fc8-11e7-8d8b-45ec51795dad", "5fd2fe30-2fc7-11e7-8936-6f5fd5520124", "47d426a0-2fc8-11e7-8b06-97426538fddd", "69f864d0-2fd7-11e7-97a8-85d8d5a99269", "b88a8790-2fd7-11e7-bd03-932d3e38a4ff", "97f430b0-622e-11e7-b0a5-e9bda2f6d168", "ac4cbc90-622d-11e7-b0a5-e9bda2f6d168", "324b0a00-2fc9-11e7-bd31-a722d271a9cc", "9b5d3b80-2fc9-11e7-bd31-a722d271a9cc", "65f3b500-6557-11e7-87c3-994b88f84501", "55be8550-655e-11e7-9dda-9f993e2ba58b", "3277ea90-6578-11e7-8471-e5432f50acbd", "a3541940-6556-11e7-a807-e52f264c6cfd", "8500a670-6579-11e7-8471-e5432f50acbd", "71272b10-6579-11e7-8471-e5432f50acbd", "8d2cb120-6233-11e7-aa4b-5f8c56ec33b8", "99382ab0-6555-11e7-8d48-19b0c51bbbbd", "f5f79b00-6555-11e7-b27e-8f8b3770f1df", "3ee07620-6556-11e7-995a-3584c2c6482c", "caf2c4b0-6556-11e7-be5f-c5cca8dd73b6", "a13402f0-6557-11e7-a3eb-4b30743c9370", "0de63e90-6558-11e7-8547-3d133170b50d", "39ecd800-6558-11e7-bea4-0f5fadb995cc", "9accd4a0-657a-11e7-8471-e5432f50acbd", "b13956f0-657a-11e7-8471-e5432f50acbd", "a2099810-657b-11e7-8471-e5432f50acbd", "c4987cc0-657b-11e7-8471-e5432f50acbd", "b3e2af90-657b-11e7-8471-e5432f50acbd", "82fcfc50-657b-11e7-8471-e5432f50acbd", "8c6ce180-657e-11e7-bd38-dd04615e7f62", "836b2010-657e-11e7-9748-5d4091219eef", "399c9fe0-657e-11e7-bd38-dd04615e7f62", "4a548ff0-657e-11e7-9748-5d4091219eef", "7aaa68d0-658a-11e7-bfc3-d74b7bb89482", "a7a47e70-2fde-11e7-9d02-3f49bde5c1d5", "de9da770-2fcb-11e7-8df8-b363df28ab61", "4440e130-2fdd-11e7-afd7-595689f3f18c", "4898db90-2fdb-11e7-84e6-333bd21ad9fd", "23d6dc80-2fd6-11e7-bc99-41245d9394f2", "8dcbcce0-2fd6-11e7-a82c-3146dd695923", "f6be96c0-622f-11e7-abbc-93bb293f5057", "3fa5f6f0-2fca-11e7-ab32-99f279b941ef", "64b144f0-658e-11e7-bfc3-d74b7bb89482", "a4ade270-658e-11e7-bfc3-d74b7bb89482", "3026fe40-658f-11e7-bfc3-d74b7bb89482", "f8731d50-2fd6-11e7-97a8-85d8d5a99269", "caea3760-6591-11e7-bfc3-d74b7bb89482", "1fa2c100-6592-11e7-bfc3-d74b7bb89482", "00248240-6593-11e7-b8de-af19b696fa44", "206d6e90-6593-11e7-8b83-5b2419db46fa", "e2a7fc60-6592-11e7-8b83-5b2419db46fa", "9a4938d0-6592-11e7-b8de-af19b696fa44", "6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5", "bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5", "b58e1380-6719-11e7-b5b8-29fbded8e37c", "9f113d80-6719-11e7-b5b8-29fbded8e37c", "02e25f10-671a-11e7-b5b8-29fbded8e37c", "ef7699a0-6719-11e7-b5b8-29fbded8e37c", "326fae40-671a-11e7-b5b8-29fbded8e37c", "51006340-671a-11e7-b5b8-29fbded8e37c", "d4a408a0-671a-11e7-b5b8-29fbded8e37c", "7e9cb7e0-671a-11e7-b5b8-29fbded8e37c"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 713735210..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Exporters", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f8731d50-2fd6-11e7-97a8-85d8d5a99269\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"caea3760-6591-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"1fa2c100-6592-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":2},{\"size_x\":6,\"size_y\":2,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"00248240-6593-11e7-b8de-af19b696fa44\",\"col\":7,\"row\":4},{\"size_x\":6,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"206d6e90-6593-11e7-8b83-5b2419db46fa\",\"col\":7,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"e2a7fc60-6592-11e7-8b83-5b2419db46fa\",\"col\":1,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":10,\"type\":\"visualization\",\"id\":\"9a4938d0-6592-11e7-b8de-af19b696fa44\",\"col\":1,\"row\":4}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 9c796b400..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Top-N", "uiStateJSON": "{\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-5\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-7\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-8\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":5,\"panelIndex\":2,\"type\":\"visualization\",\"id\":\"b58e1380-6719-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"9f113d80-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"02e25f10-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"ef7699a0-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"326fae40-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"51006340-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"d4a408a0-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":17},{\"size_x\":6,\"size_y\":5,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"7e9cb7e0-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":17}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json b/modules/netflow/configuration/kibana/7.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json deleted file mode 100644 index f4f375179..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Traffic Analysis", "uiStateJSON": "{\"P-15\":{\"vis\":{\"legendOpen\":true}},\"P-26\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-27\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-29\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-30\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-48\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-49\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-50\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-51\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-52\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-53\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":7,\"id\":\"6a597070-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":1,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"6c67b990-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":5,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"52279a00-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":6,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"622844d0-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":7,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"2c9567c0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":9,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b61f84d0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":10,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"6ad67290-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":11,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"91ae4100-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":12,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"735d6c70-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":13,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"56a23ac0-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":14,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"7c2cfd10-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":15,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a8b68cb0-2fc8-11e7-8d8b-45ec51795dad\",\"panelIndex\":16,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"5fd2fe30-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":17,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"47d426a0-2fc8-11e7-8b06-97426538fddd\",\"panelIndex\":18,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":19,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":20,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":21,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"324b0a00-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":23,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"9b5d3b80-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":24,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"65f3b500-6557-11e7-87c3-994b88f84501\",\"panelIndex\":25,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"55be8550-655e-11e7-9dda-9f993e2ba58b\",\"panelIndex\":26,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"3277ea90-6578-11e7-8471-e5432f50acbd\",\"panelIndex\":27,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"a3541940-6556-11e7-a807-e52f264c6cfd\",\"panelIndex\":28,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"8500a670-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":29,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"71272b10-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":30,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8d2cb120-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":31,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"99382ab0-6555-11e7-8d48-19b0c51bbbbd\",\"panelIndex\":34,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f5f79b00-6555-11e7-b27e-8f8b3770f1df\",\"panelIndex\":35,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"3ee07620-6556-11e7-995a-3584c2c6482c\",\"panelIndex\":38,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"caf2c4b0-6556-11e7-be5f-c5cca8dd73b6\",\"panelIndex\":42,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a13402f0-6557-11e7-a3eb-4b30743c9370\",\"panelIndex\":44,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"0de63e90-6558-11e7-8547-3d133170b50d\",\"panelIndex\":45,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"39ecd800-6558-11e7-bea4-0f5fadb995cc\",\"panelIndex\":47,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"9accd4a0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":48,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"b13956f0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":49,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":2,\"size_y\":2,\"panelIndex\":50,\"type\":\"visualization\",\"id\":\"a2099810-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":20},{\"size_x\":2,\"size_y\":2,\"panelIndex\":51,\"type\":\"visualization\",\"id\":\"c4987cc0-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":52,\"type\":\"visualization\",\"id\":\"b3e2af90-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":53,\"type\":\"visualization\",\"id\":\"82fcfc50-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":20}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 973bb0e48..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"a7a47e70-2fde-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":4,\"size_x\":12,\"size_y\":5,\"type\":\"visualization\"},{\"col\":9,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4440e130-2fdd-11e7-afd7-595689f3f18c\",\"panelIndex\":3,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"4898db90-2fdb-11e7-84e6-333bd21ad9fd\",\"panelIndex\":4,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":5,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/7.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 7421e03d0..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Overview", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":12,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"23d6dc80-2fd6-11e7-bc99-41245d9394f2\",\"panelIndex\":13,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"8dcbcce0-2fd6-11e7-a82c-3146dd695923\",\"panelIndex\":14,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":15,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":17,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":9,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":21,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":23,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f6be96c0-622f-11e7-abbc-93bb293f5057\",\"panelIndex\":24,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"3fa5f6f0-2fca-11e7-ab32-99f279b941ef\",\"panelIndex\":25,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":26,\"type\":\"visualization\",\"id\":\"64b144f0-658e-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":27,\"type\":\"visualization\",\"id\":\"a4ade270-658e-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":29,\"type\":\"visualization\",\"id\":\"3026fe40-658f-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":8}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/7.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 2afa15599..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Geo Location", "uiStateJSON": "{\"P-16\":{\"mapCenter\":[20.632784250388028,16.69921875],\"mapZoom\":2}}", "panelsJSON": "[{\"col\":5,\"id\":\"99c1a4a0-2f60-11e7-8936-6f5fd5520124\",\"panelIndex\":16,\"row\":2,\"size_x\":8,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":17,\"type\":\"visualization\",\"id\":\"6702de70-2fca-11e7-8fcd-8dc6c60d4592\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":18,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":1,\"row\":4},{\"size_x\":4,\"size_y\":2,\"panelIndex\":19,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":1,\"row\":6},{\"size_x\":12,\"size_y\":1,\"panelIndex\":20,\"type\":\"visualization\",\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":1}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 5e0a41544..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"P-3\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":4,\"id\":\"6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":2,\"row\":2,\"size_x\":9,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":3,\"row\":2,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":12,\"size_y\":4,\"panelIndex\":5,\"type\":\"search\",\"id\":\"0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":4,\"columns\":[\"netflow.src_addr\",\"netflow.src_port_name\",\"netflow.dst_addr\",\"netflow.dst_port_name\",\"netflow.protocol_name\",\"netflow.bytes\",\"netflow.packets\"],\"sort\":[\"@timestamp\",\"desc\"]}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9557f34a2..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Autonomous Systems", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8c6ce180-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":2,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"836b2010-657e-11e7-9748-5d4091219eef\",\"panelIndex\":3,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"399c9fe0-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":4,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4a548ff0-657e-11e7-9748-5d4091219eef\",\"panelIndex\":5,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"7aaa68d0-658a-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":9,\"row\":2}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/dashboard/netflow.json b/modules/netflow/configuration/kibana/7.x/dashboard/netflow.json deleted file mode 100644 index 57fb3d414..000000000 --- a/modules/netflow/configuration/kibana/7.x/dashboard/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["a932b600-2fd2-11e7-99ed-49759aed30f5", "10584050-6234-11e7-8236-19b4b4941e22", "d7e31d40-6589-11e7-bfc3-d74b7bb89482", "310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5", "653cf1e0-2fd2-11e7-99ed-49759aed30f5", "04157d70-6591-11e7-bfc3-d74b7bb89482", "ca480720-2fdf-11e7-9d02-3f49bde5c1d5", "0809c1f0-6719-11e7-b5b8-29fbded8e37c"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/index-pattern/netflow.json b/modules/netflow/configuration/kibana/7.x/index-pattern/netflow.json deleted file mode 100644 index 714ccae0f..000000000 --- a/modules/netflow/configuration/kibana/7.x/index-pattern/netflow.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title":"netflow-*", - "timeFieldName":"@timestamp", - "notExpandable":true, - "fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"geoip.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.direction\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_vlan\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.first_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_records\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_seq_num\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flowset_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.input_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_protocol_version\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.last_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.next_hop\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.output_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.packets\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_algorithm\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_interval\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flag_tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tos\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.vlan\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 77c89dbcb..000000000 --- a/modules/netflow/configuration/kibana/7.x/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"sort": ["@timestamp", "desc"], "hits": 0, "description": "", "title": "Netflow: Flow Records", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"highlightAll\":true,\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"version\":true}"}, "columns": ["netflow.src_addr", "netflow.src_port_name", "netflow.dst_addr", "netflow.dst_port_name", "netflow.protocol_name", "netflow.bytes", "netflow.packets"]} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/search/netflow.json b/modules/netflow/configuration/kibana/7.x/search/netflow.json deleted file mode 100644 index 733ef3aa6..000000000 --- a/modules/netflow/configuration/kibana/7.x/search/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/7.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 287e7eead..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/00248240-6593-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index a29c7298e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Source Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Source Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9d5447463..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/7.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index ffef433ab..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/7.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 10bdcbf9f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/7.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index 72a927e76..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/7.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c4d99f23e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 044779e36..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/7.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index edeaa0c0f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json b/modules/netflow/configuration/kibana/7.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json deleted file mode 100644 index 0be4bd9ec..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 651863dc9..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8e85e5b5c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/7.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 780c8bfdd..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/7.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 41a84a30a..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/231fe630-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/7.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index adc7f588e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/7.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d4c9cd130..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 824d78d96..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Dashboard Navigation\",\"type\":\"markdown\",\"params\":{\"markdown\":\"[Overview](#/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5) | [Conversation Partners](#/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5) | [Traffic Analysis](#/dashboard/10584050-6234-11e7-8236-19b4b4941e22) | [Top-N](#/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c) | [Geo Location](#/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5) | [Autonomous Systems](#/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482) | [Flow Exporters](#/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482) | [Raw Flow Records](#/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5)\\n***\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Dashboard Navigation", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json b/modules/netflow/configuration/kibana/7.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json deleted file mode 100644 index e0df55dfc..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/7.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index a90386061..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 439a66ec7..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/7.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index ea92c668c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/7.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index 14aa3dc20..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index dc7bc7990..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Protocols\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Protocols", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 7e635a2eb..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.src_addr\",\"customLabel\":\"Sources\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Source Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/7.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index 8502a7159..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/7.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index 4a175ff05..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/7.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index 321546703..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/7.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index 9f31eb410..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json b/modules/netflow/configuration/kibana/7.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json deleted file mode 100644 index 52ab78c12..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index cd08fa420..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/7.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index aa96a138b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/7.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 28d8290e5..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/7.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index 55b294e2f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json b/modules/netflow/configuration/kibana/7.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json deleted file mode 100644 index 1ce79aace..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/7.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d68f4c33d..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/7.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 041d8adc8..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/7.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index d5deb3d27..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/7.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index d58a47e30..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/7.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index dceaf28c9..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 002986eeb..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 72a9f6e4f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 5cb7ec44c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Autonomous Systems\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Autonomous Systems", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/7.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index d9e1be23c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json b/modules/netflow/configuration/kibana/7.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json deleted file mode 100644 index 65bdb5add..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Count\",\"type\":\"metric\",\"params\":{\"handleNoResults\":true,\"fontSize\":\"32\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.dst_addr\",\"customLabel\":\"Destinations\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Count", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/7.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 4e215a933..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/7.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index ac903fd95..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/7.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index 203bd5538..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/7.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index b05776a8c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 41433dc1d..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/7.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index d012edf9e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f5c588cf6..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/7.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index f84a2a03f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json b/modules/netflow/configuration/kibana/7.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json deleted file mode 100644 index cf3908f9c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/7.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index 3441317a1..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/7.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 6eea98f5d..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/7.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 8831c4f8f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index b66c1f49f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Flow Records\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.last_switched\",\"interval\":\"s\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timeline\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/7.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index b81b1fbd2..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/7.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index fadc7dfca..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json b/modules/netflow/configuration/kibana/7.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json deleted file mode 100644 index 6ce6aea70..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 92cecc9c6..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"customLabel\": \"Source Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/7.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index a36c13993..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4a690fc0b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/7.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 50fb5a1ed..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f59fe89db..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 0b476ff94..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 400104775..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 6130531e3..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Flow Exporters\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"host\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Flow Exporters", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json b/modules/netflow/configuration/kibana/7.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json deleted file mode 100644 index 819ce3c20..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index f818ef5ec..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"customLabel\":\"TCP Flag States\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/7.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index 077d090bf..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/835e6090-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/7.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index 23c6fdcff..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/836b2010-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/7.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index eda88c1d6..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index c178c829e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"customLabel\": \"Destination Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/7.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index 0870127bd..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 1834df905..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/7.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index e3fc1fd84..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/7.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 4b0204c67..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/7.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index d4303ca39..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/7.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index c3818b58b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/7.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39e5c1963..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 8e684f027..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/7.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 42b758d7e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json deleted file mode 100644 index bc876cd22..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Geo Location Heatmap\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Heatmap\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":\"0.32\",\"heatRadius\":\"24\",\"heatBlur\":\"16\",\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[15,5],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"precision\":2,\"customLabel\":\"Location\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Geo Location Heatmap", "uiStateJSON": "{\"mapCenter\":[8.407168163601076,9.4921875]}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/7.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index b33bf5844..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/7.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 5bf13524a..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 81e822cc4..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: ToS Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tos\",\"customLabel\":\"Types of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: ToS Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/7.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index b090e4edc..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 335b17d0b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destinations\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destinations", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/7.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index 5958480c9..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/7.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index 19fe02da6..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 2a0f7aa07..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous System Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.autonomous_system\",\"customLabel\":\"Autonomous Systems\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous System Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/7.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8b15e7be6..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9f1db8814..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 3ed157264..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Conversation Partners\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json b/modules/netflow/configuration/kibana/7.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json deleted file mode 100644 index 31e9491f3..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 78466c9b2..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Destination Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Destination Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 7a5f6bd30..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 46dcb5544..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/7.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 9a448e61a..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/7.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 392445794..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/7.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index 63c839f71..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index d0302eeda..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLAN Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.vlan\",\"customLabel\":\"VLANs\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLAN Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6dbda475a..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/7.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8c142fdb2..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index e2ed3b6e0..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Country Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.country_name\",\"customLabel\":\"Countries\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Country Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 79a84236c..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Sources\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Sources", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/7.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39cb5931b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/7.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 81a54099b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/7.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index dc66b8395..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json b/modules/netflow/configuration/kibana/7.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json deleted file mode 100644 index d69c6798d..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json b/modules/netflow/configuration/kibana/7.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json deleted file mode 100644 index 18f82618e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/7.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 6e50cf6d1..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/7.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c11358aed..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/7.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 721d37d97..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: City Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.city_name\",\"customLabel\":\"Cities\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: City Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4896722ab..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Source Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Source Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/7.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index b72f29aaa..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json b/modules/netflow/configuration/kibana/7.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json deleted file mode 100644 index 12569f797..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 33dee4b2b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index c614b431e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/7.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index c41547f1f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/7.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index bdf3d88ae..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json b/modules/netflow/configuration/kibana/7.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json deleted file mode 100644 index 3c083014e..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 2485949c8..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 121ee308b..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Cities\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":true,\"showTotal\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Country\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.city_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Cities", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/7.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 5726f7273..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/7.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 5140e74fc..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/7.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index bc4d21c02..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/7.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index b5c28766f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json b/modules/netflow/configuration/kibana/7.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json deleted file mode 100644 index 00f3c1814..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/7.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index e576bf57d..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/7.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 21445a0ce..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8caead0e1..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 21b84b4db..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json b/modules/netflow/configuration/kibana/7.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json deleted file mode 100644 index ce99c6763..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/7.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index d2e84a449..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destination Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destination Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/7.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6988e1057..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/7.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index d11744ec2..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/7.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index e0f66eec5..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/7.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index dd617f198..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json b/modules/netflow/configuration/kibana/7.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json deleted file mode 100644 index 8dcf4e344..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/7.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 05d2e79dc..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Flow Exporter\",\"field\":\"host\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"title\":\"Netflow: Flow Exporters (flow records)\",\"type\":\"pie\"}", "description": "", "title": "Netflow: Flow Exporters (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/7.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index 5a1e3199f..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/7.x/visualization/netflow.json b/modules/netflow/configuration/kibana/7.x/visualization/netflow.json deleted file mode 100644 index 3943af169..000000000 --- a/modules/netflow/configuration/kibana/7.x/visualization/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["39e3dab0-2fcb-11e7-befb-31e033c79e4e", "1026edb0-2fcc-11e7-842d-39925ea8ac40", "b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2", "99c1a4a0-2f60-11e7-8936-6f5fd5520124", "b02faaf0-2fcb-11e7-8df8-b363df28ab61", "d07a2870-2fcc-11e7-9bae-a35d2fe38fc2", "8f35efc0-2fcc-11e7-842d-39925ea8ac40", "de9da770-2fcb-11e7-8df8-b363df28ab61", "d8f24780-2fcc-11e7-9bae-a35d2fe38fc2", "99e49de0-2fcc-11e7-842d-39925ea8ac40", "f2fea250-2fcb-11e7-8df8-b363df28ab61", "ad5cb080-622e-11e7-b0a5-e9bda2f6d168", "7e9a7980-622e-11e7-b0a5-e9bda2f6d168", "97f430b0-622e-11e7-b0a5-e9bda2f6d168", "2aeac270-6230-11e7-84f1-9728c106b1b6", "178b0af0-6230-11e7-9a50-efc26ded795d", "f6be96c0-622f-11e7-abbc-93bb293f5057", "8d2cb120-6233-11e7-aa4b-5f8c56ec33b8", "6a597070-6233-11e7-aa4b-5f8c56ec33b8", "dcf88c60-6233-11e7-aa4b-5f8c56ec33b8", "6ad67290-6289-11e7-bcd8-a16ef1d32773", "2c9567c0-6289-11e7-bcd8-a16ef1d32773", "b61f84d0-6289-11e7-bcd8-a16ef1d32773", "52279a00-628c-11e7-95ed-8966ac93bd5a", "56a23ac0-628e-11e7-a842-b787fa3508ce", "735d6c70-628e-11e7-a842-b787fa3508ce", "a3541940-6556-11e7-a807-e52f264c6cfd", "f5f79b00-6555-11e7-b27e-8f8b3770f1df", "65f3b500-6557-11e7-87c3-994b88f84501", "b2d02df0-6556-11e7-a807-e52f264c6cfd", "0927de10-6556-11e7-b27e-8f8b3770f1df", "0de63e90-6558-11e7-8547-3d133170b50d", "a13402f0-6557-11e7-a3eb-4b30743c9370", "231fe630-6558-11e7-8547-3d133170b50d", "daa62090-6557-11e7-a3eb-4b30743c9370", "39ecd800-6558-11e7-bea4-0f5fadb995cc", "835e6090-6557-11e7-87c3-994b88f84501", "4a6f6030-6558-11e7-bea4-0f5fadb995cc", "a7a47e70-2fde-11e7-9d02-3f49bde5c1d5", "bb8e3d90-2fca-11e7-9fcf-99b4b8159f98", "6702de70-2fca-11e7-8fcd-8dc6c60d4592", "3fa5f6f0-2fca-11e7-ab32-99f279b941ef", "691cda40-2fc9-11e7-823a-89e4bb55eaa1", "49a2d6b0-2fc9-11e7-8224-a900ea73fa5f", "324b0a00-2fc9-11e7-bd31-a722d271a9cc", "c6319680-2fc9-11e7-823a-89e4bb55eaa1", "99382ab0-6555-11e7-8d48-19b0c51bbbbd", "6c67b990-628c-11e7-95ed-8966ac93bd5a", "ca786e30-622d-11e7-b0a5-e9bda2f6d168", "f687e140-622d-11e7-b0a5-e9bda2f6d168", "ac4cbc90-622d-11e7-b0a5-e9bda2f6d168", "d9fdbd80-6555-11e7-8d48-19b0c51bbbbd", "af23cb20-2fc9-11e7-8224-a900ea73fa5f", "9b5d3b80-2fc9-11e7-bd31-a722d271a9cc", "84e4c9f0-2fd7-11e7-97a8-85d8d5a99269", "69f864d0-2fd7-11e7-97a8-85d8d5a99269", "4dc994a0-2fd7-11e7-97a8-85d8d5a99269", "e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10", "b88a8790-2fd7-11e7-bd03-932d3e38a4ff", "d297fe60-2fd7-11e7-af27-99e728e71e91", "793a6f00-2fdd-11e7-afd7-595689f3f18c", "4440e130-2fdd-11e7-afd7-595689f3f18c", "af1425a0-2fc7-11e7-8936-6f5fd5520124", "4f3525d0-2fc7-11e7-8936-6f5fd5520124", "5fd2fe30-2fc7-11e7-8936-6f5fd5520124", "55f66b20-2fdd-11e7-afd7-595689f3f18c", "8a52f7a0-2fc7-11e7-8936-6f5fd5520124", "1e7d8770-2fc7-11e7-8936-6f5fd5520124", "7c2cfd10-2fc7-11e7-8936-6f5fd5520124", "9accd4a0-657a-11e7-8471-e5432f50acbd", "3277ea90-6578-11e7-8471-e5432f50acbd", "b13956f0-657a-11e7-8471-e5432f50acbd", "55be8550-655e-11e7-9dda-9f993e2ba58b", "a2099810-657b-11e7-8471-e5432f50acbd", "82fcfc50-657b-11e7-8471-e5432f50acbd", "b3e2af90-657b-11e7-8471-e5432f50acbd", "c4987cc0-657b-11e7-8471-e5432f50acbd", "bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5", "399c9fe0-657e-11e7-bd38-dd04615e7f62", "43e698c0-657e-11e7-99b6-af4533b21b46", "e3ef9130-658a-11e7-bfc3-d74b7bb89482", "836b2010-657e-11e7-9748-5d4091219eef", "7aaa68d0-658a-11e7-bfc3-d74b7bb89482", "d2a2db30-658a-11e7-bfc3-d74b7bb89482", "8c6ce180-657e-11e7-bd38-dd04615e7f62", "4a548ff0-657e-11e7-9748-5d4091219eef", "87dbc0a0-657e-11e7-99b6-af4533b21b46", "73c37440-658e-11e7-bfc3-d74b7bb89482", "64b144f0-658e-11e7-bfc3-d74b7bb89482", "f8731d50-2fd6-11e7-97a8-85d8d5a99269", "a4ade270-658e-11e7-bfc3-d74b7bb89482", "16438600-2fcb-11e7-befb-31e033c79e4e", "6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5", "b2c9a3d0-658e-11e7-bfc3-d74b7bb89482", "41a7e3a0-658f-11e7-bfc3-d74b7bb89482", "4ea0a8d0-658f-11e7-bfc3-d74b7bb89482", "3026fe40-658f-11e7-bfc3-d74b7bb89482", "9a4938d0-6592-11e7-b8de-af19b696fa44", "bfec6260-6592-11e7-9bf4-ed832088be20", "f11380e0-6591-11e7-bfc3-d74b7bb89482", "04990fe0-6592-11e7-bfc3-d74b7bb89482", "1fa2c100-6592-11e7-bfc3-d74b7bb89482", "e2f43d10-6591-11e7-bfc3-d74b7bb89482", "1418ce10-6592-11e7-bfc3-d74b7bb89482", "caea3760-6591-11e7-bfc3-d74b7bb89482", "8500a670-6579-11e7-8471-e5432f50acbd", "e2a7fc60-6592-11e7-8b83-5b2419db46fa", "206d6e90-6593-11e7-8b83-5b2419db46fa", "00248240-6593-11e7-b8de-af19b696fa44", "47d426a0-2fc8-11e7-8b06-97426538fddd", "12ca1180-6593-11e7-9bf4-ed832088be20", "5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd", "264fb270-2fdb-11e7-84e6-333bd21ad9fd", "4898db90-2fdb-11e7-84e6-333bd21ad9fd", "44b3cb70-2fd6-11e7-bc99-41245d9394f2", "23d6dc80-2fd6-11e7-bc99-41245d9394f2", "622844d0-6288-11e7-bcd8-a16ef1d32773", "6f6d05b0-2fc8-11e7-bf24-57efade8fd83", "5e58cc00-6556-11e7-995a-3584c2c6482c", "7f7aac00-2fc8-11e7-8bc1-177080983dbf", "71272b10-6579-11e7-8471-e5432f50acbd", "313a9880-2fd6-11e7-bc99-41245d9394f2", "8dcbcce0-2fd6-11e7-a82c-3146dd695923", "caf2c4b0-6556-11e7-be5f-c5cca8dd73b6", "91ae4100-6288-11e7-bcd8-a16ef1d32773", "de9b3dd0-2fc8-11e7-844c-67b9b101127b", "c6b36620-2fc8-11e7-87d6-cdce05879baf", "a8b68cb0-2fc8-11e7-8d8b-45ec51795dad", "fd081e50-6556-11e7-be5f-c5cca8dd73b6", "a8eadac0-658c-11e7-bfc3-d74b7bb89482", "c61bd8b0-658c-11e7-bfc3-d74b7bb89482", "9f9e54b0-2fd6-11e7-a82c-3146dd695923", "b74bbb70-2fd6-11e7-a82c-3146dd695923", "3ee07620-6556-11e7-995a-3584c2c6482c", "d4a408a0-671a-11e7-b5b8-29fbded8e37c", "51006340-671a-11e7-b5b8-29fbded8e37c", "ef7699a0-6719-11e7-b5b8-29fbded8e37c", "9f113d80-6719-11e7-b5b8-29fbded8e37c", "02e25f10-671a-11e7-b5b8-29fbded8e37c", "326fae40-671a-11e7-b5b8-29fbded8e37c", "7e9cb7e0-671a-11e7-b5b8-29fbded8e37c", "b58e1380-6719-11e7-b5b8-29fbded8e37c", "26e166f0-2fe2-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 713735210..000000000 --- a/modules/netflow/configuration/kibana/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Exporters", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f8731d50-2fd6-11e7-97a8-85d8d5a99269\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"caea3760-6591-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"1fa2c100-6592-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":2},{\"size_x\":6,\"size_y\":2,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"00248240-6593-11e7-b8de-af19b696fa44\",\"col\":7,\"row\":4},{\"size_x\":6,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"206d6e90-6593-11e7-8b83-5b2419db46fa\",\"col\":7,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"e2a7fc60-6592-11e7-8b83-5b2419db46fa\",\"col\":1,\"row\":6},{\"size_x\":6,\"size_y\":2,\"panelIndex\":10,\"type\":\"visualization\",\"id\":\"9a4938d0-6592-11e7-b8de-af19b696fa44\",\"col\":1,\"row\":4}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 9c796b400..000000000 --- a/modules/netflow/configuration/kibana/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Top-N", "uiStateJSON": "{\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-5\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-7\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-8\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":5,\"panelIndex\":2,\"type\":\"visualization\",\"id\":\"b58e1380-6719-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":3,\"type\":\"visualization\",\"id\":\"9f113d80-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":2},{\"size_x\":6,\"size_y\":5,\"panelIndex\":4,\"type\":\"visualization\",\"id\":\"02e25f10-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":5,\"type\":\"visualization\",\"id\":\"ef7699a0-6719-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":7},{\"size_x\":6,\"size_y\":5,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"326fae40-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"51006340-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":12},{\"size_x\":6,\"size_y\":5,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"d4a408a0-671a-11e7-b5b8-29fbded8e37c\",\"col\":1,\"row\":17},{\"size_x\":6,\"size_y\":5,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"7e9cb7e0-671a-11e7-b5b8-29fbded8e37c\",\"col\":7,\"row\":17}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json b/modules/netflow/configuration/kibana/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json deleted file mode 100644 index f4f375179..000000000 --- a/modules/netflow/configuration/kibana/dashboard/10584050-6234-11e7-8236-19b4b4941e22.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Traffic Analysis", "uiStateJSON": "{\"P-15\":{\"vis\":{\"legendOpen\":true}},\"P-26\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-27\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-29\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-30\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-48\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-49\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-50\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-51\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-52\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"P-53\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":7,\"id\":\"6a597070-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":1,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"6c67b990-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":5,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"52279a00-628c-11e7-95ed-8966ac93bd5a\",\"panelIndex\":6,\"row\":28,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"622844d0-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":7,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"2c9567c0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":9,\"row\":22,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b61f84d0-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":10,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"6ad67290-6289-11e7-bcd8-a16ef1d32773\",\"panelIndex\":11,\"row\":16,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"91ae4100-6288-11e7-bcd8-a16ef1d32773\",\"panelIndex\":12,\"row\":10,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"735d6c70-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":13,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"56a23ac0-628e-11e7-a842-b787fa3508ce\",\"panelIndex\":14,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"7c2cfd10-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":15,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a8b68cb0-2fc8-11e7-8d8b-45ec51795dad\",\"panelIndex\":16,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"5fd2fe30-2fc7-11e7-8936-6f5fd5520124\",\"panelIndex\":17,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"47d426a0-2fc8-11e7-8b06-97426538fddd\",\"panelIndex\":18,\"row\":8,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":19,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":20,\"row\":14,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":21,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":20,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"324b0a00-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":23,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"9b5d3b80-2fc9-11e7-bd31-a722d271a9cc\",\"panelIndex\":24,\"row\":26,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"65f3b500-6557-11e7-87c3-994b88f84501\",\"panelIndex\":25,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"55be8550-655e-11e7-9dda-9f993e2ba58b\",\"panelIndex\":26,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"3277ea90-6578-11e7-8471-e5432f50acbd\",\"panelIndex\":27,\"row\":2,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"a3541940-6556-11e7-a807-e52f264c6cfd\",\"panelIndex\":28,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"8500a670-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":29,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"71272b10-6579-11e7-8471-e5432f50acbd\",\"panelIndex\":30,\"row\":8,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8d2cb120-6233-11e7-aa4b-5f8c56ec33b8\",\"panelIndex\":31,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"99382ab0-6555-11e7-8d48-19b0c51bbbbd\",\"panelIndex\":34,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f5f79b00-6555-11e7-b27e-8f8b3770f1df\",\"panelIndex\":35,\"row\":30,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"3ee07620-6556-11e7-995a-3584c2c6482c\",\"panelIndex\":38,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"caf2c4b0-6556-11e7-be5f-c5cca8dd73b6\",\"panelIndex\":42,\"row\":12,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"a13402f0-6557-11e7-a3eb-4b30743c9370\",\"panelIndex\":44,\"row\":24,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"0de63e90-6558-11e7-8547-3d133170b50d\",\"panelIndex\":45,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"39ecd800-6558-11e7-bea4-0f5fadb995cc\",\"panelIndex\":47,\"row\":18,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"9accd4a0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":48,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"col\":11,\"id\":\"b13956f0-657a-11e7-8471-e5432f50acbd\",\"panelIndex\":49,\"row\":14,\"size_x\":2,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":2,\"size_y\":2,\"panelIndex\":50,\"type\":\"visualization\",\"id\":\"a2099810-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":20},{\"size_x\":2,\"size_y\":2,\"panelIndex\":51,\"type\":\"visualization\",\"id\":\"c4987cc0-657b-11e7-8471-e5432f50acbd\",\"col\":11,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":52,\"type\":\"visualization\",\"id\":\"b3e2af90-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":26},{\"size_x\":2,\"size_y\":2,\"panelIndex\":53,\"type\":\"visualization\",\"id\":\"82fcfc50-657b-11e7-8471-e5432f50acbd\",\"col\":5,\"row\":20}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 973bb0e48..000000000 --- a/modules/netflow/configuration/kibana/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}}", "panelsJSON": "[{\"col\":1,\"id\":\"a7a47e70-2fde-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":4,\"size_x\":12,\"size_y\":5,\"type\":\"visualization\"},{\"col\":9,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":2,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4440e130-2fdd-11e7-afd7-595689f3f18c\",\"panelIndex\":3,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"4898db90-2fdb-11e7-84e6-333bd21ad9fd\",\"panelIndex\":4,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":5,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 7421e03d0..000000000 --- a/modules/netflow/configuration/kibana/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Overview", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"de9da770-2fcb-11e7-8df8-b363df28ab61\",\"panelIndex\":12,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"23d6dc80-2fd6-11e7-bc99-41245d9394f2\",\"panelIndex\":13,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"8dcbcce0-2fd6-11e7-a82c-3146dd695923\",\"panelIndex\":14,\"row\":2,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"69f864d0-2fd7-11e7-97a8-85d8d5a99269\",\"panelIndex\":15,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":17,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":9,\"id\":\"b88a8790-2fd7-11e7-bd03-932d3e38a4ff\",\"panelIndex\":21,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":5,\"id\":\"ac4cbc90-622d-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":22,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"97f430b0-622e-11e7-b0a5-e9bda2f6d168\",\"panelIndex\":23,\"row\":4,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"f6be96c0-622f-11e7-abbc-93bb293f5057\",\"panelIndex\":24,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"3fa5f6f0-2fca-11e7-ab32-99f279b941ef\",\"panelIndex\":25,\"row\":6,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":26,\"type\":\"visualization\",\"id\":\"64b144f0-658e-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":27,\"type\":\"visualization\",\"id\":\"a4ade270-658e-11e7-bfc3-d74b7bb89482\",\"col\":5,\"row\":8},{\"size_x\":4,\"size_y\":2,\"panelIndex\":29,\"type\":\"visualization\",\"id\":\"3026fe40-658f-11e7-bfc3-d74b7bb89482\",\"col\":9,\"row\":8}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json b/modules/netflow/configuration/kibana/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json deleted file mode 100644 index 2afa15599..000000000 --- a/modules/netflow/configuration/kibana/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Geo Location", "uiStateJSON": "{\"P-16\":{\"mapCenter\":[20.632784250388028,16.69921875],\"mapZoom\":2}}", "panelsJSON": "[{\"col\":5,\"id\":\"99c1a4a0-2f60-11e7-8936-6f5fd5520124\",\"panelIndex\":16,\"row\":2,\"size_x\":8,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":17,\"type\":\"visualization\",\"id\":\"6702de70-2fca-11e7-8fcd-8dc6c60d4592\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":18,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":1,\"row\":4},{\"size_x\":4,\"size_y\":2,\"panelIndex\":19,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":1,\"row\":6},{\"size_x\":12,\"size_y\":1,\"panelIndex\":20,\"type\":\"visualization\",\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":1}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 5e0a41544..000000000 --- a/modules/netflow/configuration/kibana/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"P-3\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}", "panelsJSON": "[{\"col\":4,\"id\":\"6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":2,\"row\":2,\"size_x\":9,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":3,\"row\":2,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":4,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"size_x\":12,\"size_y\":4,\"panelIndex\":5,\"type\":\"search\",\"id\":\"0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5\",\"col\":1,\"row\":4,\"columns\":[\"netflow.src_addr\",\"netflow.src_port_name\",\"netflow.dst_addr\",\"netflow.dst_port_name\",\"netflow.protocol_name\",\"netflow.bytes\",\"netflow.packets\"],\"sort\":[\"@timestamp\",\"desc\"]}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9557f34a2..000000000 --- a/modules/netflow/configuration/kibana/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"hits": 0, "timeRestore": false, "description": "", "title": "Netflow: Autonomous Systems", "uiStateJSON": "{}", "panelsJSON": "[{\"col\":1,\"id\":\"26e166f0-2fe2-11e7-9d02-3f49bde5c1d5\",\"panelIndex\":1,\"row\":1,\"size_x\":12,\"size_y\":1,\"type\":\"visualization\"},{\"col\":7,\"id\":\"8c6ce180-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":2,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"836b2010-657e-11e7-9748-5d4091219eef\",\"panelIndex\":3,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"399c9fe0-657e-11e7-bd38-dd04615e7f62\",\"panelIndex\":4,\"row\":4,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"4a548ff0-657e-11e7-9748-5d4091219eef\",\"panelIndex\":5,\"row\":6,\"size_x\":6,\"size_y\":2,\"type\":\"visualization\"},{\"size_x\":4,\"size_y\":2,\"panelIndex\":6,\"type\":\"visualization\",\"id\":\"7aaa68d0-658a-11e7-bfc3-d74b7bb89482\",\"col\":1,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":7,\"type\":\"visualization\",\"id\":\"793a6f00-2fdd-11e7-afd7-595689f3f18c\",\"col\":5,\"row\":2},{\"size_x\":4,\"size_y\":2,\"panelIndex\":8,\"type\":\"visualization\",\"id\":\"264fb270-2fdb-11e7-84e6-333bd21ad9fd\",\"col\":9,\"row\":2}]", "optionsJSON": "{\"darkTheme\":false}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}],\"highlightAll\":true,\"version\":true}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/dashboard/netflow.json b/modules/netflow/configuration/kibana/dashboard/netflow.json deleted file mode 100644 index 57fb3d414..000000000 --- a/modules/netflow/configuration/kibana/dashboard/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["a932b600-2fd2-11e7-99ed-49759aed30f5", "10584050-6234-11e7-8236-19b4b4941e22", "d7e31d40-6589-11e7-bfc3-d74b7bb89482", "310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5", "653cf1e0-2fd2-11e7-99ed-49759aed30f5", "04157d70-6591-11e7-bfc3-d74b7bb89482", "ca480720-2fdf-11e7-9d02-3f49bde5c1d5", "0809c1f0-6719-11e7-b5b8-29fbded8e37c"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/index-pattern/netflow.json b/modules/netflow/configuration/kibana/index-pattern/netflow.json deleted file mode 100644 index 714ccae0f..000000000 --- a/modules/netflow/configuration/kibana/index-pattern/netflow.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title":"netflow-*", - "timeFieldName":"@timestamp", - "notExpandable":true, - "fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"geoip.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_dst.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.as_org\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.asn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.autonomous_system\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip_src.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.direction\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.dst_vlan\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.engine_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.first_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_records\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flow_seq_num\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.flowset_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.input_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_protocol_version\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.ip_version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.last_switched\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.next_hop\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.output_snmp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.packets\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.protocol_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_algorithm\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.sampling_interval\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_addr\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_as\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_locality\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mac\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_mask_len\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.src_port_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flag_tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tcp_flags_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.tos\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"netflow.vlan\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 77c89dbcb..000000000 --- a/modules/netflow/configuration/kibana/search/0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"sort": ["@timestamp", "desc"], "hits": 0, "description": "", "title": "Netflow: Flow Records", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"highlightAll\":true,\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"version\":true}"}, "columns": ["netflow.src_addr", "netflow.src_port_name", "netflow.dst_addr", "netflow.dst_port_name", "netflow.protocol_name", "netflow.bytes", "netflow.packets"]} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/search/netflow.json b/modules/netflow/configuration/kibana/search/netflow.json deleted file mode 100644 index 733ef3aa6..000000000 --- a/modules/netflow/configuration/kibana/search/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["0d0216f0-2fe0-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/00248240-6593-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/visualization/00248240-6593-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 287e7eead..000000000 --- a/modules/netflow/configuration/kibana/visualization/00248240-6593-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index a29c7298e..000000000 --- a/modules/netflow/configuration/kibana/visualization/02e25f10-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Source Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Source Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9d5447463..000000000 --- a/modules/netflow/configuration/kibana/visualization/04990fe0-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index ffef433ab..000000000 --- a/modules/netflow/configuration/kibana/visualization/0927de10-6556-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 10bdcbf9f..000000000 --- a/modules/netflow/configuration/kibana/visualization/0de63e90-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index 72a927e76..000000000 --- a/modules/netflow/configuration/kibana/visualization/1026edb0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c4d99f23e..000000000 --- a/modules/netflow/configuration/kibana/visualization/12ca1180-6593-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 044779e36..000000000 --- a/modules/netflow/configuration/kibana/visualization/1418ce10-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index edeaa0c0f..000000000 --- a/modules/netflow/configuration/kibana/visualization/16438600-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json b/modules/netflow/configuration/kibana/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json deleted file mode 100644 index 0be4bd9ec..000000000 --- a/modules/netflow/configuration/kibana/visualization/178b0af0-6230-11e7-9a50-efc26ded795d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 651863dc9..000000000 --- a/modules/netflow/configuration/kibana/visualization/1e7d8770-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8e85e5b5c..000000000 --- a/modules/netflow/configuration/kibana/visualization/1fa2c100-6592-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.output_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Egress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 780c8bfdd..000000000 --- a/modules/netflow/configuration/kibana/visualization/206d6e90-6593-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Egress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.output_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.output_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Egress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/231fe630-6558-11e7-8547-3d133170b50d.json b/modules/netflow/configuration/kibana/visualization/231fe630-6558-11e7-8547-3d133170b50d.json deleted file mode 100644 index 41a84a30a..000000000 --- a/modules/netflow/configuration/kibana/visualization/231fe630-6558-11e7-8547-3d133170b50d.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index adc7f588e..000000000 --- a/modules/netflow/configuration/kibana/visualization/23d6dc80-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d4c9cd130..000000000 --- a/modules/netflow/configuration/kibana/visualization/264fb270-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 824d78d96..000000000 --- a/modules/netflow/configuration/kibana/visualization/26e166f0-2fe2-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Dashboard Navigation\",\"type\":\"markdown\",\"params\":{\"markdown\":\"[Overview](#/dashboard/653cf1e0-2fd2-11e7-99ed-49759aed30f5) | [Conversation Partners](#/dashboard/310ae6e0-2fdf-11e7-9d02-3f49bde5c1d5) | [Traffic Analysis](#/dashboard/10584050-6234-11e7-8236-19b4b4941e22) | [Top-N](#/dashboard/0809c1f0-6719-11e7-b5b8-29fbded8e37c) | [Geo Location](#/dashboard/a932b600-2fd2-11e7-99ed-49759aed30f5) | [Autonomous Systems](#/dashboard/d7e31d40-6589-11e7-bfc3-d74b7bb89482) | [Flow Exporters](#/dashboard/04157d70-6591-11e7-bfc3-d74b7bb89482) | [Raw Flow Records](#/dashboard/ca480720-2fdf-11e7-9d02-3f49bde5c1d5)\\n***\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Dashboard Navigation", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json b/modules/netflow/configuration/kibana/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json deleted file mode 100644 index e0df55dfc..000000000 --- a/modules/netflow/configuration/kibana/visualization/2aeac270-6230-11e7-84f1-9728c106b1b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index a90386061..000000000 --- a/modules/netflow/configuration/kibana/visualization/2c9567c0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 439a66ec7..000000000 --- a/modules/netflow/configuration/kibana/visualization/3026fe40-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index ea92c668c..000000000 --- a/modules/netflow/configuration/kibana/visualization/313a9880-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index 14aa3dc20..000000000 --- a/modules/netflow/configuration/kibana/visualization/324b0a00-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index dc7bc7990..000000000 --- a/modules/netflow/configuration/kibana/visualization/326fae40-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Protocols\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Protocols", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 7e635a2eb..000000000 --- a/modules/netflow/configuration/kibana/visualization/3277ea90-6578-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.src_addr\",\"customLabel\":\"Sources\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Source Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index 8502a7159..000000000 --- a/modules/netflow/configuration/kibana/visualization/399c9fe0-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json b/modules/netflow/configuration/kibana/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json deleted file mode 100644 index 4a175ff05..000000000 --- a/modules/netflow/configuration/kibana/visualization/39e3dab0-2fcb-11e7-befb-31e033c79e4e.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index 321546703..000000000 --- a/modules/netflow/configuration/kibana/visualization/39ecd800-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index 9f31eb410..000000000 --- a/modules/netflow/configuration/kibana/visualization/3ee07620-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json b/modules/netflow/configuration/kibana/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json deleted file mode 100644 index 52ab78c12..000000000 --- a/modules/netflow/configuration/kibana/visualization/3fa5f6f0-2fca-11e7-ab32-99f279b941ef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index cd08fa420..000000000 --- a/modules/netflow/configuration/kibana/visualization/41a7e3a0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index aa96a138b..000000000 --- a/modules/netflow/configuration/kibana/visualization/43e698c0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 28d8290e5..000000000 --- a/modules/netflow/configuration/kibana/visualization/4440e130-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json b/modules/netflow/configuration/kibana/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json deleted file mode 100644 index 55b294e2f..000000000 --- a/modules/netflow/configuration/kibana/visualization/44b3cb70-2fd6-11e7-bc99-41245d9394f2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destinations and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destinations and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json b/modules/netflow/configuration/kibana/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json deleted file mode 100644 index 1ce79aace..000000000 --- a/modules/netflow/configuration/kibana/visualization/47d426a0-2fc8-11e7-8b06-97426538fddd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index d68f4c33d..000000000 --- a/modules/netflow/configuration/kibana/visualization/4898db90-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 041d8adc8..000000000 --- a/modules/netflow/configuration/kibana/visualization/49a2d6b0-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index d5deb3d27..000000000 --- a/modules/netflow/configuration/kibana/visualization/4a548ff0-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_src.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_src.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json b/modules/netflow/configuration/kibana/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json deleted file mode 100644 index d58a47e30..000000000 --- a/modules/netflow/configuration/kibana/visualization/4a6f6030-6558-11e7-bea4-0f5fadb995cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index dceaf28c9..000000000 --- a/modules/netflow/configuration/kibana/visualization/4dc994a0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 002986eeb..000000000 --- a/modules/netflow/configuration/kibana/visualization/4ea0a8d0-658f-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Version (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Version (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 72a9f6e4f..000000000 --- a/modules/netflow/configuration/kibana/visualization/4f3525d0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 5cb7ec44c..000000000 --- a/modules/netflow/configuration/kibana/visualization/51006340-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Autonomous Systems\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Autonomous Systems", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index d9e1be23c..000000000 --- a/modules/netflow/configuration/kibana/visualization/52279a00-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json b/modules/netflow/configuration/kibana/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json deleted file mode 100644 index 65bdb5add..000000000 --- a/modules/netflow/configuration/kibana/visualization/55be8550-655e-11e7-9dda-9f993e2ba58b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Count\",\"type\":\"metric\",\"params\":{\"handleNoResults\":true,\"fontSize\":\"32\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.dst_addr\",\"customLabel\":\"Destinations\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Count", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 4e215a933..000000000 --- a/modules/netflow/configuration/kibana/visualization/55f66b20-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index ac903fd95..000000000 --- a/modules/netflow/configuration/kibana/visualization/56a23ac0-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json b/modules/netflow/configuration/kibana/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json deleted file mode 100644 index 203bd5538..000000000 --- a/modules/netflow/configuration/kibana/visualization/5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination and Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination and Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json b/modules/netflow/configuration/kibana/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json deleted file mode 100644 index b05776a8c..000000000 --- a/modules/netflow/configuration/kibana/visualization/5e58cc00-6556-11e7-995a-3584c2c6482c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 41433dc1d..000000000 --- a/modules/netflow/configuration/kibana/visualization/5fd2fe30-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index d012edf9e..000000000 --- a/modules/netflow/configuration/kibana/visualization/622844d0-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.dst_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f5c588cf6..000000000 --- a/modules/netflow/configuration/kibana/visualization/64b144f0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index f84a2a03f..000000000 --- a/modules/netflow/configuration/kibana/visualization/65f3b500-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json b/modules/netflow/configuration/kibana/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json deleted file mode 100644 index cf3908f9c..000000000 --- a/modules/netflow/configuration/kibana/visualization/6702de70-2fca-11e7-8fcd-8dc6c60d4592.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index 3441317a1..000000000 --- a/modules/netflow/configuration/kibana/visualization/691cda40-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 6eea98f5d..000000000 --- a/modules/netflow/configuration/kibana/visualization/69f864d0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 8831c4f8f..000000000 --- a/modules/netflow/configuration/kibana/visualization/6a597070-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index b66c1f49f..000000000 --- a/modules/netflow/configuration/kibana/visualization/6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Flow Records\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.last_switched\",\"interval\":\"s\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timeline\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"netflow.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index b81b1fbd2..000000000 --- a/modules/netflow/configuration/kibana/visualization/6ad67290-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.tos:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tos:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json b/modules/netflow/configuration/kibana/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json deleted file mode 100644 index fadc7dfca..000000000 --- a/modules/netflow/configuration/kibana/visualization/6c67b990-628c-11e7-95ed-8966ac93bd5a.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json b/modules/netflow/configuration/kibana/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json deleted file mode 100644 index 6ce6aea70..000000000 --- a/modules/netflow/configuration/kibana/visualization/6f6d05b0-2fc8-11e7-bf24-57efade8fd83.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 92cecc9c6..000000000 --- a/modules/netflow/configuration/kibana/visualization/71272b10-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"customLabel\": \"Source Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json b/modules/netflow/configuration/kibana/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json deleted file mode 100644 index a36c13993..000000000 --- a/modules/netflow/configuration/kibana/visualization/735d6c70-628e-11e7-a842-b787fa3508ce.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4a690fc0b..000000000 --- a/modules/netflow/configuration/kibana/visualization/73c37440-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Exporters (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Exporters (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json b/modules/netflow/configuration/kibana/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json deleted file mode 100644 index 50fb5a1ed..000000000 --- a/modules/netflow/configuration/kibana/visualization/793a6f00-2fdd-11e7-afd7-595689f3f18c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations and Sources (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations and Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index f59fe89db..000000000 --- a/modules/netflow/configuration/kibana/visualization/7aaa68d0-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 0b476ff94..000000000 --- a/modules/netflow/configuration/kibana/visualization/7c2cfd10-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 400104775..000000000 --- a/modules/netflow/configuration/kibana/visualization/7e9a7980-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 6130531e3..000000000 --- a/modules/netflow/configuration/kibana/visualization/7e9cb7e0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Flow Exporters\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"host\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Flow Exporter\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Flow Exporters", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json b/modules/netflow/configuration/kibana/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json deleted file mode 100644 index 819ce3c20..000000000 --- a/modules/netflow/configuration/kibana/visualization/7f7aac00-2fc8-11e7-8bc1-177080983dbf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Ports (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index f818ef5ec..000000000 --- a/modules/netflow/configuration/kibana/visualization/82fcfc50-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"customLabel\":\"TCP Flag States\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/835e6090-6557-11e7-87c3-994b88f84501.json b/modules/netflow/configuration/kibana/visualization/835e6090-6557-11e7-87c3-994b88f84501.json deleted file mode 100644 index 077d090bf..000000000 --- a/modules/netflow/configuration/kibana/visualization/835e6090-6557-11e7-87c3-994b88f84501.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/836b2010-657e-11e7-9748-5d4091219eef.json b/modules/netflow/configuration/kibana/visualization/836b2010-657e-11e7-9748-5d4091219eef.json deleted file mode 100644 index 23c6fdcff..000000000 --- a/modules/netflow/configuration/kibana/visualization/836b2010-657e-11e7-9748-5d4091219eef.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index eda88c1d6..000000000 --- a/modules/netflow/configuration/kibana/visualization/84e4c9f0-2fd7-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Types of Service (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tos\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Types of Service (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json deleted file mode 100644 index c178c829e..000000000 --- a/modules/netflow/configuration/kibana/visualization/8500a670-6579-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Destination Port Count\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"fontSize\": \"32\",\n \"gauge\": {\n \"autoExtend\": false,\n \"backStyle\": \"Full\",\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"gaugeColorMode\": \"None\",\n \"gaugeStyle\": \"Full\",\n \"gaugeType\": \"Metric\",\n \"invertColors\": false,\n \"labels\": {\n \"color\": \"black\",\n \"show\": true\n },\n \"orientation\": \"vertical\",\n \"percentageMode\": false,\n \"scale\": {\n \"color\": \"#333\",\n \"labels\": false,\n \"show\": false,\n \"width\": 2\n },\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": \"36\",\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"type\": \"simple\",\n \"useRange\": false,\n \"verticalSplit\": false\n },\n \"handleNoResults\": true,\n \"type\": \"gauge\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"customLabel\": \"Destination Ports\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Destination Port Count", "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n }\n }\n}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json b/modules/netflow/configuration/kibana/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json deleted file mode 100644 index 0870127bd..000000000 --- a/modules/netflow/configuration/kibana/visualization/87dbc0a0-657e-11e7-99b6-af4533b21b46.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 1834df905..000000000 --- a/modules/netflow/configuration/kibana/visualization/8a52f7a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Sources (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Sources (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json b/modules/netflow/configuration/kibana/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json deleted file mode 100644 index e3fc1fd84..000000000 --- a/modules/netflow/configuration/kibana/visualization/8c6ce180-657e-11e7-bd38-dd04615e7f62.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination Autonomous Systems (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"geoip_dst.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip_dst.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destination Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index 4b0204c67..000000000 --- a/modules/netflow/configuration/kibana/visualization/8d2cb120-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index d4303ca39..000000000 --- a/modules/netflow/configuration/kibana/visualization/8dcbcce0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index c3818b58b..000000000 --- a/modules/netflow/configuration/kibana/visualization/8f35efc0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39e5c1963..000000000 --- a/modules/netflow/configuration/kibana/visualization/91ae4100-6288-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 8e684f027..000000000 --- a/modules/netflow/configuration/kibana/visualization/97f430b0-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 42b758d7e..000000000 --- a/modules/netflow/configuration/kibana/visualization/99382ab0-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json deleted file mode 100644 index bc876cd22..000000000 --- a/modules/netflow/configuration/kibana/visualization/99c1a4a0-2f60-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Geo Location Heatmap\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Heatmap\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":\"0.32\",\"heatRadius\":\"24\",\"heatBlur\":\"16\",\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[15,5],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"precision\":2,\"customLabel\":\"Location\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Geo Location Heatmap", "uiStateJSON": "{\"mapCenter\":[8.407168163601076,9.4921875]}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json b/modules/netflow/configuration/kibana/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json deleted file mode 100644 index b33bf5844..000000000 --- a/modules/netflow/configuration/kibana/visualization/99e49de0-2fcc-11e7-842d-39925ea8ac40.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json b/modules/netflow/configuration/kibana/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json deleted file mode 100644 index 5bf13524a..000000000 --- a/modules/netflow/configuration/kibana/visualization/9a4938d0-6592-11e7-b8de-af19b696fa44.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 81e822cc4..000000000 --- a/modules/netflow/configuration/kibana/visualization/9accd4a0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: ToS Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.tos\",\"customLabel\":\"Types of Service\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: ToS Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json b/modules/netflow/configuration/kibana/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json deleted file mode 100644 index b090e4edc..000000000 --- a/modules/netflow/configuration/kibana/visualization/9b5d3b80-2fc9-11e7-bd31-a722d271a9cc.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 335b17d0b..000000000 --- a/modules/netflow/configuration/kibana/visualization/9f113d80-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destinations\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destinations", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index 5958480c9..000000000 --- a/modules/netflow/configuration/kibana/visualization/9f9e54b0-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index 19fe02da6..000000000 --- a/modules/netflow/configuration/kibana/visualization/a13402f0-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 2a0f7aa07..000000000 --- a/modules/netflow/configuration/kibana/visualization/a2099810-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous System Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.autonomous_system\",\"customLabel\":\"Autonomous Systems\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous System Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8b15e7be6..000000000 --- a/modules/netflow/configuration/kibana/visualization/a3541940-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 9f1db8814..000000000 --- a/modules/netflow/configuration/kibana/visualization/a4ade270-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 3ed157264..000000000 --- a/modules/netflow/configuration/kibana/visualization/a7a47e70-2fde-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Conversation Partners\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Conversation Partners", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json b/modules/netflow/configuration/kibana/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json deleted file mode 100644 index 31e9491f3..000000000 --- a/modules/netflow/configuration/kibana/visualization/a8b68cb0-2fc8-11e7-8d8b-45ec51795dad.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (bytes)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 78466c9b2..000000000 --- a/modules/netflow/configuration/kibana/visualization/a8eadac0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Destination Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.dst_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Destination Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Destination Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 7a5f6bd30..000000000 --- a/modules/netflow/configuration/kibana/visualization/ac4cbc90-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 46dcb5544..000000000 --- a/modules/netflow/configuration/kibana/visualization/ad5cb080-622e-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.tcp_flags_label\",\"size\":255,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TCP Flags\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json b/modules/netflow/configuration/kibana/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json deleted file mode 100644 index 9a448e61a..000000000 --- a/modules/netflow/configuration/kibana/visualization/af1425a0-2fc7-11e7-8936-6f5fd5520124.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.dst_addr\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json b/modules/netflow/configuration/kibana/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json deleted file mode 100644 index 392445794..000000000 --- a/modules/netflow/configuration/kibana/visualization/af23cb20-2fc9-11e7-8224-a900ea73fa5f.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index 63c839f71..000000000 --- a/modules/netflow/configuration/kibana/visualization/b02faaf0-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json deleted file mode 100644 index d0302eeda..000000000 --- a/modules/netflow/configuration/kibana/visualization/b13956f0-657a-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLAN Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.vlan\",\"customLabel\":\"VLANs\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLAN Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6dbda475a..000000000 --- a/modules/netflow/configuration/kibana/visualization/b2c9a3d0-658e-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Direction (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.direction\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Direction\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Direction (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json b/modules/netflow/configuration/kibana/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json deleted file mode 100644 index 8c142fdb2..000000000 --- a/modules/netflow/configuration/kibana/visualization/b2d02df0-6556-11e7-a807-e52f264c6cfd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destinations (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.dst_addr:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.dst_addr:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Destinations (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index e2ed3b6e0..000000000 --- a/modules/netflow/configuration/kibana/visualization/b3e2af90-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Country Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.country_name\",\"customLabel\":\"Countries\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Country Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 79a84236c..000000000 --- a/modules/netflow/configuration/kibana/visualization/b58e1380-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Sources\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.src_addr\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Source\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Sources", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json b/modules/netflow/configuration/kibana/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json deleted file mode 100644 index 39cb5931b..000000000 --- a/modules/netflow/configuration/kibana/visualization/b61f84d0-6289-11e7-bcd8-a16ef1d32773.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.bytes\\\", split=\\\"netflow.vlan:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.vlan:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"bytes / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 81a54099b..000000000 --- a/modules/netflow/configuration/kibana/visualization/b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json b/modules/netflow/configuration/kibana/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json deleted file mode 100644 index dc66b8395..000000000 --- a/modules/netflow/configuration/kibana/visualization/b74bbb70-2fd6-11e7-a82c-3146dd695923.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Sources and Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_addr\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Sources and Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json b/modules/netflow/configuration/kibana/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json deleted file mode 100644 index d69c6798d..000000000 --- a/modules/netflow/configuration/kibana/visualization/b88a8790-2fd7-11e7-bd03-932d3e38a4ff.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json b/modules/netflow/configuration/kibana/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json deleted file mode 100644 index 18f82618e..000000000 --- a/modules/netflow/configuration/kibana/visualization/bb8e3d90-2fca-11e7-9fcf-99b4b8159f98.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries and Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Countries and Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json b/modules/netflow/configuration/kibana/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json deleted file mode 100644 index 6e50cf6d1..000000000 --- a/modules/netflow/configuration/kibana/visualization/bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Flow Records\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Flow Records", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json b/modules/netflow/configuration/kibana/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json deleted file mode 100644 index c11358aed..000000000 --- a/modules/netflow/configuration/kibana/visualization/bfec6260-6592-11e7-9bf4-ed832088be20.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json b/modules/netflow/configuration/kibana/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json deleted file mode 100644 index 721d37d97..000000000 --- a/modules/netflow/configuration/kibana/visualization/c4987cc0-657b-11e7-8471-e5432f50acbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: City Count\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"fontSize\":\"32\",\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"36\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"handleNoResults\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"geoip.city_name\",\"customLabel\":\"Cities\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: City Count", "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 4896722ab..000000000 --- a/modules/netflow/configuration/kibana/visualization/c61bd8b0-658c-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Traffic Volume by Source Port\",\n \"type\": \"area\",\n \"params\": {\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Time\"\n }\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Bytes\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"stacked\",\n \"data\": {\n \"label\": \"Bytes\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": false,\n \"interpolate\": \"cardinal\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.bytes\",\n \"customLabel\": \"Bytes\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.last_switched\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Time\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Traffic Volume by Source Port", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json b/modules/netflow/configuration/kibana/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json deleted file mode 100644 index b72f29aaa..000000000 --- a/modules/netflow/configuration/kibana/visualization/c6319680-2fc9-11e7-823a-89e4bb55eaa1.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.city_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json b/modules/netflow/configuration/kibana/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json deleted file mode 100644 index 12569f797..000000000 --- a/modules/netflow/configuration/kibana/visualization/c6b36620-2fc8-11e7-87d6-cdce05879baf.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (flow records)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Flow Records\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index 33dee4b2b..000000000 --- a/modules/netflow/configuration/kibana/visualization/ca786e30-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index c614b431e..000000000 --- a/modules/netflow/configuration/kibana/visualization/caea3760-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (flow records)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index c41547f1f..000000000 --- a/modules/netflow/configuration/kibana/visualization/caf2c4b0-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index bdf3d88ae..000000000 --- a/modules/netflow/configuration/kibana/visualization/d07a2870-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json b/modules/netflow/configuration/kibana/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json deleted file mode 100644 index 3c083014e..000000000 --- a/modules/netflow/configuration/kibana/visualization/d297fe60-2fd7-11e7-af27-99e728e71e91.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 2485949c8..000000000 --- a/modules/netflow/configuration/kibana/visualization/d2a2db30-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index 121ee308b..000000000 --- a/modules/netflow/configuration/kibana/visualization/d4a408a0-671a-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Cities\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":true,\"showTotal\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Country\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.city_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"City\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Cities", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json b/modules/netflow/configuration/kibana/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json deleted file mode 100644 index 5726f7273..000000000 --- a/modules/netflow/configuration/kibana/visualization/d8f24780-2fcc-11e7-9bae-a35d2fe38fc2.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json b/modules/netflow/configuration/kibana/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json deleted file mode 100644 index 5140e74fc..000000000 --- a/modules/netflow/configuration/kibana/visualization/d9fdbd80-6555-11e7-8d48-19b0c51bbbbd.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Cities (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.city_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.city_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Cities (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json b/modules/netflow/configuration/kibana/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json deleted file mode 100644 index bc4d21c02..000000000 --- a/modules/netflow/configuration/kibana/visualization/daa62090-6557-11e7-a3eb-4b30743c9370.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: TCP Flags (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.tcp_flags_label:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.tcp_flags_label:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: TCP Flags (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json b/modules/netflow/configuration/kibana/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json deleted file mode 100644 index b5c28766f..000000000 --- a/modules/netflow/configuration/kibana/visualization/dcf88c60-6233-11e7-aa4b-5f8c56ec33b8.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"geoip.autonomous_system:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.autonomous_system:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flows records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json b/modules/netflow/configuration/kibana/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json deleted file mode 100644 index 00f3c1814..000000000 --- a/modules/netflow/configuration/kibana/visualization/de9b3dd0-2fc8-11e7-844c-67b9b101127b.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\n \"title\": \"Netflow: Source Ports (packets)\",\n \"type\": \"pie\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"sum\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"netflow.packets\",\n \"customLabel\": \"Packets\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"netflow.src_port_name\",\n \"size\": 50,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source Port\"\n }\n }\n ],\n \"listeners\": {}\n}", "description": "", "title": "Netflow: Source Ports (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\n \"index\": \"netflow-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index e576bf57d..000000000 --- a/modules/netflow/configuration/kibana/visualization/de9da770-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: IP Version and Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.ip_version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: IP Version and Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json b/modules/netflow/configuration/kibana/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json deleted file mode 100644 index 21445a0ce..000000000 --- a/modules/netflow/configuration/kibana/visualization/e2a7fc60-6592-11e7-8b83-5b2419db46fa.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"netflow.input_snmp:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.input_snmp:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 8caead0e1..000000000 --- a/modules/netflow/configuration/kibana/visualization/e2f43d10-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (bytes)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 21b84b4db..000000000 --- a/modules/netflow/configuration/kibana/visualization/e3ef9130-658a-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Destination and Source ASs (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_dst.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip_src.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source AS\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Destination and Source ASs (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json b/modules/netflow/configuration/kibana/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json deleted file mode 100644 index ce99c6763..000000000 --- a/modules/netflow/configuration/kibana/visualization/e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: VLANs (packets)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.vlan\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"VLAN\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: VLANs (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json b/modules/netflow/configuration/kibana/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json deleted file mode 100644 index d2e84a449..000000000 --- a/modules/netflow/configuration/kibana/visualization/ef7699a0-6719-11e7-b5b8-29fbded8e37c.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Top Destination Ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"netflow.dst_port_name\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"2\",\"customLabel\":\"Destination\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Top Destination Ports", "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json b/modules/netflow/configuration/kibana/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json deleted file mode 100644 index 6988e1057..000000000 --- a/modules/netflow/configuration/kibana/visualization/f11380e0-6591-11e7-bfc3-d74b7bb89482.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Ingress Interfaces (packets)\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.packets\",\"customLabel\":\"Packets\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.input_snmp\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Ingress Interface\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Ingress Interfaces (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json b/modules/netflow/configuration/kibana/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json deleted file mode 100644 index d11744ec2..000000000 --- a/modules/netflow/configuration/kibana/visualization/f2fea250-2fcb-11e7-8df8-b363df28ab61.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Protocols (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.protocol_name\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Protocols (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json b/modules/netflow/configuration/kibana/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json deleted file mode 100644 index e0f66eec5..000000000 --- a/modules/netflow/configuration/kibana/visualization/f5f79b00-6555-11e7-b27e-8f8b3770f1df.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Countries (packets)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", metric=\\\"sum:netflow.packets\\\", split=\\\"geoip.country_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* geoip.country_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"packets / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Countries (packets)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json b/modules/netflow/configuration/kibana/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json deleted file mode 100644 index dd617f198..000000000 --- a/modules/netflow/configuration/kibana/visualization/f687e140-622d-11e7-b0a5-e9bda2f6d168.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Autonomous Systems (flow records)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Flow Records\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.autonomous_system\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Autonomous System\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Autonomous Systems (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json b/modules/netflow/configuration/kibana/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json deleted file mode 100644 index 8dcf4e344..000000000 --- a/modules/netflow/configuration/kibana/visualization/f6be96c0-622f-11e7-abbc-93bb293f5057.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Locality (bytes)\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"netflow.bytes\",\"customLabel\":\"Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"netflow.flow_locality\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Locality\"}}],\"listeners\":{}}", "description": "", "title": "Netflow: Locality (bytes)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json b/modules/netflow/configuration/kibana/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json deleted file mode 100644 index 05d2e79dc..000000000 --- a/modules/netflow/configuration/kibana/visualization/f8731d50-2fd6-11e7-97a8-85d8d5a99269.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Flow Exporter\",\"field\":\"host\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"title\":\"Netflow: Flow Exporters (flow records)\",\"type\":\"pie\"}", "description": "", "title": "Netflow: Flow Exporters (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"index\":\"netflow-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json b/modules/netflow/configuration/kibana/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json deleted file mode 100644 index 5a1e3199f..000000000 --- a/modules/netflow/configuration/kibana/visualization/fd081e50-6556-11e7-be5f-c5cca8dd73b6.json +++ /dev/null @@ -1 +0,0 @@ -{"visState": "{\"title\":\"Netflow: Source Ports (flow records)\",\"type\":\"timelion\",\"params\":{\"expression\":\".es(index=\\\"netflow-*\\\", split=\\\"netflow.src_port_name:10\\\", kibana=true).scale_interval(1s).fit(mode=scale).if(operator=\\\"lt\\\", if=0, then=0).trim(start=2,end=1).label(regex=\\\"^.* netflow.src_port_name:(.+) > .*$\\\", label=\\\"$1\\\").lines(width=1, stack=true, fill=1).yaxis(label=\\\"flow records / sec\\\", min=0)\",\"interval\":\"auto\"},\"aggs\":[],\"listeners\":{}}", "description": "", "title": "Netflow: Source Ports (flow records)", "uiStateJSON": "{}", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"}} \ No newline at end of file diff --git a/modules/netflow/configuration/kibana/visualization/netflow.json b/modules/netflow/configuration/kibana/visualization/netflow.json deleted file mode 100644 index 3943af169..000000000 --- a/modules/netflow/configuration/kibana/visualization/netflow.json +++ /dev/null @@ -1 +0,0 @@ -["39e3dab0-2fcb-11e7-befb-31e033c79e4e", "1026edb0-2fcc-11e7-842d-39925ea8ac40", "b6a092e0-2fcc-11e7-9bae-a35d2fe38fc2", "99c1a4a0-2f60-11e7-8936-6f5fd5520124", "b02faaf0-2fcb-11e7-8df8-b363df28ab61", "d07a2870-2fcc-11e7-9bae-a35d2fe38fc2", "8f35efc0-2fcc-11e7-842d-39925ea8ac40", "de9da770-2fcb-11e7-8df8-b363df28ab61", "d8f24780-2fcc-11e7-9bae-a35d2fe38fc2", "99e49de0-2fcc-11e7-842d-39925ea8ac40", "f2fea250-2fcb-11e7-8df8-b363df28ab61", "ad5cb080-622e-11e7-b0a5-e9bda2f6d168", "7e9a7980-622e-11e7-b0a5-e9bda2f6d168", "97f430b0-622e-11e7-b0a5-e9bda2f6d168", "2aeac270-6230-11e7-84f1-9728c106b1b6", "178b0af0-6230-11e7-9a50-efc26ded795d", "f6be96c0-622f-11e7-abbc-93bb293f5057", "8d2cb120-6233-11e7-aa4b-5f8c56ec33b8", "6a597070-6233-11e7-aa4b-5f8c56ec33b8", "dcf88c60-6233-11e7-aa4b-5f8c56ec33b8", "6ad67290-6289-11e7-bcd8-a16ef1d32773", "2c9567c0-6289-11e7-bcd8-a16ef1d32773", "b61f84d0-6289-11e7-bcd8-a16ef1d32773", "52279a00-628c-11e7-95ed-8966ac93bd5a", "56a23ac0-628e-11e7-a842-b787fa3508ce", "735d6c70-628e-11e7-a842-b787fa3508ce", "a3541940-6556-11e7-a807-e52f264c6cfd", "f5f79b00-6555-11e7-b27e-8f8b3770f1df", "65f3b500-6557-11e7-87c3-994b88f84501", "b2d02df0-6556-11e7-a807-e52f264c6cfd", "0927de10-6556-11e7-b27e-8f8b3770f1df", "0de63e90-6558-11e7-8547-3d133170b50d", "a13402f0-6557-11e7-a3eb-4b30743c9370", "231fe630-6558-11e7-8547-3d133170b50d", "daa62090-6557-11e7-a3eb-4b30743c9370", "39ecd800-6558-11e7-bea4-0f5fadb995cc", "835e6090-6557-11e7-87c3-994b88f84501", "4a6f6030-6558-11e7-bea4-0f5fadb995cc", "a7a47e70-2fde-11e7-9d02-3f49bde5c1d5", "bb8e3d90-2fca-11e7-9fcf-99b4b8159f98", "6702de70-2fca-11e7-8fcd-8dc6c60d4592", "3fa5f6f0-2fca-11e7-ab32-99f279b941ef", "691cda40-2fc9-11e7-823a-89e4bb55eaa1", "49a2d6b0-2fc9-11e7-8224-a900ea73fa5f", "324b0a00-2fc9-11e7-bd31-a722d271a9cc", "c6319680-2fc9-11e7-823a-89e4bb55eaa1", "99382ab0-6555-11e7-8d48-19b0c51bbbbd", "6c67b990-628c-11e7-95ed-8966ac93bd5a", "ca786e30-622d-11e7-b0a5-e9bda2f6d168", "f687e140-622d-11e7-b0a5-e9bda2f6d168", "ac4cbc90-622d-11e7-b0a5-e9bda2f6d168", "d9fdbd80-6555-11e7-8d48-19b0c51bbbbd", "af23cb20-2fc9-11e7-8224-a900ea73fa5f", "9b5d3b80-2fc9-11e7-bd31-a722d271a9cc", "84e4c9f0-2fd7-11e7-97a8-85d8d5a99269", "69f864d0-2fd7-11e7-97a8-85d8d5a99269", "4dc994a0-2fd7-11e7-97a8-85d8d5a99269", "e8251d30-2fd7-11e7-a4f6-dbb93cfb4a10", "b88a8790-2fd7-11e7-bd03-932d3e38a4ff", "d297fe60-2fd7-11e7-af27-99e728e71e91", "793a6f00-2fdd-11e7-afd7-595689f3f18c", "4440e130-2fdd-11e7-afd7-595689f3f18c", "af1425a0-2fc7-11e7-8936-6f5fd5520124", "4f3525d0-2fc7-11e7-8936-6f5fd5520124", "5fd2fe30-2fc7-11e7-8936-6f5fd5520124", "55f66b20-2fdd-11e7-afd7-595689f3f18c", "8a52f7a0-2fc7-11e7-8936-6f5fd5520124", "1e7d8770-2fc7-11e7-8936-6f5fd5520124", "7c2cfd10-2fc7-11e7-8936-6f5fd5520124", "9accd4a0-657a-11e7-8471-e5432f50acbd", "3277ea90-6578-11e7-8471-e5432f50acbd", "b13956f0-657a-11e7-8471-e5432f50acbd", "55be8550-655e-11e7-9dda-9f993e2ba58b", "a2099810-657b-11e7-8471-e5432f50acbd", "82fcfc50-657b-11e7-8471-e5432f50acbd", "b3e2af90-657b-11e7-8471-e5432f50acbd", "c4987cc0-657b-11e7-8471-e5432f50acbd", "bbac23d0-2fe0-11e7-9d02-3f49bde5c1d5", "399c9fe0-657e-11e7-bd38-dd04615e7f62", "43e698c0-657e-11e7-99b6-af4533b21b46", "e3ef9130-658a-11e7-bfc3-d74b7bb89482", "836b2010-657e-11e7-9748-5d4091219eef", "7aaa68d0-658a-11e7-bfc3-d74b7bb89482", "d2a2db30-658a-11e7-bfc3-d74b7bb89482", "8c6ce180-657e-11e7-bd38-dd04615e7f62", "4a548ff0-657e-11e7-9748-5d4091219eef", "87dbc0a0-657e-11e7-99b6-af4533b21b46", "73c37440-658e-11e7-bfc3-d74b7bb89482", "64b144f0-658e-11e7-bfc3-d74b7bb89482", "f8731d50-2fd6-11e7-97a8-85d8d5a99269", "a4ade270-658e-11e7-bfc3-d74b7bb89482", "16438600-2fcb-11e7-befb-31e033c79e4e", "6a7e4790-2fe0-11e7-9d02-3f49bde5c1d5", "b2c9a3d0-658e-11e7-bfc3-d74b7bb89482", "41a7e3a0-658f-11e7-bfc3-d74b7bb89482", "4ea0a8d0-658f-11e7-bfc3-d74b7bb89482", "3026fe40-658f-11e7-bfc3-d74b7bb89482", "9a4938d0-6592-11e7-b8de-af19b696fa44", "bfec6260-6592-11e7-9bf4-ed832088be20", "f11380e0-6591-11e7-bfc3-d74b7bb89482", "04990fe0-6592-11e7-bfc3-d74b7bb89482", "1fa2c100-6592-11e7-bfc3-d74b7bb89482", "e2f43d10-6591-11e7-bfc3-d74b7bb89482", "1418ce10-6592-11e7-bfc3-d74b7bb89482", "caea3760-6591-11e7-bfc3-d74b7bb89482", "8500a670-6579-11e7-8471-e5432f50acbd", "e2a7fc60-6592-11e7-8b83-5b2419db46fa", "206d6e90-6593-11e7-8b83-5b2419db46fa", "00248240-6593-11e7-b8de-af19b696fa44", "47d426a0-2fc8-11e7-8b06-97426538fddd", "12ca1180-6593-11e7-9bf4-ed832088be20", "5c5d6f60-2fdb-11e7-84e6-333bd21ad9fd", "264fb270-2fdb-11e7-84e6-333bd21ad9fd", "4898db90-2fdb-11e7-84e6-333bd21ad9fd", "44b3cb70-2fd6-11e7-bc99-41245d9394f2", "23d6dc80-2fd6-11e7-bc99-41245d9394f2", "622844d0-6288-11e7-bcd8-a16ef1d32773", "6f6d05b0-2fc8-11e7-bf24-57efade8fd83", "5e58cc00-6556-11e7-995a-3584c2c6482c", "7f7aac00-2fc8-11e7-8bc1-177080983dbf", "71272b10-6579-11e7-8471-e5432f50acbd", "313a9880-2fd6-11e7-bc99-41245d9394f2", "8dcbcce0-2fd6-11e7-a82c-3146dd695923", "caf2c4b0-6556-11e7-be5f-c5cca8dd73b6", "91ae4100-6288-11e7-bcd8-a16ef1d32773", "de9b3dd0-2fc8-11e7-844c-67b9b101127b", "c6b36620-2fc8-11e7-87d6-cdce05879baf", "a8b68cb0-2fc8-11e7-8d8b-45ec51795dad", "fd081e50-6556-11e7-be5f-c5cca8dd73b6", "a8eadac0-658c-11e7-bfc3-d74b7bb89482", "c61bd8b0-658c-11e7-bfc3-d74b7bb89482", "9f9e54b0-2fd6-11e7-a82c-3146dd695923", "b74bbb70-2fd6-11e7-a82c-3146dd695923", "3ee07620-6556-11e7-995a-3584c2c6482c", "d4a408a0-671a-11e7-b5b8-29fbded8e37c", "51006340-671a-11e7-b5b8-29fbded8e37c", "ef7699a0-6719-11e7-b5b8-29fbded8e37c", "9f113d80-6719-11e7-b5b8-29fbded8e37c", "02e25f10-671a-11e7-b5b8-29fbded8e37c", "326fae40-671a-11e7-b5b8-29fbded8e37c", "7e9cb7e0-671a-11e7-b5b8-29fbded8e37c", "b58e1380-6719-11e7-b5b8-29fbded8e37c", "26e166f0-2fe2-11e7-9d02-3f49bde5c1d5"] \ No newline at end of file diff --git a/modules/netflow/configuration/logstash/dictionaries/iana_protocol_numbers.yml b/modules/netflow/configuration/logstash/dictionaries/iana_protocol_numbers.yml deleted file mode 100644 index c0a5f986f..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/iana_protocol_numbers.yml +++ /dev/null @@ -1,138 +0,0 @@ -"0": HOPOPT -"1": ICMP -"2": IGMP -"3": GGP -"4": IPv4 -"5": ST -"6": TCP -"7": CBT -"8": EGP -"9": IGP -"10": BBN-RCC-MON -"11": NVP-II -"12": PUP -"13": ARGUS -"14": EMCON -"15": XNET -"16": CHAOS -"17": UDP -"18": MUX -"19": DCN-MEAS -"20": HMP -"21": PRM -"22": XNS-IDP -"23": TRUNK-1 -"24": TRUNK-2 -"25": LEAF-1 -"26": LEAF-2 -"27": RDP -"28": IRTP -"29": ISO-TP4 -"30": NETBLT -"31": MFE-NSP -"32": MERIT-INP -"33": DCCP -"34": 3PC -"35": IDPR -"36": XTP -"37": DDP -"38": IDPR-CMTP -"39": TP++ -"40": IL -"41": IPv6 -"42": SDRP -"43": IPv6-Route -"44": IPv6-Frag -"45": IDRP -"46": RSVP -"47": GRE -"48": DSR -"49": BNA -"50": ESP -"51": AH -"52": I-NLSP -"53": SWIPE -"54": NARP -"55": MOBILE -"56": TLSP -"57": SKIP -"58": IPv6-ICMP -"59": IPv6-NoNxt -"60": IPv6-Opts -"62": CFTP -"64": SAT-EXPAK -"65": KRYPTOLAN -"66": RVD -"67": IPPC -"69": SAT-MON -"70": VISA -"71": IPCV -"72": CPNX -"73": CPHB -"74": WSN -"75": PVP -"76": BR-SAT-MON -"77": SUN-ND -"78": WB-MON -"79": WB-EXPAK -"80": ISO-IP -"81": VMTP -"82": SECURE-VMTP -"83": VINES -"84": TTP -"85": NSFNET-IGP -"86": DGP -"87": TCF -"88": EIGRP -"89": OSPFIGP -"90": Sprite-RPC -"91": LARP -"92": MTP -"93": AX.25 -"94": IPIP -"95": MICP -"96": SCC-SP -"97": ETHERIP -"98": ENCAP -"100": GMTP -"101": IFMP -"102": PNNI -"103": PIM -"104": ARIS -"105": SCPS -"106": QNX -"107": A/N -"108": IPComp -"109": SNP -"110": Compaq-Peer -"111": IPX-in-IP -"112": VRRP -"113": PGM -"115": L2TP -"116": DDX -"117": IATP -"118": STP -"119": SRP -"120": UTI -"121": SMP -"122": SM -"123": PTP -"124": ISIS over IPv4 -"125": FIRE -"126": CRTP -"127": CRUDP -"128": SSCOPMCE -"129": IPLT -"130": SPS -"131": PIPE -"132": SCTP -"133": FC -"134": RSVP-E2E-IGNORE -"136": UDPLite -"137": MPLS-in-IP -"138": manet -"139": HIP -"140": Shim6 -"141": WESP -"142": ROHC -"255": Reserved diff --git a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml b/modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml deleted file mode 100644 index f2cfdb63c..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml +++ /dev/null @@ -1,8 +0,0 @@ -"9": discard -"1021": exp1 -"1022": exp2 -"1113": ltp-deepspace -"4556": dtn-bundle -"5004": avt-profile-1 -"5005": avt-profile-2 -"6514": syslog-tls diff --git a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml b/modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml deleted file mode 100644 index f3024c53f..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml +++ /dev/null @@ -1,68 +0,0 @@ -"9": discard -"20": ftp-data -"21": ftp -"22": ssh -"80": http -"179": bgp -"443": https -"1021": exp1 -"1022": exp2 -"1167": cisco-ipsla -"1720": h323hostcall -"2049": nfs -"2225": rcip-itu -"2904": m2ua -"2905": m3ua -"2944": megaco-h248 -"2945": h248-binary -"3097": itu-bicc-stc -"3565": m2pa -"3863": asap-sctp -"3864": asap-sctp-tls -"3868": diameter -"4333": ahsp -"4502": a25-fap-fgw -"4739": ipfix -"4740": ipfixs -"5060": sip -"5061": sips -"5090": car -"5091": cxtp -"5215": noteza -"5445": smbdirect -"5672": amqp -"5675": v5ua -"5868": diameters -"5910": cm -"5911": cpdlc -"5912": fis -"5913": ads-c -"6704": frc-hp -"6705": frc-mp -"6706": frc-lp -"6970": conductor-mpx -"7626": simco -"7728": osvr -"8471": pim-port -"9082": lcs-ap -"9084": aurora -"9900": iua -"9901": enrp-sctp -"9902": enrp-sctp-tls -"11997": wmereceiving -"11998": wmedistribution -"11999": wmereporting -"14001": sua -"20049": nfsrdma -"25471": rna -"29118": sgsap -"29168": sbcap -"29169": iuhsctpassoc -"30100": rwp -"36412": s1-control -"36422": x2-control -"36423": slmap -"36424": nq-ap -"36443": m2ap -"36444": m3ap -"36462": xw-control diff --git a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml b/modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml deleted file mode 100644 index 0c7068745..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml +++ /dev/null @@ -1,5842 +0,0 @@ -"1": tcpmux -"2": compressnet -"3": compressnet -"5": rje -"7": echo -"9": discard -"11": systat -"13": daytime -"17": qotd -"18": msp -"19": chargen -"20": ftp-data -"21": ftp -"22": ssh -"23": telnet -"25": smtp -"27": nsw-fe -"29": msg-icp -"31": msg-auth -"33": dsp -"37": time -"38": rap -"39": rlp -"41": graphics -"42": nameserver -"43": nicname -"44": mpm-flags -"45": mpm -"46": mpm-snd -"47": ni-ftp -"48": auditd -"49": tacacs -"50": re-mail-ck -"52": xns-time -"53": dns -"54": xns-ch -"55": isi-gl -"56": xns-auth -"58": xns-mail -"61": ni-mail -"62": acas -"63": whoispp -"64": covia -"65": tacacs-ds -"66": sql-net -"67": bootps -"68": bootpc -"69": tftp -"70": gopher -"71": netrjs-1 -"72": netrjs-2 -"73": netrjs-3 -"74": netrjs-4 -"76": deos -"78": vettcp -"79": finger -"80": http -"82": xfer -"83": mit-ml-dev -"84": ctf -"85": mit-ml-dev -"86": mfcobol -"88": kerberos -"89": su-mit-tg -"90": dnsix -"91": mit-dov -"92": npp -"93": dcp -"94": objcall -"95": supdup -"96": dixie -"97": swift-rvf -"98": tacnews -"99": metagram -"101": hostname -"102": iso-tsap -"103": gppitnp -"104": acr-nema -"105": csnet-ns -"105": cso -"106": 3com-tsmux -"107": rtelnet -"108": snagas -"109": pop2 -"110": pop3 -"111": sunrpc -"112": mcidas -"113": auth -"115": sftp -"116": ansanotify -"117": uucp-path -"118": sqlserv -"119": nntp -"120": cfdptkt -"121": erpc -"122": smakynet -"123": ntp -"124": ansatrader -"125": locus-map -"126": nxedit -"127": locus-con -"128": gss-xlicen -"129": pwdgen -"130": cisco-fna -"131": cisco-tna -"132": cisco-sys -"133": statsrv -"134": ingres-net -"135": epmap -"136": profile -"137": netbios-ns -"138": netbios-dgm -"139": netbios-ssn -"140": emfis-data -"141": emfis-cntl -"142": bl-idm -"143": imap -"144": uma -"145": uaac -"146": iso-tp0 -"147": iso-ip -"148": jargon -"149": aed-512 -"150": sql-net -"151": hems -"152": bftp -"153": sgmp -"154": netsc-prod -"155": netsc-dev -"156": sqlsrv -"157": knet-cmp -"158": pcmail-srv -"159": nss-routing -"160": sgmp-traps -"161": snmp -"162": snmptrap -"163": cmip-man -"164": cmip-agent -"165": xns-courier -"166": s-net -"167": namp -"168": rsvd -"169": send -"170": print-srv -"171": multiplex -"172": cl-1 -"173": xyplex-mux -"174": mailq -"175": vmnet -"176": genrad-mux -"177": xdmcp -"178": nextstep -"179": bgp -"180": ris -"181": unify -"182": audit -"183": ocbinder -"184": ocserver -"185": remote-kis -"186": kis -"187": aci -"188": mumps -"189": qft -"190": gacp -"191": prospero -"192": osu-nms -"193": srmp -"194": irc -"195": dn6-nlm-aud -"196": dn6-smm-red -"197": dls -"198": dls-mon -"199": smux -"200": src -"201": at-rtmp -"202": at-nbp -"203": at-3 -"204": at-echo -"205": at-5 -"206": at-zis -"207": at-7 -"208": at-8 -"209": qmtp -"210": z39-50 -"211": 914c-g -"212": anet -"213": ipx -"214": vmpwscs -"215": softpc -"216": CAIlic -"217": dbase -"218": mpp -"219": uarps -"220": imap3 -"221": fln-spx -"222": rsh-spx -"223": cdc -"224": masqdialer -"242": direct -"243": sur-meas -"244": inbusiness -"245": link -"246": dsp3270 -"247": subntbcst-tftp -"248": bhfhs -"256": rap -"257": set -"259": esro-gen -"260": openport -"261": nsiiops -"262": arcisdms -"263": hdap -"264": bgmp -"265": x-bone-ctl -"266": sst -"267": td-service -"268": td-replica -"269": manet -"271": pt-tls -"280": http-mgmt -"281": personal-link -"282": cableport-ax -"283": rescap -"284": corerjd -"286": fxp -"287": k-block -"308": novastorbakcup -"309": entrusttime -"310": bhmds -"311": asip-webadmin -"312": vslmp -"313": magenta-logic -"314": opalis-robot -"315": dpsi -"316": decauth -"317": zannet -"318": pkix-timestamp -"319": ptp-event -"320": ptp-general -"321": pip -"322": rtsps -"323": rpki-rtr -"324": rpki-rtr-tls -"333": texar -"344": pdap -"345": pawserv -"346": zserv -"347": fatserv -"348": csi-sgwp -"349": mftp -"350": matip-type-a -"351": matip-type-b -"352": dtag-ste-sb -"353": ndsauth -"354": bh611 -"355": datex-asn -"356": cloanto-net-1 -"357": bhevent -"358": shrinkwrap -"359": nsrmp -"360": scoi2odialog -"361": semantix -"362": srssend -"363": rsvp-tunnel -"364": aurora-cmgr -"365": dtk -"366": odmr -"367": mortgageware -"368": qbikgdp -"369": rpc2portmap -"370": codaauth2 -"371": clearcase -"372": ulistproc -"373": legent-1 -"374": legent-2 -"375": hassle -"376": nip -"377": tnETOS -"378": dsETOS -"379": is99c -"380": is99s -"381": hp-collector -"382": hp-managed-node -"383": hp-alarm-mgr -"384": arns -"385": ibm-app -"386": asa -"387": aurp -"388": unidata-ldm -"389": ldap -"390": uis -"391": synotics-relay -"392": synotics-broker -"393": meta5 -"394": embl-ndt -"395": netcp -"396": netware-ip -"397": mptn -"398": kryptolan -"399": iso-tsap-c2 -"400": osb-sd -"401": ups -"402": genie -"403": decap -"404": nced -"405": ncld -"406": imsp -"407": timbuktu -"408": prm-sm -"409": prm-nm -"410": decladebug -"411": rmt -"412": synoptics-trap -"413": smsp -"414": infoseek -"415": bnet -"416": silverplatter -"417": onmux -"418": hyper-g -"419": ariel1 -"420": smpte -"421": ariel2 -"422": ariel3 -"423": opc-job-start -"424": opc-job-track -"425": icad-el -"426": smartsdp -"427": svrloc -"428": ocs-cmu -"429": ocs-amu -"430": utmpsd -"431": utmpcd -"432": iasd -"433": nnsp -"434": mobileip-agent -"435": mobilip-mn -"436": dna-cml -"437": comscm -"438": dsfgw -"439": dasp -"440": sgcp -"441": decvms-sysmgt -"442": cvc-hostd -"443": https -"444": snpp -"445": microsoft-ds -"446": ddm-rdb -"447": ddm-dfm -"448": ddm-ssl -"449": as-servermap -"450": tserver -"451": sfs-smp-net -"452": sfs-config -"453": creativeserver -"454": contentserver -"455": creativepartnr -"456": macon-tcp -"457": scohelp -"458": appleqtc -"459": ampr-rcmd -"460": skronk -"461": datasurfsrv -"462": datasurfsrvsec -"463": alpes -"464": kpasswd -"465": urd -"466": digital-vrc -"467": mylex-mapd -"468": photuris -"469": rcp -"470": scx-proxy -"471": mondex -"472": ljk-login -"473": hybrid-pop -"474": tn-tl-w1 -"475": tcpnethaspsrv -"476": tn-tl-fd1 -"477": ss7ns -"478": spsc -"479": iafserver -"480": iafdbase -"481": ph -"482": bgs-nsi -"483": ulpnet -"484": integra-sme -"485": powerburst -"486": avian -"487": saft -"488": gss-http -"489": nest-protocol -"490": micom-pfs -"491": go-login -"492": ticf-1 -"493": ticf-2 -"494": pov-ray -"495": intecourier -"496": pim-rp-disc -"497": retrospect -"498": siam -"499": iso-ill -"500": isakmp -"501": stmf -"502": mbap -"503": intrinsa -"504": citadel -"505": mailbox-lm -"506": ohimsrv -"507": crs -"508": xvttp -"509": snare -"510": fcp -"511": passgo -"512": exec -"513": login -"514": shell -"515": printer -"516": videotex -"517": talk -"518": ntalk -"519": utime -"520": efs -"521": ripng -"522": ulp -"523": ibm-db2 -"524": ncp -"525": timed -"526": tempo -"527": stx -"528": custix -"529": irc-serv -"530": courier -"531": conference -"532": netnews -"533": netwall -"534": windream -"535": iiop -"536": opalis-rdv -"537": nmsp -"538": gdomap -"539": apertus-ldp -"540": uucp -"541": uucp-rlogin -"542": commerce -"543": klogin -"544": kshell -"545": appleqtcsrvr -"546": dhcpv6-client -"547": dhcpv6-server -"548": afpovertcp -"549": idfp -"550": new-rwho -"551": cybercash -"552": devshr-nts -"553": pirp -"554": rtsp -"555": dsf -"556": remotefs -"557": openvms-sysipc -"558": sdnskmp -"559": teedtap -"560": rmonitor -"561": monitor -"562": chshell -"563": nntps -"564": 9pfs -"565": whoami -"566": streettalk -"567": banyan-rpc -"568": ms-shuttle -"569": ms-rome -"570": meter -"571": meter -"572": sonar -"573": banyan-vip -"574": ftp-agent -"575": vemmi -"576": ipcd -"577": vnas -"578": ipdd -"579": decbsrv -"580": sntp-heartbeat -"581": bdp -"582": scc-security -"583": philips-vc -"584": keyserver -"586": password-chg -"587": submission -"588": cal -"589": eyelink -"590": tns-cml -"591": http-alt -"592": eudora-set -"593": http-rpc-epmap -"594": tpip -"595": cab-protocol -"596": smsd -"597": ptcnameservice -"598": sco-websrvrmg3 -"599": acp -"600": ipcserver -"601": syslog-conn -"602": xmlrpc-beep -"603": idxp -"604": tunnel -"605": soap-beep -"606": urm -"607": nqs -"608": sift-uft -"609": npmp-trap -"610": npmp-local -"611": npmp-gui -"612": hmmp-ind -"613": hmmp-op -"614": sshell -"615": sco-inetmgr -"616": sco-sysmgr -"617": sco-dtmgr -"618": dei-icda -"619": compaq-evm -"620": sco-websrvrmgr -"621": escp-ip -"622": collaborator -"623": oob-ws-http -"624": cryptoadmin -"625": dec-dlm -"626": asia -"627": passgo-tivoli -"628": qmqp -"629": 3com-amp3 -"630": rda -"631": ipp -"632": bmpp -"633": servstat -"634": ginad -"635": rlzdbase -"636": ldaps -"637": lanserver -"638": mcns-sec -"639": msdp -"640": entrust-sps -"641": repcmd -"642": esro-emsdp -"643": sanity -"644": dwr -"645": pssc -"646": ldp -"647": dhcp-failover -"648": rrp -"649": cadview-3d -"650": obex -"651": ieee-mms -"652": hello-port -"653": repscmd -"654": aodv -"655": tinc -"656": spmp -"657": rmc -"658": tenfold -"660": mac-srvr-admin -"661": hap -"662": pftp -"663": purenoise -"664": oob-ws-https -"665": sun-dr -"666": doom -"667": disclose -"668": mecomm -"669": meregister -"670": vacdsm-sws -"671": vacdsm-app -"672": vpps-qua -"673": cimplex -"674": acap -"675": dctp -"676": vpps-via -"677": vpp -"678": ggf-ncp -"679": mrm -"680": entrust-aaas -"681": entrust-aams -"682": xfr -"683": corba-iiop -"684": corba-iiop-ssl -"685": mdc-portmapper -"686": hcp-wismar -"687": asipregistry -"688": realm-rusd -"689": nmap -"690": vatp -"691": msexch-routing -"692": hyperwave-isp -"693": connendp -"694": ha-cluster -"695": ieee-mms-ssl -"696": rushd -"697": uuidgen -"698": olsr -"699": accessnetwork -"700": epp -"701": lmp -"702": iris-beep -"704": elcsd -"705": agentx -"706": silc -"707": borland-dsj -"709": entrust-kmsh -"710": entrust-ash -"711": cisco-tdp -"712": tbrpf -"713": iris-xpc -"714": iris-xpcs -"715": iris-lwz -"729": netviewdm1 -"730": netviewdm2 -"731": netviewdm3 -"741": netgw -"742": netrcs -"744": flexlm -"747": fujitsu-dev -"748": ris-cm -"749": kerberos-adm -"750": rfile -"751": pump -"752": qrh -"753": rrh -"754": tell -"758": nlogin -"759": con -"760": ns -"761": rxe -"762": quotad -"763": cycleserv -"764": omserv -"765": webster -"767": phonebook -"769": vid -"770": cadlock -"771": rtip -"772": cycleserv2 -"773": submit -"774": rpasswd -"775": entomb -"776": wpages -"777": multiling-http -"780": wpgs -"800": mdbs-daemon -"801": device -"802": mbap-s -"810": fcp-udp -"828": itm-mcell-s -"829": pkix-3-ca-ra -"830": netconf-ssh -"831": netconf-beep -"832": netconfsoaphttp -"833": netconfsoapbeep -"847": dhcp-failover2 -"848": gdoi -"853": domain-s -"860": iscsi -"861": owamp-control -"862": twamp-control -"873": rsync -"886": iclcnet-locate -"887": iclcnet-svinfo -"888": accessbuilder -"900": omginitialrefs -"901": smpnameres -"902": ideafarm-door -"903": ideafarm-panic -"910": kink -"911": xact-backup -"912": apex-mesh -"913": apex-edge -"989": ftps-data -"990": ftps -"991": nas -"992": telnets -"993": imaps -"995": pop3s -"996": vsinet -"997": maitrd -"998": busboy -"999": puprouter -"1000": cadlock2 -"1001": webpush -"1010": surf -"1021": exp1 -"1022": exp2 -"1025": blackjack -"1026": cap -"1029": solid-mux -"1033": netinfo-local -"1034": activesync -"1035": mxxrlogin -"1036": nsstp -"1037": ams -"1038": mtqp -"1039": sbl -"1040": netarx -"1041": danf-ak2 -"1042": afrog -"1043": boinc-client -"1044": dcutility -"1045": fpitp -"1046": wfremotertm -"1047": neod1 -"1048": neod2 -"1049": td-postman -"1050": cma -"1051": optima-vnet -"1052": ddt -"1053": remote-as -"1054": brvread -"1055": ansyslmd -"1056": vfo -"1057": startron -"1058": nim -"1059": nimreg -"1060": polestar -"1061": kiosk -"1062": veracity -"1063": kyoceranetdev -"1064": jstel -"1065": syscomlan -"1066": fpo-fns -"1067": instl-boots -"1068": instl-bootc -"1069": cognex-insight -"1070": gmrupdateserv -"1071": bsquare-voip -"1072": cardax -"1073": bridgecontrol -"1074": warmspotMgmt -"1075": rdrmshc -"1076": dab-sti-c -"1077": imgames -"1078": avocent-proxy -"1079": asprovatalk -"1080": socks -"1081": pvuniwien -"1082": amt-esd-prot -"1083": ansoft-lm-1 -"1084": ansoft-lm-2 -"1085": webobjects -"1086": cplscrambler-lg -"1087": cplscrambler-in -"1088": cplscrambler-al -"1089": ff-annunc -"1090": ff-fms -"1091": ff-sm -"1092": obrpd -"1093": proofd -"1094": rootd -"1095": nicelink -"1096": cnrprotocol -"1097": sunclustermgr -"1098": rmiactivation -"1099": rmiregistry -"1100": mctp -"1101": pt2-discover -"1102": adobeserver-1 -"1103": adobeserver-2 -"1104": xrl -"1105": ftranhc -"1106": isoipsigport-1 -"1107": isoipsigport-2 -"1108": ratio-adp -"1110": webadmstart -"1111": lmsocialserver -"1112": icp -"1113": ltp-deepspace -"1114": mini-sql -"1115": ardus-trns -"1116": ardus-cntl -"1117": ardus-mtrns -"1118": sacred -"1119": bnetgame -"1120": bnetfile -"1121": rmpp -"1122": availant-mgr -"1123": murray -"1124": hpvmmcontrol -"1125": hpvmmagent -"1126": hpvmmdata -"1127": kwdb-commn -"1128": saphostctrl -"1129": saphostctrls -"1130": casp -"1131": caspssl -"1132": kvm-via-ip -"1133": dfn -"1134": aplx -"1135": omnivision -"1136": hhb-gateway -"1137": trim -"1138": encrypted-admin -"1139": evm -"1140": autonoc -"1141": mxomss -"1142": edtools -"1143": imyx -"1144": fuscript -"1145": x9-icue -"1146": audit-transfer -"1147": capioverlan -"1148": elfiq-repl -"1149": bvtsonar -"1150": blaze -"1151": unizensus -"1152": winpoplanmess -"1153": c1222-acse -"1154": resacommunity -"1155": nfa -"1156": iascontrol-oms -"1157": iascontrol -"1158": dbcontrol-oms -"1159": oracle-oms -"1160": olsv -"1161": health-polling -"1162": health-trap -"1163": sddp -"1164": qsm-proxy -"1165": qsm-gui -"1166": qsm-remote -"1167": cisco-ipsla -"1168": vchat -"1169": tripwire -"1170": atc-lm -"1171": atc-appserver -"1172": dnap -"1173": d-cinema-rrp -"1174": fnet-remote-ui -"1175": dossier -"1176": indigo-server -"1177": dkmessenger -"1178": sgi-storman -"1179": b2n -"1180": mc-client -"1181": 3comnetman -"1182": accelenet -"1183": llsurfup-http -"1184": llsurfup-https -"1185": catchpole -"1186": mysql-cluster -"1187": alias -"1188": hp-webadmin -"1189": unet -"1190": commlinx-avl -"1191": gpfs -"1192": caids-sensor -"1193": fiveacross -"1194": openvpn -"1195": rsf-1 -"1196": netmagic -"1197": carrius-rshell -"1198": cajo-discovery -"1199": dmidi -"1200": scol -"1201": nucleus-sand -"1202": caiccipc -"1203": ssslic-mgr -"1204": ssslog-mgr -"1205": accord-mgc -"1206": anthony-data -"1207": metasage -"1208": seagull-ais -"1209": ipcd3 -"1210": eoss -"1211": groove-dpp -"1212": lupa -"1213": mpc-lifenet -"1214": kazaa -"1215": scanstat-1 -"1216": etebac5 -"1217": hpss-ndapi -"1218": aeroflight-ads -"1219": aeroflight-ret -"1220": qt-serveradmin -"1221": sweetware-apps -"1222": nerv -"1223": tgp -"1224": vpnz -"1225": slinkysearch -"1226": stgxfws -"1227": dns2go -"1228": florence -"1229": zented -"1230": periscope -"1231": menandmice-lpm -"1232": first-defense -"1233": univ-appserver -"1234": search-agent -"1235": mosaicsyssvc1 -"1236": bvcontrol -"1237": tsdos390 -"1238": hacl-qs -"1239": nmsd -"1240": instantia -"1241": nessus -"1242": nmasoverip -"1243": serialgateway -"1244": isbconference1 -"1245": isbconference2 -"1246": payrouter -"1247": visionpyramid -"1248": hermes -"1249": mesavistaco -"1250": swldy-sias -"1251": servergraph -"1252": bspne-pcc -"1253": q55-pcc -"1254": de-noc -"1255": de-cache-query -"1256": de-server -"1257": shockwave2 -"1258": opennl -"1259": opennl-voice -"1260": ibm-ssd -"1261": mpshrsv -"1262": qnts-orb -"1263": dka -"1264": prat -"1265": dssiapi -"1266": dellpwrappks -"1267": epc -"1268": propel-msgsys -"1269": watilapp -"1270": opsmgr -"1271": excw -"1272": cspmlockmgr -"1273": emc-gateway -"1274": t1distproc -"1275": ivcollector -"1277": miva-mqs -"1278": dellwebadmin-1 -"1279": dellwebadmin-2 -"1280": pictrography -"1281": healthd -"1282": emperion -"1283": productinfo -"1284": iee-qfx -"1285": neoiface -"1286": netuitive -"1287": routematch -"1288": navbuddy -"1289": jwalkserver -"1290": winjaserver -"1291": seagulllms -"1292": dsdn -"1293": pkt-krb-ipsec -"1294": cmmdriver -"1295": ehtp -"1296": dproxy -"1297": sdproxy -"1298": lpcp -"1299": hp-sci -"1300": h323hostcallsc -"1301": ci3-software-1 -"1302": ci3-software-2 -"1303": sftsrv -"1304": boomerang -"1305": pe-mike -"1306": re-conn-proto -"1307": pacmand -"1308": odsi -"1309": jtag-server -"1310": husky -"1311": rxmon -"1312": sti-envision -"1313": bmc-patroldb -"1314": pdps -"1315": els -"1316": exbit-escp -"1317": vrts-ipcserver -"1318": krb5gatekeeper -"1319": amx-icsp -"1320": amx-axbnet -"1321": pip -"1322": novation -"1323": brcd -"1324": delta-mcp -"1325": dx-instrument -"1326": wimsic -"1327": ultrex -"1328": ewall -"1329": netdb-export -"1330": streetperfect -"1331": intersan -"1332": pcia-rxp-b -"1333": passwrd-policy -"1334": writesrv -"1335": digital-notary -"1336": ischat -"1337": menandmice-dns -"1338": wmc-log-svc -"1339": kjtsiteserver -"1340": naap -"1341": qubes -"1342": esbroker -"1343": re101 -"1344": icap -"1345": vpjp -"1346": alta-ana-lm -"1347": bbn-mmc -"1348": bbn-mmx -"1349": sbook -"1350": editbench -"1351": equationbuilder -"1352": lotusnote -"1353": relief -"1354": XSIP-network -"1355": intuitive-edge -"1356": cuillamartin -"1357": pegboard -"1358": connlcli -"1359": ftsrv -"1360": mimer -"1361": linx -"1362": timeflies -"1363": ndm-requester -"1364": ndm-server -"1365": adapt-sna -"1366": netware-csp -"1367": dcs -"1368": screencast -"1369": gv-us -"1370": us-gv -"1371": fc-cli -"1372": fc-ser -"1373": chromagrafx -"1374": molly -"1375": bytex -"1376": ibm-pps -"1377": cichlid -"1378": elan -"1379": dbreporter -"1380": telesis-licman -"1381": apple-licman -"1382": udt-os -"1383": gwha -"1384": os-licman -"1385": atex-elmd -"1386": checksum -"1387": cadsi-lm -"1388": objective-dbc -"1389": iclpv-dm -"1390": iclpv-sc -"1391": iclpv-sas -"1392": iclpv-pm -"1393": iclpv-nls -"1394": iclpv-nlc -"1395": iclpv-wsm -"1396": dvl-activemail -"1397": audio-activmail -"1398": video-activmail -"1399": cadkey-licman -"1400": cadkey-tablet -"1401": goldleaf-licman -"1402": prm-sm-np -"1403": prm-nm-np -"1404": igi-lm -"1405": ibm-res -"1406": netlabs-lm -"1407": tibet-server -"1408": sophia-lm -"1409": here-lm -"1410": hiq -"1411": af -"1412": innosys -"1413": innosys-acl -"1414": ibm-mqseries -"1415": dbstar -"1416": novell-lu6-2 -"1417": timbuktu-srv1 -"1418": timbuktu-srv2 -"1419": timbuktu-srv3 -"1420": timbuktu-srv4 -"1421": gandalf-lm -"1422": autodesk-lm -"1423": essbase -"1424": hybrid -"1425": zion-lm -"1426": sais -"1427": mloadd -"1428": informatik-lm -"1429": nms -"1430": tpdu -"1431": rgtp -"1432": blueberry-lm -"1433": ms-sql-s -"1434": ms-sql-m -"1435": ibm-cics -"1436": saism -"1437": tabula -"1438": eicon-server -"1439": eicon-x25 -"1440": eicon-slp -"1441": cadis-1 -"1442": cadis-2 -"1443": ies-lm -"1444": marcam-lm -"1445": proxima-lm -"1446": ora-lm -"1447": apri-lm -"1448": oc-lm -"1449": peport -"1450": dwf -"1451": infoman -"1452": gtegsc-lm -"1453": genie-lm -"1454": interhdl-elmd -"1455": esl-lm -"1456": dca -"1457": valisys-lm -"1458": nrcabq-lm -"1459": proshare1 -"1460": proshare2 -"1461": ibm-wrless-lan -"1462": world-lm -"1463": nucleus -"1464": msl-lmd -"1465": pipes -"1466": oceansoft-lm -"1467": csdmbase -"1468": csdm -"1469": aal-lm -"1470": uaiact -"1471": csdmbase -"1472": csdm -"1473": openmath -"1474": telefinder -"1475": taligent-lm -"1476": clvm-cfg -"1477": ms-sna-server -"1478": ms-sna-base -"1479": dberegister -"1480": pacerforum -"1481": airs -"1482": miteksys-lm -"1483": afs -"1484": confluent -"1485": lansource -"1486": nms-topo-serv -"1487": localinfosrvr -"1488": docstor -"1489": dmdocbroker -"1490": insitu-conf -"1492": stone-design-1 -"1493": netmap-lm -"1494": ica -"1495": cvc -"1496": liberty-lm -"1497": rfx-lm -"1498": sybase-sqlany -"1499": fhc -"1500": vlsi-lm -"1501": saiscm -"1502": shivadiscovery -"1503": imtc-mcs -"1504": evb-elm -"1505": funkproxy -"1506": utcd -"1507": symplex -"1508": diagmond -"1509": robcad-lm -"1510": mvx-lm -"1511": 3l-l1 -"1512": wins -"1513": fujitsu-dtc -"1514": fujitsu-dtcns -"1515": ifor-protocol -"1516": vpad -"1517": vpac -"1518": vpvd -"1519": vpvc -"1520": atm-zip-office -"1521": ncube-lm -"1522": ricardo-lm -"1523": cichild-lm -"1524": ingreslock -"1525": orasrv -"1526": pdap-np -"1527": tlisrv -"1529": coauthor -"1530": rap-service -"1531": rap-listen -"1532": miroconnect -"1533": virtual-places -"1534": micromuse-lm -"1535": ampr-info -"1536": ampr-inter -"1537": sdsc-lm -"1538": 3ds-lm -"1539": intellistor-lm -"1540": rds -"1541": rds2 -"1542": gridgen-elmd -"1543": simba-cs -"1544": aspeclmd -"1545": vistium-share -"1546": abbaccuray -"1547": laplink -"1548": axon-lm -"1549": shivahose -"1550": 3m-image-lm -"1551": hecmtl-db -"1552": pciarray -"1553": sna-cs -"1554": caci-lm -"1555": livelan -"1556": veritas-pbx -"1557": arbortext-lm -"1558": xingmpeg -"1559": web2host -"1560": asci-val -"1561": facilityview -"1562": pconnectmgr -"1563": cadabra-lm -"1564": pay-per-view -"1565": winddlb -"1566": corelvideo -"1567": jlicelmd -"1568": tsspmap -"1569": ets -"1570": orbixd -"1571": rdb-dbs-disp -"1572": chip-lm -"1573": itscomm-ns -"1574": mvel-lm -"1575": oraclenames -"1576": moldflow-lm -"1577": hypercube-lm -"1578": jacobus-lm -"1579": ioc-sea-lm -"1580": tn-tl-r1 -"1581": mil-2045-47001 -"1582": msims -"1583": simbaexpress -"1584": tn-tl-fd2 -"1585": intv -"1586": ibm-abtact -"1587": pra-elmd -"1588": triquest-lm -"1589": vqp -"1590": gemini-lm -"1591": ncpm-pm -"1592": commonspace -"1593": mainsoft-lm -"1594": sixtrak -"1595": radio -"1596": radio-sm -"1597": orbplus-iiop -"1598": picknfs -"1599": simbaservices -"1600": issd -"1601": aas -"1602": inspect -"1603": picodbc -"1604": icabrowser -"1605": slp -"1606": slm-api -"1607": stt -"1608": smart-lm -"1609": isysg-lm -"1610": taurus-wh -"1611": ill -"1612": netbill-trans -"1613": netbill-keyrep -"1614": netbill-cred -"1615": netbill-auth -"1616": netbill-prod -"1617": nimrod-agent -"1618": skytelnet -"1619": xs-openstorage -"1620": faxportwinport -"1621": softdataphone -"1622": ontime -"1623": jaleosnd -"1624": udp-sr-port -"1625": svs-omagent -"1626": shockwave -"1627": t128-gateway -"1628": lontalk-norm -"1629": lontalk-urgnt -"1630": oraclenet8cman -"1631": visitview -"1632": pammratc -"1633": pammrpc -"1634": loaprobe -"1635": edb-server1 -"1636": isdc -"1637": islc -"1638": ismc -"1639": cert-initiator -"1640": cert-responder -"1641": invision -"1642": isis-am -"1643": isis-ambc -"1644": saiseh -"1645": sightline -"1646": sa-msg-port -"1647": rsap -"1648": concurrent-lm -"1649": kermit -"1650": nkd -"1651": shiva-confsrvr -"1652": xnmp -"1653": alphatech-lm -"1654": stargatealerts -"1655": dec-mbadmin -"1656": dec-mbadmin-h -"1657": fujitsu-mmpdc -"1658": sixnetudr -"1659": sg-lm -"1660": skip-mc-gikreq -"1661": netview-aix-1 -"1662": netview-aix-2 -"1663": netview-aix-3 -"1664": netview-aix-4 -"1665": netview-aix-5 -"1666": netview-aix-6 -"1667": netview-aix-7 -"1668": netview-aix-8 -"1669": netview-aix-9 -"1670": netview-aix-10 -"1671": netview-aix-11 -"1672": netview-aix-12 -"1673": proshare-mc-1 -"1674": proshare-mc-2 -"1675": pdp -"1676": netcomm1 -"1677": groupwise -"1678": prolink -"1679": darcorp-lm -"1680": microcom-sbp -"1681": sd-elmd -"1682": lanyon-lantern -"1683": ncpm-hip -"1684": snaresecure -"1685": n2nremote -"1686": cvmon -"1687": nsjtp-ctrl -"1688": nsjtp-data -"1689": firefox -"1690": ng-umds -"1691": empire-empuma -"1692": sstsys-lm -"1693": rrirtr -"1694": rrimwm -"1695": rrilwm -"1696": rrifmm -"1697": rrisat -"1698": rsvp-encap-1 -"1699": rsvp-encap-2 -"1700": mps-raft -"1701": l2tp -"1702": deskshare -"1703": hb-engine -"1704": bcs-broker -"1705": slingshot -"1706": jetform -"1707": vdmplay -"1708": gat-lmd -"1709": centra -"1710": impera -"1711": pptconference -"1712": registrar -"1713": conferencetalk -"1714": sesi-lm -"1715": houdini-lm -"1716": xmsg -"1717": fj-hdnet -"1718": h323gatedisc -"1719": h323gatestat -"1720": h323hostcall -"1721": caicci -"1722": hks-lm -"1723": pptp -"1724": csbphonemaster -"1725": iden-ralp -"1726": iberiagames -"1727": winddx -"1728": telindus -"1729": citynl -"1730": roketz -"1731": msiccp -"1732": proxim -"1733": siipat -"1734": cambertx-lm -"1735": privatechat -"1736": street-stream -"1737": ultimad -"1738": gamegen1 -"1739": webaccess -"1740": encore -"1741": cisco-net-mgmt -"1742": 3Com-nsd -"1743": cinegrfx-lm -"1744": ncpm-ft -"1745": remote-winsock -"1746": ftrapid-1 -"1747": ftrapid-2 -"1748": oracle-em1 -"1749": aspen-services -"1750": sslp -"1751": swiftnet -"1752": lofr-lm -"1753": predatar-comms -"1754": oracle-em2 -"1755": ms-streaming -"1756": capfast-lmd -"1757": cnhrp -"1758": tftp-mcast -"1759": spss-lm -"1760": www-ldap-gw -"1761": cft-0 -"1762": cft-1 -"1763": cft-2 -"1764": cft-3 -"1765": cft-4 -"1766": cft-5 -"1767": cft-6 -"1768": cft-7 -"1769": bmc-net-adm -"1770": bmc-net-svc -"1771": vaultbase -"1772": essweb-gw -"1773": kmscontrol -"1774": global-dtserv -"1775": vdab -"1776": femis -"1777": powerguardian -"1778": prodigy-intrnet -"1779": pharmasoft -"1780": dpkeyserv -"1781": answersoft-lm -"1782": hp-hcip -"1784": finle-lm -"1785": windlm -"1786": funk-logger -"1787": funk-license -"1788": psmond -"1789": hello -"1790": nmsp -"1791": ea1 -"1792": ibm-dt-2 -"1793": rsc-robot -"1794": cera-bcm -"1795": dpi-proxy -"1796": vocaltec-admin -"1797": uma -"1798": etp -"1799": netrisk -"1800": ansys-lm -"1801": msmq -"1802": concomp1 -"1803": hp-hcip-gwy -"1804": enl -"1805": enl-name -"1806": musiconline -"1807": fhsp -"1808": oracle-vp2 -"1809": oracle-vp1 -"1810": jerand-lm -"1811": scientia-sdb -"1812": radius -"1813": radius-acct -"1814": tdp-suite -"1815": mmpft -"1816": harp -"1817": rkb-oscs -"1818": etftp -"1819": plato-lm -"1820": mcagent -"1821": donnyworld -"1822": es-elmd -"1823": unisys-lm -"1824": metrics-pas -"1825": direcpc-video -"1826": ardt -"1827": asi -"1828": itm-mcell-u -"1829": optika-emedia -"1830": net8-cman -"1831": myrtle -"1832": tht-treasure -"1833": udpradio -"1834": ardusuni -"1835": ardusmul -"1836": ste-smsc -"1837": csoft1 -"1838": talnet -"1839": netopia-vo1 -"1840": netopia-vo2 -"1841": netopia-vo3 -"1842": netopia-vo4 -"1843": netopia-vo5 -"1844": direcpc-dll -"1845": altalink -"1846": tunstall-pnc -"1847": slp-notify -"1848": fjdocdist -"1849": alpha-sms -"1850": gsi -"1851": ctcd -"1852": virtual-time -"1853": vids-avtp -"1854": buddy-draw -"1855": fiorano-rtrsvc -"1856": fiorano-msgsvc -"1857": datacaptor -"1858": privateark -"1859": gammafetchsvr -"1860": sunscalar-svc -"1861": lecroy-vicp -"1862": mysql-cm-agent -"1863": msnp -"1864": paradym-31port -"1865": entp -"1866": swrmi -"1867": udrive -"1868": viziblebrowser -"1869": transact -"1870": sunscalar-dns -"1871": canocentral0 -"1872": canocentral1 -"1873": fjmpjps -"1874": fjswapsnp -"1875": westell-stats -"1876": ewcappsrv -"1877": hp-webqosdb -"1878": drmsmc -"1879": nettgain-nms -"1880": vsat-control -"1881": ibm-mqseries2 -"1882": ecsqdmn -"1883": mqtt -"1884": idmaps -"1885": vrtstrapserver -"1886": leoip -"1887": filex-lport -"1888": ncconfig -"1889": unify-adapter -"1890": wilkenlistener -"1891": childkey-notif -"1892": childkey-ctrl -"1893": elad -"1894": o2server-port -"1896": b-novative-ls -"1897": metaagent -"1898": cymtec-port -"1899": mc2studios -"1900": ssdp -"1901": fjicl-tep-a -"1902": fjicl-tep-b -"1903": linkname -"1904": fjicl-tep-c -"1905": sugp -"1906": tpmd -"1907": intrastar -"1908": dawn -"1909": global-wlink -"1910": ultrabac -"1911": mtp -"1912": rhp-iibp -"1913": armadp -"1914": elm-momentum -"1915": facelink -"1916": persona -"1917": noagent -"1918": can-nds -"1919": can-dch -"1920": can-ferret -"1921": noadmin -"1922": tapestry -"1923": spice -"1924": xiip -"1925": discovery-port -"1926": egs -"1927": videte-cipc -"1928": emsd-port -"1929": bandwiz-system -"1930": driveappserver -"1931": amdsched -"1932": ctt-broker -"1933": xmapi -"1934": xaapi -"1935": macromedia-fcs -"1936": jetcmeserver -"1937": jwserver -"1938": jwclient -"1939": jvserver -"1940": jvclient -"1941": dic-aida -"1942": res -"1943": beeyond-media -"1944": close-combat -"1945": dialogic-elmd -"1946": tekpls -"1947": sentinelsrm -"1948": eye2eye -"1949": ismaeasdaqlive -"1950": ismaeasdaqtest -"1951": bcs-lmserver -"1952": mpnjsc -"1953": rapidbase -"1954": abr-api -"1955": abr-secure -"1956": vrtl-vmf-ds -"1957": unix-status -"1958": dxadmind -"1959": simp-all -"1960": nasmanager -"1961": bts-appserver -"1962": biap-mp -"1963": webmachine -"1964": solid-e-engine -"1965": tivoli-npm -"1966": slush -"1967": sns-quote -"1968": lipsinc -"1969": lipsinc1 -"1970": netop-rc -"1971": netop-school -"1972": intersys-cache -"1973": dlsrap -"1974": drp -"1975": tcoflashagent -"1976": tcoregagent -"1977": tcoaddressbook -"1978": unisql -"1979": unisql-java -"1980": pearldoc-xact -"1981": p2pq -"1982": estamp -"1983": lhtp -"1984": bb -"1985": hsrp -"1986": licensedaemon -"1987": tr-rsrb-p1 -"1988": tr-rsrb-p2 -"1989": tr-rsrb-p3 -"1990": stun-p1 -"1991": stun-p2 -"1992": ipsendmsg -"1992": stun-p3 -"1993": snmp-tcp-port -"1994": stun-port -"1995": perf-port -"1996": tr-rsrb-port -"1997": gdp-port -"1998": x25-svc-port -"1999": tcp-id-port -"2000": cisco-sccp -"2001": dc -"2002": globe -"2003": brutus -"2004": mailbox -"2005": berknet -"2006": invokator -"2007": dectalk -"2008": conf -"2009": news -"2010": search -"2011": raid-cc -"2012": ttyinfo -"2013": raid-am -"2014": troff -"2015": cypress -"2016": bootserver -"2017": cypress-stat -"2018": terminaldb -"2019": whosockami -"2020": xinupageserver -"2021": servexec -"2022": down -"2023": xinuexpansion3 -"2024": xinuexpansion4 -"2025": ellpack -"2026": scrabble -"2027": shadowserver -"2028": submitserver -"2029": hsrpv6 -"2030": device2 -"2031": mobrien-chat -"2032": blackboard -"2033": glogger -"2034": scoremgr -"2035": imsldoc -"2036": e-dpnet -"2037": applus -"2038": objectmanager -"2039": prizma -"2040": lam -"2041": interbase -"2042": isis -"2043": isis-bcast -"2044": rimsl -"2045": cdfunc -"2046": sdfunc -"2047": dls -"2048": dls-monitor -"2049": nfs -"2050": av-emb-config -"2051": epnsdp -"2052": clearvisn -"2053": lot105-ds-upd -"2054": weblogin -"2055": iop -"2056": omnisky -"2057": rich-cp -"2058": newwavesearch -"2059": bmc-messaging -"2060": teleniumdaemon -"2061": netmount -"2062": icg-swp -"2063": icg-bridge -"2064": icg-iprelay -"2065": dlsrpn -"2066": aura -"2067": dlswpn -"2068": avauthsrvprtcl -"2069": event-port -"2070": ah-esp-encap -"2071": acp-port -"2072": msync -"2073": gxs-data-port -"2074": vrtl-vmf-sa -"2075": newlixengine -"2076": newlixconfig -"2077": tsrmagt -"2078": tpcsrvr -"2079": idware-router -"2080": autodesk-nlm -"2081": kme-trap-port -"2082": infowave -"2083": radsec -"2084": sunclustergeo -"2085": ada-cip -"2086": gnunet -"2087": eli -"2088": ip-blf -"2089": sep -"2090": lrp -"2091": prp -"2092": descent3 -"2093": nbx-cc -"2094": nbx-au -"2095": nbx-ser -"2096": nbx-dir -"2097": jetformpreview -"2098": dialog-port -"2099": h2250-annex-g -"2100": amiganetfs -"2101": rtcm-sc104 -"2102": zephyr-srv -"2103": zephyr-clt -"2104": zephyr-hm -"2105": minipay -"2106": mzap -"2107": bintec-admin -"2108": comcam -"2109": ergolight -"2110": umsp -"2111": dsatp -"2112": idonix-metanet -"2113": hsl-storm -"2114": newheights -"2115": kdm -"2116": ccowcmr -"2117": mentaclient -"2118": mentaserver -"2119": gsigatekeeper -"2120": qencp -"2121": scientia-ssdb -"2122": caupc-remote -"2123": gtp-control -"2124": elatelink -"2125": lockstep -"2126": pktcable-cops -"2127": index-pc-wb -"2128": net-steward -"2129": cs-live -"2130": xds -"2131": avantageb2b -"2132": solera-epmap -"2133": zymed-zpp -"2134": avenue -"2135": gris -"2136": appworxsrv -"2137": connect -"2138": unbind-cluster -"2139": ias-auth -"2140": ias-reg -"2141": ias-admind -"2142": tdmoip -"2143": lv-jc -"2144": lv-ffx -"2145": lv-pici -"2146": lv-not -"2147": lv-auth -"2148": veritas-ucl -"2149": acptsys -"2150": dynamic3d -"2151": docent -"2152": gtp-user -"2153": ctlptc -"2154": stdptc -"2155": brdptc -"2156": trp -"2157": xnds -"2158": touchnetplus -"2159": gdbremote -"2160": apc-2160 -"2161": apc-2161 -"2162": navisphere -"2163": navisphere-sec -"2164": ddns-v3 -"2165": x-bone-api -"2166": iwserver -"2167": raw-serial -"2168": easy-soft-mux -"2169": brain -"2170": eyetv -"2171": msfw-storage -"2172": msfw-s-storage -"2173": msfw-replica -"2174": msfw-array -"2175": airsync -"2176": rapi -"2177": qwave -"2178": bitspeer -"2179": vmrdp -"2180": mc-gt-srv -"2181": eforward -"2182": cgn-stat -"2183": cgn-config -"2184": nvd -"2185": onbase-dds -"2186": gtaua -"2187": ssmc -"2188": radware-rpm -"2189": radware-rpm-s -"2190": tivoconnect -"2191": tvbus -"2192": asdis -"2193": drwcs -"2197": mnp-exchange -"2198": onehome-remote -"2199": onehome-help -"2200": ici -"2201": ats -"2202": imtc-map -"2203": b2-runtime -"2204": b2-license -"2205": jps -"2206": hpocbus -"2207": hpssd -"2208": hpiod -"2209": rimf-ps -"2210": noaaport -"2211": emwin -"2212": leecoposserver -"2213": kali -"2214": rpi -"2215": ipcore -"2216": vtu-comms -"2217": gotodevice -"2218": bounzza -"2219": netiq-ncap -"2220": netiq -"2221": ethernet-ip-s -"2222": EtherNet-IP-1 -"2223": rockwell-csp2 -"2224": efi-mg -"2225": rcip-itu -"2226": di-drm -"2227": di-msg -"2228": ehome-ms -"2229": datalens -"2230": queueadm -"2231": wimaxasncp -"2232": ivs-video -"2233": infocrypt -"2234": directplay -"2235": sercomm-wlink -"2236": nani -"2237": optech-port1-lm -"2238": aviva-sna -"2239": imagequery -"2240": recipe -"2241": ivsd -"2242": foliocorp -"2243": magicom -"2244": nmsserver -"2245": hao -"2246": pc-mta-addrmap -"2247": antidotemgrsvr -"2248": ums -"2249": rfmp -"2250": remote-collab -"2251": dif-port -"2252": njenet-ssl -"2253": dtv-chan-req -"2254": seispoc -"2255": vrtp -"2256": pcc-mfp -"2257": simple-tx-rx -"2258": rcts -"2260": apc-2260 -"2261": comotionmaster -"2262": comotionback -"2263": ecwcfg -"2264": apx500api-1 -"2265": apx500api-2 -"2266": mfserver -"2267": ontobroker -"2268": amt -"2269": mikey -"2270": starschool -"2271": mmcals -"2272": mmcal -"2273": mysql-im -"2274": pcttunnell -"2275": ibridge-data -"2276": ibridge-mgmt -"2277": bluectrlproxy -"2278": s3db -"2279": xmquery -"2280": lnvpoller -"2281": lnvconsole -"2282": lnvalarm -"2283": lnvstatus -"2284": lnvmaps -"2285": lnvmailmon -"2286": nas-metering -"2287": dna -"2288": netml -"2289": dict-lookup -"2290": sonus-logging -"2291": eapsp -"2292": mib-streaming -"2293": npdbgmngr -"2294": konshus-lm -"2295": advant-lm -"2296": theta-lm -"2297": d2k-datamover1 -"2298": d2k-datamover2 -"2299": pc-telecommute -"2300": cvmmon -"2301": cpq-wbem -"2302": binderysupport -"2303": proxy-gateway -"2304": attachmate-uts -"2305": mt-scaleserver -"2306": tappi-boxnet -"2307": pehelp -"2308": sdhelp -"2309": sdserver -"2310": sdclient -"2311": messageservice -"2312": wanscaler -"2313": iapp -"2314": cr-websystems -"2315": precise-sft -"2316": sent-lm -"2317": attachmate-g32 -"2318": cadencecontrol -"2319": infolibria -"2320": siebel-ns -"2321": rdlap -"2322": ofsd -"2323": 3d-nfsd -"2324": cosmocall -"2325": ansysli -"2326": idcp -"2327": xingcsm -"2328": netrix-sftm -"2329": nvd -"2330": tscchat -"2331": agentview -"2332": rcc-host -"2333": snapp -"2334": ace-client -"2335": ace-proxy -"2336": appleugcontrol -"2337": ideesrv -"2338": norton-lambert -"2339": 3com-webview -"2340": wrs-registry -"2341": xiostatus -"2342": manage-exec -"2343": nati-logos -"2344": fcmsys -"2345": dbm -"2346": redstorm-join -"2347": redstorm-find -"2348": redstorm-info -"2349": redstorm-diag -"2350": psbserver -"2351": psrserver -"2352": pslserver -"2353": pspserver -"2354": psprserver -"2355": psdbserver -"2356": gxtelmd -"2357": unihub-server -"2358": futrix -"2359": flukeserver -"2360": nexstorindltd -"2361": tl1 -"2362": digiman -"2363": mediacntrlnfsd -"2364": oi-2000 -"2365": dbref -"2366": qip-login -"2367": service-ctrl -"2368": opentable -"2370": l3-hbmon -"2371": hp-rda -"2372": lanmessenger -"2373": remographlm -"2374": hydra -"2375": docker -"2376": docker-s -"2379": etcd-client -"2380": etcd-server -"2381": compaq-https -"2382": ms-olap3 -"2383": ms-olap4 -"2384": sd-request -"2385": sd-data -"2386": virtualtape -"2387": vsamredirector -"2388": mynahautostart -"2389": ovsessionmgr -"2390": rsmtp -"2391": 3com-net-mgmt -"2392": tacticalauth -"2393": ms-olap1 -"2394": ms-olap2 -"2395": lan900-remote -"2396": wusage -"2397": ncl -"2398": orbiter -"2399": fmpro-fdal -"2400": opequus-server -"2401": cvspserver -"2402": taskmaster2000 -"2403": taskmaster2000 -"2404": iec-104 -"2405": trc-netpoll -"2406": jediserver -"2407": orion -"2408": railgun-webaccl -"2409": sns-protocol -"2410": vrts-registry -"2411": netwave-ap-mgmt -"2412": cdn -"2413": orion-rmi-reg -"2414": beeyond -"2415": codima-rtp -"2416": rmtserver -"2417": composit-server -"2418": cas -"2419": attachmate-s2s -"2420": dslremote-mgmt -"2421": g-talk -"2422": crmsbits -"2423": rnrp -"2424": kofax-svr -"2425": fjitsuappmgr -"2426": vcmp -"2427": mgcp-gateway -"2428": ott -"2429": ft-role -"2430": venus -"2431": venus-se -"2432": codasrv -"2433": codasrv-se -"2434": pxc-epmap -"2435": optilogic -"2436": topx -"2437": unicontrol -"2438": msp -"2439": sybasedbsynch -"2440": spearway -"2441": pvsw-inet -"2442": netangel -"2443": powerclientcsf -"2444": btpp2sectrans -"2445": dtn1 -"2446": bues-service -"2447": ovwdb -"2448": hpppssvr -"2449": ratl -"2450": netadmin -"2451": netchat -"2452": snifferclient -"2453": madge-ltd -"2454": indx-dds -"2455": wago-io-system -"2456": altav-remmgt -"2457": rapido-ip -"2458": griffin -"2459": community -"2460": ms-theater -"2461": qadmifoper -"2462": qadmifevent -"2463": lsi-raid-mgmt -"2464": direcpc-si -"2465": lbm -"2466": lbf -"2467": high-criteria -"2468": qip-msgd -"2469": mti-tcs-comm -"2470": taskman-port -"2471": seaodbc -"2472": c3 -"2473": aker-cdp -"2474": vitalanalysis -"2475": ace-server -"2476": ace-svr-prop -"2477": ssm-cvs -"2478": ssm-cssps -"2479": ssm-els -"2480": powerexchange -"2481": giop -"2482": giop-ssl -"2483": ttc -"2484": ttc-ssl -"2485": netobjects1 -"2486": netobjects2 -"2487": pns -"2488": moy-corp -"2489": tsilb -"2490": qip-qdhcp -"2491": conclave-cpp -"2492": groove -"2493": talarian-mqs -"2494": bmc-ar -"2495": fast-rem-serv -"2496": dirgis -"2497": quaddb -"2498": odn-castraq -"2499": unicontrol -"2500": rtsserv -"2501": rtsclient -"2502": kentrox-prot -"2503": nms-dpnss -"2504": wlbs -"2505": ppcontrol -"2506": jbroker -"2507": spock -"2508": jdatastore -"2509": fjmpss -"2510": fjappmgrbulk -"2511": metastorm -"2512": citrixima -"2513": citrixadmin -"2514": facsys-ntp -"2515": facsys-router -"2516": maincontrol -"2517": call-sig-trans -"2518": willy -"2519": globmsgsvc -"2520": pvsw -"2521": adaptecmgr -"2522": windb -"2523": qke-llc-v3 -"2524": optiwave-lm -"2525": ms-v-worlds -"2526": ema-sent-lm -"2527": iqserver -"2528": ncr-ccl -"2529": utsftp -"2530": vrcommerce -"2531": ito-e-gui -"2532": ovtopmd -"2533": snifferserver -"2534": combox-web-acc -"2535": madcap -"2536": btpp2audctr1 -"2537": upgrade -"2538": vnwk-prapi -"2539": vsiadmin -"2540": lonworks -"2541": lonworks2 -"2542": udrawgraph -"2543": reftek -"2544": novell-zen -"2545": sis-emt -"2546": vytalvaultbrtp -"2547": vytalvaultvsmp -"2548": vytalvaultpipe -"2549": ipass -"2550": ads -"2551": isg-uda-server -"2552": call-logging -"2553": efidiningport -"2554": vcnet-link-v10 -"2555": compaq-wcp -"2556": nicetec-nmsvc -"2557": nicetec-mgmt -"2558": pclemultimedia -"2559": lstp -"2560": labrat -"2561": mosaixcc -"2562": delibo -"2563": cti-redwood -"2564": hp-3000-telnet -"2565": coord-svr -"2566": pcs-pcw -"2567": clp -"2568": spamtrap -"2569": sonuscallsig -"2570": hs-port -"2571": cecsvc -"2572": ibp -"2573": trustestablish -"2574": blockade-bpsp -"2575": hl7 -"2576": tclprodebugger -"2577": scipticslsrvr -"2578": rvs-isdn-dcp -"2579": mpfoncl -"2580": tributary -"2581": argis-te -"2582": argis-ds -"2583": mon -"2584": cyaserv -"2585": netx-server -"2586": netx-agent -"2587": masc -"2588": privilege -"2589": quartus-tcl -"2590": idotdist -"2591": maytagshuffle -"2592": netrek -"2593": mns-mail -"2594": dts -"2595": worldfusion1 -"2596": worldfusion2 -"2597": homesteadglory -"2598": citriximaclient -"2599": snapd -"2600": hpstgmgr -"2601": discp-client -"2602": discp-server -"2603": servicemeter -"2604": nsc-ccs -"2605": nsc-posa -"2606": netmon -"2607": connection -"2608": wag-service -"2609": system-monitor -"2610": versa-tek -"2611": lionhead -"2612": qpasa-agent -"2613": smntubootstrap -"2614": neveroffline -"2615": firepower -"2616": appswitch-emp -"2617": cmadmin -"2618": priority-e-com -"2619": bruce -"2620": lpsrecommender -"2621": miles-apart -"2622": metricadbc -"2623": lmdp -"2624": aria -"2625": blwnkl-port -"2626": gbjd816 -"2627": moshebeeri -"2628": dict -"2629": sitaraserver -"2630": sitaramgmt -"2631": sitaradir -"2632": irdg-post -"2633": interintelli -"2634": pk-electronics -"2635": backburner -"2636": solve -"2637": imdocsvc -"2638": sybaseanywhere -"2639": aminet -"2640": ami-control -"2641": hdl-srv -"2642": tragic -"2643": gte-samp -"2644": travsoft-ipx-t -"2645": novell-ipx-cmd -"2646": and-lm -"2647": syncserver -"2648": upsnotifyprot -"2649": vpsipport -"2650": eristwoguns -"2651": ebinsite -"2652": interpathpanel -"2653": sonus -"2654": corel-vncadmin -"2655": unglue -"2656": kana -"2657": sns-dispatcher -"2658": sns-admin -"2659": sns-query -"2660": gcmonitor -"2661": olhost -"2662": bintec-capi -"2663": bintec-tapi -"2664": patrol-mq-gm -"2665": patrol-mq-nm -"2666": extensis -"2667": alarm-clock-s -"2668": alarm-clock-c -"2669": toad -"2670": tve-announce -"2671": newlixreg -"2672": nhserver -"2673": firstcall42 -"2674": ewnn -"2675": ttc-etap -"2676": simslink -"2677": gadgetgate1way -"2678": gadgetgate2way -"2679": syncserverssl -"2680": pxc-sapxom -"2681": mpnjsomb -"2683": ncdloadbalance -"2684": mpnjsosv -"2685": mpnjsocl -"2686": mpnjsomg -"2687": pq-lic-mgmt -"2688": md-cg-http -"2689": fastlynx -"2690": hp-nnm-data -"2691": itinternet -"2692": admins-lms -"2694": pwrsevent -"2695": vspread -"2696": unifyadmin -"2697": oce-snmp-trap -"2698": mck-ivpip -"2699": csoft-plusclnt -"2700": tqdata -"2701": sms-rcinfo -"2702": sms-xfer -"2703": sms-chat -"2704": sms-remctrl -"2705": sds-admin -"2706": ncdmirroring -"2707": emcsymapiport -"2708": banyan-net -"2709": supermon -"2710": sso-service -"2711": sso-control -"2712": aocp -"2713": raventbs -"2714": raventdm -"2715": hpstgmgr2 -"2716": inova-ip-disco -"2717": pn-requester -"2718": pn-requester2 -"2719": scan-change -"2720": wkars -"2721": smart-diagnose -"2722": proactivesrvr -"2723": watchdog-nt -"2724": qotps -"2725": msolap-ptp2 -"2726": tams -"2727": mgcp-callagent -"2728": sqdr -"2729": tcim-control -"2730": nec-raidplus -"2731": fyre-messanger -"2732": g5m -"2733": signet-ctf -"2734": ccs-software -"2735": netiq-mc -"2736": radwiz-nms-srv -"2737": srp-feedback -"2738": ndl-tcp-ois-gw -"2739": tn-timing -"2740": alarm -"2741": tsb -"2742": tsb2 -"2743": murx -"2744": honyaku -"2745": urbisnet -"2746": cpudpencap -"2747": fjippol-swrly -"2748": fjippol-polsvr -"2749": fjippol-cnsl -"2750": fjippol-port1 -"2751": fjippol-port2 -"2752": rsisysaccess -"2753": de-spot -"2754": apollo-cc -"2755": expresspay -"2756": simplement-tie -"2757": cnrp -"2758": apollo-status -"2759": apollo-gms -"2760": sabams -"2761": dicom-iscl -"2762": dicom-tls -"2763": desktop-dna -"2764": data-insurance -"2765": qip-audup -"2766": compaq-scp -"2767": uadtc -"2768": uacs -"2769": exce -"2770": veronica -"2771": vergencecm -"2772": auris -"2773": rbakcup1 -"2774": rbakcup2 -"2775": smpp -"2776": ridgeway1 -"2777": ridgeway2 -"2778": gwen-sonya -"2779": lbc-sync -"2780": lbc-control -"2781": whosells -"2782": everydayrc -"2783": aises -"2784": www-dev -"2785": aic-np -"2786": aic-oncrpc -"2787": piccolo -"2788": fryeserv -"2789": media-agent -"2790": plgproxy -"2791": mtport-regist -"2792": f5-globalsite -"2793": initlsmsad -"2795": livestats -"2796": ac-tech -"2797": esp-encap -"2798": tmesis-upshot -"2799": icon-discover -"2800": acc-raid -"2801": igcp -"2802": veritas-tcp1 -"2803": btprjctrl -"2804": dvr-esm -"2805": wta-wsp-s -"2806": cspuni -"2807": cspmulti -"2808": j-lan-p -"2809": corbaloc -"2810": netsteward -"2811": gsiftp -"2812": atmtcp -"2813": llm-pass -"2814": llm-csv -"2815": lbc-measure -"2816": lbc-watchdog -"2817": nmsigport -"2818": rmlnk -"2819": fc-faultnotify -"2820": univision -"2821": vrts-at-port -"2822": ka0wuc -"2823": cqg-netlan -"2824": cqg-netlan-1 -"2826": slc-systemlog -"2827": slc-ctrlrloops -"2828": itm-lm -"2829": silkp1 -"2830": silkp2 -"2831": silkp3 -"2832": silkp4 -"2833": glishd -"2834": evtp -"2835": evtp-data -"2836": catalyst -"2837": repliweb -"2838": starbot -"2839": nmsigport -"2840": l3-exprt -"2841": l3-ranger -"2842": l3-hawk -"2843": pdnet -"2844": bpcp-poll -"2845": bpcp-trap -"2846": aimpp-hello -"2847": aimpp-port-req -"2848": amt-blc-port -"2849": fxp -"2850": metaconsole -"2851": webemshttp -"2852": bears-01 -"2853": ispipes -"2854": infomover -"2855": msrp -"2856": cesdinv -"2857": simctlp -"2858": ecnp -"2859": activememory -"2860": dialpad-voice1 -"2861": dialpad-voice2 -"2862": ttg-protocol -"2863": sonardata -"2864": astromed-main -"2865": pit-vpn -"2866": iwlistener -"2867": esps-portal -"2868": npep-messaging -"2869": icslap -"2870": daishi -"2871": msi-selectplay -"2872": radix -"2874": dxmessagebase1 -"2875": dxmessagebase2 -"2876": sps-tunnel -"2877": bluelance -"2878": aap -"2879": ucentric-ds -"2880": synapse -"2881": ndsp -"2882": ndtp -"2883": ndnp -"2884": flashmsg -"2885": topflow -"2886": responselogic -"2887": aironetddp -"2888": spcsdlobby -"2889": rsom -"2890": cspclmulti -"2891": cinegrfx-elmd -"2892": snifferdata -"2893": vseconnector -"2894": abacus-remote -"2895": natuslink -"2896": ecovisiong6-1 -"2897": citrix-rtmp -"2898": appliance-cfg -"2899": powergemplus -"2900": quicksuite -"2901": allstorcns -"2902": netaspi -"2903": suitcase -"2904": m2ua -"2905": m3ua -"2906": caller9 -"2907": webmethods-b2b -"2908": mao -"2909": funk-dialout -"2910": tdaccess -"2911": blockade -"2912": epicon -"2913": boosterware -"2914": gamelobby -"2915": tksocket -"2916": elvin-server -"2917": elvin-client -"2918": kastenchasepad -"2919": roboer -"2920": roboeda -"2921": cesdcdman -"2922": cesdcdtrn -"2923": wta-wsp-wtp-s -"2924": precise-vip -"2926": mobile-file-dl -"2927": unimobilectrl -"2928": redstone-cpss -"2929": amx-webadmin -"2930": amx-weblinx -"2931": circle-x -"2932": incp -"2933": 4-tieropmgw -"2934": 4-tieropmcli -"2935": qtp -"2936": otpatch -"2937": pnaconsult-lm -"2938": sm-pas-1 -"2939": sm-pas-2 -"2940": sm-pas-3 -"2941": sm-pas-4 -"2942": sm-pas-5 -"2943": ttnrepository -"2944": megaco-h248 -"2945": h248-binary -"2946": fjsvmpor -"2947": gpsd -"2948": wap-push -"2949": wap-pushsecure -"2950": esip -"2951": ottp -"2952": mpfwsas -"2953": ovalarmsrv -"2954": ovalarmsrv-cmd -"2955": csnotify -"2956": ovrimosdbman -"2957": jmact5 -"2958": jmact6 -"2959": rmopagt -"2960": dfoxserver -"2961": boldsoft-lm -"2962": iph-policy-cli -"2963": iph-policy-adm -"2964": bullant-srap -"2965": bullant-rap -"2966": idp-infotrieve -"2967": ssc-agent -"2968": enpp -"2969": essp -"2970": index-net -"2971": netclip -"2972": pmsm-webrctl -"2973": svnetworks -"2974": signal -"2975": fjmpcm -"2976": cns-srv-port -"2977": ttc-etap-ns -"2978": ttc-etap-ds -"2979": h263-video -"2980": wimd -"2981": mylxamport -"2982": iwb-whiteboard -"2983": netplan -"2984": hpidsadmin -"2985": hpidsagent -"2986": stonefalls -"2987": identify -"2988": hippad -"2989": zarkov -"2990": boscap -"2991": wkstn-mon -"2992": avenyo -"2993": veritas-vis1 -"2994": veritas-vis2 -"2995": idrs -"2996": vsixml -"2997": rebol -"2998": realsecure -"2999": remoteware-un -"3000": hbci -"3001": origo-native -"3002": exlm-agent -"3003": cgms -"3004": csoftragent -"3005": geniuslm -"3006": ii-admin -"3007": lotusmtap -"3008": midnight-tech -"3009": pxc-ntfy -"3010": gw -"3011": trusted-web -"3012": twsdss -"3013": gilatskysurfer -"3014": broker-service -"3015": nati-dstp -"3016": notify-srvr -"3017": event-listener -"3018": srvc-registry -"3019": resource-mgr -"3020": cifs -"3021": agriserver -"3022": csregagent -"3023": magicnotes -"3024": nds-sso -"3025": arepa-raft -"3026": agri-gateway -"3027": LiebDevMgmt-C -"3028": LiebDevMgmt-DM -"3029": LiebDevMgmt-A -"3030": arepa-cas -"3031": eppc -"3032": redwood-chat -"3033": pdb -"3034": osmosis-aeea -"3035": fjsv-gssagt -"3036": hagel-dump -"3037": hp-san-mgmt -"3038": santak-ups -"3039": cogitate -"3040": tomato-springs -"3041": di-traceware -"3042": journee -"3043": brp -"3044": epp -"3045": responsenet -"3046": di-ase -"3047": hlserver -"3048": pctrader -"3049": nsws -"3050": gds-db -"3051": galaxy-server -"3052": apc-3052 -"3053": dsom-server -"3054": amt-cnf-prot -"3055": policyserver -"3056": cdl-server -"3057": goahead-fldup -"3058": videobeans -"3059": qsoft -"3060": interserver -"3061": cautcpd -"3062": ncacn-ip-tcp -"3063": ncadg-ip-udp -"3064": rprt -"3065": slinterbase -"3066": netattachsdmp -"3067": fjhpjp -"3068": ls3bcast -"3069": ls3 -"3070": mgxswitch -"3071": csd-mgmt-port -"3072": csd-monitor -"3073": vcrp -"3074": xbox -"3075": orbix-locator -"3076": orbix-config -"3077": orbix-loc-ssl -"3078": orbix-cfg-ssl -"3079": lv-frontpanel -"3080": stm-pproc -"3081": tl1-lv -"3082": tl1-raw -"3083": tl1-telnet -"3084": itm-mccs -"3085": pcihreq -"3086": jdl-dbkitchen -"3087": asoki-sma -"3088": xdtp -"3089": ptk-alink -"3090": stss -"3091": 1ci-smcs -"3093": rapidmq-center -"3094": rapidmq-reg -"3095": panasas -"3096": ndl-aps -"3098": umm-port -"3099": chmd -"3100": opcon-xps -"3101": hp-pxpib -"3102": slslavemon -"3103": autocuesmi -"3104": autocuelog -"3105": cardbox -"3106": cardbox-http -"3107": business -"3108": geolocate -"3109": personnel -"3110": sim-control -"3111": wsynch -"3112": ksysguard -"3113": cs-auth-svr -"3114": ccmad -"3115": mctet-master -"3116": mctet-gateway -"3117": mctet-jserv -"3118": pkagent -"3119": d2000kernel -"3120": d2000webserver -"3121": pcmk-remote -"3122": vtr-emulator -"3123": edix -"3124": beacon-port -"3125": a13-an -"3127": ctx-bridge -"3128": ndl-aas -"3129": netport-id -"3130": icpv2 -"3131": netbookmark -"3132": ms-rule-engine -"3133": prism-deploy -"3134": ecp -"3135": peerbook-port -"3136": grubd -"3137": rtnt-1 -"3138": rtnt-2 -"3139": incognitorv -"3140": ariliamulti -"3141": vmodem -"3142": rdc-wh-eos -"3143": seaview -"3144": tarantella -"3145": csi-lfap -"3146": bears-02 -"3147": rfio -"3148": nm-game-admin -"3149": nm-game-server -"3150": nm-asses-admin -"3151": nm-assessor -"3152": feitianrockey -"3153": s8-client-port -"3154": ccmrmi -"3155": jpegmpeg -"3156": indura -"3157": e3consultants -"3158": stvp -"3159": navegaweb-port -"3160": tip-app-server -"3161": doc1lm -"3162": sflm -"3163": res-sap -"3164": imprs -"3165": newgenpay -"3166": sossecollector -"3167": nowcontact -"3168": poweronnud -"3169": serverview-as -"3170": serverview-asn -"3171": serverview-gf -"3172": serverview-rm -"3173": serverview-icc -"3174": armi-server -"3175": t1-e1-over-ip -"3176": ars-master -"3177": phonex-port -"3178": radclientport -"3179": h2gf-w-2m -"3180": mc-brk-srv -"3181": bmcpatrolagent -"3182": bmcpatrolrnvu -"3183": cops-tls -"3184": apogeex-port -"3185": smpppd -"3186": iiw-port -"3187": odi-port -"3188": brcm-comm-port -"3189": pcle-infex -"3190": csvr-proxy -"3191": csvr-sslproxy -"3192": firemonrcc -"3193": spandataport -"3194": magbind -"3195": ncu-1 -"3196": ncu-2 -"3197": embrace-dp-s -"3198": embrace-dp-c -"3199": dmod-workspace -"3200": tick-port -"3201": cpq-tasksmart -"3202": intraintra -"3203": netwatcher-mon -"3204": netwatcher-db -"3205": isns -"3206": ironmail -"3207": vx-auth-port -"3208": pfu-prcallback -"3209": netwkpathengine -"3210": flamenco-proxy -"3211": avsecuremgmt -"3212": surveyinst -"3213": neon24x7 -"3214": jmq-daemon-1 -"3215": jmq-daemon-2 -"3216": ferrari-foam -"3217": unite -"3218": smartpackets -"3219": wms-messenger -"3220": xnm-ssl -"3221": xnm-clear-text -"3222": glbp -"3223": digivote -"3224": aes-discovery -"3225": fcip-port -"3226": isi-irp -"3227": dwnmshttp -"3228": dwmsgserver -"3229": global-cd-port -"3230": sftdst-port -"3231": vidigo -"3232": mdtp -"3233": whisker -"3234": alchemy -"3235": mdap-port -"3236": apparenet-ts -"3237": apparenet-tps -"3238": apparenet-as -"3239": apparenet-ui -"3240": triomotion -"3241": sysorb -"3242": sdp-id-port -"3243": timelot -"3244": onesaf -"3245": vieo-fe -"3246": dvt-system -"3247": dvt-data -"3248": procos-lm -"3249": ssp -"3250": hicp -"3251": sysscanner -"3252": dhe -"3253": pda-data -"3254": pda-sys -"3255": semaphore -"3256": cpqrpm-agent -"3257": cpqrpm-server -"3258": ivecon-port -"3259": epncdp2 -"3260": iscsi-target -"3261": winshadow -"3262": necp -"3263": ecolor-imager -"3264": ccmail -"3265": altav-tunnel -"3266": ns-cfg-server -"3267": ibm-dial-out -"3268": msft-gc -"3269": msft-gc-ssl -"3270": verismart -"3271": csoft-prev -"3272": user-manager -"3273": sxmp -"3274": ordinox-server -"3275": samd -"3276": maxim-asics -"3277": awg-proxy -"3278": lkcmserver -"3279": admind -"3280": vs-server -"3281": sysopt -"3282": datusorb -"3283": apple-remote-desktop -"3284": 4talk -"3285": plato -"3286": e-net -"3287": directvdata -"3288": cops -"3289": enpc -"3290": caps-lm -"3291": sah-lm -"3292": cart-o-rama -"3293": fg-fps -"3294": fg-gip -"3295": dyniplookup -"3296": rib-slm -"3297": cytel-lm -"3298": deskview -"3299": pdrncs -"3300": ceph -"3302": mcs-fastmail -"3303": opsession-clnt -"3304": opsession-srvr -"3305": odette-ftp -"3306": mysql -"3307": opsession-prxy -"3308": tns-server -"3309": tns-adv -"3310": dyna-access -"3311": mcns-tel-ret -"3312": appman-server -"3313": uorb -"3314": uohost -"3315": cdid -"3316": aicc-cmi -"3317": vsaiport -"3318": ssrip -"3319": sdt-lmd -"3320": officelink2000 -"3321": vnsstr -"3326": sftu -"3327": bbars -"3328": egptlm -"3329": hp-device-disc -"3330": mcs-calypsoicf -"3331": mcs-messaging -"3332": mcs-mailsvr -"3333": dec-notes -"3334": directv-web -"3335": directv-soft -"3336": directv-tick -"3337": directv-catlg -"3338": anet-b -"3339": anet-l -"3340": anet-m -"3341": anet-h -"3342": webtie -"3343": ms-cluster-net -"3344": bnt-manager -"3345": influence -"3346": trnsprntproxy -"3347": phoenix-rpc -"3348": pangolin-laser -"3349": chevinservices -"3350": findviatv -"3351": btrieve -"3352": ssql -"3353": fatpipe -"3354": suitjd -"3355": ordinox-dbase -"3356": upnotifyps -"3357": adtech-test -"3358": mpsysrmsvr -"3359": wg-netforce -"3360": kv-server -"3361": kv-agent -"3362": dj-ilm -"3363": nati-vi-server -"3364": creativeserver -"3365": contentserver -"3366": creativepartnr -"3372": tip2 -"3373": lavenir-lm -"3374": cluster-disc -"3375": vsnm-agent -"3376": cdbroker -"3377": cogsys-lm -"3378": wsicopy -"3379": socorfs -"3380": sns-channels -"3381": geneous -"3382": fujitsu-neat -"3383": esp-lm -"3384": hp-clic -"3385": qnxnetman -"3386": gprs-data -"3387": backroomnet -"3388": cbserver -"3389": ms-wbt-server -"3390": dsc -"3391": savant -"3392": efi-lm -"3393": d2k-tapestry1 -"3394": d2k-tapestry2 -"3395": dyna-lm -"3396": printer-agent -"3397": cloanto-lm -"3398": mercantile -"3399": csms -"3400": csms2 -"3401": filecast -"3402": fxaengine-net -"3405": nokia-ann-ch1 -"3406": nokia-ann-ch2 -"3407": ldap-admin -"3408": BESApi -"3409": networklens -"3410": networklenss -"3411": biolink-auth -"3412": xmlblaster -"3413": svnet -"3414": wip-port -"3415": bcinameservice -"3416": commandport -"3417": csvr -"3418": rnmap -"3419": softaudit -"3420": ifcp-port -"3421": bmap -"3422": rusb-sys-port -"3423": xtrm -"3424": xtrms -"3425": agps-port -"3426": arkivio -"3427": websphere-snmp -"3428": twcss -"3429": gcsp -"3430": ssdispatch -"3431": ndl-als -"3432": osdcp -"3433": opnet-smp -"3434": opencm -"3435": pacom -"3436": gc-config -"3437": autocueds -"3438": spiral-admin -"3439": hri-port -"3440": ans-console -"3441": connect-client -"3442": connect-server -"3443": ov-nnm-websrv -"3444": denali-server -"3445": monp -"3446": 3comfaxrpc -"3447": directnet -"3448": dnc-port -"3449": hotu-chat -"3450": castorproxy -"3451": asam -"3452": sabp-signal -"3453": pscupd -"3454": mira -"3455": prsvp -"3456": vat -"3457": vat-control -"3458": d3winosfi -"3459": integral -"3460": edm-manager -"3461": edm-stager -"3462": edm-std-notify -"3463": edm-adm-notify -"3464": edm-mgr-sync -"3465": edm-mgr-cntrl -"3466": workflow -"3467": rcst -"3468": ttcmremotectrl -"3469": pluribus -"3470": jt400 -"3471": jt400-ssl -"3472": jaugsremotec-1 -"3473": jaugsremotec-2 -"3474": ttntspauto -"3475": genisar-port -"3476": nppmp -"3477": ecomm -"3478": stun -"3479": twrpc -"3480": plethora -"3481": cleanerliverc -"3482": vulture -"3483": slim-devices -"3484": gbs-stp -"3485": celatalk -"3486": ifsf-hb-port -"3487": ltctcp -"3488": fs-rh-srv -"3489": dtp-dia -"3490": colubris -"3491": swr-port -"3492": tvdumtray-port -"3493": nut -"3494": ibm3494 -"3495": seclayer-tcp -"3496": seclayer-tls -"3497": ipether232port -"3498": dashpas-port -"3499": sccip-media -"3500": rtmp-port -"3501": isoft-p2p -"3502": avinstalldisc -"3503": lsp-ping -"3504": ironstorm -"3505": ccmcomm -"3506": apc-3506 -"3507": nesh-broker -"3508": interactionweb -"3509": vt-ssl -"3510": xss-port -"3511": webmail-2 -"3512": aztec -"3513": arcpd -"3514": must-p2p -"3515": must-backplane -"3516": smartcard-port -"3517": 802-11-iapp -"3518": artifact-msg -"3519": nvmsgd -"3520": galileolog -"3521": mc3ss -"3522": nssocketport -"3523": odeumservlink -"3524": ecmport -"3525": eisport -"3526": starquiz-port -"3527": beserver-msg-q -"3528": jboss-iiop -"3529": jboss-iiop-ssl -"3530": gf -"3531": joltid -"3532": raven-rmp -"3533": raven-rdp -"3534": urld-port -"3535": ms-la -"3536": snac -"3537": ni-visa-remote -"3538": ibm-diradm -"3539": ibm-diradm-ssl -"3540": pnrp-port -"3541": voispeed-port -"3542": hacl-monitor -"3543": qftest-lookup -"3544": teredo -"3545": camac -"3547": symantec-sim -"3548": interworld -"3549": tellumat-nms -"3550": ssmpp -"3551": apcupsd -"3552": taserver -"3553": rbr-discovery -"3554": questnotify -"3555": razor -"3556": sky-transport -"3557": personalos-001 -"3558": mcp-port -"3559": cctv-port -"3560": iniserve-port -"3561": bmc-onekey -"3562": sdbproxy -"3563": watcomdebug -"3564": esimport -"3565": m2pa -"3566": quest-data-hub -"3567": dof-eps -"3568": dof-tunnel-sec -"3569": mbg-ctrl -"3570": mccwebsvr-port -"3571": megardsvr-port -"3572": megaregsvrport -"3573": tag-ups-1 -"3574": dmaf-server -"3575": ccm-port -"3576": cmc-port -"3577": config-port -"3578": data-port -"3579": ttat3lb -"3580": nati-svrloc -"3581": kfxaclicensing -"3582": press -"3583": canex-watch -"3584": u-dbap -"3585": emprise-lls -"3586": emprise-lsc -"3587": p2pgroup -"3588": sentinel -"3589": isomair -"3590": wv-csp-sms -"3591": gtrack-server -"3592": gtrack-ne -"3593": bpmd -"3594": mediaspace -"3595": shareapp -"3596": iw-mmogame -"3597": a14 -"3598": a15 -"3599": quasar-server -"3600": trap-daemon -"3601": visinet-gui -"3602": infiniswitchcl -"3603": int-rcv-cntrl -"3604": bmc-jmx-port -"3605": comcam-io -"3606": splitlock -"3607": precise-i3 -"3608": trendchip-dcp -"3609": cpdi-pidas-cm -"3610": echonet -"3611": six-degrees -"3612": hp-dataprotect -"3613": alaris-disc -"3614": sigma-port -"3615": start-network -"3616": cd3o-protocol -"3617": sharp-server -"3618": aairnet-1 -"3619": aairnet-2 -"3620": ep-pcp -"3621": ep-nsp -"3622": ff-lr-port -"3623": haipe-discover -"3624": dist-upgrade -"3625": volley -"3626": bvcdaemon-port -"3627": jamserverport -"3628": ept-machine -"3629": escvpnet -"3630": cs-remote-db -"3631": cs-services -"3632": distcc -"3633": wacp -"3634": hlibmgr -"3635": sdo -"3636": servistaitsm -"3637": scservp -"3638": ehp-backup -"3639": xap-ha -"3640": netplay-port1 -"3641": netplay-port2 -"3642": juxml-port -"3643": audiojuggler -"3644": ssowatch -"3645": cyc -"3646": xss-srv-port -"3647": splitlock-gw -"3648": fjcp -"3649": nmmp -"3650": prismiq-plugin -"3651": xrpc-registry -"3652": vxcrnbuport -"3653": tsp -"3654": vaprtm -"3655": abatemgr -"3656": abatjss -"3657": immedianet-bcn -"3658": ps-ams -"3659": apple-sasl -"3660": can-nds-ssl -"3661": can-ferret-ssl -"3662": pserver -"3663": dtp -"3664": ups-engine -"3665": ent-engine -"3666": eserver-pap -"3667": infoexch -"3668": dell-rm-port -"3669": casanswmgmt -"3670": smile -"3671": efcp -"3672": lispworks-orb -"3673": mediavault-gui -"3674": wininstall-ipc -"3675": calltrax -"3676": va-pacbase -"3677": roverlog -"3678": ipr-dglt -"3679": escale -"3680": npds-tracker -"3681": bts-x73 -"3682": cas-mapi -"3683": bmc-ea -"3684": faxstfx-port -"3685": dsx-agent -"3686": tnmpv2 -"3687": simple-push -"3688": simple-push-s -"3689": daap -"3690": svn -"3691": magaya-network -"3692": intelsync -"3693": easl -"3695": bmc-data-coll -"3696": telnetcpcd -"3697": nw-license -"3698": sagectlpanel -"3699": kpn-icw -"3700": lrs-paging -"3701": netcelera -"3702": ws-discovery -"3703": adobeserver-3 -"3704": adobeserver-4 -"3705": adobeserver-5 -"3706": rt-event -"3707": rt-event-s -"3708": sun-as-iiops -"3709": ca-idms -"3710": portgate-auth -"3711": edb-server2 -"3712": sentinel-ent -"3713": tftps -"3714": delos-dms -"3715": anoto-rendezv -"3716": wv-csp-sms-cir -"3717": wv-csp-udp-cir -"3718": opus-services -"3719": itelserverport -"3720": ufastro-instr -"3721": xsync -"3722": xserveraid -"3723": sychrond -"3724": blizwow -"3725": na-er-tip -"3726": array-manager -"3727": e-mdu -"3728": e-woa -"3729": fksp-audit -"3730": client-ctrl -"3731": smap -"3732": m-wnn -"3733": multip-msg -"3734": synel-data -"3735": pwdis -"3736": rs-rmi -"3737": xpanel -"3738": versatalk -"3739": launchbird-lm -"3740": heartbeat -"3741": wysdma -"3742": cst-port -"3743": ipcs-command -"3744": sasg -"3745": gw-call-port -"3746": linktest -"3747": linktest-s -"3748": webdata -"3749": cimtrak -"3750": cbos-ip-port -"3751": gprs-cube -"3752": vipremoteagent -"3753": nattyserver -"3754": timestenbroker -"3755": sas-remote-hlp -"3756": canon-capt -"3757": grf-port -"3758": apw-registry -"3759": exapt-lmgr -"3760": adtempusclient -"3761": gsakmp -"3762": gbs-smp -"3763": xo-wave -"3764": mni-prot-rout -"3765": rtraceroute -"3766": sitewatch-s -"3767": listmgr-port -"3768": rblcheckd -"3769": haipe-otnk -"3770": cindycollab -"3771": paging-port -"3772": ctp -"3773": ctdhercules -"3774": zicom -"3775": ispmmgr -"3776": dvcprov-port -"3777": jibe-eb -"3778": c-h-it-port -"3779": cognima -"3780": nnp -"3781": abcvoice-port -"3782": iso-tp0s -"3783": bim-pem -"3784": bfd-control -"3785": bfd-echo -"3786": upstriggervsw -"3787": fintrx -"3788": isrp-port -"3789": remotedeploy -"3790": quickbooksrds -"3791": tvnetworkvideo -"3792": sitewatch -"3793": dcsoftware -"3794": jaus -"3795": myblast -"3796": spw-dialer -"3797": idps -"3798": minilock -"3799": radius-dynauth -"3800": pwgpsi -"3801": ibm-mgr -"3802": vhd -"3803": soniqsync -"3804": iqnet-port -"3805": tcpdataserver -"3806": wsmlb -"3807": spugna -"3808": sun-as-iiops-ca -"3809": apocd -"3810": wlanauth -"3811": amp -"3812": neto-wol-server -"3813": rap-ip -"3814": neto-dcs -"3815": lansurveyorxml -"3816": sunlps-http -"3817": tapeware -"3818": crinis-hb -"3819": epl-slp -"3820": scp -"3821": pmcp -"3822": acp-discovery -"3823": acp-conduit -"3824": acp-policy -"3825": ffserver -"3826": warmux -"3827": netmpi -"3828": neteh -"3829": neteh-ext -"3830": cernsysmgmtagt -"3831": dvapps -"3832": xxnetserver -"3833": aipn-auth -"3834": spectardata -"3835": spectardb -"3836": markem-dcp -"3837": mkm-discovery -"3838": sos -"3839": amx-rms -"3840": flirtmitmir -"3841": shiprush-db-svr -"3842": nhci -"3843": quest-agent -"3844": rnm -"3845": v-one-spp -"3846": an-pcp -"3847": msfw-control -"3848": item -"3849": spw-dnspreload -"3850": qtms-bootstrap -"3851": spectraport -"3852": sse-app-config -"3853": sscan -"3854": stryker-com -"3855": opentrac -"3856": informer -"3857": trap-port -"3858": trap-port-mom -"3859": nav-port -"3860": sasp -"3861": winshadow-hd -"3862": giga-pocket -"3863": asap-tcp -"3864": asap-tcp-tls -"3865": xpl -"3866": dzdaemon -"3867": dzoglserver -"3868": diameter -"3869": ovsam-mgmt -"3870": ovsam-d-agent -"3871": avocent-adsap -"3872": oem-agent -"3873": fagordnc -"3874": sixxsconfig -"3875": pnbscada -"3876": dl-agent -"3877": xmpcr-interface -"3878": fotogcad -"3879": appss-lm -"3880": igrs -"3881": idac -"3882": msdts1 -"3883": vrpn -"3884": softrack-meter -"3885": topflow-ssl -"3886": nei-management -"3887": ciphire-data -"3888": ciphire-serv -"3889": dandv-tester -"3890": ndsconnect -"3891": rtc-pm-port -"3892": pcc-image-port -"3893": cgi-starapi -"3894": syam-agent -"3895": syam-smc -"3896": sdo-tls -"3897": sdo-ssh -"3898": senip -"3899": itv-control -"3900": udt-os -"3901": nimsh -"3902": nimaux -"3903": charsetmgr -"3904": omnilink-port -"3905": mupdate -"3906": topovista-data -"3907": imoguia-port -"3908": hppronetman -"3909": surfcontrolcpa -"3910": prnrequest -"3911": prnstatus -"3912": gbmt-stars -"3913": listcrt-port -"3914": listcrt-port-2 -"3915": agcat -"3916": wysdmc -"3917": aftmux -"3918": pktcablemmcops -"3919": hyperip -"3920": exasoftport1 -"3921": herodotus-net -"3922": sor-update -"3923": symb-sb-port -"3924": mpl-gprs-port -"3925": zmp -"3926": winport -"3927": natdataservice -"3928": netboot-pxe -"3929": smauth-port -"3930": syam-webserver -"3931": msr-plugin-port -"3932": dyn-site -"3933": plbserve-port -"3934": sunfm-port -"3935": sdp-portmapper -"3936": mailprox -"3937": dvbservdsc -"3938": dbcontrol-agent -"3939": aamp -"3940": xecp-node -"3941": homeportal-web -"3942": srdp -"3943": tig -"3944": sops -"3945": emcads -"3946": backupedge -"3947": ccp -"3948": apdap -"3949": drip -"3950": namemunge -"3951": pwgippfax -"3952": i3-sessionmgr -"3953": xmlink-connect -"3954": adrep -"3955": p2pcommunity -"3956": gvcp -"3957": mqe-broker -"3958": mqe-agent -"3959": treehopper -"3960": bess -"3961": proaxess -"3962": sbi-agent -"3963": thrp -"3964": sasggprs -"3965": ati-ip-to-ncpe -"3966": bflckmgr -"3967": ppsms -"3968": ianywhere-dbns -"3969": landmarks -"3970": lanrevagent -"3971": lanrevserver -"3972": iconp -"3973": progistics -"3974": citysearch -"3975": airshot -"3976": opswagent -"3977": opswmanager -"3978": secure-cfg-svr -"3979": smwan -"3980": acms -"3981": starfish -"3982": eis -"3983": eisp -"3984": mapper-nodemgr -"3985": mapper-mapethd -"3986": mapper-ws-ethd -"3987": centerline -"3988": dcs-config -"3989": bv-queryengine -"3990": bv-is -"3991": bv-smcsrv -"3992": bv-ds -"3993": bv-agent -"3995": iss-mgmt-ssl -"3996": abcsoftware -"3997": agentsease-db -"3998": dnx -"3999": nvcnet -"4000": terabase -"4001": newoak -"4002": pxc-spvr-ft -"4003": pxc-splr-ft -"4004": pxc-roid -"4005": pxc-pin -"4006": pxc-spvr -"4007": pxc-splr -"4008": netcheque -"4009": chimera-hwm -"4010": samsung-unidex -"4011": altserviceboot -"4012": pda-gate -"4013": acl-manager -"4014": taiclock -"4015": talarian-mcast1 -"4016": talarian-mcast2 -"4017": talarian-mcast3 -"4018": talarian-mcast4 -"4019": talarian-mcast5 -"4020": trap -"4021": nexus-portal -"4022": dnox -"4023": esnm-zoning -"4024": tnp1-port -"4025": partimage -"4026": as-debug -"4027": bxp -"4028": dtserver-port -"4029": ip-qsig -"4030": jdmn-port -"4031": suucp -"4032": vrts-auth-port -"4033": sanavigator -"4034": ubxd -"4035": wap-push-http -"4036": wap-push-https -"4037": ravehd -"4038": fazzt-ptp -"4039": fazzt-admin -"4040": yo-main -"4041": houston -"4042": ldxp -"4043": nirp -"4044": ltp -"4045": npp -"4046": acp-proto -"4047": ctp-state -"4049": wafs -"4050": cisco-wafs -"4051": cppdp -"4052": interact -"4053": ccu-comm-1 -"4054": ccu-comm-2 -"4055": ccu-comm-3 -"4056": lms -"4057": wfm -"4058": kingfisher -"4059": dlms-cosem -"4060": dsmeter-iatc -"4061": ice-location -"4062": ice-slocation -"4063": ice-router -"4064": ice-srouter -"4065": avanti-cdp -"4066": pmas -"4067": idp -"4068": ipfltbcst -"4069": minger -"4070": tripe -"4071": aibkup -"4072": zieto-sock -"4073": iRAPP -"4074": cequint-cityid -"4075": perimlan -"4076": seraph -"4078": cssp -"4079": santools -"4080": lorica-in -"4081": lorica-in-sec -"4082": lorica-out -"4083": lorica-out-sec -"4085": ezmessagesrv -"4087": applusservice -"4088": npsp -"4089": opencore -"4090": omasgport -"4091": ewinstaller -"4092": ewdgs -"4093": pvxpluscs -"4094": sysrqd -"4095": xtgui -"4096": bre -"4097": patrolview -"4098": drmsfsd -"4099": dpcp -"4100": igo-incognito -"4101": brlp-0 -"4102": brlp-1 -"4103": brlp-2 -"4104": brlp-3 -"4105": shofar -"4106": synchronite -"4107": j-ac -"4108": accel -"4109": izm -"4110": g2tag -"4111": xgrid -"4112": apple-vpns-rp -"4113": aipn-reg -"4114": jomamqmonitor -"4115": cds -"4116": smartcard-tls -"4117": hillrserv -"4118": netscript -"4119": assuria-slm -"4121": e-builder -"4122": fprams -"4123": z-wave -"4124": tigv2 -"4125": opsview-envoy -"4126": ddrepl -"4127": unikeypro -"4128": nufw -"4129": nuauth -"4130": fronet -"4131": stars -"4132": nuts-dem -"4133": nuts-bootp -"4134": nifty-hmi -"4135": cl-db-attach -"4136": cl-db-request -"4137": cl-db-remote -"4138": nettest -"4139": thrtx -"4140": cedros-fds -"4141": oirtgsvc -"4142": oidocsvc -"4143": oidsr -"4145": vvr-control -"4146": tgcconnect -"4147": vrxpservman -"4148": hhb-handheld -"4149": agslb -"4150": PowerAlert-nsa -"4151": menandmice-noh -"4152": idig-mux -"4153": mbl-battd -"4154": atlinks -"4155": bzr -"4156": stat-results -"4157": stat-scanner -"4158": stat-cc -"4159": nss -"4160": jini-discovery -"4161": omscontact -"4162": omstopology -"4163": silverpeakpeer -"4164": silverpeakcomm -"4165": altcp -"4166": joost -"4167": ddgn -"4168": pslicser -"4169": iadt -"4170": d-cinema-csp -"4171": ml-svnet -"4172": pcoip -"4174": smcluster -"4175": bccp -"4176": tl-ipcproxy -"4177": wello -"4178": storman -"4179": MaxumSP -"4180": httpx -"4181": macbak -"4182": pcptcpservice -"4183": cyborgnet -"4184": universe-suite -"4185": wcpp -"4186": boxbackupstore -"4187": csc-proxy -"4188": vatata -"4189": pcep -"4190": sieve -"4192": azeti -"4193": pvxplusio -"4199": eims-admin -"4300": corelccam -"4301": d-data -"4302": d-data-control -"4303": srcp -"4304": owserver -"4305": batman -"4306": pinghgl -"4307": visicron-vs -"4308": compx-lockview -"4309": dserver -"4310": mirrtex -"4311": p6ssmc -"4312": pscl-mgt -"4313": perrla -"4314": choiceview-agt -"4316": choiceview-clt -"4320": fdt-rcatp -"4321": rwhois -"4322": trim-event -"4323": trim-ice -"4325": geognosisman -"4326": geognosis -"4327": jaxer-web -"4328": jaxer-manager -"4329": publiqare-sync -"4330": dey-sapi -"4331": ktickets-rest -"4333": ahsp -"4334": netconf-ch-ssh -"4335": netconf-ch-tls -"4336": restconf-ch-tls -"4340": gaia -"4341": lisp-data -"4342": lisp-cons -"4343": unicall -"4344": vinainstall -"4345": m4-network-as -"4346": elanlm -"4347": lansurveyor -"4348": itose -"4349": fsportmap -"4350": net-device -"4351": plcy-net-svcs -"4352": pjlink -"4353": f5-iquery -"4354": qsnet-trans -"4355": qsnet-workst -"4356": qsnet-assist -"4357": qsnet-cond -"4358": qsnet-nucl -"4359": omabcastltkm -"4360": matrix-vnet -"4368": wxbrief -"4369": epmd -"4370": elpro-tunnel -"4371": l2c-control -"4372": l2c-data -"4373": remctl -"4374": psi-ptt -"4375": tolteces -"4376": bip -"4377": cp-spxsvr -"4378": cp-spxdpy -"4379": ctdb -"4389": xandros-cms -"4390": wiegand -"4391": apwi-imserver -"4392": apwi-rxserver -"4393": apwi-rxspooler -"4395": omnivisionesx -"4396": fly -"4400": ds-srv -"4401": ds-srvr -"4402": ds-clnt -"4403": ds-user -"4404": ds-admin -"4405": ds-mail -"4406": ds-slp -"4407": nacagent -"4408": slscc -"4409": netcabinet-com -"4410": itwo-server -"4411": found -"4413": avi-nms -"4414": updog -"4415": brcd-vr-req -"4416": pjj-player -"4417": workflowdir -"4419": cbp -"4420": nvm-express -"4421": scaleft -"4422": tsepisp -"4423": thingkit -"4425": netrockey6 -"4426": beacon-port-2 -"4427": drizzle -"4428": omviserver -"4429": omviagent -"4430": rsqlserver -"4431": wspipe -"4432": l-acoustics -"4433": vop -"4442": saris -"4443": pharos -"4444": krb524 -"4445": upnotifyp -"4446": n1-fwp -"4447": n1-rmgmt -"4448": asc-slmd -"4449": privatewire -"4450": camp -"4451": ctisystemmsg -"4452": ctiprogramload -"4453": nssalertmgr -"4454": nssagentmgr -"4455": prchat-user -"4456": prchat-server -"4457": prRegister -"4458": mcp -"4484": hpssmgmt -"4485": assyst-dr -"4486": icms -"4487": prex-tcp -"4488": awacs-ice -"4500": ipsec-nat-t -"4535": ehs -"4536": ehs-ssl -"4537": wssauthsvc -"4538": swx-gate -"4545": worldscores -"4546": sf-lm -"4547": lanner-lm -"4548": synchromesh -"4549": aegate -"4550": gds-adppiw-db -"4551": ieee-mih -"4552": menandmice-mon -"4553": icshostsvc -"4554": msfrs -"4555": rsip -"4556": dtn-bundle -"4559": hylafax -"4563": amahi-anywhere -"4566": kwtc -"4567": tram -"4568": bmc-reporting -"4569": iax -"4570": deploymentmap -"4573": cardifftec-back -"4590": rid -"4591": l3t-at-an -"4593": ipt-anri-anri -"4594": ias-session -"4595": ias-paging -"4596": ias-neighbor -"4597": a21-an-1xbs -"4598": a16-an-an -"4599": a17-an-an -"4600": piranha1 -"4601": piranha2 -"4602": mtsserver -"4603": menandmice-upg -"4604": irp -"4605": sixchat -"4658": playsta2-app -"4659": playsta2-lob -"4660": smaclmgr -"4661": kar2ouche -"4662": oms -"4663": noteit -"4664": ems -"4665": contclientms -"4666": eportcomm -"4667": mmacomm -"4668": mmaeds -"4669": eportcommdata -"4670": light -"4671": acter -"4672": rfa -"4673": cxws -"4674": appiq-mgmt -"4675": dhct-status -"4676": dhct-alerts -"4677": bcs -"4678": traversal -"4679": mgesupervision -"4680": mgemanagement -"4681": parliant -"4682": finisar -"4683": spike -"4684": rfid-rp1 -"4685": autopac -"4686": msp-os -"4687": nst -"4688": mobile-p2p -"4689": altovacentral -"4690": prelude -"4691": mtn -"4692": conspiracy -"4700": netxms-agent -"4701": netxms-mgmt -"4702": netxms-sync -"4703": npqes-test -"4704": assuria-ins -"4725": truckstar -"4727": fcis -"4728": capmux -"4730": gearman -"4731": remcap -"4733": resorcs -"4737": ipdr-sp -"4738": solera-lpn -"4739": ipfix -"4740": ipfixs -"4741": lumimgrd -"4742": sicct -"4743": openhpid -"4744": ifsp -"4745": fmp -"4749": profilemac -"4750": ssad -"4751": spocp -"4752": snap -"4753": simon -"4756": RDCenter -"4774": converge -"4784": bfd-multi-ctl -"4786": smart-install -"4787": sia-ctrl-plane -"4788": xmcp -"4800": iims -"4801": iwec -"4802": ilss -"4803": notateit -"4827": htcp -"4837": varadero-0 -"4838": varadero-1 -"4839": varadero-2 -"4840": opcua-tcp -"4841": quosa -"4842": gw-asv -"4843": opcua-tls -"4844": gw-log -"4845": wcr-remlib -"4846": contamac-icm -"4847": wfc -"4848": appserv-http -"4849": appserv-https -"4850": sun-as-nodeagt -"4851": derby-repli -"4867": unify-debug -"4868": phrelay -"4869": phrelaydbg -"4870": cc-tracking -"4871": wired -"4876": tritium-can -"4877": lmcs -"4879": wsdl-event -"4880": hislip -"4883": wmlserver -"4884": hivestor -"4885": abbs -"4894": lyskom -"4899": radmin-port -"4900": hfcs -"4901": flr-agent -"4902": magiccontrol -"4912": lutap -"4913": lutcp -"4914": bones -"4915": frcs -"4940": eq-office-4940 -"4941": eq-office-4941 -"4942": eq-office-4942 -"4949": munin -"4950": sybasesrvmon -"4951": pwgwims -"4952": sagxtsds -"4953": dbsyncarbiter -"4969": ccss-qmm -"4970": ccss-qsm -"4984": webyast -"4985": gerhcs -"4986": mrip -"4987": smar-se-port1 -"4988": smar-se-port2 -"4989": parallel -"4990": busycal -"4991": vrt -"4999": hfcs-manager -"5000": commplex-main -"5001": commplex-link -"5002": rfe -"5003": fmpro-internal -"5004": avt-profile-1 -"5005": avt-profile-2 -"5006": wsm-server -"5007": wsm-server-ssl -"5008": synapsis-edge -"5009": winfs -"5010": telelpathstart -"5011": telelpathattack -"5012": nsp -"5013": fmpro-v6 -"5015": fmwp -"5020": zenginkyo-1 -"5021": zenginkyo-2 -"5022": mice -"5023": htuilsrv -"5024": scpi-telnet -"5025": scpi-raw -"5026": strexec-d -"5027": strexec-s -"5028": qvr -"5029": infobright -"5030": surfpass -"5032": signacert-agent -"5033": jtnetd-server -"5034": jtnetd-status -"5042": asnaacceler8db -"5043": swxadmin -"5044": lxi-evntsvc -"5045": osp -"5048": texai -"5049": ivocalize -"5050": mmcc -"5051": ita-agent -"5052": ita-manager -"5053": rlm -"5054": rlm-admin -"5055": unot -"5056": intecom-ps1 -"5057": intecom-ps2 -"5059": sds -"5060": sip -"5061": sips -"5062": na-localise -"5063": csrpc -"5064": ca-1 -"5065": ca-2 -"5066": stanag-5066 -"5067": authentx -"5068": bitforestsrv -"5069": i-net-2000-npr -"5070": vtsas -"5071": powerschool -"5072": ayiya -"5073": tag-pm -"5074": alesquery -"5075": pvaccess -"5080": onscreen -"5081": sdl-ets -"5082": qcp -"5083": qfp -"5084": llrp -"5085": encrypted-llrp -"5086": aprigo-cs -"5087": biotic -"5093": sentinel-lm -"5094": hart-ip -"5099": sentlm-srv2srv -"5100": socalia -"5101": talarian-tcp -"5102": oms-nonsecure -"5103": actifio-c2c -"5106": actifioudsagent -"5107": actifioreplic -"5111": taep-as-svc -"5112": pm-cmdsvr -"5114": ev-services -"5115": autobuild -"5117": gradecam -"5120": barracuda-bbs -"5133": nbt-pc -"5134": ppactivation -"5135": erp-scale -"5137": ctsd -"5145": rmonitor-secure -"5146": social-alarm -"5150": atmp -"5151": esri-sde -"5152": sde-discovery -"5153": toruxserver -"5154": bzflag -"5155": asctrl-agent -"5156": rugameonline -"5157": mediat -"5161": snmpssh -"5162": snmpssh-trap -"5163": sbackup -"5164": vpa -"5165": ife-icorp -"5166": winpcs -"5167": scte104 -"5168": scte30 -"5172": pcoip-mgmt -"5190": aol -"5191": aol-1 -"5192": aol-2 -"5193": aol-3 -"5194": cpscomm -"5195": ampl-lic -"5196": ampl-tableproxy -"5197": tunstall-lwp -"5200": targus-getdata -"5201": targus-getdata1 -"5202": targus-getdata2 -"5203": targus-getdata3 -"5209": nomad -"5215": noteza -"5221": 3exmp -"5222": xmpp-client -"5223": hpvirtgrp -"5224": hpvirtctrl -"5225": hp-server -"5226": hp-status -"5227": perfd -"5228": hpvroom -"5229": jaxflow -"5230": jaxflow-data -"5231": crusecontrol -"5232": csedaemon -"5233": enfs -"5234": eenet -"5235": galaxy-network -"5236": padl2sim -"5237": mnet-discovery -"5245": downtools -"5248": caacws -"5249": caaclang2 -"5250": soagateway -"5251": caevms -"5252": movaz-ssc -"5253": kpdp -"5254": logcabin -"5264": 3com-njack-1 -"5265": 3com-njack-2 -"5269": xmpp-server -"5270": cartographerxmp -"5271": cuelink -"5272": pk -"5280": xmpp-bosh -"5281": undo-lm -"5282": transmit-port -"5298": presence -"5299": nlg-data -"5300": hacl-hb -"5301": hacl-gs -"5302": hacl-cfg -"5303": hacl-probe -"5304": hacl-local -"5305": hacl-test -"5306": sun-mc-grp -"5307": sco-aip -"5308": cfengine -"5309": jprinter -"5310": outlaws -"5312": permabit-cs -"5313": rrdp -"5314": opalis-rbt-ipc -"5315": hacl-poll -"5316": hpbladems -"5317": hpdevms -"5318": pkix-cmc -"5320": bsfserver-zn -"5321": bsfsvr-zn-ssl -"5343": kfserver -"5344": xkotodrcp -"5349": stuns -"5352": dns-llq -"5353": mdns -"5354": mdnsresponder -"5355": llmnr -"5356": ms-smlbiz -"5357": wsdapi -"5358": wsdapi-s -"5359": ms-alerter -"5360": ms-sideshow -"5361": ms-s-sideshow -"5362": serverwsd2 -"5363": net-projection -"5397": stresstester -"5398": elektron-admin -"5399": securitychase -"5400": excerpt -"5401": excerpts -"5402": mftp -"5403": hpoms-ci-lstn -"5404": hpoms-dps-lstn -"5405": netsupport -"5406": systemics-sox -"5407": foresyte-clear -"5408": foresyte-sec -"5409": salient-dtasrv -"5410": salient-usrmgr -"5411": actnet -"5412": continuus -"5413": wwiotalk -"5414": statusd -"5415": ns-server -"5416": sns-gateway -"5417": sns-agent -"5418": mcntp -"5419": dj-ice -"5420": cylink-c -"5421": netsupport2 -"5422": salient-mux -"5423": virtualuser -"5424": beyond-remote -"5425": br-channel -"5426": devbasic -"5427": sco-peer-tta -"5428": telaconsole -"5429": base -"5430": radec-corp -"5431": park-agent -"5432": postgresql -"5433": pyrrho -"5434": sgi-arrayd -"5435": sceanics -"5443": spss -"5445": smbdirect -"5450": tiepie -"5453": surebox -"5454": apc-5454 -"5455": apc-5455 -"5456": apc-5456 -"5461": silkmeter -"5462": ttl-publisher -"5463": ttlpriceproxy -"5464": quailnet -"5465": netops-broker -"5470": apsolab-col -"5471": apsolab-cols -"5472": apsolab-tag -"5473": apsolab-tags -"5475": apsolab-data -"5500": fcp-addr-srvr1 -"5501": fcp-addr-srvr2 -"5502": fcp-srvr-inst1 -"5503": fcp-srvr-inst2 -"5504": fcp-cics-gw1 -"5505": checkoutdb -"5506": amc -"5507": psl-management -"5553": sgi-eventmond -"5554": sgi-esphttp -"5555": personal-agent -"5556": freeciv -"5557": farenet -"5565": hpe-dp-bura -"5566": westec-connect -"5567": dof-dps-mc-sec -"5568": sdt -"5569": rdmnet-ctrl -"5573": sdmmp -"5574": lsi-bobcat -"5575": ora-oap -"5579": fdtracks -"5580": tmosms0 -"5581": tmosms1 -"5582": fac-restore -"5583": tmo-icon-sync -"5584": bis-web -"5585": bis-sync -"5586": att-mt-sms -"5597": ininmessaging -"5598": mctfeed -"5599": esinstall -"5600": esmmanager -"5601": esmagent -"5602": a1-msc -"5603": a1-bs -"5604": a3-sdunode -"5605": a4-sdunode -"5618": efr -"5627": ninaf -"5628": htrust -"5629": symantec-sfdb -"5630": precise-comm -"5631": pcanywheredata -"5632": pcanywherestat -"5633": beorl -"5634": xprtld -"5635": sfmsso -"5636": sfm-db-server -"5637": cssc -"5638": flcrs -"5639": ics -"5646": vfmobile -"5670": filemq -"5671": amqps -"5672": amqp -"5673": jms -"5674": hyperscsi-port -"5675": v5ua -"5676": raadmin -"5677": questdb2-lnchr -"5678": rrac -"5679": dccm -"5680": auriga-router -"5681": ncxcp -"5688": ggz -"5689": qmvideo -"5693": rbsystem -"5696": kmip -"5700": supportassist -"5713": proshareaudio -"5714": prosharevideo -"5715": prosharedata -"5716": prosharerequest -"5717": prosharenotify -"5718": dpm -"5719": dpm-agent -"5720": ms-licensing -"5721": dtpt -"5722": msdfsr -"5723": omhs -"5724": omsdk -"5725": ms-ilm -"5726": ms-ilm-sts -"5727": asgenf -"5728": io-dist-data -"5729": openmail -"5730": unieng -"5741": ida-discover1 -"5742": ida-discover2 -"5743": watchdoc-pod -"5744": watchdoc -"5745": fcopy-server -"5746": fcopys-server -"5747": tunatic -"5748": tunalyzer -"5750": rscd -"5755": openmailg -"5757": x500ms -"5766": openmailns -"5767": s-openmail -"5768": openmailpxy -"5769": spramsca -"5770": spramsd -"5771": netagent -"5777": dali-port -"5780": vts-rpc -"5781": 3par-evts -"5782": 3par-mgmt -"5783": 3par-mgmt-ssl -"5785": 3par-rcopy -"5793": xtreamx -"5813": icmpd -"5814": spt-automation -"5841": shiprush-d-ch -"5842": reversion -"5859": wherehoo -"5863": ppsuitemsg -"5868": diameters -"5883": jute -"5900": rfb -"5910": cm -"5911": cpdlc -"5912": fis -"5913": ads-c -"5963": indy -"5968": mppolicy-v5 -"5969": mppolicy-mgr -"5984": couchdb -"5985": wsman -"5986": wsmans -"5987": wbem-rmi -"5988": wbem-http -"5989": wbem-https -"5990": wbem-exp-https -"5991": nuxsl -"5992": consul-insight -"5993": cim-rs -"5999": cvsup -"6000": x11 -"6001": x11 -"6002": x11 -"6003": x11 -"6004": x11 -"6005": x11 -"6006": x11 -"6007": x11 -"6008": x11 -"6009": x11 -"6010": x11 -"6011": x11 -"6012": x11 -"6013": x11 -"6014": x11 -"6015": x11 -"6016": x11 -"6017": x11 -"6018": x11 -"6019": x11 -"6020": x11 -"6021": x11 -"6022": x11 -"6023": x11 -"6024": x11 -"6025": x11 -"6026": x11 -"6027": x11 -"6028": x11 -"6029": x11 -"6030": x11 -"6031": x11 -"6032": x11 -"6033": x11 -"6034": x11 -"6035": x11 -"6036": x11 -"6037": x11 -"6038": x11 -"6039": x11 -"6040": x11 -"6041": x11 -"6042": x11 -"6043": x11 -"6044": x11 -"6045": x11 -"6046": x11 -"6047": x11 -"6048": x11 -"6049": x11 -"6050": x11 -"6051": x11 -"6052": x11 -"6053": x11 -"6054": x11 -"6055": x11 -"6056": x11 -"6057": x11 -"6058": x11 -"6059": x11 -"6060": x11 -"6061": x11 -"6062": x11 -"6063": x11 -"6064": ndl-ahp-svc -"6065": winpharaoh -"6066": ewctsp -"6068": gsmp-ancp -"6069": trip -"6070": messageasap -"6071": ssdtp -"6072": diagnose-proc -"6073": directplay8 -"6074": max -"6075": dpm-acm -"6076": msft-dpm-cert -"6077": iconstructsrv -"6084": reload-config -"6085": konspire2b -"6086": pdtp -"6087": ldss -"6088": doglms -"6099": raxa-mgmt -"6100": synchronet-db -"6101": synchronet-rtc -"6102": synchronet-upd -"6103": rets -"6104": dbdb -"6105": primaserver -"6106": mpsserver -"6107": etc-control -"6108": sercomm-scadmin -"6109": globecast-id -"6110": softcm -"6111": spc -"6112": dtspcd -"6113": dayliteserver -"6114": wrspice -"6115": xic -"6116": xtlserv -"6117": daylitetouch -"6121": spdy -"6122": bex-webadmin -"6123": backup-express -"6124": pnbs -"6130": damewaremobgtwy -"6133": nbt-wol -"6140": pulsonixnls -"6141": meta-corp -"6142": aspentec-lm -"6143": watershed-lm -"6144": statsci1-lm -"6145": statsci2-lm -"6146": lonewolf-lm -"6147": montage-lm -"6148": ricardo-lm -"6149": tal-pod -"6159": efb-aci -"6160": ecmp -"6161": patrol-ism -"6162": patrol-coll -"6163": pscribe -"6200": lm-x -"6209": qmtps -"6222": radmind -"6241": jeol-nsdtp-1 -"6242": jeol-nsdtp-2 -"6243": jeol-nsdtp-3 -"6244": jeol-nsdtp-4 -"6251": tl1-raw-ssl -"6252": tl1-ssh -"6253": crip -"6267": gld -"6268": grid -"6269": grid-alt -"6300": bmc-grx -"6301": bmc-ctd-ldap -"6306": ufmp -"6315": scup -"6316": abb-escp -"6317": nav-data-cmd -"6320": repsvc -"6321": emp-server1 -"6322": emp-server2 -"6324": hrd-ncs -"6325": dt-mgmtsvc -"6326": dt-vra -"6343": sflow -"6344": streletz -"6346": gnutella-svc -"6347": gnutella-rtr -"6350": adap -"6355": pmcs -"6360": metaedit-mu -"6370": metaedit-se -"6379": redis -"6382": metatude-mds -"6389": clariion-evr01 -"6390": metaedit-ws -"6417": faxcomservice -"6418": syserverremote -"6419": svdrp -"6420": nim-vdrshell -"6421": nim-wan -"6432": pgbouncer -"6442": tarp -"6443": sun-sr-https -"6444": sge-qmaster -"6445": sge-execd -"6446": mysql-proxy -"6455": skip-cert-recv -"6456": skip-cert-send -"6471": lvision-lm -"6480": sun-sr-http -"6481": servicetags -"6482": ldoms-mgmt -"6483": SunVTS-RMI -"6484": sun-sr-jms -"6485": sun-sr-iiop -"6486": sun-sr-iiops -"6487": sun-sr-iiop-aut -"6488": sun-sr-jmx -"6489": sun-sr-admin -"6500": boks -"6501": boks-servc -"6502": boks-servm -"6503": boks-clntd -"6505": badm-priv -"6506": badm-pub -"6507": bdir-priv -"6508": bdir-pub -"6509": mgcs-mfp-port -"6510": mcer-port -"6513": netconf-tls -"6514": syslog-tls -"6515": elipse-rec -"6543": lds-distrib -"6544": lds-dump -"6547": apc-6547 -"6548": apc-6548 -"6549": apc-6549 -"6550": fg-sysupdate -"6551": sum -"6558": xdsxdm -"6566": sane-port -"6568": canit-store -"6579": affiliate -"6580": parsec-master -"6581": parsec-peer -"6582": parsec-game -"6583": joaJewelSuite -"6600": mshvlm -"6601": mstmg-sstp -"6602": wsscomfrmwk -"6619": odette-ftps -"6620": kftp-data -"6621": kftp -"6622": mcftp -"6623": ktelnet -"6624": datascaler-db -"6625": datascaler-ctl -"6626": wago-service -"6627": nexgen -"6628": afesc-mc -"6629": nexgen-aux -"6632": mxodbc-connect -"6640": ovsdb -"6653": openflow -"6655": pcs-sf-ui-man -"6656": emgmsg -"6665": ircu -"6667": ircu -"6668": ircu -"6669": ircu -"6669": ircu -"6670": vocaltec-gold -"6671": p4p-portal -"6672": vision-server -"6673": vision-elmd -"6678": vfbp -"6679": osaut -"6687": clever-ctrace -"6688": clever-tcpip -"6689": tsa -"6690": cleverdetect -"6697": ircs-u -"6701": kti-icad-srvr -"6702": e-design-net -"6703": e-design-web -"6714": ibprotocol -"6715": fibotrader-com -"6716": princity-agent -"6767": bmc-perf-agent -"6768": bmc-perf-mgrd -"6769": adi-gxp-srvprt -"6770": plysrv-http -"6771": plysrv-https -"6777": ntz-tracker -"6778": ntz-p2p-storage -"6785": dgpf-exchg -"6786": smc-jmx -"6787": smc-admin -"6788": smc-http -"6789": radg -"6790": hnmp -"6791": hnm -"6801": acnet -"6817": pentbox-sim -"6831": ambit-lm -"6841": netmo-default -"6842": netmo-http -"6850": iccrushmore -"6868": acctopus-cc -"6888": muse -"6900": rtimeviewer -"6901": jetstream -"6935": ethoscan -"6936": xsmsvc -"6946": bioserver -"6951": otlp -"6961": jmact3 -"6962": jmevt2 -"6963": swismgr1 -"6964": swismgr2 -"6965": swistrap -"6966": swispol -"6969": acmsoda -"6970": conductor -"6997": MobilitySrv -"6998": iatp-highpri -"6999": iatp-normalpri -"7000": afs3-fileserver -"7001": afs3-callback -"7002": afs3-prserver -"7003": afs3-vlserver -"7004": afs3-kaserver -"7005": afs3-volser -"7006": afs3-errors -"7007": afs3-bos -"7008": afs3-update -"7009": afs3-rmtsys -"7010": ups-onlinet -"7011": talon-disc -"7012": talon-engine -"7013": microtalon-dis -"7014": microtalon-com -"7015": talon-webserver -"7018": fisa-svc -"7019": doceri-ctl -"7020": dpserve -"7021": dpserveadmin -"7022": ctdp -"7023": ct2nmcs -"7024": vmsvc -"7025": vmsvc-2 -"7030": op-probe -"7031": iposplanet -"7070": arcp -"7071": iwg1 -"7073": martalk -"7080": empowerid -"7099": lazy-ptop -"7100": font-service -"7101": elcn -"7117": rothaga -"7121": virprot-lm -"7128": scenidm -"7129": scenccs -"7161": cabsm-comm -"7162": caistoragemgr -"7163": cacsambroker -"7164": fsr -"7165": doc-server -"7166": aruba-server -"7167": casrmagent -"7168": cnckadserver -"7169": ccag-pib -"7170": nsrp -"7171": drm-production -"7172": metalbend -"7173": zsecure -"7174": clutild -"7200": fodms -"7201": dlip -"7215": PS-Server -"7216": PS-Capture-Pro -"7227": ramp -"7228": citrixupp -"7229": citrixuppg -"7236": display -"7237": pads -"7244": frc-hicp -"7262": cnap -"7272": watchme-7272 -"7273": oma-rlp -"7274": oma-rlp-s -"7275": oma-ulp -"7276": oma-ilp -"7277": oma-ilp-s -"7278": oma-dcdocbs -"7279": ctxlic -"7280": itactionserver1 -"7281": itactionserver2 -"7282": mzca-action -"7283": genstat -"7365": lcm-server -"7391": mindfilesys -"7392": mrssrendezvous -"7393": nfoldman -"7394": fse -"7395": winqedit -"7397": hexarc -"7400": rtps-discovery -"7401": rtps-dd-ut -"7402": rtps-dd-mt -"7410": ionixnetmon -"7411": daqstream -"7421": mtportmon -"7426": pmdmgr -"7427": oveadmgr -"7428": ovladmgr -"7429": opi-sock -"7430": xmpv7 -"7431": pmd -"7437": faximum -"7443": oracleas-https -"7471": sttunnel -"7473": rise -"7474": neo4j -"7478": openit -"7491": telops-lmd -"7500": silhouette -"7501": ovbus -"7508": adcp -"7509": acplt -"7510": ovhpas -"7511": pafec-lm -"7542": saratoga -"7543": atul -"7544": nta-ds -"7545": nta-us -"7546": cfs -"7547": cwmp -"7548": tidp -"7549": nls-tl -"7551": controlone-con -"7560": sncp -"7563": cfw -"7566": vsi-omega -"7569": dell-eql-asm -"7570": aries-kfinder -"7574": coherence -"7588": sun-lm -"7606": mipi-debug -"7624": indi -"7626": simco -"7627": soap-http -"7628": zen-pawn -"7629": xdas -"7630": hawk -"7631": tesla-sys-msg -"7633": pmdfmgt -"7648": cuseeme -"7672": imqstomp -"7673": imqstomps -"7674": imqtunnels -"7675": imqtunnel -"7676": imqbrokerd -"7677": sun-user-https -"7680": pando-pub -"7683": dmt -"7687": bolt -"7689": collaber -"7697": klio -"7700": em7-secom -"7707": sync-em7 -"7708": scinet -"7720": medimageportal -"7724": nsdeepfreezectl -"7725": nitrogen -"7726": freezexservice -"7727": trident-data -"7728": osvr -"7734": smip -"7738": aiagent -"7741": scriptview -"7742": msss -"7743": sstp-1 -"7744": raqmon-pdu -"7747": prgp -"7775": inetfs -"7777": cbt -"7778": interwise -"7779": vstat -"7781": accu-lmgr -"7786": minivend -"7787": popup-reminders -"7789": office-tools -"7794": q3ade -"7797": pnet-conn -"7798": pnet-enc -"7799": altbsdp -"7800": asr -"7801": ssp-client -"7810": rbt-wanopt -"7845": apc-7845 -"7846": apc-7846 -"7847": csoauth -"7869": mobileanalyzer -"7870": rbt-smc -"7871": mdm -"7878": owms -"7880": pss -"7887": ubroker -"7900": mevent -"7901": tnos-sp -"7902": tnos-dp -"7903": tnos-dps -"7913": qo-secure -"7932": t2-drm -"7933": t2-brm -"7962": generalsync -"7967": supercell -"7979": micromuse-ncps -"7980": quest-vista -"7981": sossd-collect -"7982": sossd-agent -"7997": pushns -"7999": irdmi2 -"8000": irdmi -"8001": vcom-tunnel -"8002": teradataordbms -"8003": mcreport -"8005": mxi -"8008": http-alt -"8019": qbdb -"8020": intu-ec-svcdisc -"8021": intu-ec-client -"8022": oa-system -"8025": ca-audit-da -"8026": ca-audit-ds -"8032": pro-ed -"8033": mindprint -"8034": vantronix-mgmt -"8040": ampify -"8042": fs-agent -"8043": fs-server -"8044": fs-mgmt -"8051": rocrail -"8052": senomix01 -"8053": senomix02 -"8054": senomix03 -"8055": senomix04 -"8056": senomix05 -"8057": senomix06 -"8058": senomix07 -"8059": senomix08 -"8066": toad-bi-appsrvr -"8067": infi-async -"8074": gadugadu -"8080": http-alt -"8081": sunproxyadmin -"8082": us-cli -"8083": us-srv -"8086": d-s-n -"8087": simplifymedia -"8088": radan-http -"8091": jamlink -"8097": sac -"8100": xprint-server -"8101": ldoms-migr -"8102": kz-migr -"8115": mtl8000-matrix -"8116": cp-cluster -"8117": purityrpc -"8118": privoxy -"8121": apollo-data -"8122": apollo-admin -"8128": paycash-online -"8129": paycash-wbp -"8130": indigo-vrmi -"8131": indigo-vbcp -"8132": dbabble -"8140": puppet -"8148": isdd -"8153": quantastor -"8160": patrol -"8161": patrol-snmp -"8162": lpar2rrd -"8181": intermapper -"8182": vmware-fdm -"8183": proremote -"8184": itach -"8190": gcp-rphy -"8191": limnerpressure -"8192": spytechphone -"8194": blp1 -"8195": blp2 -"8199": vvr-data -"8200": trivnet1 -"8201": trivnet2 -"8204": lm-perfworks -"8205": lm-instmgr -"8206": lm-dta -"8207": lm-sserver -"8208": lm-webwatcher -"8230": rexecj -"8243": synapse-nhttps -"8276": pando-sec -"8280": synapse-nhttp -"8282": libelle -"8292": blp3 -"8293": hiperscan-id -"8294": blp4 -"8300": tmi -"8301": amberon -"8313": hub-open-net -"8320": tnp-discover -"8321": tnp -"8322": garmin-marine -"8351": server-find -"8376": cruise-enum -"8377": cruise-swroute -"8378": cruise-config -"8379": cruise-diags -"8380": cruise-update -"8383": m2mservices -"8400": cvd -"8401": sabarsd -"8402": abarsd -"8403": admind -"8404": svcloud -"8405": svbackup -"8415": dlpx-sp -"8416": espeech -"8417": espeech-rtp -"8442": cybro-a-bus -"8443": pcsync-https -"8444": pcsync-http -"8445": copy -"8450": npmp -"8457": nexentamv -"8470": cisco-avp -"8471": pim-port -"8472": otv -"8473": vp2p -"8474": noteshare -"8500": fmtp -"8501": cmtp-mgt -"8502": ftnmtp -"8554": rtsp-alt -"8555": d-fence -"8567": dof-tunnel -"8600": asterix -"8610": canon-mfnp -"8611": canon-bjnp1 -"8612": canon-bjnp2 -"8613": canon-bjnp3 -"8614": canon-bjnp4 -"8615": imink -"8665": monetra -"8666": monetra-admin -"8675": msi-cps-rm -"8686": sun-as-jmxrmi -"8688": openremote-ctrl -"8699": vnyx -"8711": nvc -"8733": ibus -"8750": dey-keyneg -"8763": mc-appserver -"8764": openqueue -"8765": ultraseek-http -"8766": amcs -"8770": dpap -"8778": uec -"8786": msgclnt -"8787": msgsrvr -"8793": acd-pm -"8800": sunwebadmin -"8804": truecm -"8873": dxspider -"8880": cddbp-alt -"8881": galaxy4d -"8883": secure-mqtt -"8888": ddi-tcp-1 -"8889": ddi-tcp-2 -"8890": ddi-tcp-3 -"8891": ddi-tcp-4 -"8892": ddi-tcp-5 -"8893": ddi-tcp-6 -"8894": ddi-tcp-7 -"8899": ospf-lite -"8900": jmb-cds1 -"8901": jmb-cds2 -"8910": manyone-http -"8911": manyone-xml -"8912": wcbackup -"8913": dragonfly -"8937": twds -"8953": ub-dns-control -"8954": cumulus-admin -"8980": nod-provider -"8989": sunwebadmins -"8990": http-wmap -"8991": https-wmap -"8997": oracle-ms-ens -"8998": canto-roboflow -"8999": bctp -"9000": cslistener -"9001": etlservicemgr -"9002": dynamid -"9005": golem -"9008": ogs-server -"9009": pichat -"9010": sdr -"9020": tambora -"9021": panagolin-ident -"9022": paragent -"9023": swa-1 -"9024": swa-2 -"9025": swa-3 -"9026": swa-4 -"9050": versiera -"9051": fio-cmgmt -"9060": CardWeb-IO -"9080": glrpc -"9083": emc-pp-mgmtsvc -"9084": aurora -"9085": ibm-rsyscon -"9086": net2display -"9087": classic -"9088": sqlexec -"9089": sqlexec-ssl -"9090": websm -"9091": xmltec-xmlmail -"9092": XmlIpcRegSvc -"9093": copycat -"9100": pdl-datastream -"9101": bacula-dir -"9102": bacula-fd -"9103": bacula-sd -"9104": peerwire -"9105": xadmin -"9106": astergate -"9107": astergatefax -"9119": mxit -"9122": grcmp -"9123": grcp -"9131": dddp -"9160": apani1 -"9161": apani2 -"9162": apani3 -"9163": apani4 -"9164": apani5 -"9191": sun-as-jpda -"9200": wap-wsp -"9201": wap-wsp-wtp -"9202": wap-wsp-s -"9203": wap-wsp-wtp-s -"9204": wap-vcard -"9205": wap-vcal -"9206": wap-vcard-s -"9207": wap-vcal-s -"9208": rjcdb-vcards -"9209": almobile-system -"9210": oma-mlp -"9211": oma-mlp-s -"9212": serverviewdbms -"9213": serverstart -"9214": ipdcesgbs -"9215": insis -"9216": acme -"9217": fsc-port -"9222": teamcoherence -"9255": mon -"9278": pegasus -"9279": pegasus-ctl -"9280": pgps -"9281": swtp-port1 -"9282": swtp-port2 -"9283": callwaveiam -"9284": visd -"9285": n2h2server -"9287": cumulus -"9292": armtechdaemon -"9293": storview -"9294": armcenterhttp -"9295": armcenterhttps -"9300": vrace -"9306": sphinxql -"9312": sphinxapi -"9318": secure-ts -"9321": guibase -"9343": mpidcmgr -"9344": mphlpdmc -"9345": rancher -"9346": ctechlicensing -"9374": fjdmimgr -"9380": boxp -"9387": d2dconfig -"9388": d2ddatatrans -"9389": adws -"9390": otp -"9396": fjinvmgr -"9397": mpidcagt -"9400": sec-t4net-srv -"9401": sec-t4net-clt -"9402": sec-pc2fax-srv -"9418": git -"9443": tungsten-https -"9444": wso2esb-console -"9445": mindarray-ca -"9450": sntlkeyssrvr -"9500": ismserver -"9535": mngsuite -"9536": laes-bf -"9555": trispen-sra -"9592": ldgateway -"9593": cba8 -"9594": msgsys -"9595": pds -"9596": mercury-disc -"9597": pd-admin -"9598": vscp -"9599": robix -"9600": micromuse-ncpw -"9612": streamcomm-ds -"9614": iadt-tls -"9616": erunbook-agent -"9617": erunbook-server -"9618": condor -"9628": odbcpathway -"9629": uniport -"9630": peoctlr -"9631": peocoll -"9640": pqsflows -"9666": zoomcp -"9667": xmms2 -"9668": tec5-sdctp -"9694": client-wakeup -"9695": ccnx -"9700": board-roar -"9747": l5nas-parchan -"9750": board-voip -"9753": rasadv -"9762": tungsten-http -"9800": davsrc -"9801": sstp-2 -"9802": davsrcs -"9875": sapv1 -"9876": sd -"9888": cyborg-systems -"9889": gt-proxy -"9898": monkeycom -"9900": iua -"9909": domaintime -"9911": sype-transport -"9925": xybrid-cloud -"9950": apc-9950 -"9951": apc-9951 -"9952": apc-9952 -"9953": acis -"9954": hinp -"9955": alljoyn-stm -"9966": odnsp -"9978": xybrid-rt -"9987": dsm-scm-target -"9988": nsesrvr -"9990": osm-appsrvr -"9991": osm-oev -"9992": palace-1 -"9993": palace-2 -"9994": palace-3 -"9995": palace-4 -"9996": palace-5 -"9997": palace-6 -"9998": distinct32 -"9999": distinct -"10000": ndmp -"10001": scp-config -"10002": documentum -"10003": documentum-s -"10004": emcrmirccd -"10005": emcrmird -"10006": netapp-sync -"10007": mvs-capacity -"10008": octopus -"10009": swdtp-sv -"10010": rxapi -"10050": zabbix-agent -"10051": zabbix-trapper -"10055": qptlmd -"10080": amanda -"10081": famdc -"10100": itap-ddtp -"10101": ezmeeting-2 -"10102": ezproxy-2 -"10103": ezrelay -"10104": swdtp -"10107": bctp-server -"10110": nmea-0183 -"10113": netiq-endpoint -"10114": netiq-qcheck -"10115": netiq-endpt -"10116": netiq-voipa -"10117": iqrm -"10125": cimple -"10128": bmc-perf-sd -"10129": bmc-gms -"10160": qb-db-server -"10161": snmptls -"10162": snmptls-trap -"10200": trisoap -"10201": rsms -"10252": apollo-relay -"10260": axis-wimp-port -"10261": tile-ml -"10288": blocks -"10321": cosir -"10540": MOS-lower -"10541": MOS-upper -"10542": MOS-aux -"10543": MOS-soap -"10544": MOS-soap-opt -"10548": serverdocs -"10631": printopia -"10800": gap -"10805": lpdg -"10809": nbd -"10860": helix -"10880": bveapi -"10933": octopustentacle -"10990": rmiaux -"11000": irisa -"11001": metasys -"11095": weave -"11103": origo-sync -"11104": netapp-icmgmt -"11105": netapp-icdata -"11106": sgi-lk -"11109": sgi-dmfmgr -"11110": sgi-soap -"11111": vce -"11112": dicom -"11161": suncacao-snmp -"11162": suncacao-jmxmp -"11163": suncacao-rmi -"11164": suncacao-csa -"11165": suncacao-websvc -"11172": oemcacao-jmxmp -"11173": t5-straton -"11174": oemcacao-rmi -"11175": oemcacao-websvc -"11201": smsqp -"11202": dcsl-backup -"11208": wifree -"11211": memcache -"11319": imip -"11320": imip-channels -"11321": arena-server -"11367": atm-uhas -"11371": hkp -"11489": asgcypresstcps -"11600": tempest-port -"11623": emc-xsw-dconfig -"11720": h323callsigalt -"11723": emc-xsw-dcache -"11751": intrepid-ssl -"11796": lanschool -"11876": xoraya -"11967": sysinfo-sp -"12000": entextxid -"12001": entextnetwk -"12002": entexthigh -"12003": entextmed -"12004": entextlow -"12005": dbisamserver1 -"12006": dbisamserver2 -"12007": accuracer -"12008": accuracer-dbms -"12010": edbsrvr -"12012": vipera -"12013": vipera-ssl -"12109": rets-ssl -"12121": nupaper-ss -"12168": cawas -"12172": hivep -"12300": linogridengine -"12302": rads -"12321": warehouse-sss -"12322": warehouse -"12345": italk -"12753": tsaf -"12865": netperf -"13160": i-zipqd -"13216": bcslogc -"13217": rs-pias -"13218": emc-vcas-tcp -"13223": powwow-client -"13224": powwow-server -"13400": doip-data -"13720": bprd -"13721": bpdbm -"13722": bpjava-msvc -"13724": vnetd -"13782": bpcd -"13783": vopied -"13785": nbdb -"13786": nomdb -"13818": dsmcc-config -"13819": dsmcc-session -"13820": dsmcc-passthru -"13821": dsmcc-download -"13822": dsmcc-ccp -"13823": bmdss -"13894": ucontrol -"13929": dta-systems -"13930": medevolve -"14000": scotty-ft -"14001": sua -"14033": sage-best-com1 -"14034": sage-best-com2 -"14141": vcs-app -"14142": icpp -"14143": icpps -"14145": gcm-app -"14149": vrts-tdd -"14150": vcscmd -"14154": vad -"14250": cps -"14414": ca-web-update -"14500": xpra -"14936": hde-lcesrvr-1 -"14937": hde-lcesrvr-2 -"15000": hydap -"15002": onep-tls -"15345": xpilot -"15363": 3link -"15555": cisco-snat -"15660": bex-xr -"15740": ptp -"15999": programmar -"16000": fmsas -"16001": fmsascon -"16002": gsms -"16020": jwpc -"16021": jwpc-bin -"16161": sun-sea-port -"16162": solaris-audit -"16309": etb4j -"16310": pduncs -"16311": pdefmns -"16360": netserialext1 -"16361": netserialext2 -"16367": netserialext3 -"16368": netserialext4 -"16384": connected -"16385": rdgs -"16619": xoms -"16665": axon-tunnel -"16789": cadsisvr -"16900": newbay-snc-mc -"16950": sgcip -"16991": intel-rci-mp -"16992": amt-soap-http -"16993": amt-soap-https -"16994": amt-redir-tcp -"16995": amt-redir-tls -"17007": isode-dua -"17184": vestasdlp -"17185": soundsvirtual -"17219": chipper -"17220": avtp -"17221": avdecc -"17223": isa100-gci -"17225": trdp-md -"17234": integrius-stp -"17235": ssh-mgmt -"17500": db-lsp -"17555": ailith -"17729": ea -"17754": zep -"17755": zigbee-ip -"17756": zigbee-ips -"17777": sw-orion -"18000": biimenu -"18104": radpdf -"18136": racf -"18181": opsec-cvp -"18182": opsec-ufp -"18183": opsec-sam -"18184": opsec-lea -"18185": opsec-omi -"18186": ohsc -"18187": opsec-ela -"18241": checkpoint-rtm -"18242": iclid -"18243": clusterxl -"18262": gv-pf -"18463": ac-cluster -"18634": rds-ib -"18635": rds-ip -"18668": vdmmesh -"18769": ique -"18881": infotos -"18888": apc-necmp -"19000": igrid -"19007": scintilla -"19020": j-link -"19191": opsec-uaa -"19194": ua-secureagent -"19220": cora -"19283": keysrvr -"19315": keyshadow -"19398": mtrgtrans -"19410": hp-sco -"19411": hp-sca -"19412": hp-sessmon -"19539": fxuptp -"19540": sxuptp -"19541": jcp -"19998": iec-104-sec -"19999": dnp-sec -"20000": dnp -"20001": microsan -"20002": commtact-http -"20003": commtact-https -"20005": openwebnet -"20013": ss-idi -"20014": opendeploy -"20034": nburn-id -"20046": tmophl7mts -"20048": mountd -"20049": nfsrdma -"20057": avesterra -"20167": tolfab -"20202": ipdtp-port -"20222": ipulse-ics -"20480": emwavemsg -"20670": track -"20999": athand-mmp -"21000": irtrans -"21010": notezilla-lan -"21553": rdm-tfs -"21554": dfserver -"21590": vofr-gateway -"21800": tvpm -"21845": webphone -"21846": netspeak-is -"21847": netspeak-cs -"21848": netspeak-acd -"21849": netspeak-cps -"22000": snapenetio -"22001": optocontrol -"22002": optohost002 -"22003": optohost003 -"22004": optohost004 -"22005": optohost004 -"22125": dcap -"22128": gsidcap -"22222": easyengine -"22273": wnn6 -"22305": cis -"22335": shrewd-control -"22343": cis-secure -"22347": wibukey -"22350": codemeter -"22351": codemeter-cmwan -"22537": caldsoft-backup -"22555": vocaltec-wconf -"22763": talikaserver -"22800": aws-brf -"22951": brf-gw -"23000": inovaport1 -"23001": inovaport2 -"23002": inovaport3 -"23003": inovaport4 -"23004": inovaport5 -"23005": inovaport6 -"23053": gntp -"23294": 5afe-dir -"23333": elxmgmt -"23400": novar-dbase -"23401": novar-alarm -"23402": novar-global -"23456": aequus -"23457": aequus-alt -"23546": areaguard-neo -"24000": med-ltp -"24001": med-fsp-rx -"24002": med-fsp-tx -"24003": med-supp -"24004": med-ovw -"24005": med-ci -"24006": med-net-svc -"24242": filesphere -"24249": vista-4gl -"24321": ild -"24386": intel-rci -"24465": tonidods -"24554": binkp -"24577": bilobit -"24666": sdtvwcam -"24676": canditv -"24677": flashfiler -"24678": proactivate -"24680": tcc-http -"24754": cslg -"24922": find -"25000": icl-twobase1 -"25001": icl-twobase2 -"25002": icl-twobase3 -"25003": icl-twobase4 -"25004": icl-twobase5 -"25005": icl-twobase6 -"25006": icl-twobase7 -"25007": icl-twobase8 -"25008": icl-twobase9 -"25009": icl-twobase10 -"25576": sauterdongle -"25604": idtp -"25793": vocaltec-hos -"25900": tasp-net -"25901": niobserver -"25902": nilinkanalyst -"25903": niprobe -"26000": quake -"26133": scscp -"26208": wnn6-ds -"26257": cockroach -"26260": ezproxy -"26261": ezmeeting -"26262": k3software-svr -"26263": k3software-cli -"26486": exoline-tcp -"26487": exoconfig -"26489": exonet -"27345": imagepump -"27442": jesmsjc -"27504": kopek-httphead -"27782": ars-vista -"27876": astrolink -"27999": tw-auth-key -"28000": nxlmd -"28001": pqsp -"28200": voxelstorm -"28240": siemensgsm -"28589": bosswave -"29167": otmp -"29999": bingbang -"30000": ndmps -"30001": pago-services1 -"30002": pago-services2 -"30003": amicon-fpsu-ra -"30100": rwp -"30260": kingdomsonline -"30999": ovobs -"31016": ka-sddp -"31020": autotrac-acp -"31400": pace-licensed -"31416": xqosd -"31457": tetrinet -"31620": lm-mon -"31685": dsx-monitor -"31765": gamesmith-port -"31948": iceedcp-tx -"31949": iceedcp-rx -"32034": iracinghelper -"32249": t1distproc60 -"32400": plex -"32483": apm-link -"32635": sec-ntb-clnt -"32636": DMExpress -"32767": filenet-powsrm -"32768": filenet-tms -"32769": filenet-rpc -"32770": filenet-nch -"32771": filenet-rmi -"32772": filenet-pa -"32773": filenet-cm -"32774": filenet-re -"32775": filenet-pch -"32776": filenet-peior -"32777": filenet-obrok -"32801": mlsn -"32811": retp -"32896": idmgratm -"33060": mysqlx -"33123": aurora-balaena -"33331": diamondport -"33333": dgi-serv -"33334": speedtrace -"33434": traceroute -"33656": snip-slave -"34249": turbonote-2 -"34378": p-net-local -"34379": p-net-remote -"34567": dhanalakshmi -"34962": profinet-rt -"34963": profinet-rtm -"34964": profinet-cm -"34980": ethercat -"35000": heathview -"35001": rt-viewer -"35002": rt-sound -"35003": rt-devicemapper -"35004": rt-classmanager -"35005": rt-labtracker -"35006": rt-helper -"35100": axio-disc -"35354": kitim -"35355": altova-lm -"35356": guttersnex -"35357": openstack-id -"36001": allpeers -"36524": febooti-aw -"36602": observium-agent -"36700": mapx -"36865": kastenxpipe -"37475": neckar -"37483": gdrive-sync -"37601": eftp -"37654": unisys-eportal -"38000": ivs-database -"38001": ivs-insertion -"38002": cresco-control -"38201": galaxy7-data -"38202": fairview -"38203": agpolicy -"38800": sruth -"38865": secrmmsafecopya -"39681": turbonote-1 -"40000": safetynetp -"40404": sptx -"40841": cscp -"40842": csccredir -"40843": csccfirewall -"41111": fs-qos -"41121": tentacle -"41230": z-wave-s -"41794": crestron-cip -"41795": crestron-ctp -"41796": crestron-cips -"41797": crestron-ctps -"42508": candp -"42509": candrp -"42510": caerpc -"43000": recvr-rc -"43188": reachout -"43189": ndm-agent-port -"43190": ip-provision -"43191": noit-transport -"43210": shaperai -"43439": eq3-update -"43440": ew-mgmt -"43441": ciscocsdb -"44123": z-wave-tunnel -"44321": pmcd -"44322": pmcdproxy -"44323": pmwebapi -"44444": cognex-dataman -"44553": rbr-debug -"44818": EtherNet-IP-2 -"44900": m3da -"45000": asmp -"45001": asmps -"45002": rs-status -"45045": synctest -"45054": invision-ag -"45514": cloudcheck -"45678": eba -"45824": dai-shell -"45825": qdb2service -"45966": ssr-servermgr -"46336": inedo -"46998": spremotetablet -"46999": mediabox -"47000": mbus -"47001": winrm -"47557": dbbrowse -"47624": directplaysrvr -"47806": ap -"47808": bacnet -"48000": nimcontroller -"48001": nimspooler -"48002": nimhub -"48003": nimgtw -"48004": nimbusdb -"48005": nimbusdbctrl -"48049": 3gpp-cbsp -"48050": weandsf -"48128": isnetserv -"48129": blp5 -"48556": com-bardac-dw -"48619": iqobject -"48653": robotraconteur -"49000": matahari diff --git a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml b/modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml deleted file mode 100644 index 49623c6f5..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml +++ /dev/null @@ -1,5515 +0,0 @@ -"1": tcpmux -"2": compressnet -"3": compressnet -"5": rje -"7": echo -"9": discard -"11": systat -"13": daytime -"17": qotd -"18": msp -"19": chargen -"20": ftp-data -"21": ftp -"22": ssh -"23": telnet -"25": smtp -"27": nsw-fe -"29": msg-icp -"31": msg-auth -"33": dsp -"37": time -"38": rap -"39": rlp -"41": graphics -"42": nameserver -"43": nicname -"44": mpm-flags -"45": mpm -"46": mpm-snd -"47": ni-ftp -"48": auditd -"49": tacacs -"50": re-mail-ck -"52": xns-time -"53": dns -"54": xns-ch -"55": isi-gl -"56": xns-auth -"58": xns-mail -"61": ni-mail -"62": acas -"63": whoispp -"64": covia -"65": tacacs-ds -"66": sql-net -"67": bootps -"68": bootpc -"69": tftp -"70": gopher -"71": netrjs-1 -"72": netrjs-2 -"73": netrjs-3 -"74": netrjs-4 -"76": deos -"78": vettcp -"79": finger -"80": http -"82": xfer -"83": mit-ml-dev -"84": ctf -"85": mit-ml-dev -"86": mfcobol -"88": kerberos -"89": su-mit-tg -"90": dnsix -"91": mit-dov -"92": npp -"93": dcp -"94": objcall -"95": supdup -"96": dixie -"97": swift-rvf -"98": tacnews -"99": metagram -"101": hostname -"102": iso-tsap -"103": gppitnp -"104": acr-nema -"105": csnet-ns -"105": cso -"106": 3com-tsmux -"107": rtelnet -"108": snagas -"109": pop2 -"110": pop3 -"111": sunrpc -"112": mcidas -"113": auth -"115": sftp -"116": ansanotify -"117": uucp-path -"118": sqlserv -"119": nntp -"120": cfdptkt -"121": erpc -"122": smakynet -"123": ntp -"124": ansatrader -"125": locus-map -"126": nxedit -"127": locus-con -"128": gss-xlicen -"129": pwdgen -"130": cisco-fna -"131": cisco-tna -"132": cisco-sys -"133": statsrv -"134": ingres-net -"135": epmap -"136": profile -"137": netbios-ns -"138": netbios-dgm -"139": netbios-ssn -"140": emfis-data -"141": emfis-cntl -"142": bl-idm -"143": imap -"144": uma -"145": uaac -"146": iso-tp0 -"147": iso-ip -"148": jargon -"149": aed-512 -"150": sql-net -"151": hems -"152": bftp -"153": sgmp -"154": netsc-prod -"155": netsc-dev -"156": sqlsrv -"157": knet-cmp -"158": pcmail-srv -"159": nss-routing -"160": sgmp-traps -"161": snmp -"162": snmptrap -"163": cmip-man -"164": cmip-agent -"165": xns-courier -"166": s-net -"167": namp -"168": rsvd -"169": send -"170": print-srv -"171": multiplex -"172": cl-1 -"173": xyplex-mux -"174": mailq -"175": vmnet -"176": genrad-mux -"177": xdmcp -"178": nextstep -"179": bgp -"180": ris -"181": unify -"182": audit -"183": ocbinder -"184": ocserver -"185": remote-kis -"186": kis -"187": aci -"188": mumps -"189": qft -"190": gacp -"191": prospero -"192": osu-nms -"193": srmp -"194": irc -"195": dn6-nlm-aud -"196": dn6-smm-red -"197": dls -"198": dls-mon -"199": smux -"200": src -"201": at-rtmp -"202": at-nbp -"203": at-3 -"204": at-echo -"205": at-5 -"206": at-zis -"207": at-7 -"208": at-8 -"209": qmtp -"210": z39-50 -"211": 914c-g -"212": anet -"213": ipx -"214": vmpwscs -"215": softpc -"216": CAIlic -"217": dbase -"218": mpp -"219": uarps -"220": imap3 -"221": fln-spx -"222": rsh-spx -"223": cdc -"224": masqdialer -"242": direct -"243": sur-meas -"244": inbusiness -"245": link -"246": dsp3270 -"247": subntbcst-tftp -"248": bhfhs -"256": rap -"257": set -"259": esro-gen -"260": openport -"261": nsiiops -"262": arcisdms -"263": hdap -"264": bgmp -"265": x-bone-ctl -"266": sst -"267": td-service -"268": td-replica -"269": manet -"270": gist -"280": http-mgmt -"281": personal-link -"282": cableport-ax -"283": rescap -"284": corerjd -"286": fxp -"287": k-block -"308": novastorbakcup -"309": entrusttime -"310": bhmds -"311": asip-webadmin -"312": vslmp -"313": magenta-logic -"314": opalis-robot -"315": dpsi -"316": decauth -"317": zannet -"318": pkix-timestamp -"319": ptp-event -"320": ptp-general -"321": pip -"322": rtsps -"333": texar -"344": pdap -"345": pawserv -"346": zserv -"347": fatserv -"348": csi-sgwp -"349": mftp -"350": matip-type-a -"351": matip-type-b -"352": dtag-ste-sb -"353": ndsauth -"354": bh611 -"355": datex-asn -"356": cloanto-net-1 -"357": bhevent -"358": shrinkwrap -"359": nsrmp -"360": scoi2odialog -"361": semantix -"362": srssend -"363": rsvp-tunnel -"364": aurora-cmgr -"365": dtk -"366": odmr -"367": mortgageware -"368": qbikgdp -"369": rpc2portmap -"370": codaauth2 -"371": clearcase -"372": ulistproc -"373": legent-1 -"374": legent-2 -"375": hassle -"376": nip -"377": tnETOS -"378": dsETOS -"379": is99c -"380": is99s -"381": hp-collector -"382": hp-managed-node -"383": hp-alarm-mgr -"384": arns -"385": ibm-app -"386": asa -"387": aurp -"388": unidata-ldm -"389": ldap -"390": uis -"391": synotics-relay -"392": synotics-broker -"393": meta5 -"394": embl-ndt -"395": netcp -"396": netware-ip -"397": mptn -"398": kryptolan -"399": iso-tsap-c2 -"400": osb-sd -"401": ups -"402": genie -"403": decap -"404": nced -"405": ncld -"406": imsp -"407": timbuktu -"408": prm-sm -"409": prm-nm -"410": decladebug -"411": rmt -"412": synoptics-trap -"413": smsp -"414": infoseek -"415": bnet -"416": silverplatter -"417": onmux -"418": hyper-g -"419": ariel1 -"420": smpte -"421": ariel2 -"422": ariel3 -"423": opc-job-start -"424": opc-job-track -"425": icad-el -"426": smartsdp -"427": svrloc -"428": ocs-cmu -"429": ocs-amu -"430": utmpsd -"431": utmpcd -"432": iasd -"433": nnsp -"434": mobileip-agent -"435": mobilip-mn -"436": dna-cml -"437": comscm -"438": dsfgw -"439": dasp -"440": sgcp -"441": decvms-sysmgt -"442": cvc-hostd -"443": https -"444": snpp -"445": microsoft-ds -"446": ddm-rdb -"447": ddm-dfm -"448": ddm-ssl -"449": as-servermap -"450": tserver -"451": sfs-smp-net -"452": sfs-config -"453": creativeserver -"454": contentserver -"455": creativepartnr -"456": macon-udp -"457": scohelp -"458": appleqtc -"459": ampr-rcmd -"460": skronk -"461": datasurfsrv -"462": datasurfsrvsec -"463": alpes -"464": kpasswd -"465": igmpv3lite -"466": digital-vrc -"467": mylex-mapd -"468": photuris -"469": rcp -"470": scx-proxy -"471": mondex -"472": ljk-login -"473": hybrid-pop -"474": tn-tl-w2 -"475": tcpnethaspsrv -"476": tn-tl-fd1 -"477": ss7ns -"478": spsc -"479": iafserver -"480": iafdbase -"481": ph -"482": bgs-nsi -"483": ulpnet -"484": integra-sme -"485": powerburst -"486": avian -"487": saft -"488": gss-http -"489": nest-protocol -"490": micom-pfs -"491": go-login -"492": ticf-1 -"493": ticf-2 -"494": pov-ray -"495": intecourier -"496": pim-rp-disc -"497": retrospect -"498": siam -"499": iso-ill -"500": isakmp -"501": stmf -"502": mbap -"503": intrinsa -"504": citadel -"505": mailbox-lm -"506": ohimsrv -"507": crs -"508": xvttp -"509": snare -"510": fcp -"511": passgo -"512": comsat -"513": who -"514": syslog -"515": printer -"516": videotex -"517": talk -"518": ntalk -"519": utime -"520": router -"521": ripng -"522": ulp -"523": ibm-db2 -"524": ncp -"525": timed -"526": tempo -"527": stx -"528": custix -"529": irc-serv -"530": courier -"531": conference -"532": netnews -"533": netwall -"534": windream -"535": iiop -"536": opalis-rdv -"537": nmsp -"538": gdomap -"539": apertus-ldp -"540": uucp -"541": uucp-rlogin -"542": commerce -"543": klogin -"544": kshell -"545": appleqtcsrvr -"546": dhcpv6-client -"547": dhcpv6-server -"548": afpovertcp -"549": idfp -"550": new-rwho -"551": cybercash -"552": devshr-nts -"553": pirp -"554": rtsp -"555": dsf -"556": remotefs -"557": openvms-sysipc -"558": sdnskmp -"559": teedtap -"560": rmonitor -"561": monitor -"562": chshell -"563": nntps -"564": 9pfs -"565": whoami -"566": streettalk -"567": banyan-rpc -"568": ms-shuttle -"569": ms-rome -"570": meter -"571": meter -"572": sonar -"573": banyan-vip -"574": ftp-agent -"575": vemmi -"576": ipcd -"577": vnas -"578": ipdd -"579": decbsrv -"580": sntp-heartbeat -"581": bdp -"582": scc-security -"583": philips-vc -"584": keyserver -"586": password-chg -"587": submission -"588": cal -"589": eyelink -"590": tns-cml -"591": http-alt -"592": eudora-set -"593": http-rpc-epmap -"594": tpip -"595": cab-protocol -"596": smsd -"597": ptcnameservice -"598": sco-websrvrmg3 -"599": acp -"600": ipcserver -"601": syslog-conn -"602": xmlrpc-beep -"603": idxp -"604": tunnel -"605": soap-beep -"606": urm -"607": nqs -"608": sift-uft -"609": npmp-trap -"610": npmp-local -"611": npmp-gui -"612": hmmp-ind -"613": hmmp-op -"614": sshell -"615": sco-inetmgr -"616": sco-sysmgr -"617": sco-dtmgr -"618": dei-icda -"619": compaq-evm -"620": sco-websrvrmgr -"621": escp-ip -"622": collaborator -"623": asf-rmcp -"624": cryptoadmin -"625": dec-dlm -"626": asia -"627": passgo-tivoli -"628": qmqp -"629": 3com-amp3 -"630": rda -"631": ipp -"632": bmpp -"633": servstat -"634": ginad -"635": rlzdbase -"636": ldaps -"637": lanserver -"638": mcns-sec -"639": msdp -"640": entrust-sps -"641": repcmd -"642": esro-emsdp -"643": sanity -"644": dwr -"645": pssc -"646": ldp -"647": dhcp-failover -"648": rrp -"649": cadview-3d -"650": obex -"651": ieee-mms -"652": hello-port -"653": repscmd -"654": aodv -"655": tinc -"656": spmp -"657": rmc -"658": tenfold -"660": mac-srvr-admin -"661": hap -"662": pftp -"663": purenoise -"664": asf-secure-rmcp -"665": sun-dr -"666": doom -"667": disclose -"668": mecomm -"669": meregister -"670": vacdsm-sws -"671": vacdsm-app -"672": vpps-qua -"673": cimplex -"674": acap -"675": dctp -"676": vpps-via -"677": vpp -"678": ggf-ncp -"679": mrm -"680": entrust-aaas -"681": entrust-aams -"682": xfr -"683": corba-iiop -"684": corba-iiop-ssl -"685": mdc-portmapper -"686": hcp-wismar -"687": asipregistry -"688": realm-rusd -"689": nmap -"690": vatp -"691": msexch-routing -"692": hyperwave-isp -"693": connendp -"694": ha-cluster -"695": ieee-mms-ssl -"696": rushd -"697": uuidgen -"698": olsr -"699": accessnetwork -"700": epp -"701": lmp -"702": iris-beep -"704": elcsd -"705": agentx -"706": silc -"707": borland-dsj -"709": entrust-kmsh -"710": entrust-ash -"711": cisco-tdp -"712": tbrpf -"713": iris-xpc -"714": iris-xpcs -"715": iris-lwz -"716": pana -"729": netviewdm1 -"730": netviewdm2 -"731": netviewdm3 -"741": netgw -"742": netrcs -"744": flexlm -"747": fujitsu-dev -"748": ris-cm -"749": kerberos-adm -"750": kerberos-iv -"751": pump -"752": qrh -"753": rrh -"754": tell -"758": nlogin -"759": con -"760": ns -"761": rxe -"762": quotad -"763": cycleserv -"764": omserv -"765": webster -"767": phonebook -"769": vid -"770": cadlock -"771": rtip -"772": cycleserv2 -"773": notify -"774": acmaint-dbd -"775": acmaint-transd -"776": wpages -"777": multiling-http -"780": wpgs -"800": mdbs-daemon -"801": device -"802": mbap-s -"810": fcp-udp -"828": itm-mcell-s -"829": pkix-3-ca-ra -"830": netconf-ssh -"831": netconf-beep -"832": netconfsoaphttp -"833": netconfsoapbeep -"847": dhcp-failover2 -"848": gdoi -"853": domain-s -"860": iscsi -"861": owamp-control -"862": twamp-control -"873": rsync -"886": iclcnet-locate -"887": iclcnet-svinfo -"888": accessbuilder -"900": omginitialrefs -"901": smpnameres -"902": ideafarm-door -"903": ideafarm-panic -"910": kink -"911": xact-backup -"912": apex-mesh -"913": apex-edge -"989": ftps-data -"990": ftps -"991": nas -"992": telnets -"993": imaps -"995": pop3s -"996": vsinet -"997": maitrd -"998": puparp -"999": puprouter -"1000": cadlock2 -"1010": surf -"1021": exp1 -"1022": exp2 -"1025": blackjack -"1026": cap -"1027": 6a44 -"1029": solid-mux -"1033": netinfo-local -"1034": activesync -"1035": mxxrlogin -"1036": nsstp -"1037": ams -"1038": mtqp -"1039": sbl -"1040": netarx -"1041": danf-ak2 -"1042": afrog -"1043": boinc-client -"1044": dcutility -"1045": fpitp -"1046": wfremotertm -"1047": neod1 -"1048": neod2 -"1049": td-postman -"1050": cma -"1051": optima-vnet -"1052": ddt -"1053": remote-as -"1054": brvread -"1055": ansyslmd -"1056": vfo -"1057": startron -"1058": nim -"1059": nimreg -"1060": polestar -"1061": kiosk -"1062": veracity -"1063": kyoceranetdev -"1064": jstel -"1065": syscomlan -"1066": fpo-fns -"1067": instl-boots -"1068": instl-bootc -"1069": cognex-insight -"1070": gmrupdateserv -"1071": bsquare-voip -"1072": cardax -"1073": bridgecontrol -"1074": warmspotMgmt -"1075": rdrmshc -"1076": dab-sti-c -"1077": imgames -"1078": avocent-proxy -"1079": asprovatalk -"1080": socks -"1081": pvuniwien -"1082": amt-esd-prot -"1083": ansoft-lm-1 -"1084": ansoft-lm-2 -"1085": webobjects -"1086": cplscrambler-lg -"1087": cplscrambler-in -"1088": cplscrambler-al -"1089": ff-annunc -"1090": ff-fms -"1091": ff-sm -"1092": obrpd -"1093": proofd -"1094": rootd -"1095": nicelink -"1096": cnrprotocol -"1097": sunclustermgr -"1098": rmiactivation -"1099": rmiregistry -"1100": mctp -"1101": pt2-discover -"1102": adobeserver-1 -"1103": adobeserver-2 -"1104": xrl -"1105": ftranhc -"1106": isoipsigport-1 -"1107": isoipsigport-2 -"1108": ratio-adp -"1110": nfsd-keepalive -"1111": lmsocialserver -"1112": icp -"1113": ltp-deepspace -"1114": mini-sql -"1115": ardus-trns -"1116": ardus-cntl -"1117": ardus-mtrns -"1118": sacred -"1119": bnetgame -"1120": bnetfile -"1121": rmpp -"1122": availant-mgr -"1123": murray -"1124": hpvmmcontrol -"1125": hpvmmagent -"1126": hpvmmdata -"1127": kwdb-commn -"1128": saphostctrl -"1129": saphostctrls -"1130": casp -"1131": caspssl -"1132": kvm-via-ip -"1133": dfn -"1134": aplx -"1135": omnivision -"1136": hhb-gateway -"1137": trim -"1138": encrypted-admin -"1139": evm -"1140": autonoc -"1141": mxomss -"1142": edtools -"1143": imyx -"1144": fuscript -"1145": x9-icue -"1146": audit-transfer -"1147": capioverlan -"1148": elfiq-repl -"1149": bvtsonar -"1150": blaze -"1151": unizensus -"1152": winpoplanmess -"1153": c1222-acse -"1154": resacommunity -"1155": nfa -"1156": iascontrol-oms -"1157": iascontrol -"1158": dbcontrol-oms -"1159": oracle-oms -"1160": olsv -"1161": health-polling -"1162": health-trap -"1163": sddp -"1164": qsm-proxy -"1165": qsm-gui -"1166": qsm-remote -"1167": cisco-ipsla -"1168": vchat -"1169": tripwire -"1170": atc-lm -"1171": atc-appserver -"1172": dnap -"1173": d-cinema-rrp -"1174": fnet-remote-ui -"1175": dossier -"1176": indigo-server -"1177": dkmessenger -"1178": sgi-storman -"1179": b2n -"1180": mc-client -"1181": 3comnetman -"1182": accelenet-data -"1183": llsurfup-http -"1184": llsurfup-https -"1185": catchpole -"1186": mysql-cluster -"1187": alias -"1188": hp-webadmin -"1189": unet -"1190": commlinx-avl -"1191": gpfs -"1192": caids-sensor -"1193": fiveacross -"1194": openvpn -"1195": rsf-1 -"1196": netmagic -"1197": carrius-rshell -"1198": cajo-discovery -"1199": dmidi -"1200": scol -"1201": nucleus-sand -"1202": caiccipc -"1203": ssslic-mgr -"1204": ssslog-mgr -"1205": accord-mgc -"1206": anthony-data -"1207": metasage -"1208": seagull-ais -"1209": ipcd3 -"1210": eoss -"1211": groove-dpp -"1212": lupa -"1213": mpc-lifenet -"1214": kazaa -"1215": scanstat-1 -"1216": etebac5 -"1217": hpss-ndapi -"1218": aeroflight-ads -"1219": aeroflight-ret -"1220": qt-serveradmin -"1221": sweetware-apps -"1222": nerv -"1223": tgp -"1224": vpnz -"1225": slinkysearch -"1226": stgxfws -"1227": dns2go -"1228": florence -"1229": zented -"1230": periscope -"1231": menandmice-lpm -"1232": first-defense -"1233": univ-appserver -"1234": search-agent -"1235": mosaicsyssvc1 -"1236": bvcontrol -"1237": tsdos390 -"1238": hacl-qs -"1239": nmsd -"1240": instantia -"1241": nessus -"1242": nmasoverip -"1243": serialgateway -"1244": isbconference1 -"1245": isbconference2 -"1246": payrouter -"1247": visionpyramid -"1248": hermes -"1249": mesavistaco -"1250": swldy-sias -"1251": servergraph -"1252": bspne-pcc -"1253": q55-pcc -"1254": de-noc -"1255": de-cache-query -"1256": de-server -"1257": shockwave2 -"1258": opennl -"1259": opennl-voice -"1260": ibm-ssd -"1261": mpshrsv -"1262": qnts-orb -"1263": dka -"1264": prat -"1265": dssiapi -"1266": dellpwrappks -"1267": epc -"1268": propel-msgsys -"1269": watilapp -"1270": opsmgr -"1271": excw -"1272": cspmlockmgr -"1273": emc-gateway -"1274": t1distproc -"1275": ivcollector -"1277": miva-mqs -"1278": dellwebadmin-1 -"1279": dellwebadmin-2 -"1280": pictrography -"1281": healthd -"1282": emperion -"1283": productinfo -"1284": iee-qfx -"1285": neoiface -"1286": netuitive -"1287": routematch -"1288": navbuddy -"1289": jwalkserver -"1290": winjaserver -"1291": seagulllms -"1292": dsdn -"1293": pkt-krb-ipsec -"1294": cmmdriver -"1295": ehtp -"1296": dproxy -"1297": sdproxy -"1298": lpcp -"1299": hp-sci -"1300": h323hostcallsc -"1301": ci3-software-1 -"1302": ci3-software-2 -"1303": sftsrv -"1304": boomerang -"1305": pe-mike -"1306": re-conn-proto -"1307": pacmand -"1308": odsi -"1309": jtag-server -"1310": husky -"1311": rxmon -"1312": sti-envision -"1313": bmc-patroldb -"1314": pdps -"1315": els -"1316": exbit-escp -"1317": vrts-ipcserver -"1318": krb5gatekeeper -"1319": amx-icsp -"1320": amx-axbnet -"1321": pip -"1322": novation -"1323": brcd -"1324": delta-mcp -"1325": dx-instrument -"1326": wimsic -"1327": ultrex -"1328": ewall -"1329": netdb-export -"1330": streetperfect -"1331": intersan -"1332": pcia-rxp-b -"1333": passwrd-policy -"1334": writesrv -"1335": digital-notary -"1336": ischat -"1337": menandmice-dns -"1338": wmc-log-svc -"1339": kjtsiteserver -"1340": naap -"1341": qubes -"1342": esbroker -"1343": re101 -"1344": icap -"1345": vpjp -"1346": alta-ana-lm -"1347": bbn-mmc -"1348": bbn-mmx -"1349": sbook -"1350": editbench -"1351": equationbuilder -"1352": lotusnote -"1353": relief -"1354": XSIP-network -"1355": intuitive-edge -"1356": cuillamartin -"1357": pegboard -"1358": connlcli -"1359": ftsrv -"1360": mimer -"1361": linx -"1362": timeflies -"1363": ndm-requester -"1364": ndm-server -"1365": adapt-sna -"1366": netware-csp -"1367": dcs -"1368": screencast -"1369": gv-us -"1370": us-gv -"1371": fc-cli -"1372": fc-ser -"1373": chromagrafx -"1374": molly -"1375": bytex -"1376": ibm-pps -"1377": cichlid -"1378": elan -"1379": dbreporter -"1380": telesis-licman -"1381": apple-licman -"1382": udt-os -"1383": gwha -"1384": os-licman -"1385": atex-elmd -"1386": checksum -"1387": cadsi-lm -"1388": objective-dbc -"1389": iclpv-dm -"1390": iclpv-sc -"1391": iclpv-sas -"1392": iclpv-pm -"1393": iclpv-nls -"1394": iclpv-nlc -"1395": iclpv-wsm -"1396": dvl-activemail -"1397": audio-activmail -"1398": video-activmail -"1399": cadkey-licman -"1400": cadkey-tablet -"1401": goldleaf-licman -"1402": prm-sm-np -"1403": prm-nm-np -"1404": igi-lm -"1405": ibm-res -"1406": netlabs-lm -"1408": sophia-lm -"1409": here-lm -"1410": hiq -"1411": af -"1412": innosys -"1413": innosys-acl -"1414": ibm-mqseries -"1415": dbstar -"1416": novell-lu6-2 -"1417": timbuktu-srv1 -"1418": timbuktu-srv2 -"1419": timbuktu-srv3 -"1420": timbuktu-srv4 -"1421": gandalf-lm -"1422": autodesk-lm -"1423": essbase -"1424": hybrid -"1425": zion-lm -"1426": sais -"1427": mloadd -"1428": informatik-lm -"1429": nms -"1430": tpdu -"1431": rgtp -"1432": blueberry-lm -"1433": ms-sql-s -"1434": ms-sql-m -"1435": ibm-cics -"1436": saism -"1437": tabula -"1438": eicon-server -"1439": eicon-x25 -"1440": eicon-slp -"1441": cadis-1 -"1442": cadis-2 -"1443": ies-lm -"1444": marcam-lm -"1445": proxima-lm -"1446": ora-lm -"1447": apri-lm -"1448": oc-lm -"1449": peport -"1450": dwf -"1451": infoman -"1452": gtegsc-lm -"1453": genie-lm -"1454": interhdl-elmd -"1455": esl-lm -"1456": dca -"1457": valisys-lm -"1458": nrcabq-lm -"1459": proshare1 -"1460": proshare2 -"1461": ibm-wrless-lan -"1462": world-lm -"1463": nucleus -"1464": msl-lmd -"1465": pipes -"1466": oceansoft-lm -"1467": csdmbase -"1468": csdm -"1469": aal-lm -"1470": uaiact -"1471": csdmbase -"1472": csdm -"1473": openmath -"1474": telefinder -"1475": taligent-lm -"1476": clvm-cfg -"1477": ms-sna-server -"1478": ms-sna-base -"1479": dberegister -"1480": pacerforum -"1481": airs -"1482": miteksys-lm -"1483": afs -"1484": confluent -"1485": lansource -"1486": nms-topo-serv -"1487": localinfosrvr -"1488": docstor -"1489": dmdocbroker -"1490": insitu-conf -"1492": stone-design-1 -"1493": netmap-lm -"1494": ica -"1495": cvc -"1496": liberty-lm -"1497": rfx-lm -"1498": sybase-sqlany -"1499": fhc -"1500": vlsi-lm -"1501": saiscm -"1502": shivadiscovery -"1503": imtc-mcs -"1504": evb-elm -"1505": funkproxy -"1506": utcd -"1507": symplex -"1508": diagmond -"1509": robcad-lm -"1510": mvx-lm -"1511": 3l-l1 -"1512": wins -"1513": fujitsu-dtc -"1514": fujitsu-dtcns -"1515": ifor-protocol -"1516": vpad -"1517": vpac -"1518": vpvd -"1519": vpvc -"1520": atm-zip-office -"1521": ncube-lm -"1522": ricardo-lm -"1523": cichild-lm -"1524": ingreslock -"1525": orasrv -"1526": pdap-np -"1527": tlisrv -"1528": ngr-t -"1529": coauthor -"1530": rap-service -"1531": rap-listen -"1532": miroconnect -"1533": virtual-places -"1534": micromuse-lm -"1535": ampr-info -"1536": ampr-inter -"1537": sdsc-lm -"1538": 3ds-lm -"1539": intellistor-lm -"1540": rds -"1541": rds2 -"1542": gridgen-elmd -"1543": simba-cs -"1544": aspeclmd -"1545": vistium-share -"1546": abbaccuray -"1547": laplink -"1548": axon-lm -"1549": shivasound -"1550": 3m-image-lm -"1551": hecmtl-db -"1552": pciarray -"1553": sna-cs -"1554": caci-lm -"1555": livelan -"1556": veritas-pbx -"1557": arbortext-lm -"1558": xingmpeg -"1559": web2host -"1560": asci-val -"1561": facilityview -"1562": pconnectmgr -"1563": cadabra-lm -"1564": pay-per-view -"1565": winddlb -"1566": corelvideo -"1567": jlicelmd -"1568": tsspmap -"1569": ets -"1570": orbixd -"1571": rdb-dbs-disp -"1572": chip-lm -"1573": itscomm-ns -"1574": mvel-lm -"1575": oraclenames -"1576": moldflow-lm -"1577": hypercube-lm -"1578": jacobus-lm -"1579": ioc-sea-lm -"1580": tn-tl-r2 -"1581": mil-2045-47001 -"1582": msims -"1583": simbaexpress -"1584": tn-tl-fd2 -"1585": intv -"1586": ibm-abtact -"1587": pra-elmd -"1588": triquest-lm -"1589": vqp -"1590": gemini-lm -"1591": ncpm-pm -"1592": commonspace -"1593": mainsoft-lm -"1594": sixtrak -"1595": radio -"1596": radio-bc -"1597": orbplus-iiop -"1598": picknfs -"1599": simbaservices -"1600": issd -"1601": aas -"1602": inspect -"1603": picodbc -"1604": icabrowser -"1605": slp -"1606": slm-api -"1607": stt -"1608": smart-lm -"1609": isysg-lm -"1610": taurus-wh -"1611": ill -"1612": netbill-trans -"1613": netbill-keyrep -"1614": netbill-cred -"1615": netbill-auth -"1616": netbill-prod -"1617": nimrod-agent -"1618": skytelnet -"1619": xs-openstorage -"1620": faxportwinport -"1621": softdataphone -"1622": ontime -"1623": jaleosnd -"1624": udp-sr-port -"1625": svs-omagent -"1626": shockwave -"1627": t128-gateway -"1628": lontalk-norm -"1629": lontalk-urgnt -"1630": oraclenet8cman -"1631": visitview -"1632": pammratc -"1633": pammrpc -"1634": loaprobe -"1635": edb-server1 -"1636": isdc -"1637": islc -"1638": ismc -"1639": cert-initiator -"1640": cert-responder -"1641": invision -"1642": isis-am -"1643": isis-ambc -"1644": saiseh -"1645": sightline -"1646": sa-msg-port -"1647": rsap -"1648": concurrent-lm -"1649": kermit -"1650": nkd -"1651": shiva-confsrvr -"1652": xnmp -"1653": alphatech-lm -"1654": stargatealerts -"1655": dec-mbadmin -"1656": dec-mbadmin-h -"1657": fujitsu-mmpdc -"1658": sixnetudr -"1659": sg-lm -"1660": skip-mc-gikreq -"1661": netview-aix-1 -"1662": netview-aix-2 -"1663": netview-aix-3 -"1664": netview-aix-4 -"1665": netview-aix-5 -"1666": netview-aix-6 -"1667": netview-aix-7 -"1668": netview-aix-8 -"1669": netview-aix-9 -"1670": netview-aix-10 -"1671": netview-aix-11 -"1672": netview-aix-12 -"1673": proshare-mc-1 -"1674": proshare-mc-2 -"1675": pdp -"1676": netcomm2 -"1677": groupwise -"1678": prolink -"1679": darcorp-lm -"1680": microcom-sbp -"1681": sd-elmd -"1682": lanyon-lantern -"1683": ncpm-hip -"1684": snaresecure -"1685": n2nremote -"1686": cvmon -"1687": nsjtp-ctrl -"1688": nsjtp-data -"1689": firefox -"1690": ng-umds -"1691": empire-empuma -"1692": sstsys-lm -"1693": rrirtr -"1694": rrimwm -"1695": rrilwm -"1696": rrifmm -"1697": rrisat -"1698": rsvp-encap-1 -"1699": rsvp-encap-2 -"1700": mps-raft -"1701": l2tp -"1702": deskshare -"1703": hb-engine -"1704": bcs-broker -"1705": slingshot -"1706": jetform -"1707": vdmplay -"1708": gat-lmd -"1709": centra -"1710": impera -"1711": pptconference -"1712": registrar -"1713": conferencetalk -"1714": sesi-lm -"1715": houdini-lm -"1716": xmsg -"1717": fj-hdnet -"1718": h323gatedisc -"1719": h323gatestat -"1720": h323hostcall -"1721": caicci -"1722": hks-lm -"1723": pptp -"1724": csbphonemaster -"1725": iden-ralp -"1726": iberiagames -"1727": winddx -"1728": telindus -"1729": citynl -"1730": roketz -"1731": msiccp -"1732": proxim -"1733": siipat -"1734": cambertx-lm -"1735": privatechat -"1736": street-stream -"1737": ultimad -"1738": gamegen1 -"1739": webaccess -"1740": encore -"1741": cisco-net-mgmt -"1742": 3Com-nsd -"1743": cinegrfx-lm -"1744": ncpm-ft -"1745": remote-winsock -"1746": ftrapid-1 -"1747": ftrapid-2 -"1748": oracle-em1 -"1749": aspen-services -"1750": sslp -"1751": swiftnet -"1752": lofr-lm -"1754": oracle-em2 -"1755": ms-streaming -"1756": capfast-lmd -"1757": cnhrp -"1758": tftp-mcast -"1759": spss-lm -"1760": www-ldap-gw -"1761": cft-0 -"1762": cft-1 -"1763": cft-2 -"1764": cft-3 -"1765": cft-4 -"1766": cft-5 -"1767": cft-6 -"1768": cft-7 -"1769": bmc-net-adm -"1770": bmc-net-svc -"1771": vaultbase -"1772": essweb-gw -"1773": kmscontrol -"1774": global-dtserv -"1776": femis -"1777": powerguardian -"1778": prodigy-intrnet -"1779": pharmasoft -"1780": dpkeyserv -"1781": answersoft-lm -"1782": hp-hcip -"1784": finle-lm -"1785": windlm -"1786": funk-logger -"1787": funk-license -"1788": psmond -"1789": hello -"1790": nmsp -"1791": ea1 -"1792": ibm-dt-2 -"1793": rsc-robot -"1794": cera-bcm -"1795": dpi-proxy -"1796": vocaltec-admin -"1797": uma -"1798": etp -"1799": netrisk -"1800": ansys-lm -"1801": msmq -"1802": concomp1 -"1803": hp-hcip-gwy -"1804": enl -"1805": enl-name -"1806": musiconline -"1807": fhsp -"1808": oracle-vp2 -"1809": oracle-vp1 -"1810": jerand-lm -"1811": scientia-sdb -"1812": radius -"1813": radius-acct -"1814": tdp-suite -"1815": mmpft -"1816": harp -"1817": rkb-oscs -"1818": etftp -"1819": plato-lm -"1820": mcagent -"1821": donnyworld -"1822": es-elmd -"1823": unisys-lm -"1824": metrics-pas -"1825": direcpc-video -"1826": ardt -"1827": asi -"1828": itm-mcell-u -"1829": optika-emedia -"1830": net8-cman -"1831": myrtle -"1832": tht-treasure -"1833": udpradio -"1834": ardusuni -"1835": ardusmul -"1836": ste-smsc -"1837": csoft1 -"1838": talnet -"1839": netopia-vo1 -"1840": netopia-vo2 -"1841": netopia-vo3 -"1842": netopia-vo4 -"1843": netopia-vo5 -"1844": direcpc-dll -"1845": altalink -"1846": tunstall-pnc -"1847": slp-notify -"1848": fjdocdist -"1849": alpha-sms -"1850": gsi -"1851": ctcd -"1852": virtual-time -"1853": vids-avtp -"1854": buddy-draw -"1855": fiorano-rtrsvc -"1856": fiorano-msgsvc -"1857": datacaptor -"1858": privateark -"1859": gammafetchsvr -"1860": sunscalar-svc -"1861": lecroy-vicp -"1862": mysql-cm-agent -"1863": msnp -"1864": paradym-31port -"1865": entp -"1866": swrmi -"1867": udrive -"1868": viziblebrowser -"1869": transact -"1870": sunscalar-dns -"1871": canocentral0 -"1872": canocentral1 -"1873": fjmpjps -"1874": fjswapsnp -"1875": westell-stats -"1876": ewcappsrv -"1877": hp-webqosdb -"1878": drmsmc -"1879": nettgain-nms -"1880": vsat-control -"1881": ibm-mqseries2 -"1882": ecsqdmn -"1883": mqtt -"1884": idmaps -"1885": vrtstrapserver -"1886": leoip -"1887": filex-lport -"1888": ncconfig -"1889": unify-adapter -"1890": wilkenlistener -"1891": childkey-notif -"1892": childkey-ctrl -"1893": elad -"1894": o2server-port -"1896": b-novative-ls -"1897": metaagent -"1898": cymtec-port -"1899": mc2studios -"1900": ssdp -"1901": fjicl-tep-a -"1902": fjicl-tep-b -"1903": linkname -"1904": fjicl-tep-c -"1905": sugp -"1906": tpmd -"1907": intrastar -"1908": dawn -"1909": global-wlink -"1910": ultrabac -"1911": mtp -"1912": rhp-iibp -"1913": armadp -"1914": elm-momentum -"1915": facelink -"1916": persona -"1917": noagent -"1918": can-nds -"1919": can-dch -"1920": can-ferret -"1921": noadmin -"1922": tapestry -"1923": spice -"1924": xiip -"1925": discovery-port -"1926": egs -"1927": videte-cipc -"1928": emsd-port -"1929": bandwiz-system -"1930": driveappserver -"1931": amdsched -"1932": ctt-broker -"1933": xmapi -"1934": xaapi -"1935": macromedia-fcs -"1936": jetcmeserver -"1937": jwserver -"1938": jwclient -"1939": jvserver -"1940": jvclient -"1941": dic-aida -"1942": res -"1943": beeyond-media -"1944": close-combat -"1945": dialogic-elmd -"1946": tekpls -"1947": sentinelsrm -"1948": eye2eye -"1949": ismaeasdaqlive -"1950": ismaeasdaqtest -"1951": bcs-lmserver -"1952": mpnjsc -"1953": rapidbase -"1954": abr-api -"1955": abr-secure -"1956": vrtl-vmf-ds -"1957": unix-status -"1958": dxadmind -"1959": simp-all -"1960": nasmanager -"1961": bts-appserver -"1962": biap-mp -"1963": webmachine -"1964": solid-e-engine -"1965": tivoli-npm -"1966": slush -"1967": sns-quote -"1968": lipsinc -"1969": lipsinc1 -"1970": netop-rc -"1971": netop-school -"1972": intersys-cache -"1973": dlsrap -"1974": drp -"1975": tcoflashagent -"1976": tcoregagent -"1977": tcoaddressbook -"1978": unisql -"1979": unisql-java -"1980": pearldoc-xact -"1981": p2pq -"1982": estamp -"1983": lhtp -"1984": bb -"1985": hsrp -"1986": licensedaemon -"1987": tr-rsrb-p1 -"1988": tr-rsrb-p2 -"1989": tr-rsrb-p3 -"1990": stun-p1 -"1991": stun-p2 -"1992": ipsendmsg -"1992": stun-p3 -"1993": snmp-tcp-port -"1994": stun-port -"1995": perf-port -"1996": tr-rsrb-port -"1997": gdp-port -"1998": x25-svc-port -"1999": tcp-id-port -"2000": cisco-sccp -"2001": wizard -"2002": globe -"2003": brutus -"2004": emce -"2005": oracle -"2006": raid-cd -"2007": raid-am -"2008": terminaldb -"2009": whosockami -"2010": pipe-server -"2011": servserv -"2012": raid-ac -"2013": raid-cd -"2014": raid-sf -"2015": raid-cs -"2016": bootserver -"2017": bootclient -"2018": rellpack -"2019": about -"2020": xinupageserver -"2021": xinuexpansion1 -"2022": xinuexpansion2 -"2023": xinuexpansion3 -"2024": xinuexpansion4 -"2025": xribs -"2026": scrabble -"2027": shadowserver -"2028": submitserver -"2029": hsrpv6 -"2030": device2 -"2031": mobrien-chat -"2032": blackboard -"2033": glogger -"2034": scoremgr -"2035": imsldoc -"2036": e-dpnet -"2037": applus -"2038": objectmanager -"2039": prizma -"2040": lam -"2041": interbase -"2042": isis -"2043": isis-bcast -"2044": rimsl -"2045": cdfunc -"2046": sdfunc -"2047": dls -"2048": dls-monitor -"2049": nfs -"2050": av-emb-config -"2051": epnsdp -"2052": clearvisn -"2053": lot105-ds-upd -"2054": weblogin -"2055": iop -"2056": omnisky -"2057": rich-cp -"2058": newwavesearch -"2059": bmc-messaging -"2060": teleniumdaemon -"2061": netmount -"2062": icg-swp -"2063": icg-bridge -"2064": icg-iprelay -"2065": dlsrpn -"2066": aura -"2067": dlswpn -"2068": avauthsrvprtcl -"2069": event-port -"2070": ah-esp-encap -"2071": acp-port -"2072": msync -"2073": gxs-data-port -"2074": vrtl-vmf-sa -"2075": newlixengine -"2076": newlixconfig -"2077": tsrmagt -"2078": tpcsrvr -"2079": idware-router -"2080": autodesk-nlm -"2081": kme-trap-port -"2082": infowave -"2083": radsec -"2084": sunclustergeo -"2085": ada-cip -"2086": gnunet -"2087": eli -"2088": ip-blf -"2089": sep -"2090": lrp -"2091": prp -"2092": descent3 -"2093": nbx-cc -"2094": nbx-au -"2095": nbx-ser -"2096": nbx-dir -"2097": jetformpreview -"2098": dialog-port -"2099": h2250-annex-g -"2100": amiganetfs -"2101": rtcm-sc104 -"2102": zephyr-srv -"2103": zephyr-clt -"2104": zephyr-hm -"2105": minipay -"2106": mzap -"2107": bintec-admin -"2108": comcam -"2109": ergolight -"2110": umsp -"2111": dsatp -"2112": idonix-metanet -"2113": hsl-storm -"2114": newheights -"2115": kdm -"2116": ccowcmr -"2117": mentaclient -"2118": mentaserver -"2119": gsigatekeeper -"2120": qencp -"2121": scientia-ssdb -"2122": caupc-remote -"2123": gtp-control -"2124": elatelink -"2125": lockstep -"2126": pktcable-cops -"2127": index-pc-wb -"2128": net-steward -"2129": cs-live -"2130": xds -"2131": avantageb2b -"2132": solera-epmap -"2133": zymed-zpp -"2134": avenue -"2135": gris -"2136": appworxsrv -"2137": connect -"2138": unbind-cluster -"2139": ias-auth -"2140": ias-reg -"2141": ias-admind -"2142": tdmoip -"2143": lv-jc -"2144": lv-ffx -"2145": lv-pici -"2146": lv-not -"2147": lv-auth -"2148": veritas-ucl -"2149": acptsys -"2150": dynamic3d -"2151": docent -"2152": gtp-user -"2153": ctlptc -"2154": stdptc -"2155": brdptc -"2156": trp -"2157": xnds -"2158": touchnetplus -"2159": gdbremote -"2160": apc-2160 -"2161": apc-2161 -"2162": navisphere -"2163": navisphere-sec -"2164": ddns-v3 -"2165": x-bone-api -"2166": iwserver -"2167": raw-serial -"2168": easy-soft-mux -"2169": brain -"2170": eyetv -"2171": msfw-storage -"2172": msfw-s-storage -"2173": msfw-replica -"2174": msfw-array -"2175": airsync -"2176": rapi -"2177": qwave -"2178": bitspeer -"2179": vmrdp -"2180": mc-gt-srv -"2181": eforward -"2182": cgn-stat -"2183": cgn-config -"2184": nvd -"2185": onbase-dds -"2186": gtaua -"2187": ssmd -"2190": tivoconnect -"2191": tvbus -"2192": asdis -"2193": drwcs -"2197": mnp-exchange -"2198": onehome-remote -"2199": onehome-help -"2200": ici -"2201": ats -"2202": imtc-map -"2203": b2-runtime -"2204": b2-license -"2205": jps -"2206": hpocbus -"2207": hpssd -"2208": hpiod -"2209": rimf-ps -"2210": noaaport -"2211": emwin -"2212": leecoposserver -"2213": kali -"2214": rpi -"2215": ipcore -"2216": vtu-comms -"2217": gotodevice -"2218": bounzza -"2219": netiq-ncap -"2220": netiq -"2221": ethernet-ip-s -"2222": EtherNet-IP-1 -"2223": rockwell-csp2 -"2224": efi-mg -"2226": di-drm -"2227": di-msg -"2228": ehome-ms -"2229": datalens -"2230": queueadm -"2231": wimaxasncp -"2232": ivs-video -"2233": infocrypt -"2234": directplay -"2235": sercomm-wlink -"2236": nani -"2237": optech-port1-lm -"2238": aviva-sna -"2239": imagequery -"2240": recipe -"2241": ivsd -"2242": foliocorp -"2243": magicom -"2244": nmsserver -"2245": hao -"2246": pc-mta-addrmap -"2247": antidotemgrsvr -"2248": ums -"2249": rfmp -"2250": remote-collab -"2251": dif-port -"2252": njenet-ssl -"2253": dtv-chan-req -"2254": seispoc -"2255": vrtp -"2256": pcc-mfp -"2257": simple-tx-rx -"2258": rcts -"2260": apc-2260 -"2261": comotionmaster -"2262": comotionback -"2263": ecwcfg -"2264": apx500api-1 -"2265": apx500api-2 -"2266": mfserver -"2267": ontobroker -"2268": amt -"2269": mikey -"2270": starschool -"2271": mmcals -"2272": mmcal -"2273": mysql-im -"2274": pcttunnell -"2275": ibridge-data -"2276": ibridge-mgmt -"2277": bluectrlproxy -"2278": s3db -"2279": xmquery -"2280": lnvpoller -"2281": lnvconsole -"2282": lnvalarm -"2283": lnvstatus -"2284": lnvmaps -"2285": lnvmailmon -"2286": nas-metering -"2287": dna -"2288": netml -"2289": dict-lookup -"2290": sonus-logging -"2291": eapsp -"2292": mib-streaming -"2293": npdbgmngr -"2294": konshus-lm -"2295": advant-lm -"2296": theta-lm -"2297": d2k-datamover1 -"2298": d2k-datamover2 -"2299": pc-telecommute -"2300": cvmmon -"2301": cpq-wbem -"2302": binderysupport -"2303": proxy-gateway -"2304": attachmate-uts -"2305": mt-scaleserver -"2306": tappi-boxnet -"2307": pehelp -"2308": sdhelp -"2309": sdserver -"2310": sdclient -"2311": messageservice -"2312": wanscaler -"2313": iapp -"2314": cr-websystems -"2315": precise-sft -"2316": sent-lm -"2317": attachmate-g32 -"2318": cadencecontrol -"2319": infolibria -"2320": siebel-ns -"2321": rdlap -"2322": ofsd -"2323": 3d-nfsd -"2324": cosmocall -"2325": ansysli -"2326": idcp -"2327": xingcsm -"2328": netrix-sftm -"2329": nvd -"2330": tscchat -"2331": agentview -"2332": rcc-host -"2333": snapp -"2334": ace-client -"2335": ace-proxy -"2336": appleugcontrol -"2337": ideesrv -"2338": norton-lambert -"2339": 3com-webview -"2340": wrs-registry -"2341": xiostatus -"2342": manage-exec -"2343": nati-logos -"2344": fcmsys -"2345": dbm -"2346": redstorm-join -"2347": redstorm-find -"2348": redstorm-info -"2349": redstorm-diag -"2350": psbserver -"2351": psrserver -"2352": pslserver -"2353": pspserver -"2354": psprserver -"2355": psdbserver -"2356": gxtelmd -"2357": unihub-server -"2358": futrix -"2359": flukeserver -"2360": nexstorindltd -"2361": tl1 -"2362": digiman -"2363": mediacntrlnfsd -"2364": oi-2000 -"2365": dbref -"2366": qip-login -"2367": service-ctrl -"2368": opentable -"2370": l3-hbmon -"2372": lanmessenger -"2381": compaq-https -"2382": ms-olap3 -"2383": ms-olap4 -"2384": sd-capacity -"2385": sd-data -"2386": virtualtape -"2387": vsamredirector -"2388": mynahautostart -"2389": ovsessionmgr -"2390": rsmtp -"2391": 3com-net-mgmt -"2392": tacticalauth -"2393": ms-olap1 -"2394": ms-olap2 -"2395": lan900-remote -"2396": wusage -"2397": ncl -"2398": orbiter -"2399": fmpro-fdal -"2400": opequus-server -"2401": cvspserver -"2402": taskmaster2000 -"2403": taskmaster2000 -"2404": iec-104 -"2405": trc-netpoll -"2406": jediserver -"2407": orion -"2409": sns-protocol -"2410": vrts-registry -"2411": netwave-ap-mgmt -"2412": cdn -"2413": orion-rmi-reg -"2414": beeyond -"2415": codima-rtp -"2416": rmtserver -"2417": composit-server -"2418": cas -"2419": attachmate-s2s -"2420": dslremote-mgmt -"2421": g-talk -"2422": crmsbits -"2423": rnrp -"2424": kofax-svr -"2425": fjitsuappmgr -"2426": vcmp -"2427": mgcp-gateway -"2428": ott -"2429": ft-role -"2430": venus -"2431": venus-se -"2432": codasrv -"2433": codasrv-se -"2434": pxc-epmap -"2435": optilogic -"2436": topx -"2437": unicontrol -"2438": msp -"2439": sybasedbsynch -"2440": spearway -"2441": pvsw-inet -"2442": netangel -"2443": powerclientcsf -"2444": btpp2sectrans -"2445": dtn1 -"2446": bues-service -"2447": ovwdb -"2448": hpppssvr -"2449": ratl -"2450": netadmin -"2451": netchat -"2452": snifferclient -"2453": madge-ltd -"2454": indx-dds -"2455": wago-io-system -"2456": altav-remmgt -"2457": rapido-ip -"2458": griffin -"2459": community -"2460": ms-theater -"2461": qadmifoper -"2462": qadmifevent -"2463": lsi-raid-mgmt -"2464": direcpc-si -"2465": lbm -"2466": lbf -"2467": high-criteria -"2468": qip-msgd -"2469": mti-tcs-comm -"2470": taskman-port -"2471": seaodbc -"2472": c3 -"2473": aker-cdp -"2474": vitalanalysis -"2475": ace-server -"2476": ace-svr-prop -"2477": ssm-cvs -"2478": ssm-cssps -"2479": ssm-els -"2480": powerexchange -"2481": giop -"2482": giop-ssl -"2483": ttc -"2484": ttc-ssl -"2485": netobjects1 -"2486": netobjects2 -"2487": pns -"2488": moy-corp -"2489": tsilb -"2490": qip-qdhcp -"2491": conclave-cpp -"2492": groove -"2493": talarian-mqs -"2494": bmc-ar -"2495": fast-rem-serv -"2496": dirgis -"2497": quaddb -"2498": odn-castraq -"2499": unicontrol -"2500": rtsserv -"2501": rtsclient -"2502": kentrox-prot -"2503": nms-dpnss -"2504": wlbs -"2505": ppcontrol -"2506": jbroker -"2507": spock -"2508": jdatastore -"2509": fjmpss -"2510": fjappmgrbulk -"2511": metastorm -"2512": citrixima -"2513": citrixadmin -"2514": facsys-ntp -"2515": facsys-router -"2516": maincontrol -"2517": call-sig-trans -"2518": willy -"2519": globmsgsvc -"2520": pvsw -"2521": adaptecmgr -"2522": windb -"2523": qke-llc-v3 -"2524": optiwave-lm -"2525": ms-v-worlds -"2526": ema-sent-lm -"2527": iqserver -"2528": ncr-ccl -"2529": utsftp -"2530": vrcommerce -"2531": ito-e-gui -"2532": ovtopmd -"2533": snifferserver -"2534": combox-web-acc -"2535": madcap -"2536": btpp2audctr1 -"2537": upgrade -"2538": vnwk-prapi -"2539": vsiadmin -"2540": lonworks -"2541": lonworks2 -"2542": udrawgraph -"2543": reftek -"2544": novell-zen -"2545": sis-emt -"2546": vytalvaultbrtp -"2547": vytalvaultvsmp -"2548": vytalvaultpipe -"2549": ipass -"2550": ads -"2551": isg-uda-server -"2552": call-logging -"2553": efidiningport -"2554": vcnet-link-v10 -"2555": compaq-wcp -"2556": nicetec-nmsvc -"2557": nicetec-mgmt -"2558": pclemultimedia -"2559": lstp -"2560": labrat -"2561": mosaixcc -"2562": delibo -"2563": cti-redwood -"2564": hp-3000-telnet -"2565": coord-svr -"2566": pcs-pcw -"2567": clp -"2568": spamtrap -"2569": sonuscallsig -"2570": hs-port -"2571": cecsvc -"2572": ibp -"2573": trustestablish -"2574": blockade-bpsp -"2575": hl7 -"2576": tclprodebugger -"2577": scipticslsrvr -"2578": rvs-isdn-dcp -"2579": mpfoncl -"2580": tributary -"2581": argis-te -"2582": argis-ds -"2583": mon -"2584": cyaserv -"2585": netx-server -"2586": netx-agent -"2587": masc -"2588": privilege -"2589": quartus-tcl -"2590": idotdist -"2591": maytagshuffle -"2592": netrek -"2593": mns-mail -"2594": dts -"2595": worldfusion1 -"2596": worldfusion2 -"2597": homesteadglory -"2598": citriximaclient -"2599": snapd -"2600": hpstgmgr -"2601": discp-client -"2602": discp-server -"2603": servicemeter -"2604": nsc-ccs -"2605": nsc-posa -"2606": netmon -"2607": connection -"2608": wag-service -"2609": system-monitor -"2610": versa-tek -"2611": lionhead -"2612": qpasa-agent -"2613": smntubootstrap -"2614": neveroffline -"2615": firepower -"2616": appswitch-emp -"2617": cmadmin -"2618": priority-e-com -"2619": bruce -"2620": lpsrecommender -"2621": miles-apart -"2622": metricadbc -"2623": lmdp -"2624": aria -"2625": blwnkl-port -"2626": gbjd816 -"2627": moshebeeri -"2628": dict -"2629": sitaraserver -"2630": sitaramgmt -"2631": sitaradir -"2632": irdg-post -"2633": interintelli -"2634": pk-electronics -"2635": backburner -"2636": solve -"2637": imdocsvc -"2638": sybaseanywhere -"2639": aminet -"2640": ami-control -"2641": hdl-srv -"2642": tragic -"2643": gte-samp -"2644": travsoft-ipx-t -"2645": novell-ipx-cmd -"2646": and-lm -"2647": syncserver -"2648": upsnotifyprot -"2649": vpsipport -"2650": eristwoguns -"2651": ebinsite -"2652": interpathpanel -"2653": sonus -"2654": corel-vncadmin -"2655": unglue -"2656": kana -"2657": sns-dispatcher -"2658": sns-admin -"2659": sns-query -"2660": gcmonitor -"2661": olhost -"2662": bintec-capi -"2663": bintec-tapi -"2664": patrol-mq-gm -"2665": patrol-mq-nm -"2666": extensis -"2667": alarm-clock-s -"2668": alarm-clock-c -"2669": toad -"2670": tve-announce -"2671": newlixreg -"2672": nhserver -"2673": firstcall42 -"2674": ewnn -"2675": ttc-etap -"2676": simslink -"2677": gadgetgate1way -"2678": gadgetgate2way -"2679": syncserverssl -"2680": pxc-sapxom -"2681": mpnjsomb -"2683": ncdloadbalance -"2684": mpnjsosv -"2685": mpnjsocl -"2686": mpnjsomg -"2687": pq-lic-mgmt -"2688": md-cg-http -"2689": fastlynx -"2690": hp-nnm-data -"2691": itinternet -"2692": admins-lms -"2694": pwrsevent -"2695": vspread -"2696": unifyadmin -"2697": oce-snmp-trap -"2698": mck-ivpip -"2699": csoft-plusclnt -"2700": tqdata -"2701": sms-rcinfo -"2702": sms-xfer -"2703": sms-chat -"2704": sms-remctrl -"2705": sds-admin -"2706": ncdmirroring -"2707": emcsymapiport -"2708": banyan-net -"2709": supermon -"2710": sso-service -"2711": sso-control -"2712": aocp -"2713": raventbs -"2714": raventdm -"2715": hpstgmgr2 -"2716": inova-ip-disco -"2717": pn-requester -"2718": pn-requester2 -"2719": scan-change -"2720": wkars -"2721": smart-diagnose -"2722": proactivesrvr -"2723": watchdog-nt -"2724": qotps -"2725": msolap-ptp2 -"2726": tams -"2727": mgcp-callagent -"2728": sqdr -"2729": tcim-control -"2730": nec-raidplus -"2731": fyre-messanger -"2732": g5m -"2733": signet-ctf -"2734": ccs-software -"2735": netiq-mc -"2736": radwiz-nms-srv -"2737": srp-feedback -"2738": ndl-tcp-ois-gw -"2739": tn-timing -"2740": alarm -"2741": tsb -"2742": tsb2 -"2743": murx -"2744": honyaku -"2745": urbisnet -"2746": cpudpencap -"2747": fjippol-swrly -"2748": fjippol-polsvr -"2749": fjippol-cnsl -"2750": fjippol-port1 -"2751": fjippol-port2 -"2752": rsisysaccess -"2753": de-spot -"2754": apollo-cc -"2755": expresspay -"2756": simplement-tie -"2757": cnrp -"2758": apollo-status -"2759": apollo-gms -"2760": sabams -"2761": dicom-iscl -"2762": dicom-tls -"2763": desktop-dna -"2764": data-insurance -"2765": qip-audup -"2766": compaq-scp -"2767": uadtc -"2768": uacs -"2769": exce -"2770": veronica -"2771": vergencecm -"2772": auris -"2773": rbakcup1 -"2774": rbakcup2 -"2775": smpp -"2776": ridgeway1 -"2777": ridgeway2 -"2778": gwen-sonya -"2779": lbc-sync -"2780": lbc-control -"2781": whosells -"2782": everydayrc -"2783": aises -"2784": www-dev -"2785": aic-np -"2786": aic-oncrpc -"2787": piccolo -"2788": fryeserv -"2789": media-agent -"2790": plgproxy -"2791": mtport-regist -"2792": f5-globalsite -"2793": initlsmsad -"2795": livestats -"2796": ac-tech -"2797": esp-encap -"2798": tmesis-upshot -"2799": icon-discover -"2800": acc-raid -"2801": igcp -"2802": veritas-udp1 -"2803": btprjctrl -"2804": dvr-esm -"2805": wta-wsp-s -"2806": cspuni -"2807": cspmulti -"2808": j-lan-p -"2809": corbaloc -"2810": netsteward -"2811": gsiftp -"2812": atmtcp -"2813": llm-pass -"2814": llm-csv -"2815": lbc-measure -"2816": lbc-watchdog -"2817": nmsigport -"2818": rmlnk -"2819": fc-faultnotify -"2820": univision -"2821": vrts-at-port -"2822": ka0wuc -"2823": cqg-netlan -"2824": cqg-netlan-1 -"2826": slc-systemlog -"2827": slc-ctrlrloops -"2828": itm-lm -"2829": silkp1 -"2830": silkp2 -"2831": silkp3 -"2832": silkp4 -"2833": glishd -"2834": evtp -"2835": evtp-data -"2836": catalyst -"2837": repliweb -"2838": starbot -"2839": nmsigport -"2840": l3-exprt -"2841": l3-ranger -"2842": l3-hawk -"2843": pdnet -"2844": bpcp-poll -"2845": bpcp-trap -"2846": aimpp-hello -"2847": aimpp-port-req -"2848": amt-blc-port -"2849": fxp -"2850": metaconsole -"2851": webemshttp -"2852": bears-01 -"2853": ispipes -"2854": infomover -"2856": cesdinv -"2857": simctlp -"2858": ecnp -"2859": activememory -"2860": dialpad-voice1 -"2861": dialpad-voice2 -"2862": ttg-protocol -"2863": sonardata -"2864": astromed-main -"2865": pit-vpn -"2866": iwlistener -"2867": esps-portal -"2868": npep-messaging -"2869": icslap -"2870": daishi -"2871": msi-selectplay -"2872": radix -"2874": dxmessagebase1 -"2875": dxmessagebase2 -"2876": sps-tunnel -"2877": bluelance -"2878": aap -"2879": ucentric-ds -"2880": synapse -"2881": ndsp -"2882": ndtp -"2883": ndnp -"2884": flashmsg -"2885": topflow -"2886": responselogic -"2887": aironetddp -"2888": spcsdlobby -"2889": rsom -"2890": cspclmulti -"2891": cinegrfx-elmd -"2892": snifferdata -"2893": vseconnector -"2894": abacus-remote -"2895": natuslink -"2896": ecovisiong6-1 -"2897": citrix-rtmp -"2898": appliance-cfg -"2899": powergemplus -"2900": quicksuite -"2901": allstorcns -"2902": netaspi -"2903": suitcase -"2904": m2ua -"2906": caller9 -"2907": webmethods-b2b -"2908": mao -"2909": funk-dialout -"2910": tdaccess -"2911": blockade -"2912": epicon -"2913": boosterware -"2914": gamelobby -"2915": tksocket -"2916": elvin-server -"2917": elvin-client -"2918": kastenchasepad -"2919": roboer -"2920": roboeda -"2921": cesdcdman -"2922": cesdcdtrn -"2923": wta-wsp-wtp-s -"2924": precise-vip -"2926": mobile-file-dl -"2927": unimobilectrl -"2928": redstone-cpss -"2929": amx-webadmin -"2930": amx-weblinx -"2931": circle-x -"2932": incp -"2933": 4-tieropmgw -"2934": 4-tieropmcli -"2935": qtp -"2936": otpatch -"2937": pnaconsult-lm -"2938": sm-pas-1 -"2939": sm-pas-2 -"2940": sm-pas-3 -"2941": sm-pas-4 -"2942": sm-pas-5 -"2943": ttnrepository -"2944": megaco-h248 -"2945": h248-binary -"2946": fjsvmpor -"2947": gpsd -"2948": wap-push -"2949": wap-pushsecure -"2950": esip -"2951": ottp -"2952": mpfwsas -"2953": ovalarmsrv -"2954": ovalarmsrv-cmd -"2955": csnotify -"2956": ovrimosdbman -"2957": jmact5 -"2958": jmact6 -"2959": rmopagt -"2960": dfoxserver -"2961": boldsoft-lm -"2962": iph-policy-cli -"2963": iph-policy-adm -"2964": bullant-srap -"2965": bullant-rap -"2966": idp-infotrieve -"2967": ssc-agent -"2968": enpp -"2969": essp -"2970": index-net -"2971": netclip -"2972": pmsm-webrctl -"2973": svnetworks -"2974": signal -"2975": fjmpcm -"2976": cns-srv-port -"2977": ttc-etap-ns -"2978": ttc-etap-ds -"2979": h263-video -"2980": wimd -"2981": mylxamport -"2982": iwb-whiteboard -"2983": netplan -"2984": hpidsadmin -"2985": hpidsagent -"2986": stonefalls -"2987": identify -"2988": hippad -"2989": zarkov -"2990": boscap -"2991": wkstn-mon -"2992": avenyo -"2993": veritas-vis1 -"2994": veritas-vis2 -"2995": idrs -"2996": vsixml -"2997": rebol -"2998": realsecure -"2999": remoteware-un -"3000": hbci -"3002": exlm-agent -"3003": cgms -"3004": csoftragent -"3005": geniuslm -"3006": ii-admin -"3007": lotusmtap -"3008": midnight-tech -"3009": pxc-ntfy -"3010": ping-pong -"3011": trusted-web -"3012": twsdss -"3013": gilatskysurfer -"3014": broker-service -"3015": nati-dstp -"3016": notify-srvr -"3017": event-listener -"3018": srvc-registry -"3019": resource-mgr -"3020": cifs -"3021": agriserver -"3022": csregagent -"3023": magicnotes -"3024": nds-sso -"3025": arepa-raft -"3026": agri-gateway -"3027": LiebDevMgmt-C -"3028": LiebDevMgmt-DM -"3029": LiebDevMgmt-A -"3030": arepa-cas -"3031": eppc -"3032": redwood-chat -"3033": pdb -"3034": osmosis-aeea -"3035": fjsv-gssagt -"3036": hagel-dump -"3037": hp-san-mgmt -"3038": santak-ups -"3039": cogitate -"3040": tomato-springs -"3041": di-traceware -"3042": journee -"3043": brp -"3044": epp -"3045": responsenet -"3046": di-ase -"3047": hlserver -"3048": pctrader -"3049": nsws -"3050": gds-db -"3051": galaxy-server -"3052": apc-3052 -"3053": dsom-server -"3054": amt-cnf-prot -"3055": policyserver -"3056": cdl-server -"3057": goahead-fldup -"3058": videobeans -"3059": qsoft -"3060": interserver -"3061": cautcpd -"3062": ncacn-ip-tcp -"3063": ncadg-ip-udp -"3064": rprt -"3065": slinterbase -"3066": netattachsdmp -"3067": fjhpjp -"3068": ls3bcast -"3069": ls3 -"3070": mgxswitch -"3071": csd-mgmt-port -"3072": csd-monitor -"3073": vcrp -"3074": xbox -"3075": orbix-locator -"3076": orbix-config -"3077": orbix-loc-ssl -"3078": orbix-cfg-ssl -"3079": lv-frontpanel -"3080": stm-pproc -"3081": tl1-lv -"3082": tl1-raw -"3083": tl1-telnet -"3084": itm-mccs -"3085": pcihreq -"3086": jdl-dbkitchen -"3087": asoki-sma -"3088": xdtp -"3089": ptk-alink -"3090": stss -"3091": 1ci-smcs -"3093": rapidmq-center -"3094": rapidmq-reg -"3095": panasas -"3096": ndl-aps -"3098": umm-port -"3099": chmd -"3100": opcon-xps -"3101": hp-pxpib -"3102": slslavemon -"3103": autocuesmi -"3104": autocuetime -"3105": cardbox -"3106": cardbox-http -"3107": business -"3108": geolocate -"3109": personnel -"3110": sim-control -"3111": wsynch -"3112": ksysguard -"3113": cs-auth-svr -"3114": ccmad -"3115": mctet-master -"3116": mctet-gateway -"3117": mctet-jserv -"3118": pkagent -"3119": d2000kernel -"3120": d2000webserver -"3122": vtr-emulator -"3123": edix -"3124": beacon-port -"3125": a13-an -"3127": ctx-bridge -"3128": ndl-aas -"3129": netport-id -"3130": icpv2 -"3131": netbookmark -"3132": ms-rule-engine -"3133": prism-deploy -"3134": ecp -"3135": peerbook-port -"3136": grubd -"3137": rtnt-1 -"3138": rtnt-2 -"3139": incognitorv -"3140": ariliamulti -"3141": vmodem -"3142": rdc-wh-eos -"3143": seaview -"3144": tarantella -"3145": csi-lfap -"3146": bears-02 -"3147": rfio -"3148": nm-game-admin -"3149": nm-game-server -"3150": nm-asses-admin -"3151": nm-assessor -"3152": feitianrockey -"3153": s8-client-port -"3154": ccmrmi -"3155": jpegmpeg -"3156": indura -"3157": e3consultants -"3158": stvp -"3159": navegaweb-port -"3160": tip-app-server -"3161": doc1lm -"3162": sflm -"3163": res-sap -"3164": imprs -"3165": newgenpay -"3166": sossecollector -"3167": nowcontact -"3168": poweronnud -"3169": serverview-as -"3170": serverview-asn -"3171": serverview-gf -"3172": serverview-rm -"3173": serverview-icc -"3174": armi-server -"3175": t1-e1-over-ip -"3176": ars-master -"3177": phonex-port -"3178": radclientport -"3179": h2gf-w-2m -"3180": mc-brk-srv -"3181": bmcpatrolagent -"3182": bmcpatrolrnvu -"3183": cops-tls -"3184": apogeex-port -"3185": smpppd -"3186": iiw-port -"3187": odi-port -"3188": brcm-comm-port -"3189": pcle-infex -"3190": csvr-proxy -"3191": csvr-sslproxy -"3192": firemonrcc -"3193": spandataport -"3194": magbind -"3195": ncu-1 -"3196": ncu-2 -"3197": embrace-dp-s -"3198": embrace-dp-c -"3199": dmod-workspace -"3200": tick-port -"3201": cpq-tasksmart -"3202": intraintra -"3203": netwatcher-mon -"3204": netwatcher-db -"3205": isns -"3206": ironmail -"3207": vx-auth-port -"3208": pfu-prcallback -"3209": netwkpathengine -"3210": flamenco-proxy -"3211": avsecuremgmt -"3212": surveyinst -"3213": neon24x7 -"3214": jmq-daemon-1 -"3215": jmq-daemon-2 -"3216": ferrari-foam -"3217": unite -"3218": smartpackets -"3219": wms-messenger -"3220": xnm-ssl -"3221": xnm-clear-text -"3222": glbp -"3223": digivote -"3224": aes-discovery -"3225": fcip-port -"3226": isi-irp -"3227": dwnmshttp -"3228": dwmsgserver -"3229": global-cd-port -"3230": sftdst-port -"3231": vidigo -"3232": mdtp -"3233": whisker -"3234": alchemy -"3235": mdap-port -"3236": apparenet-ts -"3237": apparenet-tps -"3238": apparenet-as -"3239": apparenet-ui -"3240": triomotion -"3241": sysorb -"3242": sdp-id-port -"3243": timelot -"3244": onesaf -"3245": vieo-fe -"3246": dvt-system -"3247": dvt-data -"3248": procos-lm -"3249": ssp -"3250": hicp -"3251": sysscanner -"3252": dhe -"3253": pda-data -"3254": pda-sys -"3255": semaphore -"3256": cpqrpm-agent -"3257": cpqrpm-server -"3258": ivecon-port -"3259": epncdp2 -"3260": iscsi-target -"3261": winshadow -"3262": necp -"3263": ecolor-imager -"3264": ccmail -"3265": altav-tunnel -"3266": ns-cfg-server -"3267": ibm-dial-out -"3268": msft-gc -"3269": msft-gc-ssl -"3270": verismart -"3271": csoft-prev -"3272": user-manager -"3273": sxmp -"3274": ordinox-server -"3275": samd -"3276": maxim-asics -"3277": awg-proxy -"3278": lkcmserver -"3279": admind -"3280": vs-server -"3281": sysopt -"3282": datusorb -"3283": Apple Remote Desktop (Net Assistant) -"3284": 4talk -"3285": plato -"3286": e-net -"3287": directvdata -"3288": cops -"3289": enpc -"3290": caps-lm -"3291": sah-lm -"3292": cart-o-rama -"3293": fg-fps -"3294": fg-gip -"3295": dyniplookup -"3296": rib-slm -"3297": cytel-lm -"3298": deskview -"3299": pdrncs -"3302": mcs-fastmail -"3303": opsession-clnt -"3304": opsession-srvr -"3305": odette-ftp -"3306": mysql -"3307": opsession-prxy -"3308": tns-server -"3309": tns-adv -"3310": dyna-access -"3311": mcns-tel-ret -"3312": appman-server -"3313": uorb -"3314": uohost -"3315": cdid -"3316": aicc-cmi -"3317": vsaiport -"3318": ssrip -"3319": sdt-lmd -"3320": officelink2000 -"3321": vnsstr -"3326": sftu -"3327": bbars -"3328": egptlm -"3329": hp-device-disc -"3330": mcs-calypsoicf -"3331": mcs-messaging -"3332": mcs-mailsvr -"3333": dec-notes -"3334": directv-web -"3335": directv-soft -"3336": directv-tick -"3337": directv-catlg -"3338": anet-b -"3339": anet-l -"3340": anet-m -"3341": anet-h -"3342": webtie -"3343": ms-cluster-net -"3344": bnt-manager -"3345": influence -"3346": trnsprntproxy -"3347": phoenix-rpc -"3348": pangolin-laser -"3349": chevinservices -"3350": findviatv -"3351": btrieve -"3352": ssql -"3353": fatpipe -"3354": suitjd -"3355": ordinox-dbase -"3356": upnotifyps -"3357": adtech-test -"3358": mpsysrmsvr -"3359": wg-netforce -"3360": kv-server -"3361": kv-agent -"3362": dj-ilm -"3363": nati-vi-server -"3364": creativeserver -"3365": contentserver -"3366": creativepartnr -"3372": tip2 -"3373": lavenir-lm -"3374": cluster-disc -"3375": vsnm-agent -"3376": cdbroker -"3377": cogsys-lm -"3378": wsicopy -"3379": socorfs -"3380": sns-channels -"3381": geneous -"3382": fujitsu-neat -"3383": esp-lm -"3384": hp-clic -"3385": qnxnetman -"3386": gprs-sig -"3387": backroomnet -"3388": cbserver -"3389": ms-wbt-server -"3390": dsc -"3391": savant -"3392": efi-lm -"3393": d2k-tapestry1 -"3394": d2k-tapestry2 -"3395": dyna-lm -"3396": printer-agent -"3397": cloanto-lm -"3398": mercantile -"3399": csms -"3400": csms2 -"3401": filecast -"3402": fxaengine-net -"3405": nokia-ann-ch1 -"3406": nokia-ann-ch2 -"3407": ldap-admin -"3408": BESApi -"3409": networklens -"3410": networklenss -"3411": biolink-auth -"3412": xmlblaster -"3413": svnet -"3414": wip-port -"3415": bcinameservice -"3416": commandport -"3417": csvr -"3418": rnmap -"3419": softaudit -"3420": ifcp-port -"3421": bmap -"3422": rusb-sys-port -"3423": xtrm -"3424": xtrms -"3425": agps-port -"3426": arkivio -"3427": websphere-snmp -"3428": twcss -"3429": gcsp -"3430": ssdispatch -"3431": ndl-als -"3432": osdcp -"3433": opnet-smp -"3434": opencm -"3435": pacom -"3436": gc-config -"3437": autocueds -"3438": spiral-admin -"3439": hri-port -"3440": ans-console -"3441": connect-client -"3442": connect-server -"3443": ov-nnm-websrv -"3444": denali-server -"3445": monp -"3446": 3comfaxrpc -"3447": directnet -"3448": dnc-port -"3449": hotu-chat -"3450": castorproxy -"3451": asam -"3452": sabp-signal -"3453": pscupd -"3454": mira -"3455": prsvp -"3456": vat -"3457": vat-control -"3458": d3winosfi -"3459": integral -"3460": edm-manager -"3461": edm-stager -"3462": edm-std-notify -"3463": edm-adm-notify -"3464": edm-mgr-sync -"3465": edm-mgr-cntrl -"3466": workflow -"3467": rcst -"3468": ttcmremotectrl -"3469": pluribus -"3470": jt400 -"3471": jt400-ssl -"3472": jaugsremotec-1 -"3473": jaugsremotec-2 -"3474": ttntspauto -"3475": genisar-port -"3476": nppmp -"3477": ecomm -"3478": stun -"3479": twrpc -"3480": plethora -"3481": cleanerliverc -"3482": vulture -"3483": slim-devices -"3484": gbs-stp -"3485": celatalk -"3486": ifsf-hb-port -"3487": ltcudp -"3488": fs-rh-srv -"3489": dtp-dia -"3490": colubris -"3491": swr-port -"3492": tvdumtray-port -"3493": nut -"3494": ibm3494 -"3495": seclayer-tcp -"3496": seclayer-tls -"3497": ipether232port -"3498": dashpas-port -"3499": sccip-media -"3500": rtmp-port -"3501": isoft-p2p -"3502": avinstalldisc -"3503": lsp-ping -"3504": ironstorm -"3505": ccmcomm -"3506": apc-3506 -"3507": nesh-broker -"3508": interactionweb -"3509": vt-ssl -"3510": xss-port -"3511": webmail-2 -"3512": aztec -"3513": arcpd -"3514": must-p2p -"3515": must-backplane -"3516": smartcard-port -"3517": 802-11-iapp -"3518": artifact-msg -"3519": galileo -"3520": galileolog -"3521": mc3ss -"3522": nssocketport -"3523": odeumservlink -"3524": ecmport -"3525": eisport -"3526": starquiz-port -"3527": beserver-msg-q -"3528": jboss-iiop -"3529": jboss-iiop-ssl -"3530": gf -"3531": joltid -"3532": raven-rmp -"3533": raven-rdp -"3534": urld-port -"3535": ms-la -"3536": snac -"3537": ni-visa-remote -"3538": ibm-diradm -"3539": ibm-diradm-ssl -"3540": pnrp-port -"3541": voispeed-port -"3542": hacl-monitor -"3543": qftest-lookup -"3544": teredo -"3545": camac -"3547": symantec-sim -"3548": interworld -"3549": tellumat-nms -"3550": ssmpp -"3551": apcupsd -"3552": taserver -"3553": rbr-discovery -"3554": questnotify -"3555": razor -"3556": sky-transport -"3557": personalos-001 -"3558": mcp-port -"3559": cctv-port -"3560": iniserve-port -"3561": bmc-onekey -"3562": sdbproxy -"3563": watcomdebug -"3564": esimport -"3567": dof-eps -"3568": dof-tunnel-sec -"3569": mbg-ctrl -"3570": mccwebsvr-port -"3571": megardsvr-port -"3572": megaregsvrport -"3573": tag-ups-1 -"3574": dmaf-caster -"3575": ccm-port -"3576": cmc-port -"3577": config-port -"3578": data-port -"3579": ttat3lb -"3580": nati-svrloc -"3581": kfxaclicensing -"3582": press -"3583": canex-watch -"3584": u-dbap -"3585": emprise-lls -"3586": emprise-lsc -"3587": p2pgroup -"3588": sentinel -"3589": isomair -"3590": wv-csp-sms -"3591": gtrack-server -"3592": gtrack-ne -"3593": bpmd -"3594": mediaspace -"3595": shareapp -"3596": iw-mmogame -"3597": a14 -"3598": a15 -"3599": quasar-server -"3600": trap-daemon -"3601": visinet-gui -"3602": infiniswitchcl -"3603": int-rcv-cntrl -"3604": bmc-jmx-port -"3605": comcam-io -"3606": splitlock -"3607": precise-i3 -"3608": trendchip-dcp -"3609": cpdi-pidas-cm -"3610": echonet -"3611": six-degrees -"3612": hp-dataprotect -"3613": alaris-disc -"3614": sigma-port -"3615": start-network -"3616": cd3o-protocol -"3617": sharp-server -"3618": aairnet-1 -"3619": aairnet-2 -"3620": ep-pcp -"3621": ep-nsp -"3622": ff-lr-port -"3623": haipe-discover -"3624": dist-upgrade -"3625": volley -"3626": bvcdaemon-port -"3627": jamserverport -"3628": ept-machine -"3629": escvpnet -"3630": cs-remote-db -"3631": cs-services -"3632": distcc -"3633": wacp -"3634": hlibmgr -"3635": sdo -"3636": servistaitsm -"3637": scservp -"3638": ehp-backup -"3639": xap-ha -"3640": netplay-port1 -"3641": netplay-port2 -"3642": juxml-port -"3643": audiojuggler -"3644": ssowatch -"3645": cyc -"3646": xss-srv-port -"3647": splitlock-gw -"3648": fjcp -"3649": nmmp -"3650": prismiq-plugin -"3651": xrpc-registry -"3652": vxcrnbuport -"3653": tsp -"3654": vaprtm -"3655": abatemgr -"3656": abatjss -"3657": immedianet-bcn -"3658": ps-ams -"3659": apple-sasl -"3660": can-nds-ssl -"3661": can-ferret-ssl -"3662": pserver -"3663": dtp -"3664": ups-engine -"3665": ent-engine -"3666": eserver-pap -"3667": infoexch -"3668": dell-rm-port -"3669": casanswmgmt -"3670": smile -"3671": efcp -"3672": lispworks-orb -"3673": mediavault-gui -"3674": wininstall-ipc -"3675": calltrax -"3676": va-pacbase -"3677": roverlog -"3678": ipr-dglt -"3679": Escale (Newton Dock) -"3680": npds-tracker -"3681": bts-x73 -"3682": cas-mapi -"3683": bmc-ea -"3684": faxstfx-port -"3685": dsx-agent -"3686": tnmpv2 -"3687": simple-push -"3688": simple-push-s -"3689": daap -"3690": svn -"3691": magaya-network -"3692": intelsync -"3695": bmc-data-coll -"3696": telnetcpcd -"3697": nw-license -"3698": sagectlpanel -"3699": kpn-icw -"3700": lrs-paging -"3701": netcelera -"3702": ws-discovery -"3703": adobeserver-3 -"3704": adobeserver-4 -"3705": adobeserver-5 -"3706": rt-event -"3707": rt-event-s -"3708": sun-as-iiops -"3709": ca-idms -"3710": portgate-auth -"3711": edb-server2 -"3712": sentinel-ent -"3713": tftps -"3714": delos-dms -"3715": anoto-rendezv -"3716": wv-csp-sms-cir -"3717": wv-csp-udp-cir -"3718": opus-services -"3719": itelserverport -"3720": ufastro-instr -"3721": xsync -"3722": xserveraid -"3723": sychrond -"3724": blizwow -"3725": na-er-tip -"3726": array-manager -"3727": e-mdu -"3728": e-woa -"3729": fksp-audit -"3730": client-ctrl -"3731": smap -"3732": m-wnn -"3733": multip-msg -"3734": synel-data -"3735": pwdis -"3736": rs-rmi -"3738": versatalk -"3739": launchbird-lm -"3740": heartbeat -"3741": wysdma -"3742": cst-port -"3743": ipcs-command -"3744": sasg -"3745": gw-call-port -"3746": linktest -"3747": linktest-s -"3748": webdata -"3749": cimtrak -"3750": cbos-ip-port -"3751": gprs-cube -"3752": vipremoteagent -"3753": nattyserver -"3754": timestenbroker -"3755": sas-remote-hlp -"3756": canon-capt -"3757": grf-port -"3758": apw-registry -"3759": exapt-lmgr -"3760": adtempusclient -"3761": gsakmp -"3762": gbs-smp -"3763": xo-wave -"3764": mni-prot-rout -"3765": rtraceroute -"3767": listmgr-port -"3768": rblcheckd -"3769": haipe-otnk -"3770": cindycollab -"3771": paging-port -"3772": ctp -"3773": ctdhercules -"3774": zicom -"3775": ispmmgr -"3776": dvcprov-port -"3777": jibe-eb -"3778": c-h-it-port -"3779": cognima -"3780": nnp -"3781": abcvoice-port -"3782": iso-tp0s -"3783": bim-pem -"3784": bfd-control -"3785": bfd-echo -"3786": upstriggervsw -"3787": fintrx -"3788": isrp-port -"3789": remotedeploy -"3790": quickbooksrds -"3791": tvnetworkvideo -"3792": sitewatch -"3793": dcsoftware -"3794": jaus -"3795": myblast -"3796": spw-dialer -"3797": idps -"3798": minilock -"3799": radius-dynauth -"3800": pwgpsi -"3801": ibm-mgr -"3802": vhd -"3803": soniqsync -"3804": iqnet-port -"3805": tcpdataserver -"3806": wsmlb -"3807": spugna -"3808": sun-as-iiops-ca -"3809": apocd -"3810": wlanauth -"3811": amp -"3812": neto-wol-server -"3813": rap-ip -"3814": neto-dcs -"3815": lansurveyorxml -"3816": sunlps-http -"3817": tapeware -"3818": crinis-hb -"3819": epl-slp -"3820": scp -"3821": pmcp -"3822": acp-discovery -"3823": acp-conduit -"3824": acp-policy -"3825": ffserver -"3826": warmux -"3827": netmpi -"3828": neteh -"3829": neteh-ext -"3830": cernsysmgmtagt -"3831": dvapps -"3832": xxnetserver -"3833": aipn-auth -"3834": spectardata -"3835": spectardb -"3836": markem-dcp -"3837": mkm-discovery -"3838": sos -"3839": amx-rms -"3840": flirtmitmir -"3842": nhci -"3843": quest-agent -"3844": rnm -"3845": v-one-spp -"3846": an-pcp -"3847": msfw-control -"3848": item -"3849": spw-dnspreload -"3850": qtms-bootstrap -"3851": spectraport -"3852": sse-app-config -"3853": sscan -"3854": stryker-com -"3855": opentrac -"3856": informer -"3857": trap-port -"3858": trap-port-mom -"3859": nav-port -"3860": sasp -"3861": winshadow-hd -"3862": giga-pocket -"3863": asap-udp -"3865": xpl -"3866": dzdaemon -"3867": dzoglserver -"3869": ovsam-mgmt -"3870": ovsam-d-agent -"3871": avocent-adsap -"3872": oem-agent -"3873": fagordnc -"3874": sixxsconfig -"3875": pnbscada -"3876": dl-agent -"3877": xmpcr-interface -"3878": fotogcad -"3879": appss-lm -"3880": igrs -"3881": idac -"3882": msdts1 -"3883": vrpn -"3884": softrack-meter -"3885": topflow-ssl -"3886": nei-management -"3887": ciphire-data -"3888": ciphire-serv -"3889": dandv-tester -"3890": ndsconnect -"3891": rtc-pm-port -"3892": pcc-image-port -"3893": cgi-starapi -"3894": syam-agent -"3895": syam-smc -"3896": sdo-tls -"3897": sdo-ssh -"3898": senip -"3899": itv-control -"3900": udt-os -"3901": nimsh -"3902": nimaux -"3903": charsetmgr -"3904": omnilink-port -"3905": mupdate -"3906": topovista-data -"3907": imoguia-port -"3908": hppronetman -"3909": surfcontrolcpa -"3910": prnrequest -"3911": prnstatus -"3912": gbmt-stars -"3913": listcrt-port -"3914": listcrt-port-2 -"3915": agcat -"3916": wysdmc -"3917": aftmux -"3918": pktcablemmcops -"3919": hyperip -"3920": exasoftport1 -"3921": herodotus-net -"3922": sor-update -"3923": symb-sb-port -"3924": mpl-gprs-port -"3925": zmp -"3926": winport -"3927": natdataservice -"3928": netboot-pxe -"3929": smauth-port -"3930": syam-webserver -"3931": msr-plugin-port -"3932": dyn-site -"3933": plbserve-port -"3934": sunfm-port -"3935": sdp-portmapper -"3936": mailprox -"3937": dvbservdsc -"3938": dbcontrol-agent -"3939": aamp -"3940": xecp-node -"3941": homeportal-web -"3942": srdp -"3943": tig -"3944": sops -"3945": emcads -"3946": backupedge -"3947": ccp -"3948": apdap -"3949": drip -"3950": namemunge -"3951": pwgippfax -"3952": i3-sessionmgr -"3953": xmlink-connect -"3954": adrep -"3955": p2pcommunity -"3956": gvcp -"3957": mqe-broker -"3958": mqe-agent -"3959": treehopper -"3960": bess -"3961": proaxess -"3962": sbi-agent -"3963": thrp -"3964": sasggprs -"3965": ati-ip-to-ncpe -"3966": bflckmgr -"3967": ppsms -"3968": ianywhere-dbns -"3969": landmarks -"3970": lanrevagent -"3971": lanrevserver -"3972": iconp -"3973": progistics -"3974": citysearch -"3975": airshot -"3976": opswagent -"3977": opswmanager -"3978": secure-cfg-svr -"3979": smwan -"3980": acms -"3981": starfish -"3982": eis -"3983": eisp -"3984": mapper-nodemgr -"3985": mapper-mapethd -"3986": mapper-ws-ethd -"3987": centerline -"3988": dcs-config -"3989": bv-queryengine -"3990": bv-is -"3991": bv-smcsrv -"3992": bv-ds -"3993": bv-agent -"3995": iss-mgmt-ssl -"3996": abcsoftware -"3997": agentsease-db -"3998": dnx -"3999": nvcnet -"4000": terabase -"4001": newoak -"4002": pxc-spvr-ft -"4003": pxc-splr-ft -"4004": pxc-roid -"4005": pxc-pin -"4006": pxc-spvr -"4007": pxc-splr -"4008": netcheque -"4009": chimera-hwm -"4010": samsung-unidex -"4011": altserviceboot -"4012": pda-gate -"4013": acl-manager -"4014": taiclock -"4015": talarian-mcast1 -"4016": talarian-mcast2 -"4017": talarian-mcast3 -"4018": talarian-mcast4 -"4019": talarian-mcast5 -"4020": trap -"4021": nexus-portal -"4022": dnox -"4023": esnm-zoning -"4024": tnp1-port -"4025": partimage -"4026": as-debug -"4027": bxp -"4028": dtserver-port -"4029": ip-qsig -"4030": jdmn-port -"4031": suucp -"4032": vrts-auth-port -"4033": sanavigator -"4034": ubxd -"4035": wap-push-http -"4036": wap-push-https -"4037": ravehd -"4038": fazzt-ptp -"4039": fazzt-admin -"4040": yo-main -"4041": houston -"4042": ldxp -"4043": nirp -"4044": ltp -"4045": npp -"4046": acp-proto -"4047": ctp-state -"4049": wafs -"4050": cisco-wafs -"4051": cppdp -"4052": interact -"4053": ccu-comm-1 -"4054": ccu-comm-2 -"4055": ccu-comm-3 -"4056": lms -"4057": wfm -"4058": kingfisher -"4059": dlms-cosem -"4060": dsmeter-iatc -"4061": ice-location -"4062": ice-slocation -"4063": ice-router -"4064": ice-srouter -"4065": avanti-cdp -"4066": pmas -"4067": idp -"4068": ipfltbcst -"4069": minger -"4070": tripe -"4071": aibkup -"4072": zieto-sock -"4073": iRAPP -"4074": cequint-cityid -"4075": perimlan -"4076": seraph -"4077": ascomalarm -"4079": santools -"4080": lorica-in -"4081": lorica-in-sec -"4082": lorica-out -"4083": lorica-out-sec -"4084": fortisphere-vm -"4086": ftsync -"4089": opencore -"4090": omasgport -"4091": ewinstaller -"4092": ewdgs -"4093": pvxpluscs -"4094": sysrqd -"4095": xtgui -"4096": bre -"4097": patrolview -"4098": drmsfsd -"4099": dpcp -"4100": igo-incognito -"4101": brlp-0 -"4102": brlp-1 -"4103": brlp-2 -"4104": brlp-3 -"4105": shofar -"4106": synchronite -"4107": j-ac -"4108": accel -"4109": izm -"4110": g2tag -"4111": xgrid -"4112": apple-vpns-rp -"4113": aipn-reg -"4114": jomamqmonitor -"4115": cds -"4116": smartcard-tls -"4117": hillrserv -"4118": netscript -"4119": assuria-slm -"4121": e-builder -"4122": fprams -"4123": z-wave -"4124": tigv2 -"4125": opsview-envoy -"4126": ddrepl -"4127": unikeypro -"4128": nufw -"4129": nuauth -"4130": fronet -"4131": stars -"4132": nuts-dem -"4133": nuts-bootp -"4134": nifty-hmi -"4135": cl-db-attach -"4136": cl-db-request -"4137": cl-db-remote -"4138": nettest -"4139": thrtx -"4140": cedros-fds -"4141": oirtgsvc -"4142": oidocsvc -"4143": oidsr -"4145": vvr-control -"4146": tgcconnect -"4147": vrxpservman -"4148": hhb-handheld -"4149": agslb -"4150": PowerAlert-nsa -"4151": menandmice-noh -"4152": idig-mux -"4153": mbl-battd -"4154": atlinks -"4155": bzr -"4156": stat-results -"4157": stat-scanner -"4158": stat-cc -"4159": nss -"4160": jini-discovery -"4161": omscontact -"4162": omstopology -"4163": silverpeakpeer -"4164": silverpeakcomm -"4165": altcp -"4166": joost -"4167": ddgn -"4168": pslicser -"4169": iadt-disc -"4172": pcoip -"4173": mma-discovery -"4174": sm-disc -"4177": wello -"4178": storman -"4179": MaxumSP -"4180": httpx -"4181": macbak -"4182": pcptcpservice -"4183": cyborgnet -"4184": universe-suite -"4185": wcpp -"4188": vatata -"4191": dsmipv6 -"4192": azeti-bd -"4199": eims-admin -"4300": corelccam -"4301": d-data -"4302": d-data-control -"4303": srcp -"4304": owserver -"4305": batman -"4306": pinghgl -"4307": visicron-vs -"4308": compx-lockview -"4309": dserver -"4310": mirrtex -"4320": fdt-rcatp -"4321": rwhois -"4322": trim-event -"4323": trim-ice -"4325": geognosisman -"4326": geognosis -"4327": jaxer-web -"4328": jaxer-manager -"4333": ahsp -"4340": gaia -"4341": lisp-data -"4342": lisp-control -"4343": unicall -"4344": vinainstall -"4345": m4-network-as -"4346": elanlm -"4347": lansurveyor -"4348": itose -"4349": fsportmap -"4350": net-device -"4351": plcy-net-svcs -"4352": pjlink -"4353": f5-iquery -"4354": qsnet-trans -"4355": qsnet-workst -"4356": qsnet-assist -"4357": qsnet-cond -"4358": qsnet-nucl -"4359": omabcastltkm -"4361": nacnl -"4362": afore-vdp-disc -"4366": shadowstream -"4368": wxbrief -"4369": epmd -"4370": elpro-tunnel -"4371": l2c-disc -"4372": l2c-data -"4373": remctl -"4375": tolteces -"4376": bip -"4377": cp-spxsvr -"4378": cp-spxdpy -"4379": ctdb -"4389": xandros-cms -"4390": wiegand -"4394": apwi-disc -"4395": omnivisionesx -"4400": ds-srv -"4401": ds-srvr -"4402": ds-clnt -"4403": ds-user -"4404": ds-admin -"4405": ds-mail -"4406": ds-slp -"4412": smallchat -"4413": avi-nms-disc -"4416": pjj-player-disc -"4418": axysbridge -"4420": nvm-express -"4425": netrockey6 -"4426": beacon-port-2 -"4430": rsqlserver -"4432": l-acoustics -"4441": netblox -"4442": saris -"4443": pharos -"4444": krb524 -"4445": upnotifyp -"4446": n1-fwp -"4447": n1-rmgmt -"4448": asc-slmd -"4449": privatewire -"4450": camp -"4451": ctisystemmsg -"4452": ctiprogramload -"4453": nssalertmgr -"4454": nssagentmgr -"4455": prchat-user -"4456": prchat-server -"4457": prRegister -"4458": mcp -"4484": hpssmgmt -"4486": icms -"4488": awacs-ice -"4500": ipsec-nat-t -"4534": armagetronad -"4535": ehs -"4536": ehs-ssl -"4537": wssauthsvc -"4538": swx-gate -"4545": worldscores -"4546": sf-lm -"4547": lanner-lm -"4548": synchromesh -"4549": aegate -"4550": gds-adppiw-db -"4551": ieee-mih -"4552": menandmice-mon -"4554": msfrs -"4555": rsip -"4556": dtn-bundle -"4557": mtcevrunqss -"4558": mtcevrunqman -"4559": hylafax -"4566": kwtc -"4567": tram -"4568": bmc-reporting -"4569": iax -"4591": l3t-at-an -"4592": hrpd-ith-at-an -"4593": ipt-anri-anri -"4594": ias-session -"4595": ias-paging -"4596": ias-neighbor -"4597": a21-an-1xbs -"4598": a16-an-an -"4599": a17-an-an -"4600": piranha1 -"4601": piranha2 -"4621": ventoso -"4658": playsta2-app -"4659": playsta2-lob -"4660": smaclmgr -"4661": kar2ouche -"4662": oms -"4663": noteit -"4664": ems -"4665": contclientms -"4666": eportcomm -"4667": mmacomm -"4668": mmaeds -"4669": eportcommdata -"4670": light -"4671": acter -"4672": rfa -"4673": cxws -"4674": appiq-mgmt -"4675": dhct-status -"4676": dhct-alerts -"4677": bcs -"4678": traversal -"4679": mgesupervision -"4680": mgemanagement -"4681": parliant -"4682": finisar -"4683": spike -"4684": rfid-rp1 -"4685": autopac -"4686": msp-os -"4687": nst -"4688": mobile-p2p -"4689": altovacentral -"4690": prelude -"4691": mtn -"4692": conspiracy -"4700": netxms-agent -"4701": netxms-mgmt -"4702": netxms-sync -"4725": truckstar -"4726": a26-fap-fgw -"4727": fcis-disc -"4728": capmux -"4729": gsmtap -"4730": gearman -"4732": ohmtrigger -"4737": ipdr-sp -"4738": solera-lpn -"4739": ipfix -"4740": ipfixs -"4741": lumimgrd -"4742": sicct-sdp -"4743": openhpid -"4744": ifsp -"4745": fmp -"4746": intelliadm-disc -"4747": buschtrommel -"4749": profilemac -"4750": ssad -"4751": spocp -"4752": snap -"4753": simon-disc -"4754": gre-in-udp -"4755": gre-udp-dtls -"4784": bfd-multi-ctl -"4785": cncp -"4789": vxlan -"4790": vxlan-gpe -"4791": roce -"4800": iims -"4801": iwec -"4802": ilss -"4803": notateit-disc -"4804": aja-ntv4-disc -"4827": htcp -"4837": varadero-0 -"4838": varadero-1 -"4839": varadero-2 -"4840": opcua-udp -"4841": quosa -"4842": gw-asv -"4843": opcua-tls -"4844": gw-log -"4845": wcr-remlib -"4846": contamac-icm -"4847": wfc -"4848": appserv-http -"4849": appserv-https -"4850": sun-as-nodeagt -"4851": derby-repli -"4867": unify-debug -"4868": phrelay -"4869": phrelaydbg -"4870": cc-tracking -"4871": wired -"4876": tritium-can -"4877": lmcs -"4878": inst-discovery -"4881": socp-t -"4882": socp-c -"4884": hivestor -"4885": abbs -"4894": lyskom -"4899": radmin-port -"4900": hfcs -"4914": bones -"4936": an-signaling -"4937": atsc-mh-ssc -"4940": eq-office-4940 -"4941": eq-office-4941 -"4942": eq-office-4942 -"4949": munin -"4950": sybasesrvmon -"4951": pwgwims -"4952": sagxtsds -"4969": ccss-qmm -"4970": ccss-qsm -"4980": ctxs-vpp -"4986": mrip -"4987": smar-se-port1 -"4988": smar-se-port2 -"4989": parallel -"4990": busycal -"4991": vrt -"4999": hfcs-manager -"5000": commplex-main -"5001": commplex-link -"5002": rfe -"5003": fmpro-internal -"5004": avt-profile-1 -"5005": avt-profile-2 -"5006": wsm-server -"5007": wsm-server-ssl -"5008": synapsis-edge -"5009": winfs -"5010": telelpathstart -"5011": telelpathattack -"5012": nsp -"5013": fmpro-v6 -"5014": onpsocket -"5020": zenginkyo-1 -"5021": zenginkyo-2 -"5022": mice -"5023": htuilsrv -"5024": scpi-telnet -"5025": scpi-raw -"5026": strexec-d -"5027": strexec-s -"5029": infobright -"5030": surfpass -"5031": dmp -"5042": asnaacceler8db -"5043": swxadmin -"5044": lxi-evntsvc -"5046": vpm-udp -"5047": iscape -"5049": ivocalize -"5050": mmcc -"5051": ita-agent -"5052": ita-manager -"5053": rlm-disc -"5055": unot -"5056": intecom-ps1 -"5057": intecom-ps2 -"5058": locus-disc -"5059": sds -"5060": sip -"5061": sips -"5062": na-localise -"5064": ca-1 -"5065": ca-2 -"5066": stanag-5066 -"5067": authentx -"5069": i-net-2000-npr -"5070": vtsas -"5071": powerschool -"5072": ayiya -"5073": tag-pm -"5074": alesquery -"5078": pixelpusher -"5079": cp-spxrpts -"5080": onscreen -"5081": sdl-ets -"5082": qcp -"5083": qfp -"5084": llrp -"5085": encrypted-llrp -"5092": magpie -"5093": sentinel-lm -"5094": hart-ip -"5099": sentlm-srv2srv -"5100": socalia -"5101": talarian-udp -"5102": oms-nonsecure -"5104": tinymessage -"5105": hughes-ap -"5111": taep-as-svc -"5112": pm-cmdsvr -"5116": emb-proj-cmd -"5120": barracuda-bbs -"5133": nbt-pc -"5136": minotaur-sa -"5137": ctsd -"5145": rmonitor-secure -"5150": atmp -"5151": esri-sde -"5152": sde-discovery -"5154": bzflag -"5155": asctrl-agent -"5164": vpa-disc -"5165": ife-icorp -"5166": winpcs -"5167": scte104 -"5168": scte30 -"5190": aol -"5191": aol-1 -"5192": aol-2 -"5193": aol-3 -"5200": targus-getdata -"5201": targus-getdata1 -"5202": targus-getdata2 -"5203": targus-getdata3 -"5223": hpvirtgrp -"5224": hpvirtctrl -"5225": hp-server -"5226": hp-status -"5227": perfd -"5234": eenet -"5235": galaxy-network -"5236": padl2sim -"5237": mnet-discovery -"5245": downtools-disc -"5246": capwap-control -"5247": capwap-data -"5248": caacws -"5249": caaclang2 -"5250": soagateway -"5251": caevms -"5252": movaz-ssc -"5264": 3com-njack-1 -"5265": 3com-njack-2 -"5270": cartographerxmp -"5271": cuelink-disc -"5272": pk -"5282": transmit-port -"5298": presence -"5299": nlg-data -"5300": hacl-hb -"5301": hacl-gs -"5302": hacl-cfg -"5303": hacl-probe -"5304": hacl-local -"5305": hacl-test -"5306": sun-mc-grp -"5307": sco-aip -"5308": cfengine -"5309": jprinter -"5310": outlaws -"5312": permabit-cs -"5313": rrdp -"5314": opalis-rbt-ipc -"5315": hacl-poll -"5343": kfserver -"5344": xkotodrcp -"5349": stuns -"5350": pcp-multicast -"5351": pcp -"5352": dns-llq -"5353": mdns -"5354": mdnsresponder -"5355": llmnr -"5356": ms-smlbiz -"5357": wsdapi -"5358": wsdapi-s -"5359": ms-alerter -"5360": ms-sideshow -"5361": ms-s-sideshow -"5362": serverwsd2 -"5363": net-projection -"5364": kdnet -"5397": stresstester -"5398": elektron-admin -"5399": securitychase -"5400": excerpt -"5401": excerpts -"5402": mftp -"5403": hpoms-ci-lstn -"5404": hpoms-dps-lstn -"5405": netsupport -"5406": systemics-sox -"5407": foresyte-clear -"5408": foresyte-sec -"5409": salient-dtasrv -"5410": salient-usrmgr -"5411": actnet -"5412": continuus -"5413": wwiotalk -"5414": statusd -"5415": ns-server -"5416": sns-gateway -"5417": sns-agent -"5418": mcntp -"5419": dj-ice -"5420": cylink-c -"5421": netsupport2 -"5422": salient-mux -"5423": virtualuser -"5424": beyond-remote -"5425": br-channel -"5426": devbasic -"5427": sco-peer-tta -"5428": telaconsole -"5429": base -"5430": radec-corp -"5431": park-agent -"5432": postgresql -"5433": pyrrho -"5434": sgi-arrayd -"5435": sceanics -"5436": pmip6-cntl -"5437": pmip6-data -"5443": spss -"5450": tiepie-disc -"5453": surebox -"5454": apc-5454 -"5455": apc-5455 -"5456": apc-5456 -"5461": silkmeter -"5462": ttl-publisher -"5463": ttlpriceproxy -"5464": quailnet -"5465": netops-broker -"5474": apsolab-rpc -"5500": fcp-addr-srvr1 -"5501": fcp-addr-srvr2 -"5502": fcp-srvr-inst1 -"5503": fcp-srvr-inst2 -"5504": fcp-cics-gw1 -"5505": checkoutdb -"5506": amc -"5553": sgi-eventmond -"5554": sgi-esphttp -"5555": personal-agent -"5556": freeciv -"5567": dof-dps-mc-sec -"5568": sdt -"5569": rdmnet-device -"5573": sdmmp -"5580": tmosms0 -"5581": tmosms1 -"5582": fac-restore -"5583": tmo-icon-sync -"5584": bis-web -"5585": bis-sync -"5597": ininmessaging -"5598": mctfeed -"5599": esinstall -"5600": esmmanager -"5601": esmagent -"5602": a1-msc -"5603": a1-bs -"5604": a3-sdunode -"5605": a4-sdunode -"5627": ninaf -"5628": htrust -"5629": symantec-sfdb -"5630": precise-comm -"5631": pcanywheredata -"5632": pcanywherestat -"5633": beorl -"5634": xprtld -"5670": zre-disc -"5671": amqps -"5672": amqp -"5673": jms -"5674": hyperscsi-port -"5675": v5ua -"5676": raadmin -"5677": questdb2-lnchr -"5678": rrac -"5679": dccm -"5680": auriga-router -"5681": ncxcp -"5682": brightcore -"5683": coap -"5684": coaps -"5687": gog-multiplayer -"5688": ggz -"5689": qmvideo -"5713": proshareaudio -"5714": prosharevideo -"5715": prosharedata -"5716": prosharerequest -"5717": prosharenotify -"5718": dpm -"5719": dpm-agent -"5720": ms-licensing -"5721": dtpt -"5722": msdfsr -"5723": omhs -"5724": omsdk -"5728": io-dist-group -"5729": openmail -"5730": unieng -"5741": ida-discover1 -"5742": ida-discover2 -"5743": watchdoc-pod -"5744": watchdoc -"5745": fcopy-server -"5746": fcopys-server -"5747": tunatic -"5748": tunalyzer -"5750": rscd -"5755": openmailg -"5757": x500ms -"5766": openmailns -"5767": s-openmail -"5768": openmailpxy -"5769": spramsca -"5770": spramsd -"5771": netagent -"5777": dali-port -"5781": 3par-evts -"5782": 3par-mgmt -"5783": 3par-mgmt-ssl -"5784": ibar -"5785": 3par-rcopy -"5786": cisco-redu -"5787": waascluster -"5793": xtreamx -"5794": spdp -"5813": icmpd -"5814": spt-automation -"5859": wherehoo -"5863": ppsuitemsg -"5900": rfb -"5910": cm -"5911": cpdlc -"5912": fis -"5913": ads-c -"5963": indy -"5968": mppolicy-v5 -"5969": mppolicy-mgr -"5984": couchdb -"5985": wsman -"5986": wsmans -"5987": wbem-rmi -"5988": wbem-http -"5989": wbem-https -"5990": wbem-exp-https -"5991": nuxsl -"5992": consul-insight -"5999": cvsup -"6000": x11 -"6001": x11 -"6002": x11 -"6003": x11 -"6004": x11 -"6005": x11 -"6006": x11 -"6007": x11 -"6008": x11 -"6009": x11 -"6010": x11 -"6011": x11 -"6012": x11 -"6013": x11 -"6014": x11 -"6015": x11 -"6016": x11 -"6017": x11 -"6018": x11 -"6019": x11 -"6020": x11 -"6021": x11 -"6022": x11 -"6023": x11 -"6024": x11 -"6025": x11 -"6026": x11 -"6027": x11 -"6028": x11 -"6029": x11 -"6030": x11 -"6031": x11 -"6032": x11 -"6033": x11 -"6034": x11 -"6035": x11 -"6036": x11 -"6037": x11 -"6038": x11 -"6039": x11 -"6040": x11 -"6041": x11 -"6042": x11 -"6043": x11 -"6044": x11 -"6045": x11 -"6046": x11 -"6047": x11 -"6048": x11 -"6049": x11 -"6050": x11 -"6051": x11 -"6052": x11 -"6053": x11 -"6054": x11 -"6055": x11 -"6056": x11 -"6057": x11 -"6058": x11 -"6059": x11 -"6060": x11 -"6061": x11 -"6062": x11 -"6063": x11 -"6064": ndl-ahp-svc -"6065": winpharaoh -"6066": ewctsp -"6069": trip -"6070": messageasap -"6071": ssdtp -"6072": diagnose-proc -"6073": directplay8 -"6074": max -"6080": gue -"6081": geneve -"6082": p25cai -"6083": miami-bcast -"6085": konspire2b -"6086": pdtp -"6087": ldss -"6088": doglms-notify -"6100": synchronet-db -"6101": synchronet-rtc -"6102": synchronet-upd -"6103": rets -"6104": dbdb -"6105": primaserver -"6106": mpsserver -"6107": etc-control -"6108": sercomm-scadmin -"6109": globecast-id -"6110": softcm -"6111": spc -"6112": dtspcd -"6118": tipc -"6122": bex-webadmin -"6123": backup-express -"6124": pnbs -"6133": nbt-wol -"6140": pulsonixnls -"6141": meta-corp -"6142": aspentec-lm -"6143": watershed-lm -"6144": statsci1-lm -"6145": statsci2-lm -"6146": lonewolf-lm -"6147": montage-lm -"6148": ricardo-lm -"6149": tal-pod -"6160": ecmp-data -"6161": patrol-ism -"6162": patrol-coll -"6163": pscribe -"6200": lm-x -"6201": thermo-calc -"6209": qmtps -"6222": radmind -"6241": jeol-nsddp-1 -"6242": jeol-nsddp-2 -"6243": jeol-nsddp-3 -"6244": jeol-nsddp-4 -"6251": tl1-raw-ssl -"6252": tl1-ssh -"6253": crip -"6268": grid -"6269": grid-alt -"6300": bmc-grx -"6301": bmc-ctd-ldap -"6306": ufmp -"6315": scup-disc -"6316": abb-escp -"6317": nav-data -"6320": repsvc -"6321": emp-server1 -"6322": emp-server2 -"6324": hrd-ns-disc -"6343": sflow -"6346": gnutella-svc -"6347": gnutella-rtr -"6350": adap -"6355": pmcs -"6360": metaedit-mu -"6363": ndn -"6370": metaedit-se -"6382": metatude-mds -"6389": clariion-evr01 -"6390": metaedit-ws -"6417": faxcomservice -"6419": svdrp-disc -"6420": nim-vdrshell -"6421": nim-wan -"6443": sun-sr-https -"6444": sge-qmaster -"6445": sge-execd -"6446": mysql-proxy -"6455": skip-cert-recv -"6456": skip-cert-send -"6471": lvision-lm -"6480": sun-sr-http -"6481": servicetags -"6482": ldoms-mgmt -"6483": SunVTS-RMI -"6484": sun-sr-jms -"6485": sun-sr-iiop -"6486": sun-sr-iiops -"6487": sun-sr-iiop-aut -"6488": sun-sr-jmx -"6489": sun-sr-admin -"6500": boks -"6501": boks-servc -"6502": boks-servm -"6503": boks-clntd -"6505": badm-priv -"6506": badm-pub -"6507": bdir-priv -"6508": bdir-pub -"6509": mgcs-mfp-port -"6510": mcer-port -"6511": dccp-udp -"6514": syslog-tls -"6515": elipse-rec -"6543": lds-distrib -"6544": lds-dump -"6547": apc-6547 -"6548": apc-6548 -"6549": apc-6549 -"6550": fg-sysupdate -"6551": sum -"6558": xdsxdm -"6566": sane-port -"6568": rp-reputation -"6579": affiliate -"6580": parsec-master -"6581": parsec-peer -"6582": parsec-game -"6583": joaJewelSuite -"6619": odette-ftps -"6620": kftp-data -"6621": kftp -"6622": mcftp -"6623": ktelnet -"6626": wago-service -"6627": nexgen -"6628": afesc-mc -"6629": nexgen-aux -"6633": cisco-vpath-tun -"6634": mpls-pm -"6635": mpls-udp -"6636": mpls-udp-dtls -"6653": openflow -"6657": palcom-disc -"6670": vocaltec-gold -"6671": p4p-portal -"6672": vision-server -"6673": vision-elmd -"6678": vfbp-disc -"6679": osaut -"6689": tsa -"6696": babel -"6701": kti-icad-srvr -"6702": e-design-net -"6703": e-design-web -"6714": ibprotocol -"6715": fibotrader-com -"6767": bmc-perf-agent -"6768": bmc-perf-mgrd -"6769": adi-gxp-srvprt -"6770": plysrv-http -"6771": plysrv-https -"6784": bfd-lag -"6785": dgpf-exchg -"6786": smc-jmx -"6787": smc-admin -"6788": smc-http -"6790": hnmp -"6791": hnm -"6801": acnet -"6831": ambit-lm -"6841": netmo-default -"6842": netmo-http -"6850": iccrushmore -"6868": acctopus-st -"6888": muse -"6935": ethoscan -"6936": xsmsvc -"6946": bioserver -"6951": otlp -"6961": jmact3 -"6962": jmevt2 -"6963": swismgr1 -"6964": swismgr2 -"6965": swistrap -"6966": swispol -"6969": acmsoda -"6997": MobilitySrv -"6998": iatp-highpri -"6999": iatp-normalpri -"7000": afs3-fileserver -"7001": afs3-callback -"7002": afs3-prserver -"7003": afs3-vlserver -"7004": afs3-kaserver -"7005": afs3-volser -"7006": afs3-errors -"7007": afs3-bos -"7008": afs3-update -"7009": afs3-rmtsys -"7010": ups-onlinet -"7011": talon-disc -"7012": talon-engine -"7013": microtalon-dis -"7014": microtalon-com -"7015": talon-webserver -"7019": doceri-view -"7020": dpserve -"7021": dpserveadmin -"7022": ctdp -"7023": ct2nmcs -"7024": vmsvc -"7025": vmsvc-2 -"7030": op-probe -"7040": quest-disc -"7070": arcp -"7071": iwg1 -"7080": empowerid -"7088": zixi-transport -"7095": jdp-disc -"7099": lazy-ptop -"7100": font-service -"7101": elcn -"7107": aes-x170 -"7121": virprot-lm -"7128": scenidm -"7129": scenccs -"7161": cabsm-comm -"7162": caistoragemgr -"7163": cacsambroker -"7164": fsr -"7165": doc-server -"7166": aruba-server -"7169": ccag-pib -"7170": nsrp -"7171": drm-production -"7174": clutild -"7181": janus-disc -"7200": fodms -"7201": dlip -"7227": ramp -"7235": aspcoordination -"7244": frc-hicp-disc -"7262": cnap -"7272": watchme-7272 -"7273": oma-rlp -"7274": oma-rlp-s -"7275": oma-ulp -"7276": oma-ilp -"7277": oma-ilp-s -"7278": oma-dcdocbs -"7279": ctxlic -"7280": itactionserver1 -"7281": itactionserver2 -"7282": mzca-alert -"7365": lcm-server -"7391": mindfilesys -"7392": mrssrendezvous -"7393": nfoldman -"7394": fse -"7395": winqedit -"7397": hexarc -"7400": rtps-discovery -"7401": rtps-dd-ut -"7402": rtps-dd-mt -"7410": ionixnetmon -"7411": daqstream -"7421": mtportmon -"7426": pmdmgr -"7427": oveadmgr -"7428": ovladmgr -"7429": opi-sock -"7430": xmpv7 -"7431": pmd -"7437": faximum -"7443": oracleas-https -"7473": rise -"7491": telops-lmd -"7500": silhouette -"7501": ovbus -"7510": ovhpas -"7511": pafec-lm -"7542": saratoga -"7543": atul -"7544": nta-ds -"7545": nta-us -"7546": cfs -"7547": cwmp -"7548": tidp -"7549": nls-tl -"7550": cloudsignaling -"7560": sncp -"7566": vsi-omega -"7570": aries-kfinder -"7574": coherence-disc -"7588": sun-lm -"7606": mipi-debug -"7624": indi -"7627": soap-http -"7628": zen-pawn -"7629": xdas -"7633": pmdfmgt -"7648": cuseeme -"7674": imqtunnels -"7675": imqtunnel -"7676": imqbrokerd -"7677": sun-user-https -"7680": pando-pub -"7689": collaber -"7697": klio -"7707": sync-em7 -"7708": scinet -"7720": medimageportal -"7724": nsdeepfreezectl -"7725": nitrogen -"7726": freezexservice -"7727": trident-data -"7728": osvr -"7734": smip -"7738": aiagent -"7741": scriptview -"7743": sstp-1 -"7744": raqmon-pdu -"7747": prgp -"7777": cbt -"7778": interwise -"7779": vstat -"7781": accu-lmgr -"7784": s-bfd -"7786": minivend -"7787": popup-reminders -"7789": office-tools -"7794": q3ade -"7797": pnet-conn -"7798": pnet-enc -"7799": altbsdp -"7800": asr -"7801": ssp-client -"7802": vns-tp -"7810": rbt-wanopt -"7845": apc-7845 -"7846": apc-7846 -"7872": mipv6tls -"7880": pss -"7887": ubroker -"7900": mevent -"7901": tnos-sp -"7902": tnos-dp -"7903": tnos-dps -"7913": qo-secure -"7932": t2-drm -"7933": t2-brm -"7962": generalsync -"7967": supercell -"7979": micromuse-ncps -"7980": quest-vista -"7982": sossd-disc -"7998": usicontentpush -"7999": irdmi2 -"8000": irdmi -"8001": vcom-tunnel -"8002": teradataordbms -"8003": mcreport -"8005": mxi -"8008": http-alt -"8019": qbdb -"8020": intu-ec-svcdisc -"8021": intu-ec-client -"8022": oa-system -"8025": ca-audit-da -"8026": ca-audit-ds -"8032": pro-ed -"8033": mindprint -"8034": vantronix-mgmt -"8040": ampify -"8052": senomix01 -"8053": senomix02 -"8054": senomix03 -"8055": senomix04 -"8056": senomix05 -"8057": senomix06 -"8058": senomix07 -"8059": senomix08 -"8060": aero -"8074": gadugadu -"8080": http-alt -"8081": sunproxyadmin -"8082": us-cli -"8083": us-srv -"8086": d-s-n -"8087": simplifymedia -"8088": radan-http -"8097": sac -"8100": xprint-server -"8115": mtl8000-matrix -"8116": cp-cluster -"8118": privoxy -"8121": apollo-data -"8122": apollo-admin -"8128": paycash-online -"8129": paycash-wbp -"8130": indigo-vrmi -"8131": indigo-vbcp -"8132": dbabble -"8148": isdd -"8149": eor-game -"8160": patrol -"8161": patrol-snmp -"8182": vmware-fdm -"8184": itach -"8192": spytechphone -"8194": blp1 -"8195": blp2 -"8199": vvr-data -"8200": trivnet1 -"8201": trivnet2 -"8202": aesop -"8204": lm-perfworks -"8205": lm-instmgr -"8206": lm-dta -"8207": lm-sserver -"8208": lm-webwatcher -"8230": rexecj -"8231": hncp-udp-port -"8232": hncp-dtls-port -"8243": synapse-nhttps -"8276": pando-sec -"8280": synapse-nhttp -"8282": libelle-disc -"8292": blp3 -"8294": blp4 -"8300": tmi -"8301": amberon -"8320": tnp-discover -"8321": tnp -"8322": garmin-marine -"8351": server-find -"8376": cruise-enum -"8377": cruise-swroute -"8378": cruise-config -"8379": cruise-diags -"8380": cruise-update -"8383": m2mservices -"8384": marathontp -"8400": cvd -"8401": sabarsd -"8402": abarsd -"8403": admind -"8416": espeech -"8417": espeech-rtp -"8442": cybro-a-bus -"8443": pcsync-https -"8444": pcsync-http -"8445": copy-disc -"8450": npmp -"8472": otv -"8473": vp2p -"8474": noteshare -"8500": fmtp -"8501": cmtp-av -"8503": lsp-self-ping -"8554": rtsp-alt -"8555": d-fence -"8567": dof-tunnel -"8600": asterix -"8609": canon-cpp-disc -"8610": canon-mfnp -"8611": canon-bjnp1 -"8612": canon-bjnp2 -"8613": canon-bjnp3 -"8614": canon-bjnp4 -"8675": msi-cps-rm-disc -"8686": sun-as-jmxrmi -"8732": dtp-net -"8733": ibus -"8763": mc-appserver -"8764": openqueue -"8765": ultraseek-http -"8766": amcs -"8770": dpap -"8786": msgclnt -"8787": msgsrvr -"8793": acd-pm -"8800": sunwebadmin -"8804": truecm -"8873": dxspider -"8880": cddbp-alt -"8883": secure-mqtt -"8888": ddi-udp-1 -"8889": ddi-udp-2 -"8890": ddi-udp-3 -"8891": ddi-udp-4 -"8892": ddi-udp-5 -"8893": ddi-udp-6 -"8894": ddi-udp-7 -"8899": ospf-lite -"8900": jmb-cds1 -"8901": jmb-cds2 -"8910": manyone-http -"8911": manyone-xml -"8912": wcbackup -"8913": dragonfly -"8954": cumulus-admin -"8980": nod-provider -"8981": nod-client -"8989": sunwebadmins -"8990": http-wmap -"8991": https-wmap -"8999": bctp -"9000": cslistener -"9001": etlservicemgr -"9002": dynamid -"9007": ogs-client -"9009": pichat -"9020": tambora -"9021": panagolin-ident -"9022": paragent -"9023": swa-1 -"9024": swa-2 -"9025": swa-3 -"9026": swa-4 -"9060": CardWeb-RT -"9080": glrpc -"9084": aurora -"9085": ibm-rsyscon -"9086": net2display -"9087": classic -"9088": sqlexec -"9089": sqlexec-ssl -"9090": websm -"9091": xmltec-xmlmail -"9092": XmlIpcRegSvc -"9100": pdl-datastream -"9101": bacula-dir -"9102": bacula-fd -"9103": bacula-sd -"9104": peerwire -"9105": xadmin -"9106": astergate-disc -"9119": mxit -"9131": dddp -"9160": apani1 -"9161": apani2 -"9162": apani3 -"9163": apani4 -"9164": apani5 -"9191": sun-as-jpda -"9200": wap-wsp -"9201": wap-wsp-wtp -"9202": wap-wsp-s -"9203": wap-wsp-wtp-s -"9204": wap-vcard -"9205": wap-vcal -"9206": wap-vcard-s -"9207": wap-vcal-s -"9208": rjcdb-vcards -"9209": almobile-system -"9210": oma-mlp -"9211": oma-mlp-s -"9212": serverviewdbms -"9213": serverstart -"9214": ipdcesgbs -"9215": insis -"9216": acme -"9217": fsc-port -"9222": teamcoherence -"9255": mon -"9277": traingpsdata -"9278": pegasus -"9279": pegasus-ctl -"9280": pgps -"9281": swtp-port1 -"9282": swtp-port2 -"9283": callwaveiam -"9284": visd -"9285": n2h2server -"9286": n2receive -"9287": cumulus -"9292": armtechdaemon -"9293": storview -"9294": armcenterhttp -"9295": armcenterhttps -"9300": vrace -"9318": secure-ts -"9321": guibase -"9343": mpidcmgr -"9344": mphlpdmc -"9346": ctechlicensing -"9374": fjdmimgr -"9380": boxp -"9396": fjinvmgr -"9397": mpidcagt -"9400": sec-t4net-srv -"9401": sec-t4net-clt -"9402": sec-pc2fax-srv -"9418": git -"9443": tungsten-https -"9444": wso2esb-console -"9450": sntlkeyssrvr -"9500": ismserver -"9522": sma-spw -"9535": mngsuite -"9536": laes-bf -"9555": trispen-sra -"9592": ldgateway -"9593": cba8 -"9594": msgsys -"9595": pds -"9596": mercury-disc -"9597": pd-admin -"9598": vscp -"9599": robix -"9600": micromuse-ncpw -"9612": streamcomm-ds -"9618": condor -"9628": odbcpathway -"9629": uniport -"9632": mc-comm -"9667": xmms2 -"9668": tec5-sdctp -"9694": client-wakeup -"9695": ccnx -"9700": board-roar -"9747": l5nas-parchan -"9750": board-voip -"9753": rasadv -"9762": tungsten-http -"9800": davsrc -"9801": sstp-2 -"9802": davsrcs -"9875": sapv1 -"9878": kca-service -"9888": cyborg-systems -"9889": gt-proxy -"9898": monkeycom -"9899": sctp-tunneling -"9900": iua -"9901": enrp -"9903": multicast-ping -"9909": domaintime -"9911": sype-transport -"9950": apc-9950 -"9951": apc-9951 -"9952": apc-9952 -"9953": acis -"9955": alljoyn-mcm -"9956": alljoyn -"9966": odnsp -"9987": dsm-scm-target -"9990": osm-appsrvr -"9991": osm-oev -"9992": palace-1 -"9993": palace-2 -"9994": palace-3 -"9995": palace-4 -"9996": palace-5 -"9997": palace-6 -"9998": distinct32 -"9999": distinct -"10000": ndmp -"10001": scp-config -"10002": documentum -"10003": documentum-s -"10007": mvs-capacity -"10008": octopus -"10009": swdtp-sv -"10023": cefd-vmp -"10050": zabbix-agent -"10051": zabbix-trapper -"10080": amanda -"10081": famdc -"10100": itap-ddtp -"10101": ezmeeting-2 -"10102": ezproxy-2 -"10103": ezrelay -"10104": swdtp -"10107": bctp-server -"10110": nmea-0183 -"10111": nmea-onenet -"10113": netiq-endpoint -"10114": netiq-qcheck -"10115": netiq-endpt -"10116": netiq-voipa -"10117": iqrm -"10128": bmc-perf-sd -"10160": qb-db-server -"10161": snmpdtls -"10162": snmpdtls-trap -"10200": trisoap -"10201": rscs -"10252": apollo-relay -"10253": eapol-relay -"10260": axis-wimp-port -"10288": blocks -"10439": bngsync -"10500": hip-nat-t -"10540": MOS-lower -"10541": MOS-upper -"10542": MOS-aux -"10543": MOS-soap -"10544": MOS-soap-opt -"10800": gap -"10805": lpdg -"10810": nmc-disc -"10860": helix -"10880": bveapi -"10990": rmiaux -"11000": irisa -"11001": metasys -"11095": weave -"11106": sgi-lk -"11108": myq-termlink -"11111": vce -"11112": dicom -"11161": suncacao-snmp -"11162": suncacao-jmxmp -"11163": suncacao-rmi -"11164": suncacao-csa -"11165": suncacao-websvc -"11171": snss -"11201": smsqp -"11208": wifree -"11211": memcache -"11319": imip -"11320": imip-channels -"11321": arena-server -"11367": atm-uhas -"11371": hkp -"11430": lsdp -"11600": tempest-port -"11720": h323callsigalt -"11723": emc-xsw-dcache -"11751": intrepid-ssl -"11796": lanschool-mpt -"11876": xoraya -"11877": x2e-disc -"11967": sysinfo-sp -"12000": entextxid -"12001": entextnetwk -"12002": entexthigh -"12003": entextmed -"12004": entextlow -"12005": dbisamserver1 -"12006": dbisamserver2 -"12007": accuracer -"12008": accuracer-dbms -"12009": ghvpn -"12012": vipera -"12013": vipera-ssl -"12109": rets-ssl -"12121": nupaper-ss -"12168": cawas -"12172": hivep -"12300": linogridengine -"12321": warehouse-sss -"12322": warehouse -"12345": italk -"12753": tsaf -"13160": i-zipqd -"13216": bcslogc -"13217": rs-pias -"13218": emc-vcas-udp -"13223": powwow-client -"13224": powwow-server -"13400": doip-disc -"13720": bprd -"13721": bpdbm -"13722": bpjava-msvc -"13724": vnetd -"13782": bpcd -"13783": vopied -"13785": nbdb -"13786": nomdb -"13818": dsmcc-config -"13819": dsmcc-session -"13820": dsmcc-passthru -"13821": dsmcc-download -"13822": dsmcc-ccp -"13894": ucontrol -"13929": dta-systems -"14000": scotty-ft -"14001": sua -"14002": scotty-disc -"14033": sage-best-com1 -"14034": sage-best-com2 -"14141": vcs-app -"14142": icpp -"14145": gcm-app -"14149": vrts-tdd -"14154": vad -"14250": cps -"14414": ca-web-update -"14936": hde-lcesrvr-1 -"14937": hde-lcesrvr-2 -"15000": hydap -"15118": v2g-secc -"15345": xpilot -"15363": 3link -"15555": cisco-snat -"15660": bex-xr -"15740": ptp -"15998": 2ping -"16003": alfin -"16161": sun-sea-port -"16309": etb4j -"16310": pduncs -"16311": pdefmns -"16360": netserialext1 -"16361": netserialext2 -"16367": netserialext3 -"16368": netserialext4 -"16384": connected -"16666": vtp -"16900": newbay-snc-mc -"16950": sgcip -"16991": intel-rci-mp -"16992": amt-soap-http -"16993": amt-soap-https -"16994": amt-redir-tcp -"16995": amt-redir-tls -"17007": isode-dua -"17185": soundsvirtual -"17219": chipper -"17220": avtp -"17221": avdecc -"17222": cpsp -"17224": trdp-pd -"17225": trdp-md -"17234": integrius-stp -"17235": ssh-mgmt -"17500": db-lsp-disc -"17729": ea -"17754": zep -"17755": zigbee-ip -"17756": zigbee-ips -"18000": biimenu -"18181": opsec-cvp -"18182": opsec-ufp -"18183": opsec-sam -"18184": opsec-lea -"18185": opsec-omi -"18186": ohsc -"18187": opsec-ela -"18241": checkpoint-rtm -"18262": gv-pf -"18463": ac-cluster -"18634": rds-ib -"18635": rds-ip -"18668": vdmmesh-disc -"18769": ique -"18881": infotos -"18888": apc-necmp -"19000": igrid -"19007": scintilla -"19191": opsec-uaa -"19194": ua-secureagent -"19220": cora-disc -"19283": keysrvr -"19315": keyshadow -"19398": mtrgtrans -"19410": hp-sco -"19411": hp-sca -"19412": hp-sessmon -"19539": fxuptp -"19540": sxuptp -"19541": jcp -"19788": mle -"19999": dnp-sec -"20000": dnp -"20001": microsan -"20002": commtact-http -"20003": commtact-https -"20005": openwebnet -"20012": ss-idi-disc -"20014": opendeploy -"20034": nburn-id -"20046": tmophl7mts -"20048": mountd -"20049": nfsrdma -"20167": tolfab -"20202": ipdtp-port -"20222": ipulse-ics -"20480": emwavemsg -"20670": track -"20999": athand-mmp -"21000": irtrans -"21554": dfserver -"21590": vofr-gateway -"21800": tvpm -"21845": webphone -"21846": netspeak-is -"21847": netspeak-cs -"21848": netspeak-acd -"21849": netspeak-cps -"22000": snapenetio -"22001": optocontrol -"22002": optohost002 -"22003": optohost003 -"22004": optohost004 -"22005": optohost004 -"22273": wnn6 -"22305": cis -"22335": shrewd-stream -"22343": cis-secure -"22347": wibukey -"22350": codemeter -"22555": vocaltec-phone -"22763": talikaserver -"22800": aws-brf -"22951": brf-gw -"23000": inovaport1 -"23001": inovaport2 -"23002": inovaport3 -"23003": inovaport4 -"23004": inovaport5 -"23005": inovaport6 -"23272": s102 -"23294": 5afe-disc -"23333": elxmgmt -"23400": novar-dbase -"23401": novar-alarm -"23402": novar-global -"24000": med-ltp -"24001": med-fsp-rx -"24002": med-fsp-tx -"24003": med-supp -"24004": med-ovw -"24005": med-ci -"24006": med-net-svc -"24242": filesphere -"24249": vista-4gl -"24321": ild -"24322": hid -"24386": intel-rci -"24465": tonidods -"24554": binkp -"24577": bilobit-update -"24676": canditv -"24677": flashfiler -"24678": proactivate -"24680": tcc-http -"24850": assoc-disc -"24922": find -"25000": icl-twobase1 -"25001": icl-twobase2 -"25002": icl-twobase3 -"25003": icl-twobase4 -"25004": icl-twobase5 -"25005": icl-twobase6 -"25006": icl-twobase7 -"25007": icl-twobase8 -"25008": icl-twobase9 -"25009": icl-twobase10 -"25793": vocaltec-hos -"25900": tasp-net -"25901": niobserver -"25902": nilinkanalyst -"25903": niprobe -"25954": bf-game -"25955": bf-master -"26000": quake -"26133": scscp -"26208": wnn6-ds -"26260": ezproxy -"26261": ezmeeting -"26262": k3software-svr -"26263": k3software-cli -"26486": exoline-udp -"26487": exoconfig -"26489": exonet -"27345": imagepump -"27442": jesmsjc -"27504": kopek-httphead -"27782": ars-vista -"27999": tw-auth-key -"28000": nxlmd -"28119": a27-ran-ran -"28200": voxelstorm -"28240": siemensgsm -"29167": otmp -"30001": pago-services1 -"30002": pago-services2 -"30003": amicon-fpsu-ra -"30004": amicon-fpsu-s -"30260": kingdomsonline -"30832": samsung-disc -"30999": ovobs -"31016": ka-kdp -"31029": yawn -"31416": xqosd -"31457": tetrinet -"31620": lm-mon -"31765": gamesmith-port -"31948": iceedcp-tx -"31949": iceedcp-rx -"32034": iracinghelper -"32249": t1distproc60 -"32483": apm-link -"32635": sec-ntb-clnt -"32636": DMExpress -"32767": filenet-powsrm -"32768": filenet-tms -"32769": filenet-rpc -"32770": filenet-nch -"32771": filenet-rmi -"32772": filenet-pa -"32773": filenet-cm -"32774": filenet-re -"32775": filenet-pch -"32776": filenet-peior -"32777": filenet-obrok -"32801": mlsn -"32896": idmgratm -"33123": aurora-balaena -"33331": diamondport -"33334": speedtrace-disc -"33434": traceroute -"33656": snip-slave -"34249": turbonote-2 -"34378": p-net-local -"34379": p-net-remote -"34567": edi_service -"34962": profinet-rt -"34963": profinet-rtm -"34964": profinet-cm -"34980": ethercat -"35001": rt-viewer -"35004": rt-classmanager -"35100": axio-disc -"35355": altova-lm-disc -"36001": allpeers -"36411": wlcp -"36865": kastenxpipe -"37475": neckar -"37654": unisys-eportal -"38002": crescoctrl-disc -"38201": galaxy7-data -"38202": fairview -"38203": agpolicy -"39681": turbonote-1 -"40000": safetynetp -"40023": k-patentssensor -"40841": cscp -"40842": csccredir -"40843": csccfirewall -"40853": ortec-disc -"41111": fs-qos -"41230": z-wave-s -"41794": crestron-cip -"41795": crestron-ctp -"42508": candp -"42509": candrp -"42510": caerpc -"43000": recvr-rc-disc -"43188": reachout -"43189": ndm-agent-port -"43190": ip-provision -"43210": shaperai-disc -"43439": eq3-config -"43440": ew-disc-cmd -"43441": ciscocsdb -"44321": pmcd -"44322": pmcdproxy -"44544": domiq -"44553": rbr-debug -"44600": asihpi -"44818": EtherNet-IP-2 -"44900": m3da-disc -"45000": asmp-mon -"45054": invision-ag -"45514": cloudcheck-ping -"45678": eba -"45825": qdb2service -"45966": ssr-servermgr -"46999": mediabox -"47000": mbus -"47100": jvl-mactalk -"47557": dbbrowse -"47624": directplaysrvr -"47806": ap -"47808": bacnet -"47809": presonus-ucnet -"48000": nimcontroller -"48001": nimspooler -"48002": nimhub -"48003": nimgtw -"48128": isnetserv -"48129": blp5 -"48556": com-bardac-dw -"48619": iqobject -"48653": robotraconteur diff --git a/modules/netflow/configuration/logstash/dictionaries/tcp_flags.yml b/modules/netflow/configuration/logstash/dictionaries/tcp_flags.yml deleted file mode 100644 index 5538c98df..000000000 --- a/modules/netflow/configuration/logstash/dictionaries/tcp_flags.yml +++ /dev/null @@ -1,256 +0,0 @@ -"0": none -"1": FIN -"2": SYN -"3": FIN-SYN -"4": RST -"5": FIN-RST -"6": SYN-RST -"7": FIN-SYN-RST -"8": PSH -"9": FIN-PSH -"10": SYN-PSH -"11": FIN-SYN-PSH -"12": RST-PSH -"13": FIN-RST-PSH -"14": SYN-RST-PSH -"15": FIN-SYN-RST-PSH -"16": ACK -"17": FIN-ACK -"18": SYN-ACK -"19": FIN-SYN-ACK -"20": RST-ACK -"21": FIN-RST-ACK -"22": SYN-RST-ACK -"23": FIN-SYN-RST-ACK -"24": PSH-ACK -"25": FIN-PSH-ACK -"26": SYN-PSH-ACK -"27": FIN-SYN-PSH-ACK -"28": RST-PSH-ACK -"29": FIN-RST-PSH-ACK -"30": SYN-RST-PSH-ACK -"31": FIN-SYN-RST-PSH-ACK -"32": URG -"33": FIN-URG -"34": SYN-URG -"35": FIN-SYN-URG -"36": RST-URG -"37": FIN-RST-URG -"38": SYN-RST-URG -"39": FIN-SYN-RST-URG -"40": PSH-URG -"41": FIN-PSH-URG -"42": SYN-PSH-URG -"43": FIN-SYN-PSH-URG -"44": RST-PSH-URG -"45": FIN-RST-PSH-URG -"46": SYN-RST-PSH-URG -"47": FIN-SYN-RST-PSH-URG -"48": ACK-URG -"49": FIN-ACK-URG -"50": SYN-ACK-URG -"51": FIN-SYN-ACK-URG -"52": RST-ACK-URG -"53": FIN-RST-ACK-URG -"54": SYN-RST-ACK-URG -"55": FIN-SYN-RST-ACK-URG -"56": PSH-ACK-URG -"57": FIN-PSH-ACK-URG -"58": SYN-PSH-ACK-URG -"59": FIN-SYN-PSH-ACK-URG -"60": RST-PSH-ACK-URG -"61": FIN-RST-PSH-ACK-URG -"62": SYN-RST-PSH-ACK-URG -"63": FIN-SYN-RST-PSH-ACK-URG -"64": ECE -"65": FIN-ECE -"66": SYN-ECE -"67": FIN-SYN-ECE -"68": RST-ECE -"69": FIN-RST-ECE -"70": SYN-RST-ECE -"71": FIN-SYN-RST-ECE -"72": PSH-ECE -"73": FIN-PSH-ECE -"74": SYN-PSH-ECE -"75": FIN-SYN-PSH-ECE -"76": RST-PSH-ECE -"77": FIN-RST-PSH-ECE -"78": SYN-RST-PSH-ECE -"79": FIN-SYN-RST-PSH-ECE -"80": ACK-ECE -"81": FIN-ACK-ECE -"82": SYN-ACK-ECE -"83": FIN-SYN-ACK-ECE -"84": RST-ACK-ECE -"85": FIN-RST-ACK-ECE -"86": SYN-RST-ACK-ECE -"87": FIN-SYN-RST-ACK-ECE -"88": PSH-ACK-ECE -"89": FIN-PSH-ACK-ECE -"90": SYN-PSH-ACK-ECE -"91": FIN-SYN-PSH-ACK-ECE -"92": RST-PSH-ACK-ECE -"93": FIN-RST-PSH-ACK-ECE -"94": SYN-RST-PSH-ACK-ECE -"95": FIN-SYN-RST-PSH-ACK-ECE -"96": URG-ECE -"97": FIN-URG-ECE -"98": SYN-URG-ECE -"99": FIN-SYN-URG-ECE -"100": RST-URG-ECE -"101": FIN-RST-URG-ECE -"102": SYN-RST-URG-ECE -"103": FIN-SYN-RST-URG-ECE -"104": PSH-URG-ECE -"105": FIN-PSH-URG-ECE -"106": SYN-PSH-URG-ECE -"107": FIN-SYN-PSH-URG-ECE -"108": RST-PSH-URG-ECE -"109": FIN-RST-PSH-URG-ECE -"110": SYN-RST-PSH-URG-ECE -"111": FIN-SYN-RST-PSH-URG-ECE -"112": ACK-URG-ECE -"113": FIN-ACK-URG-ECE -"114": SYN-ACK-URG-ECE -"115": FIN-SYN-ACK-URG-ECE -"116": RST-ACK-URG-ECE -"117": FIN-RST-ACK-URG-ECE -"118": SYN-RST-ACK-URG-ECE -"119": FIN-SYN-RST-ACK-URG-ECE -"120": PSH-ACK-URG-ECE -"121": FIN-PSH-ACK-URG-ECE -"122": SYN-PSH-ACK-URG-ECE -"123": FIN-SYN-PSH-ACK-URG-ECE -"124": RST-PSH-ACK-URG-ECE -"125": FIN-RST-PSH-ACK-URG-ECE -"126": SYN-RST-PSH-ACK-URG-ECE -"127": FIN-SYN-RST-PSH-ACK-URG-ECE -"128": CWR -"129": FIN-CWR -"130": SYN-CWR -"131": FIN-SYN-CWR -"132": RST-CWR -"133": FIN-RST-CWR -"134": SYN-RST-CWR -"135": FIN-SYN-RST-CWR -"136": PSH-CWR -"137": FIN-PSH-CWR -"138": SYN-PSH-CWR -"139": FIN-SYN-PSH-CWR -"140": RST-PSH-CWR -"141": FIN-RST-PSH-CWR -"142": SYN-RST-PSH-CWR -"143": FIN-SYN-RST-PSH-CWR -"144": ACK-CWR -"145": FIN-ACK-CWR -"146": SYN-ACK-CWR -"147": FIN-SYN-ACK-CWR -"148": RST-ACK-CWR -"149": FIN-RST-ACK-CWR -"150": SYN-RST-ACK-CWR -"151": FIN-SYN-RST-ACK-CWR -"152": PSH-ACK-CWR -"153": FIN-PSH-ACK-CWR -"154": SYN-PSH-ACK-CWR -"155": FIN-SYN-PSH-ACK-CWR -"156": RST-PSH-ACK-CWR -"157": FIN-RST-PSH-ACK-CWR -"158": SYN-RST-PSH-ACK-CWR -"159": FIN-SYN-RST-PSH-ACK-CWR -"160": URG-CWR -"161": FIN-URG-CWR -"162": SYN-URG-CWR -"163": FIN-SYN-URG-CWR -"164": RST-URG-CWR -"165": FIN-RST-URG-CWR -"166": SYN-RST-URG-CWR -"167": FIN-SYN-RST-URG-CWR -"168": PSH-URG-CWR -"169": FIN-PSH-URG-CWR -"170": SYN-PSH-URG-CWR -"171": FIN-SYN-PSH-URG-CWR -"172": RST-PSH-URG-CWR -"173": FIN-RST-PSH-URG-CWR -"174": SYN-RST-PSH-URG-CWR -"175": FIN-SYN-RST-PSH-URG-CWR -"176": ACK-URG-CWR -"177": FIN-ACK-URG-CWR -"178": SYN-ACK-URG-CWR -"179": FIN-SYN-ACK-URG-CWR -"180": RST-ACK-URG-CWR -"181": FIN-RST-ACK-URG-CWR -"182": SYN-RST-ACK-URG-CWR -"183": FIN-SYN-RST-ACK-URG-CWR -"184": PSH-ACK-URG-CWR -"185": FIN-PSH-ACK-URG-CWR -"186": SYN-PSH-ACK-URG-CWR -"187": FIN-SYN-PSH-ACK-URG-CWR -"188": RST-PSH-ACK-URG-CWR -"189": FIN-RST-PSH-ACK-URG-CWR -"190": SYN-RST-PSH-ACK-URG-CWR -"191": FIN-SYN-RST-PSH-ACK-URG-CWR -"192": ECE-CWR -"193": FIN-ECE-CWR -"194": SYN-ECE-CWR -"195": FIN-SYN-ECE-CWR -"196": RST-ECE-CWR -"197": FIN-RST-ECE-CWR -"198": SYN-RST-ECE-CWR -"199": FIN-SYN-RST-ECE-CWR -"200": PSH-ECE-CWR -"201": FIN-PSH-ECE-CWR -"202": SYN-PSH-ECE-CWR -"203": FIN-SYN-PSH-ECE-CWR -"204": RST-PSH-ECE-CWR -"205": FIN-RST-PSH-ECE-CWR -"206": SYN-RST-PSH-ECE-CWR -"207": FIN-SYN-RST-PSH-ECE-CWR -"208": ACK-ECE-CWR -"209": FIN-ACK-ECE-CWR -"210": SYN-ACK-ECE-CWR -"211": FIN-SYN-ACK-ECE-CWR -"212": RST-ACK-ECE-CWR -"213": FIN-RST-ACK-ECE-CWR -"214": SYN-RST-ACK-ECE-CWR -"215": FIN-SYN-RST-ACK-ECE-CWR -"216": PSH-ACK-ECE-CWR -"217": FIN-PSH-ACK-ECE-CWR -"218": SYN-PSH-ACK-ECE-CWR -"219": FIN-SYN-PSH-ACK-ECE-CWR -"220": RST-PSH-ACK-ECE-CWR -"221": FIN-RST-PSH-ACK-ECE-CWR -"222": SYN-RST-PSH-ACK-ECE-CWR -"223": FIN-SYN-RST-PSH-ACK-ECE-CWR -"224": URG-ECE-CWR -"225": FIN-URG-ECE-CWR -"226": SYN-URG-ECE-CWR -"227": FIN-SYN-URG-ECE-CWR -"228": RST-URG-ECE-CWR -"229": FIN-RST-URG-ECE-CWR -"230": SYN-RST-URG-ECE-CWR -"231": FIN-SYN-RST-URG-ECE-CWR -"232": PSH-URG-ECE-CWR -"233": FIN-PSH-URG-ECE-CWR -"234": SYN-PSH-URG-ECE-CWR -"235": FIN-SYN-PSH-URG-ECE-CWR -"236": RST-PSH-URG-ECE-CWR -"237": FIN-RST-PSH-URG-ECE-CWR -"238": SYN-RST-PSH-URG-ECE-CWR -"239": FIN-SYN-RST-PSH-URG-ECE-CWR -"240": ACK-URG-ECE-CWR -"241": FIN-ACK-URG-ECE-CWR -"242": SYN-ACK-URG-ECE-CWR -"243": FIN-SYN-ACK-URG-ECE-CWR -"244": RST-ACK-URG-ECE-CWR -"245": FIN-RST-ACK-URG-ECE-CWR -"246": SYN-RST-ACK-URG-ECE-CWR -"247": FIN-SYN-RST-ACK-URG-ECE-CWR -"248": PSH-ACK-URG-ECE-CWR -"249": FIN-PSH-ACK-URG-ECE-CWR -"250": SYN-PSH-ACK-URG-ECE-CWR -"251": FIN-SYN-PSH-ACK-URG-ECE-CWR -"252": RST-PSH-ACK-URG-ECE-CWR -"253": FIN-RST-PSH-ACK-URG-ECE-CWR -"254": SYN-RST-PSH-ACK-URG-ECE-CWR -"255": FIN-SYN-RST-PSH-ACK-URG-ECE-CWR diff --git a/modules/netflow/configuration/logstash/netflow.conf.erb b/modules/netflow/configuration/logstash/netflow.conf.erb deleted file mode 100644 index cc8c57583..000000000 --- a/modules/netflow/configuration/logstash/netflow.conf.erb +++ /dev/null @@ -1,627 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -<% deprecation_logger.deprecated("The Netflow module has been deprecated in favor of the Beats Netflow module and may be removed in a future release. Learn more about the Beats Netflow module at https://www.elastic.co/guide/en/beats/filebeat/master/filebeat-module-netflow.html") %> -input { - udp { - type => "netflow" - port => <%= setting("var.input.udp.port", 2055) %> - codec => netflow { - versions => [5,9] - } - workers => <%= setting("var.input.udp.workers", 2) %> - receive_buffer_bytes => <%= setting("var.input.udp.receive_buffer_bytes", 212992) %> - queue_size => <%= setting("var.input.udp.queue_size", 2000) %> - } -} - -filter { - #-------------------- - # The field names for Netflow v5 and v9 differ. We need to normalize to a - # common data model so that we can work with the resulting events in a common manner. - #-------------------- - - # Process Netflow v5 events. - if [netflow][version] == 5 { - mutate { - id => "netflow-v5-normalize" - add_field => { - "[netflow][direction]" => "ingress" - "[netflow][ip_version]" => "IPv4" - } - rename => { - "[netflow][ipv4_src_addr]" => "[netflow][src_addr]" - "[netflow][src_mask]" => "[netflow][src_mask_len]" - "[netflow][l4_src_port]" => "[netflow][src_port]" - "[netflow][ipv4_dst_addr]" => "[netflow][dst_addr]" - "[netflow][dst_mask]" => "[netflow][dst_mask_len]" - "[netflow][l4_dst_port]" => "[netflow][dst_port]" - "[netflow][in_bytes]" => "[netflow][bytes]" - "[netflow][in_pkts]" => "[netflow][packets]" - "[netflow][ipv4_next_hop]" => "[netflow][next_hop]" - "[netflow][src_tos]" => "[netflow][tos]" - } - replace => { - "[netflow][version]" => "Netflow v5" - } - } - } - # Process Netflow v9 events. - else if [netflow][version] == 9 { - mutate { - id => "netflow-v9-normalize-version" - replace => { "[netflow][version]" => "Netflow v9" } - } - - if [netflow][ip_protocol_version] { - mutate { - id => "netflow-v9-normalize-ip_version" - add_field => { "[netflow][ip_version]" => "IPv%{[netflow][ip_protocol_version]}" } - } - } - - # Populate fields with IPv4 or IPv6 specific fields. - if [netflow][ipv4_src_addr] or [netflow][ipv4_dst_addr] or [netflow][ip_protocol_version] == 4 { - if [netflow][ipv4_src_addr] { - mutate { - id => "netflow-v9-normalize-src_addr-from-ipv4_src_addr" - rename => { "[netflow][ipv4_src_addr]" => "[netflow][src_addr]" } - } - } - if [netflow][src_mask] { - mutate { - id => "netflow-v9-normalize-src_mask_len-from-src_mask" - rename => { "[netflow][src_mask]" => "[netflow][src_mask_len]" } - } - } - if [netflow][ipv4_dst_addr] { - mutate { - id => "netflow-v9-normalize-dst_addr-from-ipv4_dst_addr" - rename => { "[netflow][ipv4_dst_addr]" => "[netflow][dst_addr]" } - } - } - if [netflow][dst_mask] { - mutate { - id => "netflow-v9-normalize-dst_mask_len-from-dst_mask" - rename => { "[netflow][dst_mask]" => "[netflow][dst_mask_len]" } - } - } - if [netflow][ipv4_next_hop] { - mutate { - id => "netflow-v9-normalize-next_hop-from-ipv4_next_hop" - rename => { "[netflow][ipv4_next_hop]" => "[netflow][next_hop]" } - } - } - } else if [netflow][ipv6_src_addr] or [netflow][ipv6_dst_addr] or [netflow][ip_protocol_version] == 6 { - if [netflow][ipv6_src_addr] { - mutate { - id => "netflow-v9-normalize-src_addr-from-ipv6_src_addr" - rename => { "[netflow][ipv6_src_addr]" => "[netflow][src_addr]" } - } - } - if [netflow][ipv6_src_mask] { - mutate { - id => "netflow-v9-normalize-src_mask_len-from-ipv6_src_mask" - rename => { "[netflow][ipv6_src_mask]" => "[netflow][src_mask_len]" } - } - } - if [netflow][ipv6_dst_addr] { - mutate { - id => "netflow-v9-normalize-dst_addr-from-ipv6_dst_addr" - rename => { "[netflow][ipv6_dst_addr]" => "[netflow][dst_addr]" } - } - } - if [netflow][ipv6_dst_mask] { - mutate { - id => "netflow-v9-normalize-dst_mask_len-from-ipv6_dst_mask" - rename => { "[netflow][ipv6_dst_mask]" => "[netflow][dst_mask_len]" } - } - } - if [netflow][ipv6_next_hop] { - mutate { - id => "netflow-v9-normalize-next_hop-from-ipv6_next_hop" - rename => { "[netflow][ipv6_next_hop]" => "[netflow][next_hop]" } - } - } - } else { - # Did not recognize IP version. - mutate { - id => "netflow-ip-version-not-recognized" - add_tag => [ "__netflow_ip_version_not_recognized" ] - } - } - - # Populate flow direction (ingress/egress). - if [netflow][direction] == 0 { - mutate { - id => "netflow-v9-normalize-direction-ingress" - replace => { "[netflow][direction]" => "ingress" } - } - } else if [netflow][direction] == 1 { - mutate { - id => "netflow-v9-normalize-direction-egress" - replace => { "[netflow][direction]" => "egress" } - } - } else { - mutate { - id => "netflow-v9-normalize-direction-not-recognized" - add_tag => [ "__netflow_direction_not_recognized" ] - } - } - - # Populate source port. - if [netflow][l4_src_port] { - mutate { - id => "netflow-v9-normalize-src_port_from_l4_src_port" - rename => { "[netflow][l4_src_port]" => "[netflow][src_port]" } - } - } else if [netflow][tcp_src_port] { - mutate { - id => "netflow-v9-normalize-src_port_from_tcp_src_port" - rename => { "[netflow][tcp_src_port]" => "[netflow][src_port]" } - } - } else if [netflow][udp_src_port] { - mutate { - id => "netflow-v9-normalize-src_port_from_udp_src_port" - rename => { "[netflow][udp_src_port]" => "[netflow][src_port]" } - } - } - - # Populate destination port. - if [netflow][l4_dst_port] { - mutate { - id => "netflow-v9-normalize-dst_port_from_l4_dst_port" - rename => { "[netflow][l4_dst_port]" => "[netflow][dst_port]" } - } - } else if [netflow][tcp_dst_port] { - mutate { - id => "netflow-v9-normalize-dst_port_from_tcp_dst_port" - rename => { "[netflow][tcp_dst_port]" => "[netflow][dst_port]" } - } - } else if [netflow][udp_src_port] { - mutate { - id => "netflow-v9-normalize-dst_port_from_udp_src_port" - rename => { "[netflow][udp_dst_port]" => "[netflow][dst_port]" } - } - } - - # Populate bytes transferred in the flow. - if [netflow][in_bytes] { - mutate { - id => "netflow-v9-normalize-bytes-from-in_bytes" - rename => { "[netflow][in_bytes]" => "[netflow][bytes]" } - } - } else if [netflow][out_bytes] { - mutate { - id => "netflow-v9-normalize-bytes-from-out_bytes" - rename => { "[netflow][out_bytes]" => "[netflow][bytes]" } - } - } else if [netflow][in_permanent_bytes] { - mutate { - id => "netflow-v9-normalize-bytes-from-in_permanent_bytes" - rename => { "[netflow][in_permanent_bytes]" => "[netflow][bytes]" } - } - } - if [netflow][bytes] { - mutate { - id => "netflow-v9-normalize-convert-bytes" - convert => { "[netflow][bytes]" => "integer" } - } - } - - # Populate packets transferred in the flow. - if [netflow][in_pkts] { - mutate { - id => "netflow-v9-normalize-packets-from-in_pkts" - rename => { "[netflow][in_pkts]" => "[netflow][packets]" } - } - } else if [netflow][out_pkts] { - mutate { - id => "netflow-v9-normalize-packets-from-out_pkts" - rename => { "[netflow][out_pkts]" => "[netflow][packets]" } - } - } else if [netflow][in_permanent_pkts] { - mutate { - id => "netflow-v9-normalize-packets-from-in_permanent_pkts" - rename => { "[netflow][in_permanent_pkts]" => "[netflow][packets]" } - } - } - if [netflow][packets] { - mutate { - id => "netflow-v9-normalize-convert-packets" - convert => { "[netflow][packets]" => "integer" } - } - } - - # Populate source and destination MAC addresses if available. - if [netflow][in_src_mac] { - mutate { - id => "netflow-v9-normalize-src_mac-from-in_src_mac" - rename => { "[netflow][in_src_mac]" => "[netflow][src_mac]" } - } - } else if [netflow][out_src_mac] { - mutate { - id => "netflow-v9-normalize-src_mac-from-out_src_mac" - rename => { "[netflow][out_src_mac]" => "[netflow][src_mac]" } - } - } - if [netflow][in_dst_mac] { - mutate { - id => "netflow-v9-normalize-dst_mac-from-in_dst_mac" - rename => { "[netflow][in_dst_mac]" => "[netflow][dst_mac]" } - } - } else if [netflow][out_dst_mac] { - mutate { - id => "netflow-v9-normalize-dst_mac-from-out_dst_mac" - rename => { "[netflow][out_dst_mac]" => "[netflow][dst_mac]" } - } - } - - # Populate VLAN if available. - if [netflow][src_vlan] { - mutate { - id => "netflow-v9-normalize-vlan-from-src_vlan" - rename => { "[netflow][src_vlan]" => "[netflow][vlan]" } - } - } else if [netflow][dst_vlan] { - mutate { - id => "netflow-v9-normalize-vlan-from-dst_vlan" - rename => { "[netflow][dst_vlan]" => "[netflow][vlan]" } - } - } - - # Populate TOS if available. - if [netflow][src_tos] { - mutate { - id => "netflow-v9-normalize-tos-from-src_tos" - rename => { "[netflow][src_tos]" => "[netflow][tos]" } - } - } - } - - #-------------------- - # We now have a normalized flow record. The rest of the logic works - # regardless of the Netflow version. - #-------------------- - - # Replace protocol ID with well-known name. - if [netflow][protocol] { - translate { - id => "netflow-postproc-translate-protocol_name" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_protocol_numbers.yml") %>" - field => "[netflow][protocol]" - destination => "[netflow][protocol_name]" - fallback => "UNKNOWN" - } - - # lookup IANA service name for source and destination ports. - if [netflow][protocol] == 6 { # TCP - if [netflow][src_port] { - translate { - id => "netflow-postproc-translate-src_port_name_tcp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml") %>" - field => "[netflow][src_port]" - destination => "[netflow][src_port_name]" - fallback => "__UNKNOWN" - } - } - if [netflow][dst_port] { - translate { - id => "netflow-postproc-translate-dst_port_name_tcp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_tcp.yml") %>" - field => "[netflow][dst_port]" - destination => "[netflow][dst_port_name]" - fallback => "__UNKNOWN" - } - } - } else if [netflow][protocol] == 17 { # UDP - if [netflow][src_port] { - translate { - id => "netflow-postproc-translate-src_port_name_udp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml") %>" - field => "[netflow][src_port]" - destination => "[netflow][src_port_name]" - fallback => "__UNKNOWN" - } - } - if [netflow][dst_port] { - translate { - id => "netflow-postproc-translate-dst_port_name_udp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_udp.yml") %>" - field => "[netflow][dst_port]" - destination => "[netflow][dst_port_name]" - fallback => "__UNKNOWN" - } - } - } else if [netflow][protocol] == 132 { # SCTP - if [netflow][src_port] { - translate { - id => "netflow-postproc-translate-src_port_name_sctp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml") %>" - field => "[netflow][src_port]" - destination => "[netflow][src_port_name]" - fallback => "__UNKNOWN" - } - } - if [netflow][dst_port] { - translate { - id => "netflow-postproc-translate-dst_port_name_sctp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_sctp.yml") %>" - field => "[netflow][dst_port]" - destination => "[netflow][dst_port_name]" - fallback => "__UNKNOWN" - } - } - } else if [netflow][protocol] == 33 { # DCCP - if [netflow][src_port] { - translate { - id => "netflow-postproc-translate-src_port_name_dccp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml") %>" - field => "[netflow][src_port]" - destination => "[netflow][src_port_name]" - fallback => "__UNKNOWN" - } - } - if [netflow][dst_port] { - translate { - id => "netflow-postproc-translate-dst_port_name_dccp" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/iana_service_names_dccp.yml") %>" - field => "[netflow][dst_port]" - destination => "[netflow][dst_port_name]" - fallback => "__UNKNOWN" - } - } - } - - if [netflow][src_port_name] { - if [netflow][src_port_name] == "__UNKNOWN" { - mutate { - id => "netflow-postproc-src_port_name_unknown" - replace => { "[netflow][src_port_name]" => "%{[netflow][protocol_name]}/%{[netflow][src_port]}" } - } - } else { - mutate { - id => "netflow-postproc-src_port_name-prepend-src_port" - replace => { "[netflow][src_port_name]" => "%{[netflow][protocol_name]}/%{[netflow][src_port]} (%{[netflow][src_port_name]})" } - } - } - } - if [netflow][dst_port_name] { - if [netflow][dst_port_name] == "__UNKNOWN" { - mutate { - id => "netflow-postproc-dst_port_name_unknown" - replace => { "[netflow][dst_port_name]" => "%{[netflow][protocol_name]}/%{[netflow][dst_port]}" } - } - } else { - mutate { - id => "netflow-postproc-dest_port_name-prepend-dst_port" - replace => { "[netflow][dst_port_name]" => "%{[netflow][protocol_name]}/%{[netflow][dst_port]} (%{[netflow][dst_port_name]})" } - } - } - } - } - - # Source and Destination IP address processing. - if [netflow][dst_addr] or [netflow][src_addr] { - # Initialize flow_locality to private. This maybe changed to public based on analysis of the source and destination IP addresses below. - mutate { - id => "netflow-postproc-flow_locality-default" - add_field => { "[netflow][flow_locality]" => "private" } - } - - if [netflow][dst_addr] { - # Check if destination IP address is private. - cidr { - id => "netflow-postproc-cidr-dst_addr" - address => [ "%{[netflow][dst_addr]}" ] - network => [ "0.0.0.0/32", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7", "127.0.0.0/8", "::1/128","169.254.0.0/16", "fe80::/10","224.0.0.0/4", "ff00::/8","255.255.255.255/32" ] - add_field => { "[netflow][dst_locality]" => "private" } - } - # Check to see if dst_locality exists. If it doesn't the dst_addr didn't match a private address space and locality must be public. - if ![netflow][dst_locality] { - mutate { - id => "netflow-postproc-dst_addr-public" - add_field => { "[netflow][dst_locality]" => "public" } - replace => { "[netflow][flow_locality]" => "public" } - } - geoip { - id => "netflow-postproc-geoip_dst-city" - source => "[netflow][dst_addr]" - default_database_type => "City" - target => "[geoip_dst]" - } - geoip { - id => "netflow-postproc-geoip_dst-asn" - source => "[netflow][dst_addr]" - default_database_type => "ASN" - target => "[geoip_dst]" - } - # Populate geoip_dst.autonomous_system. - if [geoip_dst][as_org] { - if [geoip_dst][asn] { - mutate { - id => "netflow-postproc-dst-as-from-as_org-asn" - add_field => { "[geoip_dst][autonomous_system]" => "%{[geoip_dst][as_org]} (%{[geoip_dst][asn]})" } - } - } else { - mutate { - id => "netflow-postproc-dst-as-from-as_org" - add_field => { "[geoip_dst][autonomous_system]" => "%{[geoip_dst][as_org]}" } - } - } - } else if [geoip_dst][asn] { - mutate { - id => "netflow-postproc-dst-as-from-asn" - add_field => { "[geoip_dst][autonomous_system]" => "%{[geoip_dst][asn]}" } - } - } - } else { - mutate { - id => "netflow-postproc-dst-as-private" - add_field => { "[geoip_dst][autonomous_system]" => "PRIVATE" } - } - } - } - - if [netflow][src_addr] { - # Check if source IP address is private. - cidr { - id => "netflow-postproc-cidr-src_addr" - address => [ "%{[netflow][src_addr]}" ] - network => [ "0.0.0.0/32", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7", "127.0.0.0/8", "::1/128", "169.254.0.0/16", "fe80::/10", "224.0.0.0/4", "ff00::/8", "255.255.255.255/32", "::" ] - add_field => { "[netflow][src_locality]" => "private" } - } - # Check to see if src_locality exists. If it doesn't the src_addr didn't match a private address space and locality must be public. - if ![netflow][src_locality] { - mutate { - id => "netflow-postproc-src_addr-public" - add_field => { "[netflow][src_locality]" => "public" } - replace => { "[netflow][flow_locality]" => "public" } - } - geoip { - id => "netflow-postproc-geoip_src-city" - source => "[netflow][src_addr]" - default_database_type => "City" - target => "[geoip_src]" - } - geoip { - id => "netflow-postproc-geoip_src-asn" - source => "[netflow][src_addr]" - default_database_type => "ASN" - target => "[geoip_src]" - } - # Populate geoip_src.autonomous_system. - if [geoip_src][as_org] { - if [geoip_src][asn] { - mutate { - id => "netflow-postproc-src-as-from-as_org-asn" - add_field => { "[geoip_src][autonomous_system]" => "%{[geoip_src][as_org]} (%{[geoip_src][asn]})" } - } - } else { - mutate { - id => "netflow-postproc-src-as-from-as_org" - add_field => { "[geoip_src][autonomous_system]" => "%{[geoip_src][as_org]}" } - } - } - } else if [geoip_src][asn] { - mutate { - id => "netflow-postproc-src-as-from-asn" - add_field => { "[geoip_src][autonomous_system]" => "%{[geoip_src][asn]}" } - } - } - } else { - mutate { - id => "netflow-postproc-src-as-private" - add_field => { "[geoip_src][autonomous_system]" => "PRIVATE" } - } - } - } - - # Lookup geolocation of external traffic. Source IP has priority over destination IP. - if [netflow][src_locality] == "public" { - geoip { - id => "netflow-postproc-geoip-city-src" - source => "[netflow][src_addr]" - default_database_type => "City" - } - geoip { - id => "netflow-postproc-geoip-asn-src" - source => "[netflow][src_addr]" - default_database_type => "ASN" - } - } else if [netflow][dst_locality] == "public" { - geoip { - id => "netflow-postproc-geoip-city-dst" - source => "[netflow][dst_addr]" - default_database_type => "City" - } - geoip { - id => "netflow-postproc-geoip-asn-dst" - source => "[netflow][dst_addr]" - default_database_type => "ASN" - } - } - # Populate geoip.autonomous_system. - if [geoip][as_org] { - if [geoip][asn] { - mutate { - id => "netflow-postproc-as-from-as_org-asn" - add_field => { "[geoip][autonomous_system]" => "%{[geoip][as_org]} (%{[geoip][asn]})" } - } - } else { - mutate { - id => "netflow-postproc-as-from-as_org" - add_field => { "[geoip][autonomous_system]" => "%{[geoip][as_org]}" } - } - } - } else if [geoip][asn] { - mutate { - id => "netflow-postproc-as-from-asn" - add_field => { "[geoip][autonomous_system]" => "%{[geoip][asn]}" } - } - } - } - - # Process TCP flags. - if [netflow][tcp_flags] { - # Add TCP flags label. - translate { - id => "netflow-postproc-translate-tcp_flags_label" - dictionary_path => "<%= ::File.join(LogStash::Environment::LOGSTASH_HOME, "/modules/netflow/configuration/logstash/dictionaries/tcp_flags.yml") %>" - field => "[netflow][tcp_flags]" - destination => "[netflow][tcp_flags_label]" - fallback => "%{[netflow][tcp_flags]}" - } - - # Create array of TCP flag tags. - ruby { - id => "netflow-postproc-ruby-tcp_flags_tags" - code => " - flags =[] - if event.get('[netflow][tcp_flags]').to_i & 1 > 0 - flags.push('FIN') - end - if event.get('[netflow][tcp_flags]').to_i & 2 > 0 - flags.push('SYN') - end - if event.get('[netflow][tcp_flags]').to_i & 4 > 0 - flags.push('RST') - end - if event.get('[netflow][tcp_flags]').to_i & 8 > 0 - flags.push('PSH') - end - if event.get('[netflow][tcp_flags]').to_i & 16 > 0 - flags.push('ACK') - end - if event.get('[netflow][tcp_flags]').to_i & 32 > 0 - flags.push('URG') - end - if event.get('[netflow][tcp_flags]').to_i & 64 > 0 - flags.push('ECE') - end - if event.get('[netflow][tcp_flags]').to_i & 128 > 0 - flags.push('CWR') - end - event.set('[netflow][tcp_flag_tags]', flags) - " - } - } -} - -output { -<%= elasticsearch_output_config() %> -} diff --git a/modules/netflow/lib/logstash_registry.rb b/modules/netflow/lib/logstash_registry.rb deleted file mode 100644 index c722e1120..000000000 --- a/modules/netflow/lib/logstash_registry.rb +++ /dev/null @@ -1,18 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -LogStash::PLUGIN_REGISTRY.add(:modules, "netflow", LogStash::Modules::Scaffold.new("netflow", File.join(File.dirname(__FILE__), "..", "configuration"))) diff --git a/x-pack/lib/x-pack/logstash_registry.rb b/x-pack/lib/x-pack/logstash_registry.rb index c14335802..de0063e64 100644 --- a/x-pack/lib/x-pack/logstash_registry.rb +++ b/x-pack/lib/x-pack/logstash_registry.rb @@ -3,7 +3,7 @@ # you may not use this file except in compliance with the Elastic License. require "logstash/runner" # needed for LogStash::XPACK_PATH -xpack_modules = ["azure", "arcsight"] +xpack_modules = ["arcsight"] xpack_modules.each do |name| $LOAD_PATH << File.join(LogStash::XPACK_PATH, "modules", name, "lib") end @@ -15,7 +15,6 @@ require "monitoring/outputs/elasticsearch_monitoring" require "config_management/extension" require "geoip_database_management/extension" require "modules/xpack_scaffold" -require "filters/azure_event" LogStash::PLUGIN_REGISTRY.add(:input, "metrics", LogStash::Inputs::Metrics) LogStash::PLUGIN_REGISTRY.add(:output, "elasticsearch_monitoring", LogStash::Outputs::ElasticSearchMonitoring) @@ -31,5 +30,3 @@ xpack_modules.each do |name| LogStash::PLUGIN_REGISTRY.add(:modules, name, LogStash::Modules::XpackScaffold.new(name, path, license_levels[name])) end - -LogStash::PLUGIN_REGISTRY.add(:filter, "azure_event", LogStash::Filters::AzureEvent) diff --git a/x-pack/modules/azure/README.md b/x-pack/modules/azure/README.md deleted file mode 100644 index bdf58f3f2..000000000 --- a/x-pack/modules/azure/README.md +++ /dev/null @@ -1,115 +0,0 @@ -Azure Module ----------- - -Example configurations: - -## Basic - -All configuration is shared between Event Hubs - -```yaml -modules: - - name: azure - var.elasticsearch.hosts: "localhost:9200" - var.kibana.host: "localhost:5601" - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: "logstash" - var.input.azure_event_hubs.storage_connection: "DefaultEndpointsProtocol=https;AccountName=example...." - var.input.azure_event_hubs.event_hub_connections: - - "Endpoint=sb://example1...EntityPath=insights-logs-errors" - - "Endpoint=sb://example2...EntityPath=insights-metrics-pt1m" -``` - -## Advanced - -Configuration may be Event Hub specific. Requires 'header' array with 'name' as first position, and other options (in any order) labeled. Will use the 'global' config if not defined per Event Hub. The per Event Hub configuration takes precedence. For example, in the below example 'consumer_group' will be applied to each of the configured Event Hubs. 'decorate_events' is defined in both the 'global' and per Event Hub configuration, the per Event Hub configuration takes precedence, and the 'global' configuration is effectively ignored. - -```yaml -modules: - - name: azure - var.elasticsearch.hosts: "localhost:9200" - var.kibana.host: "localhost:5601" - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: logstash - var.input.azure_event_hubs.event_hubs: - - ["name", "event_hub_connection", "storage_connection", "initial_position", "decorate_events"] - - ["insights-operational-logs", "Endpoint=sb://example1...", "DefaultEndpointsProtocol=https;AccountName=example1....", "HEAD", "true"] - - ["insights-metrics-pt1m", "Endpoint=sb://example2...", "DefaultEndpointsProtocol=https;AccountName=example2....", "TAIL", "true"] - - ["insights-logs-errors", "Endpoint=sb://example3...", "DefaultEndpointsProtocol=https;AccountName=example3....", "TAIL", "false"] - - ["insights-operational-logs", "Endpoint=sb://example4...", "DefaultEndpointsProtocol=https;AccountName=example4....", "HEAD", "true"] -``` -## Command Line - -Basic mode with a single Event Hub is supported from the command line. The array syntax may not be used in the command line variant: -``` -bin/logstash --modules azure -M "azure.var.elasticsearch.host=es.mycloud.com" -M "azure.var.input.azure_event_hubs.threads=8" -M "azure.var.input.azure_event_hubs.consumer_group=logstash" -M "azure.var.input.azure_event_hubs.decorate_events=true" -M "azure.var.input.azure_event_hubs.event_hub_connections=Endpoint=sb://example1...EntityPath=insights-logs-errors" -M "azure.var.input.azure_event_hubs.storage_connection=DefaultEndpointsProtocol=https;AccountName=example...." -``` - -### Azure module schema - -This module reads data from the Azure Event Hub and adds some additional structure to the data for Activity Logs and SQL Diagnostics. The original data is always preserved and any data added or parsed will be namespaced under 'azure'. For example, 'azure.subscription' may have been parsed from a longer more complex URN. - -| name | description | note| -|--------------------- | ----------- | --- | -| azure.subscription | The Azure subscription from which this data originates. | Some Activity Log events may not be associated with a subscription. -| azure.group | The primary type of data. Current values are either 'activity_log' or 'sql_diagnostics' | -| azure.category* | The secondary type of data specific to group from which the data originated | -| azure.provider | The Azure provider | -| azure.resource_group | The Azure resource group | -| azure.resource_type | The Azure resource type | -| azure.resource_name | The Azure resource name | -| azure.database | The Azure database name, for display purposes | SQL Diagnostics only | -| azure.db_unique_id | The Azure database name that is garunteed to be unique | SQL Diagnostics only | -| azure.server | The Azure server for the database | SQL Diagnostics only | -| azure.server_and_database | The Azure server and database combined | SQL Diagnostics only | -| azure.metadata | Any @metadata added by the plugins, for example ` var.input.azure_event_hubs.decorate_events: true` | - -* Activity Logs can have the following categories: "Administrative", "ServiceHealth", "Alert", "Autoscale", "Security" -* SQL Diagnostics can have the following categories: "Metric", "Blocks", "Errors", "Timeouts", "QueryStoreRuntimeStatistics", "QueryStoreWaitStatistics", "DatabaseWaitStatistics", "SQLInsights" - -Microsoft documents it's Activity log schema [here](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema), and the SQL Diagnostics data is documented [here](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-metrics-diag-logging). However, Elastic does not own these data models and as such can make any assurances of it's accuracy or passivity. - -#### Special note - Properties field - -Many of the logs contain a "properties" top level field. This is often where the most interesting data lives. There is not a fixed schema between log types for properties fields coming from different sources. This can cause mapping errors when shipping the data to Elasticsearch. For example, one log may have `properties.type` where one log sets this a String type and another sets this an Integer type. To avoid mapping errors, the original properties field is moved to `__properties.`. For example `properties.type` may end up as `sql_diagnostics_Errors_properties.type` or `activity_log_Security_properties.type` depending on the group/category from where the event originated. - - -## Testing - -Testing is modules is easiest with Docker and Docker compose to stand up instances of Elasticsearch and Kibana. Below is a Docker compose file that can be used for quick testing. - -```dockerfile -version: '3' - -# docker-compose up --force-recreate - -services: - - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:6.2.4 - ports: - - "9200:9200" - - "9300:9300" - environment: - ES_JAVA_OPTS: "-Xmx512m -Xms512m" - discovery.type: "single-node" - networks: - - ek - - kibana: - image: docker.elastic.co/kibana/kibana:6.2.4 - ports: - - "5601:5601" - networks: - - ek - depends_on: - - elasticsearch - -networks: - ek: - driver: bridge -``` - - diff --git a/x-pack/modules/azure/configuration/elasticsearch/azure.json b/x-pack/modules/azure/configuration/elasticsearch/azure.json deleted file mode 100644 index 9e0466037..000000000 --- a/x-pack/modules/azure/configuration/elasticsearch/azure.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "index_patterns" : "azure-*", - "version" : 1, - "settings" : { - "index.refresh_interval" : "5s", - "number_of_shards": 1 - }, - "mappings" : { - "dynamic_templates" : [ { - "message_field" : { - "path_match" : "message", - "match_mapping_type" : "string", - "mapping" : { - "type" : "text", - "norms" : false - } - } - }, { - "string_fields" : { - "match" : "*", - "match_mapping_type" : "string", - "mapping" : { - "type" : "text", "norms" : false, - "fields" : { - "keyword" : { "type": "keyword", "ignore_above": 256 } - } - } - } - } ], - "properties" : { - "@timestamp": { "type": "date"}, - "@version": { "type": "keyword"}, - "geoip" : { - "dynamic": true, - "properties" : { - "ip": { "type": "ip" }, - "location" : { "type" : "geo_point" }, - "latitude" : { "type" : "half_float" }, - "longitude" : { "type" : "half_float" } - } - } - } - } -} \ No newline at end of file diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index cb38d3519..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] User Activity", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":14,\"w\":12,\"h\":5,\"i\":\"2\"},\"embeddableConfig\":{\"mapCenter\":[35.746512259918504,-29.443359375000004],\"mapZoom\":3},\"id\":\"7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Global User Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":2,\"w\":6,\"h\":6,\"i\":\"17\"},\"id\":\"a0340090-1389-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Users\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"26\",\"gridData\":{\"x\":6,\"y\":0,\"w\":6,\"h\":2,\"i\":\"26\"},\"id\":\"fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b\",\"title\":\"User Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"29\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"29\"},\"id\":\"5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"32\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"32\"},\"id\":\"aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"33\",\"gridData\":{\"x\":6,\"y\":2,\"w\":6,\"h\":2,\"i\":\"33\"},\"id\":\"27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Access Requests\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"34\",\"gridData\":{\"x\":6,\"y\":4,\"w\":6,\"h\":4,\"i\":\"34\"},\"id\":\"fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Resource Changes\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"35\",\"gridData\":{\"x\":6,\"y\":11,\"w\":6,\"h\":3,\"i\":\"35\"},\"id\":\"f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Resource Groups\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"37\",\"gridData\":{\"x\":0,\"y\":8,\"w\":6,\"h\":6,\"i\":\"37\"},\"id\":\"f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Caller IPs\",\"type\":\"visualization\",\"version\":\"6.2.1\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}}},{\"panelIndex\":\"38\",\"gridData\":{\"x\":6,\"y\":8,\"w\":6,\"h\":3,\"i\":\"38\"},\"id\":\"2e863080-1bef-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Resource Types\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0ae717b94..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] Alerts", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"1\"},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":4,\"w\":6,\"h\":1,\"i\":\"15\"},\"id\":\"15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":0,\"y\":5,\"w\":12,\"h\":30,\"i\":\"16\"},\"id\":\"f802b0b0-1211-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alerts Viewer\",\"type\":\"search\",\"version\":\"6.2.1\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":2,\"w\":6,\"h\":2,\"i\":\"17\"},\"id\":\"94e47b60-1385-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alert Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"18\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"18\"},\"id\":\"8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"19\",\"gridData\":{\"x\":6,\"y\":0,\"w\":6,\"h\":5,\"i\":\"19\"},\"embeddableConfig\":{\"vis\":{\"colors\":{\"0 - 12\":\"#F9D9F9\",\"12 - 23\":\"#E5A8E2\",\"23 - 34\":\"#D683CE\",\"34 - 45\":\"#BA43A9\"},\"defaultColors\":{\"0 - 12\":\"rgb(247,252,245)\",\"12 - 23\":\"rgb(199,233,192)\",\"23 - 34\":\"rgb(116,196,118)\",\"34 - 45\":\"rgb(35,139,69)\"},\"legendOpen\":false}},\"id\":\"2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alerts Heatmap\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a5a26a34f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Overview", - "hits": 0, - "description": "", - "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":1,\"i\":\"1\",\"w\":7,\"x\":0,\"y\":2},\"id\":\"b98ec5a0-0706-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"1\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"3\",\"w\":5,\"x\":7,\"y\":2},\"id\":\"009a25c0-07d9-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"3\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"5\",\"w\":5,\"x\":7,\"y\":6},\"id\":\"85cee3b0-07df-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"5\",\"title\":\"Database Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"6\",\"w\":5,\"x\":7,\"y\":10},\"id\":\"418ce210-07e4-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"6\",\"title\":\"Query Duration (ms)\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"7\",\"w\":5,\"x\":7,\"y\":12},\"id\":\"a71ed100-07e5-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"7\",\"title\":\"Query Wait Time (ms)\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"table\":{\"sort\":{\"column\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"order\":\"desc\"}}},\"gridData\":{\"h\":7,\"i\":\"9\",\"w\":7,\"x\":0,\"y\":3},\"id\":\"880a53f0-080f-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"9\",\"title\":\"Databases\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"11\",\"w\":5,\"x\":7,\"y\":8},\"id\":\"5465b680-0809-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"11\",\"title\":\"Read & Write I/O\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":1,\"i\":\"12\",\"w\":7,\"x\":0,\"y\":0},\"id\":\"68dd8530-083f-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"12\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":6,\"i\":\"13\",\"w\":7,\"x\":0,\"y\":10},\"id\":\"2060bce0-0840-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"13\",\"title\":\"Servers\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":1,\"i\":\"16\",\"w\":7,\"x\":0,\"y\":1},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"16\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"19\",\"w\":5,\"x\":7,\"y\":4},\"id\":\"eb4363d0-0986-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"19\",\"title\":\"Storage Used\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"20\",\"w\":5,\"x\":7,\"y\":0},\"id\":\"6bab50c0-0877-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"20\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"azure-*\",\"key\":\"azure.subscription.keyword\",\"negate\":false,\"params\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\"},\"query\":{\"match\":{\"azure.subscription.keyword\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 34cbb8b9e..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Queries", - "hits": 0, - "description": "", - "panelsJSON": "[{\"gridData\":{\"h\":2,\"i\":\"11\",\"w\":5,\"x\":7,\"y\":2},\"id\":\"6d71abf0-0842-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"11\",\"title\":\"Query Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"12\",\"w\":5,\"x\":2,\"y\":2},\"id\":\"518cb600-0842-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"12\",\"title\":\"Query Duration\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"23\",\"w\":3,\"x\":6,\"y\":0},\"id\":\"d02c64c0-08a0-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"23\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":1,\"i\":\"25\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"20a043b0-13c1-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"25\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"27\",\"w\":2,\"x\":0,\"y\":2},\"id\":\"3fb82260-1527-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"27\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"28\",\"w\":3,\"x\":9,\"y\":0},\"id\":\"5dbd8b20-08a1-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"28\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":9,\"i\":\"29\",\"w\":12,\"x\":0,\"y\":4},\"id\":\"35de9400-1526-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"29\",\"title\":\"Top Queries\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"30\",\"w\":6,\"x\":0,\"y\":1},\"id\":\"db0ec510-152d-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"30\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 3b4bbe2a7..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Database View", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"4\",\"gridData\":{\"x\":6,\"y\":4,\"w\":6,\"h\":2,\"i\":\"4\"},\"id\":\"5465b680-0809-11e8-adb5-e1a2d559cdf5\",\"title\":\"Read & Write I/O\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"5\"},\"id\":\"68dd8530-083f-11e8-adb5-e1a2d559cdf5\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":0,\"y\":4,\"w\":6,\"h\":2,\"i\":\"14\"},\"id\":\"9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5\",\"title\":\"Database Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"15\"},\"id\":\"88dcf980-084c-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"18\",\"gridData\":{\"x\":9,\"y\":2,\"w\":3,\"h\":2,\"i\":\"18\"},\"id\":\"90ed5940-0850-11e8-93e5-299e2b5c963a\",\"title\":\"Database Size\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"23\",\"gridData\":{\"x\":6,\"y\":0,\"w\":3,\"h\":2,\"i\":\"23\"},\"id\":\"d02c64c0-08a0-11e8-93e5-299e2b5c963a\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"24\",\"gridData\":{\"x\":9,\"y\":0,\"w\":3,\"h\":2,\"i\":\"24\"},\"id\":\"5dbd8b20-08a1-11e8-93e5-299e2b5c963a\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"25\",\"gridData\":{\"x\":6,\"y\":2,\"w\":3,\"h\":2,\"i\":\"25\"},\"id\":\"5ff32870-08a4-11e8-93e5-299e2b5c963a\",\"title\":\"Storage Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"28\",\"gridData\":{\"x\":4,\"y\":2,\"w\":2,\"h\":1,\"i\":\"28\"},\"id\":\"e7ac55f0-0c9d-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"29\",\"gridData\":{\"x\":0,\"y\":3,\"w\":4,\"h\":1,\"i\":\"29\"},\"id\":\"f819a870-0c9d-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"30\",\"gridData\":{\"x\":0,\"y\":2,\"w\":4,\"h\":1,\"i\":\"30\"},\"id\":\"59510c50-0c9e-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"31\",\"gridData\":{\"x\":4,\"y\":3,\"w\":2,\"h\":1,\"i\":\"31\"},\"id\":\"72ab38b0-0c9e-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"title\":\"Errors Viewer\",\"panelIndex\":\"32\",\"gridData\":{\"x\":0,\"y\":6,\"w\":12,\"h\":6,\"i\":\"32\"},\"id\":\"5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b\",\"type\":\"search\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"key\":\"azure.db_unique_id.keyword\",\"negate\":false,\"params\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\"},\"query\":{\"match\":{\"azure.db_unique_id.keyword\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/azure.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/azure.json deleted file mode 100644 index 38a051af5..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/azure.json +++ /dev/null @@ -1,8 +0,0 @@ -[ - "06fa0b60-121a-11e8-8c94-a3d8d0cfd62b", - "16302750-1223-11e8-8c94-a3d8d0cfd62b", - "91ba2090-07cb-11e8-adb5-e1a2d559cdf5", - "9adef750-08b0-11e8-93e5-299e2b5c963a", - "aaf909b0-0800-11e8-adb5-e1a2d559cdf5", - "f110f010-11fc-11e8-8c94-a3d8d0cfd62b" -] diff --git a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 66fd9916d..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] Overview", - "hits": 0, - "description": "", - "panelsJSON": "[{\"gridData\":{\"h\":1,\"i\":\"1\",\"w\":6,\"x\":0,\"y\":1},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"1\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"4\",\"w\":6,\"x\":6,\"y\":0},\"id\":\"0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"4\",\"title\":\"Activity Level\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"11\",\"w\":6,\"x\":0,\"y\":2},\"id\":\"ccabf560-1208-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"11\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"14\",\"w\":6,\"x\":6,\"y\":9},\"id\":\"23e31d20-1215-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"14\",\"title\":\"Alerts\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"15\",\"w\":6,\"x\":6,\"y\":11},\"id\":\"15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"15\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"19\",\"w\":6,\"x\":0,\"y\":9},\"id\":\"053b9cc0-137e-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"19\",\"title\":\"Service Health\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"20\",\"w\":6,\"x\":0,\"y\":11},\"id\":\"33072240-137f-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"20\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":15,\"i\":\"21\",\"w\":12,\"x\":0,\"y\":12},\"id\":\"3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"21\",\"title\":\"Service Health Viewer\",\"type\":\"search\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":4,\"i\":\"23\",\"w\":6,\"x\":0,\"y\":5},\"id\":\"19c51b50-138b-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"23\",\"title\":\"Top Resource Groups\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":5,\"i\":\"24\",\"w\":6,\"x\":6,\"y\":4},\"id\":\"e9391690-1226-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"24\",\"title\":\"Resource Changes\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"25\",\"w\":6,\"x\":0,\"y\":3},\"id\":\"df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"25\",\"title\":\"Top Active Users\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"26\",\"w\":6,\"x\":6,\"y\":2},\"id\":\"1c885a30-13b0-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"26\",\"title\":\"Access Requests\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"27\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"25eb1470-13bd-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"27\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"azure-*\",\"key\":\"azure.subscription.keyword\",\"negate\":false,\"params\":{\"query\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\"},\"query\":{\"match\":{\"azure.subscription.keyword\":{\"query\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/index-pattern/azure.json b/x-pack/modules/azure/configuration/kibana/6.x/index-pattern/azure.json deleted file mode 100644 index 1a1677166..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/index-pattern/azure.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "title" : "azure-*", - "timeFieldName" : "@timestamp", - "fields" : "[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"LogicalServerName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"LogicalServerName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ResourceGroup\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ResourceGroup.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"SubscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"SubscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.deploymentId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.deploymentId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.aadTenantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.aadTenantId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.activeSince\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.activeSince.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.component\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.component.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionAggregation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionAggregation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperator\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperator.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperatorRaw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperatorRaw.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionThreshold\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionWindowSize\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.dateTimestampUtc\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.dateTimestampUtc.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.firstSample\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.firstSample.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.lastSample\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.lastSample.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricScale\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricUnit\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricUnit.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricValue\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.resourceName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.resourceName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.sampleCount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.source\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.source.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.policies\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.policies.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.requestbody\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.requestbody.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.resourceLocation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.resourceLocation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.responseBody\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.responseBody.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.serviceRequestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.serviceRequestId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.statusCode\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.statusCode.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.statusMessage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.statusMessage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Aggregation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Aggregation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricUnit\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricUnit.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.Operator\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Operator.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleUri\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleUri.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.Threshold\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.WindowSizeInMinutes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.eventDataId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.eventDataId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.eventTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceGroup\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceGroup.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.channels\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.channels.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.correlationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.correlationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.description.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventDataId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventDataId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communication\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communication.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communicationId\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageContent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageContent.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageTitle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageTitle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactMitigationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactStartTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ImpactedRegions.RegionName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ImpactedRegions.RegionName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ServiceName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ServiceName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.incidentType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.incidentType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.service\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.service.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.stage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.stage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.title.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.trackingId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.trackingId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventSource\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventSource.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.level\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.level.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.communication\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.communication.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.communicationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.communicationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageContent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageContent.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageTitle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageTitle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactMitigationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactStartTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactedServices\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactedServices.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.incidentType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.incidentType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.service\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.service.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.stage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.stage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.title.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.trackingId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.trackingId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.submissionTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"average\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.database\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.database.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.db_unique_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.db_unique_id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.consumer_group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.consumer_group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.event_size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.offset\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.offset.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.partition\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.partition.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.processor_host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.processor_host.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.sequence\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.timestamp\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.provider\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.provider.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.server\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.server.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.server_and_database\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.server_and_database.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.subscription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.subscription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"callerIpAddress\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"callerIpAddress.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"correlationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"correlationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"durationMs\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.city_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.continent_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_code2.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_code3.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.postal_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.region_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.region_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.timezone.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.action\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.action.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.principalId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.principalId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.principalType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.principalType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.role\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.role.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleAssignmentId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleAssignmentId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleAssignmentScope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleAssignmentScope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleDefinitionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleDefinitionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.scope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.scope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims._claim_names\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims._claim_names.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims._claim_sources\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims._claim_sources.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.aio\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.aio.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.appid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.appid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.appidacr\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.appidacr.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.aud\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.aud.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.e_exp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.e_exp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.exp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.exp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnclassreference\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnclassreference.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnmethodsreferences\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnmethodsreferences.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/identityprovider\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/identityprovider.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/objectidentifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/objectidentifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/scope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/scope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/tenantid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/tenantid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.iat\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.iat.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.in_corp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.in_corp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.ipaddr\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.ipaddr.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.iss\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.iss.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.nbf\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.nbf.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.onprem_sid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.onprem_sid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.puid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.puid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.uti\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.uti.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.ver\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.ver.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"level\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"level.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"location\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"maximum\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"metricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"minimum\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resourceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resourceId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultSignature\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultSignature.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.blocked_process_filtered\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.blocked_process_filtered.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.lock_mode\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.lock_mode.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.resource_owner_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.resource_owner_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_max_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_signal_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_waiting_tasks_count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.end_utc_date\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.start_utc_date\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.wait_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.wait_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.error_number\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.message.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.severity\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.state\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.user_defined\",\"type\":\"boolean\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.count_executions\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.cpu_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.dop\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.execution_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.interval_end_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.interval_start_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.log_bytes_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_writes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_cpu_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_dop\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_log_bytes_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_logical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_logical_io_writes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_num_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_query_max_used_memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_rowcount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.num_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.plan_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_max_used_memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.rowcount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.statement_sql_handle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.statement_sql_handle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.count_executions\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.exec_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.interval_end_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.interval_start_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.is_parameterizable\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.is_parameterizable.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.max_query_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.plan_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_param_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_key_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_key_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_sql_handle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_sql_handle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.wait_category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.wait_category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tags.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"timeGrain\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"timeGrain.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/x-pack/modules/azure/configuration/kibana/6.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e5764017b..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "title": "Service Health Search [Azure Monitor][Activity Log]", - "description": "", - "hits": 0, - "columns": [ - "resultDescription", - "resultType" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:activity_log AND azure.category:ServiceHealth\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"resultType\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"key\":\"resultType\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\"}}]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e146e44ed..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "title": "Errors Viewer [Azure Monitor][SQL DB]", - "description": "", - "hits": 0, - "columns": [ - "sql_diagnostics_Errors_properties.message", - "sql_diagnostics_Errors_properties.error_number" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:sql_diagnostics AND azure.category:Errors\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 271a1ed91..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "title": "SQL Diagnostics [Azure Monitor]", - "description": "", - "hits": 0, - "columns": [ - "_source" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"azure.group: \\\"sql_diagnostics\\\"\",\"language\":\"lucene\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 17ff6dbcb..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "title": "Alerts Search [Azure Monitor][Activity Log]", - "description": "", - "hits": 0, - "columns": [ - "resultDescription", - "resultType", - "azure.provider", - "azure.resource_name", - "azure.resource_group" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:activity_log AND azure.category:Alert\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a3c126a77..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors [Azure Monitor]", - "visState": "{\"title\":\"Errors [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Errors\",\"split_filters\":[{\"filter\":\"data.category:Errors\",\"label\":\"Errors\",\"color\":\"rgba(255,57,36,1)\",\"id\":\"ead38060-07d8-11e8-ac3e-4b165adb3935\"}]},{\"id\":\"2c144750-0881-11e8-b3d6-f7127beb4493\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"2c144751-0881-11e8-b3d6-f7127beb4493\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"split_filters\":[{\"color\":\"rgba(244,78,59,1)\",\"id\":\"41fc5760-0881-11e8-b3d6-f7127beb4493\"}],\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND category:Errors\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 38a6efff2..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Service Health Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Active\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved\",\"filter\":\"resultType:Resolved\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:ServiceHealth\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e71714f38..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top 3 Users [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Top 3 Users [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"type\": \"histogram\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 200\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"bottom\",\n \"show\": false,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 75,\n \"filter\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Events\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": true,\n \"type\": \"histogram\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Events\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Events\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 3,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Users\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Events\": \"#019B8F\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b24fa95ad..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Deletions [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Deletions [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND identity.authorization.action:*delete\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index f0b2a257b..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Administrative Activity Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Administrative Activity Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"label\":\"Actions\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log and azure.category:Administrative\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2ce078e3f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions Tag Cloud [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Subscriptions Tag Cloud [Azure Monitor][Activity Log]\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":6,\"maxFontSize\":20},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.subscription.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 167de25bf..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Count [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Alerts Count [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Alerts\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"resultType:Activated\"\n },\n \"label\": \"Activated\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Resolved\"\n },\n \"label\": \"Resolved\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Succeeded\"\n },\n \"label\": \"Succeeded\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND azure.category:Alert\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index d150483d4..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Testing", - "visState": "{\"title\":\"Testing\",\"type\":\"heatmap\",\"params\":{\"type\":\"heatmap\",\"addTooltip\":true,\"addLegend\":true,\"enableHover\":false,\"legendPosition\":\"right\",\"times\":[],\"colorsNumber\":4,\"colorSchema\":\"Greens\",\"setColorRange\":false,\"colorsRange\":[],\"invertColors\":false,\"percentageMode\":false,\"valueAxes\":[{\"show\":false,\"id\":\"ValueAxis-1\",\"type\":\"value\",\"scale\":{\"type\":\"linear\",\"defaultYExtents\":false},\"labels\":{\"show\":false,\"rotate\":0,\"color\":\"#555\"}}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 23\":\"rgb(247,252,245)\",\"23 - 45\":\"rgb(199,233,192)\",\"45 - 68\":\"rgb(116,196,118)\",\"68 - 90\":\"rgb(35,139,69)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5c2bd424a..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Group [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Activity by Resource Group [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"type\": \"histogram\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 200\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"bottom\",\n \"show\": false,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 75,\n \"filter\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Count\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": true,\n \"type\": \"histogram\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Count\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Group\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Count\": \"#019B8F\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 0b74c6d18..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Stats [Azure Monitor]", - "visState": "{\"title\":\"Storage Stats [Azure Monitor]\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":50},{\"from\":50,\"to\":75},{\"from\":75,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"Storage Used\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"AVG\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"MAX\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 50\":\"rgb(0,104,55)\",\"50 - 75\":\"rgb(255,255,190)\",\"75 - 100\":\"rgb(165,0,38)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:storage_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c08df944f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Authorization Activity [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Authorization Activity [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"filter\":\"resultType:Success\",\"label\":\"Success\"},{\"id\":\"8a097400-13af-11e8-bdbe-d961aa20f52a\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8a097401-13af-11e8-bdbe-d961aa20f52a\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"filter\":\"resultType:Failed\",\"label\":\"Failure\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND operationName:*LISTKEYS*\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 6fbb02d09..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Servers [Azure Monitor]", - "visState": "{\n \"title\": \"Servers [Azure Monitor]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showMeticsAtAllLevels\": false,\n \"showPartialRows\": false,\n \"showTotal\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"customLabel\": \"DBs\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.server.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Server\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Group\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Subscription\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 54decf417..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation SQL DB Queries [Azure Monitor]", - "visState": "{\"title\":\"Navigation SQL DB Queries [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [**SQL DB Queries**](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e1cec4ac0..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Activated\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved or Succeeded\",\"filter\":\"resultType:Resolved OR resultType:Succeeded\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Alert\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index c9f251d8c..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top Queries [Azure Monitor]", - "visState": "{\"title\":\"Top Queries [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"3\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.duration\",\"customLabel\":\"Max Duration (ms)\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.duration\",\"customLabel\":\"Average Duration (ms)\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Executions\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.query_hash.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Hash\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.category:QueryStoreRuntimeStatistics\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c206fdbbb..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Overview [Azure Monitor]", - "visState": "{\"title\":\"Navigation Overview [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[**Overview**](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 73b173eee..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Authorization Activity User [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Authorization Activity User [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"filter\":\"resultType:Success\",\"label\":\"Success\"},{\"id\":\"8a097400-13af-11e8-bdbe-d961aa20f52a\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8a097401-13af-11e8-bdbe-d961aa20f52a\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"filter\":\"resultType:Fail\",\"label\":\"Failure\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND operationName:*LISTKEYS* AND azure.category:Administrative AND _exists_:identity.claims.name\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 777895899..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Heatmap [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Heatmap [Azure Monitor][Activity Log]\",\"type\":\"heatmap\",\"params\":{\"type\":\"heatmap\",\"addTooltip\":true,\"addLegend\":true,\"enableHover\":false,\"legendPosition\":\"right\",\"times\":[],\"colorsNumber\":4,\"colorSchema\":\"Reds\",\"setColorRange\":false,\"colorsRange\":[{\"from\":0,\"to\":null}],\"invertColors\":false,\"percentageMode\":false,\"valueAxes\":[{\"show\":false,\"id\":\"ValueAxis-1\",\"type\":\"value\",\"scale\":{\"type\":\"linear\",\"defaultYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"color\":\"#555\"}}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.provider.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Provider\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 12\":\"rgb(255,245,240)\",\"12 - 23\":\"rgb(252,187,161)\",\"23 - 34\":\"rgb(251,106,74)\",\"34 - 45\":\"rgb(203,24,29)\"},\"colors\":{\"34 - 45\":\"#BA43A9\",\"23 - 34\":\"#D683CE\",\"12 - 23\":\"#E5A8E2\",\"0 - 12\":\"#F9D9F9\"},\"legendOpen\":true}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b307c6fc0..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Type Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Type Breakdown [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 83aa35b65..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Count [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Service Health Count [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Incidents\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"resultType:Active\"\n },\n \"label\": \"Activated\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Resolved\"\n },\n \"label\": \"Resolved\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND azure.category:ServiceHealth\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 081256e6d..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Viewer [Azure Monitor][SQL DB]", - "visState": "{\n \"title\": \"Query Viewer [Azure Monitor][SQL DB]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 20,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": 5,\n \"direction\": \"desc\"\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Query ID\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"avg\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\n \"customLabel\": \"Average Duration (ms)\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Query Hash\"\n }\n },\n {\n \"id\": \"6\",\n \"enabled\": true,\n \"type\": \"max\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\n \"customLabel\": \"Max Duration (ms)\"\n }\n },\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Executions\"\n }\n },\n {\n \"id\": \"7\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.plan_id\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"5\",\n \"customLabel\": \"Plan ID\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": 5,\n \"direction\": \"desc\"\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND _exists_:sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 91dbf39fe..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts List [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts List [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resultDescription.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Alert\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"activity_log_Alert_properties.eventProperties.status.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Status\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"azure.resource_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":557,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 549c4edad..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Count [Azure Monitor][SQL DB]", - "visState": "{\n \"title\": \"Query Count [Azure Monitor][SQL DB]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 20\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Queries Executed\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND _exists_:sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a7821c539..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Duration (ms) [Azure Monitor]", - "visState": "{\"title\":\"Query Duration (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"a5439470-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"bf5c2ed0-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Query Duration\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"4e9246e0-07e3-11e8-a756-61fb48b75e56\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"terms_size\":\"3\",\"value_template\":\"{{value}}\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 8a510c53e..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions [Azure Monitor]", - "visState": "{\"title\":\"Subscriptions [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_name.keyword\",\"customLabel\":\"Databases\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"subscription.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Subscription\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 37cf9e9c2..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Duration (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Query Duration (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"rgba(0,191,179,1)\",\"fill\":\"0.1\",\"formatter\":\"0a\",\"hide_in_legend\":1,\"id\":\"a5439470-07fd-11e8-92fe-81a50acfdb07\",\"label\":\"Query Duration\",\"line_width\":\"1\",\"metrics\":[{\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\"id\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\"},{\"field\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"id\":\"bf5c2ed0-07fd-11e8-92fe-81a50acfdb07\",\"minimize\":0,\"model\":\"simple\",\"settings\":\"\",\"type\":\"moving_average\",\"window\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"value_template\":\"{{value}} ms\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\",\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index de8a66937..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Read and Write I/O [Azure Monitor]", - "visState": "{\"title\":\"Read and Write I/O [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Logical Reads\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Logical Writes\"},{\"id\":\"53f923f0-0807-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"53f923f1-0807-11e8-b19d-a7e960a5b5ca\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.physical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"03ccee50-0809-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"53f923f1-0807-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Physical Reads\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 66df7cf62..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 1 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 1 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Database\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 9413e4b73..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors [Azure Monitor]", - "visState": "{\n \"title\": \"Errors [Azure Monitor]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showMeticsAtAllLevels\": false,\n \"showPartialRows\": false,\n \"showTotal\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"@timestamp\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Timestamp\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.message.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Error\"\n }\n },\n {\n \"id\": \"7\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.error_number\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 200,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Error #\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.DatabaseName.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Database\"\n }\n },\n {\n \"id\": \"6\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.ElasticPoolName.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 20,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Elastic Pool\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"azure.group:sql_diagnostics AND azure.category:Errors\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 22374e8f1..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors Single [Azure Monitor]", - "visState": "{\"title\":\"Errors Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"label\":\"Errors\",\"split_filters\":[{\"filter\":\"data.category:Errors\",\"label\":\"Errors\",\"color\":\"rgba(255,57,36,1)\",\"id\":\"ead38060-07d8-11e8-ac3e-4b165adb3935\"}]}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND azure.category:Errors\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5701ce362..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Combo [Azure Monitor]", - "visState": "{\"title\":\"Select Combo [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.subscription.keyword\",\"label\":\"Subscription\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}},{\"id\":\"1518843942322\",\"indexPattern\":\"azure-*\",\"fieldName\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"label\":\"User Email\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index afccb38f3..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Utilization Single [Azure Monitor]", - "visState": "{\"title\":\"Storage Utilization Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"azure.group:sql_diagnostics AND metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b79a12364..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Category Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Category Breakdown [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.category.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b43bd480b..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Service Health Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Service Health\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:ServiceHealth\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index b007f7b0f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Overview Info [Azure Monitor]", - "visState": "{\"title\":\"Database Overview Info [Azure Monitor]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":18}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_name\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Database\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"server.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Server\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_group.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Resource Group\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"subscription.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Subscription\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 5fa22ba21..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation SQL DB [Azure Monitor]", - "visState": "{\"title\":\"Navigation SQL DB [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [**SQL DB**](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 55d8ddd9c..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Utilization [Azure Monitor]", - "visState": "{\"title\":\"DTU Utilization [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"b75f7650-0876-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:dtu_consumption_percent\",\"label\":\"DTU %\",\"color\":\"#68BC00\",\"id\":\"bdf1be60-0876-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"DTU\",\"value_template\":\"{{value}}%\"},{\"id\":\"e92aa790-0876-11e8-8a9e-77e15a1ba1ec\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"e92aa791-0876-11e8-8a9e-77e15a1ba1ec\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"1544c900-0877-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"e92aa791-0876-11e8-8a9e-77e15a1ba1ec\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\",\"terms_direction\":\"desc\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:dtu_consumption_percent\",\"axis_max\":\"100\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 3b62e3024..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Wait Time (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Query Wait Time (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"07fbc160-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"197b9550-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":\"1\",\"fill\":\"0.1\",\"stacked\":\"none\",\"label\":\"Query Wait Time\",\"value_template\":\"{{value}} ms\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index d9e84abb8..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Creations [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND identity.authorization.action:*write\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 2a0151044..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 3 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 3 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Resource Group\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0d05c4a07..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Alerts\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 630900bc7..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Resource Group [Azure Monitor]", - "visState": "{\"title\":\"Select Resource Group [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"d6962b40-06f5-11e8-adb5-e1a2d559cdf5\",\"fieldName\":\"resource_group.keyword\",\"label\":\"Resource Group\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index ff6aa714f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Geo Activity [Azure Monitor]", - "visState": "{\"title\":\"Geo Activity [Azure Monitor]\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.1&license=c16ab9db-b270-4466-9535-a15cb66a4df5\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"

© OpenStreetMap contributors | Elastic Maps Service

\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.1&license=c16ab9db-b270-4466-9535-a15cb66a4df5\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"

© OpenStreetMap contributors | Elastic Maps Service

\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 1710b2dcd..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Blockings Single [Azure Monitor]", - "visState": "{\"title\":\"Blockings Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Blockings\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND data.category:Blocks\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 7fe90e777..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Server [Azure Monitor]", - "visState": "{\"title\":\"Select Server [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"fieldName\":\"azure.server.keyword\",\"label\":\"Server\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index b3672233d..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Wait Time (ms) [Azure Monitor]", - "visState": "{\"title\":\"Database Wait Time (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"0dc3f820-07fc-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"2fecef10-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"DB Wait\",\"value_template\":\"{{value}} ms\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":null,\"window\":\"\",\"model\":\"simple\",\"id\":\"2c2449f0-07de-11e8-ac3e-4b165adb3935\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"split_filters\":[{\"color\":\"#68BC00\",\"id\":\"7383c5f0-07de-11e8-ac3e-4b165adb3935\"}],\"terms_field\":\"azure.resource_name.keyword\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"split_color_mode\":\"gradient\",\"terms_size\":\"3\",\"hide_in_legend\":0,\"value_template\":\"{{value}} ms\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index cad198ece..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Databases [Azure Monitor]", - "visState": "{\"title\":\"Databases [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"axis_formatter\":\"number\",\"axis_max\":\"100\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"8f26aa90-0872-11e8-8a9e-77e15a1ba1ec\"}],\"drilldown_url\":\"#dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5?_a=(description:'',filters:!(('$state':(store:appState),meta:(alias:!n,controlledBy:'1517598395667',disabled:!f,index:'73e18ac0-104c-11e8-8c94-a3d8d0cfd62b',key:azure.db_unique_id.keyword,negate:!f,params:(query:'{{key}}',type:phrase),type:phrase,value:'{{key}}'),query:(match:(azure.db_unique_id.keyword:(query:'{{key}}',type:phrase))))))\",\"filter\":\"azure.group:sql_diagnostics\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"pivot_id\":\"azure.db_unique_id.keyword\",\"pivot_label\":\"Database\",\"pivot_rows\":\"20\",\"series\":[{\"aggregate_by\":null,\"aggregate_function\":null,\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"color_rules\":[{\"id\":\"dfdd33f0-0872-11e8-8a9e-77e15a1ba1ec\",\"opperator\":\"gte\",\"text\":\"rgba(244,78,59,1)\",\"value\":75}],\"fill\":\"0.8\",\"filter\":\"metricName:dtu_consumption_percent\",\"formatter\":null,\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"DTU\",\"line_width\":\"3\",\"metrics\":[{\"field\":\"average\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"offset_time\":\"\",\"point_size\":1,\"seperate_axis\":0,\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":\"data.metricName:dtu_consumption_percent\",\"id\":\"5cc3d630-080f-11e8-b19d-a7e960a5b5ca\",\"label\":\"DTU %\"}],\"split_mode\":\"filters\",\"stacked\":\"none\",\"trend_arrows\":0,\"value_template\":\"{{value}}%\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"color_rules\":[{\"id\":\"632bf0a0-0875-11e8-8a9e-77e15a1ba1ec\"}],\"fill\":0.5,\"filter\":\"azure.category:Errors\",\"formatter\":\"number\",\"id\":\"4b4159d0-0875-11e8-8a9e-77e15a1ba1ec\",\"label\":\"Errors\",\"line_width\":1,\"metrics\":[{\"id\":\"4b4159d1-0875-11e8-8a9e-77e15a1ba1ec\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"table\"},\"aggs\":[]}", - "uiStateJSON": "{\"table\":{\"sort\":{\"column\":\"4b4159d0-0875-11e8-8a9e-77e15a1ba1ec\",\"order\":\"desc\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index edbff7648..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Database [Azure Monitor]", - "visState": "{\"title\":\"Select Database [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.db_unique_id.keyword\",\"label\":\"Database\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"size\":20,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 361aa5017..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Subscription [Azure Monitor]", - "visState": "{\"title\":\"Select Subscription [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.subscription.keyword\",\"label\":\"Select Subscription\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c283a2cdc..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Alerts [Azure Monitor]", - "visState": "{\"title\":\"Navigation Alerts [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [**Alerts**](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index cbb859488..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Administrative Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Administrative Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Administrative\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Administrative\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 51bf4679b..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Size [Azure Monitor]", - "visState": "{\"title\":\"Database Size [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"bytes\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage\",\"label\":\"Storage Used\",\"color\":\"#68BC00\",\"id\":\"5b487040-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"GB\",\"hide_in_legend\":1}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:storage\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2cf6ddee4..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions 2 [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Creations and Deletions 2 [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":\"identity.authorization.action:*write\"},\"label\":\"Creations\"},{\"input\":{\"query\":\"identity.authorization.action:*delete\"},\"label\":\"Deletions\"}]}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e4507d79f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Overview 2 [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Overview 2 [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Activated\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved or Succeeded\",\"filter\":\"resultType:Resolved OR resultType:Succeeded\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Alert\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 2c4fcde9c..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top Queries [Azure Monitor]", - "visState": "{\"title\":\"Top Queries [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"table\",\"series\":[{\"id\":\"556ca980-08a9-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"556ca981-08a9-11e8-b3d6-f7127beb4493\",\"type\":\"max\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"id\":\"57810a90-08a9-11e8-b3d6-f7127beb4493\"}],\"label\":\"Query ID\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"id\":\"6c7a15a0-087b-11e8-b3d6-f7127beb4493\"}],\"label\":\"Average Duration (ms)\"},{\"id\":\"374a3590-087b-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"374a3591-087b-11e8-b3d6-f7127beb4493\",\"type\":\"max\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"label\":\"Max Duration (ms)\",\"color_rules\":[{\"id\":\"8a84f8d0-087b-11e8-b3d6-f7127beb4493\"}]},{\"id\":\"f6966090-087b-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"f6966091-087b-11e8-b3d6-f7127beb4493\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"label\":\"Executions\",\"color_rules\":[{\"id\":\"34c7b3f0-087c-11e8-b3d6-f7127beb4493\"}]}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"bar_color_rules\":[{\"id\":\"f31ebb70-087a-11e8-b3d6-f7127beb4493\"}],\"pivot_id\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\"pivot_label\":\"Query Hash\",\"pivot_rows\":\"20\",\"filter\":\"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND NOT sql_diagnostics_query_store_runtime_stats_properties.query_id:0\"},\"aggs\":[]}", - "uiStateJSON": "{\"table\":{\"sort\":{\"column\":\"556ca980-08a9-11e8-b3d6-f7127beb4493\",\"order\":\"asc\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a0e0847fa..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Wait Time (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Database Wait Time (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"0dc3f820-07fc-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"2fecef10-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Database Wait Time (ms)\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0c802415b..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Users List [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Users List [Azure Monitor][Activity Log]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 20,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Email\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"First Name\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Last Name\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"callerIpAddress.keyword\",\n \"customLabel\": \"IPs\"\n }\n },\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Actions\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 45bee3a0e..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Wait Time (ms) [Azure Monitor]", - "visState": "{\"title\":\"Query Wait Time (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"07fbc160-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"197b9550-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":\"1\",\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Query Wait\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"833d0680-07e5-11e8-a756-61fb48b75e56\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2add45a51..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Users [Azure Monitor]", - "visState": "{\"title\":\"Navigation Users [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [**Users**](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index a1a20c3c6..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Timeouts Single [Azure Monitor]", - "visState": "{\"title\":\"Timeouts Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Timeouts\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND data.category:Timeouts\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index bf9bb614c..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Databases++ [Azure Monitor]", - "visState": "{\"title\":\"Databases++ [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"Average DTU %\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resource_name.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Database\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"server.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Server\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resource_group.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Resource Group\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"Max DTU %\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 6c3c4bae4..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Category Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Category Breakdown [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":false,\"rotate\":75,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Events\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.category.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Category\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 7c855e9b9..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "SQL DB Overview [Azure Monitor]", - "visState": "{\"title\":\"SQL DB Overview [Azure Monitor]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"colorSchema\":\"Green to Red\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"style\":{\"fontSize\":15,\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#d3d3d3\"},\"metricColorMode\":\"None\"}},\"aggs\":[{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.resource_name.keyword\",\"customLabel\":\"Databases\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.server.keyword\",\"customLabel\":\"Servers\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"customLabel\":\"Resource Groups\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.subscription.keyword\",\"customLabel\":\"Subscriptions\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"},\"colors\":{\"0 - 100\":\"#64B0C8\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:\\\"sql_diagnostics\\\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0b578552a..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Geo Count [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Geo Count [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index ac18fcc5f..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity Log Overview [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Activity Log Overview [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"colorSchema\": \"Green to Red\",\n \"useRange\": false,\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"invertColors\": false,\n \"labels\": {\n \"show\": true,\n \"color\": \"black\"\n },\n \"style\": {\n \"fontSize\": 18,\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"bgFill\": \"#d3d3d3\"\n },\n \"metricColorMode\": \"None\"\n }\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"customLabel\": \"Resources\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"customLabel\": \"Users\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"customLabel\": \"Resource Groups\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"customLabel\": \"Subscriptions\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n },\n \"colors\": {\n \"0 - 100\": \"#64B0C8\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index db4371f87..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Timeouts [Azure Monitor]", - "visState": "{\"title\":\"Timeouts [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Timeouts\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"\",\"terms_field\":\"resource_name.keyword\"}],\"time_field\":\"data.time\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"data.category:Timeouts\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 69e900e68..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Utilization Single [Azure Monitor]", - "visState": "{\"title\":\"DTU Utilization Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"4b2cfff0-08a0-11e8-b3d6-f7127beb4493\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"axis_max\":\"100\",\"label\":\"DTU\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:dtu_consumption_percent\",\"axis_max\":\"100\",\"annotations\":[]},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index e937a9f84..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Stats [Azure Monitor]", - "visState": "{\"title\":\"DTU Stats [Azure Monitor]\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":50},{\"from\":50,\"to\":75},{\"from\":75,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"DTU\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"AVG\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"MAX\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 50\":\"rgb(0,104,55)\",\"50 - 75\":\"rgb(255,255,190)\",\"75 - 100\":\"rgb(165,0,38)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c420c12f2..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Database Query Combo [Azure Monitor][SQL DB]", - "visState": "{\"title\":\"Select Database Query Combo [Azure Monitor][SQL DB]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1519014869989\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.db_unique_id.keyword\",\"label\":\"Database\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":20,\"order\":\"desc\"}},{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\"label\":\"Query ID\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"size\":20,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 7877e8eed..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select User Email [Azure Monitor]", - "visState": "{\"title\":\"Select User Email [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"fieldName\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"label\":\"Select User Email\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index dcf792692..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Users Tag Cloud [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Users Tag Cloud [Azure Monitor][Activity Log]\",\n \"type\": \"tagcloud\",\n \"params\": {\n \"scale\": \"linear\",\n \"orientation\": \"single\",\n \"minFontSize\": 12,\n \"maxFontSize\": 32,\n \"hideLabel\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 83545560a..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions Breakdown Pie [Azure Monitor]", - "visState": "{\"title\":\"Subscriptions Breakdown Pie [Azure Monitor]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":false,\"last_level\":false,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"subscription.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"resource_group.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"server.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 5966ab392..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 2 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 2 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.server.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Server\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5db4e02c9..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Resource Creations and Deletions [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"labels\": {\n \"filter\": false,\n \"rotate\": 0,\n \"show\": true,\n \"truncate\": 200\n },\n \"position\": \"left\",\n \"scale\": {\n \"type\": \"linear\"\n },\n \"show\": true,\n \"style\": {},\n \"title\": {},\n \"type\": \"category\"\n }\n ],\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"legendPosition\": \"right\",\n \"seriesParams\": [\n {\n \"data\": {\n \"id\": \"1\",\n \"label\": \"Count\"\n },\n \"drawLinesBetweenPoints\": true,\n \"mode\": \"stacked\",\n \"show\": true,\n \"showCircles\": true,\n \"type\": \"histogram\",\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"times\": [],\n \"type\": \"histogram\",\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"labels\": {\n \"filter\": true,\n \"rotate\": 75,\n \"show\": true,\n \"truncate\": 100\n },\n \"name\": \"LeftAxis-1\",\n \"position\": \"bottom\",\n \"scale\": {\n \"mode\": \"normal\",\n \"type\": \"linear\"\n },\n \"show\": false,\n \"style\": {},\n \"title\": {\n \"text\": \"Count\"\n },\n \"type\": \"value\"\n }\n ]\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_type.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Type\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*write\"\n },\n \"label\": \"Creations\"\n },\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*delete\"\n },\n \"label\": \"Deletions\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Creations\": \"#019B8F\",\n \"Deletions\": \"#AF0058\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 3e636c899..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Used [Azure Monitor]", - "visState": "{\"title\":\"Storage Used [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"data.average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"data.metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 7f544c3c2..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Used [Azure Monitor]", - "visState": "{\"title\":\"Storage Used [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage Used\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"},{\"id\":\"86f2d910-0986-11e8-8938-f3a79168be7b\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"86f2d911-0986-11e8-8938-f3a79168be7b\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"d4c68dd0-0986-11e8-8938-f3a79168be7b\",\"type\":\"moving_average\",\"field\":\"86f2d911-0986-11e8-8938-f3a79168be7b\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.resour\",\"label\":\"\",\"color\":\"#68BC00\",\"id\":\"b5af6ac0-0986-11e8-8938-f3a79168be7b\"}],\"label\":\"\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"azure.group:sql_diagnostics AND metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 8fe16ff09..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Queries Markdown [Azure Monitor]", - "visState": "{\"title\":\"Queries Markdown [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Queries\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2c69ee7f3..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Type [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Activity by Resource Type [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Type\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index d1461be94..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Blockings [Azure Monitor]", - "visState": "{\"title\":\"Blockings [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Blockings\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"\",\"terms_field\":\"resource_name.keyword\"}],\"time_field\":\"data.time\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"data.category:Blocks\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c06cad48a..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Group User [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Activity by Resource Group User [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false,\"colors\":{\"Count\":\"#019B8F\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index a9cd12865..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 4 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 4 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Subscription\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2d2b03e5c..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Caller IP [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Caller IP [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"callerIpAddress.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":1000,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Caller IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Email\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5bd256b87..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions User [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Resource Creations and Deletions User [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"labels\": {\n \"filter\": false,\n \"rotate\": 0,\n \"show\": true,\n \"truncate\": 200\n },\n \"position\": \"left\",\n \"scale\": {\n \"type\": \"linear\"\n },\n \"show\": true,\n \"style\": {},\n \"title\": {},\n \"type\": \"category\"\n }\n ],\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"legendPosition\": \"right\",\n \"seriesParams\": [\n {\n \"data\": {\n \"id\": \"1\",\n \"label\": \"Count\"\n },\n \"drawLinesBetweenPoints\": true,\n \"mode\": \"stacked\",\n \"show\": true,\n \"showCircles\": true,\n \"type\": \"histogram\",\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"times\": [],\n \"type\": \"histogram\",\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"labels\": {\n \"filter\": true,\n \"rotate\": 75,\n \"show\": true,\n \"truncate\": 100\n },\n \"name\": \"LeftAxis-1\",\n \"position\": \"bottom\",\n \"scale\": {\n \"mode\": \"normal\",\n \"type\": \"linear\"\n },\n \"show\": false,\n \"style\": {},\n \"title\": {\n \"text\": \"Count\"\n },\n \"type\": \"value\"\n }\n ]\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_type.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Type\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*write\"\n },\n \"label\": \"Creations\"\n },\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*delete\"\n },\n \"label\": \"Deletions\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Creations\": \"#019B8F\",\n \"Deletions\": \"#AF0058\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND _exists_:identity.claims.name\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/6.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/6.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 243874d30..000000000 --- a/x-pack/modules/azure/configuration/kibana/6.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "User Activity Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"User Activity Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"label\":\"Actions\",\"split_filters\":[{\"filter\":\"_exists_:identity.claims.name\",\"label\":\"\",\"color\":\"rgba(244,78,59,1)\",\"id\":\"a5302500-1399-11e8-a699-f390e75f4dd5\"}],\"filter\":\"\",\"hide_in_legend\":0}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Administrative AND _exists_:identity.claims.name\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index cb38d3519..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] User Activity", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":14,\"w\":12,\"h\":5,\"i\":\"2\"},\"embeddableConfig\":{\"mapCenter\":[35.746512259918504,-29.443359375000004],\"mapZoom\":3},\"id\":\"7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Global User Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":2,\"w\":6,\"h\":6,\"i\":\"17\"},\"id\":\"a0340090-1389-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Users\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"26\",\"gridData\":{\"x\":6,\"y\":0,\"w\":6,\"h\":2,\"i\":\"26\"},\"id\":\"fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b\",\"title\":\"User Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"29\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"29\"},\"id\":\"5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"32\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"32\"},\"id\":\"aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"33\",\"gridData\":{\"x\":6,\"y\":2,\"w\":6,\"h\":2,\"i\":\"33\"},\"id\":\"27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Access Requests\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"34\",\"gridData\":{\"x\":6,\"y\":4,\"w\":6,\"h\":4,\"i\":\"34\"},\"id\":\"fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Resource Changes\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"35\",\"gridData\":{\"x\":6,\"y\":11,\"w\":6,\"h\":3,\"i\":\"35\"},\"id\":\"f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Resource Groups\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"37\",\"gridData\":{\"x\":0,\"y\":8,\"w\":6,\"h\":6,\"i\":\"37\"},\"id\":\"f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Caller IPs\",\"type\":\"visualization\",\"version\":\"6.2.1\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}}},{\"panelIndex\":\"38\",\"gridData\":{\"x\":6,\"y\":8,\"w\":6,\"h\":3,\"i\":\"38\"},\"id\":\"2e863080-1bef-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Top Resource Types\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0ae717b94..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] Alerts", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"1\"},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":4,\"w\":6,\"h\":1,\"i\":\"15\"},\"id\":\"15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":0,\"y\":5,\"w\":12,\"h\":30,\"i\":\"16\"},\"id\":\"f802b0b0-1211-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alerts Viewer\",\"type\":\"search\",\"version\":\"6.2.1\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":2,\"w\":6,\"h\":2,\"i\":\"17\"},\"id\":\"94e47b60-1385-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alert Activity\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"18\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"18\"},\"id\":\"8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"panelIndex\":\"19\",\"gridData\":{\"x\":6,\"y\":0,\"w\":6,\"h\":5,\"i\":\"19\"},\"embeddableConfig\":{\"vis\":{\"colors\":{\"0 - 12\":\"#F9D9F9\",\"12 - 23\":\"#E5A8E2\",\"23 - 34\":\"#D683CE\",\"34 - 45\":\"#BA43A9\"},\"defaultColors\":{\"0 - 12\":\"rgb(247,252,245)\",\"12 - 23\":\"rgb(199,233,192)\",\"23 - 34\":\"rgb(116,196,118)\",\"34 - 45\":\"rgb(35,139,69)\"},\"legendOpen\":false}},\"id\":\"2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b\",\"title\":\"Alerts Heatmap\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a5a26a34f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Overview", - "hits": 0, - "description": "", - "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":1,\"i\":\"1\",\"w\":7,\"x\":0,\"y\":2},\"id\":\"b98ec5a0-0706-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"1\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"3\",\"w\":5,\"x\":7,\"y\":2},\"id\":\"009a25c0-07d9-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"3\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"5\",\"w\":5,\"x\":7,\"y\":6},\"id\":\"85cee3b0-07df-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"5\",\"title\":\"Database Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"6\",\"w\":5,\"x\":7,\"y\":10},\"id\":\"418ce210-07e4-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"6\",\"title\":\"Query Duration (ms)\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"7\",\"w\":5,\"x\":7,\"y\":12},\"id\":\"a71ed100-07e5-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"7\",\"title\":\"Query Wait Time (ms)\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"table\":{\"sort\":{\"column\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"order\":\"desc\"}}},\"gridData\":{\"h\":7,\"i\":\"9\",\"w\":7,\"x\":0,\"y\":3},\"id\":\"880a53f0-080f-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"9\",\"title\":\"Databases\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"11\",\"w\":5,\"x\":7,\"y\":8},\"id\":\"5465b680-0809-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"11\",\"title\":\"Read & Write I/O\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":1,\"i\":\"12\",\"w\":7,\"x\":0,\"y\":0},\"id\":\"68dd8530-083f-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"12\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":6,\"i\":\"13\",\"w\":7,\"x\":0,\"y\":10},\"id\":\"2060bce0-0840-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"13\",\"title\":\"Servers\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":1,\"i\":\"16\",\"w\":7,\"x\":0,\"y\":1},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"16\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"19\",\"w\":5,\"x\":7,\"y\":4},\"id\":\"eb4363d0-0986-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"19\",\"title\":\"Storage Used\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"20\",\"w\":5,\"x\":7,\"y\":0},\"id\":\"6bab50c0-0877-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"20\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"azure-*\",\"key\":\"azure.subscription.keyword\",\"negate\":false,\"params\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\"},\"query\":{\"match\":{\"azure.subscription.keyword\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 34cbb8b9e..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Queries", - "hits": 0, - "description": "", - "panelsJSON": "[{\"gridData\":{\"h\":2,\"i\":\"11\",\"w\":5,\"x\":7,\"y\":2},\"id\":\"6d71abf0-0842-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"11\",\"title\":\"Query Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"12\",\"w\":5,\"x\":2,\"y\":2},\"id\":\"518cb600-0842-11e8-adb5-e1a2d559cdf5\",\"panelIndex\":\"12\",\"title\":\"Query Duration\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":2,\"i\":\"23\",\"w\":3,\"x\":6,\"y\":0},\"id\":\"d02c64c0-08a0-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"23\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"gridData\":{\"h\":1,\"i\":\"25\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"20a043b0-13c1-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"25\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"27\",\"w\":2,\"x\":0,\"y\":2},\"id\":\"3fb82260-1527-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"27\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"28\",\"w\":3,\"x\":9,\"y\":0},\"id\":\"5dbd8b20-08a1-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"28\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":9,\"i\":\"29\",\"w\":12,\"x\":0,\"y\":4},\"id\":\"35de9400-1526-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"29\",\"title\":\"Top Queries\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"30\",\"w\":6,\"x\":0,\"y\":1},\"id\":\"db0ec510-152d-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"30\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 3b4bbe2a7..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] SQL DB Database View", - "hits": 0, - "description": "", - "panelsJSON": "[{\"panelIndex\":\"4\",\"gridData\":{\"x\":6,\"y\":4,\"w\":6,\"h\":2,\"i\":\"4\"},\"id\":\"5465b680-0809-11e8-adb5-e1a2d559cdf5\",\"title\":\"Read & Write I/O\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":0,\"y\":0,\"w\":6,\"h\":1,\"i\":\"5\"},\"id\":\"68dd8530-083f-11e8-adb5-e1a2d559cdf5\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":0,\"y\":4,\"w\":6,\"h\":2,\"i\":\"14\"},\"id\":\"9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5\",\"title\":\"Database Wait Time\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":1,\"w\":6,\"h\":1,\"i\":\"15\"},\"id\":\"88dcf980-084c-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"18\",\"gridData\":{\"x\":9,\"y\":2,\"w\":3,\"h\":2,\"i\":\"18\"},\"id\":\"90ed5940-0850-11e8-93e5-299e2b5c963a\",\"title\":\"Database Size\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"23\",\"gridData\":{\"x\":6,\"y\":0,\"w\":3,\"h\":2,\"i\":\"23\"},\"id\":\"d02c64c0-08a0-11e8-93e5-299e2b5c963a\",\"title\":\"DTU Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"24\",\"gridData\":{\"x\":9,\"y\":0,\"w\":3,\"h\":2,\"i\":\"24\"},\"id\":\"5dbd8b20-08a1-11e8-93e5-299e2b5c963a\",\"title\":\"Errors\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"25\",\"gridData\":{\"x\":6,\"y\":2,\"w\":3,\"h\":2,\"i\":\"25\"},\"id\":\"5ff32870-08a4-11e8-93e5-299e2b5c963a\",\"title\":\"Storage Utilization\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"28\",\"gridData\":{\"x\":4,\"y\":2,\"w\":2,\"h\":1,\"i\":\"28\"},\"id\":\"e7ac55f0-0c9d-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"29\",\"gridData\":{\"x\":0,\"y\":3,\"w\":4,\"h\":1,\"i\":\"29\"},\"id\":\"f819a870-0c9d-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"30\",\"gridData\":{\"x\":0,\"y\":2,\"w\":4,\"h\":1,\"i\":\"30\"},\"id\":\"59510c50-0c9e-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"panelIndex\":\"31\",\"gridData\":{\"x\":4,\"y\":3,\"w\":2,\"h\":1,\"i\":\"31\"},\"id\":\"72ab38b0-0c9e-11e8-93e5-299e2b5c963a\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.1.3\"},{\"title\":\"Errors Viewer\",\"panelIndex\":\"32\",\"gridData\":{\"x\":0,\"y\":6,\"w\":12,\"h\":6,\"i\":\"32\"},\"id\":\"5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b\",\"type\":\"search\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"key\":\"azure.db_unique_id.keyword\",\"negate\":false,\"params\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\"},\"query\":{\"match\":{\"azure.db_unique_id.keyword\":{\"query\":\"741FD0F5-9CB8-442C-91C3-3EF4CA231C2A/WIDEMO/WIDEMO/WORKLOADINSIGHTSDEMO\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/azure.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/azure.json deleted file mode 100644 index 38a051af5..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/azure.json +++ /dev/null @@ -1,8 +0,0 @@ -[ - "06fa0b60-121a-11e8-8c94-a3d8d0cfd62b", - "16302750-1223-11e8-8c94-a3d8d0cfd62b", - "91ba2090-07cb-11e8-adb5-e1a2d559cdf5", - "9adef750-08b0-11e8-93e5-299e2b5c963a", - "aaf909b0-0800-11e8-adb5-e1a2d559cdf5", - "f110f010-11fc-11e8-8c94-a3d8d0cfd62b" -] diff --git a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 66fd9916d..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "title": "[Azure Monitor] Overview", - "hits": 0, - "description": "", - "panelsJSON": "[{\"gridData\":{\"h\":1,\"i\":\"1\",\"w\":6,\"x\":0,\"y\":1},\"id\":\"890f3af0-093a-11e8-93e5-299e2b5c963a\",\"panelIndex\":\"1\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"4\",\"w\":6,\"x\":6,\"y\":0},\"id\":\"0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"4\",\"title\":\"Activity Level\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"11\",\"w\":6,\"x\":0,\"y\":2},\"id\":\"ccabf560-1208-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"11\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"14\",\"w\":6,\"x\":6,\"y\":9},\"id\":\"23e31d20-1215-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"14\",\"title\":\"Alerts\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"15\",\"w\":6,\"x\":6,\"y\":11},\"id\":\"15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"15\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"19\",\"w\":6,\"x\":0,\"y\":9},\"id\":\"053b9cc0-137e-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"19\",\"title\":\"Service Health\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"20\",\"w\":6,\"x\":0,\"y\":11},\"id\":\"33072240-137f-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"20\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":15,\"i\":\"21\",\"w\":12,\"x\":0,\"y\":12},\"id\":\"3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"21\",\"title\":\"Service Health Viewer\",\"type\":\"search\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":4,\"i\":\"23\",\"w\":6,\"x\":0,\"y\":5},\"id\":\"19c51b50-138b-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"23\",\"title\":\"Top Resource Groups\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":5,\"i\":\"24\",\"w\":6,\"x\":6,\"y\":4},\"id\":\"e9391690-1226-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"24\",\"title\":\"Resource Changes\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"25\",\"w\":6,\"x\":0,\"y\":3},\"id\":\"df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"25\",\"title\":\"Top Active Users\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":2,\"i\":\"26\",\"w\":6,\"x\":6,\"y\":2},\"id\":\"1c885a30-13b0-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"26\",\"title\":\"Access Requests\",\"type\":\"visualization\",\"version\":\"6.2.1\"},{\"gridData\":{\"h\":1,\"i\":\"27\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"25eb1470-13bd-11e8-8c94-a3d8d0cfd62b\",\"panelIndex\":\"27\",\"title\":\"\",\"type\":\"visualization\",\"version\":\"6.2.1\"}]", - "optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}", - "version": 1, - "timeRestore": false, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"controlledBy\":\"1517598395667\",\"disabled\":false,\"index\":\"azure-*\",\"key\":\"azure.subscription.keyword\",\"negate\":false,\"params\":{\"query\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\"},\"query\":{\"match\":{\"azure.subscription.keyword\":{\"query\":\"872F2E12-6CCC-4EAD-8D3C-AC833009C1A4\",\"type\":\"phrase\"}}}}],\"highlightAll\":true,\"version\":true}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/index-pattern/azure.json b/x-pack/modules/azure/configuration/kibana/7.x/index-pattern/azure.json deleted file mode 100644 index 1a1677166..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/index-pattern/azure.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "title" : "azure-*", - "timeFieldName" : "@timestamp", - "fields" : "[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"LogicalServerName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"LogicalServerName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ResourceGroup\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ResourceGroup.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"SubscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"SubscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.deploymentId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.deploymentId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.aadTenantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.aadTenantId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.activeSince\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.activeSince.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.component\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.component.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionAggregation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionAggregation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperator\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperator.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperatorRaw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionOperatorRaw.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionThreshold\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.conditionWindowSize\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.dateTimestampUtc\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.dateTimestampUtc.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.firstSample\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.firstSample.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.lastSample\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.lastSample.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricScale\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricUnit\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricUnit.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.metricValue\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.resourceName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.resourceName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.ruleName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.sampleCount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.source\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.source.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.eventProperties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.eventProperties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.policies\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.policies.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.requestbody\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.requestbody.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.resourceLocation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.resourceLocation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.responseBody\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.responseBody.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.serviceRequestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.serviceRequestId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.statusCode\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.statusCode.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Administrative_properties.statusMessage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Administrative_properties.statusMessage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Aggregation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Aggregation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricUnit\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.MetricUnit.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.Operator\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.Operator.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleUri\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.RuleUri.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.Threshold\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.WindowSizeInMinutes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.eventDataId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.eventDataId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.eventTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceGroup\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceGroup.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.resourceId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.eventProperties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.eventProperties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Alert_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Alert_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.eventName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.eventName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_Security_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_Security_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.channels\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.channels.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.correlationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.correlationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.description.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventCategory\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventCategory.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventDataId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventDataId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communication\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communication.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.communicationId\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageContent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageContent.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageTitle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.defaultLanguageTitle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactMitigationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactStartTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ImpactedRegions.RegionName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ImpactedRegions.RegionName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ServiceName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.impactedServices.ServiceName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.incidentType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.incidentType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.service\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.service.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.stage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.stage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.title.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.trackingId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.trackingId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventProperties.version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventSource\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.eventSource.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.eventTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.level\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.level.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.operationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.operationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.communication\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.communication.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.communicationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.communicationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageContent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageContent.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageTitle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.defaultLanguageTitle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactMitigationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactStartTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactedServices\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.impactedServices.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.incidentType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.incidentType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.region.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.service\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.service.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.stage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.stage.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.title.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.trackingId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.trackingId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.properties.version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.properties.version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.submissionTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"activity_log_ServiceHealth_properties.subscriptionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"activity_log_ServiceHealth_properties.subscriptionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"average\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.database\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.database.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.db_unique_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.db_unique_id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.consumer_group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.consumer_group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.event_size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.offset\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.offset.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.partition\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.partition.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.processor_host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.metadata.azure_event_hubs.processor_host.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.sequence\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.metadata.azure_event_hubs.timestamp\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.provider\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.provider.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_group\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_group.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.resource_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.resource_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.server\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.server.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.server_and_database\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.server_and_database.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"azure.subscription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"azure.subscription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"callerIpAddress\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"callerIpAddress.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"correlationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"correlationId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"durationMs\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.city_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.city_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.continent_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.continent_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code2\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_code2.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_code3\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_code3.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.country_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.country_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.dma_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.latitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.longitude\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.postal_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.postal_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.region_code.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.region_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.region_name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geoip.timezone\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"geoip.timezone.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.action\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.action.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.principalId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.principalId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.principalType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.principalType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.role\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.role.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleAssignmentId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleAssignmentId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleAssignmentScope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleAssignmentScope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.evidence.roleDefinitionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.evidence.roleDefinitionId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.authorization.scope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.authorization.scope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims._claim_names\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims._claim_names.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims._claim_sources\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims._claim_sources.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.aio\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.aio.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.appid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.appid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.appidacr\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.appidacr.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.aud\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.aud.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.e_exp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.e_exp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.exp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.exp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnclassreference\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnclassreference.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnmethodsreferences\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/claims/authnmethodsreferences.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/identityprovider\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/identityprovider.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/objectidentifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/objectidentifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/scope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/scope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/tenantid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.microsoft.com/identity/claims/tenantid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.iat\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.iat.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.in_corp\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.in_corp.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.ipaddr\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.ipaddr.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.iss\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.iss.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.nbf\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.nbf.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.onprem_sid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.onprem_sid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.puid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.puid.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.uti\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.uti.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"identity.claims.ver\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"identity.claims.ver.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"level\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"level.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"location\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"maximum\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"metricName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metricName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"minimum\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"operationName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"operationName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resourceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resourceId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultDescription\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultDescription.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultSignature\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultSignature.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"resultType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"resultType.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.blocked_process_filtered\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.blocked_process_filtered.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.lock_mode\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.lock_mode.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Blocks_properties.resource_owner_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Blocks_properties.resource_owner_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_max_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_signal_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_waiting_tasks_count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.end_utc_date\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.start_utc_date\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.wait_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_DatabaseWaitStatistics_properties.wait_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.error_number\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.message.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_Errors_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.severity\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.state\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_Errors_properties.user_defined\",\"type\":\"boolean\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.count_executions\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.cpu_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.dop\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.execution_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.interval_end_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.interval_start_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.log_bytes_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_writes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_cpu_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_dop\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_duration\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_log_bytes_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_logical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_logical_io_writes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_num_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_query_max_used_memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.max_rowcount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.num_physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.physical_io_reads\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.plan_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_max_used_memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.rowcount\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.statement_sql_handle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.statement_sql_handle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.DatabaseName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.DatabaseName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.ElasticPoolName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.ElasticPoolName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.count_executions\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.exec_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.interval_end_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.interval_start_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.is_parameterizable\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.is_parameterizable.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.max_query_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.plan_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_param_type\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_plan_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.query_plan_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_key_hash\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_key_hash.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_sql_handle\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_sql_handle.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.statement_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.wait_category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.wait_category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tags.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"timeGrain\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"timeGrain.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]" -} \ No newline at end of file diff --git a/x-pack/modules/azure/configuration/kibana/7.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e5764017b..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/search/3a4ec5b0-1381-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "title": "Service Health Search [Azure Monitor][Activity Log]", - "description": "", - "hits": 0, - "columns": [ - "resultDescription", - "resultType" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:activity_log AND azure.category:ServiceHealth\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"resultType\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"key\":\"resultType\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\"}}]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e146e44ed..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/search/5a91a3e0-1829-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "title": "Errors Viewer [Azure Monitor][SQL DB]", - "description": "", - "hits": 0, - "columns": [ - "sql_diagnostics_Errors_properties.message", - "sql_diagnostics_Errors_properties.error_number" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:sql_diagnostics AND azure.category:Errors\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 271a1ed91..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/search/9a8ffc60-1155-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "title": "SQL Diagnostics [Azure Monitor]", - "description": "", - "hits": 0, - "columns": [ - "_source" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"azure.group: \\\"sql_diagnostics\\\"\",\"language\":\"lucene\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 17ff6dbcb..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/search/f802b0b0-1211-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "title": "Alerts Search [Azure Monitor][Activity Log]", - "description": "", - "hits": 0, - "columns": [ - "resultDescription", - "resultType", - "azure.provider", - "azure.resource_name", - "azure.resource_group" - ], - "sort": [ - "@timestamp", - "desc" - ], - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"azure.group:activity_log AND azure.category:Alert\"},\"filter\":[]}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a3c126a77..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/009a25c0-07d9-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors [Azure Monitor]", - "visState": "{\"title\":\"Errors [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Errors\",\"split_filters\":[{\"filter\":\"data.category:Errors\",\"label\":\"Errors\",\"color\":\"rgba(255,57,36,1)\",\"id\":\"ead38060-07d8-11e8-ac3e-4b165adb3935\"}]},{\"id\":\"2c144750-0881-11e8-b3d6-f7127beb4493\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"2c144751-0881-11e8-b3d6-f7127beb4493\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"split_filters\":[{\"color\":\"rgba(244,78,59,1)\",\"id\":\"41fc5760-0881-11e8-b3d6-f7127beb4493\"}],\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND category:Errors\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 38a6efff2..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/053b9cc0-137e-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Service Health Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Active\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved\",\"filter\":\"resultType:Resolved\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:ServiceHealth\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e71714f38..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0ac34a40-138c-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top 3 Users [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Top 3 Users [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"type\": \"histogram\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 200\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"bottom\",\n \"show\": false,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 75,\n \"filter\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Events\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": true,\n \"type\": \"histogram\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Events\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Events\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 3,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Users\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Events\": \"#019B8F\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b24fa95ad..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0d5dd2c0-1201-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Deletions [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Deletions [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND identity.authorization.action:*delete\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index f0b2a257b..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/0f1d8b80-11fe-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Administrative Activity Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Administrative Activity Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"label\":\"Actions\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log and azure.category:Administrative\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2ce078e3f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/13d987a0-1398-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions Tag Cloud [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Subscriptions Tag Cloud [Azure Monitor][Activity Log]\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":6,\"maxFontSize\":20},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.subscription.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 167de25bf..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/15b9f8d0-1216-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Count [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Alerts Count [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Alerts\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"resultType:Activated\"\n },\n \"label\": \"Activated\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Resolved\"\n },\n \"label\": \"Resolved\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Succeeded\"\n },\n \"label\": \"Succeeded\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND azure.category:Alert\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index d150483d4..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/176bd440-1226-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Testing", - "visState": "{\"title\":\"Testing\",\"type\":\"heatmap\",\"params\":{\"type\":\"heatmap\",\"addTooltip\":true,\"addLegend\":true,\"enableHover\":false,\"legendPosition\":\"right\",\"times\":[],\"colorsNumber\":4,\"colorSchema\":\"Greens\",\"setColorRange\":false,\"colorsRange\":[],\"invertColors\":false,\"percentageMode\":false,\"valueAxes\":[{\"show\":false,\"id\":\"ValueAxis-1\",\"type\":\"value\",\"scale\":{\"type\":\"linear\",\"defaultYExtents\":false},\"labels\":{\"show\":false,\"rotate\":0,\"color\":\"#555\"}}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 23\":\"rgb(247,252,245)\",\"23 - 45\":\"rgb(199,233,192)\",\"45 - 68\":\"rgb(116,196,118)\",\"68 - 90\":\"rgb(35,139,69)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5c2bd424a..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/19c51b50-138b-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Group [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Activity by Resource Group [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"type\": \"histogram\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 200\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"bottom\",\n \"show\": false,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 75,\n \"filter\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Count\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": true,\n \"type\": \"histogram\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Count\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Group\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Count\": \"#019B8F\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 0b74c6d18..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c509130-0853-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Stats [Azure Monitor]", - "visState": "{\"title\":\"Storage Stats [Azure Monitor]\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":50},{\"from\":50,\"to\":75},{\"from\":75,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"Storage Used\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"AVG\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"MAX\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 50\":\"rgb(0,104,55)\",\"50 - 75\":\"rgb(255,255,190)\",\"75 - 100\":\"rgb(165,0,38)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:storage_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c08df944f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/1c885a30-13b0-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Authorization Activity [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Authorization Activity [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"filter\":\"resultType:Success\",\"label\":\"Success\"},{\"id\":\"8a097400-13af-11e8-bdbe-d961aa20f52a\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8a097401-13af-11e8-bdbe-d961aa20f52a\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"filter\":\"resultType:Failed\",\"label\":\"Failure\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND operationName:*LISTKEYS*\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 6fbb02d09..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2060bce0-0840-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Servers [Azure Monitor]", - "visState": "{\n \"title\": \"Servers [Azure Monitor]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showMeticsAtAllLevels\": false,\n \"showPartialRows\": false,\n \"showTotal\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"customLabel\": \"DBs\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.server.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Server\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Group\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Subscription\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 54decf417..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/20a043b0-13c1-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation SQL DB Queries [Azure Monitor]", - "visState": "{\"title\":\"Navigation SQL DB Queries [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [**SQL DB Queries**](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e1cec4ac0..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/23e31d20-1215-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Activated\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved or Succeeded\",\"filter\":\"resultType:Resolved OR resultType:Succeeded\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Alert\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index c9f251d8c..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2404b5e0-0804-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top Queries [Azure Monitor]", - "visState": "{\"title\":\"Top Queries [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"3\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.duration\",\"customLabel\":\"Max Duration (ms)\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.duration\",\"customLabel\":\"Average Duration (ms)\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Executions\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.query_hash.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Hash\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.category:QueryStoreRuntimeStatistics\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c206fdbbb..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/25eb1470-13bd-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Overview [Azure Monitor]", - "visState": "{\"title\":\"Navigation Overview [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[**Overview**](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 73b173eee..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/27f9bd40-13ca-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Authorization Activity User [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Authorization Activity User [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"filter\":\"resultType:Success\",\"label\":\"Success\"},{\"id\":\"8a097400-13af-11e8-bdbe-d961aa20f52a\",\"color\":\"rgba(175,0,88,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8a097401-13af-11e8-bdbe-d961aa20f52a\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"filter\":\"resultType:Fail\",\"label\":\"Failure\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND operationName:*LISTKEYS* AND azure.category:Administrative AND _exists_:identity.claims.name\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 777895899..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2d11a9b0-1ac2-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Heatmap [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Heatmap [Azure Monitor][Activity Log]\",\"type\":\"heatmap\",\"params\":{\"type\":\"heatmap\",\"addTooltip\":true,\"addLegend\":true,\"enableHover\":false,\"legendPosition\":\"right\",\"times\":[],\"colorsNumber\":4,\"colorSchema\":\"Reds\",\"setColorRange\":false,\"colorsRange\":[{\"from\":0,\"to\":null}],\"invertColors\":false,\"percentageMode\":false,\"valueAxes\":[{\"show\":false,\"id\":\"ValueAxis-1\",\"type\":\"value\",\"scale\":{\"type\":\"linear\",\"defaultYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"color\":\"#555\"}}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.provider.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Provider\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 12\":\"rgb(255,245,240)\",\"12 - 23\":\"rgb(252,187,161)\",\"23 - 34\":\"rgb(251,106,74)\",\"34 - 45\":\"rgb(203,24,29)\"},\"colors\":{\"34 - 45\":\"#BA43A9\",\"23 - 34\":\"#D683CE\",\"12 - 23\":\"#E5A8E2\",\"0 - 12\":\"#F9D9F9\"},\"legendOpen\":true}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b307c6fc0..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/2e863080-1bef-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Type Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Type Breakdown [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 83aa35b65..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/33072240-137f-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Count [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Service Health Count [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Incidents\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"resultType:Active\"\n },\n \"label\": \"Activated\"\n },\n {\n \"input\": {\n \"query\": \"resultType:Resolved\"\n },\n \"label\": \"Resolved\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND azure.category:ServiceHealth\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 081256e6d..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/35de9400-1526-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Viewer [Azure Monitor][SQL DB]", - "visState": "{\n \"title\": \"Query Viewer [Azure Monitor][SQL DB]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 20,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": 5,\n \"direction\": \"desc\"\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Query ID\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"avg\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\n \"customLabel\": \"Average Duration (ms)\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Query Hash\"\n }\n },\n {\n \"id\": \"6\",\n \"enabled\": true,\n \"type\": \"max\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\n \"customLabel\": \"Max Duration (ms)\"\n }\n },\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Executions\"\n }\n },\n {\n \"id\": \"7\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_QueryStoreRuntimeStatistics_properties.plan_id\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 1000,\n \"order\": \"desc\",\n \"orderBy\": \"5\",\n \"customLabel\": \"Plan ID\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": 5,\n \"direction\": \"desc\"\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND _exists_:sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 91dbf39fe..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/381c5ad0-120c-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts List [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts List [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resultDescription.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Alert\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"activity_log_Alert_properties.eventProperties.status.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Status\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"azure.resource_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":557,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 549c4edad..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/3fb82260-1527-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Count [Azure Monitor][SQL DB]", - "visState": "{\n \"title\": \"Query Count [Azure Monitor][SQL DB]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 20\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Queries Executed\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND _exists_:sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a7821c539..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/418ce210-07e4-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Duration (ms) [Azure Monitor]", - "visState": "{\"title\":\"Query Duration (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"a5439470-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"bf5c2ed0-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Query Duration\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"4e9246e0-07e3-11e8-a756-61fb48b75e56\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"terms_size\":\"3\",\"value_template\":\"{{value}}\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 8a510c53e..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/4b9f1300-07ed-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions [Azure Monitor]", - "visState": "{\"title\":\"Subscriptions [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_name.keyword\",\"customLabel\":\"Databases\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"subscription.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Subscription\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 37cf9e9c2..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/518cb600-0842-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Duration (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Query Duration (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"rgba(0,191,179,1)\",\"fill\":\"0.1\",\"formatter\":\"0a\",\"hide_in_legend\":1,\"id\":\"a5439470-07fd-11e8-92fe-81a50acfdb07\",\"label\":\"Query Duration\",\"line_width\":\"1\",\"metrics\":[{\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\",\"id\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\"},{\"field\":\"a5439471-07fd-11e8-92fe-81a50acfdb07\",\"id\":\"bf5c2ed0-07fd-11e8-92fe-81a50acfdb07\",\"minimize\":0,\"model\":\"simple\",\"settings\":\"\",\"type\":\"moving_average\",\"window\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"value_template\":\"{{value}} ms\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\",\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index de8a66937..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5465b680-0809-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Read and Write I/O [Azure Monitor]", - "visState": "{\"title\":\"Read and Write I/O [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Logical Reads\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Logical Writes\"},{\"id\":\"53f923f0-0807-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"53f923f1-0807-11e8-b19d-a7e960a5b5ca\",\"type\":\"sum\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.physical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"03ccee50-0809-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"53f923f1-0807-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Physical Reads\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 66df7cf62..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/59510c50-0c9e-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 1 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 1 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Database\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 9413e4b73..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5c934df0-07db-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors [Azure Monitor]", - "visState": "{\n \"title\": \"Errors [Azure Monitor]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showMeticsAtAllLevels\": false,\n \"showPartialRows\": false,\n \"showTotal\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"@timestamp\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Timestamp\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.message.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Error\"\n }\n },\n {\n \"id\": \"7\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.error_number\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 200,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Error #\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.DatabaseName.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Database\"\n }\n },\n {\n \"id\": \"6\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"sql_diagnostics_Errors_properties.ElasticPoolName.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 20,\n \"order\": \"desc\",\n \"orderBy\": \"_term\",\n \"customLabel\": \"Elastic Pool\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"azure.group:sql_diagnostics AND azure.category:Errors\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 22374e8f1..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5dbd8b20-08a1-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Errors Single [Azure Monitor]", - "visState": "{\"title\":\"Errors Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"label\":\"Errors\",\"split_filters\":[{\"filter\":\"data.category:Errors\",\"label\":\"Errors\",\"color\":\"rgba(255,57,36,1)\",\"id\":\"ead38060-07d8-11e8-ac3e-4b165adb3935\"}]}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND azure.category:Errors\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5701ce362..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5e89e2b0-13a0-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Combo [Azure Monitor]", - "visState": "{\"title\":\"Select Combo [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.subscription.keyword\",\"label\":\"Subscription\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}},{\"id\":\"1518843942322\",\"indexPattern\":\"azure-*\",\"fieldName\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"label\":\"User Email\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index afccb38f3..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/5ff32870-08a4-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Utilization Single [Azure Monitor]", - "visState": "{\"title\":\"Storage Utilization Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"azure.group:sql_diagnostics AND metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b79a12364..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/647b8770-11ff-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Category Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Category Breakdown [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.category.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index b43bd480b..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/65e23580-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Service Health Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Service Health Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Service Health\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:ServiceHealth\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index b007f7b0f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/68bd4dd0-0851-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Overview Info [Azure Monitor]", - "visState": "{\"title\":\"Database Overview Info [Azure Monitor]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":18}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_name\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Database\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"server.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Server\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"resource_group.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Resource Group\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"subscription.keyword\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Subscription\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 5fa22ba21..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/68dd8530-083f-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation SQL DB [Azure Monitor]", - "visState": "{\"title\":\"Navigation SQL DB [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [**SQL DB**](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 55d8ddd9c..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/6bab50c0-0877-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Utilization [Azure Monitor]", - "visState": "{\"title\":\"DTU Utilization [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"b75f7650-0876-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:dtu_consumption_percent\",\"label\":\"DTU %\",\"color\":\"#68BC00\",\"id\":\"bdf1be60-0876-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"DTU\",\"value_template\":\"{{value}}%\"},{\"id\":\"e92aa790-0876-11e8-8a9e-77e15a1ba1ec\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"e92aa791-0876-11e8-8a9e-77e15a1ba1ec\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"1544c900-0877-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"e92aa791-0876-11e8-8a9e-77e15a1ba1ec\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\",\"terms_direction\":\"desc\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:dtu_consumption_percent\",\"axis_max\":\"100\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 3b62e3024..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/6d71abf0-0842-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Wait Time (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Query Wait Time (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"07fbc160-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"197b9550-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":\"1\",\"fill\":\"0.1\",\"stacked\":\"none\",\"label\":\"Query Wait Time\",\"value_template\":\"{{value}} ms\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index d9e84abb8..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/727c5be0-1201-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Creations [Azure Monitor][Activity Log]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND identity.authorization.action:*write\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 2a0151044..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/72ab38b0-0c9e-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 3 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 3 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Resource Group\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0d05c4a07..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/74680350-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Alerts\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Alert\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 630900bc7..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/79085650-0985-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Resource Group [Azure Monitor]", - "visState": "{\"title\":\"Select Resource Group [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"d6962b40-06f5-11e8-adb5-e1a2d559cdf5\",\"fieldName\":\"resource_group.keyword\",\"label\":\"Resource Group\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index ff6aa714f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/7fe767b0-11fd-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Geo Activity [Azure Monitor]", - "visState": "{\"title\":\"Geo Activity [Azure Monitor]\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.1&license=c16ab9db-b270-4466-9535-a15cb66a4df5\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"

© OpenStreetMap contributors | Elastic Maps Service

\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.1&license=c16ab9db-b270-4466-9535-a15cb66a4df5\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"

© OpenStreetMap contributors | Elastic Maps Service

\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 1710b2dcd..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/820e7fb0-11f8-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Blockings Single [Azure Monitor]", - "visState": "{\"title\":\"Blockings Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Blockings\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND data.category:Blocks\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 7fe90e777..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/849be630-0985-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Server [Azure Monitor]", - "visState": "{\"title\":\"Select Server [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"fieldName\":\"azure.server.keyword\",\"label\":\"Server\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index b3672233d..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/85cee3b0-07df-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Wait Time (ms) [Azure Monitor]", - "visState": "{\"title\":\"Database Wait Time (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"0dc3f820-07fc-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"2fecef10-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"DB Wait\",\"value_template\":\"{{value}} ms\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":null,\"window\":\"\",\"model\":\"simple\",\"id\":\"2c2449f0-07de-11e8-ac3e-4b165adb3935\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"split_filters\":[{\"color\":\"#68BC00\",\"id\":\"7383c5f0-07de-11e8-ac3e-4b165adb3935\"}],\"terms_field\":\"azure.resource_name.keyword\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"split_color_mode\":\"gradient\",\"terms_size\":\"3\",\"hide_in_legend\":0,\"value_template\":\"{{value}} ms\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index cad198ece..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/880a53f0-080f-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Databases [Azure Monitor]", - "visState": "{\"title\":\"Databases [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"axis_formatter\":\"number\",\"axis_max\":\"100\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"8f26aa90-0872-11e8-8a9e-77e15a1ba1ec\"}],\"drilldown_url\":\"#dashboard/aaf909b0-0800-11e8-adb5-e1a2d559cdf5?_a=(description:'',filters:!(('$state':(store:appState),meta:(alias:!n,controlledBy:'1517598395667',disabled:!f,index:'73e18ac0-104c-11e8-8c94-a3d8d0cfd62b',key:azure.db_unique_id.keyword,negate:!f,params:(query:'{{key}}',type:phrase),type:phrase,value:'{{key}}'),query:(match:(azure.db_unique_id.keyword:(query:'{{key}}',type:phrase))))))\",\"filter\":\"azure.group:sql_diagnostics\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"pivot_id\":\"azure.db_unique_id.keyword\",\"pivot_label\":\"Database\",\"pivot_rows\":\"20\",\"series\":[{\"aggregate_by\":null,\"aggregate_function\":null,\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"color_rules\":[{\"id\":\"dfdd33f0-0872-11e8-8a9e-77e15a1ba1ec\",\"opperator\":\"gte\",\"text\":\"rgba(244,78,59,1)\",\"value\":75}],\"fill\":\"0.8\",\"filter\":\"metricName:dtu_consumption_percent\",\"formatter\":null,\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"DTU\",\"line_width\":\"3\",\"metrics\":[{\"field\":\"average\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"offset_time\":\"\",\"point_size\":1,\"seperate_axis\":0,\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":\"data.metricName:dtu_consumption_percent\",\"id\":\"5cc3d630-080f-11e8-b19d-a7e960a5b5ca\",\"label\":\"DTU %\"}],\"split_mode\":\"filters\",\"stacked\":\"none\",\"trend_arrows\":0,\"value_template\":\"{{value}}%\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"color_rules\":[{\"id\":\"632bf0a0-0875-11e8-8a9e-77e15a1ba1ec\"}],\"fill\":0.5,\"filter\":\"azure.category:Errors\",\"formatter\":\"number\",\"id\":\"4b4159d0-0875-11e8-8a9e-77e15a1ba1ec\",\"label\":\"Errors\",\"line_width\":1,\"metrics\":[{\"id\":\"4b4159d1-0875-11e8-8a9e-77e15a1ba1ec\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"table\"},\"aggs\":[]}", - "uiStateJSON": "{\"table\":{\"sort\":{\"column\":\"4b4159d0-0875-11e8-8a9e-77e15a1ba1ec\",\"order\":\"desc\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index edbff7648..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/88dcf980-084c-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Database [Azure Monitor]", - "visState": "{\"title\":\"Select Database [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.db_unique_id.keyword\",\"label\":\"Database\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"size\":20,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 361aa5017..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/890f3af0-093a-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Subscription [Azure Monitor]", - "visState": "{\"title\":\"Select Subscription [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.subscription.keyword\",\"label\":\"Select Subscription\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c283a2cdc..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/8e2e0480-13bc-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Alerts [Azure Monitor]", - "visState": "{\"title\":\"Navigation Alerts [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [Users](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [**Alerts**](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index cbb859488..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/90045780-1382-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Administrative Metric [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Administrative Metric [Azure Monitor][Activity Log]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":12}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Administrative\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND azure.category:Administrative\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 51bf4679b..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/90ed5940-0850-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Size [Azure Monitor]", - "visState": "{\"title\":\"Database Size [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"bytes\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage\",\"label\":\"Storage Used\",\"color\":\"#68BC00\",\"id\":\"5b487040-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"GB\",\"hide_in_legend\":1}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:storage\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2cf6ddee4..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/934c6780-138b-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions 2 [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Resource Creations and Deletions 2 [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":\"identity.authorization.action:*write\"},\"label\":\"Creations\"},{\"input\":{\"query\":\"identity.authorization.action:*delete\"},\"label\":\"Deletions\"}]}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index e4507d79f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/94e47b60-1385-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Alerts Overview 2 [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Alerts Overview 2 [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(223,73,152,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.5\",\"stacked\":\"none\",\"terms_field\":\"resultType.keyword\",\"filter\":\"resultType:Activated\",\"label\":\"Activated\"},{\"id\":\"8b100950-1214-11e8-bd17-77879a6f9d49\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"filter\",\"metrics\":[{\"id\":\"8b100951-1214-11e8-bd17-77879a6f9d49\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.6\",\"stacked\":\"none\",\"label\":\"Resolved or Succeeded\",\"filter\":\"resultType:Resolved OR resultType:Succeeded\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Alert\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 2c4fcde9c..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/983722f0-087b-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Top Queries [Azure Monitor]", - "visState": "{\"title\":\"Top Queries [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"table\",\"series\":[{\"id\":\"556ca980-08a9-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"556ca981-08a9-11e8-b3d6-f7127beb4493\",\"type\":\"max\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"id\":\"57810a90-08a9-11e8-b3d6-f7127beb4493\"}],\"label\":\"Query ID\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"id\":\"6c7a15a0-087b-11e8-b3d6-f7127beb4493\"}],\"label\":\"Average Duration (ms)\"},{\"id\":\"374a3590-087b-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"374a3591-087b-11e8-b3d6-f7127beb4493\",\"type\":\"max\",\"field\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.duration\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"label\":\"Max Duration (ms)\",\"color_rules\":[{\"id\":\"8a84f8d0-087b-11e8-b3d6-f7127beb4493\"}]},{\"id\":\"f6966090-087b-11e8-b3d6-f7127beb4493\",\"color\":\"#68BC00\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"f6966091-087b-11e8-b3d6-f7127beb4493\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"a\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"label\":\"Executions\",\"color_rules\":[{\"id\":\"34c7b3f0-087c-11e8-b3d6-f7127beb4493\"}]}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"bar_color_rules\":[{\"id\":\"f31ebb70-087a-11e8-b3d6-f7127beb4493\"}],\"pivot_id\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_hash.keyword\",\"pivot_label\":\"Query Hash\",\"pivot_rows\":\"20\",\"filter\":\"azure.group:sql_diagnostics AND azure.category:QueryStoreRuntimeStatistics AND NOT sql_diagnostics_query_store_runtime_stats_properties.query_id:0\"},\"aggs\":[]}", - "uiStateJSON": "{\"table\":{\"sort\":{\"column\":\"556ca980-08a9-11e8-b3d6-f7127beb4493\",\"order\":\"asc\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index a0e0847fa..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/9bb5e3e0-0843-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Wait Time (ms) Single [Azure Monitor]", - "visState": "{\"title\":\"Database Wait Time (ms) Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"0dc3f820-07fc-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_DatabaseWaitStatistics_properties.delta_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"2fecef10-07fc-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"0dc3f821-07fc-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0a\",\"chart_type\":\"bar\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"Database Wait Time (ms)\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0c802415b..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/a0340090-1389-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Users List [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Users List [Azure Monitor][Activity Log]\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 20,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Email\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"First Name\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Last Name\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"callerIpAddress.keyword\",\n \"customLabel\": \"IPs\"\n }\n },\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Actions\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 45bee3a0e..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/a71ed100-07e5-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Query Wait Time (ms) [Azure Monitor]", - "visState": "{\"title\":\"Query Wait Time (ms) [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"07fbc160-07fd-11e8-92fe-81a50acfdb07\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"197b9550-07fd-11e8-92fe-81a50acfdb07\",\"type\":\"moving_average\",\"field\":\"07fbc161-07fd-11e8-92fe-81a50acfdb07\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":\"1\",\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Query Wait\"},{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"sql_diagnostics_QueryStoreWaitStatistics_properties.total_query_wait_time_ms\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"833d0680-07e5-11e8-a756-61fb48b75e56\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2add45a51..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/aa01fff0-13bb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Navigation Users [Azure Monitor]", - "visState": "{\"title\":\"Navigation Users [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Azure Monitoring\\n\\n[Overview](#/dashboard/f110f010-11fc-11e8-8c94-a3d8d0cfd62b) | [**Users**](#/dashboard/06fa0b60-121a-11e8-8c94-a3d8d0cfd62b) | [Alerts](#/dashboard/16302750-1223-11e8-8c94-a3d8d0cfd62b) | [SQL DB](#/dashboard/91ba2090-07cb-11e8-adb5-e1a2d559cdf5) | [SQL DB Queries](#/dashboard/9adef750-08b0-11e8-93e5-299e2b5c963a)\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index a1a20c3c6..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ac81f600-11f8-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Timeouts Single [Azure Monitor]", - "visState": "{\"title\":\"Timeouts Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Timeouts\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"logstash-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND data.category:Timeouts\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index bf9bb614c..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/af0fee20-07d7-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Databases++ [Azure Monitor]", - "visState": "{\"title\":\"Databases++ [Azure Monitor]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"Average DTU %\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resource_name.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Database\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"server.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Server\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"resource_group.keyword\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Resource Group\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"Max DTU %\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 6c3c4bae4..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/b07ea8a0-1204-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Category Breakdown [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Category Breakdown [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":false,\"rotate\":75,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Events\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.category.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Category\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json deleted file mode 100644 index 7c855e9b9..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/b98ec5a0-0706-11e8-adb5-e1a2d559cdf5.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "SQL DB Overview [Azure Monitor]", - "visState": "{\"title\":\"SQL DB Overview [Azure Monitor]\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"colorSchema\":\"Green to Red\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"style\":{\"fontSize\":15,\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#d3d3d3\"},\"metricColorMode\":\"None\"}},\"aggs\":[{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.resource_name.keyword\",\"customLabel\":\"Databases\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.server.keyword\",\"customLabel\":\"Servers\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"customLabel\":\"Resource Groups\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"azure.subscription.keyword\",\"customLabel\":\"Subscriptions\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"},\"colors\":{\"0 - 100\":\"#64B0C8\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:\\\"sql_diagnostics\\\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 0b578552a..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/be1f58b0-1beb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Geo Count [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Geo Count [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index ac18fcc5f..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ccabf560-1208-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity Log Overview [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Activity Log Overview [Azure Monitor][Activity Log]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"colorSchema\": \"Green to Red\",\n \"useRange\": false,\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 100\n }\n ],\n \"invertColors\": false,\n \"labels\": {\n \"show\": true,\n \"color\": \"black\"\n },\n \"style\": {\n \"fontSize\": 18,\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"bgFill\": \"#d3d3d3\"\n },\n \"metricColorMode\": \"None\"\n }\n },\n \"aggs\": [\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_name.keyword\",\n \"customLabel\": \"Resources\"\n }\n },\n {\n \"id\": \"5\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"customLabel\": \"Users\"\n }\n },\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.resource_group.keyword\",\n \"customLabel\": \"Resource Groups\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"customLabel\": \"Subscriptions\"\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 100\": \"rgb(0,104,55)\"\n },\n \"colors\": {\n \"0 - 100\": \"#64B0C8\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index db4371f87..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/cf876780-0c98-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Timeouts [Azure Monitor]", - "visState": "{\"title\":\"Timeouts [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Timeouts\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"\",\"terms_field\":\"resource_name.keyword\"}],\"time_field\":\"data.time\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"data.category:Timeouts\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 69e900e68..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/d02c64c0-08a0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Utilization Single [Azure Monitor]", - "visState": "{\"title\":\"DTU Utilization Single [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(0,191,179,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"4b2cfff0-08a0-11e8-b3d6-f7127beb4493\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.3\",\"stacked\":\"none\",\"axis_max\":\"100\",\"label\":\"DTU\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:sql_diagnostics AND metricName:dtu_consumption_percent\",\"axis_max\":\"100\",\"annotations\":[]},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index e937a9f84..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/d49fb650-0851-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "DTU Stats [Azure Monitor]", - "visState": "{\"title\":\"DTU Stats [Azure Monitor]\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":50},{\"from\":50,\"to\":75},{\"from\":75,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"DTU\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"AVG\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"data.average\",\"customLabel\":\"MAX\"}}]}", - "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 50\":\"rgb(0,104,55)\",\"50 - 75\":\"rgb(255,255,190)\",\"75 - 100\":\"rgb(165,0,38)\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"data.metricName:dtu_consumption_percent\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c420c12f2..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/db0ec510-152d-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select Database Query Combo [Azure Monitor][SQL DB]", - "visState": "{\"title\":\"Select Database Query Combo [Azure Monitor][SQL DB]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1519014869989\",\"indexPattern\":\"azure-*\",\"fieldName\":\"azure.db_unique_id.keyword\",\"label\":\"Database\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":20,\"order\":\"desc\"}},{\"id\":\"1517598395667\",\"indexPattern\":\"azure-*\",\"fieldName\":\"sql_diagnostics_QueryStoreRuntimeStatistics_properties.query_id\",\"label\":\"Query ID\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"size\":20,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 7877e8eed..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/de505970-1396-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Select User Email [Azure Monitor]", - "visState": "{\"title\":\"Select User Email [Azure Monitor]\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1517598395667\",\"indexPattern\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"fieldName\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"label\":\"Select User Email\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"size\":100,\"order\":\"desc\"}}],\"updateFiltersOnChange\":true,\"useTimeFilter\":false},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index dcf792692..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/df69c8a0-13aa-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Users Tag Cloud [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Users Tag Cloud [Azure Monitor][Activity Log]\",\n \"type\": \"tagcloud\",\n \"params\": {\n \"scale\": \"linear\",\n \"orientation\": \"single\",\n \"minFontSize\": 12,\n \"maxFontSize\": 32,\n \"hideLabel\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 83545560a..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e2b9f1a0-08c0-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Subscriptions Breakdown Pie [Azure Monitor]", - "visState": "{\"title\":\"Subscriptions Breakdown Pie [Azure Monitor]\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":false,\"last_level\":false,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"subscription.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"resource_group.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"server.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 5966ab392..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e7ac55f0-0c9d-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 2 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 2 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.server.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Server\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5db4e02c9..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/e9391690-1226-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Resource Creations and Deletions [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"labels\": {\n \"filter\": false,\n \"rotate\": 0,\n \"show\": true,\n \"truncate\": 200\n },\n \"position\": \"left\",\n \"scale\": {\n \"type\": \"linear\"\n },\n \"show\": true,\n \"style\": {},\n \"title\": {},\n \"type\": \"category\"\n }\n ],\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"legendPosition\": \"right\",\n \"seriesParams\": [\n {\n \"data\": {\n \"id\": \"1\",\n \"label\": \"Count\"\n },\n \"drawLinesBetweenPoints\": true,\n \"mode\": \"stacked\",\n \"show\": true,\n \"showCircles\": true,\n \"type\": \"histogram\",\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"times\": [],\n \"type\": \"histogram\",\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"labels\": {\n \"filter\": true,\n \"rotate\": 75,\n \"show\": true,\n \"truncate\": 100\n },\n \"name\": \"LeftAxis-1\",\n \"position\": \"bottom\",\n \"scale\": {\n \"mode\": \"normal\",\n \"type\": \"linear\"\n },\n \"show\": false,\n \"style\": {},\n \"title\": {\n \"text\": \"Count\"\n },\n \"type\": \"value\"\n }\n ]\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_type.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Type\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*write\"\n },\n \"label\": \"Creations\"\n },\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*delete\"\n },\n \"label\": \"Deletions\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Creations\": \"#019B8F\",\n \"Deletions\": \"#AF0058\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 3e636c899..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/eafc2880-0850-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Used [Azure Monitor]", - "visState": "{\"title\":\"Storage Used [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"data.average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"data.metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 7f544c3c2..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/eb4363d0-0986-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Storage Used [Azure Monitor]", - "visState": "{\"title\":\"Storage Used [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(255,222,85,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"ac54e1d0-0850-11e8-8a9e-77e15a1ba1ec\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"1\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.metricName:storage_percent\",\"label\":\"Database Storage %\",\"color\":\"#68BC00\",\"id\":\"b0e7fe80-0850-11e8-8a9e-77e15a1ba1ec\"}],\"label\":\"Storage Used\",\"value_template\":\"{{value}}%\",\"axis_max\":\"100\"},{\"id\":\"86f2d910-0986-11e8-8938-f3a79168be7b\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"86f2d911-0986-11e8-8938-f3a79168be7b\",\"type\":\"avg\",\"field\":\"average\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"d4c68dd0-0986-11e8-8938-f3a79168be7b\",\"type\":\"moving_average\",\"field\":\"86f2d911-0986-11e8-8938-f3a79168be7b\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"split_filters\":[{\"filter\":\"data.resour\",\"label\":\"\",\"color\":\"#68BC00\",\"id\":\"b5af6ac0-0986-11e8-8938-f3a79168be7b\"}],\"label\":\"\",\"terms_field\":\"azure.resource_name.keyword\",\"terms_size\":\"3\",\"value_template\":\"{{value}}%\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"show_grid\":1,\"axis_max\":\"100\",\"filter\":\"azure.group:sql_diagnostics AND metricName:storage_percent\",\"axis_min\":\"0\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index 8fe16ff09..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/ebeaf080-08ac-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Queries Markdown [Azure Monitor]", - "visState": "{\"title\":\"Queries Markdown [Azure Monitor]\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"### Queries\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2c69ee7f3..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f057a350-138a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Type [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Activity by Resource Type [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Type\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"73e18ac0-104c-11e8-8c94-a3d8d0cfd62b\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index d1461be94..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f0d7f540-0c97-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Blockings [Azure Monitor]", - "visState": "{\"title\":\"Blockings [Azure Monitor]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(233,228,16,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_reads\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"dfe3d0d0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":1,\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Blockings\"},{\"id\":\"b9a2f290-0806-11e8-b19d-a7e960a5b5ca\",\"color\":\"rgba(104,188,0,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\",\"type\":\"count\",\"field\":\"sql_diagnostics_query_store_runtime_stats_properties.logical_io_writes\"},{\"settings\":\"\",\"minimize\":0,\"window\":\"\",\"model\":\"simple\",\"id\":\"f0b3dcc0-0808-11e8-b19d-a7e960a5b5ca\",\"type\":\"moving_average\",\"field\":\"b9a2f291-0806-11e8-b19d-a7e960a5b5ca\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"0.0a\",\"chart_type\":\"line\",\"line_width\":\"2\",\"point_size\":1,\"fill\":\"0.2\",\"stacked\":\"none\",\"label\":\"\",\"terms_field\":\"resource_name.keyword\"}],\"time_field\":\"data.time\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"data.category:Blocks\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index c06cad48a..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f7d7bb80-1824-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Activity by Resource Group User [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Activity by Resource Group User [Azure Monitor][Activity Log]\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"azure.resource_group.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Resource Group\"}}]}", - "uiStateJSON": "{\"vis\":{\"legendOpen\":false,\"colors\":{\"Count\":\"#019B8F\"}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json deleted file mode 100644 index a9cd12865..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f819a870-0c9d-11e8-93e5-299e2b5c963a.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Database Info 4 [Azure Monitor]", - "visState": "{\n \"title\": \"Database Info 4 [Azure Monitor]\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 12\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"4\",\n \"enabled\": true,\n \"type\": \"top_hits\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"azure.subscription.keyword\",\n \"aggregate\": \"concat\",\n \"size\": 1,\n \"sortField\": \"@timestamp\",\n \"sortOrder\": \"desc\",\n \"customLabel\": \"Subscription\"\n }\n }\n ]\n}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:sql_diagnostics\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 2d2b03e5c..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/f93f09d0-1bec-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Caller IP [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"Caller IP [Azure Monitor][Activity Log]\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"callerIpAddress.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":1000,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Caller IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"identity.claims.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Email\"}}]}", - "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"index\":\"azure-*\",\"filter\":[],\"query\":{\"query\":\"azure.group:activity_log AND _exists_:identity.claims.name\",\"language\":\"lucene\"}}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 5bd256b87..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/fca6aa70-13cb-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Resource Creations and Deletions User [Azure Monitor][Activity Log]", - "visState": "{\n \"title\": \"Resource Creations and Deletions User [Azure Monitor][Activity Log]\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"labels\": {\n \"filter\": false,\n \"rotate\": 0,\n \"show\": true,\n \"truncate\": 200\n },\n \"position\": \"left\",\n \"scale\": {\n \"type\": \"linear\"\n },\n \"show\": true,\n \"style\": {},\n \"title\": {},\n \"type\": \"category\"\n }\n ],\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"legendPosition\": \"right\",\n \"seriesParams\": [\n {\n \"data\": {\n \"id\": \"1\",\n \"label\": \"Count\"\n },\n \"drawLinesBetweenPoints\": true,\n \"mode\": \"stacked\",\n \"show\": true,\n \"showCircles\": true,\n \"type\": \"histogram\",\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"times\": [],\n \"type\": \"histogram\",\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"labels\": {\n \"filter\": true,\n \"rotate\": 75,\n \"show\": true,\n \"truncate\": 100\n },\n \"name\": \"LeftAxis-1\",\n \"position\": \"bottom\",\n \"scale\": {\n \"mode\": \"normal\",\n \"type\": \"linear\"\n },\n \"show\": false,\n \"style\": {},\n \"title\": {\n \"text\": \"Count\"\n },\n \"type\": \"value\"\n }\n ]\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"azure.resource_type.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Resource Type\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"filters\",\n \"schema\": \"group\",\n \"params\": {\n \"filters\": [\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*write\"\n },\n \"label\": \"Creations\"\n },\n {\n \"input\": {\n \"query\": \"identity.authorization.action:*delete\"\n },\n \"label\": \"Deletions\"\n }\n ]\n }\n }\n ]\n}", - "uiStateJSON": "{\n \"vis\": {\n \"legendOpen\": false,\n \"colors\": {\n \"Creations\": \"#019B8F\",\n \"Deletions\": \"#AF0058\"\n }\n }\n}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\n \"index\": \"azure-*\",\n \"filter\": [],\n \"query\": {\n \"query\": \"azure.group:activity_log AND _exists_:identity.claims.name\",\n \"language\": \"lucene\"\n }\n}" - } -} diff --git a/x-pack/modules/azure/configuration/kibana/7.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json b/x-pack/modules/azure/configuration/kibana/7.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json deleted file mode 100644 index 243874d30..000000000 --- a/x-pack/modules/azure/configuration/kibana/7.x/visualization/fec4c5c0-139a-11e8-8c94-a3d8d0cfd62b.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "User Activity Overview [Azure Monitor][Activity Log]", - "visState": "{\"title\":\"User Activity Overview [Azure Monitor][Activity Log]\",\"type\":\"metrics\",\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"timeseries\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"rgba(1,155,143,1)\",\"split_mode\":\"everything\",\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":\"0.4\",\"stacked\":\"none\",\"label\":\"Actions\",\"split_filters\":[{\"filter\":\"_exists_:identity.claims.name\",\"label\":\"\",\"color\":\"rgba(244,78,59,1)\",\"id\":\"a5302500-1399-11e8-a699-f390e75f4dd5\"}],\"filter\":\"\",\"hide_in_legend\":0}],\"time_field\":\"@timestamp\",\"index_pattern\":\"azure-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":0,\"show_grid\":1,\"filter\":\"azure.group:activity_log AND azure.category:Administrative AND _exists_:identity.claims.name\"},\"aggs\":[]}", - "uiStateJSON": "{}", - "description": "", - "version": 1, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{}" - } -} diff --git a/x-pack/modules/azure/configuration/logstash/azure.conf.erb b/x-pack/modules/azure/configuration/logstash/azure.conf.erb deleted file mode 100644 index a612050d2..000000000 --- a/x-pack/modules/azure/configuration/logstash/azure.conf.erb +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one -# or more contributor license agreements. Licensed under the Elastic License; -# you may not use this file except in compliance with the Elastic License. - -input{ -<%= -deprecation_logger.deprecated("The Azure module has been deprecated in favor of the Beats Azure module, and may be removed in a future release. Learn more about the Beats Azure module at https://www.elastic.co/guide/en/beats/filebeat/master/filebeat-module-azure.html") -require 'azure_module_config_generator' -config_generator = LogStash::Azure::ConfigGenerator.new -config_generator.generate_input(@settings) -%> -} - -filter { - json { - source => "message" - } - - if "_jsonparsefailure" not in [tags] { - split { - field => "records" - target => "data" - } - - if "_split_type_failure" not in [tags] { - ruby{ - code => " - event.get('data').each { |k,v| - event.set(k, v) - } - event.remove('data') - " - remove_field => ["message", "records"] - } - - if "_rubyexception" not in [tags] { - azure_event{} - - if "_azure_event_failure" not in [tags] { - if [callerIpAddress]{ - geoip { - source => "callerIpAddress" - } - } - date { - match => [ "time", "ISO8601" ] - } - mutate { - copy => { "@metadata" => "[azure][metadata]" } - } - } - } - } - } -} - -output { -<%= elasticsearch_output_config('_doc') %> -} diff --git a/x-pack/modules/azure/lib/azure_module_config_generator.rb b/x-pack/modules/azure/lib/azure_module_config_generator.rb deleted file mode 100644 index 3829fb66b..000000000 --- a/x-pack/modules/azure/lib/azure_module_config_generator.rb +++ /dev/null @@ -1,101 +0,0 @@ -# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one -# or more contributor license agreements. Licensed under the Elastic License; -# you may not use this file except in compliance with the Elastic License. - -require 'logstash/namespace' - -module LogStash - module Azure - class ConfigGenerator - - def generate_input(module_hash) - lines = [] - config = [] - module_hash.each do |k, v| - config << {parse_key(k) => v} if k.start_with?('var.input.azure_event_hubs') && !k.eql?('var.input.azure_event_hubs.event_hubs') - end - mode = :basic - event_hubs = module_hash['var.input.azure_event_hubs.event_hubs'] - if event_hubs - raise "Invalid configuration. 'var.input.azure_event_hubs.event_hubs' must be a set of arrays. Please check your configuration." unless event_hubs.is_a?(Array) && event_hubs.size > 1 && event_hubs[0][0].eql?('name') - reference = event_hubs[0] - if reference.is_a?(Array) - mode = :advanced - # convert parallel arrays to array of hashes - advanced_config = [] - event_hubs.size.times do |x| # process event hubs north -> south - hub_array = [] - next if x == 0 # skip reference array, reference array must be in position 0 - reference.each_with_index do |key, y| # process the reference array west -> east - next if y == 0 # skip the 'name' in the reference array - hub_array << {key => event_hubs[x][y]} # for each item in the reference array, create a hash of reference key to the correct x,y axis, add to array - end - advanced_config << {event_hubs[x][0] => hub_array} # for each event hub create a hash keyed by the hub name. Note the hub name must always be position 0. - end - config << {'event_hubs' => advanced_config} # add the advanced config to the main config... advanced config will always take precedence via the plugin. - end - end - - basic_valid = false - advanced_valid = false - lines << '# start azure_event_hubs' # helps with testing - # write the config to the buffer - config.each do |c| - c.each do |k, v| - if v.is_a?(Array) && k.eql?('event_hubs') && mode.eql?(:advanced) - lines << ' config_mode => "advanced"' - lines << ' ' + k + ' => [' - v.each_with_index do |entry, i| - if mode.eql?(:advanced) - entry.each do |_k, _v| - lines << ' {"' + _k + '" => {' - _v.each do |_entry| - _entry.each do |__k, __v| - advanced_valid = true if __k.eql?('event_hub_connection') - lines << ' ' + format_key_value(__k, __v) - end - end - lines << ' ' + '}}' + (i < v.length - 1 ? ',' : '') - end - end - end - lines << ' ' + ']' - end - if k.eql?('event_hub_connections') - v.each do |connection| - basic_valid = connection.include?('EntityPath') - end - end - lines << ' ' + format_key_value(k, v) unless k.eql?('event_hubs') - end - end - lines << '# end azure_event_hubs' # helps with testing - raise "Invalid configuration. 'var.input.azure_event_hubs.event_hub_connections' must be set, and the connection string must contain the EntityPath." if mode.eql?(:basic) && !basic_valid - raise "Invalid configuration. Could not parse out 'var.input.azure_event_hubs.event_hubs'. Please check your configuration." if mode.eql?(:advanced) && !advanced_valid - - <<-CONF - azure_event_hubs { - #{lines.compact.join("\n ")} - } - CONF - end - - def format_key_value(key, value) - key.to_s + ' => ' + format_value(value) - end - - def parse_key(key) - key.split('.').last - end - - def format_value(value) - # protects against special symbols in value string - if value.is_a?(String) - '"' + value + '"' - else - value.to_s - end - end - end - end -end diff --git a/x-pack/modules/azure/lib/filters/azure_event.rb b/x-pack/modules/azure/lib/filters/azure_event.rb deleted file mode 100644 index 4486b58e2..000000000 --- a/x-pack/modules/azure/lib/filters/azure_event.rb +++ /dev/null @@ -1,248 +0,0 @@ -# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one -# or more contributor license agreements. Licensed under the Elastic License; -# you may not use this file except in compliance with the Elastic License. - -require "logstash/filters/base" -require "logstash/namespace" -require "logstash/json" - -module LogStash - module Filters - class AzureEvent < LogStash::Filters::Base - - config_name "azure_event" - - # When all heuristics fail to identify a category, this category will be used if and only if the default_match fields are present, and the resource has been parsed correctly - config :default_category, :validate => :string, :default => "Administrative" - - # These fields must be present to match to the default default category - config :default_match, :validate => :array, :default => ["operationName", "level"] - - # Possible [azure][category] values for [azure][group] = "activity_log", the category names must be mutually exclusive between groups - config :activity_log_categories, :validate => :array, :default => ["Administrative", "ServiceHealth", "Alert", "Autoscale", "Security"] - - # Possible [azure][category] values for [azure][group] = "sql_diagnostics", the category names must be mutually exclusive between groups - config :sql_diagnostics_categories, :validate => :array, :default => - ["Metric", "Blocks", "Errors", "Timeouts", "QueryStoreRuntimeStatistics", "QueryStoreWaitStatistics", "DatabaseWaitStatistics", "SQLInsights"] - - # Append values to the `tags` field when there has been not been a match to a known azure event group or category. - config :tag_on_failure, :validate => :array, :default => ["_azure_event_failure"] - - ACTIVITY_LOG_GROUP = "activity_log".freeze - SQL_DIAGNOSTICS_GROUP = "sql_diagnostics".freeze - - def register - # do nothing - end - - def filter(event) - resource_id = event.get("resourceId") - if resource_id && add_resources(resource_id, event) && add_group_and_category(event) - # rename properties to include the group/category to help avoid mapping errors - if event.get("properties") - group = event.get("[azure][group]") - category = event.get("[azure][category]") - explode_properties(group, category, event) - event.set("[#{group}_#{category}_properties]", event.get("properties")) - event.remove("properties") - end - filter_matched(event) - else - @tag_on_failure.each do |tag| - event.tag(tag) - end - logger.trace("Failed to parse event as an Azure Event", :event => event) if logger.trace? - end - end - - # public methods may change state of event, and should return true if successful - - ## - # Parses the resourceId to pull out the relevant parts into the event - # return true if the common set of fields can be extracted from the resourceId, false otherwise - def add_resources(resource_id, event) - common_resources = explode_common_resources(resource_id) - if common_resources - common_resources.each do |k, v| - event.set("[azure][#{k}]", v) - end - - if common_resources["provider"] == "MICROSOFT.SQL" - sql_resources = explode_sql_resources(resource_id) - if sql_resources - sql_resources.each do |k, v| - event.set("[azure][#{k}]", v) - end - end - end - end - !common_resources.nil? - end - - ## - # adds a group and category to the provided event - # return true if the group and category are added, false otherwise - def add_group_and_category(event) - #always prefer @metadata category over the heuristics - category = event.get("[@metadata][category]") - if category.nil? - category = find_category(event) - end - event.set("[azure][category]", category) if category - group = @activity_log_categories.include?(category) ? ACTIVITY_LOG_GROUP : @sql_diagnostics_categories.include?(category) ? SQL_DIAGNOSTICS_GROUP : nil - event.set("[azure][group]", group) if group - - !category.nil? - end - - ## - # Based on the group and category, explode the custom properties bag - def explode_properties(group, category, event) - if group == ACTIVITY_LOG_GROUP && category == "ServiceHealth" - add_json_event_properties(event) - end - end - - # Some events such as Service Health can have a Json inside Json as [properties][eventProperties]. This will explode the inner json and replace it with indivisual fields on the event. - def add_json_event_properties(event) - inner_json = event.get("[properties][eventProperties]") - inner_json_as_hash = json_to_hash(inner_json) - if inner_json_as_hash - inner_json_as_hash.each do |k, v| - event.set("[properties][#{k}]", v) - end - event.remove("[properties][eventProperties]") - end - end - - # private methods should not change the state of the event - private - - CONST_FIELD_NAMES = { - "SUBSCRIPTIONS" => "subscription", - "RESOURCEGROUPS" => "resource_group", - "PROVIDERS" => "provider" - }.freeze - - ## - # In general the format of the resourceID for all types is: - # /SUBSCRIPTIONS//RESOURCEGROUPS//PROVIDERS//// - # However, it can be something as short as - # /SUBSCRIPTIONS/ - # It was also observed to be: - # /SUBSCRIPTIONS//PROVIDERS/ - # Or as long as needed where the resource_type/resource_name pairings can continue N times. - # The display values for repeating resource_type/resource_name pairings should be: - # resource_type = resource_type1/resource_type2/resource_typeN (concat the types separated by a "/") - # resource_name = resource_nameN (don't concat the names, only use the last) - # returns a hash of the key/value pairings with VALUE always UPPERCASE, returns nil if there are not at least 2 parts - ## - def explode_common_resources(_resource_id) - resource_id = _resource_id.upcase - logger.debug("parsing resourceId={}", resource_id) - grouped_parts = {} - parts = resource_id.split("/") - return nil unless parts.size >= 3 - return nil unless parts.shift == "" # split returns an empty first result when the string starts with the split value - - index = 1 - const_count = 0 - const_count += 1 if resource_id.include?("/SUBSCRIPTIONS/") - const_count += 1 if resource_id.include?("/RESOURCEGROUPS/") - const_count += 1 if resource_id.include?("/PROVIDERS/") - - const_count.times do - const = parts.shift - index += const.size + 1 - part_name = to_field_name(const) - value = parts.shift - index += value.size + 1 - grouped_parts[part_name] = value if part_name - end - - type_name_repeating = resource_id[index, resource_id.size] - - # For a/b/c/d/e/f , resource_type = a/c/e, resource_name = f - if type_name_repeating - type_name_repeating_pairs = type_name_repeating.split("/") - grouped_parts["resource_name"] = type_name_repeating_pairs.last - data = [] - type_name_repeating_pairs.each_slice(2) {|first, second| data << first} - grouped_parts["resource_type"] = data.join("/") - end - grouped_parts - end - - def to_field_name(const) - CONST_FIELD_NAMES[const] - end - - ## - # Retrieve resources from a MICROSOFT.SQL provider resource_id - # /SUBSCRIPTIONS//RESOURCEGROUPS//PROVIDERS/MICROSOFT.SQL/SERVERS//DATABASES/ - # returns a hash of the key/value pairings for server and database, with VALUE always UPPERCASE, nil if ANY expectations of the format are not found - def explode_sql_resources(resource_id) - grouped_parts = {} - parts = resource_id.upcase.split("/", 11) - return nil unless parts.size == 11 - parts[7] == "SERVERS" ? grouped_parts["server"] = parts[8] : (return nil) - parts[9] == "DATABASES" ? grouped_parts["database"] = parts[10] : (return nil) - grouped_parts["server_and_database"] = parts[8] + "/" + parts[10] - grouped_parts["db_unique_id"] = parts[2] + "/" + parts[4] + "/" + parts[8] + "/" + parts[10] - grouped_parts - end - - ## - # returns the Hash of the provided json, nil if not json - def json_to_hash(json) - if json && json.to_s.strip[0] == "{" #faster then throwing an exception if not json - begin - LogStash::Json.load(json) - rescue - # Do nothing, there are no documented guarantees that this is indeed Json - nil - end - end - end - - ## - # finds the category based on event heuristics - # returns the category as string if can be found, nil otherwise - def find_category(event) - category = find_category_sql_diagnostics(event) - category ||= find_category_activity_log(event) - category ||= find_category_default(event) - category - end - - ## - # attempt to find the category of an sql diagnostic log - # returns the category if can match the heuristics for sql_diagnostic logs, nil otherwise - def find_category_sql_diagnostics(event) - return nil unless event.get("[azure][provider]") == "MICROSOFT.SQL" - event.get("metricName") ? "Metric" : event.get("category") - end - - ## - # attempt to find the category of an activity log - # returns the category if can match the heuristics for activity logs, nil otherwise - def find_category_activity_log(event) - category = event.get("[properties][eventCategory]") #observerd location - category ||= event.get("[category][value]") #documented location - category = "Security" if category == "Recommendation" - category - end - - ## - # attempt to apply the default category - # returns the default category if and only if all the default_match parameters exist in the event - def find_category_default(event) - if @default_match.all? {|match| event.get(match)} - @default_category - else - nil - end - end - end - end -end diff --git a/x-pack/spec/modules/azure/azure_module_config_generator_spec.rb b/x-pack/spec/modules/azure/azure_module_config_generator_spec.rb deleted file mode 100644 index 7bd3fb6d8..000000000 --- a/x-pack/spec/modules/azure/azure_module_config_generator_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one -# or more contributor license agreements. Licensed under the Elastic License; -# you may not use this file except in compliance with the Elastic License. - -require 'x-pack/logstash_registry' -require 'logstash-core' -require 'logstash/settings' -require 'logstash/util/modules_setting_array' -require 'logstash/modules/scaffold' -require 'azure_module_config_generator' - -describe LogStash::Azure::ConfigGenerator do - # always clone and work with the clone since settings are global and can bleed between tests - let(:settings) {settings = LogStash::SETTINGS.clone} - - describe "valid configuration" do - it "advanced" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.advanced.yml") - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - - expected = <<-EXPECTED -threads => 8 -decorate_events => true -consumer_group => "logstash" -config_mode => "advanced" -event_hubs => [ - {"insights-operational-logs" => { - event_hub_connection => "Endpoint=sb://example1..." - storage_connection => "DefaultEndpointsProtocol=https;AccountName=example1...." - initial_position => "HEAD" - decorate_events => "true" - }}, - {"insights-metrics-pt1m" => { - event_hub_connection => "Endpoint=sb://example2..." - storage_connection => "DefaultEndpointsProtocol=https;AccountName=example2...." - initial_position => "TAIL" - decorate_events => "true" - }}, - {"insights-logs-errors" => { - event_hub_connection => "Endpoint=sb://example3..." - storage_connection => "DefaultEndpointsProtocol=https;AccountName=example3...." - initial_position => "LOOK_BACK" - decorate_events => "false" - }}, - {"insights-operational-logs" => { - event_hub_connection => "Endpoint=sb://example4..." - storage_connection => "DefaultEndpointsProtocol=https;AccountName=example4...." - initial_position => "HEAD" - decorate_events => "true" - }} -] - EXPECTED - - expected_config_lines = expected.lines - actual_config_lines = module_config.config_string.lines - expect(expected_config_lines.size).to be < actual_config_lines.size - compare = false - i = 0 - actual_config_lines.each do |line| - if line.include?('end azure_event_hubs') - compare = false - end - if compare - expect(line.strip).to eql(expected_config_lines[i].strip) - i += 1 - end - if line.include?('start azure_event_hubs') - compare = true - end - end - end - - it "basic" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.basic.yml") - # puts settings.to_hash.to_s - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - module_config.config_string - expected = <<-EXPECTED -threads => 8 -decorate_events => true -consumer_group => "logstash" -storage_connection => "DefaultEndpointsProtocol=https;AccountName=example...." -event_hub_connections => ["Endpoint=sb://example1...EntityPath=insights-logs-errors", "Endpoint=sb://example2...EntityPath=insights-metrics-pt1m"] - EXPECTED - - expected_config_lines = expected.lines - actual_config_lines = module_config.config_string.lines - expect(expected_config_lines.size).to be < actual_config_lines.size - compare = false - i = 0 - actual_config_lines.each do |line| - if line.include?('end azure_event_hubs') - compare = false - end - if compare - expect(line.strip).to eql(expected_config_lines[i].strip) - i += 1 - end - if line.include?('start azure_event_hubs') - compare = true - end - end - end - end - - describe "invalid configuration" do - it "advanced1" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.advanced_invalid1.yml") - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - expect {module_config.config_string}.to raise_error(/must be a set of arrays/) - end - - it "advanced2" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.advanced_invalid2.yml") - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - expect {module_config.config_string}.to raise_error(/'var.input.azure_event_hubs.event_hub_connections' must be set/) - end - - it "basic1" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.basic_invalid1.yml") - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - expect {module_config.config_string}.to raise_error(/'var.input.azure_event_hubs.event_hub_connections' must be set./) - end - - it "basic2" do - settings.from_yaml(::File.join(File.dirname(__FILE__), "samples", "yaml"), "logstash.basic_invalid2.yml") - module_hash = settings.get("modules").find {|m| m["name"] == 'azure'} - scaffolding = LogStash::Modules::Scaffold.new('azure', ::File.join(File.dirname(__FILE__), '..', '..', '..', 'modules', 'azure', 'configuration')) - module_config = LogStash::Modules::LogStashConfig.new(scaffolding, module_hash) - expect {module_config.config_string}.to raise_error(/'var.input.azure_event_hubs.event_hub_connections' must be set./) - end - end -end diff --git a/x-pack/spec/modules/azure/filters/azure_event_spec.rb b/x-pack/spec/modules/azure/filters/azure_event_spec.rb deleted file mode 100644 index fbdb12e2b..000000000 --- a/x-pack/spec/modules/azure/filters/azure_event_spec.rb +++ /dev/null @@ -1,496 +0,0 @@ -# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one -# or more contributor license agreements. Licensed under the Elastic License; -# you may not use this file except in compliance with the Elastic License. - -require 'x-pack/logstash_registry' -require 'logstash/devutils/rspec/spec_helper' -require 'logstash/json' -require 'filters/azure_event' -require 'logstash/config/pipeline_config' -require_relative '../../../../../logstash-core/spec/support/pipeline/pipeline_helpers' - -describe LogStash::Filters::AzureEvent do - extend PipelineHelpers - - let(:settings) do - s = LogStash::SETTINGS.clone - s.set_value("pipeline.workers", 1) - s - end - - describe "Parses the admin activity log" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # ensure defaults don't kick in - default_match => ["nonexistent"] - } - } - CONFIG - end - - # as documented - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/administrative1.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("DD042F02-6B3E-4F79-939A-6A381FFED3C0") - expect(subject.get("[azure][resource_group]")).to eq("MYRESOURCEGROUP") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.NETWORK") - expect(subject.get("[azure][resource_type]")).to eq("NETWORKSECURITYGROUPS") - expect(subject.get("[azure][resource_name]")).to eq("MYNSG") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Administrative") - expect(subject).to include("activity_log_Administrative_properties") - expect(subject).not_to include("properties") - end - - describe "with default" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # allow default - } - } - CONFIG - end - # as observed - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/administrative2.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("9103C2E0-A392-4CE3-BADD-E50F19378DEB") - expect(subject.get("[azure][resource_group]")).to eq("MYLINUXVMRG") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.STORAGE") - expect(subject.get("[azure][resource_type]")).to eq("STORAGEACCOUNTS") - expect(subject.get("[azure][resource_name]")).to eq("STORE835G") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Administrative") - expect(subject).not_to include("activity_log_Administrative_properties") - expect(subject).not_to include("properties") - end - - # as observed, missing the resource group, type, and name - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/administrative3.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("872F2E12-6CCC-4EAD-8D3C-AC833009C1A4") - expect(subject.get("[azure][resource_group]")).to be_nil - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.ADVISOR") - expect(subject.get("[azure][resource_type]")).to be_nil - expect(subject.get("[azure][resource_name]")).to be_nil - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Administrative") - expect(subject).not_to include("activity_log_Administrative_properties") - expect(subject).not_to include("properties") - end - end - end - - describe "Parses the service health activity log" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # ensure defaults don't kick in - default_match => ["nonexistent"] - } - } - CONFIG - end - - # as documented - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/service_health1.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("MYSUBSCRIPTIONID") - expect(subject.get("[azure][resource_group]")).to be_nil - expect(subject.get("[azure][provider]")).to be_nil - expect(subject.get("[azure][resource_type]")).to be_nil - expect(subject.get("[azure][resource_name]")).to be_nil - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("ServiceHealth") - expect(subject).to include("activity_log_ServiceHealth_properties") - expect(subject).not_to include("properties") - end - - # as observed - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/service_health2.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("13100E9F-5DCE-4686-B4F4-FF997D407A75") - expect(subject.get("[azure][resource_group]")).to be_nil - expect(subject.get("[azure][provider]")).to be_nil - expect(subject.get("[azure][resource_type]")).to be_nil - expect(subject.get("[azure][resource_name]")).to be_nil - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("ServiceHealth") - expect(subject).to include("activity_log_ServiceHealth_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses the Security activity log" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # ensure defaults don't kick in - default_match => ["nonexistent"] - } - } - CONFIG - end - - # as documented - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/security1.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("D4742BB8-C279-4903-9653-9858B17D0C2E") - expect(subject.get("[azure][resource_group]")).to be_nil - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SECURITY") - expect(subject.get("[azure][resource_type]")).to eq("LOCATIONS/ALERTS") - expect(subject.get("[azure][resource_name]")).to eq("2518939942613820660_A48F8653-3FC6-4166-9F19-914F030A13D3") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Security") - expect(subject).to include("activity_log_Security_properties") - expect(subject).not_to include("properties") - end - - # as observed - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/security2.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("F628BA4C-F07B-4AEB-86CB-C89784BBD9B3") - expect(subject.get("[azure][resource_group]")).to be_nil - expect(subject.get("[azure][provider]")).to be_nil - expect(subject.get("[azure][resource_type]")).to be_nil - expect(subject.get("[azure][resource_name]")).to be_nil - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Security") - expect(subject).to include("activity_log_Security_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses the Autoscale activity log" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # ensure defaults don't kick in - default_match => ["nonexistent"] - } - } - CONFIG - end - - # as documented - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/auto_scale1.json')) - sample_one(LogStash::Json.load(file)) do - assert - end - - # as observed TODO: actually observe this ! (I don't have any examples for autoscale) - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/auto_scale2.json')) - sample_one(LogStash::Json.load(file)) do - assert - end - - def assert - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("MYSUBSCRIPTIONID") - expect(subject.get("[azure][resource_group]")).to eq("MYRESOURCEGROUP") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.INSIGHTS") - expect(subject.get("[azure][resource_type]")).to eq("AUTOSCALESETTINGS") - expect(subject.get("[azure][resource_name]")).to eq("MYRESOURCEGROUP-PRODUCTION-MYRESOURCE-MYRESOURCEGROUP") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Autoscale") - expect(subject).to include("activity_log_Autoscale_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses the Alert activity log" do - let(:config) do - <<-CONFIG - filter { - azure_event { - # ensure defaults don't kick in - default_match => ["nonexistent"] - } - } - CONFIG - end - - # as documented - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/alert1.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("MYSUBSCRIPTIONID") - expect(subject.get("[azure][resource_group]")).to eq("MYRESOURCEGROUP") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.CLASSICCOMPUTE") - expect(subject.get("[azure][resource_type]")).to eq("DOMAINNAMES/SLOTS/ROLES") - expect(subject.get("[azure][resource_name]")).to eq("EVENT.BACKGROUNDJOBSWORKER.RAZZLE") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Alert") - expect(subject).to include("activity_log_Alert_properties") - expect(subject).not_to include("properties") - end - - # as observed - file = File.read(File.join(File.dirname(__FILE__), '../samples/activity_log/alert2.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("C27F13D5-E19A-4A4C-8415-4056C7C752BC") - expect(subject.get("[azure][resource_group]")).to eq("DEFAULT-ACTIVITYLOGALERTS") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.INSIGHTS") - expect(subject.get("[azure][resource_type]")).to eq("ACTIVITYLOGALERTS") - expect(subject.get("[azure][resource_name]")).to eq("NOTIFY OPEN HEALTH ALERT") - expect(subject.get("[azure][group]")).to eq("activity_log") - expect(subject.get("[azure][category]")).to eq("Alert") - expect(subject).to include("activity_log_Alert_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses database wait stats logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - # sql diagnostic - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/database_wait_statistics.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("741FD6F5-9FB8-462C-97C3-3HF4CH23HC2A") - expect(subject.get("[azure][resource_group]")).to eq("GO5RG") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("WORKGO5") - # db specific resources - expect(subject.get("[azure][server]")).to eq("GO5RS") - expect(subject.get("[azure][database]")).to eq("WORKGO5") - expect(subject.get("[azure][server_and_database]")).to eq("GO5RS/WORKGO5") - expect(subject.get("[azure][db_unique_id]")).to eq("741FD6F5-9FB8-462C-97C3-3HF4CH23HC2A/GO5RG/GO5RS/WORKGO5") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("DatabaseWaitStatistics") - expect(subject).to include("sql_diagnostics_DatabaseWaitStatistics_properties") - expect(subject).not_to include("properties") - end - end - describe "Parses database block logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/blocks.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("851FD0F5-9GB8-552C-41C3-3TH4FA231C3A") - expect(subject.get("[azure][resource_group]")).to eq("DEMTP789") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DB05001") - # db specific resources - expect(subject.get("[azure][server]")).to eq("SRV1238FG9") - expect(subject.get("[azure][database]")).to eq("DB05001") - expect(subject.get("[azure][server_and_database]")).to eq("SRV1238FG9/DB05001") - expect(subject.get("[azure][db_unique_id]")).to eq("851FD0F5-9GB8-552C-41C3-3TH4FA231C3A/DEMTP789/SRV1238FG9/DB05001") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("Blocks") - expect(subject).to include("sql_diagnostics_Blocks_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses database error logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/errors.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("846FY0F5-9C8H-452C-95C3-555555666C2A") - expect(subject.get("[azure][resource_group]")).to eq("OPT489") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DB874999") - # db specific resources - expect(subject.get("[azure][server]")).to eq("OPT489") - expect(subject.get("[azure][database]")).to eq("DB874999") - expect(subject.get("[azure][server_and_database]")).to eq("OPT489/DB874999") - expect(subject.get("[azure][db_unique_id]")).to eq("846FY0F5-9C8H-452C-95C3-555555666C2A/OPT489/OPT489/DB874999") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("Errors") - expect(subject).to include("sql_diagnostics_Errors_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses database timeout logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/timeouts.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("E3E7F07F-161E-4591-BB76-711473D4940C") - expect(subject.get("[azure][resource_group]")).to eq("ST76") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DB9977") - # db specific resources - expect(subject.get("[azure][server]")).to eq("ST76") - expect(subject.get("[azure][database]")).to eq("DB9977") - expect(subject.get("[azure][server_and_database]")).to eq("ST76/DB9977") - expect(subject.get("[azure][db_unique_id]")).to eq("E3E7F07F-161E-4591-BB76-711473D4940C/ST76/ST76/DB9977") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("Timeouts") - expect(subject).to include("sql_diagnostics_Timeouts_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses query store runtime statistic logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/querystore_runtime_statistics.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("CBB8D135-BF4F-4792-B835-5872F7EAC917") - expect(subject.get("[azure][resource_group]")).to eq("WWD66") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DB73635G") - # db specific resources - expect(subject.get("[azure][server]")).to eq("WWD66") - expect(subject.get("[azure][database]")).to eq("DB73635G") - expect(subject.get("[azure][server_and_database]")).to eq("WWD66/DB73635G") - expect(subject.get("[azure][db_unique_id]")).to eq("CBB8D135-BF4F-4792-B835-5872F7EAC917/WWD66/WWD66/DB73635G") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("QueryStoreRuntimeStatistics") - expect(subject).to include("sql_diagnostics_QueryStoreRuntimeStatistics_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses querystore wait statistics logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/querystore_wait_statistics.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("70E322AB-5B33-40C7-AD1E-88B2B7CFA236") - expect(subject.get("[azure][resource_group]")).to eq("W66PT") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DB45") - # db specific resources - expect(subject.get("[azure][server]")).to eq("W66PT") - expect(subject.get("[azure][database]")).to eq("DB45") - expect(subject.get("[azure][server_and_database]")).to eq("W66PT/DB45") - expect(subject.get("[azure][db_unique_id]")).to eq("70E322AB-5B33-40C7-AD1E-88B2B7CFA236/W66PT/W66PT/DB45") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("QueryStoreWaitStatistics") - expect(subject).to include("sql_diagnostics_QueryStoreWaitStatistics_properties") - expect(subject).not_to include("properties") - end - end - - describe "Parses database metric logs" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - file = File.read(File.join(File.dirname(__FILE__), '../samples/sql_diagnostics/metric.json')) - sample_one(LogStash::Json.load(file)) do - expect(subject).to include("resourceId") - expect(subject.get("[azure][subscription]")).to eq("D427EE51-17CB-441A-9363-07390D5DC79E") - expect(subject.get("[azure][resource_group]")).to eq("RG5") - expect(subject.get("[azure][provider]")).to eq("MICROSOFT.SQL") - expect(subject.get("[azure][resource_type]")).to eq("SERVERS/DATABASES") - expect(subject.get("[azure][resource_name]")).to eq("DJFU48") - # db specific resources - expect(subject.get("[azure][server]")).to eq("SRV12") - expect(subject.get("[azure][database]")).to eq("DJFU48") - expect(subject.get("[azure][server_and_database]")).to eq("SRV12/DJFU48") - expect(subject.get("[azure][db_unique_id]")).to eq("D427EE51-17CB-441A-9363-07390D5DC79E/RG5/SRV12/DJFU48") - # group/category - expect(subject.get("[azure][group]")).to eq("sql_diagnostics") - expect(subject.get("[azure][category]")).to eq("Metric") - expect(subject).not_to include("properties") - end - end - - describe "Fails to parse" do - let(:config) do - <<-CONFIG - filter { - azure_event { - - } - } - CONFIG - end - - sample_one("{'a': 'b'}") do - expect(subject).to include("tags") - expect(subject.get("[tags][0]")).to eq("_azure_event_failure") - end - end -end diff --git a/x-pack/spec/modules/azure/samples/activity_log/administrative1.json b/x-pack/spec/modules/azure/samples/activity_log/administrative1.json deleted file mode 100644 index ee86bbe42..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/administrative1.json +++ /dev/null @@ -1,84 +0,0 @@ -{ - "_comment": "Administrative example from https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema", - "authorization": { - "action": "Microsoft.Network/networkSecurityGroups/write", - "scope": "/subscriptions/dd042f02-6b3e-4f79-939a-6a381ffed3c0/resourcegroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/myNSG" - }, - "caller": "rob@contoso.com", - "channels": "Operation", - "claims": { - "aud": "https://management.core.windows.net/", - "iss": "https://sts.windows.net/1114444b-7467-4144-a616-e3a5d63e147b/", - "iat": "1234567890", - "nbf": "1234567890", - "exp": "1234567890", - "_claim_names": "{\"groups\":\"src1\"}", - "_claim_sources": "{\"src1\":{\"endpoint\":\"https://graph.windows.net/1114444b-7467-4144-a616-e3a5d63e147b/users/f409edeb-4d29-44b5-9763-ee9348ad91bb/getMemberObjects\"}}", - "http://schemas.microsoft.com/claims/authnclassreference": "1", - "aio": "A3GgTJdwK4vy7Fa7l6DgJC2mI0GX44tML385OpU1Q+z+jaPnFMwB", - "http://schemas.microsoft.com/claims/authnmethodsreferences": "rsa,mfa", - "appid": "355249ed-15d9-460d-8481-84026b065942", - "appidacr": "2", - "http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier": "10845a4d-ffa4-4b61-a3b4-e57b9b31cdb5", - "e_exp": "262800", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Robertson", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "Rob", - "ipaddr": "111.111.1.111", - "name": "Rob Robertson", - "http://schemas.microsoft.com/identity/claims/objectidentifier": "f409edeb-4d29-44b5-9763-ee9348ad91bb", - "onprem_sid": "S-1-5-21-4837261184-168309720-1886587427-18514304", - "puid": "18247BBD84827C6D", - "http://schemas.microsoft.com/identity/claims/scope": "user_impersonation", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "b-24Jf94A3FH2sHWVIFqO3-RSJEiv24Jnif3gj7s", - "http://schemas.microsoft.com/identity/claims/tenantid": "1114444b-7467-4144-a616-e3a5d63e147b", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "rob@contoso.com", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "rob@contoso.com", - "uti": "IdP3SUJGtkGlt7dDQVRPAA", - "ver": "1.0" - }, - "correlationId": "b5768deb-836b-41cc-803e-3f4de2f9e40b", - "eventDataId": "d0d36f97-b29c-4cd9-9d3d-ea2b92af3e9d", - "eventName": { - "value": "EndRequest", - "localizedValue": "End request" - }, - "category": { - "value": "Administrative", - "localizedValue": "Administrative" - }, - "eventTimestamp": "2018-01-29T20:42:31.3810679Z", - "id": "/subscriptions/dd042f02-6b3e-4f79-939a-6a381ffed3c0/resourcegroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/myNSG/events/d0d36f97-b29c-4cd9-9d3d-ea2b92af3e9d/ticks/636528553513810679", - "level": "Informational", - "operationId": "04e575f8-48d0-4c43-a8b3-78c4eb01d287", - "operationName": { - "value": "Microsoft.Network/networkSecurityGroups/write", - "localizedValue": "Microsoft.Network/networkSecurityGroups/write" - }, - "resourceGroupName": "myResourceGroup", - "resourceProviderName": { - "value": "Microsoft.Network", - "localizedValue": "Microsoft.Network" - }, - "resourceType": { - "value": "Microsoft.Network/networkSecurityGroups", - "localizedValue": "Microsoft.Network/networkSecurityGroups" - }, - "resourceId": "/subscriptions/dd042f02-6b3e-4f79-939a-6a381ffed3c0/resourcegroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/myNSG", - "status": { - "value": "Succeeded", - "localizedValue": "Succeeded" - }, - "subStatus": { - "value": "", - "localizedValue": "" - }, - "submissionTimestamp": "2018-01-29T20:42:50.0724829Z", - "subscriptionId": "dd042f02-6b3e-4f79-939a-6a381ffed3c0", - "properties": { - "statusCode": "Created", - "serviceRequestId": "a4c11dbd-697e-47c5-9663-12362307157d", - "responseBody": "", - "requestbody": "" - }, - "relatedEvents": [] -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/administrative2.json b/x-pack/spec/modules/azure/samples/activity_log/administrative2.json deleted file mode 100644 index 8bdf61072..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/administrative2.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "comment": "as observed", - "time": "2018-01-14T17:01:30.0206739Z", - "resourceId": "/SUBSCRIPTIONS/9103C2E0-A392-4CE3-BADD-E50F19378DEB/RESOURCEGROUPS/MYLINUXVMRG/PROVIDERS/MICROSOFT.STORAGE/STORAGEACCOUNTS/store835G", - "operationName": "MICROSOFT.STORAGE/STORAGEACCOUNTS/LISTKEYS/ACTION", - "category": "Administrative", - "resultType": "Start", - "resultSignature": "Started.", - "durationMs": 0, - "callerIpAddress": "96.238.111.0", - "correlationId": "db84350f-c0bd-4531-a2bf-810a857d287e", - "identity": {"authorization":{"scope":"/subscriptions/9103C2E0-A392-4CE3-BADD-E50F19378DEB/resourceGroups/MyLinuxVMRG/providers/Microsoft.Storage/storageAccounts/store835G","action":"Microsoft.Storage/storageAccounts/listKeys/action","evidence":{"role":"Insights Management Service Role","roleAssignmentScope":"/subscriptions/9103C2E0-A392-4CE3-BADD-E50F19378DEB","roleAssignmentId":"126C0FC827F94412B3F8CD170A670569","roleDefinitionId":"A1E4B681D228474FB8C9417FA51EA1DD","principalId":"305CF1ABA4AA418BA44CFBBD096C0C1A","principalType":"ServicePrincipal"}},"claims":{"aud":"https://management.azure.com/","iss":"https://sts.windows.net/C4520330-BEAB-4A22-8FD4-59FF78196A05/","iat":"1515948989","nbf":"1515948989","exp":"1515952889","aio":"Y2NgYJgW3OHjWydaGi3vL5iRpVIPAA==","appid":"11c174dc-1945-4a9a-a36b-c79a0f246b9b","appidacr":"2","e_exp":"262800","http://schemas.microsoft.com/identity/claims/identityprovider":"https://sts.windows.net/C45203C0-CEAB-4A22-8FD4-59FFF8196A05/","http://schemas.microsoft.com/identity/claims/objectidentifier":"79D0CC17-AF3F-4CCC-A23C-A3FCC18475B4","http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier":"79D0CC17-AF3F-4CCC-A23C-A3FCC18475B4","http://schemas.microsoft.com/identity/claims/tenantid":"C4520330-BEAB-4B22-8FD4-59FF78196A05","uti":"Ztcp1xZ4t0S0Cb_v0j0kAA","ver":"1.0"}}, - "level": "Information", - "location": "global" -} diff --git a/x-pack/spec/modules/azure/samples/activity_log/administrative3.json b/x-pack/spec/modules/azure/samples/activity_log/administrative3.json deleted file mode 100644 index 650a25f2b..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/administrative3.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "_comment":"as observed, missing the resource group", - "callerIpAddress": "100.14.28.29", - "FAILURE": true, - "time": "2017-12-19T00:01:04.4382629Z", - "identity": { - "claims": { - "http://schemas.microsoft.com/identity/claims/objectidentifier": "2d43f8b4-a732-4570-a3a2-3f1ab49e30ac", - "http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd,mfa", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "bill.gates@microsoft.com", - "iat": "1513639560", - "http://schemas.microsoft.com/claims/authnclassreference": "1", - "nbf": "1513639560", - "http://schemas.microsoft.com/identity/claims/scope": "user_impersonation", - "http://schemas.microsoft.com/identity/claims/tenantid": "95BD959B-A8C2-4AB8-9188-2A5647689841", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "2_2WJr9rionVzG7dYMqKH-VC3UWhPVXngLPpXPQYog0", - "aud": "https://management.core.windows.net/", - "in_corp": "true", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "bill.gates@microsoft.com", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "billy bob", - "ver": "1.0", - "appid": "c44b4083-3bb0-49c1-b47d-974e53vbtf3c", - "uti": "1UWEqubsQ0OCsnLug3AMAA", - "_claim_names": "{\"groups\":\"src1\"}", - "_claim_sources": "{\"src1\":{\"endpoint\":\"https://graph.windows.net/95BD959B-A8C2-4AB8-9188-2A5147989841/users/2d43f8b4-a732-4570-a3a2-3f1ab49f30ac/getMemberObjects\"}}", - "iss": "https://sts.windows.net/95BD959B-A8C2-4AB8-9188-2A5147989841/", - "exp": "1513643460", - "aio": "Y2NgYOC5He38sHp9h/8vrfchqS2NZ0918+0vETD9+inoRjxDgTsA", - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Robinson", - "onprem_sid": "S-1-5-21-2127521184-1604012920-1887927527-15292006", - "e_exp": "262800", - "puid": "100300008BB08AB6", - "name": "John Smith", - "ipaddr": "252.69.73.240", - "appidacr": "2" - }, - "authorization": { - "action": "Microsoft.Advisor/generateRecommendations/action", - "scope": "/subscriptions/872F2E12-6CCC-4EAD-8D3C-AC833009C1A4" - } - }, - "correlationId": "7f206be7-2639-4417-9776-2aa9eb0e78db", - "@version": "1", - "resultType": "Start", - "location": "global", - "category": "Action", - "@timestamp": "2018-02-12T20:18:27.319Z", - "level": "Information", - "durationMs": 0, - "resultSignature": "Started.", - "resourceId": "/SUBSCRIPTIONS/872F2E12-6CCC-4EAD-8D3C-AC833009C1A4/PROVIDERS/MICROSOFT.ADVISOR", - "operationName": "MICROSOFT.ADVISOR/GENERATERECOMMENDATIONS/ACTION" -} diff --git a/x-pack/spec/modules/azure/samples/activity_log/alert1.json b/x-pack/spec/modules/azure/samples/activity_log/alert1.json deleted file mode 100644 index d2a103130..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/alert1.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "_comment": "Alert example from https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema", - "caller": "Microsoft.Insights/alertRules", - "channels": "Admin, Operation", - "claims": { - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn": "Microsoft.Insights/alertRules" - }, - "correlationId": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/alertrules/myalert/incidents/L3N1YnNjcmlwdGlvbnMvZGY2MDJjOWMtN2FhMC00MDdkLWE2ZmItZWIyMGM4YmQxMTkyL3Jlc291cmNlR3JvdXBzL0NzbUV2ZW50RE9HRk9PRC1XZXN0VVMvcHJvdmlkZXJzL21pY3Jvc29mdC5pbnNpZ2h0cy9hbGVydHJ1bGVzL215YWxlcnQwNjM2MzYyMjU4NTM1MjIxOTIw", - "description": "'Disk read LessThan 100000 ([Count]) in the last 5 minutes' has been resolved for CloudService: myResourceGroup/Production/Event.BackgroundJobsWorker.razzle (myResourceGroup)", - "eventDataId": "149d4baf-53dc-4cf4-9e29-17de37405cd9", - "eventName": { - "value": "Alert", - "localizedValue": "Alert" - }, - "category": { - "value": "Alert", - "localizedValue": "Alert" - }, - "id": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/Event.BackgroundJobsWorker.razzle/events/149d4baf-53dc-4cf4-9e29-17de37405cd9/ticks/636362258535221920", - "level": "Informational", - "resourceGroupName": "myResourceGroup", - "resourceProviderName": { - "value": "Microsoft.ClassicCompute", - "localizedValue": "Microsoft.ClassicCompute" - }, - "resourceId": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/Event.BackgroundJobsWorker.razzle", - "resourceType": { - "value": "Microsoft.ClassicCompute/domainNames/slots/roles", - "localizedValue": "Microsoft.ClassicCompute/domainNames/slots/roles" - }, - "operationId": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/alertrules/myalert/incidents/L3N1YnNjcmlwdGlvbnMvZGY2MDJjOWMtN2FhMC00MDdkLWE2ZmItZWIyMGM4YmQxMTkyL3Jlc291cmNlR3JvdXBzL0NzbUV2ZW50RE9HRk9PRC1XZXN0VVMvcHJvdmlkZXJzL21pY3Jvc29mdC5pbnNpZ2h0cy9hbGVydHJ1bGVzL215YWxlcnQwNjM2MzYyMjU4NTM1MjIxOTIw", - "operationName": { - "value": "Microsoft.Insights/AlertRules/Resolved/Action", - "localizedValue": "Microsoft.Insights/AlertRules/Resolved/Action" - }, - "properties": { - "RuleUri": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/alertrules/myalert", - "RuleName": "myalert", - "RuleDescription": "", - "Threshold": "100000", - "WindowSizeInMinutes": "5", - "Aggregation": "Average", - "Operator": "LessThan", - "MetricName": "Disk read", - "MetricUnit": "Count" - }, - "status": { - "value": "Resolved", - "localizedValue": "Resolved" - }, - "subStatus": { - "value": null - }, - "eventTimestamp": "2017-07-21T09:24:13.522192Z", - "submissionTimestamp": "2017-07-21T09:24:15.6578651Z", - "subscriptionId": "mySubscriptionID" -} diff --git a/x-pack/spec/modules/azure/samples/activity_log/alert2.json b/x-pack/spec/modules/azure/samples/activity_log/alert2.json deleted file mode 100644 index b2498c48d..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/alert2.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "comment": "as observed", - "time": "2017-12-20T02:45:46.9935702Z", - "resourceId": "/SUBSCRIPTIONS/C27F13D5-E19A-4A4C-8415-4056C7C752BC/RESOURCEGROUPS/DEFAULT-ACTIVITYLOGALERTS/PROVIDERS/MICROSOFT.INSIGHTS/ACTIVITYLOGALERTS/NOTIFY OPEN HEALTH ALERT", - "correlationId": "6b87b2d4-e788-4169-849d-456450ea1965", - "operationName": "Microsoft.Insights/ActivityLogAlerts/Activated/action", - "level": "Information", - "resultType": "Succeeded", - "resultDescription": "Alert: Notify Open Health Alert called on action groups : Notify%20Open", - "category": "Action", - "location": "global", - "properties": { - "eventCategory": "Alert", - "eventProperties": "{\"authorization\":null,\"channels\":\"Operation\",\"claims\":\"{\\\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn\\\":\\\"Microsoft.Insights/activityLogAlerts\\\"}\",\"caller\":null,\"correlationId\":\"6b87b2d4-e788-4169-849d-456450ea1965\",\"description\":\"Alert: Notify Open Health Alert called on action groups : Notify%20Open\",\"eventSource\":\"Alert\",\"eventTimestamp\":\"2017-12-20T02:45:46.9935702+00:00\",\"httpRequest\":null,\"eventDataId\":\"68b67da7-9504-4fa8-8223-c7bb51789c5c\",\"level\":\"Informational\",\"operationName\":\"Microsoft.Insights/ActivityLogAlerts/Activated/action\",\"operationId\":\"2db0b2c1-bf63-4379-bf8a-de3ebd11203a\",\"properties\":{\"subscriptionId\":\"C27F13D5-E19A-4A4C-8415-4056C7C752BC\",\"eventDataId\":\"a9e82a0d-3580-aa96-a7aa-5b0419107a04\",\"resourceGroup\":null,\"resourceId\":null,\"eventTimestamp\":\"2017-12-20T02:45:39.3441022Z\",\"operationName\":\"Microsoft.ServiceHealth/actionrequired/action\",\"status\":\"Active\"},\"resourceId\":\"/subscriptions/C27F13D5-E19A-4A4C-8415-4056C7C752BC/resourceGroups/Default-ActivityLogAlerts/providers/microsoft.insights/activityLogAlerts/Notify Open Health Alert\",\"resourceGroupName\":\"Default-ActivityLogAlerts\",\"resourceProviderName\":\"microsoft.insights\",\"status\":\"Succeeded\",\"subStatus\":null,\"subscriptionId\":\"C27F13D5-E19A-4A4C-8415-4056C7C752BC\",\"submissionTimestamp\":\"0001-01-01T00:00:00+00:00\",\"ResourceType\":\"microsoft.insights/activityLogAlerts\"}" - } -} diff --git a/x-pack/spec/modules/azure/samples/activity_log/auto_scale1.json b/x-pack/spec/modules/azure/samples/activity_log/auto_scale1.json deleted file mode 100644 index 8d5c067e5..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/auto_scale1.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "_comment": "Auto scale example from https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema", - "caller": "Microsoft.Insights/autoscaleSettings", - "channels": "Admin, Operation", - "claims": { - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn": "Microsoft.Insights/autoscaleSettings" - }, - "correlationId": "fc6a7ff5-ff68-4bb7-81b4-3629212d03d0", - "description": "The autoscale engine attempting to scale resource '/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource' from 3 instances count to 2 instances count.", - "eventDataId": "a5b92075-1de9-42f1-b52e-6f3e4945a7c7", - "eventName": { - "value": "AutoscaleAction", - "localizedValue": "AutoscaleAction" - }, - "category": { - "value": "Autoscale", - "localizedValue": "Autoscale" - }, - "id": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/myResourceGroup-Production-myResource-myResourceGroup/events/a5b92075-1de9-42f1-b52e-6f3e4945a7c7/ticks/636361956518681572", - "level": "Informational", - "resourceGroupName": "myResourceGroup", - "resourceProviderName": { - "value": "microsoft.insights", - "localizedValue": "microsoft.insights" - }, - "resourceId": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/myResourceGroup-Production-myResource-myResourceGroup", - "resourceType": { - "value": "microsoft.insights/autoscalesettings", - "localizedValue": "microsoft.insights/autoscalesettings" - }, - "operationId": "fc6a7ff5-ff68-4bb7-81b4-3629212d03d0", - "operationName": { - "value": "Microsoft.Insights/AutoscaleSettings/Scaledown/Action", - "localizedValue": "Microsoft.Insights/AutoscaleSettings/Scaledown/Action" - }, - "properties": { - "Description": "The autoscale engine attempting to scale resource '/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource' from 3 instances count to 2 instances count.", - "ResourceName": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource", - "OldInstancesCount": "3", - "NewInstancesCount": "2", - "LastScaleActionTime": "Fri, 21 Jul 2017 01:00:51 GMT" - }, - "status": { - "value": "Succeeded", - "localizedValue": "Succeeded" - }, - "subStatus": { - "value": null - }, - "eventTimestamp": "2017-07-21T01:00:51.8681572Z", - "submissionTimestamp": "2017-07-21T01:00:52.3008754Z", - "subscriptionId": "mySubscriptionID" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/auto_scale2.json b/x-pack/spec/modules/azure/samples/activity_log/auto_scale2.json deleted file mode 100644 index 9f32d75f4..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/auto_scale2.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "_comment": "with eventCategory=Autoscale", - "caller": "Microsoft.Insights/autoscaleSettings", - "channels": "Admin, Operation", - "claims": { - "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn": "Microsoft.Insights/autoscaleSettings" - }, - "correlationId": "fc6a7ff5-ff68-4bb7-81b4-3629212d03d0", - "description": "The autoscale engine attempting to scale resource '/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource' from 3 instances count to 2 instances count.", - "eventDataId": "a5b92075-1de9-42f1-b52e-6f3e4945a7c7", - "eventName": { - "value": "AutoscaleAction", - "localizedValue": "AutoscaleAction" - }, - "id": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/myResourceGroup-Production-myResource-myResourceGroup/events/a5b92075-1de9-42f1-b52e-6f3e4945a7c7/ticks/636361956518681572", - "level": "Informational", - "resourceGroupName": "myResourceGroup", - "resourceProviderName": { - "value": "microsoft.insights", - "localizedValue": "microsoft.insights" - }, - "resourceId": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/myResourceGroup-Production-myResource-myResourceGroup", - "resourceType": { - "value": "microsoft.insights/autoscalesettings", - "localizedValue": "microsoft.insights/autoscalesettings" - }, - "operationId": "fc6a7ff5-ff68-4bb7-81b4-3629212d03d0", - "operationName": { - "value": "Microsoft.Insights/AutoscaleSettings/Scaledown/Action", - "localizedValue": "Microsoft.Insights/AutoscaleSettings/Scaledown/Action" - }, - "properties": { - "eventCategory":"Autoscale", - "Description": "The autoscale engine attempting to scale resource '/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource' from 3 instances count to 2 instances count.", - "ResourceName": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myResourceGroup/slots/Production/roles/myResource", - "OldInstancesCount": "3", - "NewInstancesCount": "2", - "LastScaleActionTime": "Fri, 21 Jul 2017 01:00:51 GMT" - }, - "status": { - "value": "Succeeded", - "localizedValue": "Succeeded" - }, - "subStatus": { - "value": null - }, - "eventTimestamp": "2017-07-21T01:00:51.8681572Z", - "submissionTimestamp": "2017-07-21T01:00:52.3008754Z", - "subscriptionId": "mySubscriptionID" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/security1.json b/x-pack/spec/modules/azure/samples/activity_log/security1.json deleted file mode 100644 index d06756d63..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/security1.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "_comment": "Security example from https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema", - "channels": "Operation", - "correlationId": "965d6c6a-a790-4a7e-8e9a-41771b3fbc38", - "description": "Suspicious double extension file executed. Machine logs indicate an execution of a process with a suspicious double extension.\r\nThis extension may trick users into thinking files are safe to be opened and might indicate the presence of malware on the system.", - "eventDataId": "965d6c6a-a790-4a7e-8e9a-41771b3fbc38", - "eventName": { - "value": "Suspicious double extension file executed", - "localizedValue": "Suspicious double extension file executed" - }, - "category": { - "value": "Security", - "localizedValue": "Security" - }, - "eventTimestamp": "2017-10-18T06:02:18.6179339Z", - "id": "/subscriptions/d4742bb8-c279-4903-9653-9858b17d0c2e/providers/Microsoft.Security/locations/centralus/alerts/965d6c6a-a790-4a7e-8e9a-41771b3fbc38/events/965d6c6a-a790-4a7e-8e9a-41771b3fbc38/ticks/636439033386179339", - "level": "Informational", - "operationId": "965d6c6a-a790-4a7e-8e9a-41771b3fbc38", - "operationName": { - "value": "Microsoft.Security/locations/alerts/activate/action", - "localizedValue": "Microsoft.Security/locations/alerts/activate/action" - }, - "resourceGroupName": "myResourceGroup", - "resourceProviderName": { - "value": "Microsoft.Security", - "localizedValue": "Microsoft.Security" - }, - "resourceType": { - "value": "Microsoft.Security/locations/alerts", - "localizedValue": "Microsoft.Security/locations/alerts" - }, - "resourceId": "/subscriptions/d4742bb8-c279-4903-9653-9858b17d0c2e/providers/Microsoft.Security/locations/centralus/alerts/2518939942613820660_a48f8653-3fc6-4166-9f19-914f030a13d3", - "status": { - "value": "Active", - "localizedValue": "Active" - }, - "subStatus": { - "value": null - }, - "submissionTimestamp": "2017-10-18T06:02:52.2176969Z", - "subscriptionId": "d4742bb8-c279-4903-9653-9858b17d0c2e", - "properties": { - "accountLogonId": "0x2r4", - "commandLine": "c:\\mydirectory\\doubleetension.pdf.exe", - "domainName": "hpc", - "parentProcess": "unknown", - "parentProcess id": "0", - "processId": "6988", - "processName": "c:\\mydirectory\\doubleetension.pdf.exe", - "userName": "myUser", - "UserSID": "S-3-2-12", - "ActionTaken": "Detected", - "Severity": "High" - }, - "relatedEvents": [] -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/security2.json b/x-pack/spec/modules/azure/samples/activity_log/security2.json deleted file mode 100644 index 68714774a..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/security2.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "comment": "as observed", - "time": "2017-12-21T10:55:48.6238832Z", - "resourceId": "/SUBSCRIPTIONS/F628BA4C-F07B-4AEB-86CB-C89784BBD9B3", - "correlationId": "54ade416-3c64-42ba-994f-1f6309efc989", - "operationName": "Microsoft.Security/tasks/write", - "level": "Information", - "resultType": "Succeeded", - "category": "Action", - "location": "global", - "properties": {"eventCategory":"Recommendation","eventName":"New Recommendation","operationId":"e447c42f-af43-40ca-962b-c3740893f100"} -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/service_health1.json b/x-pack/spec/modules/azure/samples/activity_log/service_health1.json deleted file mode 100644 index 409a6fe96..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/service_health1.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "_comment": "Service health example from https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-schema", - "channels": "Admin", - "correlationId": "c550176b-8f52-4380-bdc5-36c1b59d3a44", - "description": "Active: Network Infrastructure - UK South", - "eventDataId": "c5bc4514-6642-2be3-453e-c6a67841b073", - "eventName": { - "value": null - }, - "category": { - "value": "ServiceHealth", - "localizedValue": "Service Health" - }, - "eventTimestamp": "2017-07-20T23:30:14.8022297Z", - "id": "/subscriptions/mySubscriptionID/events/c5bc4514-6642-2be3-453e-c6a67841b073/ticks/636361902148022297", - "level": "Warning", - "operationName": { - "value": "Microsoft.ServiceHealth/incident/action", - "localizedValue": "Microsoft.ServiceHealth/incident/action" - }, - "resourceProviderName": { - "value": null - }, - "resourceType": { - "value": null, - "localizedValue": "" - }, - "resourceId": "/subscriptions/mySubscriptionID", - "status": { - "value": "Active", - "localizedValue": "Active" - }, - "subStatus": { - "value": null - }, - "submissionTimestamp": "2017-07-20T23:30:34.7431946Z", - "subscriptionId": "mySubscriptionID", - "properties": { - "title": "Network Infrastructure - UK South", - "service": "Service Fabric", - "region": "UK South", - "communication": "Starting at approximately 21:41 UTC on 20 Jul 2017, a subset of customers in UK South may experience degraded performance, connectivity drops or timeouts when accessing their Azure resources hosted in this region. Engineers are investigating underlying Network Infrastructure issues in this region. Impacted services may include, but are not limited to App Services, Automation, Service Bus, Log Analytics, Key Vault, SQL Database, Service Fabric, Event Hubs, Stream Analytics, Azure Data Movement, API Management, and Azure Search. Multiple engineering teams are engaged in multiple workflows to mitigate the impact. The next update will be provided in 60 minutes, or as events warrant.", - "incidentType": "Incident", - "trackingId": "NA0F-BJG", - "impactStartTime": "2017-07-20T21:41:00.0000000Z", - "impactedServices": "[{\"ImpactedRegions\":[{\"RegionName\":\"UK South\"}],\"ServiceName\":\"Service Fabric\"}]", - "defaultLanguageTitle": "Network Infrastructure - UK South", - "defaultLanguageContent": "Starting at approximately 21:41 UTC on 20 Jul 2017, a subset of customers in UK South may experience degraded performance, connectivity drops or timeouts when accessing their Azure resources hosted in this region. Engineers are investigating underlying Network Infrastructure issues in this region. Impacted services may include, but are not limited to App Services, Automation, Service Bus, Log Analytics, Key Vault, SQL Database, Service Fabric, Event Hubs, Stream Analytics, Azure Data Movement, API Management, and Azure Search. Multiple engineering teams are engaged in multiple workflows to mitigate the impact. The next update will be provided in 60 minutes, or as events warrant.", - "stage": "Active", - "communicationId": "636361902146035247", - "version": "0.1.1" - } -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/activity_log/service_health2.json b/x-pack/spec/modules/azure/samples/activity_log/service_health2.json deleted file mode 100644 index 45b120077..000000000 --- a/x-pack/spec/modules/azure/samples/activity_log/service_health2.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "comment": "as observed", - "time": "2017-12-20T02:45:39.3441022Z", - "resourceId": "/SUBSCRIPTIONS/13100E9F-5DCE-4686-B4F4-FF997D407A75", - "correlationId": "6b87b2d4-e788-4169-849d-456450ea1965", - "operationName": "Microsoft.ServiceHealth/actionrequired/action", - "level": "Information", - "resultType": "Active", - "resultDescription": "Active: Action Required Regarding Your Linux Virtual Machine(s)", - "category": "Action", - "location": "global", - "properties": { - "eventCategory": "ServiceHealth", - "eventProperties": "{\"authorization\":null,\"channels\":\"Admin\",\"claims\":null,\"caller\":null,\"correlationId\":\"6b87b2d4-e788-4169-849d-456450ea1965\",\"description\":\"Active: Action Required Regarding Your Linux Virtual Machine(s)\",\"eventSource\":\"ServiceHealth\",\"eventTimestamp\":\"2017-12-20T02:45:39.3441022+00:00\",\"httpRequest\":null,\"eventDataId\":\"a9e82a0d-3580-aa96-a7aa-5b0419107a04\",\"level\":\"Informational\",\"operationName\":\"Microsoft.ServiceHealth/actionrequired/action\",\"operationId\":\"6b87b2d4-e788-4169-849d-456450ea1965\",\"properties\":{\"title\":\"Action Required Regarding Your Linux Virtual Machine(s)\",\"service\":\"Virtual Machines\",\"region\":\"Canada Central\",\"communication\":\"Between approximately 23:15 and 23:25 UTC on 12 Dec 2017, we detected that one or more of your Linux Virtual Machines which have the update assessment feature enabled (currently in Preview) during the impact duration may incorrectly report whether your Virtual Machine (VM) requires updates. This includes the update assessment feature enabled in Azure Security Center. In addition, the change tracking feature (currently in Preview) may also be affected if this feature is enabled. Linux VMs onboarded with these features after 23:25 UTC on 12 Dec 2017 are not affected. For short-term mitigation, you can follow the steps in the following documentation: https://aka.ms/updateasstlinux. A fix has been developed and is currently in an extended deployment phase following our safe deployment practices. Engineering teams identified a brief availability drop to a back-end server which caused a monitoring agent responsible for reporting whether or not your VM requires updates to become stuck, resulting in the VM update status not reporting correctly. The next update will be provided in 48 hours, or as events warrant.\",\"incidentType\":\"ActionRequired\",\"trackingId\":\"Q5K2-12O\",\"impactStartTime\":\"2017-12-12T23:15:00.0000000Z\",\"impactMitigationTime\":\"2017-12-12T23:25:00.0000000Z\",\"impactedServices\":\"[{\\\"ImpactedRegions\\\":[{\\\"RegionName\\\":\\\"Canada Central\\\"}],\\\"ServiceName\\\":\\\"Virtual Machines\\\"}]\",\"defaultLanguageTitle\":\"Action Required Regarding Your Linux Virtual Machine(s)\",\"defaultLanguageContent\":\"Between approximately 23:15 and 23:25 UTC on 12 Dec 2017, we detected that one or more of your Linux Virtual Machines which have the update assessment feature enabled (currently in Preview) during the impact duration may incorrectly report whether your Virtual Machine (VM) requires updates. This includes the update assessment feature enabled in Azure Security Center. In addition, the change tracking feature (currently in Preview) may also be affected if this feature is enabled. Linux VMs onboarded with these features after 23:25 UTC on 12 Dec 2017 are not affected. For short-term mitigation, you can follow the steps in the following documentation: https://aka.ms/updateasstlinux. A fix has been developed and is currently in an extended deployment phase following our safe deployment practices. Engineering teams identified a brief availability drop to a back-end server which caused a monitoring agent responsible for reporting whether or not your VM requires updates to become stuck, resulting in the VM update status not reporting correctly. The next update will be provided in 48 hours, or as events warrant.\",\"stage\":\"Active\",\"communicationId\":\"636493347390219010\",\"version\":\"0.1.1\"},\"resourceId\":null,\"resourceGroupName\":null,\"resourceProviderName\":null,\"status\":\"Active\",\"subStatus\":null,\"subscriptionId\":\"13100e9f-5dce-4686-b4f4-ff997d407a75\",\"submissionTimestamp\":\"2017-12-20T02:45:42.4609886+00:00\",\"ResourceType\":null}" - } -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/blocks.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/blocks.json deleted file mode 100644 index 727ee120b..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/blocks.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "ResourceGroup": "DEMTP789", - "time": "2018-01-22T15:42:46.3137688Z", - "LogicalServerName": "SRV1238FG9", - "SubscriptionId": "851FD0F5-9GB8-552C-41C3-3TH4FA231C3A", - "category": "Blocks", - "operationName": "BlockEvent", - "properties": { - "blocked_process_filtered": " filtered filtered ", - "lock_mode": "SCH_S", - "resource_owner_type": "LOCK", - "ElasticPoolName": "epdemoatoff", - "DatabaseName": "DB05001", - "duration": 51854000 - }, - "resourceId": "/SUBSCRIPTIONS/851FD0F5-9GB8-552C-41C3-3TH4FA231C3A/RESOURCEGROUPS/DEMTP789/PROVIDERS/MICROSOFT.SQL/SERVERS/SRV1238FG9/DATABASES/DB05001" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/database_wait_statistics.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/database_wait_statistics.json deleted file mode 100644 index b35de0b62..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/database_wait_statistics.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "ResourceGroup":"go5rg", - "time":"2017-09-15T13:25:50.5770000Z", - "LogicalServerName":"go5rS", - "SubscriptionId":"741fd6f5-9fb8-462c-97c3-3hf4ch23hc2a", - "category":"DatabaseWaitStatistics", - "operationName":"DatabaseWaitStatistcsEvent", - "properties":{ - "start_utc_date":"2017-09-15T13:25:50.5770000Z", - "end_utc_date":"2017-09-15T13:30:50.5770000Z", - "delta_signal_wait_time_ms":111567, - "ElasticPoolName":"RecommendedStandardPool1", - "wait_type":"SOS_SCHEDULER_YIELD", - "DatabaseName":"WorkGO5", - "delta_max_wait_time_ms":0, - "delta_waiting_tasks_count":5429, - "delta_wait_time_ms":111567 - }, - "resourceId":"/SUBSCRIPTIONS/741fd6f5-9fb8-462c-97c3-3hf4ch23hc2a/RESOURCEGROUPS/go5rg/PROVIDERS/MICROSOFT.SQL/SERVERS/go5rS/DATABASES/WORKGO5" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/errors.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/errors.json deleted file mode 100644 index 8fa23b6c4..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/errors.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "ResourceGroup": "OPT489", - "time": "2018-01-16T15:14:41.1342222Z", - "LogicalServerName": "OPT489", - "SubscriptionId": "846FY0F5-9C8H-452C-95C3-555555666C2A", - "category": "Errors", - "operationName": "ErrorEvent", - "properties": { - "query_hash": "0", - "state": 1, - "ElasticPoolName": "RecommendedStandardPool1", - "query_plan_hash": "0", - "DatabaseName": "DB874999", - "user_defined": false, - "error_number": 3902, - "message": "The COMMIT TRANSACTION request has no corresponding BEGIN TRANSACTION.", - "severity": 16 - }, - "resourceId": "/SUBSCRIPTIONS/846FY0F5-9C8H-452C-95C3-555555666C2A/RESOURCEGROUPS/OPT489/PROVIDERS/MICROSOFT.SQL/SERVERS/OPT489/DATABASES/DB874999" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/metric.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/metric.json deleted file mode 100644 index 3ca434214..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/metric.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "resourceId": "/SUBSCRIPTIONS/D427EE51-17CB-441A-9363-07390D5DC79E/RESOURCEGROUPS/RG5/PROVIDERS/MICROSOFT.SQL/SERVERS/SRV12/DATABASES/DJFU48", - "time": "2018-01-29T01:11:00.0000000Z", - "metricName": "cpu_percent", - "maximum": 0.265, - "total": 0.956, - "minimum": 0.227, - "average": 0.239, - "timeGrain": "PT1M", - "count": 4 -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_runtime_statistics.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_runtime_statistics.json deleted file mode 100644 index 73a1b9e85..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_runtime_statistics.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "ResourceGroup": "WWD66", - "time": "2017-11-16T04:07:34.1170000Z", - "LogicalServerName": "WWD66", - "SubscriptionId": "cbb8d135-bf4f-4792-b835-5872f7eac917", - "category": "QueryStoreRuntimeStatistics", - "operationName": "QueryStoreRuntimeStatisticsEvent", - "properties": { - "physical_io_reads": 0, - "max_rowcount": 21, - "num_physical_io_reads": 0, - "interval_end_time": 184911231314688, - "log_bytes_used": 0, - "interval_start_time": 184911230234688, - "cpu_time": 290, - "max_logical_io_reads": 0, - "rowcount": 20, - "dop": 1, - "execution_type": 0, - "plan_id": 1, - "duration": 291, - "max_query_max_used_memory": 128, - "query_plan_hash": "0xEF1E46726521C430", - "statement_sql_handle": "0x090055259E8A2BD73C43B8CD9F7FD43769CE0000000000000000000000000000000000000000000000000000", - "logical_io_reads": 0, - "query_id": 3, - "max_cpu_time": 366, - "max_num_physical_io_reads": 0, - "logical_io_writes": 0, - "max_logical_io_writes": 0, - "max_dop": 1, - "max_duration": 367, - "query_hash": "0xC619BA0B734EA585", - "ElasticPoolName": "RecommendedStandardPool1", - "DatabaseName": "DB73635G", - "count_executions": 1, - "max_physical_io_reads": 0, - "max_log_bytes_used": 0, - "query_max_used_memory": 128 - }, - "resourceId": "/SUBSCRIPTIONS/cbb8d135-bf4f-4792-b835-5872f7eac917/RESOURCEGROUPS/WWD66/PROVIDERS/MICROSOFT.SQL/SERVERS/WWD66/DATABASES/DB73635G" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_wait_statistics.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_wait_statistics.json deleted file mode 100644 index 764b84357..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/querystore_wait_statistics.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "ResourceGroup": "W66PT", - "time": "2017-09-24T09:39:33.7960000Z", - "LogicalServerName": "W66PT", - "SubscriptionId": "70e322ab-5b33-40c7-ad1e-88b2b7cfa236", - "category": "QueryStoreWaitStatistics", - "operationName": "QueryStoreWaitStatisticsEvent", - "properties": { - "query_id": 102871, - "query_param_type": 0, - "interval_end_time": 184683604528000, - "statement_key_hash": "4015210136", - "total_query_wait_time_ms": 29015, - "interval_start_time": 184683603448000, - "wait_category": "UNKNOWN", - "statement_type": "x_estypSelect", - "query_hash": "0x70E9B2B8E70EC4FB", - "ElasticPoolName": "RecommendedStandardPool1", - "query_plan_hash": "0xEBF8F8853BAC4D2C", - "DatabaseName": "DB45", - "count_executions": 14.0, - "statement_sql_handle": "0x0900D010687B69843F347EF35B3FE15D5F9F0000000000000000000000000000000000000000000000000000", - "plan_id": 288, - "is_parameterizable": "true", - "exec_type": 0, - "max_query_wait_time_ms": 2610 - }, - "resourceId": "/SUBSCRIPTIONS/70e322ab-5b33-40c7-ad1e-88b2b7cfa236/RESOURCEGROUPS/W66PT/PROVIDERS/MICROSOFT.SQL/SERVERS/W66PT/DATABASES/DB45" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/sql_insights.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/sql_insights.json deleted file mode 100644 index 4faec3443..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/sql_insights.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "ResourceGroup": "99SGV6", - "time": "2017-09-15T21:25:14.9950534Z", - "level": "Informational", - "LogicalServerName": "99SGV6", - "SubscriptionId": "83109cf8-e0d2-4fba-b262-e7722c72826c", - "category": "SQLInsights", - "operationName": "Insight", - "properties": { - "impact": [ - { - "metric": "ExcessiveWaitingSeconds", - "value": 68, - "entity": { - "value": "0x8A3EF414DC5DABC8", - "type": "Query" - } - }, - { - "metric": "ExcessiveWaitingSeconds", - "value": 17, - "entity": { - "value": "0x93DC8A02889C03D2", - "type": "Query" - } - }, - { - "metric": "ExcessiveWaitingSeconds", - "value": 15.1, - "entity": { - "value": "0x70E9B2B8E70EC4FB", - "type": "Query" - } - } - ], - "issueId": 5213749, - "intervalEndTme": "2017-09-15T21:00:00.0000000Z", - "status": "Active", - "elasticPoolName": "RecommendedStandardPool1", - "intervalStartTime": "2017-09-15T20:45:00.0000000Z", - "rootCauseAnalysis": "The database is hitting its CPU limits. Average consumption has reached 86.8.", - "databaseName": "DB99876", - "detections": [], - "metric": "ExcessiveWaitingSeconds", - "value": 527.403 - }, - "resourceId": "/SUBSCRIPTIONS/83109cf8-e0d2-4fba-b262-e7722c72826c/RESOURCEGROUPS/99SGV6/PROVIDERS/MICROSOFT.SQL/SERVERS/99SGV6/DATABASES/DB99876" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/sql_diagnostics/timeouts.json b/x-pack/spec/modules/azure/samples/sql_diagnostics/timeouts.json deleted file mode 100644 index d2398d2f6..000000000 --- a/x-pack/spec/modules/azure/samples/sql_diagnostics/timeouts.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "ResourceGroup": "St76", - "time": "2017-09-18T22:39:52.1234940Z", - "LogicalServerName": "St76", - "SubscriptionId": "e3e7f07f-161e-4591-bb76-711473d4940c", - "category": "Timeouts", - "operationName": "TimeoutEvent", - "properties": { - "error_state": 173, - "query_hash": "8136230709041743099", - "ElasticPoolName": "RecommendedStandardPool1", - "query_plan_hash": "-1", - "DatabaseName": "DB9977" - }, - "resourceId": "/SUBSCRIPTIONS/e3e7f07f-161e-4591-bb76-711473d4940c/RESOURCEGROUPS/St76/PROVIDERS/MICROSOFT.SQL/SERVERS/St76/DATABASES/DB9977" -} \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.advanced.yml deleted file mode 100644 index 496d35af7..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced.yml +++ /dev/null @@ -1,11 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: logstash - var.input.azure_event_hubs.event_hubs: - - ["name", "event_hub_connection", "storage_connection", "initial_position", "decorate_events"] - - ["insights-operational-logs", "Endpoint=sb://example1...", "DefaultEndpointsProtocol=https;AccountName=example1....", "HEAD", "true"] - - ["insights-metrics-pt1m", "Endpoint=sb://example2...", "DefaultEndpointsProtocol=https;AccountName=example2....", "TAIL", "true"] - - ["insights-logs-errors", "Endpoint=sb://example3...", "DefaultEndpointsProtocol=https;AccountName=example3....", "LOOK_BACK", "false"] - - ["insights-operational-logs", "Endpoint=sb://example4...", "DefaultEndpointsProtocol=https;AccountName=example4....", "HEAD", "true"] diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid1.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid1.yml deleted file mode 100644 index 78effe1b7..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid1.yml +++ /dev/null @@ -1,9 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: logstash - var.input.azure_event_hubs.event_hubs: - - "Endpoint=sb://example1...EntityPath=insights-logs-errors" - - "Endpoint=sb://example2...EntityPath=insights-metrics-pt1m" - diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid2.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid2.yml deleted file mode 100644 index 7d3509874..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.advanced_invalid2.yml +++ /dev/null @@ -1,7 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: logstash - - diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.basic.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.basic.yml deleted file mode 100644 index a7b979377..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.basic.yml +++ /dev/null @@ -1,11 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: "logstash" - var.input.azure_event_hubs.storage_connection: "DefaultEndpointsProtocol=https;AccountName=example...." - var.input.azure_event_hubs.event_hub_connections: - - "Endpoint=sb://example1...EntityPath=insights-logs-errors" - - "Endpoint=sb://example2...EntityPath=insights-metrics-pt1m" - - \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid1.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid1.yml deleted file mode 100644 index 6fe1a4f7f..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid1.yml +++ /dev/null @@ -1,13 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: "logstash" - var.input.azure_event_hubs.storage_connection: "DefaultEndpointsProtocol=https;AccountName=example...." - var.input.azure_event_hubs.event_hub_connections: - - ["name", "event_hub_connection", "storage_connection", "initial_position", "decorate_events"] - - ["insights-operational-logs", "Endpoint=sb://example1...", "DefaultEndpointsProtocol=https;AccountName=example1....", "HEAD", "true"] - - ["insights-metrics-pt1m", "Endpoint=sb://example2...", "DefaultEndpointsProtocol=https;AccountName=example2....", "TAIL", "true"] - - ["insights-logs-errors", "Endpoint=sb://example3...", "DefaultEndpointsProtocol=https;AccountName=example3....", "LOOK_BACK", "false"] - - ["insights-operational-logs", "Endpoint=sb://example4...", "DefaultEndpointsProtocol=https;AccountName=example4....", "HEAD", "true"] - \ No newline at end of file diff --git a/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid2.yml b/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid2.yml deleted file mode 100644 index 7edd711d5..000000000 --- a/x-pack/spec/modules/azure/samples/yaml/logstash.basic_invalid2.yml +++ /dev/null @@ -1,8 +0,0 @@ -modules: - - name: azure - var.input.azure_event_hubs.threads: 8 - var.input.azure_event_hubs.decorate_events: true - var.input.azure_event_hubs.consumer_group: "logstash" - var.input.azure_event_hubs.storage_connection: "DefaultEndpointsProtocol=https;AccountName=example...." - - \ No newline at end of file From dfd256e307a45ada4d3e13e69fc62c473e458012 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Tue, 15 Oct 2024 08:32:17 -0700 Subject: [PATCH 075/290] [Health API] Add 1-min, 5-min backpressure and multipipeline test cases. (#16550) * Health API: Add 1min 5min backpressure cases and improve Logstash temination logic. * Apply suggestions from code review Uncomment accidentally commented sources. * Update .buildkite/scripts/health-report-tests/tests/slow-start.yaml No need to wait for LS startup when using slow start scenario. * Apply suggestions from code review Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> * Standardize YAML structure and rename wait time to wait_seconds --------- Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> --- .../scripts/health-report-tests/bootstrap.py | 17 +++++ .../health-report-tests/config_validator.py | 7 +- .../scripts/health-report-tests/main.py | 10 +-- .../health-report-tests/scenario_executor.py | 4 +- .../tests/abnormal-termination.yaml | 7 +- .../tests/backpressure-1m.yaml | 38 +++++++++++ .../tests/backpressure-5m.yaml | 39 +++++++++++ .../tests/multipipeline.yaml | 67 +++++++++++++++++++ .../tests/normal-termination.yaml | 5 +- .../health-report-tests/tests/slow-start.yaml | 5 +- 10 files changed, 184 insertions(+), 15 deletions(-) create mode 100644 .buildkite/scripts/health-report-tests/tests/backpressure-1m.yaml create mode 100644 .buildkite/scripts/health-report-tests/tests/backpressure-5m.yaml create mode 100644 .buildkite/scripts/health-report-tests/tests/multipipeline.yaml diff --git a/.buildkite/scripts/health-report-tests/bootstrap.py b/.buildkite/scripts/health-report-tests/bootstrap.py index bb24e6d58..9a1d35788 100644 --- a/.buildkite/scripts/health-report-tests/bootstrap.py +++ b/.buildkite/scripts/health-report-tests/bootstrap.py @@ -6,6 +6,7 @@ Health Report Integration test bootstrapper with Python script """ import os import subprocess +import time import util import yaml @@ -99,3 +100,19 @@ class Bootstrap: print(f"Logstash is running with PID: {process.pid}.") return process + + def stop_logstash(self, process: subprocess.Popen): + start_time = time.time() # in seconds + process.terminate() + for stdout_line in iter(process.stdout.readline, ""): + # print(f"STDOUT: {stdout_line.strip()}") + if "Logstash shut down" in stdout_line or "Logstash stopped" in stdout_line: + print(f"Logstash stopped.") + return None + # shudown watcher keep running, we should be good with considering time spent + if time.time() - start_time > 60: + print(f"Logstash didn't stop in 1min, sending SIGTERM signal.") + process.kill() + if time.time() - start_time > 70: + print(f"Logstash didn't stop over 1min, exiting.") + return None diff --git a/.buildkite/scripts/health-report-tests/config_validator.py b/.buildkite/scripts/health-report-tests/config_validator.py index a0b6df9b7..be8795d69 100644 --- a/.buildkite/scripts/health-report-tests/config_validator.py +++ b/.buildkite/scripts/health-report-tests/config_validator.py @@ -6,11 +6,11 @@ class ConfigValidator: REQUIRED_KEYS = { "root": ["name", "config", "conditions", "expectation"], "config": ["pipeline.id", "config.string"], - "conditions": ["full_start_required"], + "conditions": ["full_start_required", "wait_seconds"], "expectation": ["status", "symptom", "indicators"], "indicators": ["pipelines"], "pipelines": ["status", "symptom", "indicators"], - "DYNAMIC": ["status", "symptom", "diagnosis", "impacts", "details"], + "DYNAMIC": ["status", "symptom", "diagnosis", "impacts", "details"], # pipeline-id is a DYNAMIC "details": ["status"], "status": ["state"] } @@ -19,7 +19,8 @@ class ConfigValidator: self.yaml_content = None def __has_valid_keys(self, data: any, key_path: str, repeated: bool) -> bool: - if isinstance(data, str) or isinstance(data, bool): # we reached values + # we reached the value + if isinstance(data, str) or isinstance(data, bool) or isinstance(data, int) or isinstance(data, float): return True # we have two indicators section and for the next repeated ones, we go deeper diff --git a/.buildkite/scripts/health-report-tests/main.py b/.buildkite/scripts/health-report-tests/main.py index bccfe7fe0..52462f15b 100644 --- a/.buildkite/scripts/health-report-tests/main.py +++ b/.buildkite/scripts/health-report-tests/main.py @@ -62,21 +62,23 @@ def main(): print(f"Testing `{scenario_content.get('name')}` scenario.") scenario_name = scenario_content['name'] - is_full_start_required = next(sub.get('full_start_required') for sub in - scenario_content.get('conditions') if 'full_start_required' in sub) + is_full_start_required = scenario_content.get('conditions').get('full_start_required') + wait_seconds = scenario_content.get('conditions').get('wait_seconds') config = scenario_content['config'] if config is not None: bootstrap.apply_config(config) expectations = scenario_content.get("expectation") process = bootstrap.run_logstash(is_full_start_required) if process is not None: + if wait_seconds is not None: + print(f"Test requires to wait for `{wait_seconds}` seconds.") + time.sleep(wait_seconds) # wait for Logstash to start try: scenario_executor.on(scenario_name, expectations) except Exception as e: print(e) has_failed_scenario = True - process.terminate() - time.sleep(5) # leave some window to terminate the process + bootstrap.stop_logstash(process) if has_failed_scenario: # intentionally fail due to visibility diff --git a/.buildkite/scripts/health-report-tests/scenario_executor.py b/.buildkite/scripts/health-report-tests/scenario_executor.py index 2db8a31d8..b5d8f7419 100644 --- a/.buildkite/scripts/health-report-tests/scenario_executor.py +++ b/.buildkite/scripts/health-report-tests/scenario_executor.py @@ -12,10 +12,12 @@ class ScenarioExecutor: pass def __has_intersection(self, expects, results): + # TODO: this logic is aligned on current Health API response + # there is no guarantee that method correctly runs if provided multi expects and results # we expect expects to be existing in results for expect in expects: for result in results: - if result.get('help_url') and "health-report-pipeline-status.html#" not in result.get('help_url'): + if result.get('help_url') and "health-report-pipeline-" not in result.get('help_url'): return False if not all(key in result and result[key] == value for key, value in expect.items()): return False diff --git a/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml b/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml index 219d8e93b..8accc6528 100644 --- a/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml +++ b/.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml @@ -8,7 +8,8 @@ config: pipeline.workers: 1 pipeline.batch.size: 1 conditions: - - full_start_required: true + full_start_required: true + wait_seconds: 5 expectation: status: "red" symptom: "1 indicator is unhealthy (`pipelines`)" @@ -22,10 +23,10 @@ expectation: symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available" diagnosis: - cause: "pipeline is not running, likely because it has encountered an error" - - action: "view logs to determine the cause of abnormal pipeline shutdown" + action: "view logs to determine the cause of abnormal pipeline shutdown" impacts: - description: "the pipeline is not currently processing" - - impact_areas: ["pipeline_execution"] + impact_areas: ["pipeline_execution"] details: status: state: "TERMINATED" \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/backpressure-1m.yaml b/.buildkite/scripts/health-report-tests/tests/backpressure-1m.yaml new file mode 100644 index 000000000..446d17a36 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/backpressure-1m.yaml @@ -0,0 +1,38 @@ +name: "Backpressured in 1min pipeline" +config: + - pipeline.id: backpressure-1m-pp + config.string: | + input { heartbeat { interval => 0.1 } } + filter { failure_injector { degrade_at => [filter] } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + full_start_required: true + wait_seconds: 70 # give more seconds to make sure time is over the threshold, 1m in this case +expectation: + status: "yellow" + symptom: "1 indicator is concerning (`pipelines`)" + indicators: + pipelines: + status: "yellow" + symptom: "1 indicator is concerning (`backpressure-1m-pp`)" + indicators: + backpressure-1m-pp: + status: "yellow" + symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - id: "logstash:health:pipeline:flow:worker_utilization:diagnosis:1m-blocked" + cause: "pipeline workers have been completely blocked for at least one minute" + action: "address bottleneck or add resources" + impacts: + - id: "logstash:health:pipeline:flow:impact:blocked_processing" + severity: 2 + description: "the pipeline is blocked" + impact_areas: ["pipeline_execution"] + details: + status: + state: "RUNNING" + flow: + worker_utilization: + last_1_minute: 100.0 \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/backpressure-5m.yaml b/.buildkite/scripts/health-report-tests/tests/backpressure-5m.yaml new file mode 100644 index 000000000..3e33595fc --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/backpressure-5m.yaml @@ -0,0 +1,39 @@ +name: "Backpressured in 5min pipeline" +config: + - pipeline.id: backpressure-5m-pp + config.string: | + input { heartbeat { interval => 0.1 } } + filter { failure_injector { degrade_at => [filter] } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + full_start_required: true + wait_seconds: 310 # give more seconds to make sure time is over the threshold, 1m in this case +expectation: + status: "red" + symptom: "1 indicator is unhealthy (`pipelines`)" + indicators: + pipelines: + status: "red" + symptom: "1 indicator is unhealthy (`backpressure-5m-pp`)" + indicators: + backpressure-5m-pp: + status: "red" + symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - id: "logstash:health:pipeline:flow:worker_utilization:diagnosis:5m-blocked" + cause: "pipeline workers have been completely blocked for at least five minutes" + action: "address bottleneck or add resources" + impacts: + - id: "logstash:health:pipeline:flow:impact:blocked_processing" + severity: 1 + description: "the pipeline is blocked" + impact_areas: ["pipeline_execution"] + details: + status: + state: "RUNNING" + flow: + worker_utilization: + last_1_minute: 100.0 + last_5_minutes: 100.0 \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/multipipeline.yaml b/.buildkite/scripts/health-report-tests/tests/multipipeline.yaml new file mode 100644 index 000000000..42fd4ad95 --- /dev/null +++ b/.buildkite/scripts/health-report-tests/tests/multipipeline.yaml @@ -0,0 +1,67 @@ +name: "Multi pipeline" +config: + - pipeline.id: slow-start-pp-multipipeline + config.string: | + input { heartbeat {} } + filter { failure_injector { degrade_at => [register] } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 + - pipeline.id: normally-terminated-pp-multipipeline + config.string: | + input { generator { count => 1 } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 + - pipeline.id: abnormally-terminated-pp-multipipeline + config.string: | + input { heartbeat { interval => 1 } } + filter { failure_injector { crash_at => filter } } + output { stdout {} } + pipeline.workers: 1 + pipeline.batch.size: 1 +conditions: + full_start_required: false + wait_seconds: 10 +expectation: + status: "red" + symptom: "1 indicator is unhealthy (`pipelines`)" + indicators: + pipelines: + status: "red" + symptom: "1 indicator is unhealthy (`abnormally-terminated-pp-multipipeline`) and 2 indicators are concerning (`slow-start-pp-multipipeline`, `normally-terminated-pp-multipipeline`)" + indicators: + slow-start-pp-multipipeline: + status: "yellow" + symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline is loading" + action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled" + impacts: + - impact_areas: ["pipeline_execution"] + details: + status: + state: "LOADING" + normally-terminated-pp-multipipeline: + status: "yellow" + symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline has finished running because its inputs have been closed and events have been processed" + action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events" + impacts: + - impact_areas: [ "pipeline_execution" ] + details: + status: + state: "FINISHED" + abnormally-terminated-pp-multipipeline: + status: "red" + symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available" + diagnosis: + - cause: "pipeline is not running, likely because it has encountered an error" + action: "view logs to determine the cause of abnormal pipeline shutdown" + impacts: + - description: "the pipeline is not currently processing" + impact_areas: [ "pipeline_execution" ] + details: + status: + state: "TERMINATED" \ No newline at end of file diff --git a/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml b/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml index 86a05deb5..aa499b44f 100644 --- a/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml +++ b/.buildkite/scripts/health-report-tests/tests/normal-termination.yaml @@ -7,7 +7,8 @@ config: pipeline.workers: 1 pipeline.batch.size: 1 conditions: - - full_start_required: true + full_start_required: true + wait_seconds: 5 expectation: status: "yellow" symptom: "1 indicator is concerning (`pipelines`)" @@ -21,7 +22,7 @@ expectation: symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" diagnosis: - cause: "pipeline has finished running because its inputs have been closed and events have been processed" - - action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events" + action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events" impacts: - impact_areas: ["pipeline_execution"] details: diff --git a/.buildkite/scripts/health-report-tests/tests/slow-start.yaml b/.buildkite/scripts/health-report-tests/tests/slow-start.yaml index d036391a9..5343dc9a1 100644 --- a/.buildkite/scripts/health-report-tests/tests/slow-start.yaml +++ b/.buildkite/scripts/health-report-tests/tests/slow-start.yaml @@ -8,7 +8,8 @@ config: pipeline.workers: 1 pipeline.batch.size: 1 conditions: - - full_start_required: false + full_start_required: false + wait_seconds: 0 expectation: status: "yellow" symptom: "1 indicator is concerning (`pipelines`)" @@ -22,7 +23,7 @@ expectation: symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available" diagnosis: - cause: "pipeline is loading" - - action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled" + action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled" impacts: - impact_areas: ["pipeline_execution"] details: From 3f2a659289360d114001a2ae5d3aaa975e7983d3 Mon Sep 17 00:00:00 2001 From: Rob Bavey Date: Tue, 15 Oct 2024 15:43:16 -0400 Subject: [PATCH 076/290] Update branches.json to point to 8.16 branch (#16560) --- ci/branches.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/branches.json b/ci/branches.json index 470e36cc2..0bb2fee21 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -8,7 +8,7 @@ "branch": "8.x" }, { - "branch": "8.15" + "branch": "8.16" }, { "branch": "7.17" From cb3b7c01dc901b75a8f1419b59475e88ba07fb92 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 15 Oct 2024 22:27:36 +0100 Subject: [PATCH 077/290] Remove event_api.tags.illegal for v9 (#16461) This commit removed `--event_api.tags.illegal` option Fix: #16356 --- docker/data/logstash/env2yaml/env2yaml.go | 3 +- docs/static/settings-file.asciidoc | 6 --- logstash-core/lib/logstash/environment.rb | 1 - logstash-core/lib/logstash/runner.rb | 12 ----- logstash-core/locales/en.yml | 20 -------- logstash-core/spec/logstash/runner_spec.rb | 26 ---------- .../src/main/java/org/logstash/Event.java | 28 +++-------- .../src/test/java/org/logstash/EventTest.java | 47 +++---------------- .../specs/reserved_tags_field_spec.rb | 24 ++++------ 9 files changed, 23 insertions(+), 144 deletions(-) diff --git a/docker/data/logstash/env2yaml/env2yaml.go b/docker/data/logstash/env2yaml/env2yaml.go index 7bcaa33d1..c7b792668 100644 --- a/docker/data/logstash/env2yaml/env2yaml.go +++ b/docker/data/logstash/env2yaml/env2yaml.go @@ -16,12 +16,12 @@ package main import ( "errors" + "fmt" "gopkg.in/yaml.v2" "io/ioutil" "log" "os" "strings" - "fmt" ) var validSettings = []string{ @@ -49,7 +49,6 @@ var validSettings = []string{ "config.debug", "config.support_escapes", "config.field_reference.escape_style", - "event_api.tags.illegal", "queue.type", "path.queue", "queue.page_capacity", diff --git a/docs/static/settings-file.asciidoc b/docs/static/settings-file.asciidoc index d06327cce..b30207bd6 100644 --- a/docs/static/settings-file.asciidoc +++ b/docs/static/settings-file.asciidoc @@ -361,12 +361,6 @@ separating each log lines per pipeline could be helpful in case you need to trou | Setting to `true` to allow or `false` to block running Logstash as a superuser. | `true` -| `event_api.tags.illegal` -| When set to `warn`, allow illegal value assignment to the reserved `tags` field. -When set to `rename`, Logstash events can't be created with an illegal value in `tags`. This value will be moved to `_tags` and a `_tagsparsefailure` tag is added to indicate the illegal operation. Doing `set` operation with illegal value will throw exception. -Setting this flag to `warn` is deprecated and will be removed in a future release. -| `rename` - | `pipeline.buffer.type` | Determine where to allocate memory buffers, for plugins that leverage them. Currently defaults to `direct` but can be switched to `heap` to select Java heap space, which will become the default in the future. diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index 164a190eb..7b6f51ac6 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -51,7 +51,6 @@ module LogStash Setting::TimeValue.new("config.reload.interval", "3s"), # in seconds Setting::Boolean.new("config.support_escapes", false), Setting::String.new("config.field_reference.escape_style", "none", true, %w(none percent ampersand)), - Setting::String.new("event_api.tags.illegal", "rename", true, %w(rename warn)), Setting::Boolean.new("metric.collect", true), Setting::String.new("pipeline.id", "main"), Setting::Boolean.new("pipeline.system", false), diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 20119d904..842379364 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -263,12 +263,6 @@ class LogStash::Runner < Clamp::StrictCommand I18n.t("logstash.runner.flag.http_port"), :new_flag => "api.http.port", :passthrough => true # use settings to disambiguate - deprecated_option ["--event_api.tags.illegal"], "STRING", - I18n.t("logstash.runner.flag.event_api.tags.illegal"), - :default => LogStash::SETTINGS.get_default("event_api.tags.illegal"), - :attribute_name => "event_api.tags.illegal", :passthrough => true, - :obsoleted_version => "9" - # We configure the registry and load any plugin that can register hooks # with logstash, this needs to be done before any operation. SYSTEM_SETTINGS = LogStash::SETTINGS.clone @@ -356,12 +350,6 @@ class LogStash::Runner < Clamp::StrictCommand logger.debug("Setting global FieldReference escape style: #{field_reference_escape_style}") org.logstash.FieldReference::set_escape_style(field_reference_escape_style) - tags_illegal_setting = settings.get_setting('event_api.tags.illegal').value - if tags_illegal_setting == 'warn' - deprecation_logger.deprecated(I18n.t("logstash.runner.tags-illegal-warning")) - org.logstash.Event::set_illegal_tags_action(tags_illegal_setting) - end - return start_shell(setting("interactive"), binding) if setting("interactive") module_parser = LogStash::Modules::CLIParser.new(setting("modules_list"), setting("modules_variable_list")) diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index 2521a6825..3176229e6 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -139,9 +139,6 @@ en: configtest-flag-information: |- You may be interested in the '--configtest' flag which you can use to validate logstash's configuration before you choose to restart a running system. - tags-illegal-warning: >- - Setting `event_api.tags.illegal` to `warn` allows illegal values in the reserved `tags` field, which may crash pipeline unexpectedly. - This flag is deprecated and will be removed in version 9. # YAML named reference to the logstash.runner.configuration # so we can later alias it from logstash.agent.configuration configuration: &runner_configuration @@ -247,23 +244,6 @@ en: HTML-style ampersand-hash encoding notation representing decimal unicode codepoints (`[` is `[`; `]` is `]`). - event_api: - tags: - illegal: |+ - The top-level `tags` field is reserved, and may only contain a - single `string` or an array of `string`s -- other values will cause - subsequent access of the `tags` field to crash the pipeline. - This flag controls how the Event API handles a `tags` field that is - an illegal shape, such as a key-value map. - - Available options are: - - `rename`: illegal value in `tags` will be moved to `_tags`. - A tag `_tagsparsefailure` is added to `tags` field to - indicate the illegal assignment. Doing `set` operation with - illegal value will throw exception. This is the default option. - - `warn`: allow illegal value assignment and print warning - at startup. This option is deprecated and slated - for removal. modules: |+ Load Logstash modules. Modules can be defined using multiple instances diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index 0408e9de1..ffcb9ef92 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -380,32 +380,6 @@ describe LogStash::Runner do end end - context "event_api.tags.illegal" do - let(:runner_deprecation_logger_stub) { double("DeprecationLogger(Runner)").as_null_object } - let(:args) { ["--event_api.tags.illegal", "warn", "-e", pipeline_string] } - before(:each) { allow(runner).to receive(:deprecation_logger).and_return(runner_deprecation_logger_stub) } - DEPRECATED_MSG="The flag [\"--event_api.tags.illegal\"] has been deprecated and will be removed in version 9" - - it "gives deprecation message when setting to `warn`" do - expect(runner_deprecation_logger_stub).to receive(:deprecated) - .with(a_string_including "This flag is deprecated and will be removed in version 9") - .with(a_string_including DEPRECATED_MSG) - subject.run("bin/logstash", args) - end - - it "gives deprecation message when setting to `rename`" do - expect(runner_deprecation_logger_stub).to receive(:deprecated) - .with(a_string_including DEPRECATED_MSG) - subject.run("bin/logstash", args) - end - - it "does not give deprecation message when unset" do - expect(runner_deprecation_logger_stub).not_to receive(:deprecated) - .with(a_string_including DEPRECATED_MSG) - subject.run("bin/logstash", ["-e", pipeline_string]) - end - end - context "when :pipeline_workers is not defined by the user" do it "should not pass the value to the pipeline" do expect(LogStash::Agent).to receive(:new) do |settings| diff --git a/logstash-core/src/main/java/org/logstash/Event.java b/logstash-core/src/main/java/org/logstash/Event.java index 0621fb94c..e1e9f4db1 100644 --- a/logstash-core/src/main/java/org/logstash/Event.java +++ b/logstash-core/src/main/java/org/logstash/Event.java @@ -67,9 +67,6 @@ public final class Event implements Cloneable, Queueable, co.elastic.logstash.ap public static final String TAGS_FAILURE_TAG = "_tagsparsefailure"; public static final String TAGS_FAILURE = "_tags"; - enum IllegalTagsAction { RENAME, WARN } - private static IllegalTagsAction ILLEGAL_TAGS_ACTION = IllegalTagsAction.RENAME; - private static final FieldReference TAGS_FIELD = FieldReference.from(TAGS); private static final FieldReference TAGS_FAILURE_FIELD = FieldReference.from(TAGS_FAILURE); @@ -115,12 +112,10 @@ public final class Event implements Cloneable, Queueable, co.elastic.logstash.ap this.cancelled = false; // guard tags field from key/value map, only string or list is allowed - if (ILLEGAL_TAGS_ACTION == IllegalTagsAction.RENAME) { - final Object tags = Accessors.get(data, TAGS_FIELD); - if (!isLegalTagValue(tags)) { - initFailTag(tags); - initTag(TAGS_FAILURE_TAG); - } + final Object tags = Accessors.get(data, TAGS_FIELD); + if (!isLegalTagValue(tags)) { + initFailTag(tags); + initTag(TAGS_FAILURE_TAG); } Object providedTimestamp = data.get(TIMESTAMP); @@ -217,11 +212,8 @@ public final class Event implements Cloneable, Queueable, co.elastic.logstash.ap @SuppressWarnings("unchecked") public void setField(final FieldReference field, final Object value) { - if (ILLEGAL_TAGS_ACTION == IllegalTagsAction.RENAME) { - if ((field.equals(TAGS_FIELD) && !isLegalTagValue(value)) || - isTagsWithMap(field)) { - throw new InvalidTagsTypeException(field, value); - } + if ((field.equals(TAGS_FIELD) && !isLegalTagValue(value)) || isTagsWithMap(field)) { + throw new InvalidTagsTypeException(field, value); } switch (field.type()) { @@ -544,14 +536,6 @@ public final class Event implements Cloneable, Queueable, co.elastic.logstash.ap appendTag(tags, tag); } - public static void setIllegalTagsAction(final String action) { - ILLEGAL_TAGS_ACTION = IllegalTagsAction.valueOf(action.toUpperCase()); - } - - public static IllegalTagsAction getIllegalTagsAction() { - return ILLEGAL_TAGS_ACTION; - } - @Override public byte[] serialize() throws JsonProcessingException { final Map> map = new HashMap<>(2, 1.0F); diff --git a/logstash-core/src/test/java/org/logstash/EventTest.java b/logstash-core/src/test/java/org/logstash/EventTest.java index d326e7a44..e93088d77 100644 --- a/logstash-core/src/test/java/org/logstash/EventTest.java +++ b/logstash-core/src/test/java/org/logstash/EventTest.java @@ -20,6 +20,12 @@ package org.logstash; +import org.jruby.RubyString; +import org.jruby.RubySymbol; +import org.jruby.RubyTime; +import org.jruby.java.proxies.ConcreteJavaProxy; +import org.junit.Test; + import java.io.IOException; import java.math.BigDecimal; import java.math.BigInteger; @@ -30,11 +36,6 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; -import org.jruby.RubyString; -import org.jruby.RubySymbol; -import org.jruby.RubyTime; -import org.jruby.java.proxies.ConcreteJavaProxy; -import org.junit.Test; import static net.javacrumbs.jsonunit.JsonAssert.assertJsonEquals; import static org.hamcrest.CoreMatchers.is; @@ -43,7 +44,6 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; -import static org.logstash.Event.getIllegalTagsAction; public final class EventTest extends RubyTestBase { @@ -565,39 +565,4 @@ public final class EventTest extends RubyTestBase { assertNull(event.getField(Event.TAGS_FAILURE)); assertEquals(event.getField("[tags]"), List.of("foo", "bar")); } - - @Test - public void allowTopLevelTagsWithMap() { - withIllegalTagsAction(Event.IllegalTagsAction.WARN, () -> { - final Event event = new Event(); - event.setField("[tags][foo]", "bar"); - - assertNull(event.getField(Event.TAGS_FAILURE)); - assertEquals(event.getField("[tags][foo]"), "bar"); - }); - } - - @Test - public void allowCreatingEventWithTopLevelTagsWithMap() { - withIllegalTagsAction(Event.IllegalTagsAction.WARN, () -> { - Map inner = new HashMap<>(); - inner.put("poison", "true"); - Map data = new HashMap<>(); - data.put("tags", inner); - final Event event = new Event(data); - - assertNull(event.getField(Event.TAGS_FAILURE)); - assertEquals(event.getField("[tags][poison]"), "true"); - }); - } - - private void withIllegalTagsAction(final Event.IllegalTagsAction temporaryIllegalTagsAction, final Runnable runnable) { - final Event.IllegalTagsAction previous = getIllegalTagsAction(); - try { - Event.setIllegalTagsAction(temporaryIllegalTagsAction.toString()); - runnable.run(); - } finally { - Event.setIllegalTagsAction(previous.toString()); - } - } } diff --git a/qa/integration/specs/reserved_tags_field_spec.rb b/qa/integration/specs/reserved_tags_field_spec.rb index a9e99d95e..00854eba4 100644 --- a/qa/integration/specs/reserved_tags_field_spec.rb +++ b/qa/integration/specs/reserved_tags_field_spec.rb @@ -21,7 +21,7 @@ require_relative '../services/logstash_service' require_relative '../framework/helpers' require "logstash/devutils/rspec/spec_helper" -# reserved tags should accept string and array of string only in rename mode +# reserved tags should accept string and array of string only describe "Guard reserved tags field against incorrect use" do before(:all) { @fixture = Fixture.new(__FILE__) @@ -48,11 +48,10 @@ describe "Guard reserved tags field against incorrect use" do } let(:settings_dir) { Stud::Temporary.directory } - shared_examples_for 'assign illegal value to tags' do |mode, pipeline_fixture, tags_match, fail_tags_match| - it "[#{mode}] update tags and _tags successfully" do + shared_examples_for 'assign illegal value to tags' do |pipeline_fixture, tags_match, fail_tags_match| + it "update tags and _tags successfully" do @logstash.env_variables = test_env @logstash.spawn_logstash("-f", config_to_temp_file(@fixture.config(pipeline_fixture)), - "--event_api.tags.illegal", "#{mode}", "--path.settings", settings_dir) Stud.try(num_retries.times, [StandardError, RSpec::Expectations::ExpectationNotMetError]) do @@ -65,18 +64,15 @@ describe "Guard reserved tags field against incorrect use" do end describe 'create event' do - it_behaves_like 'assign illegal value to tags', 'rename', 'create_tags_map', /"tags":\["_tagsparsefailure"\]/, /"_tags":\[{"poison":true}\]/ - it_behaves_like 'assign illegal value to tags', 'warn', 'create_tags_map', /"tags":{"poison":true}/, /(?!_tags)/ - it_behaves_like 'assign illegal value to tags', 'rename', 'create_tags_number', /"tags":\["_tagsparsefailure"\]/, /"_tags":\[\[1,2,3\]\]/ - it_behaves_like 'assign illegal value to tags', 'warn', 'create_tags_number', /"tags":\[1,2,3\]/, /(?!_tags)/ + it_behaves_like 'assign illegal value to tags', 'create_tags_map', /"tags":\["_tagsparsefailure"\]/, /"_tags":\[{"poison":true}\]/ + it_behaves_like 'assign illegal value to tags', 'create_tags_number', /"tags":\["_tagsparsefailure"\]/, /"_tags":\[\[1,2,3\]\]/ end it "should throw exception when assigning two illegal values" do - ['rename', 'warn'].each do |mode| - logstash = @logstash.run_cmd(["bin/logstash", "-e", @fixture.config('set_illegal_tags').gsub("\n", ""), - "--path.settings", settings_dir, "--event_api.tags.illegal", mode], - true, test_env) - expect(logstash.stderr_and_stdout).to match(/Ruby exception occurred/) - end + logstash = @logstash.run_cmd(["bin/logstash", "-e", @fixture.config('set_illegal_tags').gsub("\n", ""), + "--path.settings", settings_dir], + true, test_env) + expect(logstash.stderr_and_stdout).to match(/Ruby exception occurred/) end + end From 63706c1a36780e325e3348c1fb6982b79bc7f798 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 16 Oct 2024 08:37:13 +0200 Subject: [PATCH 078/290] Marked ArcSight Module as deprecated in documentation. (#16553) Updates guide for ArcSight Module to deprecate it. --- docs/static/arcsight-module.asciidoc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/static/arcsight-module.asciidoc b/docs/static/arcsight-module.asciidoc index eb2c148c4..7e985f272 100644 --- a/docs/static/arcsight-module.asciidoc +++ b/docs/static/arcsight-module.asciidoc @@ -3,9 +3,11 @@ === Logstash ArcSight Module ++++ -ArcSight Module +ArcSight Module (deprecated) ++++ +deprecated[8.16.0, Replace by https://docs.elastic.co/integrations/cef[Common Event Format (CEF)] from Elastic {integrations}] + NOTE: The Logstash ArcSight module is an https://www.elastic.co/products/x-pack[{xpack}] feature under the Basic License and is therefore free to use. Please contact @@ -17,6 +19,8 @@ With a single command, the module taps directly into the ArcSight Smart Connecto parses and indexes the security events into Elasticsearch, and installs a suite of Kibana dashboards to get you exploring your data immediately. +NOTE: The {ls} ArsSight Module has been deprecated and replaced by https://docs.elastic.co/integrations/cef[Common Event Format (CEF)] from Elastic {integrations}. + [[arcsight-prereqs]] ==== Prerequisites From ab77d36daa7c417bf49427c3cdc68cab0a69c4be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 16 Oct 2024 12:37:35 +0100 Subject: [PATCH 079/290] ensure minitar 1.x is used instead of 0.x (#16565) --- Gemfile.template | 2 +- logstash-core/logstash-core.gemspec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.template b/Gemfile.template index 66eea71b5..f03636a6d 100644 --- a/Gemfile.template +++ b/Gemfile.template @@ -14,7 +14,7 @@ gem "logstash-output-elasticsearch", ">= 11.14.0" gem "polyglot", require: false gem "treetop", require: false gem "faraday", "~> 1", :require => false # due elasticsearch-transport (elastic-transport) depending faraday '~> 1' -gem "minitar", :group => :build +gem "minitar", "~> 1", :group => :build gem "childprocess", "~> 4", :group => :build gem "fpm", "~> 1", ">= 1.14.1", :group => :build # compound due to bugfix https://github.com/jordansissel/fpm/pull/1856 gem "gems", "~> 1", :group => :build diff --git a/logstash-core/logstash-core.gemspec b/logstash-core/logstash-core.gemspec index a234b3cd6..0f073d3c3 100644 --- a/logstash-core/logstash-core.gemspec +++ b/logstash-core/logstash-core.gemspec @@ -66,7 +66,7 @@ Gem::Specification.new do |gem| gem.add_runtime_dependency "thwait" # filetools and rakelib - gem.add_runtime_dependency "minitar", "~> 0.8" + gem.add_runtime_dependency "minitar", "~> 1" gem.add_runtime_dependency "rubyzip", "~> 1" gem.add_runtime_dependency "thread_safe", "~> 0.3.6" #(Apache 2.0 license) From 85493ce864adb0ec22c5879b515bd2571cd83337 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 16 Oct 2024 16:48:25 +0200 Subject: [PATCH 080/290] Bugfix for BufferedTokenizer to completely consume lines in case of lines bigger then sizeLimit (#16482) Fixes the behaviour of the tokenizer to be able to work properly when buffer full conditions are met. Updates BufferedTokenizerExt so that can accumulate token fragments coming from different data segments. When a "buffer full" condition is matched, it record this state in a local field so that on next data segment it can consume all the token fragments till the next token delimiter. Updated the accumulation variable from RubyArray containing strings to a StringBuilder which contains the head token, plus the remaining token fragments are stored in the input array. Furthermore it translates the `buftok_spec` tests into JUnit tests. --- .../logstash/common/BufferedTokenizerExt.java | 67 +++++++++-- .../common/BufferedTokenizerExtTest.java | 91 +++++++++++++++ ...BufferedTokenizerExtWithDelimiterTest.java | 66 +++++++++++ ...BufferedTokenizerExtWithSizeLimitTest.java | 110 ++++++++++++++++++ 4 files changed, 322 insertions(+), 12 deletions(-) create mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java create mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java create mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java diff --git a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java index 2d7b90bba..2c36370af 100644 --- a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java +++ b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java @@ -22,6 +22,7 @@ package org.logstash.common; import org.jruby.Ruby; import org.jruby.RubyArray; +import org.jruby.RubyBoolean; import org.jruby.RubyClass; import org.jruby.RubyObject; import org.jruby.RubyString; @@ -40,10 +41,12 @@ public class BufferedTokenizerExt extends RubyObject { freeze(RubyUtil.RUBY.getCurrentContext()); private @SuppressWarnings("rawtypes") RubyArray input = RubyUtil.RUBY.newArray(); + private StringBuilder headToken = new StringBuilder(); private RubyString delimiter = NEW_LINE; private int sizeLimit; private boolean hasSizeLimit; private int inputSize; + private boolean bufferFullErrorNotified = false; public BufferedTokenizerExt(final Ruby runtime, final RubyClass metaClass) { super(runtime, metaClass); @@ -66,7 +69,6 @@ public class BufferedTokenizerExt extends RubyObject { * Extract takes an arbitrary string of input data and returns an array of * tokenized entities, provided there were any available to extract. This * makes for easy processing of datagrams using a pattern like: - * * {@code tokenizer.extract(data).map { |entity| Decode(entity) }.each do} * * @param context ThreadContext @@ -77,22 +79,63 @@ public class BufferedTokenizerExt extends RubyObject { @SuppressWarnings("rawtypes") public RubyArray extract(final ThreadContext context, IRubyObject data) { final RubyArray entities = data.convertToString().split(delimiter, -1); + if (!bufferFullErrorNotified) { + input.clear(); + input.addAll(entities); + } else { + // after a full buffer signal + if (input.isEmpty()) { + // after a buffer full error, the remaining part of the line, till next delimiter, + // has to be consumed, unless the input buffer doesn't still contain fragments of + // subsequent tokens. + entities.shift(context); + input.addAll(entities); + } else { + // merge last of the input with first of incoming data segment + if (!entities.isEmpty()) { + RubyString last = ((RubyString) input.pop(context)); + RubyString nextFirst = ((RubyString) entities.shift(context)); + entities.unshift(last.concat(nextFirst)); + input.addAll(entities); + } + } + } + if (hasSizeLimit) { - final int entitiesSize = ((RubyString) entities.first()).size(); + if (bufferFullErrorNotified) { + bufferFullErrorNotified = false; + if (input.isEmpty()) { + return RubyUtil.RUBY.newArray(); + } + } + final int entitiesSize = ((RubyString) input.first()).size(); if (inputSize + entitiesSize > sizeLimit) { + bufferFullErrorNotified = true; + headToken = new StringBuilder(); + inputSize = 0; + input.shift(context); // consume the token fragment that generates the buffer full throw new IllegalStateException("input buffer full"); } this.inputSize = inputSize + entitiesSize; } - input.append(entities.shift(context)); - if (entities.isEmpty()) { + + if (input.getLength() < 2) { + // this is a specialization case which avoid adding and removing from input accumulator + // when it contains just one element + headToken.append(input.shift(context)); // remove head return RubyUtil.RUBY.newArray(); } - entities.unshift(input.join(context)); - input.clear(); - input.append(entities.pop(context)); - inputSize = ((RubyString) input.first()).size(); - return entities; + + if (headToken.length() > 0) { + // if there is a pending token part, merge it with the first token segment present + // in the accumulator, and clean the pending token part. + headToken.append(input.shift(context)); // append buffer to first element and + input.unshift(RubyUtil.toRubyObject(headToken.toString())); // reinsert it into the array + headToken = new StringBuilder(); + } + headToken.append(input.pop(context)); // put the leftovers in headToken for later + inputSize = headToken.length(); + return input; } /** @@ -104,14 +147,14 @@ public class BufferedTokenizerExt extends RubyObject { */ @JRubyMethod public IRubyObject flush(final ThreadContext context) { - final IRubyObject buffer = input.join(context); - input.clear(); + final IRubyObject buffer = RubyUtil.toRubyObject(headToken.toString()); + headToken = new StringBuilder(); return buffer; } @JRubyMethod(name = "empty?") public IRubyObject isEmpty(final ThreadContext context) { - return input.empty_p(); + return RubyBoolean.newBoolean(context.runtime, headToken.toString().isEmpty()); } } diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java new file mode 100644 index 000000000..5638cffd8 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java @@ -0,0 +1,91 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.common; + +import org.jruby.RubyArray; +import org.jruby.RubyString; +import org.jruby.runtime.ThreadContext; +import org.jruby.runtime.builtin.IRubyObject; +import org.junit.Before; +import org.junit.Test; +import org.logstash.RubyTestBase; +import org.logstash.RubyUtil; + +import java.util.List; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.logstash.RubyUtil.RUBY; + +@SuppressWarnings("unchecked") +public final class BufferedTokenizerExtTest extends RubyTestBase { + + private BufferedTokenizerExt sut; + private ThreadContext context; + + @Before + public void setUp() { + sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); + context = RUBY.getCurrentContext(); + IRubyObject[] args = {}; + sut.init(context, args); + } + + @Test + public void shouldTokenizeASingleToken() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\n")); + + assertEquals(List.of("foo"), tokens); + } + + @Test + public void shouldMergeMultipleToken() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo")); + assertTrue(tokens.isEmpty()); + + tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("bar\n")); + assertEquals(List.of("foobar"), tokens); + } + + @Test + public void shouldTokenizeMultipleToken() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar\n")); + + assertEquals(List.of("foo", "bar"), tokens); + } + + @Test + public void shouldIgnoreEmptyPayload() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("")); + assertTrue(tokens.isEmpty()); + + tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar")); + assertEquals(List.of("foo"), tokens); + } + + @Test + public void shouldTokenizeEmptyPayloadWithNewline() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\n")); + assertEquals(List.of(""), tokens); + + tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\n\n\n")); + assertEquals(List.of("", "", ""), tokens); + } +} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java new file mode 100644 index 000000000..aa2d19763 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java @@ -0,0 +1,66 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.logstash.common; + +import org.jruby.RubyArray; +import org.jruby.RubyString; +import org.jruby.runtime.ThreadContext; +import org.jruby.runtime.builtin.IRubyObject; +import org.junit.Before; +import org.junit.Test; +import org.logstash.RubyTestBase; +import org.logstash.RubyUtil; + +import java.util.List; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.logstash.RubyUtil.RUBY; + +@SuppressWarnings("unchecked") +public final class BufferedTokenizerExtWithDelimiterTest extends RubyTestBase { + + private BufferedTokenizerExt sut; + private ThreadContext context; + + @Before + public void setUp() { + sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); + context = RUBY.getCurrentContext(); + IRubyObject[] args = {RubyUtil.RUBY.newString("||")}; + sut.init(context, args); + } + + @Test + public void shouldTokenizeMultipleToken() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo||b|r||")); + + assertEquals(List.of("foo", "b|r"), tokens); + } + + @Test + public void shouldIgnoreEmptyPayload() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("")); + assertTrue(tokens.isEmpty()); + + tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo||bar")); + assertEquals(List.of("foo"), tokens); + } +} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java new file mode 100644 index 000000000..859bd35f7 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java @@ -0,0 +1,110 @@ +package org.logstash.common; +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import org.jruby.RubyArray; +import org.jruby.RubyString; +import org.jruby.runtime.ThreadContext; +import org.jruby.runtime.builtin.IRubyObject; +import org.junit.Before; +import org.junit.Test; +import org.logstash.RubyTestBase; +import org.logstash.RubyUtil; + +import java.util.List; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.containsString; +import static org.junit.Assert.*; +import static org.logstash.RubyUtil.RUBY; + +@SuppressWarnings("unchecked") +public final class BufferedTokenizerExtWithSizeLimitTest extends RubyTestBase { + + private BufferedTokenizerExt sut; + private ThreadContext context; + + @Before + public void setUp() { + sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); + context = RUBY.getCurrentContext(); + IRubyObject[] args = {RubyUtil.RUBY.newString("\n"), RubyUtil.RUBY.newFixnum(10)}; + sut.init(context, args); + } + + @Test + public void givenTokenWithinSizeLimitWhenExtractedThenReturnTokens() { + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar\n")); + + assertEquals(List.of("foo", "bar"), tokens); + } + + @Test + public void givenTokenExceedingSizeLimitWhenExtractedThenThrowsAnError() { + Exception thrownException = assertThrows(IllegalStateException.class, () -> { + sut.extract(context, RubyUtil.RUBY.newString("this_is_longer_than_10\nkaboom")); + }); + assertThat(thrownException.getMessage(), containsString("input buffer full")); + } + + @Test + public void givenExtractedThrownLimitErrorWhenFeedFreshDataThenReturnTokenStartingFromEndOfOffendingToken() { + Exception thrownException = assertThrows(IllegalStateException.class, () -> { + sut.extract(context, RubyUtil.RUBY.newString("this_is_longer_than_10\nkaboom")); + }); + assertThat(thrownException.getMessage(), containsString("input buffer full")); + + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\nanother")); + assertEquals("After buffer full error should resume from the end of line", List.of("kaboom"), tokens); + } + + @Test + public void givenExtractInvokedWithDifferentFramingAfterBufferFullErrorTWhenFeedFreshDataThenReturnTokenStartingFromEndOfOffendingToken() { + sut.extract(context, RubyUtil.RUBY.newString("aaaa")); + + Exception thrownException = assertThrows(IllegalStateException.class, () -> { + sut.extract(context, RubyUtil.RUBY.newString("aaaaaaa")); + }); + assertThat(thrownException.getMessage(), containsString("input buffer full")); + + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("aa\nbbbb\nccc")); + assertEquals(List.of("bbbb"), tokens); + } + + @Test + public void giveMultipleSegmentsThatGeneratesMultipleBufferFullErrorsThenIsAbleToRecoverTokenization() { + sut.extract(context, RubyUtil.RUBY.newString("aaaa")); + + //first buffer full on 13 "a" letters + Exception thrownException = assertThrows(IllegalStateException.class, () -> { + sut.extract(context, RubyUtil.RUBY.newString("aaaaaaa")); + }); + assertThat(thrownException.getMessage(), containsString("input buffer full")); + + // second buffer full on 11 "b" letters + Exception secondThrownException = assertThrows(IllegalStateException.class, () -> { + sut.extract(context, RubyUtil.RUBY.newString("aa\nbbbbbbbbbbb\ncc")); + }); + assertThat(secondThrownException.getMessage(), containsString("input buffer full")); + + // now should resemble processing on c and d + RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("ccc\nddd\n")); + assertEquals(List.of("ccccc", "ddd"), tokens); + } +} \ No newline at end of file From b6f16c8b81c97120bc31717167b55ed2a64b6711 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 16 Oct 2024 16:55:52 +0200 Subject: [PATCH 081/290] Adds a JMH benchmark to test BufferedTokenizerExt class (#16564) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds a JMH benchmark to measure the peformances of BufferedTokenizerExt. Update also Gradle build script to remove CMS GC flags and fix deprecations for Gradle 9.0. Co-authored-by: João Duarte --- logstash-core/benchmarks/build.gradle | 8 +- .../BufferedTokenizerExtBenchmark.java | 84 +++++++++++++++++++ 2 files changed, 87 insertions(+), 5 deletions(-) create mode 100644 logstash-core/benchmarks/src/main/java/org/logstash/benchmark/BufferedTokenizerExtBenchmark.java diff --git a/logstash-core/benchmarks/build.gradle b/logstash-core/benchmarks/build.gradle index e198c9102..fff6cd5ac 100644 --- a/logstash-core/benchmarks/build.gradle +++ b/logstash-core/benchmarks/build.gradle @@ -50,7 +50,7 @@ jar { } ext { - jmh = 1.22 + jmh = 1.37 } dependencies { @@ -79,17 +79,15 @@ tasks.register("jmh", JavaExec) { dependsOn=[':logstash-core-benchmarks:clean', ':logstash-core-benchmarks:shadowJar'] - main = "-jar" + mainClass = "-jar" def include = project.properties.get('include', '') doFirst { args = [ "-Djava.io.tmpdir=${buildDir.absolutePath}", - "-XX:+UseConcMarkSweepGC", "-XX:CMSInitiatingOccupancyFraction=75", - "-XX:+UseCMSInitiatingOccupancyOnly", "-XX:+DisableExplicitGC", "-XX:+HeapDumpOnOutOfMemoryError", "-Xms2g", "-Xmx2g", - shadowJar.archivePath, + shadowJar.archiveFile.get().asFile, include ] } diff --git a/logstash-core/benchmarks/src/main/java/org/logstash/benchmark/BufferedTokenizerExtBenchmark.java b/logstash-core/benchmarks/src/main/java/org/logstash/benchmark/BufferedTokenizerExtBenchmark.java new file mode 100644 index 000000000..024ecf442 --- /dev/null +++ b/logstash-core/benchmarks/src/main/java/org/logstash/benchmark/BufferedTokenizerExtBenchmark.java @@ -0,0 +1,84 @@ +package org.logstash.benchmark; + +import org.jruby.RubyArray; +import org.jruby.RubyString; +import org.jruby.runtime.ThreadContext; +import org.jruby.runtime.builtin.IRubyObject; +import org.logstash.RubyUtil; +import org.logstash.common.BufferedTokenizerExt; +import org.openjdk.jmh.annotations.Benchmark; +import org.openjdk.jmh.annotations.BenchmarkMode; +import org.openjdk.jmh.annotations.Fork; +import org.openjdk.jmh.annotations.Level; +import org.openjdk.jmh.annotations.Measurement; +import org.openjdk.jmh.annotations.Mode; +import org.openjdk.jmh.annotations.OperationsPerInvocation; +import org.openjdk.jmh.annotations.OutputTimeUnit; +import org.openjdk.jmh.annotations.Scope; +import org.openjdk.jmh.annotations.Setup; +import org.openjdk.jmh.annotations.State; +import org.openjdk.jmh.annotations.Warmup; +import org.openjdk.jmh.infra.Blackhole; + +import java.util.concurrent.TimeUnit; + +import static org.logstash.RubyUtil.RUBY; + +@Warmup(iterations = 3, time = 100, timeUnit = TimeUnit.MILLISECONDS) +@Measurement(iterations = 10, time = 100, timeUnit = TimeUnit.MILLISECONDS) +@Fork(1) +@BenchmarkMode(Mode.Throughput) +@OutputTimeUnit(TimeUnit.NANOSECONDS) +@State(Scope.Thread) +public class BufferedTokenizerExtBenchmark { + + private BufferedTokenizerExt sut; + private ThreadContext context; + private RubyString singleTokenPerFragment; + private RubyString multipleTokensPerFragment; + private RubyString multipleTokensSpreadMultipleFragments_1; + private RubyString multipleTokensSpreadMultipleFragments_2; + private RubyString multipleTokensSpreadMultipleFragments_3; + + @Setup(Level.Invocation) + public void setUp() { + sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); + context = RUBY.getCurrentContext(); + IRubyObject[] args = {}; + sut.init(context, args); + singleTokenPerFragment = RubyUtil.RUBY.newString("a".repeat(512) + "\n"); + + multipleTokensPerFragment = RubyUtil.RUBY.newString("a".repeat(512) + "\n" + "b".repeat(512) + "\n" + "c".repeat(512) + "\n"); + + multipleTokensSpreadMultipleFragments_1 = RubyUtil.RUBY.newString("a".repeat(512) + "\n" + "b".repeat(512) + "\n" + "c".repeat(256)); + multipleTokensSpreadMultipleFragments_2 = RubyUtil.RUBY.newString("c".repeat(256) + "\n" + "d".repeat(512) + "\n" + "e".repeat(256)); + multipleTokensSpreadMultipleFragments_3 = RubyUtil.RUBY.newString("f".repeat(256) + "\n" + "g".repeat(512) + "\n" + "h".repeat(512) + "\n"); + } + + @SuppressWarnings("unchecked") + @Benchmark + public final void onlyOneTokenPerFragment(Blackhole blackhole) { + RubyArray tokens = (RubyArray) sut.extract(context, singleTokenPerFragment); + blackhole.consume(tokens); + } + + @SuppressWarnings("unchecked") + @Benchmark + public final void multipleTokenPerFragment(Blackhole blackhole) { + RubyArray tokens = (RubyArray) sut.extract(context, multipleTokensPerFragment); + blackhole.consume(tokens); + } + + @SuppressWarnings("unchecked") + @Benchmark + public final void multipleTokensCrossingMultipleFragments(Blackhole blackhole) { + RubyArray tokens = (RubyArray) sut.extract(context, multipleTokensSpreadMultipleFragments_1); + blackhole.consume(tokens); + + tokens = (RubyArray) sut.extract(context, multipleTokensSpreadMultipleFragments_2); + blackhole.consume(tokens); + + tokens = (RubyArray) sut.extract(context, multipleTokensSpreadMultipleFragments_3); + blackhole.consume(tokens); + } +} From 3f0ad12d06627ae72d3fe7a4bd3b2dc7a07093cf Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 17 Oct 2024 14:07:51 +0100 Subject: [PATCH 082/290] add http.* deprecation log (#16538) - refactor deprecated alias to support obsoleted version - add deprecation log for http.* config --- logstash-core/lib/logstash/environment.rb | 8 ++--- logstash-core/lib/logstash/runner.rb | 9 ++++-- logstash-core/lib/logstash/settings.rb | 30 ++++++++++------- logstash-core/locales/en.yml | 6 +++- .../setting_with_deprecated_alias_spec.rb | 32 +++++++++++++++++++ .../org/logstash/settings/BaseSetting.java | 5 ++- .../logstash/settings/DeprecatedAlias.java | 21 +++++++++--- .../settings/SettingWithDeprecatedAlias.java | 9 +++--- 8 files changed, 92 insertions(+), 28 deletions(-) diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index 7b6f51ac6..59c385c38 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -72,10 +72,10 @@ module LogStash Setting::Boolean.new("enable-local-plugin-development", false), Setting::String.new("log.format", "plain", true, ["json", "plain"]), Setting::Boolean.new("log.format.json.fix_duplicate_message_fields", false), - Setting::Boolean.new("api.enabled", true).with_deprecated_alias("http.enabled"), - Setting::String.new("api.http.host", "127.0.0.1").with_deprecated_alias("http.host"), - Setting::PortRange.new("api.http.port", 9600..9700).with_deprecated_alias("http.port"), - Setting::String.new("api.environment", "production").with_deprecated_alias("http.environment"), + Setting::Boolean.new("api.enabled", true).with_deprecated_alias("http.enabled", "9"), + Setting::String.new("api.http.host", "127.0.0.1").with_deprecated_alias("http.host", "9"), + Setting::PortRange.new("api.http.port", 9600..9700).with_deprecated_alias("http.port", "9"), + Setting::String.new("api.environment", "production").with_deprecated_alias("http.environment", "9"), Setting::String.new("api.auth.type", "none", true, %w(none basic)), Setting::String.new("api.auth.basic.username", nil, false).nullable, Setting::Password.new("api.auth.basic.password", nil, false).nullable, diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 842379364..8f61e22ab 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -253,15 +253,18 @@ class LogStash::Runner < Clamp::StrictCommand deprecated_option ["--http.enabled"], :flag, I18n.t("logstash.runner.flag.http_enabled"), - :new_flag => "api.enabled", :passthrough => true # use settings to disambiguate + :new_flag => "api.enabled", :passthrough => true, # use settings to disambiguate + :obsoleted_version => "9" deprecated_option ["--http.host"], "HTTP_HOST", I18n.t("logstash.runner.flag.http_host"), - :new_flag => "api.http.host", :passthrough => true # use settings to disambiguate + :new_flag => "api.http.host", :passthrough => true, # use settings to disambiguate + :obsoleted_version => "9" deprecated_option ["--http.port"], "HTTP_PORT", I18n.t("logstash.runner.flag.http_port"), - :new_flag => "api.http.port", :passthrough => true # use settings to disambiguate + :new_flag => "api.http.port", :passthrough => true, # use settings to disambiguate + :obsoleted_version => "9" # We configure the registry and load any plugin that can register hooks # with logstash, this needs to be done before any operation. diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index 5d2fbd588..d34039064 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -334,8 +334,8 @@ module LogStash validate(value) end - def with_deprecated_alias(deprecated_alias_name) - SettingWithDeprecatedAlias.wrap(self, deprecated_alias_name) + def with_deprecated_alias(deprecated_alias_name, obsoleted_version=nil) + SettingWithDeprecatedAlias.wrap(self, deprecated_alias_name, obsoleted_version) end ## @@ -847,10 +847,11 @@ module LogStash class DeprecatedAlias < SimpleDelegator # include LogStash::Util::Loggable alias_method :wrapped, :__getobj__ - attr_reader :canonical_proxy + attr_reader :canonical_proxy, :obsoleted_version - def initialize(canonical_proxy, alias_name) + def initialize(canonical_proxy, alias_name, obsoleted_version) @canonical_proxy = canonical_proxy + @obsoleted_version = obsoleted_version clone = @canonical_proxy.canonical_setting.clone clone.update_wrapper(clone.wrapped_setting.deprecate(alias_name)) @@ -882,9 +883,15 @@ module LogStash private def do_log_setter_deprecation - deprecation_logger.deprecated(I18n.t("logstash.settings.deprecation.set", - :deprecated_alias => name, - :canonical_name => canonical_proxy.name)) + deprecation_logger.deprecated( + I18n.t("logstash.settings.deprecation.set", + :deprecated_alias => name, + :canonical_name => canonical_proxy.name, + :obsoleted_sentences => + @obsoleted_version.nil? ? + I18n.t("logstash.settings.deprecation.obsoleted_future") : + I18n.t("logstash.settings.deprecation.obsoleted_version", :obsoleted_version => @obsoleted_version)) + ) end end @@ -901,10 +908,11 @@ module LogStash # including the canonical setting and a deprecated alias. # @param canonical_setting [Setting]: the setting to wrap # @param deprecated_alias_name [String]: the name for the deprecated alias + # @param obsoleted_version [String]: the version of Logstash that deprecated alias will be removed # # @return [SettingWithDeprecatedAlias,DeprecatedSetting] - def self.wrap(canonical_setting, deprecated_alias_name) - setting_proxy = new(canonical_setting, deprecated_alias_name) + def self.wrap(canonical_setting, deprecated_alias_name, obsoleted_version=nil) + setting_proxy = new(canonical_setting, deprecated_alias_name, obsoleted_version) [setting_proxy, setting_proxy.deprecated_alias] end @@ -912,10 +920,10 @@ module LogStash attr_reader :deprecated_alias alias_method :canonical_setting, :__getobj__ - def initialize(canonical_setting, deprecated_alias_name) + def initialize(canonical_setting, deprecated_alias_name, obsoleted_version) super(canonical_setting) - @deprecated_alias = DeprecatedAlias.new(self, deprecated_alias_name) + @deprecated_alias = DeprecatedAlias.new(self, deprecated_alias_name, obsoleted_version) end def set(value) diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index 3176229e6..50586892e 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -451,7 +451,11 @@ en: deprecation: set: >- The setting `%{deprecated_alias}` is a deprecated alias for `%{canonical_name}` - and will be removed in a future release of Logstash. Please use %{canonical_name} instead + %{obsoleted_sentences} Please use `%{canonical_name}` instead + obsoleted_future: >- + and will be removed in a future release of Logstash. + obsoleted_version: >- + and will be removed in version %{obsoleted_version}. queried: >- The value of setting `%{canonical_name}` has been queried by its deprecated alias `%{deprecated_alias}`. Code should be updated to query `%{canonical_name}` instead diff --git a/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb b/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb index 481e387ba..1b199d135 100644 --- a/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb +++ b/logstash-core/spec/logstash/settings/setting_with_deprecated_alias_spec.rb @@ -105,6 +105,38 @@ describe LogStash::Setting::SettingWithDeprecatedAlias do expect { settings.get_setting(canonical_setting_name).deprecated_alias.validate_value }.to_not raise_error end end + + context 'obsoleted version' do + before(:each) do + settings.register(subject.with_deprecated_alias(deprecated_name, "9")) + end + + describe "ruby string setting" do + let(:new_value) { "ironman" } + let(:old_value) { "iron man" } + let(:canonical_name) { "iron.setting" } + let(:deprecated_name) { "iron.oxide.setting" } + subject { LogStash::Setting::String.new(canonical_name, old_value, true) } + + it 'logs a deprecation warning with target remove version' do + settings.set(deprecated_name, new_value) + expect(LogStash::Settings.deprecation_logger).to have_received(:deprecated) + .with(a_string_including(deprecated_name)) + .with(a_string_including("version 9")) + end + end + describe "java boolean setting" do + let(:new_value) { false } + let(:old_value) { true } + let(:canonical_name) { "bool.setting" } + let(:deprecated_name) { "boo.setting" } + subject { LogStash::Setting::Boolean.new(canonical_name, old_value, true) } + + it 'does not raise error' do + expect { settings.set(deprecated_name, new_value) }.to_not raise_error + end + end + end end context "when only the canonical setting is set" do diff --git a/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java index b08408393..72be91a13 100644 --- a/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java +++ b/logstash-core/src/main/java/org/logstash/settings/BaseSetting.java @@ -193,7 +193,10 @@ public class BaseSetting implements Setting { } public List> withDeprecatedAlias(String deprecatedAlias) { - return SettingWithDeprecatedAlias.wrap(this, deprecatedAlias); + return withDeprecatedAlias(deprecatedAlias, null); + } + public List> withDeprecatedAlias(String deprecatedAlias, String obsoletedVersion) { + return SettingWithDeprecatedAlias.wrap(this, deprecatedAlias, obsoletedVersion); } public Setting nullable() { diff --git a/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java b/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java index d2b8eac17..8d4a44d63 100644 --- a/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java +++ b/logstash-core/src/main/java/org/logstash/settings/DeprecatedAlias.java @@ -33,19 +33,32 @@ public final class DeprecatedAlias extends SettingDelegator { private static final DeprecationLogger DEPRECATION_LOGGER = new DefaultDeprecationLogger(LOGGER); - private SettingWithDeprecatedAlias canonicalProxy; + private final SettingWithDeprecatedAlias canonicalProxy; - DeprecatedAlias(SettingWithDeprecatedAlias canonicalProxy, String aliasName) { + private final String obsoletedVersion; + + DeprecatedAlias(SettingWithDeprecatedAlias canonicalProxy, String aliasName, String obsoletedVersion) { super(canonicalProxy.getCanonicalSetting().deprecate(aliasName)); this.canonicalProxy = canonicalProxy; + this.obsoletedVersion = obsoletedVersion; } // Because loggers are configure after the Settings declaration, this method is intended for lazy-logging // check https://github.com/elastic/logstash/pull/16339 public void observePostProcess() { if (isSet()) { - DEPRECATION_LOGGER.deprecated("The setting `{}` is a deprecated alias for `{}` and will be removed in a " + - "future release of Logstash. Please use `{}` instead", getName(), canonicalProxy.getName(), canonicalProxy.getName()); + StringBuilder sb = new StringBuilder(); + sb.append("The setting `").append(getName()).append("` is a deprecated alias for `").append(canonicalProxy.getName()).append("`"); + + if (this.obsoletedVersion != null && !this.obsoletedVersion.isEmpty()) { + sb.append(" and will be removed in version ").append(this.obsoletedVersion).append("."); + } else { + sb.append(" and will be removed in a future release of Logstash."); + } + + sb.append(" Please use `").append(canonicalProxy.getName()).append("` instead"); + + DEPRECATION_LOGGER.deprecated(sb.toString()); } } diff --git a/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java index 3b3b0678e..a213304b7 100644 --- a/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java +++ b/logstash-core/src/main/java/org/logstash/settings/SettingWithDeprecatedAlias.java @@ -38,21 +38,22 @@ public class SettingWithDeprecatedAlias extends SettingDelegator { * including the canonical setting and a deprecated alias. * @param canonicalSetting the setting to wrap * @param deprecatedAliasName the name for the deprecated alias + * @param obsoletedVersion the version of Logstash that deprecated alias will be removed * * @return List of [SettingWithDeprecatedAlias, DeprecatedAlias] * */ - static List> wrap(BaseSetting canonicalSetting, String deprecatedAliasName) { - final SettingWithDeprecatedAlias settingProxy = new SettingWithDeprecatedAlias<>(canonicalSetting, deprecatedAliasName); + static List> wrap(BaseSetting canonicalSetting, String deprecatedAliasName, String obsoletedVersion) { + final SettingWithDeprecatedAlias settingProxy = new SettingWithDeprecatedAlias<>(canonicalSetting, deprecatedAliasName, obsoletedVersion); return Arrays.asList(settingProxy, settingProxy.deprecatedAlias); } private DeprecatedAlias deprecatedAlias; @SuppressWarnings("this-escape") - protected SettingWithDeprecatedAlias(BaseSetting canonicalSetting, String deprecatedAliasName) { + protected SettingWithDeprecatedAlias(BaseSetting canonicalSetting, String deprecatedAliasName, String obsoletedVersion) { super(canonicalSetting); - this.deprecatedAlias = new DeprecatedAlias(this, deprecatedAliasName); + this.deprecatedAlias = new DeprecatedAlias(this, deprecatedAliasName, obsoletedVersion); } BaseSetting getCanonicalSetting() { From daf979c1896a090a4ff20b0eba804f30ba9b0ad3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 17 Oct 2024 15:47:52 +0100 Subject: [PATCH 083/290] default to jdk 21 on all ci/build tasks (#16464) --- .buildkite/linux_jdk_matrix_pipeline.yml | 2 +- .buildkite/scripts/setup_java.sh | 2 +- .buildkite/windows_jdk_matrix_pipeline.yml | 2 +- .ci/java-versions.properties | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.buildkite/linux_jdk_matrix_pipeline.yml b/.buildkite/linux_jdk_matrix_pipeline.yml index 65d80d6b4..affcdfe95 100644 --- a/.buildkite/linux_jdk_matrix_pipeline.yml +++ b/.buildkite/linux_jdk_matrix_pipeline.yml @@ -5,7 +5,7 @@ env: DEFAULT_MATRIX_OS: "ubuntu-2204" - DEFAULT_MATRIX_JDK: "adoptiumjdk_17" + DEFAULT_MATRIX_JDK: "adoptiumjdk_21" steps: - input: "Test Parameters" diff --git a/.buildkite/scripts/setup_java.sh b/.buildkite/scripts/setup_java.sh index 6a0ae591d..3ba20201c 100755 --- a/.buildkite/scripts/setup_java.sh +++ b/.buildkite/scripts/setup_java.sh @@ -4,7 +4,7 @@ set -e install_java() { # TODO: let's think about regularly creating a custom image for Logstash which may align on version.yml definitions - sudo apt update && sudo apt install -y openjdk-17-jdk && sudo apt install -y openjdk-17-jre + sudo apt update && sudo apt install -y openjdk-21-jdk && sudo apt install -y openjdk-21-jre } install_java diff --git a/.buildkite/windows_jdk_matrix_pipeline.yml b/.buildkite/windows_jdk_matrix_pipeline.yml index a54e7eca5..0f75f1675 100644 --- a/.buildkite/windows_jdk_matrix_pipeline.yml +++ b/.buildkite/windows_jdk_matrix_pipeline.yml @@ -2,7 +2,7 @@ env: DEFAULT_MATRIX_OS: "windows-2022" - DEFAULT_MATRIX_JDK: "adoptiumjdk_17" + DEFAULT_MATRIX_JDK: "adoptiumjdk_21" steps: - input: "Test Parameters" diff --git a/.ci/java-versions.properties b/.ci/java-versions.properties index 37bb73de6..0ca3d870d 100644 --- a/.ci/java-versions.properties +++ b/.ci/java-versions.properties @@ -1,2 +1,2 @@ -LS_BUILD_JAVA=adoptiumjdk_17 -LS_RUNTIME_JAVA=adoptiumjdk_17 +LS_BUILD_JAVA=adoptiumjdk_21 +LS_RUNTIME_JAVA=adoptiumjdk_21 From dcafa0835eca17076f084ab07a5ac820a8b3c24f Mon Sep 17 00:00:00 2001 From: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Date: Thu, 17 Oct 2024 16:55:31 +0200 Subject: [PATCH 084/290] Updated CI releases inventory after 8.15.3 (#16581) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 0e63fc37a..69a040a9d 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -3,11 +3,11 @@ "5.x": "5.6.16", "6.x": "6.8.23", "7.x": "7.17.24", - "8.x": "8.15.2" + "8.x": "8.15.3" }, "snapshots": { "7.x": "7.17.25-SNAPSHOT", - "8.15": "8.15.3-SNAPSHOT", + "8.15": "8.15.4-SNAPSHOT", "8.x": "8.16.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" } From 467ab3f44b6f0c2b09f6c39b7a5f90727e761485 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 17 Oct 2024 16:22:30 +0100 Subject: [PATCH 085/290] Enable log.format.json.fix_duplicate_message_fields by default (#16578) Set `log.format.json.fix_duplicate_message_fields` to `true` as default to avoid collision of the message field in log lines when log.format is JSON --- config/logstash.yml | 2 +- docs/static/running-logstash-command-line.asciidoc | 2 +- docs/static/settings-file.asciidoc | 2 +- logstash-core/lib/logstash/environment.rb | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/config/logstash.yml b/config/logstash.yml index 62b5912c4..59703aa54 100644 --- a/config/logstash.yml +++ b/config/logstash.yml @@ -314,7 +314,7 @@ # * json # # log.format: plain -# log.format.json.fix_duplicate_message_fields: false +# log.format.json.fix_duplicate_message_fields: true # # path.logs: # diff --git a/docs/static/running-logstash-command-line.asciidoc b/docs/static/running-logstash-command-line.asciidoc index 646ea60ac..37873ff96 100644 --- a/docs/static/running-logstash-command-line.asciidoc +++ b/docs/static/running-logstash-command-line.asciidoc @@ -231,7 +231,7 @@ With this command, Logstash concatenates three config files, `/tmp/one`, `/tmp/t (using Ruby's Object#inspect). The default is "plain". *`--log.format.json.fix_duplicate_message_fields ENABLED`*:: - Avoid `message` field collision using JSON log format. Possible values are `false` (default) and `true`. + Avoid `message` field collision using JSON log format. Possible values are `true` (default) and `false`. *`--path.settings SETTINGS_DIR`*:: Set the directory containing the `logstash.yml` <> as well diff --git a/docs/static/settings-file.asciidoc b/docs/static/settings-file.asciidoc index b30207bd6..bc43cec67 100644 --- a/docs/static/settings-file.asciidoc +++ b/docs/static/settings-file.asciidoc @@ -338,7 +338,7 @@ The log level. Valid options are: | `log.format.json.fix_duplicate_message_fields` | When the log format is `json` avoid collision of field names in log lines. -| `false` +| `true` | `path.logs` | The directory where Logstash will write its log to. diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index 59c385c38..d8d7033f2 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -71,7 +71,7 @@ module LogStash Setting::Boolean.new("help", false), Setting::Boolean.new("enable-local-plugin-development", false), Setting::String.new("log.format", "plain", true, ["json", "plain"]), - Setting::Boolean.new("log.format.json.fix_duplicate_message_fields", false), + Setting::Boolean.new("log.format.json.fix_duplicate_message_fields", true), Setting::Boolean.new("api.enabled", true).with_deprecated_alias("http.enabled", "9"), Setting::String.new("api.http.host", "127.0.0.1").with_deprecated_alias("http.host", "9"), Setting::PortRange.new("api.http.port", 9600..9700).with_deprecated_alias("http.port", "9"), From 566bdf66fcd9616f9368e758e29dc54641a0e7a8 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 18 Oct 2024 12:15:38 +0100 Subject: [PATCH 086/290] remove http.* settings (#16552) The commit removes the deprecated settings http.port, http.host, http.enabled, and http.environment --- docker/data/logstash/config/logstash-full.yml | 2 +- docker/data/logstash/config/logstash-oss.yml | 2 +- docker/data/logstash/env2yaml/env2yaml.go | 4 - docs/static/docker.asciidoc | 2 +- logstash-core/lib/logstash/environment.rb | 8 +- logstash-core/lib/logstash/runner.rb | 15 ---- logstash-core/locales/en.yml | 10 --- logstash-core/spec/logstash/runner_spec.rb | 83 ------------------- 8 files changed, 7 insertions(+), 119 deletions(-) diff --git a/docker/data/logstash/config/logstash-full.yml b/docker/data/logstash/config/logstash-full.yml index 58e1a35d0..949b46772 100644 --- a/docker/data/logstash/config/logstash-full.yml +++ b/docker/data/logstash/config/logstash-full.yml @@ -1,2 +1,2 @@ -http.host: "0.0.0.0" +api.http.host: "0.0.0.0" xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ] diff --git a/docker/data/logstash/config/logstash-oss.yml b/docker/data/logstash/config/logstash-oss.yml index 342d19af8..979a5ca84 100644 --- a/docker/data/logstash/config/logstash-oss.yml +++ b/docker/data/logstash/config/logstash-oss.yml @@ -1 +1 @@ -http.host: "0.0.0.0" +api.http.host: "0.0.0.0" diff --git a/docker/data/logstash/env2yaml/env2yaml.go b/docker/data/logstash/env2yaml/env2yaml.go index c7b792668..588f1bb41 100644 --- a/docker/data/logstash/env2yaml/env2yaml.go +++ b/docker/data/logstash/env2yaml/env2yaml.go @@ -64,10 +64,6 @@ var validSettings = []string{ "dead_letter_queue.storage_policy", "dead_letter_queue.retain.age", "path.dead_letter_queue", - "http.enabled", // DEPRECATED: prefer `api.enabled` - "http.environment", // DEPRECATED: prefer `api.environment` - "http.host", // DEPRECATED: prefer `api.http.host` - "http.port", // DEPRECATED: prefer `api.http.port` "log.level", "log.format", "log.format.json.fix_duplicate_message_fields", diff --git a/docs/static/docker.asciidoc b/docs/static/docker.asciidoc index 0c636d008..178167afc 100644 --- a/docs/static/docker.asciidoc +++ b/docs/static/docker.asciidoc @@ -208,7 +208,7 @@ The following settings have different default values when using the Docker images: [horizontal] -`http.host`:: `0.0.0.0` +`api.http.host`:: `0.0.0.0` `monitoring.elasticsearch.hosts`:: `http://elasticsearch:9200` NOTE: The setting `monitoring.elasticsearch.hosts` is not diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index d8d7033f2..d67ad4457 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -72,10 +72,10 @@ module LogStash Setting::Boolean.new("enable-local-plugin-development", false), Setting::String.new("log.format", "plain", true, ["json", "plain"]), Setting::Boolean.new("log.format.json.fix_duplicate_message_fields", true), - Setting::Boolean.new("api.enabled", true).with_deprecated_alias("http.enabled", "9"), - Setting::String.new("api.http.host", "127.0.0.1").with_deprecated_alias("http.host", "9"), - Setting::PortRange.new("api.http.port", 9600..9700).with_deprecated_alias("http.port", "9"), - Setting::String.new("api.environment", "production").with_deprecated_alias("http.environment", "9"), + Setting::Boolean.new("api.enabled", true), + Setting::String.new("api.http.host", "127.0.0.1"), + Setting::PortRange.new("api.http.port", 9600..9700), + Setting::String.new("api.environment", "production"), Setting::String.new("api.auth.type", "none", true, %w(none basic)), Setting::String.new("api.auth.basic.username", nil, false).nullable, Setting::Password.new("api.auth.basic.password", nil, false).nullable, diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 8f61e22ab..46417a0c5 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -251,21 +251,6 @@ class LogStash::Runner < Clamp::StrictCommand I18n.t("logstash.runner.flag.quiet"), :new_flag => "log.level", :new_value => "error" - deprecated_option ["--http.enabled"], :flag, - I18n.t("logstash.runner.flag.http_enabled"), - :new_flag => "api.enabled", :passthrough => true, # use settings to disambiguate - :obsoleted_version => "9" - - deprecated_option ["--http.host"], "HTTP_HOST", - I18n.t("logstash.runner.flag.http_host"), - :new_flag => "api.http.host", :passthrough => true, # use settings to disambiguate - :obsoleted_version => "9" - - deprecated_option ["--http.port"], "HTTP_PORT", - I18n.t("logstash.runner.flag.http_port"), - :new_flag => "api.http.port", :passthrough => true, # use settings to disambiguate - :obsoleted_version => "9" - # We configure the registry and load any plugin that can register hooks # with logstash, this needs to be done before any operation. SYSTEM_SETTINGS = LogStash::SETTINGS.clone diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index 50586892e..eddc2b221 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -280,16 +280,6 @@ en: e.g. 'username:' configtest: |+ Check configuration for valid syntax and then exit. - http_enabled: |+ - Can be used to disable the Web API, which is - enabled by default. - DEPRECATED: use `--api.enabled=false` - http_host: |+ - Web API binding host - DEPRECATED: use `--api.http.host=IP` - http_port: |+ - Web API http port - DEPRECATED: use `--api.http.port=PORT` api_enabled: |+ Can be used to disable the Web API, which is enabled by default. diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index ffcb9ef92..962f056a7 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -255,37 +255,6 @@ describe LogStash::Runner do subject.run("bin/logstash", args) end end - - context "using deprecated :http.host alias" do - let(:deprecation_logger_stub) { double("DeprecationLogger(Settings)").as_null_object } - before(:each) { allow(LogStash::Settings).to receive(:deprecation_logger).and_return(deprecation_logger_stub) } - - let(:runner_deprecation_logger_stub) { double("DeprecationLogger(Runner)").as_null_object } - before(:each) { allow(runner).to receive(:deprecation_logger).and_return(runner_deprecation_logger_stub) } - - context "when deprecated :http.host is defined by the user" do - let(:args) { ["--http.host", "localhost", "-e", pipeline_string]} - it "creates an Agent whose `api.http.host` uses the provided value and provides helpful deprecation message" do - expect(deprecation_logger_stub).to receive(:deprecated).with(a_string_including "`http.host` is a deprecated alias for `api.http.host`") - expect(runner_deprecation_logger_stub).to receive(:deprecated).with(a_string_including 'The flag ["--http.host"] has been deprecated') - expect(LogStash::Agent).to receive(:new) do |settings| - expect(settings.set?("api.http.host")).to be(true) - expect(settings.get("api.http.host")).to eq("localhost") - end - - subject.run("bin/logstash", args) - end - end - - context "when :api.http.host and deprecated alias :http.host are both defined by the user" do - it "errors helpfully" do - args = ["--api.http.host", "api.local", "--http.host", "http.local", "-e", pipeline_string] - expect do - expect(subject.run("bin/logstash", args)).to_not eq(0) - end.to output(a_string_including("Both `api.http.host` and its deprecated alias `http.host` have been set. Please only set `api.http.host`")).to_stderr - end - end - end end context ":api.http.port" do @@ -326,58 +295,6 @@ describe LogStash::Runner do end end end - - context "using deprecated :http.port alias" do - let(:deprecation_logger_stub) { double("DeprecationLogger(Settings)").as_null_object } - before(:each) { allow(LogStash::Settings).to receive(:deprecation_logger).and_return(deprecation_logger_stub) } - - let(:runner_deprecation_logger_stub) { double("DeprecationLogger(Runner)").as_null_object } - before(:each) { allow(runner).to receive(:deprecation_logger).and_return(runner_deprecation_logger_stub) } - - context "when defined using deprecated :http.port alias" do - let(:args) { ["--http.port", port_argument, "-e", pipeline_string] } - - context "as a single-value string" do - let(:port_argument) { "10000" } - it "creates an Agent whose `api.http.port` uses an appropriate single-element range and logs a helpful deprecation message" do - expect(deprecation_logger_stub).to receive(:deprecated).with(a_string_including "`http.port` is a deprecated alias for `api.http.port`") - expect(runner_deprecation_logger_stub).to receive(:deprecated).with(a_string_including 'The flag ["--http.port"] has been deprecated') - - expect(LogStash::Agent).to receive(:new) do |settings| - expect(settings.set?("api.http.port")).to be(true) - expect(settings.get("api.http.port")).to eq(10000..10000) - end - - subject.run("bin/logstash", args) - end - end - - context "as a range" do - let(:port_argument) { "10000-20000" } - it "creates an Agent whose `api.http.port` uses the appropriate inclusive-end range and logs a helpful deprecation message" do - expect(deprecation_logger_stub).to receive(:deprecated).with(a_string_including "`http.port` is a deprecated alias for `api.http.port`") - expect(runner_deprecation_logger_stub).to receive(:deprecated).with(a_string_including 'The flag ["--http.port"] has been deprecated') - - expect(LogStash::Agent).to receive(:new) do |settings| - expect(settings.set?("api.http.port")).to be(true) - expect(settings.get("api.http.port")).to eq(10000..20000) - end - - subject.run("bin/logstash", args) - end - end - end - - context "when defined by both canonical name and deprecated :http.port alias" do - let(:args) { ["--api.http.port", "9603", "--http.port", "9604", "-e", pipeline_string] } - - it "errors helpfully" do - expect do - expect(subject.run("bin/logstash", args)).to_not eq(0) - end.to output(a_string_including("Both `api.http.port` and its deprecated alias `http.port` have been set. Please only set `api.http.port`")).to_stderr - end - end - end end context "when :pipeline_workers is not defined by the user" do From 93b0913fd9380cb407a5c095fc904d057ed8573f Mon Sep 17 00:00:00 2001 From: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com> Date: Tue, 22 Oct 2024 15:40:02 +0200 Subject: [PATCH 087/290] Updated CI releases inventory after 7.17.25 (#16589) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 69a040a9d..5999c5f1f 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -2,11 +2,11 @@ "releases": { "5.x": "5.6.16", "6.x": "6.8.23", - "7.x": "7.17.24", + "7.x": "7.17.25", "8.x": "8.15.3" }, "snapshots": { - "7.x": "7.17.25-SNAPSHOT", + "7.x": "7.17.26-SNAPSHOT", "8.15": "8.15.4-SNAPSHOT", "8.x": "8.16.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" From ca19f0029efeca9b239278c1c16719a9e00d751d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Fri, 25 Oct 2024 14:44:33 +0100 Subject: [PATCH 088/290] make max inflight warning global to all pipelines (#16597) The current max inflight error message focuses on a single pipeline and on a maximum amount of 10k events regardless of the heap size. The new warning will take into account all loaded pipelines and also consider the heap size, giving a warning if the total number of events consumes 10% or more of the total heap. For the purpose of the warning events are assumed to be 2KB as it a normal size for a small log entry. --- logstash-core/lib/logstash/agent.rb | 18 +++--- logstash-core/lib/logstash/java_pipeline.rb | 5 -- .../pipeline_resource_usage_validator.rb | 54 +++++++++++++++++ .../spec/logstash/java_pipeline_spec.rb | 7 --- .../pipeline_resource_usage_validator_spec.rb | 59 +++++++++++++++++++ 5 files changed, 124 insertions(+), 19 deletions(-) create mode 100644 logstash-core/lib/logstash/pipeline_resource_usage_validator.rb create mode 100644 logstash-core/spec/logstash/pipeline_resource_usage_validator_spec.rb diff --git a/logstash-core/lib/logstash/agent.rb b/logstash-core/lib/logstash/agent.rb index 4ab6c6846..dd0ad4a2d 100644 --- a/logstash-core/lib/logstash/agent.rb +++ b/logstash-core/lib/logstash/agent.rb @@ -26,6 +26,7 @@ require "logstash/pipeline_action" require "logstash/state_resolver" require "logstash/pipelines_registry" require "logstash/persisted_queue_config_validator" +require "logstash/pipeline_resource_usage_validator" require "stud/trap" require "uri" require "socket" @@ -102,6 +103,7 @@ class LogStash::Agent initialize_geoip_database_metrics(metric) @pq_config_validator = LogStash::PersistedQueueConfigValidator.new + @pipeline_resource_usage_validator = LogStash::PipelineResourceUsageValidator.new(Java::java.lang.Runtime.getRuntime().maxMemory) @dispatcher = LogStash::EventDispatcher.new(self) LogStash::PLUGIN_REGISTRY.hooks.register_emitter(self.class, dispatcher) @@ -221,13 +223,15 @@ class LogStash::Agent converge_result = resolve_actions_and_converge_state(results.response) update_metrics(converge_result) - - logger.info( - "Pipelines running", - :count => running_pipelines.size, - :running_pipelines => running_pipelines.keys, - :non_running_pipelines => non_running_pipelines.keys - ) if converge_result.success? && converge_result.total > 0 + if converge_result.success? && converge_result.total > 0 + logger.info( + "Pipelines running", + :count => running_pipelines.size, + :running_pipelines => running_pipelines.keys, + :non_running_pipelines => non_running_pipelines.keys + ) + @pipeline_resource_usage_validator.check(@pipelines_registry) + end dispatch_events(converge_result) diff --git a/logstash-core/lib/logstash/java_pipeline.rb b/logstash-core/lib/logstash/java_pipeline.rb index b30d11e2b..a41c18eec 100644 --- a/logstash-core/lib/logstash/java_pipeline.rb +++ b/logstash-core/lib/logstash/java_pipeline.rb @@ -39,7 +39,6 @@ module LogStash; class JavaPipeline < AbstractPipeline :started_at, :thread - MAX_INFLIGHT_WARN_THRESHOLD = 10_000 SECOND = 1 MEMORY = "memory".freeze @@ -284,10 +283,6 @@ module LogStash; class JavaPipeline < AbstractPipeline "pipeline.sources" => pipeline_source_details) @logger.info("Starting pipeline", pipeline_log_params) - if max_inflight > MAX_INFLIGHT_WARN_THRESHOLD - @logger.warn("CAUTION: Recommended inflight events max exceeded! Logstash will run with up to #{max_inflight} events in memory in your current configuration. If your message sizes are large this may cause instability with the default heap size. Please consider setting a non-standard heap size, changing the batch size (currently #{batch_size}), or changing the number of pipeline workers (currently #{pipeline_workers})", default_logging_keys) - end - filter_queue_client.set_batch_dimensions(batch_size, batch_delay) # First launch WorkerLoop initialization in separate threads which concurrently diff --git a/logstash-core/lib/logstash/pipeline_resource_usage_validator.rb b/logstash-core/lib/logstash/pipeline_resource_usage_validator.rb new file mode 100644 index 000000000..5c428bfc7 --- /dev/null +++ b/logstash-core/lib/logstash/pipeline_resource_usage_validator.rb @@ -0,0 +1,54 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +module LogStash + class PipelineResourceUsageValidator + include LogStash::Util::Loggable + + WARN_HEAP_THRESHOLD = 10 # 10% + + def initialize(max_heap_size) + @max_heap_size = max_heap_size + end + + def check(pipelines_registry) + return if pipelines_registry.size == 0 + + percentage_of_heap = compute_percentage(pipelines_registry) + + if percentage_of_heap >= WARN_HEAP_THRESHOLD + logger.warn("For a baseline of 2KB events, the maximum heap memory consumed across #{pipelines_registry.size} pipelines may reach up to #{percentage_of_heap}% of the entire heap (more if the events are bigger). The recommended percentage is less than #{WARN_HEAP_THRESHOLD}%. Consider reducing the number of pipelines, or the batch size and worker count per pipeline.") + else + logger.debug("For a baseline of 2KB events, the maximum heap memory consumed across #{pipelines_registry.size} pipelines may reach up to #{percentage_of_heap}% of the entire heap (more if the events are bigger).") + end + end + + def compute_percentage(pipelines_registry) + max_event_count = sum_event_count(pipelines_registry) + estimated_heap_usage = max_event_count * 2.0 * 1024 # assume 2KB per event + percentage_of_heap = ((estimated_heap_usage / @max_heap_size) * 100).round(2) + end + + def sum_event_count(pipelines_registry) + pipelines_registry.loaded_pipelines.inject(0) do |sum, (pipeline_id, pipeline)| + batch_size = pipeline.settings.get("pipeline.batch.size") + pipeline_workers = pipeline.settings.get("pipeline.workers") + sum + (batch_size * pipeline_workers) + end + end + end +end diff --git a/logstash-core/spec/logstash/java_pipeline_spec.rb b/logstash-core/spec/logstash/java_pipeline_spec.rb index c64d92754..fa2ededdc 100644 --- a/logstash-core/spec/logstash/java_pipeline_spec.rb +++ b/logstash-core/spec/logstash/java_pipeline_spec.rb @@ -1009,13 +1009,6 @@ describe LogStash::JavaPipeline do expect(logger).not_to have_received(:warn).with(warning_prefix) end - context "with a too large inflight count" do - let(:batch_size) { LogStash::JavaPipeline::MAX_INFLIGHT_WARN_THRESHOLD + 1 } - - it "should raise a max inflight warning if the max_inflight count is exceeded" do - expect(logger).to have_received(:warn).with(warning_prefix, hash_including(:pipeline_id => anything)) - end - end end context "compiled filter functions" do diff --git a/logstash-core/spec/logstash/pipeline_resource_usage_validator_spec.rb b/logstash-core/spec/logstash/pipeline_resource_usage_validator_spec.rb new file mode 100644 index 000000000..db8910d8d --- /dev/null +++ b/logstash-core/spec/logstash/pipeline_resource_usage_validator_spec.rb @@ -0,0 +1,59 @@ +# Licensed to Elasticsearch B.V. under one or more contributor +# license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright +# ownership. Elasticsearch B.V. licenses this file to you under +# the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +require "spec_helper" +require "logstash/pipeline_resource_usage_validator" +require_relative '../support/helpers' + +describe LogStash::PipelineResourceUsageValidator do + let(:max_heap_size) { 1 * 1024 * 1024 * 1024 } # 1 GB + subject { LogStash::PipelineResourceUsageValidator.new(max_heap_size) } + let(:logger) { subject.logger } + let(:pipelines_registry) { double(:pipelines_registry) } + let(:pipeline_count) { 10 } + + before(:each) do + allow(subject).to receive(:compute_percentage).and_return(usage_percentage) + allow(pipelines_registry).to receive(:size).and_return(pipeline_count) + end + + context "when memory usage goes above 10% heap" do + let(:usage_percentage) { 45 } + it "logs a warning message" do + expect(logger).to receive(:warn).with(/may reach up to #{usage_percentage}.*Consider.*pipeline.$/) + subject.check(pipelines_registry) + end + end + + context "when memory usage is below 10% heap" do + let(:usage_percentage) { 5 } + it "logs a debug message" do + expect(logger).to receive(:debug).with(/may reach up to #{usage_percentage}.*bigger\).$/) + subject.check(pipelines_registry) + end + end + + context "when there are no pipelines" do + let(:pipeline_count) { 0 } + let(:usage_percentage) { 0 } + it "should not log" do + expect(logger).to_not receive(:warn) + expect(logger).to_not receive(:debug) + subject.check(pipelines_registry) + end + end +end From ed5874bc27a61ab22bcbc40111795cdde5245790 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Tue, 29 Oct 2024 10:55:15 +0100 Subject: [PATCH 089/290] Use jvm catalog for reproducible builds and expose new pipeline to check JDK availability (#16602) Updates the existing `createElasticCatalogDownloadUrl` method to use the precise version retrieved `versions.yml` to download the JDK instead of using the latest of major version. This makes the build reproducible again. Defines a new Gradle `checkNewJdkVersion` task to check if there is a new JDK version available from JVM catalog matching the same major of the current branch. Creates a new Buildkite pipeline to execute a `bash` script to run the Gradle task; plus it also update the `catalog-info.yaml` with the new pipeline and a trigger to execute every week. --- .../jdk_availability_check_pipeline.yml | 7 ++ build.gradle | 87 ++++++++++++------- catalog-info.yaml | 49 +++++++++++ ci/check_jdk_version_availability.sh | 7 ++ 4 files changed, 121 insertions(+), 29 deletions(-) create mode 100644 .buildkite/jdk_availability_check_pipeline.yml create mode 100755 ci/check_jdk_version_availability.sh diff --git a/.buildkite/jdk_availability_check_pipeline.yml b/.buildkite/jdk_availability_check_pipeline.yml new file mode 100644 index 000000000..f4baaec0a --- /dev/null +++ b/.buildkite/jdk_availability_check_pipeline.yml @@ -0,0 +1,7 @@ +steps: + - label: "JDK Availability check" + command: | + set -euo pipefail + + source .buildkite/scripts/common/vm-agent.sh + ci/check_jdk_version_availability.sh \ No newline at end of file diff --git a/build.gradle b/build.gradle index 979513ca2..d80d26b17 100644 --- a/build.gradle +++ b/build.gradle @@ -740,46 +740,66 @@ class JDKDetails { return createElasticCatalogDownloadUrl() } - private String createElasticCatalogDownloadUrl() { - // Ask details to catalog https://jvm-catalog.elastic.co/jdk and return the url to download the JDK - - // arch x86_64 never used, only aarch64 if macos + // throws an error iff local version in versions.yml doesn't match the latest from JVM catalog. + void checkLocalVersionMatchingLatest() { + // retrieve the metadata from remote def url = "https://jvm-catalog.elastic.co/jdk/latest_adoptiumjdk_${major}_${osName}" - - // Append the cpu's arch only if Mac on aarch64, all the other OSes doesn't have CPU extension - if (arch == "aarch64") { - url += "_${arch}" - } - println "Retrieving JDK from catalog..." def catalogMetadataUrl = URI.create(url).toURL() def catalogConnection = catalogMetadataUrl.openConnection() catalogConnection.requestMethod = 'GET' assert catalogConnection.responseCode == 200 def metadataRetrieved = catalogConnection.content.text - println "Retrieved!" - def catalogMetadata = new JsonSlurper().parseText(metadataRetrieved) - return catalogMetadata.url - } - private String createAdoptDownloadUrl() { - String releaseName = major > 8 ? - "jdk-${revision}+${build}" : - "jdk${revision}u${build}" - String vendorOsName = vendorOsName(osName) - switch (vendor) { - case "adoptium": - return "https://api.adoptium.net/v3/binary/version/${releaseName}/${vendorOsName}/${arch}/jdk/hotspot/normal/adoptium" - default: - throw RuntimeException("Can't handle vendor: ${vendor}") + if (catalogMetadata.version != revision || catalogMetadata.revision != build) { + throw new GradleException("Found new jdk version. Please update version.yml to ${catalogMetadata.version} build ${catalogMetadata.revision}") } } - private String vendorOsName(String osName) { - if (osName == "darwin") - return "mac" - return osName + private String createElasticCatalogDownloadUrl() { + // Ask details to catalog https://jvm-catalog.elastic.co/jdk and return the url to download the JDK + + // arch x86_64 is default, aarch64 if macos or linux + def url = "https://jvm-catalog.elastic.co/jdk/adoptiumjdk-${revision}+${build}-${osName}" + + // Append the cpu's arch only if not x86_64, which is the default + if (arch == "aarch64") { + url += "-${arch}" + } + println "Retrieving JDK from catalog..." + def catalogMetadataUrl = URI.create(url).toURL() + def catalogConnection = catalogMetadataUrl.openConnection() + catalogConnection.requestMethod = 'GET' + if (catalogConnection.responseCode != 200) { + println "Can't find adoptiumjdk ${revision} for ${osName} on Elastic JVM catalog" + throw new GradleException("JVM not present on catalog") + } + + def metadataRetrieved = catalogConnection.content.text + println "Retrieved!" + + def catalogMetadata = new JsonSlurper().parseText(metadataRetrieved) + validateMetadata(catalogMetadata) + + return catalogMetadata.url + } + + //Verify that the artifact metadata correspond to the request, if not throws an error + private void validateMetadata(Map metadata) { + if (metadata.version != revision) { + throw new GradleException("Expected to retrieve a JDK for version ${revision} but received: ${metadata.version}") + } + if (!isSameArchitecture(metadata.architecture)) { + throw new GradleException("Expected to retrieve a JDK for architecture ${arch} but received: ${metadata.architecture}") + } + } + + private boolean isSameArchitecture(String metadataArch) { + if (arch == 'x64') { + return metadataArch == 'x86_64' + } + return metadata.architecture == arch } private String parseJdkArchitecture(String jdkArch) { @@ -791,7 +811,7 @@ class JDKDetails { return "aarch64" break default: - throw RuntimeException("Can't handle CPU architechture: ${jdkArch}") + throw new GradleException("Can't handle CPU architechture: ${jdkArch}") } } } @@ -840,6 +860,15 @@ tasks.register("downloadJdk", Download) { } } +tasks.register("checkNewJdkVersion") { + def versionYml = new Yaml().load(new File("$projectDir/versions.yml").text) + + // use Linux x86_64 as canary platform + def jdkDetails = new JDKDetails(versionYml, "linux", "x86_64") + // throws Gradle exception if local and remote doesn't match + jdkDetails.checkLocalVersionMatchingLatest() +} + tasks.register("deleteLocalJdk", Delete) { // CLI project properties: -Pjdk_bundle_os=[windows|linux|darwin] String osName = selectOsType() diff --git a/catalog-info.yaml b/catalog-info.yaml index 8b3608c45..ad928a7d4 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -33,6 +33,7 @@ spec: - resource:logstash-windows-jdk-matrix-pipeline - resource:logstash-benchmark-pipeline - resource:logstash-health-report-tests-pipeline + - resource:logstash-jdk-availability-check-pipeline # *********************************** # Declare serverless IT pipeline @@ -572,6 +573,12 @@ spec: env: PIPELINES_TO_TRIGGER: 'logstash-exhaustive-tests-pipeline' EXCLUDE_BRANCHES: 'main' + JDK availability check: + branch: main + cronline: 0 2 * * 1 # every Monday@2AM UTC + message: Weekly trigger of JDK update availability pipeline per branch + env: + PIPELINES_TO_TRIGGER: 'logstash-jdk-availability-check-pipeline' skip_intermediate_builds: true provider_settings: trigger_mode: none @@ -745,4 +752,46 @@ spec: # ******************************* # SECTION END: Health Report Tests pipeline +# ******************************* + +# *********************************** +# Declare JDK check pipeline +# *********************************** +--- +# yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json +apiVersion: backstage.io/v1alpha1 +kind: Resource +metadata: + name: logstash-jdk-availability-check-pipeline + description: ":logstash: check availability of new JDK version" +spec: + type: buildkite-pipeline + owner: group:logstash + system: platform-ingest + implementation: + apiVersion: buildkite.elastic.dev/v1 + kind: Pipeline + metadata: + name: logstash-jdk-availability-check-pipeline + spec: + repository: elastic/logstash + pipeline_file: ".buildkite/jdk_availability_check_pipeline.yml" + maximum_timeout_in_minutes: 10 + provider_settings: + trigger_mode: none # don't trigger jobs from github activity + env: + ELASTIC_SLACK_NOTIFICATIONS_ENABLED: 'true' + SLACK_NOTIFICATIONS_CHANNEL: '#logstash-build' + SLACK_NOTIFICATIONS_ON_SUCCESS: 'false' + SLACK_NOTIFICATIONS_SKIP_FOR_RETRIES: 'true' + teams: + logstash: + access_level: MANAGE_BUILD_AND_READ + ingest-eng-prod: + access_level: MANAGE_BUILD_AND_READ + everyone: + access_level: READ_ONLY + +# ******************************* +# SECTION END: JDK check pipeline # ******************************* \ No newline at end of file diff --git a/ci/check_jdk_version_availability.sh b/ci/check_jdk_version_availability.sh new file mode 100755 index 000000000..2ce40dc7b --- /dev/null +++ b/ci/check_jdk_version_availability.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +set -eo pipefail + +export GRADLE_OPTS="-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8" + +echo "Checking local JDK version against latest remote from JVM catalog" +./gradlew checkNewJdkVersion \ No newline at end of file From 5d523aa5c890e9ca2a878fa234831da254faeec9 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 30 Oct 2024 11:44:41 +0100 Subject: [PATCH 090/290] Fix bad reference to a variable (#16615) --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index d80d26b17..b9f843a9b 100644 --- a/build.gradle +++ b/build.gradle @@ -799,7 +799,7 @@ class JDKDetails { if (arch == 'x64') { return metadataArch == 'x86_64' } - return metadata.architecture == arch + return metadataArch == arch } private String parseJdkArchitecture(String jdkArch) { From c602b851bfe82bd9e16e59aa84ee7e83631ea2ef Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 30 Oct 2024 12:13:28 +0100 Subject: [PATCH 091/290] [CI] Change agent for JDK availability check and add schedule also for 8.x (#16614) Switch execution agent of JDK availability check pipeline from vm-agent to container-agent. Moves the schedule definition from the `Logstash Pipeline Scheduler` pipeline into the pipeline definition, adding a schedule also for `8.x` branch. --- .../jdk_availability_check_pipeline.yml | 9 ++++++++- catalog-info.yaml | 19 +++++++++++++------ 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/.buildkite/jdk_availability_check_pipeline.yml b/.buildkite/jdk_availability_check_pipeline.yml index f4baaec0a..3fa826564 100644 --- a/.buildkite/jdk_availability_check_pipeline.yml +++ b/.buildkite/jdk_availability_check_pipeline.yml @@ -1,7 +1,14 @@ steps: - label: "JDK Availability check" + key: "jdk-availability-check" + agents: + image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci" + cpu: "4" + memory: "6Gi" + ephemeralStorage: "100Gi" command: | set -euo pipefail - source .buildkite/scripts/common/vm-agent.sh + source .buildkite/scripts/common/container-agent.sh + export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info" ci/check_jdk_version_availability.sh \ No newline at end of file diff --git a/catalog-info.yaml b/catalog-info.yaml index ad928a7d4..0ff6603cb 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -573,12 +573,6 @@ spec: env: PIPELINES_TO_TRIGGER: 'logstash-exhaustive-tests-pipeline' EXCLUDE_BRANCHES: 'main' - JDK availability check: - branch: main - cronline: 0 2 * * 1 # every Monday@2AM UTC - message: Weekly trigger of JDK update availability pipeline per branch - env: - PIPELINES_TO_TRIGGER: 'logstash-jdk-availability-check-pipeline' skip_intermediate_builds: true provider_settings: trigger_mode: none @@ -791,6 +785,19 @@ spec: access_level: MANAGE_BUILD_AND_READ everyone: access_level: READ_ONLY + schedules: + Weekly JDK availability check (main): + branch: main + cronline: 0 2 * * 1 # every Monday@2AM UTC + message: Weekly trigger of JDK update availability pipeline per branch + env: + PIPELINES_TO_TRIGGER: 'logstash-jdk-availability-check-pipeline' + Weekly JDK availability check (8.x): + branch: 8.x + cronline: 0 2 * * 1 # every Monday@2AM UTC + message: Weekly trigger of JDK update availability pipeline per branch + env: + PIPELINES_TO_TRIGGER: 'logstash-jdk-availability-check-pipeline' # ******************************* # SECTION END: JDK check pipeline From db59cd0fbd11d3a49ac089a5b7e86696adbfae3e Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 31 Oct 2024 13:33:00 +0000 Subject: [PATCH 092/290] set `allow_superuser` to false as default (#16558) - set allow_superuser as false by default for v9 - change the buildkite image of ruby unit test to non-root --- .buildkite/pull_request_pipeline.yml | 4 +++- docs/static/settings-file.asciidoc | 2 +- logstash-core/lib/logstash/environment.rb | 2 +- logstash-core/lib/logstash/runner.rb | 3 ++- logstash-core/spec/logstash/runner_spec.rb | 4 ++-- 5 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.buildkite/pull_request_pipeline.yml b/.buildkite/pull_request_pipeline.yml index 9209144da..938bb5613 100644 --- a/.buildkite/pull_request_pipeline.yml +++ b/.buildkite/pull_request_pipeline.yml @@ -22,10 +22,12 @@ steps: - label: ":rspec: Ruby unit tests" key: "ruby-unit-tests" agents: - image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci" + image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root" cpu: "4" memory: "8Gi" ephemeralStorage: "100Gi" + # Run as a non-root user + imageUID: "1002" retry: automatic: - limit: 3 diff --git a/docs/static/settings-file.asciidoc b/docs/static/settings-file.asciidoc index bc43cec67..704afa9b1 100644 --- a/docs/static/settings-file.asciidoc +++ b/docs/static/settings-file.asciidoc @@ -359,7 +359,7 @@ separating each log lines per pipeline could be helpful in case you need to trou | `allow_superuser` | Setting to `true` to allow or `false` to block running Logstash as a superuser. -| `true` +| `false` | `pipeline.buffer.type` | Determine where to allocate memory buffers, for plugins that leverage them. diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index d67ad4457..6d2c1d5d3 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -34,7 +34,7 @@ module LogStash end [ - Setting::Boolean.new("allow_superuser", true), + Setting::Boolean.new("allow_superuser", false), Setting::String.new("node.name", Socket.gethostname), Setting::NullableString.new("path.config", nil, false), Setting::WritableDirectory.new("path.data", ::File.join(LogStash::Environment::LOGSTASH_HOME, "data")), diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 46417a0c5..0fd7a503b 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -456,7 +456,8 @@ class LogStash::Runner < Clamp::StrictCommand def running_as_superuser if Process.euid() == 0 if setting("allow_superuser") - deprecation_logger.deprecated("NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases.") + logger.warn("NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk. " + + "It is strongly recommended to set 'allow_superuser' to false.") else raise(RuntimeError, "Logstash cannot be run as superuser.") end diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index 962f056a7..3a0a7e131 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -595,7 +595,7 @@ describe LogStash::Runner do it "runs successfully with warning message" do LogStash::SETTINGS.set("allow_superuser", true) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./) + expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) expect { subject.run(args) }.not_to raise_error end end @@ -607,7 +607,7 @@ describe LogStash::Runner do it "runs successfully without any messages" do LogStash::SETTINGS.set("allow_superuser", false) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./) + expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) expect { subject.run(args) }.not_to raise_error end end From 472e27a0144a4d727213f43bba9d8ccb96d2b3fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 31 Oct 2024 16:00:11 +0000 Subject: [PATCH 093/290] make docker build and gradle tasks more friendly towards ci output (#16618) --- ci/acceptance_tests.sh | 2 +- ci/docker_acceptance_tests.sh | 2 +- docker/Makefile | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ci/acceptance_tests.sh b/ci/acceptance_tests.sh index 814eae5fe..fa844c7ca 100755 --- a/ci/acceptance_tests.sh +++ b/ci/acceptance_tests.sh @@ -19,7 +19,7 @@ function get_package_type { # uses at least 1g of memory, If we don't do this we can get OOM issues when # installing gems. See https://github.com/elastic/logstash/issues/5179 export JRUBY_OPTS="-J-Xmx1g" -export GRADLE_OPTS="-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8" +export GRADLE_OPTS="-Xmx4g -Dorg.gradle.console=plain -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8" export OSS=true if [ -n "$BUILD_JAVA_HOME" ]; then diff --git a/ci/docker_acceptance_tests.sh b/ci/docker_acceptance_tests.sh index 4ee3721f2..3f4d2de11 100755 --- a/ci/docker_acceptance_tests.sh +++ b/ci/docker_acceptance_tests.sh @@ -6,7 +6,7 @@ set -x # uses at least 1g of memory, If we don't do this we can get OOM issues when # installing gems. See https://github.com/elastic/logstash/issues/5179 export JRUBY_OPTS="-J-Xmx1g" -export GRADLE_OPTS="-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8" +export GRADLE_OPTS="-Xmx4g -Dorg.gradle.console=plain -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8" if [ -n "$BUILD_JAVA_HOME" ]; then GRADLE_OPTS="$GRADLE_OPTS -Dorg.gradle.java.home=$BUILD_JAVA_HOME" diff --git a/docker/Makefile b/docker/Makefile index 80b1440a4..68d8e1fb9 100644 --- a/docker/Makefile +++ b/docker/Makefile @@ -31,7 +31,7 @@ build-from-local-full-artifacts: dockerfile env2yaml -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done' - docker build --network=host -t $(IMAGE_TAG)-full:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-full data/logstash || \ + docker build --progress=plain --network=host -t $(IMAGE_TAG)-full:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-full data/logstash || \ (docker kill $(HTTPD); false); \ docker tag $(IMAGE_TAG)-full:$(VERSION_TAG) $(IMAGE_TAG):$(VERSION_TAG); docker kill $(HTTPD) @@ -41,7 +41,7 @@ build-from-local-oss-artifacts: dockerfile env2yaml -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done' - docker build --network=host -t $(IMAGE_TAG)-oss:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-oss data/logstash || \ + docker build --progress=plain --network=host -t $(IMAGE_TAG)-oss:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-oss data/logstash || \ (docker kill $(HTTPD); false); -docker kill $(HTTPD) @@ -50,7 +50,7 @@ build-from-local-ubi8-artifacts: dockerfile env2yaml -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done' - docker build --network=host -t $(IMAGE_TAG)-ubi8:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-ubi8 data/logstash || \ + docker build --progress=plain --network=host -t $(IMAGE_TAG)-ubi8:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-ubi8 data/logstash || \ (docker kill $(HTTPD); false); -docker kill $(HTTPD) @@ -59,7 +59,7 @@ build-from-local-wolfi-artifacts: dockerfile -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done' - docker build --network=host -t $(IMAGE_TAG)-wolfi:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-wolfi data/logstash || \ + docker build --progress=plain --network=host -t $(IMAGE_TAG)-wolfi:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-wolfi data/logstash || \ (docker kill $(HTTPD); false); -docker kill $(HTTPD) From 9eced9a106bfb6d8fe23f0f78c6e8a65174134cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 31 Oct 2024 16:00:25 +0000 Subject: [PATCH 094/290] reduce effort during build of docker images (#16619) there's no need to build jdk-less and windows tarballs for docker images so this change simplifies the build process. It should reduce the time spent needed to build docker images. --- rakelib/artifacts.rake | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/rakelib/artifacts.rake b/rakelib/artifacts.rake index f4a8657c4..d8563012a 100644 --- a/rakelib/artifacts.rake +++ b/rakelib/artifacts.rake @@ -156,6 +156,14 @@ namespace "artifact" do build_zip(*license_details, platform: '-no-jdk') end + desc "Build jdk bundled tar.gz of default logstash plugins with all dependencies for docker" + task "archives_docker" => ["prepare", "generate_build_metadata"] do + license_details = ['ELASTIC-LICENSE'] + @bundles_jdk = true + create_archive_pack(license_details, "x86_64", "linux", "darwin") + create_archive_pack(license_details, "arm64", "linux", "darwin") + end + def create_archive_pack(license_details, arch, *oses) oses.each do |os_name| puts("[artifact:archives] Building tar.gz/zip of default plugins for OS: #{os_name}, arch: #{arch}") @@ -212,6 +220,15 @@ namespace "artifact" do build_zip(*license_details, platform: '-no-jdk') end + desc "Build jdk bundled OSS tar.gz of default logstash plugins with all dependencies for docker" + task "archives_docker_oss" => ["prepare-oss", "generate_build_metadata"] do + #with bundled JDKs + @bundles_jdk = true + license_details = ['APACHE-LICENSE-2.0', "-oss", oss_exclude_paths] + create_archive_pack(license_details, "x86_64", "linux", "darwin") + create_archive_pack(license_details, "arm64", "linux", "darwin") + end + desc "Build an RPM of logstash with all dependencies" task "rpm" => ["prepare", "generate_build_metadata"] do #with bundled JDKs @@ -299,25 +316,25 @@ namespace "artifact" do end desc "Build docker image" - task "docker" => ["prepare", "generate_build_metadata", "archives"] do + task "docker" => ["prepare", "generate_build_metadata", "archives_docker"] do puts("[docker] Building docker image") build_docker('full') end desc "Build OSS docker image" - task "docker_oss" => ["prepare-oss", "generate_build_metadata", "archives_oss"] do + task "docker_oss" => ["prepare-oss", "generate_build_metadata", "archives_docker_oss"] do puts("[docker_oss] Building OSS docker image") build_docker('oss') end desc "Build UBI8 docker image" - task "docker_ubi8" => %w(prepare generate_build_metadata archives) do + task "docker_ubi8" => %w(prepare generate_build_metadata archives_docker) do puts("[docker_ubi8] Building UBI docker image") build_docker('ubi8') end desc "Build wolfi docker image" - task "docker_wolfi" => %w(prepare generate_build_metadata archives) do + task "docker_wolfi" => %w(prepare generate_build_metadata archives_docker) do puts("[docker_wolfi] Building Wolfi docker image") build_docker('wolfi') end From 0006937e46390fa17260e071cac29b326c4cc93b Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Thu, 31 Oct 2024 18:06:52 -0400 Subject: [PATCH 095/290] Doc: Reset breaking changes and release notes for 9.0 (#16603) --- docs/static/breaking-changes-70.asciidoc | 2 +- docs/static/breaking-changes-80.asciidoc | 16 +- docs/static/breaking-changes-90.asciidoc | 15 + docs/static/breaking-changes.asciidoc | 29 +- docs/static/redirects.asciidoc | 2 +- docs/static/releasenotes.asciidoc | 2518 +--------------------- 6 files changed, 46 insertions(+), 2536 deletions(-) create mode 100644 docs/static/breaking-changes-90.asciidoc diff --git a/docs/static/breaking-changes-70.asciidoc b/docs/static/breaking-changes-70.asciidoc index f4520137a..bc6dd6806 100644 --- a/docs/static/breaking-changes-70.asciidoc +++ b/docs/static/breaking-changes-70.asciidoc @@ -1,5 +1,5 @@ [[breaking-7.0]] -=== Breaking changes in 7.0 +=== Breaking changes in 7.0 series Here are the breaking changes for {ls} 7.0. diff --git a/docs/static/breaking-changes-80.asciidoc b/docs/static/breaking-changes-80.asciidoc index 444d29738..8beed0fbc 100644 --- a/docs/static/breaking-changes-80.asciidoc +++ b/docs/static/breaking-changes-80.asciidoc @@ -1,6 +1,20 @@ [[breaking-8.0]] +=== Breaking changes in 8.0 series + +[discrete] +[[breaking-8.15]] +=== Breaking changes in 8.15 + +*New {ls} SNMP integration plugin* + +Prior to 8.15.0, {ls} bundled stand-alone versions of the `input-snmp` and `input-snmptrap` plugins by default. +When you upgrade to 8.15.0, the stand-alone plugins are replaced by the 4.0.0+ version contained in the new SNMP integration plugin. + +IMPORTANT: Before you upgrade to {ls} 8.15.0, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between stand-alone plugins and the new versions included in the {logstash-ref}/plugins-integrations-snmp.html[SNMP integration plugin]. +If you need to maintain current mappings for the `input-snmptrap` plugin, you have some options to {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-input-snmptrap-compat[preserve existing behavior]. + +[discrete] === Breaking changes in 8.0 -Here are the breaking changes for 8.0. [discrete] [[security-on-8.0]] diff --git a/docs/static/breaking-changes-90.asciidoc b/docs/static/breaking-changes-90.asciidoc new file mode 100644 index 000000000..41e923ad2 --- /dev/null +++ b/docs/static/breaking-changes-90.asciidoc @@ -0,0 +1,15 @@ +[discrete] +[[breaking-9.0]] +=== Breaking changes in 9.0 +coming[9.0.0] + +[discrete] +[[sample-change-9.0]] +===== Breaking change number one (sample) + +Include: + +* change +* user impact/decription/value prop +* link to relevant docs for more information + diff --git a/docs/static/breaking-changes.asciidoc b/docs/static/breaking-changes.asciidoc index 683a76a67..0169a2bbb 100644 --- a/docs/static/breaking-changes.asciidoc +++ b/docs/static/breaking-changes.asciidoc @@ -1,30 +1,27 @@ [[breaking-changes]] == Breaking changes +coming[9.0.0] We strive to maintain backward compatibility between minor versions (8.x to 8.y, for example) so that you can upgrade without changing any configuration files. -Breaking changes are usually introduced only between major versions (such as 7.x -to 8.y). On occasion, we are forced to break compatibility within a given major release +On occasion, we are forced to break compatibility within a given major release to ensure correctness of operation. This section covers the changes that you need to be aware of when migrating to -Logstash 8.0.0 and later. +Logstash 9.0.0 and later. -NOTE: Migrating directly between non-consecutive major versions (6.x to -8.x) is not recommended. -We suggest that you upgrade to {prev-major-last} before you upgrade to 8.0. +NOTE: Migrating directly between non-consecutive major versions (7.x to +9.x) is not recommended. +We suggest that you upgrade to the last release in the 8.x series before you upgrade to 9.0. +// ToDo: Replace `last release in the 8.x series` in the previous statement with `{prev-major-last}`. +// Hardcoding it for now to avoid confusion. -[discrete] -[[breaking-8.15]] -=== 8.15 +Check out our <> for additional release information. -*New {ls} SNMP integration plugin* +// Include statement to pull in 9.0 breaking changes file +// Add content for 9.0 breaking changes to `breaking-changes-90.asciidoc`, not here. -Prior to 8.15.0, {ls} bundled stand-alone versions of the `input-snmp` and `input-snmptrap` plugins by default. -When you upgrade to 8.15.0, the stand-alone plugins are replaced by the 4.0.0+ version contained in the new SNMP integration plugin. - -IMPORTANT: Before you upgrade to {ls} 8.15.0, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between stand-alone plugins and the new versions included in the {logstash-ref}/plugins-integrations-snmp.html[SNMP integration plugin]. -If you need to maintain current mappings for the `input-snmptrap` plugin, you have some options to {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-input-snmptrap-compat[preserve existing behavior]. +include::breaking-changes-90.asciidoc[] [discrete] === Breaking changes in earlier releases @@ -41,4 +38,4 @@ include::breaking-changes-70.asciidoc[] include::breaking-changes-pre63.asciidoc[] include::breaking-changes-60.asciidoc[] -Check out our <> for additional release information. + diff --git a/docs/static/redirects.asciidoc b/docs/static/redirects.asciidoc index a3a86d898..7769102b4 100644 --- a/docs/static/redirects.asciidoc +++ b/docs/static/redirects.asciidoc @@ -1,7 +1,7 @@ ["appendix",role="exclude",id="redirects"] = Deleted pages -The following pages have moved or been deleted. +The pages in this section have been deleted or moved from another location. // MULTILINE FILTER diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc index 902fa4463..5c9732990 100644 --- a/docs/static/releasenotes.asciidoc +++ b/docs/static/releasenotes.asciidoc @@ -1,2520 +1,4 @@ [[releasenotes]] == Release Notes +coming[9.0.0] -This section summarizes the changes in the following releases: - -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> -* <> - - -[[logstash-8-15-2]] -=== Logstash 8.15.2 Release Notes - -[[notable-8.15.2]] -==== Notable issues fixed - -* Fixed a https://github.com/elastic/logstash/issues/16437[regression] from {ls} 8.15.1 in which {ls} removes all quotes from docker env variables, possibly causing {ls} not to start https://github.com/elastic/logstash/pull/16456[#16456] - -==== Plugins - -*Beats Input - 6.8.4* - -* Fix to populate the `@metadata` fields even if the source's metadata value is `nil` https://github.com/logstash-plugins/logstash-input-beats/pull/502[#502] - -*Dead_letter_queue Input - 2.0.1* - -* Fix NullPointerException when the plugin closes https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/53[#53] - -*Elastic_serverless_forwarder Input - 0.1.5* - -* [DOC] Fix attributes to accurately set and clear default codec values https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/8[#8] - -*Logstash Integration - 1.0.3* - -* [DOC] Fix attributes to accurately set and clear default codec values https://github.com/logstash-plugins/logstash-integration-logstash/pull/23[#23] - -*Elasticsearch Output - 11.22.9* - -* Vendor ECS template for Elasticsearch 9.x in built gem https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1188[#1188] -* Added ECS template for Elasticsearch 9.x https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1187[#1187] - - -[[logstash-8-15-1]] -=== Logstash 8.15.1 Release Notes - -[[known-issues-8-15-1]] -==== Known issues - -* **{ls} may fail to start under some circumstances.** Single and double quotes are stripped from a pipeline configuration if the configuration includes environment or keystore variable references. -If this situation occurs, {ls} may fail to start or some plugins may use a malformed configuration. -Check out issue https://github.com/elastic/logstash/issues/16437[#16437] for details. -+ -Workaround: Downgrade to {ls} 8.15.0, or temporarily avoid using environment and keystore variable references. - -[[notable-8.15.1]] -==== Performance improvements and notable issues fixed - -* Fixed issue where `${VAR}` incorrectly treated array as a string https://github.com/elastic/logstash/pull/16375[#16375] - -[[core-8.15.1]] -==== Other changes to Logstash core - -* Emit warning message for java version less than 17. Starting from Logstash 9.0, the minimum required version of Java will be Java 17 https://github.com/elastic/logstash/pull/16370[#16370] - -[[plugins-8.15.1]] -==== Plugin releases - -*Elasticsearch Input - 4.20.4* - -* Fixed issue where the `index` parameter was being ignored when using `response_type => aggregations` https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/209[#209] - -*Redis Input - 3.7.1* - -* [Doc] Added `threads` option https://github.com/logstash-plugins/logstash-input-redis/pull/95[#95] - -*Aws Integration - 7.1.8* - -* Added support to all storage classes for s3 output https://github.com/logstash-plugins/logstash-integration-aws/pull/49[#49] - -*Kafka Integration - 11.5.1* - -* [Doc] Added only headers with UTF-8 encoded values are supported in `decorate_events` https://github.com/logstash-plugins/logstash-integration-kafka/pull/174[#174] - - -[[logstash-8-15-0]] -=== Logstash 8.15.0 Release Notes - -[[snmp-ga-8.15.0]] -==== Announcing the new {ls} SNMP integration plugin - -The new `logstash-integration-snmp` plugin is available and bundled with {ls} 8.15.0 (and later) by default. -This plugin combines our classic `logstash-input-snmp` and `logstash-input-snmptrap` plugins into a single Ruby gem at v4.0.0 and later. - -The `logstash-integration-snmp` plugin combines the -`logstash-input-snmp` and `logstash-input-snmptrap` plugins into one integrated plugin that encompasses -the capabilities of both. -This integrated plugin package provides better alignment in snmp processing, better resource management, -easier package maintenance, and a smaller installation footprint. - -[[breaking-8.15.0]] -===== Breaking change with release of `logstash-integration-snmp` - -Prior to 8.15.0, {ls} bundled stand-alone versions of the `input-snmp` and `input-snmptrap` plugins by default. -When you upgrade to 8.15.0, the stand-alone plugins are replaced by the 4.0.0+ version contained in the new integration. - -IMPORTANT: Before you upgrade to {ls} 8.15.0, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between stand-alone plugins and the new versions included in `integration-snmp`. -If you need to maintain current mappings for the `input-snmptrap` plugin, you have options to {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-input-snmptrap-compat[preserve existing behavior]. - -[[featured-8.15.0]] -==== New features and enhancements - -[[wolfi-8.15.0]] -===== Wolfi-flavored Docker Image -Starting with 8.15.0, {ls} provides an extra Docker image flavor based on the Wolfi Linux distribution: https://github.com/wolfi-dev. (https://github.com/elastic/logstash/pull/16189[#16189]). -To use the image append "-wolfi" to the image name: - -``` -docker run docker.elastic.co/logstash/logstash-wolfi:8.15.0 -``` - -This new image flavor builds on top of a smaller and more secure base image, and is planned to become the default flavor in the next major version of {ls}. - -[[notable-8.15.0]] -==== Performance improvements and notable issues fixed -* Improved performance in pipeline-to-pipeline workloads by removing lock contention in event serialization https://github.com/elastic/logstash/pull/16194[#16194] -* Fixed pqcheck handling of paths with spaces on Windows https://github.com/elastic/logstash/pull/16205[#16205] - -[[core-8.15.0]] -==== Other changes to Logstash core - -* Changed rollover strategy in log4j2.properties to delete compressed files older than 7 days https://github.com/elastic/logstash/pull/16179[#16179] -* Fixed handling and reporting of compilation error when a pipeline didn't fit the JVM's ThreadStackSize https://github.com/elastic/logstash/pull/16336[#16336] -* Fixed missing deprecation logging in deprecated Logstash core settings https://github.com/elastic/logstash/pull/16348[#16348] -* Fixed innacurate accounting of `queue_size_in_bytes` metric when using `clean_consumed` option in dead_letter_queue input plugin https://github.com/elastic/logstash/pull/16195[#16195] - -[[dependencies-8.15.0]] -==== Updates to dependencies - -* Updated bundled JDK to 21 https://github.com/elastic/logstash/pull/16055[#16055] -* Updated JRuby to 9.4.8.0 https://github.com/elastic/logstash/pull/16278[#16278] - -[[docs-8.15.0]] -==== Documentation enhancements - -* Logstash {logstash-ref}/monitoring-with-ea.html[monitoring doc] improvements https://github.com/elastic/logstash/pull/16208[#16208] -* Add ecs and datastream requirement for {logstash-ref}/ea-integrations.html#es-tips[integration filter] https://github.com/elastic/logstash/pull/16268[#16268] -* Remove reference to puppet {ls} module https://github.com/elastic/logstash/pull/12356[#12356] -* Add section to describe intended usage of https://www.elastic.co/guide/en/logstash/8.15/jvm-settings.html#reducing-off-heap-usage[`pipeline.buffer.type`] https://github.com/elastic/logstash/pull/16083[#16083] -* Reposition {logstash-ref}/node-stats-api.html#pipeline-stats[`worker-utilization`] stat for better placement and flow https://github.com/elastic/logstash/pull/16337[#16337] -* Add {logstash-ref}/performance-troubleshooting.html[tuning guidance] based on Flow metrics https://github.com/elastic/logstash/pull/16289[#16289] - - -[[plugins-8.15.0]] -==== Plugin releases - -*De_dot Filter - 1.1.0* - -* Add support for recursively searching sub-fields with the new `recusive =>` config option https://github.com/logstash-plugins/logstash-filter-de_dot/pull/24[#24] - -*Elastic_integration Filter - 0.1.13* - -* Update default elasticsearch tree branch to 8.15 https://github.com/elastic/logstash-filter-elastic_integration/pull/156[#156] - -*Geoip Filter - 7.3.0* - -* Added support for MaxMind GeoIP2 Enterprise and Anonymous-IP databases https://github.com/logstash-plugins/logstash-filter-geoip/pull/223[#223] -* Updated MaxMind dependencies. - -*Http Filter - 1.6.0* - -* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-filter-http/pull/52[#52] - -*Http_poller Input - 5.6.0* - -* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-input-http_poller/pull/146[#146] - -*Aws Integration - 7.1.7* - -* Remove empty temporary dirs at plugin close https://github.com/logstash-plugins/logstash-integration-aws/pull/46[#46] - -*Kafka Integration - 11.5.0* - -* Add "auto_create_topics" option to allow disabling of topic auto creation https://github.com/logstash-plugins/logstash-integration-kafka/pull/172[#172] - -*Snmp Integration - 4.0.4* - -* Introduce Snmp Integration by default, replacing Snmp Input v1.3.3 and Snmptrap Input v3.1.0 https://github.com/logstash-plugins/logstash-integration-snmp/pull/67[#67] - -*Http Output - 5.7.0* - -* Added new `ssl_enabled` setting for enabling/disabling the SSL configurations https://github.com/logstash-plugins/logstash-output-http/pull/144[#144] - -*Redis Output - 5.2.0* - -* Added support to SSL/TLS configurations https://github.com/logstash-plugins/logstash-output-redis/pull/69[#69] - * `ssl_enabled` - * `ssl_certificate_authorities` - * `ssl_certificate` - * `ssl_key` - * `ssl_verification_mode` - * `ssl_supported_protocols` - * `ssl_cipher_suites` -* Added basic support for SSL https://github.com/logstash-plugins/logstash-output-redis/pull/59[#59] -* Fixed documentation of required settings https://github.com/logstash-plugins/logstash-output-redis/pull/61[#61] - - -[[logstash-8-14-3]] -=== Logstash 8.14.3 Release Notes - -[[notable-8.14.3]] -==== Enhancements and notable issues fixed - -* Ensure pipeline metrics are cleared on shutdown https://github.com/elastic/logstash/pull/16264[#16264] - -[[logstash-8-14-2]] -=== Logstash 8.14.2 Release Notes - -[[notable-8.14.2]] -==== Notable issues fixed - -* Fixes a regression from Logstash 8.7.0 that prevented pipelines from starting when they included plugins with unicode ids https://github.com/elastic/logstash/pull/15971[#15971] -* Fixes a regression from Logstash 8.12.0 that prevented pipelines from starting when they included a geoip filter that used the managed databases feature after the databases had been updated https://github.com/elastic/logstash/pull/16222[#16222] -* Fixes an issue with the dead-letter queue that could cause it to emit superfluous warning messages when age-based retention was enabled while determining whether a fully-consumed segment that had already been removed was also expired https://github.com/elastic/logstash/pull/16204[#16204] - -==== Plugins - -*Fluent Codec - 3.4.3* - -* Fix: reduce overhead of unpacking packforward-payloads by reusing a single instance https://github.com/logstash-plugins/logstash-codec-fluent/pull/32[#32] - -*Elastic_integration Filter - 0.1.10* - -* Fixes handling of array-type event fields by treating them as lists https://github.com/elastic/logstash-filter-elastic_integration/pull/146[#146] -* Syncs with Elasticsearch 8.14, including support for new user-provided GeoIP database types `ConnectionType`, `Domain` and `Isp` https://github.com/elastic/logstash-filter-elastic_integration/pull/147[#147] - -*Elasticsearch Input - 4.20.3* - -* [DOC] Update link to bypass redirect, resolving directly to correct content https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/206[#206] - -*Elasticsearch Output - 11.22.7* - -* [DOC] `ssl_key` requires PKCS#8 format https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1181[#1181] - - -[[logstash-8-14-1]] -=== Logstash 8.14.1 Release Notes - -* Fixes JSON serialization of payloads that are not UTF-8, eliminating an issue where the Elasticsearch Output could get stuck in a retry loop (#16072) https://github.com/elastic/logstash/pull/16168[#16168] -* Fixes Persistent Queue bug in which a PQ configured with `queue.max_bytes` equal to its `queue.page_capacity` could become permanently blocked when _precisely_ full https://github.com/elastic/logstash/pull/16178[#16178] -* Fixes a regression in multi-local pipeline loader that caused variable-references in a configured `pipelines.yml` to not be replaced by their values in the environment and/or keystore https://github.com/elastic/logstash/pull/16201[#16201] - - -==== Plugins - -*Elastic_integration Filter - 0.1.9* - - - [DOC] Removes Tech Preview label and adds link to extending integrations topic in LSR https://github.com/elastic/logstash-filter-elastic_integration/pull/142[#142] - - -*Azure_event_hubs Input - 1.4.7* - -* [DOCS] Clarify examples for single and multiple event hubs https://github.com/logstash-plugins/logstash-input-azure_event_hubs/pull/90[#90] - -* [DOCS] Add outbound port requirements for Event Hub https://github.com/logstash-plugins/logstash-input-azure_event_hubs/pull/88[#88] - -*Jdbc Integration - 5.4.11* - -* Fixes an issue in which any one instance of a JDBC input plugin using `jdbc_default_timezone` changes the behaviour of plugin instances that do _not_ use `jdbc_default_timezone`, ensuring that timezone offsets remain consistent for each instance of the plugin _as configured_ https://github.com/logstash-plugins/logstash-integration-jdbc/pull/151[#151] -* Fixes an exception that could occur while reloading `jdbc_static` databases when the underlying connection to the remote has been broken https://github.com/logstash-plugins/logstash-integration-jdbc/pull/165[#165] - -*Kafka Integration - 11.4.2* - -* Add default client_id of logstash to kafka output https://github.com/logstash-plugins/logstash-integration-kafka/pull/169[#169] - -*Http Output - 5.6.1* - -* Added body logging for non 2xx responses https://github.com/logstash-plugins/logstash-output-http/pull/142[#142] - -*Tcp Output - 6.2.1* - -* Document correct default plugin codec https://github.com/logstash-plugins/logstash-output-tcp/pull/54[#54] - - -[[logstash-8-14-0]] -=== Logstash 8.14.0 Release Notes - -[[known-issues-8-14-0]] -==== Known issues - -* Environment and Keystore variable references for pipeline settings are not replaced in pipelines loaded from `pipelines.yml`. This regression is fixed in <> - - -[[featured-8-14-0]] -==== Announcing the new SNMP integration plugin (Technical Preview) - -The new {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[`logstash-integration-snmp`] plugin is now available in _Technical Preview_, and can be installed on {ls} 8.13. - -experimental[] - -The `logstash-integration-snmp` plugin combines our -classic `logstash-input-snmp` and `logstash-input-snmptrap` plugins into a single Ruby gem at v4.0.0. -Current 1.x versions of the `input-snmp` plugin are bundled with {ls} by default, and will soon be replaced by the 4.0.0+ version contained in this new integration. - -If you want to try the new `integration-snmp` plugin while it is in Technical Preview, run `bin/logstash-plugin install logstash-integration-snmp`. - -IMPORTANT: Before you install the new integration, be aware of {logstash-ref}/plugins-integrations-snmp.html#plugins-integrations-snmp-migration[behavioral and mapping differences] between current stand-alone plugins and the new versions included in `integration-snmp`. - -[[notable-8.14.0]] -==== Enhancements and notable issues fixed - -* Fixed a bug that created duplicated `io.netty.allocator.maxOrder` system property when using environment variable `LS_JAVA_OPTS` in Docker https://github.com/elastic/logstash/pull/16079[#16079] - -==== Plugins - -*Jdbc Integration - 5.4.10* - -* [DOC] Added database-specific considerations https://github.com/logstash-plugins/logstash-integration-jdbc/pull/167[#167] - -*Kafka Integration - 11.4.1* - -* Added `message_headers` option to set headers of record for Kafka output https://github.com/logstash-plugins/logstash-integration-kafka/pull/162[#162] - -[[dependencies-8.14.0]] -==== Updates to dependencies - -* Update JRuby to 9.4.7.0 https://github.com/elastic/logstash/pull/16125[#16125] - - -[[logstash-8-13-4]] -=== Logstash 8.13.4 Release Notes - -No user-facing changes in Logstash core. - -==== Plugins - -*Elasticsearch Output - 11.22.6* - -* [DOC] Logstash output.elasticsearch index can be alias or datastream https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1179[#1179] - - -[[logstash-8-13-3]] -=== Logstash 8.13.3 Release Notes - -No user-facing changes in Logstash core. - -==== Plugins - -*Beats Input - 6.8.3* - -* Updated netty to 4.1.109 https://github.com/logstash-plugins/logstash-input-beats/pull/495[#495] - -*Http Input - 3.8.1* - -* Updated netty to 4.1.109 https://github.com/logstash-plugins/logstash-input-http/pull/173[#173] - -*Tcp Input - 6.4.2* - -* Updated netty to 4.1.109 https://github.com/logstash-plugins/logstash-input-tcp/pull/220[#220] - -*Multiline Codec - 3.1.2* - -* Fixed a race condition in periodic runner that blocks clean up process and pipeline shutdown https://github.com/logstash-plugins/logstash-codec-multiline/pull/72[#72] - - -[[logstash-8-13-2]] -=== Logstash 8.13.2 Release Notes - -* Update Dockerfile to fix publishing of docker images to Docker Hub registry https://github.com/elastic/logstash/pull/16059[#16059] - -==== Plugins - -*Elasticsearch Output - 11.22.5* - -* [DOC] Correctly document default data stream name (`logs-generic-default`) https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1140[#1140] -* [DOC] Add note that ecs-compatibility is required for data streams to work properly https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1174[#1174] - -[[logstash-8-13-1]] -=== Logstash 8.13.1 Release Notes - -* Inject variable reference instead of variable value in `logstash.yaml` to ensure keystore values take precedence over Environment Variables https://github.com/elastic/logstash/pull/16037[#16037] - -[[logstash-8-13-0]] -=== Logstash 8.13.0 Release Notes - -[[featured-8-13-0]] -==== New {ls} plugin: Elastic_integration filter - -With the {ls} Elastic_integration filter, you can take advantage of the features in {integrations-docs}[Elastic integrations] without missing out on the advanced processing capabilities offered by {ls}. -Together, Elastic integrations and {ls} can help you solve a wide range of use cases, including air gapped environments, data privacy processing, and multiple destinations. - -Your {ls} pipeline would include the elastic_agent input, the elastic_integration filter, and the elasticsearch output, in addition to any other plugins you want to use. - -Check out <> and the <> plugin docs for details. - -[[notable-8.13.0]] -==== Enhancements and notable issues fixed - -* Flow metrics added `worker_utilization` to pipeline-level https://github.com/elastic/logstash/pull/15912[#15912] -* Ensure that the order of JVM options from both files and environment variables is respected https://github.com/elastic/logstash/pull/15997[#15997] - -[[plugin-changes-8.13.0]] -==== Changes to bundled plugins - -* Packaged `filter-elastic_integration` as a bundled plugin in preparation for GA. https://github.com/elastic/logstash/pull/15769[#15769] -* Unbundled `logstash-input-imap` plugin https://github.com/elastic/logstash/pull/15985[#15985] - -==== Plugins - -*Elastic_integration Filter - 0.1.6* - -* The elastic_integration filter is generally available and bundled with Logstash 8.13.0. -Using this filter, {ls} can process data collected by {integrations-docs}[Elastic integrations]. -+ -When you configure the filter to point to an {es} cluster, it auto-detects the event’s data-stream to determine what integration processing (if any) should be executed for each event. -It performs that processing inside {ls} without transmitting the event to {es}. -Events that are successfully handled are tagged so that any downstream {es} output in the {ls} pipeline will not re-run the integration in {es}. - -* Fixes issue where configured `username`/`password` credentials was not sent to Elasticsearch instances that had anonymous access enabled https://github.com/elastic/logstash-filter-elastic_integration/pull/127[#127] - -*Beats Input - 6.8.0* - -* Added a new configuration option `event_loop_threads` to control the threads count of netty event loop https://github.com/logstash-plugins/logstash-input-beats/pull/490[#490] -** When multiple beats-input pipelines are defined in a single machine, sometimes the number of thread may lead to a resource problem. -** By default, netty event loop creates CPU * 2 thread count. This configuration intends to limit or increase the number of threads to be created for the event loop. - -*Elasticsearch Input - 4.20.1* - -* Added support to aggregations with a new configuration option `response_type` https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/202[#202] -** `hits`, the default, is to generate one event per returned document, which is the current behavior. -** `aggregations` is to allow processing result of aggregations. A single Logstash event will be generated with the contents of the aggregations object of the query's response. - -*Tcp Output - 6.2.0* - -* Deprecated SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-output-tcp/pull/53[#53] -** Deprecated `ssl_enable` in favor of `ssl_enabled` -** Deprecated `ssl_cert` in favor of `ssl_certificate` -** Deprecated `ssl_verify` in favor of `ssl_client_authentication` when mode is `server` -** Deprecated `ssl_verify` in favor of `ssl_verification_mode` when mode is `client` -** Added `ssl_cipher_suites` configuration -** Added SSL configuration validations - -*Elasticsearch Output - 11.22.3* - -* Fixes an issue where events containing non-unicode strings could fail to serialize correctly when compression is enabled https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1169[#1169] - -[[logstash-8-12-2]] -=== Logstash 8.12.2 Release Notes - -* Set Netty's maxOrder options to previous default value of 11 https://github.com/elastic/logstash/pull/15928[#15928] -* Add "openssl" to UBI docker images https://github.com/elastic/logstash/pull/15929[#15929] - -[[known-issues-8.12.2]] -==== Known issues - -* The order of JVM flags is broken, leading to the inability to customize certain JVM configurations with the environment variable `LS_JAVA_OPTS`. https://github.com/elastic/logstash/issues/15996[15996] -** A workaround is to specify JVM flags in the `config/jvm.options` file rather than relying on the `LS_JAVA_OPTS` environment variable. - -==== Plugins - -*Jdbc Integration - 5.4.8* - -* Update Derby to 10.15.2.1 (built from source) https://github.com/logstash-plugins/logstash-integration-jdbc/pull/155[#155] -* Update sequel version to >= 5.74.0, that allows the generic jdbc adapter to better handle disconnect errors https://github.com/logstash-plugins/logstash-integration-jdbc/pull/153[#153] - -*Kafka Integration - 11.3.4* - -* Fix "retries" and "value_serializer" error handling in output plugin https://github.com/logstash-plugins/logstash-integration-kafka/pull/160[#160] - -[[logstash-8-12-1]] -=== Logstash 8.12.1 Release Notes - -* Updates bundled JDK https://github.com/elastic/logstash/pull/15840[#15840] - -==== Plugins - -*Http Filter - 1.5.1* - -* Don't process response when the body is empty. https://github.com/logstash-plugins/logstash-filter-http/pull/50[#50] - -*Syslog_pri Filter - 3.2.1* - -* Remove spurious leftover text from "use_labels" docs https://github.com/logstash-plugins/logstash-filter-syslog_pri/pull/15[#15] - -*Logstash Integration - 1.0.2* - -* Fix: input plugin now correctly applies common event decorators `type`, `tags`, and `add_field` to events after receiving them https://github.com/logstash-plugins/logstash-integration-logstash/pull/21[#21] - - -[[logstash-8-12-0]] -=== Logstash 8.12.0 Release Notes - -[[features-8.12.0]] -==== New features and enhancements - -* Add support for adding and removing multiple keystore keys in a single operation https://github.com/elastic/logstash/pull/15739[#15739] -* Docker: Update Iron Bank base image to ubi9.2 https://github.com/elastic/logstash/pull/15490[#15490] -* Internal: extract GeoIP database manager to stand-alone feature https://github.com/elastic/logstash/pull/15348[#15348] - -[[notable-8.12.0]] -==== Notable issues fixed - -* Add missing method of logger wrapper for puma https://github.com/elastic/logstash/pull/15640[#15640] -* Fix logstash-keystore multiple keys operations with command flags https://github.com/elastic/logstash/pull/15737[#15737] -* Separate scheduling of segments flushes from time https://github.com/elastic/logstash/pull/15697[#15697] -* Add system properties to configure Jackson's stream read constraints https://github.com/elastic/logstash/pull/15763[#15763] -* Fix issue with Jackson 2.15: Can not write a field name, expecting a value https://github.com/elastic/logstash/pull/15564[#15564] - -[[dependencies-8.12.0]] -==== Updates to dependencies - -* Add bigdecimal > 3.1 dependency. https://github.com/elastic/logstash/pull/15384[#15384] -* Update Guava dependency to 32.1.2 https://github.com/elastic/logstash/pull/15394[#15394] -* Swap dataformat-yaml with snakeyaml https://github.com/elastic/logstash/pull/15606[#15606] -* Bump Puma to 6.4.2+ https://github.com/elastic/logstash/pull/15776[#15776] -* Update jackson to 2.15.3 https://github.com/elastic/logstash/pull/15477[#15477] - -[[docs-8.12.0]] -==== Documentation enhancements - -* Add https://www.elastic.co/guide/en/logstash/8.12/running-logstash-kubernetes.html[info and link] to {ls} running on a {k8s} cluster through -{eck} (ECK) https://github.com/elastic/logstash/pull/15565[#15565] -* Add info for sending https://www.elastic.co/guide/en/logstash/current/serverless-monitoring-with-elastic-agent.html[{ls} monitoring data to Elastic {serverless-short}] https://github.com/elastic/logstash/pull/15636[#15636] -* Add docs for https://www.elastic.co/guide/en/logstash/current/ea-integrations.html[extending integrations with filter-elastic_integration] https://github.com/elastic/logstash/pull/15674[#15674] -* Update https://www.elastic.co/guide/en/logstash/current/introduction.html[Logstash intro] and https://www.elastic.co/guide/en/logstash/current/ls-security.html#serverless[security overview] for {serverless-short} https://github.com/elastic/logstash/pull/15663[#15663] -* Update the https://www.elastic.co/guide/en/logstash/8.12/ls-to-ls-native.html#configure-upstream-logstash-output[{ls}-to-{ls} communication] docs to reflect the multiple hosts usage https://github.com/elastic/logstash/pull/15512[#15512] - -==== Plugins - -*Elasticsearch Input - 4.19.1* - -* Plugin version bump to pick up docs fix in https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/199[#199] required to clear build error in docgen. https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/200[#200] -* Add `search_api` option to support `search_after` and `scroll` https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/198[#198] -* The default value `auto` uses `search_after` for Elasticsearch >= 8, otherwise, fall back to `scroll` - -*Http Input - 3.8.0* - -* Fixed SSL Java KeyStore support https://github.com/logstash-plugins/logstash-input-http/pull/171[#171] -* Added `ssl_keystore_type` configuration -* Added SSL Java TrustStore configurations (`ssl_truststore_type`, `ssl_truststore_path` and `ssl_truststore_password`) - -*Elastic_enterprise_search Integration - 3.0.0* - -* [BREAKING] Swiftype endpoints are no longer supported for both plugins App Search and Workplace Search -* Bumped Enterprise Search clients to version `>= 7.16`, `< 9` https://github.com/logstash-plugins/logstash-integration-elastic_enterprise_search/pull/18[#18] -* Added support to SSL configurations (`ssl_certificate_authorities`, `ssl_truststore_path`, `ssl_truststore_password`, `ssl_truststore_type`, `ssl_verification_mode`, `ssl_supported_protocols` and `ssl_cipher_suites`) -* The App Search deprecated options `host` and `path` were removed - -*Kafka Integration - 11.3.3* - -* Fixed: "Can't modify frozen string" error when record value is `nil` (tombstones) https://github.com/logstash-plugins/logstash-integration-kafka/pull/155[#155] - -*Logstash Integration - 1.0.1* - -* Fixed: improves throughput by allowing pipeline workers to share a plugin instance _concurrently_ instead of _sequentially_ https://github.com/logstash-plugins/logstash-integration-logstash/pull/19[#19] -* Introduced load balancing mechanism to distribute the requests among the `hosts` https://github.com/logstash-plugins/logstash-integration-logstash/pull/16[#16] - -*Elasticsearch Output - 11.22.2* - -* Fixed: avoid to populate `version` and `version_type` attributes when processing integration metadata and datastream is enabled. https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1161[#1161] -* Added support for propagating event processing metadata when this output is downstream of an Elastic Integration Filter and configured _without_ explicit `version`, `version_type`, or `routing` directives https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1158[#1158] -* Added support for propagating event processing metadata when this output is downstream of an Elastic Integration Filter and configured _without_ explicit `index`, `document_id`, or `pipeline` directives https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1155[#1155] -* Changed the register to initiate pipeline shutdown upon bootstrap failure instead of simply logging the error https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1151[#1151] -* Doc: Replace `document_already_exist_exception` with `version_conflict_engine_exception` in the `silence_errors_in_log` setting example https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1159[#1159] -* Doc: Add content for sending data to Elasticsearch on serverless https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1164[#1164] - - -[[logstash-8-11-4]] -=== Logstash 8.11.4 Release Notes - -No user-facing changes in Logstash core. - -==== Plugins - -*Netflow Codec - 4.3.2* - -* Updates the milliseconds rounding for IPFIX start/end milliseconds fields. -* Fix the test to run on Logstash 8 with microseconds precision. https://github.com/logstash-plugins/logstash-codec-netflow/pull/206[#206] - -* Fixed unable to initialize the plugin with Logstash 8.10+ https://github.com/logstash-plugins/logstash-codec-netflow/pull/205[#205] - -*Json Filter - 3.2.1* - -* Fix tag on failure test https://github.com/logstash-plugins/logstash-filter-json/pull/52[#52] - -*File Input - 4.4.6* - -* Change read mode to immediately stop consuming buffered lines when shutdown is requested https://github.com/logstash-plugins/logstash-input-file/pull/322[#322] - -*Twitter Input - 4.1.1* - -* Bumped `public_suffix` gem version to `> 4` `< 6` https://github.com/logstash-plugins/logstash-input-twitter/pull/77[#77] - -*Csv Output - 3.0.10* - -* Extend `spreadsheet_safe` prefix guard to '-', '+', and '@' https://github.com/logstash-plugins/logstash-output-csv/pull/27[#27] - - -[[logstash-8-11-3]] -=== Logstash 8.11.3 Release Notes - -[[docs-8.11.3]] -==== Documentation enhancements - -* Document how to further transform events processed by the filter-elastic_integration plugin https://github.com/elastic/logstash/pull/15675[#15675] - -[[dependencies-8.11.3]] -==== Updates to dependencies - -* Update JRuby to 9.4.5.0 https://github.com/elastic/logstash/pull/15670[#15670] - -[[logstash-8-11-2]] -=== Logstash 8.11.2 Release Notes - -* Added missing method of logger wrapper for puma https://github.com/elastic/logstash/pull/15642[#15642] -* Prevent calling shutdown on the DLQ segments flusher if it hasn't been started yet https://github.com/elastic/logstash/pull/15656[#15656] -* Remove dependency on jackson-dataformat-yaml https://github.com/elastic/logstash/pull/15599[#15599] - -==== Plugins - -*Mutate Filter - 3.5.8* - -* Fix "Can't modify frozen string" error when converting boolean to `string` https://github.com/logstash-plugins/logstash-filter-mutate/pull/171[#171] - -*Beats Input - 6.7.2* - -* Restore Lumberjack event parsing source code https://github.com/logstash-plugins/logstash-input-beats/pull/486[#486] - -*Elastic_serverless_forwarder Input - 0.1.4* - -* [DOC] Adds tips for using the logstash-input-elastic_serverless_forwarder plugin with the Elasticsearch output plugin https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/7[#7] - -*Validator_support Mixin - 1.1.1* - -* Allow single-word host names such as "localhost". This addresses the inability to set "hosts" to "localhost" in the logstash-filter-elastic_integration plugin. https://github.com/logstash-plugins/logstash-mixin-validator_support/pull/7[#7] - - -[[logstash-8-11-1]] -=== Logstash 8.11.1 Release Notes - -* Downgrade jackson to avoid serialization issues when log.format is set to "json" https://github.com/elastic/logstash/pull/15549[#15549] - -[[logstash-8-11-0]] -=== Logstash 8.11.0 Release Notes - -[[known-issues-8.11.0]] -==== Known issues - -* Input imap plugin's behavior with Logstash 8.10+ versions, is broken after upgrading its `mail` dependency https://github.com/logstash-plugins/logstash-input-imap/issues/61[#61] - -[[notable-8.11.0]] -==== Notable issues fixed - -* Update callsite syntax for i18n.t method to avoid deprecated and prohibited format https://github.com/elastic/logstash/pull/15500[#15500] - -[[docs-8.11.0]] -==== Documentation enhancements - -* Add native Logstash to Logstash documentation https://github.com/elastic/logstash/pull/15346[#15346] -* Expand description of how to size the JVM memory https://github.com/elastic/logstash/pull/15210[#15210] - -[[dependencies-8.11.0]] -==== Updates to dependencies - -* Update Guava dependency to 32.1.2 https://github.com/elastic/logstash/pull/15394[#15394] -* Downgrade jruby, keep updated default-gem dependencies https://github.com/elastic/logstash/pull/15369[#15369] -* Pin psych 5.1.0 https://github.com/elastic/logstash/pull/15433[#15433] -* Update JDK to 17.0.9+9 and jackson to 2.15.3 https://github.com/elastic/logstash/pull/15510[#15510] - -==== Plugins - -*Elasticsearch Filter - 3.16.1* - -* Version bump to pick up doc fix in https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/172[#172] -* Add request header `Elastic-Api-Version` for serverless https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/174[#174] - -*Http Filter - 1.5.0* - -* Standardize SSL settings and deprecate their non-standard counterparts. Deprecated settings will continue to work, and will provide pipeline maintainers with guidance toward using their standardized counterparts https://github.com/logstash-plugins/logstash-filter-http/pull/49[#49] -** Introduce new `ssl_truststore_path`, `ssl_truststore_password`, and `ssl_truststore_type` settings for configuring SSL-trust using a PKCS-12 or JKS trust store, deprecate their `truststore`, `truststore_password`, and `truststore_type` counterparts. -** Introduce new `ssl_certificate_authorities` setting for configuring SSL-trust using a PEM-formatted list certificate authorities, deprecate its `cacert` counterpart. -** Introduce new `ssl_keystore_path`, `ssl_keystore_password`, and `ssl_keystore_type` settings for configuring SSL-identity using a PKCS-12 or JKS key store, deprecate their `keystore`, `keystore_password`, and `keystore_type` counterparts. -** Introduce new `ssl_certificate` and `ssl_key` settings for configuring SSL-identity using a PEM-formatted certificate/key pair, deprecate their `client_cert` and `client_key` counterparts. -** Introduce the `ssl_cipher_suites` option. - -*Beats Input - 6.7.0* - -* Add explicit support for receiving a 0-length window to encapsulate an empty batch. Empty batches are acknowledged with the same 0-sequence ACK's that are used as keep-alives during processing https://github.com/logstash-plugins/logstash-input-beats/pull/479[#479] - -*Elasticsearch Input - 4.18.0* - -* Add request header `Elastic-Api-Version` for serverless https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/195[#195] - -*Http_poller Input - 5.5.0* - -* Standardize SSL settings and deprecate their non-standard counterparts. Deprecated settings will continue to work, and will provide pipeline maintainers with guidance toward using their standardized counterparts https://github.com/logstash-plugins/logstash-input-http_poller/pull/141[#141] -** Introduce new `ssl_truststore_path`, `ssl_truststore_password`, and `ssl_truststore_type` settings for configuring SSL-trust using a PKCS-12 or JKS trust store, deprecate their `truststore`, `truststore_password`, and `truststore_type` counterparts. -** Introduce new `ssl_certificate_authorities` setting for configuring SSL-trust using a PEM-formatted list certificate authorities, deprecate its `cacert` counterpart. -** Introduce new `ssl_keystore_path`, `ssl_keystore_password`, and `ssl_keystore_type` settings for configuring SSL-identity using a PKCS-12 or JKS key store, deprecate their `keystore`, `keystore_password`, and `keystore_type` counterparts. -** Introduce new `ssl_certificate` and `ssl_key` settings for configuring SSL-identity using a PEM-formatted certificate/key pair, deprecate their `client_cert` and `client_key` counterparts. -** Introduce the `ssl_cipher_suites` option. - -*Imap Input - 3.2.1* - -* Upgrade `email` dependency so that supports Ruby 3.1. This also fixes the `net-smtp` load regression https://github.com/logstash-plugins/logstash-input-imap/pull/60[#60] - -*Jdbc Integration - 5.4.6* - -* Update sequel version to >= 5.73.0. The ibmdb and jdbc/db2 adapters were fixed to properly handle disconnect errors, removing the related connection from the pool https://github.com/logstash-plugins/logstash-integration-jdbc/pull/144[#144] - -*Logstash Integration - 0.0.5* - -* Logstash 8.11 version embeds the `logstash-integration-logstash` plugin. - -*Http_client Mixin - 7.3.0* - -* Standardize SSL settings and deprecate their non-standard counterparts. Deprecated settings will continue to work, and will provide pipeline maintainers with guidance toward using their standardized counterparts https://github.com/logstash-plugins/logstash-mixin-http_client/pull/42[#42] -** Introduce new `ssl_truststore_path`, `ssl_truststore_password`, and `ssl_truststore_type` settings for configuring SSL-trust using a PKCS-12 or JKS trust store, deprecate their `truststore`, `truststore_password`, and `truststore_type` counterparts. -** Introduce new `ssl_certificate_authorities` setting for configuring SSL-trust using a PEM-formated list certificate authorities, deprecate its `cacert` counterpart. -** Introduce new `ssl_keystore_path`, `ssl_keystore_password`, and `ssl_keystore_type` settings for configuring SSL-identity using a PKCS-12 or JKS key store, deprecate their `keystore`, `keystore_password`, and `keystore_type` counterparts. -** Introduce new `ssl_certificate` and `ssl_key` settings for configuring SSL-identity using a PEM-formatted certificate/key pair, deprecate their `client_cert` and `client_key` counterparts. -** Introduce a way for plugin maintainers to include this mixin _without_ supporting the now-deprecated SSL options. -** Introduce the `ssl_cipher_suites` option. - -*Validator_support Mixin - 1.1.0* - -* Introduce `:required_host_optional_port` validator https://github.com/logstash-plugins/logstash-mixin-validator_support/pull/4[#4] - -*Elasticsearch Output - 11.18.0* - -* Add request header `Elastic-Api-Version` for serverless https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1147[#1147] -* Add support to http compression level. Deprecate `http_compression` in favour of `compression_level` and enable compression level 1 by default https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1148[#1148] - -*Email Output - 4.1.3* - -* Upgrade `email` dependency so that supports Ruby 3.1. This also fixes the `net-smtp` load regression https://github.com/logstash-plugins/logstash-output-email/pull/69[#69] - -*Http Output - 5.6.0* - -* Standardize SSL settings and deprecate their non-standard counterparts. Deprecated settings will continue to work, and will provide pipeline maintainers with guidance toward using their standardized counterparts https://github.com/logstash-plugins/logstash-output-http/pull/140[#140] -** Introduce new `ssl_truststore_path`, `ssl_truststore_password`, and `ssl_truststore_type` settings for configuring SSL-trust using a PKCS-12 or JKS trust store, deprecate their `truststore`, `truststore_password`, and `truststore_type` counterparts. -** Introduce new `ssl_certificate_authorities` setting for configuring SSL-trust using a PEM-formatted list certificate authorities, deprecate its `cacert` counterpart. -** Introduce new `ssl_keystore_path`, `ssl_keystore_password`, and `ssl_keystore_type` settings for configuring SSL-identity using a PKCS-12 or JKS key store, deprecate their `keystore`, `keystore_password`, and `keystore_type` counterparts. -** Introduce new `ssl_certificate` and `ssl_key` settings for configuring SSL-identity using a PEM-formatted certificate/key pair, deprecate their `client_cert` and `client_key` counterparts. -** Introduce the `ssl_cipher_suites` option. - -*Webhdfs Output - 3.1.0* - -* Fix: remove snappy gem as a dependency in favor of directly vendoring the snappy jar. https://github.com/logstash-plugins/logstash-output-webhdfs/pull/46[#46] - - -[[logstash-8-10-4]] -=== Logstash 8.10.4 Release Notes - -[[known-issues-8.10.4]] -==== Known issues - -These plugins may fail in Logstash 8.10.4: - -* *Avro codec plugin.* -The avro codec plugin may fail with an `(Errno::ENOENT) No such file or directory` error https://github.com/logstash-plugins/logstash-codec-avro/issues/42[#42]. -This issue has been resolved in plugin v3.4.1 https://github.com/logstash-plugins/logstash-codec-avro/pull/43[#43]. - -* *Imap input plugin.* -Due to JRuby upgrade, the plugin is broken and will be unbundled. Details and updates are available in https://github.com/logstash-plugins/logstash-input-imap/issues/61[GitHub issue #61]. - -* *Email output plugin.* -Plugin raises `LoadError: no such file to load -- net/smtp` runtime error. See the issue details and work around in https://github.com/logstash-plugins/logstash-output-email/issues/68[GitHub issue #68]. - -[[dependencies-8.10.4]] -==== Updates to dependencies - -* Update Guava dependency to 32.1.2 https://github.com/elastic/logstash/pull/15419[#15419] - - -[[logstash-8-10-3]] -=== Logstash 8.10.3 Release Notes - -[[known-issues-8.10.3]] -==== Known issues - -These plugins may fail in Logstash 8.10.3: - -* *Avro codec plugin.* -The avro codec plugin may fail with an `(Errno::ENOENT) No such file or directory` error https://github.com/logstash-plugins/logstash-codec-avro/issues/42[#42]. -This issue has been resolved in plugin v3.4.1 https://github.com/logstash-plugins/logstash-codec-avro/pull/43[#43]. - -* *Imap input plugin.* -Due to JRuby upgrade, the plugin is broken and will be unbundled. Details and updates are available in https://github.com/logstash-plugins/logstash-input-imap/issues/61[GitHub issue #61]. - -* *Email output plugin.* -Plugin raises `LoadError: no such file to load -- net/smtp` runtime error. See the issue details and work around in https://github.com/logstash-plugins/logstash-output-email/issues/68[GitHub issue #68]. - -==== Plugins - -*Elasticsearch Filter - 3.15.3* - -* Fixes a memory leak that occurs when a pipeline containing this filter terminates, which could become significant if the pipeline is cycled repeatedly https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/173[#173] - -*Useragent Filter - 3.3.5* - -* Upgrade `snakeyaml` dependency https://github.com/logstash-plugins/logstash-filter-useragent/pull/89[#89] - -*Beats Input - 6.6.4* - -* [DOC] Fix misleading `enrich/source_data` input beats documentation about the Logstash host. https://github.com/logstash-plugins/logstash-input-beats/pull/478[#478] - -*Elastic_serverless_forwarder Input - 0.1.3* - -* Deprecates the `ssl` option in favor of `ssl_enabled` https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/6[#6] -* Bumps `logstash-input-http` gem version to `>= 3.7.2` (SSL-normalized) - -*Aws Integration - 7.1.6* - -* Clean up plugin created temporary dirs at startup https://github.com/logstash-plugins/logstash-integration-aws/pull/39[#39] - -*Jdbc Integration - 5.4.5* - -* Pin sequel to < 5.72.0 due to ruby/bigdecimal#169 https://github.com/logstash-plugins/logstash-integration-jdbc/pull/141[#141] - -*Kafka Integration - 11.3.1* - -* Fix: update snappy dependency https://github.com/logstash-plugins/logstash-integration-kafka/pull/148[#148] - - -[[logstash-8-10-2]] -=== Logstash 8.10.2 Release Notes - -[[known-issues-8.10.2]] -==== Known issues - -These plugins may fail in Logstash 8.10.2: - -* *Avro codec plugin.* -The avro codec plugin may fail with an `(Errno::ENOENT) No such file or directory` error https://github.com/logstash-plugins/logstash-codec-avro/issues/42[#42]. -This issue has been resolved in plugin v3.4.1 https://github.com/logstash-plugins/logstash-codec-avro/pull/43[#43]. - -* *Imap input plugin.* -Due to JRuby upgrade, the plugin is broken and will be unbundled. Details and updates are available in https://github.com/logstash-plugins/logstash-input-imap/issues/61[GitHub issue #61]. - -* *Email output plugin.* -Plugin raises `LoadError: no such file to load -- net/smtp` runtime error. See the issue details and work around in https://github.com/logstash-plugins/logstash-output-email/issues/68[GitHub issue #68]. - -[[logstash-8-10-1]] -=== Logstash 8.10.1 Release Notes - -[[known-issues-8.10.1]] -==== Known issues - -These plugins may fail in Logstash 8.10.1: - -* *Avro codec plugin.* -The avro codec plugin may fail with an `(Errno::ENOENT) No such file or directory` error https://github.com/logstash-plugins/logstash-codec-avro/issues/42[#42]. -This issue has been resolved in plugin v3.4.1 https://github.com/logstash-plugins/logstash-codec-avro/pull/43[#43]. - -* *Imap input plugin.* -Due to JRuby upgrade, the plugin is broken and will be unbundled. Details and updates are available in https://github.com/logstash-plugins/logstash-input-imap/issues/61[GitHub issue #61]. - -* *Email output plugin.* -Plugin raises `LoadError: no such file to load -- net/smtp` runtime error. See the issue details and work around in https://github.com/logstash-plugins/logstash-output-email/issues/68[GitHub issue #68]. - -[[logstash-8-10-0]] -=== Logstash 8.10.0 Release Notes - -[[known-issues-8.10.0]] -==== Known issues - -These plugins may fail in Logstash 8.10.0: - -* *Avro codec plugin.* -The avro codec plugin may fail with an `(Errno::ENOENT) No such file or directory` error https://github.com/logstash-plugins/logstash-codec-avro/issues/42[#42]. -This issue has been resolved in plugin v3.4.1 https://github.com/logstash-plugins/logstash-codec-avro/pull/43[#43]. - -* *Imap input plugin.* -Due to JRuby upgrade, the plugin is broken and will be unbundled. Details and updates are available in https://github.com/logstash-plugins/logstash-input-imap/issues/61[GitHub issue #61]. - -* *Email output plugin.* -Plugin raises `LoadError: no such file to load -- net/smtp` runtime error. See the issue details and work around in https://github.com/logstash-plugins/logstash-output-email/issues/68[GitHub issue #68]. - -[[notable-8.10.0]] -==== Notable issues fixed - -* Fixed issues in Dead Letter Queue (DLQ): -** `java.nio.file.NoSuchFileException` when finalizing the segment https://github.com/elastic/logstash/pull/15233[#15233] -** DLQ file using wrong sort order https://github.com/elastic/logstash/pull/15246[#15246] - -[[dependencies-8.10.0]] -==== Updates to dependencies - -* Updated JRuby to 9.4.2.0 https://github.com/elastic/logstash/pull/15283[#15283] -* Removed custom bundler and used JRuby bundled bundler https://github.com/elastic/logstash/pull/15066[#15066] - -==== Plugins - -*Elasticsearch Output - 11.16.0* - -* Added support to Serverless Elasticsearch https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1145[#114] - -*Elastic_serverless_forwarder input 0.1.2* - -* Introduces a dedicated input plugin for receiving events from Elastic Serverless Forwarder. This plugin is in late Technical Preview, which means that as we iterate toward a stable API both configuration options and implementation details may change in subsequent releases without the usual deprecation warnings. If you use this plugin, please keep your eye on the relevant changelogs when upgrading. https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/4[#4] - -*Kafka Integration - 11.3.0* - -* Changed Kafka client to 3.4.1 https://github.com/logstash-plugins/logstash-integration-kafka/pull/145[#145] - -*Tcp Input - 6.3.5* - -* Standardized SSL settings https://github.com/logstash-plugins/logstash-input-tcp/pull/213[#213] -** deprecated `ssl_enable` in favor of `ssl_enabled` -** deprecated `ssl_cert` in favor of `ssl_certificate` -** deprecated `ssl_verify` in favor of `ssl_client_authentication` when mode is `server` -** deprecated `ssl_verify` in favor of `ssl_verification_mode` when mode is `client` - -[[logstash-8-9-2]] -=== Logstash 8.9.2 Release Notes - -No user-facing changes in Logstash core and plugins. - -[[logstash-8-9-1]] -=== Logstash 8.9.1 Release Notes - -[[notable-8.9.1]] -==== Notable issues fixed - -* Fix pipeline to pipeline communication when upstream pipeline is terminated and events is written to a closed queue in downstream. https://github.com/elastic/logstash/pull/15173[#15173] -* Fix DLQ unable to finalize segment error https://github.com/elastic/logstash/pull/15241[#15241] - -[[dependencies-8.9.1]] -==== Updates to dependencies - -* Update JDK to 17.0.8+7 https://github.com/elastic/logstash/pull/15237[#15237] - -==== Plugins - -*Elasticsearch Filter - 3.15.2* - -* Added checking to ensure either `query` or `query_template` is non empty https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/171[#171] - -*Snmp Input - 1.3.3* - -* Silence warnings when loading dictionary MIB files https://github.com/logstash-plugins/logstash-input-snmp/pull/118[#118] - -*Aws Integration - 7.1.5* - -* Fix external documentation links https://github.com/logstash-plugins/logstash-integration-aws/pull/35[#35] - - -[[logstash-8-9-0]] -=== Logstash 8.9.0 Release Notes - -[[notable-8.9.0]] -==== Notable issues fixed - -* Fixed an https://github.com/elastic/logstash/issues/15130[issue] where installs and updates of certain {ls} plugins could fail when located behind a proxy https://github.com/elastic/logstash/pull/15131[#15131]. -This issue surfaced after `logstash-filter-translate` was updated to require that the `jar-dependencies` gem be used to retrieve artifacts from maven when the plugin was installed. -This requirement could prevent the plugin update when a proxy was in use. -* Improved logging when {ls} is stalled on shutdown https://github.com/elastic/logstash/pull/15056[#15056]. -We now provide additional information about the main thread if it is causing the shutdown to stall. -* Improved SSL settings for connection to {es} for central management and monitoring https://github.com/elastic/logstash/pull/15045[#15045]. -This commit adds settings support for file-based certificates and cipher suites for management and monitoring settings, and removes the deprecation warnings from the logs that have been in since SSL configuration settings were revamped in the {es} output. - - -[[dependencies-8.9.0]] -==== Updates to dependencies - -* Update Bundler to version 2.4 https://github.com/elastic/logstash/pull/14995[#14995] - -==== Plugins - -*Azure_event_hubs Input - 1.4.5* - -* Update multiple dependencies such as `gson`, `log4j2`, `jackson` https://github.com/logstash-plugins/logstash-input-azure_event_hubs/pull/83[#83] - -*Beats Input - 6.6.3* - -* [DOC] Updated the `ssl_client_authentication` and `ssl_verify_mode` documentation explaining that CN and SAN are not validated. https://github.com/logstash-plugins/logstash-input-beats/pull/473[#473] - -* Update netty to 4.1.94 and jackson to 2.15.2 https://github.com/logstash-plugins/logstash-input-beats/pull/474[#474] - -*Http Input - 3.7.2* - -* Update netty to 4.1.94 https://github.com/logstash-plugins/logstash-input-http/pull/167[#167] - -*Snmp Input - 1.3.2* - -* [DOC] Add troubleshooting help for "failed to locate MIB module" error when using smidump to convert MIBs https://github.com/logstash-plugins/logstash-input-snmp/pull/112[#112] - -*Tcp Input - 6.3.5* - -* Update netty to 4.1.94 and other dependencies https://github.com/logstash-plugins/logstash-input-tcp/pull/216[#216] - -* Fix: reduce error logging (to info level) on connection resets https://github.com/logstash-plugins/logstash-input-tcp/pull/214[#214] - -*Tcp Output - 6.1.2* - -* Changed the client mode to write using the non-blocking method. https://github.com/logstash-plugins/logstash-output-tcp/pull/52[#52] - - -[[logstash-8-8-2]] -=== Logstash 8.8.2 Release Notes - -No user-facing changes in Logstash core. - -==== Plugins - - -*Translate Filter - 3.4.2* - -* Fix JRuby 9.4 compatibility issue https://github.com/logstash-plugins/logstash-filter-translate/pull/98[#98] - -*Aws Integration - 7.1.4* - -* Fix `use_aws_bundled_ca` to use bundled ca certs per plugin level instead of global https://github.com/logstash-plugins/logstash-integration-aws/pull/33[#33] - -* Add an option `use_aws_bundled_ca` to use bundled ca certs that ships with AWS SDK to verify SSL peer certificates https://github.com/logstash-plugins/logstash-integration-aws/pull/32[#32] - -* Fix JRuby 9.4 compatibility issue https://github.com/logstash-plugins/logstash-integration-aws/pull/29[#29] - -*Jdbc Integration - 5.4.4* - -* Fix: adaptations for JRuby 9.4 https://github.com/logstash-plugins/logstash-integration-jdbc/pull/125[#125] - -*Rabbitmq Integration - 7.3.3* - -* Fix the cancellation flow to avoid multiple invocations of basic.cancel https://github.com/logstash-plugins/logstash-integration-rabbitmq/pull/55[#55] - -*Csv Output - 3.0.9* - -* Fix JRuby 9.4 compatibility issue https://github.com/logstash-plugins/logstash-output-csv/pull/25[#25] - -*Elasticsearch Output - 11.15.8* - -* Fix a regression introduced in 11.14.0 which could prevent Logstash 8.8 from establishing a connection to Elasticsearch for Central Management and Monitoring core features https://github.com/logstash-plugins/logstash-output-elasticsearch/issues/1141[#1141] - - -[[logstash-8-8-1]] -=== Logstash 8.8.1 Release Notes - -* Remove obsolete notice when using plugins with version < 1.0.0 https://github.com/elastic/logstash/pull/15077[#15077] -* Docs: Add instructions to verify Docker install images https://github.com/elastic/logstash/pull/15064[#15064] -* Fixes a regression introduced in 8.8.0 which could prevent Monitoring or Central Management from establishing a connection to Elasticsearch in some SSL configurations https://github.com/elastic/logstash/issues/15068[#15068] - -==== Plugins - -*Cef Codec - 6.2.7* - -* Fix: when decoding in an ecs_compatibility mode, timestamp-normalized fields now handle provided-but-empty values https://github.com/logstash-plugins/logstash-codec-cef/issues/102[#102] - -*Anonymize Filter - 3.0.7* - -* Pin murmurhash3 to 0.1.6 https://github.com/logstash-plugins/logstash-filter-anonymize/pull/16[#16] - -*Elasticsearch Filter - 3.15.1* - -* Fixes a regression introduced in 3.15.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/169[#169] - -*Fingerprint Filter - 3.4.3* - -* Pin murmurhash3 to 0.1.6 https://github.com/logstash-plugins/logstash-filter-fingerprint/pull/74[#74] - -*Mutate Filter - 3.5.7* - -* Docs: Clarify that `split` and `join` also support strings https://github.com/logstash-plugins/logstash-filter-mutate/pull/164[#164] - -*Translate Filter - 3.4.1* - -* Fix the limitation of the size of yaml file that exceeds 3MB https://github.com/logstash-plugins/logstash-filter-translate/pull/97[#97] - -*Truncate Filter - 1.0.6* - -* Make 0.0.8 the lower bound for flores dependency https://github.com/logstash-plugins/logstash-filter-truncate/pull/9[#9] - -*Beats Input - 6.6.1* - -* Update netty to 4.1.93 and jackson to 2.13.5 https://github.com/logstash-plugins/logstash-input-beats/pull/472[#472] - -*Elasticsearch Input - 4.17.2* - -* Fixes a regression introduced in 4.17.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/193[#193] -* Fixes scroll slice high memory consumption https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/189[#189] - -*Http Input - 3.7.1* - -* Update netty to 4.1.93 https://github.com/logstash-plugins/logstash-input-http/pull/166[#166] - -*Tcp Input - 6.3.3* - -* Update netty to 4.1.93 https://github.com/logstash-plugins/logstash-input-tcp/pull/212[#212] - -*Jdbc Integration - 5.4.3* - -* Fix: crash when metadata file can't be deleted after moving under path.data https://github.com/logstash-plugins/logstash-integration-jdbc/pull/136[#136] -* Add new settings `statement_retry_attempts` and `statement_retry_attempts_wait_time` for retry of failed sql statement execution https://github.com/logstash-plugins/logstash-integration-jdbc/pull/123[#123] -* Doc: described default_hash and tag_on_default_use interaction filter plugin https://github.com/logstash-plugins/logstash-integration-jdbc/pull/122[#122] - -*Rabbitmq Integration - 7.3.2* - -* Change `tls_certificate_password` type to `password` to protect from leaks in the logs https://github.com/logstash-plugins/logstash-integration-rabbitmq/pull/54[#54] - -*Elasticsearch Output - 11.15.7* - -* Fixes a regression introduced in 11.14.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations https://github.com/logstash-plugins/logstash-output-elasticsearch/issues/1138[#1138] -* Fixes possiblity of data loss when pipeline terminates very quickly after startup https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1132[#1132]. -* Fixes `undefined 'shutdown_requested' method` error when plugin checks if shutdown request is received https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1134[#1134] -* Improves connection handling under several partial-failure scenarios https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1130[#1130] -** Ensures an HTTP connection can be established before adding the connection to the pool -** Ensures that the version of the connected Elasticsearch is retrieved _successfully_ before the connection is added to the pool. -** Fixes a crash that could occur when the plugin is configured to connect to a live HTTP resource that is _not_ Elasticsearch -* Removes the ECS v8 unreleased preview warning https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1131[#1131] -* Restores DLQ logging behavior from 11.8.x to include the action-tuple as structured https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1105[#1105] - -*Email Output - 4.1.2* - -* Change `password` config type to `Password` to prevent leaks in debug logs https://github.com/logstash-plugins/logstash-output-email/pull/65[#65] - - -[[logstash-8-8-0]] -=== Logstash 8.8.0 Release Notes - -[[known-issues-8.8.0]] -==== Known issues - -Logstash 8.8.0 may fail to start when SSL/TLS is enabled -in monitoring and/or central management, due to a change introduced in version 11.14.0 of the https://github.com/logstash-plugins/logstash-output-elasticsearch[logstash-output-elasticsearch] plugin. -When impacted by this issue, Logstash fails to start and logs an error similar to the following: - -``` -[logstash.licensechecker.licensereader] Failed to perform request {:message=>"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target", :exception=>Manticore::ClientProtocolException, :cause=>#} -``` - -**Resolution** - -A successful Elasticsearch output plugin update to version `11.15.8` or higher will -resolve this issue: - -``` -bin/logstash-plugin update logstash-output-elasticsearch -``` - -OR - -Specify the `ca_trusted_fingerprint` setting in the `logstash.yml`. -The certificate fingerprint can be extract with: - -``` -cat your_ca.cert | openssl x509 -outform der | sha256sum | awk '{print $1}' -``` - -Then set the following on `logstash.yml` using the output from the previous command: - -``` -xpack.monitoring.elasticsearch.ssl.ca_trusted_fingerprint: "" -xpack.management.elasticsearch.ssl.ca_trusted_fingerprint: "" -``` - -[[notable-8.8.0]] -==== Notable issues fixed - -* Fix a race condition that prevents Logstash from updating a pipeline's configuration with in-flight events - experiencing connection errors. https://github.com/elastic/logstash/issues/14739[#14739] - This issue primarily manifests following the update of Elasticsearch credentials through Central Management, - after credentials expired while events were in-flight. It causes the Elasticsearch Output to get stuck attempting - to send events with the expired credentials instead of using the updated ones. - To address this problem, Logstash has improved the pipeline shutdown phase functionality to allow an output plugin - to request the termination of the in-flight batch of events; hence preventing the need for administrators - to manually restart Logstash. Furthermore, when used in combination with a persistent queue to prevent data loss, - the batch is eligible for reprocessing on pipeline restart. - Plugin developers can now decide whether to make use of such functionality on output plugins. https://github.com/elastic/logstash/pull/14940[#14940] - -[[dependencies-8.8.0]] -==== Updates to dependencies - -* Updates Bundler to version 2.4 https://github.com/elastic/logstash/pull/14995[#14995] - -==== Plugins - -*Elasticsearch Filter - 3.15.0* - -* Standardize SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/168[#168] - -* Added support for configurable retries with new `retry_on_failure` and `retry_on_status` options https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/160[#160] - -*Memcached Filter - 1.2.0* - -* Upgrade Dalli to 3.x https://github.com/logstash-plugins/logstash-filter-memcached/pull/33[#33] - -*Beats Input - 6.6.0* - -* Standardize SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-input-beats/pull/470[#470] - -*Elasticsearch Input - 4.17.0* - -* Standardize SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/185[#185] - -*Http Input - 3.7.0* - -* Standardize SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-input-http/pull/165[#165] - -*Kafka Integration - 11.2.1* - -* Fix nil exception to empty headers of record during event metadata assignment https://github.com/logstash-plugins/logstash-integration-kafka/pull/140[#140] -* Added TLS truststore and keystore settings specifically to access the schema registry https://github.com/logstash-plugins/logstash-integration-kafka/pull/137[#137] -* Added config `group_instance_id` to use the Kafka's consumer static membership feature https://github.com/logstash-plugins/logstash-integration-kafka/pull/135[#135] -* Changed Kafka client to 3.3.1, requires Logstash >= 8.3.0. -* Deprecated `default` value for setting `client_dns_lookup` forcing to `use_all_dns_ips` when explicitly used https://github.com/logstash-plugins/logstash-integration-kafka/pull/130[#130] -* Changed the consumer's poll from using the one that blocks on metadata retrieval to the one that doesn't https://github.com/logstash-plugins/logstash-integration-kafka/pull/133[#136] - -*Normalize_config_support Mixin - 1.0.0* - -*Elasticsearch Output - 11.15.1* - -* Fixed race condition during plugin registration phase https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1125[#1125] -* Added the ability to negatively acknowledge the batch under processing if the plugin is blocked in a retry-error-loop and a shutdown is requested. https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1119[#1119] -* Standardize SSL settings to comply with Logstash's naming convention https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1118[#1118] - -[[logstash-8-7-1]] -=== Logstash 8.7.1 Release Notes - -[[notable-8.7.1]] -==== Performance improvements and notable issues fixed - -* Fix inversion of pluginId and pluginType parameteres in DLQ entry creation https://github.com/elastic/logstash/pull/14906[#14906] -* Fix pipeline crash when reopening empty DLQ for writing https://github.com/elastic/logstash/pull/14981[#14981] -* Fix value of TimeoutStopSec on older systemd versions https://github.com/elastic/logstash/pull/14984[#14984] - -[[docs-8.7.1]] -==== Documentation enhancements - -* Document meaning of infinite flow metric rates https://github.com/elastic/logstash/pull/14999[#14999] - -[[dependencies-8.7.1]] -==== Updates to dependencies - -* Update JDK to 17.0.7+7 https://github.com/elastic/logstash/pull/15015[#15015] - -==== Plugins - -*Fluent Codec - 3.4.2* - -* Fix: Convert LogStash::Timestamp values to iso-8601 to resolve crash issue with `msgpack` serialization https://github.com/logstash-plugins/logstash-codec-fluent/pull/30[#30] - -*Http Filter - 1.4.3* - -* DOC: add clarification on sending data as json https://github.com/logstash-plugins/logstash-filter-http/pull/48[#48] -* Fix: resolve content type when a content-type header contains an array https://github.com/logstash-plugins/logstash-filter-http/pull/46[#46] - -*Useragent Filter - 3.3.4* - -* Upgrade `snakeyaml` dependency to 1.33 https://github.com/logstash-plugins/logstash-filter-useragent/pull/84[#84] - -*Aws Integration - 7.1.1* - -* Fix failure to load Java dependencies making v7.1.0 unusable https://github.com/logstash-plugins/logstash-integration-aws/pull/24[#24] - -[[logstash-8-7-0]] -=== Logstash 8.7.0 Release Notes - -[[features-8.7.0]] -==== New features and enhancements - -* Added `xpack.geoip.downloader.enabled` setting to manage auto-update GeoIP database https://github.com/elastic/logstash/pull/14823[#14823] -* Flow metrics improvements: `throughput` for input plugins, `worker_utilization` and `worker_millis_per_event` (worker cost per event) for filter and output plugin metrics are implemented https://github.com/elastic/logstash/pull/14743[#14743] - -[[notable-8.7.0]] -==== Performance improvements and notable issues fixed - -* Fix: DLQ writer isn't properly created due to inversion of parameteres https://github.com/elastic/logstash/pull/14900[#14900] -* Logstash fails to start on OracleLinux7 https://github.com/elastic/logstash/pull/14890[#14890] -* Fix: DLQ age policy isn't executed if the current head segment haven't receives any write https://github.com/elastic/logstash/pull/14878[#14878] -* Fixes an issue during process shutdown in which the stalled shutdown watcher incorrectly reports `inflight_count` as `0` even when there are events in-flight https://github.com/elastic/logstash/pull/14760[#14760] - -[[core-8.7.0]] -==== Other changes to Logstash core - -* Allow `dead_letter_queue.retain.age` usage in pipeline settings https://github.com/elastic/logstash/pull/14954[#14954] -* Improved logging behavior in a docker container https://github.com/elastic/logstash/pull/14949[#14949] -* `snakeyaml` upgraded to `1.33` version https://github.com/elastic/logstash/pull/14881[#14881] -* Update bundeld JDK to `17.0.6+10` https://github.com/elastic/logstash/pull/14849[#14849] -* `jrjackson` to `0.4.17` and `jackson` to `2.14.1` versions upgraded https://github.com/elastic/logstash/pull/14845[#14845] -* Pins `murmurhash3` to `0.1.6` version https://github.com/elastic/logstash/pull/14832[#14832] -* Guard reserved tags field against incorrect use https://github.com/elastic/logstash/pull/14822[#14822] -* Remove unnecessary pipeline configuration logging https://github.com/elastic/logstash/pull/14779[#14779] -* Developers using the Ruby- or Java-based Plugin APIs will have access to a new API boundary for acquiring a timer object to track execution time https://github.com/elastic/logstash/pull/14748[#14748] - -[[docs-8.7.0]] -==== Documentation enhancements - -* Describe how to use Elastic Agent to monitor Logstash https://github.com/elastic/logstash/pull/14959[#14959] -* Update Debian/Ubuntu instructions following apt-key deprecation https://github.com/elastic/logstash/pull/14835[#14835] - -[[plugins-8.7.0]] -==== Plugin releases - -*Dns Filter - 3.2.0* - -* Add tag(s) on DNS lookup times outs, defaults to `["_dnstimeout"]` https://github.com/logstash-plugins/logstash-filter-dns/pull/67[#67] - -*Syslog_pri Filter - 3.2.0* - -* Add tag on unrecognized `facility_label` code https://github.com/logstash-plugins/logstash-filter-syslog_pri/pull/11[#11] - -*Beats Input - 6.5.0* - -* Added `enrich` enrichment option to control ECS passthrough. `ssl_peer_metadata` and `include_codec_tag` configurations are deprecated and can be managed through the `enrich` https://github.com/logstash-plugins/logstash-input-beats/pull/464[#464] - -*Aws Integration - 7.1.0* - -* Restore and upload corrupted GZIP files to AWS S3 after abnormal termination https://github.com/logstash-plugins/logstash-integration-aws/pull/20[#20] - -*Elasticsearch Output - 11.13.1* - -* Avoid a crash by ensuring ILM settings are injected in the correct location depending on the default (or custom) template format, `template_api` setting and ES version https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1102[#1102] - -* Technology preview support for allowing events to individually encode a default pipeline with `[@metadata][target_ingest_pipeline]` (as part of a technology preview, this feature may change without notice) https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1113[#1113] - -[[logstash-8-6-2]] -=== Logstash 8.6.2 Release Notes - -[[dependencies-8.6.2]] -==== Updates to dependencies -* Updated JRuby to 9.3.10.0 https://github.com/elastic/logstash/pull/14865[#14865] -* Updated bundled JDK to 17.0.6+10 https://github.com/elastic/logstash/pull/14855[#14855] - -==== Plugins - -*Fingerprint Filter - 3.4.2* - -* Key config type changed to `password` type for better protection from leaks. https://github.com/logstash-plugins/logstash-filter-fingerprint/pull/71[#71] - -*Aws Integration - 7.0.1* - -* Resolved race conditions in the S3 Output plugin when handling temporary files https://github.com/logstash-plugins/logstash-integration-aws/pull/19[#19] - -*Elasticsearch Output - 11.12.4* - -* Changed `manage_template` default value to `false` when data streams is enabled https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1111[#1111] - -[[logstash-8-6-1]] -=== Logstash 8.6.1 Release Notes - -[[dependencies-8.6.1]] -==== Updates to dependencies -* Updated snakeyaml to 1.33 https://github.com/elastic/logstash/pull/14848[#14848] - -[[logstash-8-6-0]] -=== Logstash 8.6.0 Release Notes - -[[features-8.6.0]] -==== New features and enhancements - -* Extends the flow rates introduced to the Node Stats API in 8.5.0 (which included windows for `current` and `lifetime`) - to include a Technology Preview of several additional windows such as `last_15_minutes`, `last_24_hours`, etc.. - https://github.com/elastic/logstash/pull/14571[#14571] -* Logstash introduced instance and pipeline level flow metrics, `growth_bytes` and `growth_events` for persisted queue - to provide a better visibility about how fast pipeline queue is growing. - https://github.com/elastic/logstash/pull/14554[#14554] - -[[notable-8.6.0]] -==== Notable issues fixed -* Adds new `close` method to Java's Filter API to be used to clean shutdown resources allocated by the filter during registration phase. https://github.com/elastic/logstash/pull/14485[#14485] -* Improved JRuby runtime startup avoiding to compile ahead each Ruby code encountered. https://github.com/elastic/logstash/pull/14284[#14284] -* Fixed issue in pipeline compilation. https://github.com/elastic/logstash/pull/13621[#13621] - -[[docs-8.6.0]] -==== Documentation enhancements -* Crafted a guide on how to configure and troubleshooting Logstash on Kubernetes. - ** Getting started https://github.com/elastic/logstash/pull/14655[#14655] - ** Persistent Storage https://github.com/elastic/logstash/pull/14714[#14714] - ** Stack Monitoring https://github.com/elastic/logstash/pull/14696[#14696] - ** Securing Logstash https://github.com/elastic/logstash/pull/14737[#14737] - -[[plugins-8.6.0]] -==== Plugin releases - -*Netflow Codec - 4.3.0* - -* Added Gigamon ipfix definitions https://github.com/logstash-plugins/logstash-codec-netflow/pull/199[#199] - -*Elasticsearch Filter - 3.13.0* - -* Added support for this plugin identifying itself to Elasticsearch with an SSL/TLS client certificate using a new `keystore` option https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/162[#162] - -*Jdbc Integration - 5.4.1* - -* Bugfix leak which happened in creating a new Database pool for every query. The pool is now crated on registration and closed on plugin's `stop` https://github.com/logstash-plugins/logstash-integration-jdbc/pull/119[#119] - -* Ambiguous Timestamp Support https://github.com/logstash-plugins/logstash-integration-jdbc/pull/92[#92] -** FIX: when encountering an ambiguous timestamp, the JDBC Input no longer crashes -** Added support for disambiguating timestamps in daylight saving time (DST) overlap periods - -*Elasticsearch Output - 11.12.1* - -* Log bulk request response body on error, not just when debug logging is enabled https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1096[#1096] - -* Add legacy template API support for Elasticsearch 8 https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1092[#1092] - -* When using an `api_key` along with either `cloud_id` or https `hosts`, you no longer need to also specify `ssl => true` https://github.com/logstash-plugins/logstash-output-elasticsearch/issues/1065[#1065] - -* Feature: expose `dlq_routed` document metric to track the documents routed into DLQ https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1090[#1090] - -[[logstash-8-5-3]] -=== Logstash 8.5.3 Release Notes - -No user-facing changes in Logstash core. - -[[plugins-8-5-3]] -==== Plugins - -No user-facing changes in Logstash plugins. - -[[logstash-8-5-2]] -=== Logstash 8.5.2 Release Notes - -No user-facing changes in Logstash core. - -[[plugins-8-5-2]] -==== Plugins - -No user-facing changes in Logstash plugins. - -[[logstash-8-5-1]] -=== Logstash 8.5.1 Release Notes - -[[notable-8.5.1]] -==== Notable issues fixed - -* Fixes the reporting of configuration errors when using multiple-pipelines to make them more actionable https://github.com/elastic/logstash/pull/14713[#14713] - -[[dependencies-8.5.1]] -==== Updates to dependencies - -* The bundled JDK has been updated to 17.0.5+8 https://github.com/elastic/logstash/pull/14728[#14728] - -[[plugins-8-5-1]] -==== Plugins - -*Cef Codec - 6.2.6* - -* Fix: when decoding, escaped newlines and carriage returns in extension values are now correctly decoded into literal newlines and carriage returns respectively https://github.com/logstash-plugins/logstash-codec-cef/pull/98[#98] -* Fix: when decoding, non-CEF payloads are identified and intercepted to prevent data-loss and corruption. They now cause a descriptive log message to be emitted, and are emitted as their own `_cefparsefailure`-tagged event containing the original bytes in its `message` field https://github.com/logstash-plugins/logstash-codec-cef/issues/99[#99] -* Fix: when decoding while configured with a `delimiter`, flushing this codec now correctly consumes the remainder of its internal buffer. This resolves an issue where bytes that are written without a trailing delimiter could be lost https://github.com/logstash-plugins/logstash-codec-cef/issues/100[#100] - -*Json Codec - 3.1.1* - -* Fix: when decoded JSON includes an `[event][original]` field, having `ecs_compatibility` enabled will no longer overwrite the decoded field https://github.com/logstash-plugins/logstash-codec-json/pull/43[#43] - -*Grok Filter - 4.4.3* - -* Minor typos in docs examples https://github.com/logstash-plugins/logstash-filter-grok/pull/176[#176] - -*Tcp Input - 6.3.1* - -* Fixes a regression in which the ssl_subject was missing for SSL-secured connections in server mode https://github.com/logstash-plugins/logstash-input-tcp/pull/199[#199] - -*Unix Input - 3.1.2* - -* Fix: eliminate high CPU usage when data timeout is disabled and no data is available on the socket https://github.com/logstash-plugins/logstash-input-unix/pull/30[#30] - -*Rabbitmq Integration - 7.3.1* - -* DOCS: clarify the availability and cost of using the `metadata_enabled` option https://github.com/logstash-plugins/logstash-integration-rabbitmq/pull/52[#52] - -*Elasticsearch Output - 11.9.3* - -* DOC: clarify that `http_compression` option only affects _requests_; compressed _responses_ have always been read independent of this setting https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1030[#1030] - -* Fix broken link to Logstash Reference https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1085[#1085] - -* Fixes a possible infinite-retry-loop that could occur when this plugin is configured with an `action` whose value contains a <> that fails to be resolved for an individual event. -Events in this state are routed to the pipeline's <> if the DLQ is enabled. -Otherwise, these events are logged-and-dropped so that the remaining events in the batch can be processed. https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1080[#1080] - -[[logstash-8-5-0]] -=== Logstash 8.5.0 Release Notes - -[[known-issues-8.5.0]] -==== Known issues - -Due to a recent change in the Red Hat scan verification process, -this version of Logstash is not available in the Red Hat Ecosystem Catalog. -This bug will be fixed in the next release. -Please use the https://www.docker.elastic.co/r/logstash/logstash[Elastic docker registry] to download the 8.5.0 Logstash image. - -[[features-8.5.0]] -==== New features and enhancements - -* It is often difficult to understand the health of a pipeline, including whether it is exerting or propagating back-pressure or otherwise staying reasonably “caught up” with its inputs. This release adds pipeline "flow" metrics to the node_stats API for each pipeline, which includes the current and lifetime rates for five key pipeline metrics: input_throughput, filter_throughput, output_throughput, queue_backpressure, and worker_concurrency. https://github.com/elastic/logstash/pull/14518[#14518] - -[[notable-8.5.0]] -==== Notable issues fixed - -* Added missing "monitoring.cluster_uuid" to the env2yaml list of accepted configurations and enables the user to set this configuration option via environment variable https://github.com/elastic/logstash/pull/14425[#14425] -* Use COPY instruction instead of ADD in Dockerfiles https://github.com/elastic/logstash/pull/14423[#14423] - -[[docs-8.5.0]] -==== Documentation Improvements and Fixes - -* Add missing reference to full config of Logstash to Logstash over HTTP https://github.com/elastic/logstash/pull/14466[#14466] -* Describe DLQ's age retention policy https://github.com/elastic/logstash/pull/14340[#14340] -* Document the cleaning of consumed events from DLQ https://github.com/elastic/logstash/pull/14341[#14341] - -==== Plugins - -*Translate Filter - 3.4.0* - -* Refactor: leverage scheduler mixin https://github.com/logstash-plugins/logstash-filter-translate/pull/93[#93] - -*Elasticsearch Input - 4.16.0* - -* Added `ssl_certificate_verification` option to control SSL certificate verification https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/180[#180] -* Feat: add `retries` option. allow retry for failing query https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/179[#179] - -*Exec Input - 3.6.0* - -* Refactor: start using scheduler mixin https://github.com/logstash-plugins/logstash-input-exec/pull/33[#33] -* Fix: behavior incompatiblity between (standalone) LS and LS in Docker https://github.com/logstash-plugins/logstash-input-exec/pull/30[#30] - -*File Input - 4.4.4* - -* Fixes gzip file handling in read mode when run on JDK12+, including JDK17 that is bundled with Logstash 8.4+ https://github.com/logstash-plugins/logstash-input-file/pull/312[#312] - -*Http_poller Input - 5.4.0* - -* Refactor: start using scheduler mixin https://github.com/logstash-plugins/logstash-input-http_poller/pull/134[#134] - -*Elasticsearch Output - 11.9.0* - -* Feature: force unresolved dynamic index names to be sent into DLQ. This feature could be explicitly disabled using `dlq_on_failed_indexname_interpolation` setting https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1084[#1084] -* Feature: Adds a new `dlq_custom_codes` option to customize DLQ codes https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1067[#1067] -* Feature: deprecates the `failure_type_logging_whitelist` configuration option, renaming it `silence_errors_in_log` https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1068[#1068] - -[[logstash-8-4-2]] -=== Logstash 8.4.2 Release Notes - -[[notable-8.4.2]] -==== Notable issues fixed - -* Fixed the inability to configure "monitoring.cluster_uuid" in docker https://github.com/elastic/logstash/pull/14496[#14496] -* Disabled DES-CBC3-SHA cipher in some plugins that still supported it https://github.com/elastic/logstash/pull/14501[#14501] -* Upgraded JRuby the CSV gem to fix a thread leak in Logstash 8.4.0 when using the CSV filter https://github.com/elastic/logstash/pull/14508[#14508] https://github.com/elastic/logstash/pull/14526[#14526] -* Fixed Windows .bat scripts that prevented the use of the Plugin Manager and Keystore in Logstash 8.3.3/8.4.0 https://github.com/elastic/logstash/pull/14516[#14516] - -[[docs-8-4-2]] -==== Documentation improvements - -* Added https://www.elastic.co/guide/en/logstash/8.4/winlogbeat-modules.html[documentation for using Winlogbeat] with Logstash https://github.com/elastic/logstash/pull/14512[#14512] - -[[logstash-8-4-1]] -=== Logstash 8.4.1 Release Notes - -No user-facing changes in Logstash core. - -==== Plugins - -*Beats Input - 6.4.1* - -* [DOC] Add direct memory example https://github.com/logstash-plugins/logstash-input-beats/pull/454[#454] - -*Gelf Input - 3.3.2* - -* Fix: avoid panic when handling very-large exponent-notation `_@timestamp` values https://github.com/logstash-plugins/logstash-input-gelf/pull/71[#71] - -*Tcp Output - 6.1.1* - -* Fixes an issue where payloads larger than a connection's current TCP window could be silently truncated https://github.com/logstash-plugins/logstash-output-tcp/pull/49[#49] - - -[[logstash-8-4-0]] -=== Logstash 8.4.0 Release Notes - - -[[features-8.4.0]] -==== New features and enhancements - -[[dlq-8.4.0]] -===== Improvements to the dead letter queue (DLQ) - -This release brings significant improvements to help users manage their dead letter queues, including: - -* A new `clean_consumed` option on the Dead Letter Queue input plugin. -It can automatically delete segments from a dead letter queue after all events in the segment have been consumed by a Logstash pipeline. -* A new age retention policy, enabling the automatic removal of segments from a dead letter queue -based on the age of events within those segments. -* Additional dead letter queue metrics available from the monitoring API https://github.com/elastic/logstash/pull/14324[#14324] - -[[aws-8.4.0]] -===== New AWS integration plugin - -Several AWS plugins are now bundled in a single {logstash-ref}/plugins-integrations-aws.html[AWS integration plugin], enabling easier maintenance and upgrades of AWS-based -plugins. They all use version 3 of the AWS Ruby SDK. - -[[jdk-8.4.0]] -===== JDK17 support - -Logstash now comes bundled with JDK17, while still providing compatibility with user-supplied JDK11. -The new JDK includes an update pertaining to a potential security vulnerability. -Please see our link:https://discuss.elastic.co/c/announcements/security-announcements/31[security statement for details]. - -[[m1-8.4.0]] -===== Logstash M1 download - -Logstash is now available for download on M1 equipped MacOS devices, and comes bundled with M1 native JDK17. - -[[notable-8.4.0]] -==== Notable issues fixed - -* Remove `/etc/systemd/system/logstash.service` only when file is installed by Logstash https://github.com/elastic/logstash/pull/14200[#14200] -* Fix Arcsight module compatibility with Elasticsearch `8.x` https://github.com/elastic/logstash/pull/13874[#13874] -* Ensure that timestamp values are serialized with a minimum of 3 decimal places to guarantee that millisecond precision timestamps match those from Logstash `7.x` https://github.com/elastic/logstash/pull/14299[#14299] -* Fix issue with native Java plugin thread-safety and concurrency https://github.com/elastic/logstash/pull/14360[#14360] -* Allow the ability to use Ruby codecs inside native Java plugins https://github.com/elastic/logstash/pull/13523[#13523] - - -[[dependencies-8.4.0]] -==== Updates to dependencies - -* The bundled JDK has been updated to 17.0.4+8 https://github.com/elastic/logstash/pull/14427[#14427] -* The version of Sinatra has been updated to 2.2.2 https://github.com/elastic/logstash/pull/14454[#14454] -* The version of Nokogiri has been updated to 1.13.8 https://github.com/elastic/logstash/pull/14454[#14454] - -[[plugins-8.4.0]] -==== Plugin releases - -*Dead Letter Queue Input - 2.0.0* - -* Introduce the boolean `clean_consumed` setting to enable the automatic removal of completely consumed segments. Requires Logstash 8.4.0 or above https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/43[#43] -* Expose metrics about segments and events cleaned by this plugin https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/45[#45] - -*Xml Filter - 4.2.0* - -* Update Nokogiri dependency version https://github.com/logstash-plugins/logstash-filter-xml/pull/78[#78] - -*Aws Integration Plugin - 7.0.0* - -* This new integration plugin incorporates and replaces the use of the these individual plugins: -individual plugins: -** logstash-input-s3 -** logstash-input-sqs -** logstash-mixin-aws -** logstash-output-cloudwatch -** logstash-output-s3 -** logstash-output-sns -** logstash-output-sqs -* This replaces the use of the single combined aws `2.x` sdk gem, with the modularized -aws `3.x` gems. - -[[logstash-8-3-3]] -=== Logstash 8.3.3 Release Notes - -[[notable-8.3.3]] -==== Notable issue fixed -* We fixed an issue which occurred when users ran the plugin manager or the keystore with the bundled JVM. - Some mandatory JVM options were not being picked up from the JvmOptionsParser, - breaking compatibility with Windows on certain versions of the JDK. https://github.com/elastic/logstash/pull/14355[#14355] - -[[plugins-8.3.3]] -==== Plugin releases - -*Date Filter - 3.1.15* - -* Build: review build to be more reliable/portable https://github.com/logstash-plugins/logstash-filter-date/pull/139[#139] -* Cleaned up Java dependencies - -*Fingerprint Filter - 3.4.1* - -* Added backward compatibility of timestamp format to provide consistent fingerprint https://github.com/logstash-plugins/logstash-filter-fingerprint/pull/67[#67] - -*Http_poller Input - 5.3.1* - -* Fix: Make sure plugin is closing the http client https://github.com/logstash-plugins/logstash-input-http_poller/pull/130[#130] - -*Scheduler Mixin - 1.0.1* - -* Refactor: Initialize time zone data eagerly https://github.com/logstash-plugins/logstash-mixin-scheduler/pull/2[#2] - -*Core Patterns - 4.3.4* - -* Fix: Correct typo in CISCOFW302013_302014_302015_302016 grok pattern https://github.com/logstash-plugins/logstash-patterns-core/pull/313[#313] - - -[[logstash-8-3-2]] -=== Logstash 8.3.2 Release Notes - -No user-facing changes in this release. - -[[logstash-8-3-1]] -=== Logstash 8.3.1 Release Notes - -[[notable-8.3.1]] -==== Notable issues fixed - -* We fixed an event serializing incompatibility introduced in 8.3.0 https://github.com/elastic/logstash/pull/14314[#14314] - If you're using dead letter queues or persistent queues we recommend that you do not use Logstash 8.3.0 and upgrade to 8.3.1. - -[[logstash-8-3-0]] -=== Logstash 8.3.0 Release Notes - -[[known-issue-8-3-0]] -==== Known issue - -An event serialization bug was discovered, which causes an issue when trying to read dead letter or persistent queues created -in previous versions of Logstash. - -We recommend not upgrading to Logstash 8.3.0 if you are using dead letter or persistent queues. - -[[features-8.3.0]] -==== New features and enhancements - -* {ls} is more efficient at fetching pipelines as of 8.3.0. -When a {ls} instance sends its pipeline IDs to {es} or central pipeline management in {kib}, it gets back only the pipeline configs that belong to that instance. -These enhancements required changes to both {ls} https://github.com/elastic/logstash/pull/14076[(#14076)] and {es} https://github.com/elastic/elasticsearch/pull/85847[(#85847)]. -+ -These improvements dramatically decrease network load while also giving users the ability to control pipelines dynamically using wildcards. - -* Dead Letter Queues can now be configured to drop older events instead of new ones when they're full. The setting "dead_letter_queue.storage_policy" has been introduced for this purpose, and new metrics - such as a counter for dropped events - are now exposed in the API to better monitor the DLQ behavior. https://github.com/elastic/logstash/pull/13923[#13923] https://github.com/elastic/logstash/pull/14058[#14058] - -* To improve security of Logstash deployments, 8.3.0 brings a new setting "allow_superuser" that defaults to false. When enabled it prevents Logstash from starting as super user ("root"). This setting will be enabled by default in the future. Consider explicitly enabling it. Otherwise a deprecation log entry will be emitted. https://github.com/elastic/logstash/pull/14046[#14046] https://github.com/elastic/logstash/pull/14089[#14089] - -* Continuing with the focus on security, we've introduced "api.auth.basic.password_policy.mode" to ensure the password used to guard Logstash's HTTP API has a minimum set of strength requirements. By default a warning will be emitted if the defined password doesn't meet the criteria, but in a future release the mode will be set to "ERROR". https://github.com/elastic/logstash/pull/14045[#14045] https://github.com/elastic/logstash/pull/14105[#14105] https://github.com/elastic/logstash/pull/14159[#14159] - -* Elasticsearch introduced "security on by default" back in 8.0.0, with TLS enabled by default in its HTTP and transport layers. To facilitate connecting to 8.x clusters, Elasticsearch displays the fingerprint of the Certificate Authority it generates on startup. This release of Logstash introduces support for setting "ca_trusted_fingerprint" in Elasticsearch input, filter and outputs plugins. https://github.com/elastic/logstash/pull/14120[#14120] - -* Technical Preview: Receiving events containing keys with characters that have special meaning to Logstash such as `[` and `]` (for field references) has always causes issues to data ingestion. A new setting in Technical Preview, disabled by default, called "config.field_reference.escape_style" was introduced to handle such special characters by escaping them. https://github.com/elastic/logstash/pull/14044[#14044] - -[[notable-8.3.0]] -==== Notable issues fixed - -* Don't display values of password type settings in conditionals https://github.com/elastic/logstash/pull/13997[#13997] -* Introduce a retry mechanism in pipeline-to-pipeline instead of crashing https://github.com/elastic/logstash/pull/14027[#14027] -* Add thread safety around Puma startup/shutdown https://github.com/elastic/logstash/pull/14080[#14080] -* Add value converters for java.time classes https://github.com/elastic/logstash/pull/13972[#13972] -* Correct the class reference to the MetricNotFound exception https://github.com/elastic/logstash/pull/13970[#13970] -* Fix a possible corruption of Persistent Queue during a crash of the Logstash process https://github.com/elastic/logstash/pull/14165[#14165] - -[[dependencies-8.3.0]] -==== Updates to dependencies - -* The bundled JDK 11 has been updated to 11.0.15+10 https://github.com/elastic/logstash/pull/14031[#14031] -* Jackson and jackson-databind have been updated to 2.13.3 https://github.com/elastic/logstash/pull/13945[#13945] - -[[plugins-8.3.0]] -==== Plugin releases - -*Avro Codec - 3.4.0* - -* Add `encoding` option to select the encoding of Avro payload, could be `binary` or `base64` https://github.com/logstash-plugins/logstash-codec-avro/pull/39[#39] - -*Elasticsearch Filter - 3.12.0* - -* Add support for `ca_trusted_fingerprint` when run on Logstash 8.3+ https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/158[#158] - -*Fingerprint Filter - 3.4.0* - -* Add support for 128bit murmur variant https://github.com/logstash-plugins/logstash-filter-fingerprint/pull/66[#66]. - -*Azure_event_hubs Input - 1.4.4* - -* Fix: Replace use of block with lambda to fix wrong number of arguments error on jruby-9.3.4.0 https://github.com/logstash-plugins/logstash-input-azure_event_hubs/pull/75[#75] - -*Beats Input - 6.4.0* - -* Feat: review and deprecate ssl protocol/cipher settings https://github.com/logstash-plugins/logstash-input-beats/pull/450[#450] - -*Elasticsearch Input - 4.14.0* - -* Refactor: switch to using scheduler mixin https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/177[#177] -* Add support for `ca_trusted_fingerprint` when run on Logstash 8.3+ https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/178[#178] - -*Http Input - 3.6.0* - -* Feat: review and deprecate ssl protocol/cipher related settings https://github.com/logstash-plugins/logstash-input-http/pull/151[#151] - -*Jms Input - 3.2.2* - -* Fix: Remove usage of `java_kind_of?` to allow this plugin to be supported for versions of Logstash using jruby-9.3.x - https://github.com/logstash-plugins/logstash-input-jms/pull/54[#54] - -*S3 Input - 3.8.4* - -* Refactoring, reuse code to manage `additional_settings` from mixin-aws https://github.com/logstash-plugins/logstash-input-s3/pull/237[#237] - -*Sqs Input - 3.3.2* - -* Fix an issue that prevented timely shutdown when subscribed to an inactive queue -* Refactoring: used logstash-mixin-aws to leverage shared code to manage `additional_settings` https://github.com/logstash-plugins/logstash-input-sqs/pull/64[#64] - -*Tcp Input - 6.3.0* - -* Feat: ssl_supported_protocols (TLSv1.3) + ssl_cipher_suites https://github.com/logstash-plugins/logstash-input-tcp/pull/198[#198] - -*Jdbc Integration - 5.3.0* - -* Refactor: start using scheduler mixin https://github.com/logstash-plugins/logstash-integration-jdbc/pull/110[#110] -* Fix: change default path of 'last_run_metadata_path' to be rooted in the LS data.path folder and not in $HOME https://github.com/logstash-plugins/logstash-integration-jdbc/pull/106[#106] - -*Kafka Integration - 10.12.0* - -* bump kafka client to 2.8.1 https://github.com/logstash-plugins/logstash-integration-kafka/pull/115[#115] -* Feat: add connections_max_idle_ms setting for output https://github.com/logstash-plugins/logstash-integration-kafka/pull/118[#118] - -*Aws Mixin - 5.1.0* - -* Add support for 'additional_settings' configuration options used by S3 and SQS input plugins https://github.com/logstash-plugins/logstash-mixin-aws/pull/53[#53]. -* Drop support for aws-sdk-v1 - -*Elasticsearch Output - 11.6.0* - -* Add support for `ca_trusted_fingerprint` when run on Logstash 8.3+ https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1074[#1074] -* Feat: add ssl_supported_protocols option https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1055[#1055] -* [DOC] Add `v8` to supported values for ecs_compatiblity defaults https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1059[#1059] - -*S3 Output - 4.3.7* - -* Refactor: avoid usage of ConcurrentHashMap (JRuby 9.3.4 work-around) https://github.com/logstash-plugins/logstash-output-s3/pull/248[#248] -* Docs: more documentation on restore + temp dir https://github.com/logstash-plugins/logstash-output-s3/pull/236[#236] - -*Tcp Output - 6.1.0* - -* Feat: add support for TLS v1.3 https://github.com/logstash-plugins/logstash-output-tcp/pull/47[#47] -* Fix: close server and client sockets on plugin close - -[[logstash-8-2-3]] -=== Logstash 8.2.3 Release Notes - -* Updated bundled JDK to 11.0.15+10 https://github.com/elastic/logstash/pull/14152[#14152] - -[[logstash-8-2-2]] -=== Logstash 8.2.2 Release Notes - -[[notable-8.2.2]] -==== Notable issues fixed - -* Avoid unnecessary thread synchronization when the Persistent Queue is full https://github.com/elastic/logstash/pull/14141[#14141] - -[[logstash-8-2-1]] -=== Logstash 8.2.1 Release Notes - -[[notable-8.2.1]] -==== Notable issues fixed - -* Added mandatory JVM option to avoid strict path checking introduced with recent JVM versions, - starting from 11.0.15+10, 17.0.3+7. -https://github.com/elastic/logstash/pull/14066[#14066] - -* Fixed Dead Letter Queue bug happening in position retrieval and restore. This happened when the DLQ input plugin used - `commit_offset` feature. -https://github.com/elastic/logstash/pull/14093[#14093] - -* Fixes an issue where custom java plugins were unable to be installed and run correctly when retrieved from rubygems.org. -https://github.com/elastic/logstash/pull/14060[#14060] - -* Fixed no metrics update issue when PQ is draining. -https://github.com/elastic/logstash/pull/13935[#13935] - -==== Plugins - -*Cef Codec - 6.2.5* - -* [DOC] Update link to CEF implementation guide https://github.com/logstash-plugins/logstash-codec-cef/pull/97[#97] - -*Dns Filter - 3.1.5* - -* Fixed an issue where a non-string value existing in the resolve/reverse field could cause the plugin to crash https://github.com/logstash-plugins/logstash-filter-dns/pull/65[#65] - -*Grok Filter - 4.4.2* - -* Clarify the definition of matches that depend on previous captures https://github.com/logstash-plugins/logstash-filter-grok/pull/169[#169] - -*Http Filter - 1.4.1* - -* Fix: don't process response body for HEAD requests https://github.com/logstash-plugins/logstash-filter-http/pull/40[#40] - -*Beats Input - 6.3.1* - -* Fix: Removed use of deprecated `import` of java classes in ruby https://github.com/logstash-plugins/logstash-input-beats/pull/449[#449] - -*File Input - 4.4.2* - -* Doc: Fix attribute by removing extra character https://github.com/logstash-plugins/logstash-input-file/pull/310[#310] - -* Fix: update to Gradle 7 https://github.com/logstash-plugins/logstash-input-file/pull/305[#305] -* [DOC] Add version attributes to doc source file https://github.com/logstash-plugins/logstash-input-file/pull/308[#308] - - -*Http Input - 3.5.1* - -* Fix: codecs provided with `additional_codecs` now correctly run in the pipeline's context, which means that they respect the `pipeline.ecs_compatibility` setting https://github.com/logstash-plugins/logstash-input-http/pull/152[#152] - -*Jdbc Integration - 5.2.5* - -* Fix: do not execute more queries with debug logging https://github.com/logstash-plugins/logstash-integration-jdbc/pull/109[#109] - -*Core Patterns - 4.3.3* - -- Fix: parsing x-edge-location in CLOUDFRONT_ACCESS_LOG (ECS mode) https://github.com/logstash-plugins/logstash-patterns-core/pull/311[#311] - - -[[logstash-8-2-0]] -=== Logstash 8.2.0 Release Notes - -==== Breaking changes - -* Starting with Logstash 8.0 all supported and tested operating systems use system.d so this release removes leftover SysVinit scripts from .deb and .rpm packages https://github.com/elastic/logstash/pull/13954[#13954] https://github.com/elastic/logstash/pull/13955[#13955] - -[[notable-8.2.0]] -==== Notable issues fixed - -* Improved resiliency of Central Management requests when an Elasticsearch node is down https://github.com/elastic/logstash/pull/13689[#13689] https://github.com/elastic/logstash/pull/13941[#13941] -* Ensure safe retrieval of queue stats that may not yet be populated https://github.com/elastic/logstash/pull/13942[#13942] -* Print bundled JDK's version in launch scripts when `LS_JAVA_HOME` is provided https://github.com/elastic/logstash/pull/13880[#13880] -* Updated jackson-databind to 2.13.2 in ingest-converter tool https://github.com/elastic/logstash/pull/13900[#13900] -* Updated google-java-format dependency to 1.13.0 and guava to 31.0.1 in core https://github.com/elastic/logstash/pull/13700[#13700] -* Multiple documentation improvements related to: Logstash to Logstash communication https://github.com/elastic/logstash/pull/13999[#13999], docker variable injection https://github.com/elastic/logstash/pull/12198[#12198], LS-ES security configuration https://github.com/elastic/logstash/pull/14012[#14012], JDK 11 Bundling https://github.com/elastic/logstash/pull/14022[#14022], and other overall documentation restructuring https://github.com/elastic/logstash/pull/14015[#14015]. - - -==== Plugins - -*Http Filter - 1.4.0* - -* Feat: added ssl_supported_protocols option https://github.com/logstash-plugins/logstash-filter-http/pull/38[#38] - -*Kv Filter - 4.7.0* - -* Allow attaching multiple tags on failure. The `tag_on_failure` option now also supports an array of strings https://github.com/logstash-plugins/logstash-filter-kv/issues/92[#92] - -*Beats Input - 6.3.0* - -* Added support for TLSv1.3. https://github.com/logstash-plugins/logstash-input-beats/pull/447[#447] - -*Elasticsearch Input - 4.12.3* - -* Fix: update Elasticsearch Ruby client to correctly customize 'user-agent' header https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/171[#171] - -*Http Input - 3.5.0* - -* Feat: TLSv1.3 support https://github.com/logstash-plugins/logstash-input-http/pull/146[#146] - -*Http_poller Input - 5.3.0* - -* Feat: added ssl_supported_protocols option https://github.com/logstash-plugins/logstash-input-http_poller/pull/133[#133] - -*Sqs Input - 3.3.0* - -* Feature: Add `additional_settings` option to fine-grain configuration of AWS client https://github.com/logstash-plugins/logstash-input-sqs/pull/61[#61] - -*Kafka Integration - 10.10.0* - -* Added config setting to enable 'zstd' compression in the Kafka output https://github.com/logstash-plugins/logstash-integration-kafka/pull/112[#112] - -*Http_client Mixin - 7.2.0* - -* Feat: add `ssl_supported_protocols` option https://github.com/logstash-plugins/logstash-mixin-http_client/pull/40[#40] - -*Http Output - 5.5.0* - -* Feat: added `ssl_supported_protocols` option https://github.com/logstash-plugins/logstash-output-http/pull/131[#131] -* Fix retry indefinitely in termination process. This feature requires Logstash 8.1 https://github.com/logstash-plugins/logstash-output-http/pull/129[#129] -* Docs: Add retry policy description https://github.com/logstash-plugins/logstash-output-http/pull/130[#130] -* Introduce retryable unknown exceptions for "connection reset by peer" and "timeout" https://github.com/logstash-plugins/logstash-output-http/pull/127[#127] - -[[logstash-8-1-3]] -=== Logstash 8.1.3 Release Notes - -No user-facing changes in this release. - -[[logstash-8-1-2]] -=== Logstash 8.1.2 Release Notes - -[[notable-8.1.2]] -==== Notable issues fixed - -* Fixed issue where Logstash crashed if Central Management couldn't reach Elasticsearch https://github.com/elastic/logstash/pull/13689[#13689] - -==== Plugins - -*Cef Codec - 6.2.4* - -* [DOC] Emphasize importance of delimiter setting for byte stream inputs https://github.com/logstash-plugins/logstash-codec-cef/pull/95[#95] - -*Geoip Filter - 7.2.12* - -* [DOC] Add `http_proxy` environment variable for GeoIP service endpoint. The feature is included in 8.1.0, and was back-ported to 7.17.2 https://github.com/logstash-plugins/logstash-filter-geoip/pull/207[#207] - -*Truncate Filter - 1.0.5* - -* Switches behavior of add_tag and add_field, now tags and fields are added only when the truncation happens on any field or nested field https://github.com/logstash-plugins/logstash-filter-truncate/pull/7[#7]. - -*Tcp Output - 6.0.2* - -* Fix: unable to start with password protected key https://github.com/logstash-plugins/logstash-output-tcp/pull/45[#45] - -[[logstash-8-1-1]] -=== Logstash 8.1.1 Release Notes - -[[notable-8.1.1]] -==== Notable issues fixed - -* The `bin/logstash-plugin uninstall ` command works as expected, successfully uninstalling the specified plugin https://github.com/elastic/logstash/pull/13823[#13823] -* Logstash CLI tools are now able to use the selected JDK on Windows https://github.com/elastic/logstash/pull/13839[#13839] -* Logstash can successfully locate the Windows JVM, even if the path includes spaces https://github.com/elastic/logstash/pull/13881[#13881] -* The GeoIP database lookup will now respect a proxy defined with the http_proxy environment variable. https://github.com/elastic/logstash/pull/13840[#13840] - -==== Updates to dependencies - -* The version of the bundled JDK has been updated to 11.0.14.1+1. https://github.com/elastic/logstash/pull/13869[#13869] - -==== Plugins - -*Dissect Filter - 1.2.5* - -* Fix: bad padding `->` suffix with delimiter https://github.com/logstash-plugins/logstash-filter-dissect/pull/84[#84] - -*Elasticsearch Filter - 3.11.1* - -* Fix: hosts => "es_host:port" regression https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/156[#156] - -*Dead_letter_queue Input - 1.1.11* - -* Fix: pre-flight checks before creating DLQ reader https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/35[#35] -* Fix: avoid Logstash crash on shutdown if DLQ files weren't created https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/33[#33] - -*Elasticsearch Input - 4.12.2* - -* Fix: hosts => "es_host:port" regression https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/168[#168] - -*Http_poller Input - 5.2.1* - -* Deps: unpin rufus-scheduler dependency https://github.com/logstash-plugins/logstash-input-http_poller/pull/132[#132] - -*Jdbc Integration - 5.2.4* - -* Fix: compatibility with all (>= 3.0) rufus-scheduler versions https://github.com/logstash-plugins/logstash-integration-jdbc/pull/97[#97] - -* Performance: avoid contention on scheduler execution https://github.com/logstash-plugins/logstash-integration-jdbc/pull/103[#103] - -*Tcp Output - 6.0.1* - -* Fix: logging fail retry to stdout https://github.com/logstash-plugins/logstash-output-tcp/pull/43[#43] -* Fix: Use `reconnect_interval` when establish a connection - - -[[logstash-8-1-0]] -=== Logstash 8.1.0 Release Notes - -[[known-issue-8-1-0]] -==== Known issue - -Uninstalling a plugin using `bin/logtash-plugin uninstall` may -result in an error: - -``` -Gem::LoadError: You have already activated jruby-openssl 0.12.2, but your Gemfile requires jruby-openssl 0.12.1. Prepending `bundle exec` to your command may solve this. -``` - -Logstash should still run, and other plugin operations, such as `update` and `install`, should work as expected. - -NOTE: The `bin/logstash-plugin list` command may fail with the same error after a failed uninstallation. - -**Resolution** - -A successful plugin `update` will resolve this issue, and allow subsequent `uninstall` and `list` operations to -work without issue. - -The `filter-dissect` plugin has recent changes available for update. -Running `bin/logstash-plugin update logstash-filter-dissect` should mitigate this issue. - - -==== Logstash core - -No user-facing changes in Logstash core. - -==== Plugins - -*Http Filter - 1.3.0* - -* Feat: support ssl_verification_mode option https://github.com/logstash-plugins/logstash-filter-http/pull/37[#37] - -*Kv Filter - 4.6.0* - -* Added `allow_empty_values` option https://github.com/logstash-plugins/logstash-filter-kv/pull/72[#72] - -*Http_poller Input - 5.2.0* - -* Feat: support ssl_verification_mode option https://github.com/logstash-plugins/logstash-input-http_poller/pull/131[#131] - -*Sqs Input - 3.2.0* - -* Feature: Add `queue_owner_aws_account_id` parameter for cross-account queues https://github.com/logstash-plugins/logstash-input-sqs/pull/60[#60] - -*Elastic_enterprise_search Integration - 2.2.1* - -* Fix, change implementation of connectivity check method to be compatible with version `v8.0+` of Workplace Search https://github.com/logstash-plugins/logstash-integration-elastic_enterprise_search/pull/16[#16] - -* Feature, switch the connection library to elastic-enterprise-search https://github.com/logstash-plugins/logstash-integration-elastic_enterprise_search/pull/3[#3] -* [DOC] Added required parameters to Workplace Search example snippet and describe little better what's expected in url parameter https://github.com/logstash-plugins/logstash-integration-elastic_enterprise_search/pull/11[#11] - -*Http_client Mixin - 7.1.0* - -* Feat: add `ssl_verification_mode` https://github.com/logstash-plugins/logstash-mixin-http_client/pull/39[#39] - -*Http Output - 5.3.0* - -* Feat: support ssl_verification_mode option https://github.com/logstash-plugins/logstash-output-http/pull/126[#126] - -[[logstash-8-0-1]] -=== Logstash 8.0.1 Release Notes - -[[notable-8.0.1]] -==== Notable issues fixed - -* Fixed monitoring incompatibility on Windows where the CPU metric was not available. -https://github.com/elastic/logstash/pull/13727[#13727] - -* Recently, users running `bin/logstash-plugin` to install or update plugins stumbled upon an issue that would prevent -Logstash from starting due a third-party dependency update. The dependency was pinned to an older version. -https://github.com/elastic/logstash/issues/13777[#13777] - -* Logstash startup and the `pqrepair`/`pqcheck` tools have been improved to handle corrupted files in case of an -unexpected shutdown. https://github.com/elastic/logstash/pull/13692[#13692] https://github.com/elastic/logstash/pull/13721[#13721] - -==== Plugins - -*Dissect Filter - 1.2.5* - -* Fix bad padding `->` suffix with delimiter https://github.com/logstash-plugins/logstash-filter-dissect/pull/84[#84] - -*Elasticsearch Filter - 3.11.1* - -* Fix: hosts => "es_host:port" regression https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/156[#156] - -*Beats Input - 6.2.6* - -* Update guidance regarding the private key format and encoding https://github.com/logstash-plugins/logstash-input-beats/pull/445[#445] - -*Dead_letter_queue Input - 1.1.10* - -* Fix, avoid Logstash crash on shutdown if DLQ files weren't created https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/33[#33] -* Fix `@metadata` get overwritten by reestablishing metadata that stored in DLQ https://github.com/logstash-plugins/logstash-input-dead_letter_queue/pull/34[#34] - -*Tcp Input - 6.2.7* - -* Build: skip shadowing jar dependencies https://github.com/logstash-plugins/logstash-input-tcp/pull/187[#187] -** plugin no longer shadows dependencies into its *logstash-input-tcp.jar* -** log4j-api is now a provided dependency and is no longer packaged with the plugin - -*Jdbc Integration - 5.2.3* - -* Performance: avoid contention on scheduler execution https://github.com/logstash-plugins/logstash-integration-jdbc/pull/103[#103] - -*Tcp Output - 6.0.1* - -* Fixed logging fail retry to stdout https://github.com/logstash-plugins/logstash-output-tcp/pull/43[#43] -* Fixed to use `reconnect_interval` when establish a connection - -[[logstash-8-0-0]] -=== Logstash 8.0.0 Release Notes - -The following list are changes in 8.0.0 as compared to 7.17.0, and combines release notes from the 8.0.0-alpha1, -alpha2, -beta1, -rc1 and -rc2 releases. - -[[breaking-8.0.0]] -==== Breaking changes -* Many plugins can now be run in a mode that avoids implicit conflict with the Elastic Common Schema (ECS). - This mode is controlled individually with each plugin’s ecs_compatibility option, which defaults to the value of the Logstash pipeline.ecs_compatibility setting. - In Logstash 8, this compatibility mode will be on-by-default for all pipelines. - If you wish to lock in a pipeline’s behavior from Logstash 7.x before upgrading to Logstash 8, - you can set `pipeline.ecs_compatibility: disabled` to its definition in `pipelines.yml` (or globally in `logstash.yml`). -* Starting from Logstash 8.0, the minimum required version of Java to run Logstash is Java 11. - By default, Logstash will run with the bundled JDK, which has been verified to work with each specific version of Logstash, - and generally provides the best performance and reliability. -* Support for using `JAVA_HOME` to override the path to the JDK that Logstash runs with has been removed for this release. - In the `8.x` release, users should set the value of `LS_JAVA_HOME` to the path of their preferred JDK if they - wish to use a version other than the bundled JDK. The value of `JAVA_HOME` will be ignored. -* The Java Execution Engine has been the default engine since Logstash 7.0, and works with plugins written in either Ruby or Java. - Removal of the Ruby Execution Engine will not affect the ability to run existing pipelines. https://github.com/elastic/logstash/pull/12517[#12517] -* We have added support for UTF-16 and other multi-byte-character when reading log files. https://github.com/elastic/logstash/pull/9702[#9702] -* Setting `config.field_reference.parser` has been removed. - The Field Reference parser interprets references to fields in your pipelines and plugins. - Its behavior was configurable in 6.x, and since 7.0 allowed only a single option: `strict`. - 8.0 no longer recognizes the setting, but maintains the same behavior as the `strict` setting. - {ls} rejects ambiguous and illegal inputs as standard behavior. https://github.com/elastic/logstash/pull/12466[#12466] - -For a more detailed view of these changes please check <>. - -[[features-8.0.0]] -==== New features and enhancements -* As processing times speed up, millisecond granularity is not always enough. Inbound data increasingly has sub-millisecond granularity timestamps. - The pull request https://github.com/elastic/logstash/pull/12797[#12797] allows the internal mechanisms of - Logstash that hold moment-in-time data - such as the Logstash Event, the Persistent Queue, the Dead Letter Queue and JSON encoding/decoding - to have nanosecond granularity. -* We have added another flag to the Benchmark CLI to allow passing a data file with previously captured data to the custom test case. - This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] - -==== Plugins - -Logstash 8.0.0 includes the same versions of all bundled plugins as Logstash 7.17.0. -If you upgrade to 7.17 before upgrading to 8.0 (as recommended), you won't see any changes to plugin versions. - -*Clone Filter - 4.2.0* - -* Added support for ECS v8 as alias for ECS v1 https://github.com/logstash-plugins/logstash-filter-clone/pull/27[#27] - -*Geoip Filter - 7.2.11* - -* Improved compatibility with the Elastic Common Schema https://github.com/logstash-plugins/logstash-filter-geoip/pull/206[#206] -** Added support for ECS's composite `region_iso_code` (`US-WA`), which _replaces_ the non-ECS `region_code` (`WA`) as a default field with City databases. -To get the stand-alone `region_code` in ECS mode, you must include it in the `fields` directive -** [DOC] Improve ECS-related documentation -* [DOC] Air-gapped environment requires both ASN and City databases https://github.com/logstash-plugins/logstash-filter-geoip/pull/204[#204] - -*Http Filter - 1.2.1* - -* Fix: do not set content-type if provided by user https://github.com/logstash-plugins/logstash-filter-http/pull/36[#36] -* Feat: improve ECS compatibility https://github.com/logstash-plugins/logstash-filter-http/pull/35[#35] -* Add support for PUT requests https://github.com/logstash-plugins/logstash-filter-http/pull/34[#34] - -*Ruby Filter - 3.1.8* - -* [DOC] Added doc to describe the option `tag_with_exception_message`https://github.com/logstash-plugins/logstash-filter-ruby/pull/62[#62] -* Fix SyntaxError handling so other pipelines can shut down gracefully https://github.com/logstash-plugins/logstash-filter-ruby/pull/64[#64] - -*Useragent Filter - 3.3.3* - -* Docs: mention added fields in 3.3 with a note https://github.com/logstash-plugins/logstash-filter-useragent/pull/78[#78] - -*Exec Input - 3.4.0* - -* Feat: adjust fields for ECS compatibility https://github.com/logstash-plugins/logstash-input-exec/pull/28[#28] -* Plugin will no longer override fields if they exist in the decoded payload (It no longer sets the `host` field if decoded from the command's output) - -*Gelf Input - 3.3.1* - -* Fix: safely coerce the value of `_@timestamp` to avoid crashing the plugin https://github.com/logstash-plugins/logstash-input-gelf/pull/67[#67] - -*Generator Input - 3.1.0* - -* Feat: adjusted fields for ECS compatibility https://github.com/logstash-plugins/logstash-input-generator/pull/22[#22] -* Fix: do not override the host field if it's present in the generator line (after decoding) -* Fix: codec flushing when closing input - -*Imap Input - 3.2.0* - -* Feat: ECS compatibility https://github.com/logstash-plugins/logstash-input-imap/pull/55[#55] -* added (optional) `headers_target` configuration option -* added (optional) `attachments_target` configuration option -* Fix: plugin should not close `$stdin`, while being stopped - -*Jms Input - 3.2.1* - -* Fix: improve compatibility with MessageConsumer implementations https://github.com/logstash-plugins/logstash-input-jms/pull/51[#51], -such as IBM MQ. -* Test: Fix test failures due to ECS compatibility default changes in `8.x` of logstash https://github.com/logstash-plugins/logstash-input-jms/pull/53[#53] -* Feat: event_factory support + targets to aid ECS https://github.com/logstash-plugins/logstash-input-jms/pull/49[#49] -* Fix: when configured to add JMS headers to the event, headers whose value is not set no longer result in nil entries on the event -* Fix: when adding the `jms_reply_to` header to an event, a string representation is set instead of an opaque object. - -*Pipe Input - 3.1.0* - -* Feat: adjust fields for ECS compatibility https://github.com/logstash-plugins/logstash-input-pipe/pull/19[#19] - -*S3 Input - 3.8.3* - -* Fix missing `metadata` and `type` of the last event https://github.com/logstash-plugins/logstash-input-s3/pull/223[#223] -* Refactor: read sincedb time once per bucket listing https://github.com/logstash-plugins/logstash-input-s3/pull/233[#233] - -*Snmp Input - 1.3.1* - -* Refactor: handle no response(s) wout error logging https://github.com/logstash-plugins/logstash-input-snmp/pull/105[#105] -* Feat: ECS compliance + optional target https://github.com/logstash-plugins/logstash-input-snmp/pull/99[#99] -* Internal: update to Gradle 7 https://github.com/logstash-plugins/logstash-input-snmp/pull/102[#102] - -*Snmptrap Input - 3.1.0* - -* Feat: ecs_compatiblity support + (optional) target https://github.com/logstash-plugins/logstash-input-snmptrap/pull/37[#37] - -*Syslog Input - 3.6.0* - -* Add support for ECS v8 as alias to v1 implementation https://github.com/logstash-plugins/logstash-input-syslog/pull/68[#68] - -*Twitter Input - 4.1.0* - -* Feat: optional target + ecs_compatibility https://github.com/logstash-plugins/logstash-input-twitter/pull/72[#72] - -*Unix Input - 3.1.1* - -* Fix: unable to stop plugin (on LS 6.x) https://github.com/logstash-plugins/logstash-input-unix/pull/29[#29] -* Refactor: plugin internals got reviewed for `data_timeout => ...` to work reliably -* Feat: adjust fields for ECS compatibility https://github.com/logstash-plugins/logstash-input-unix/pull/28[#28] - -*Jdbc Integration - 5.2.2* - -* Feat: name scheduler threads + redirect error logging https://github.com/logstash-plugins/logstash-integration-jdbc/pull/102[#102] -* Refactor: isolate paginated normal statement algorithm in a separate handler https://github.com/logstash-plugins/logstash-integration-jdbc/pull/101[#101] -* Added `jdbc_paging_mode` option to choose if use `explicit` pagination in statements and avoid the initial count -query or use `auto` to delegate to the underlying library https://github.com/logstash-plugins/logstash-integration-jdbc/pull/95[#95] -* Several improvements to Java driver loading -** Refactor: to explicit Java (driver) class name loading https://github.com/logstash-plugins/logstash-integration-jdbc/pull/96[#96]. -The change is expected to provide a more robust fix for the driver loading issue https://github.com/logstash-plugins/logstash-integration-jdbc/issues/83[#83]. - - NOTE: A fatal driver error will no longer keep reloading the pipeline and now leads to a system exit. - -** Fix: regression due returning the Java driver class https://github.com/logstash-plugins/logstash-integration-jdbc/pull/98[#98] - -*Kafka Integration - 10.9.0* - -* Refactor: leverage codec when using schema registry -Previously using `schema_registry_url` parsed the payload as JSON even if `codec => 'plain'` was explicitly set, this is no longer the case. -https://github.com/logstash-plugins/logstash-integration-kafka/pull/106[#106] - -*Cloudwatch Output - 3.0.10* - -* Fix: an old undefined method error which would surface with load (as queue fills up) -* Deps: unpin rufus scheduler https://github.com/logstash-plugins/logstash-output-cloudwatch/pull/20[#20] - -*Elasticsearch Output - 11.4.1* - -* Feat: upgrade manticore (http-client) library https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1063[#1063] -** the underlying changes include latest HttpClient (4.5.13) -** resolves an old issue with `ssl_certificate_verification => false` still doing some verification logic -* Updates ECS templates https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1062[#1062] -** Updates v1 templates to 1.12.1 for use with Elasticsearch 7.x and 8.x -** Updates BETA preview of ECS v8 templates for Elasticsearch 7.x and 8.x -* Feat: add support for 'traces' data stream type https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1057[#1057] -* Refactor: review manticore error handling/logging, logging originating cause in case of connection related error when debug level is enabled. -Java causes on connection related exceptions will now be extra logged when plugin is logging at debug level -https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1029[#1029] -* ECS-related fixes https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1046[#1046] -** Data Streams requirement on ECS is properly enforced when running on Logstash 8, and warned about when running on Logstash 7. -** ECS Compatibility v8 can now be selected - -*Core Patterns - 4.3.2* - -- Fix: typo in `BIN9_QUERYLOG` pattern (in ECS mode) https://github.com/logstash-plugins/logstash-patterns-core/pull/307[#307] - - -[[logstash-8-0-0-rc2]] -=== Logstash 8.0.0-rc2 Release Notes - -[[notable-8.0.0-rc2]] -==== Notable issues fixed -* Fixed long-standing issue in which the `events.out` count incorrectly included events that had been dropped with the drop filter. -Now the total out event count includes only events that reach the out stage. https://github.com/elastic/logstash/pull/13593[#13593] -* Reduced scope and impact of a memory leak that can be caused by using UUIDs or other high-cardinality field names https://github.com/elastic/logstash/pull/13642[#13642] -* Fixed an issue with the Azure input plugin that caused Logstash to crash when the input was used in a pipeline. https://github.com/elastic/logstash/pull/13603[#13603] - -==== Plugin releases -Plugins align with release 7.17.0 - - -[[logstash-8-0-0-rc1]] -=== Logstash 8.0.0-rc1 Release Notes - -==== Breaking changes - -[[rn-ecs-compatibility]] -===== ECS compatibility -Many plugins can now be run in a mode that avoids implicit conflict with the Elastic Common Schema (ECS). This mode is controlled individually with each plugin’s ecs_compatibility option, which defaults to the value of the Logstash pipeline.ecs_compatibility setting. In Logstash 8, this compatibility mode will be on-by-default for all pipelines. - -If you wish to lock in a pipeline’s behavior from Logstash 7.x before upgrading to Logstash 8, you can set pipeline.ecs_compatibility: disabled to its definition in pipelines.yml (or globally in logstash.yml). - -==== New features and enhancements - -Logstash Docker images are now based on Ubuntu 20.04. - -==== Plugin releases -Plugins align with release 7.16.2 - - -[[logstash-8-0-0-beta1]] -=== Logstash 8.0.0-beta1 Release Notes - -==== Breaking changes - -[[rn-java-11-minimum]] -===== Java 11 minimum -Starting from Logstash 8.0, the minimum required version of Java to run Logstash is Java 11. By default, Logstash will -run with the bundled JDK, which has been verified to work with each specific version of Logstash, and generally -provides the best performance and reliability. - -See <> for a preview of additional breaking changes coming your way. - -==== New features and enhancements - -[[rn-nanosecond-precision]] -===== Nanosecond precision -As processing times speed up, millisecond granularity is not always enough. Inbound data increasingly has sub-millisecond granularity timestamps. -The pull request https://github.com/elastic/logstash/pull/12797[#12797] allows the internal mechanisms of Logstash that hold moment-in-time data - such as the Logstash Event, the Persistent Queue, the Dead Letter Queue and JSON encoding/decoding - to have nanosecond granularity. - -Timestamp precision is limited to the JVM and Platform's available granularity, which in many cases is microseconds. - -This change also grants users access to https://docs.oracle.com/javase/8/docs/api/java/time/format/DateTimeFormatter.html#patterns[Java time's improved formatters], which include support fort ISO quarters, week-of-month, and a variety of timezone/offset-related format substitutions. For example: - -[source,json] --------------------------------------------------------------------------------- -filter { - mutate { - add_field => {"nanos" => "Nanos: %{{n}}" } - } -} --------------------------------------------------------------------------------- - -Results in the following event: - -[source,json] --------------------------------------------------------------------------------- -{ - "@timestamp" => 2021-10-31T22:32:34.747968Z, - "host" => "logstash.lan", - "nanos" => "Nanos: 747968000", - "message" => "test", - "type" => "stdin", - "@version" => "1" -} --------------------------------------------------------------------------------- - -==== Plugin releases -Plugins align with release 7.15.1 - - -[[logstash-8-0-0-alpha2]] -=== Logstash 8.0.0-alpha2 Release Notes - -==== Breaking changes - -[[java-home-breaking-change]] -===== Removed support for JAVA_HOME -Support for using `JAVA_HOME` to override the path to the JDK that Logstash runs with has been removed for this release. -In the `8.x` release, users should set the value of `LS_JAVA_HOME` to the path of their preferred JDK if they -wish to use a version other than the bundled JDK. The value of `JAVA_HOME` will be ignored. - -==== Plugin releases -Plugins align with release 7.15.0 - -[[logstash-8-0-0-alpha1]] -=== Logstash 8.0.0-alpha1 Release Notes - -==== Breaking changes - -[[ruby-engine]] -===== Ruby Execution Engine removed -The Java Execution Engine has been the default engine since Logstash 7.0, and works with plugins written in either Ruby or Java. -Removal of the Ruby Execution Engine will not affect the ability to run existing pipelines. https://github.com/elastic/logstash/pull/12517[#12517] - -[[utf-16]] -===== Support for UTF-16 -We have added support for UTF-16 and other multi-byte-character when reading log files. https://github.com/elastic/logstash/pull/9702[#9702] - -[[field-ref-parser]] -===== Field Reference parser removed -The Field Reference parser interprets references to fields in your pipelines and -plugins. It was configurable in 7.x, with the default set to strict to reject -inputs that are ambiguous or illegal. Configurability is removed in 8.0. Now -{ls} rejects ambiguous and illegal inputs as standard behavior. https://github.com/elastic/logstash/pull/12466[#12466] - -==== New features and enhancements - -**Option to pass custom data to the benchmark CLI** - -We have added another flag to the Benchmark CLI to allow passing a data file with previously captured data to the custom test case. -This feature allows users to run the Benchmark CLI in a custom test case with a custom config and a custom dataset. https://github.com/elastic/logstash/pull/12437[#12437] - -==== Plugin releases -Plugins align with release 7.14.0 From 00da72378b1f2f423b19e6ed208f8ccaa6a0e84f Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 1 Nov 2024 15:45:35 +0000 Subject: [PATCH 096/290] add boostrap to docker build to fix missing jars (#16622) The DRA build failed because the required jars were missing, as they had been removed during the Docker build process. --- rakelib/artifacts.rake | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rakelib/artifacts.rake b/rakelib/artifacts.rake index d8563012a..807618546 100644 --- a/rakelib/artifacts.rake +++ b/rakelib/artifacts.rake @@ -162,6 +162,7 @@ namespace "artifact" do @bundles_jdk = true create_archive_pack(license_details, "x86_64", "linux", "darwin") create_archive_pack(license_details, "arm64", "linux", "darwin") + safe_system("./gradlew bootstrap") # force the build of Logstash jars end def create_archive_pack(license_details, arch, *oses) @@ -227,6 +228,7 @@ namespace "artifact" do license_details = ['APACHE-LICENSE-2.0', "-oss", oss_exclude_paths] create_archive_pack(license_details, "x86_64", "linux", "darwin") create_archive_pack(license_details, "arm64", "linux", "darwin") + safe_system("./gradlew bootstrap") # force the build of Logstash jars end desc "Build an RPM of logstash with all dependencies" From 8ce58b83559d30d205a6bb87e4dd6a9bb660d06a Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 1 Nov 2024 19:47:08 +0000 Subject: [PATCH 097/290] run acceptance tests as non-root (#16624) --- .../cli/logstash-plugin/generate.rb | 8 ++--- .../cli/logstash-plugin/install.rb | 12 ++++---- .../cli/logstash-plugin/integration_plugin.rb | 20 ++++++------- .../cli/logstash-plugin/list.rb | 10 +++---- .../cli/logstash-plugin/remove.rb | 6 ++-- .../cli/logstash-plugin/uninstall.rb | 6 ++-- .../cli/logstash-plugin/update.rb | 8 ++--- qa/rspec/commands.rb | 8 +++++ qa/rspec/commands/base.rb | 30 ++++++++++++------- 9 files changed, 63 insertions(+), 45 deletions(-) diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/generate.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/generate.rb index 7a7382da6..d5f1202c5 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/generate.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/generate.rb @@ -34,13 +34,13 @@ shared_examples "logstash generate" do |logstash| GENERATE_TYPES.each do |type| context "with type #{type}" do it "successfully generate the plugin skeleton" do - command = logstash.run_command_in_path("bin/logstash-plugin generate --type #{type} --name qatest-generated") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin generate --type #{type} --name qatest-generated") expect(logstash).to File.directory?("logstash-#{type}-qatest-generated") end it "successfully install the plugin" do - command = logstash.run_command_in_path("bin/logstash-plugin install logstash-#{type}-qatest-generated") - expect(command).to install_successfully - expect(logstash).to have_installed?("logstash-#{type}-qatest-generated") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-#{type}-qatest-generated") + expect(command).to install_successfully + expect(logstash).to have_installed?("logstash-#{type}-qatest-generated") end end end diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/install.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/install.rb index 076e8c0c9..b13d04289 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/install.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/install.rb @@ -42,7 +42,7 @@ shared_examples "logstash install" do |logstash| after(:each) { logstash.delete_file(gem_tmp_path) } it "successfully install the plugin" do - command = logstash.run_command_in_path("bin/logstash-plugin install #{gem_tmp_path}") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install #{gem_tmp_path}") expect(command).to install_successfully expect(logstash).to have_installed?("logstash-filter-dns") expect(logstash).not_to be_running @@ -54,7 +54,7 @@ shared_examples "logstash install" do |logstash| context "when fetching a gem from rubygems" do it "successfully install the plugin" do - command = logstash.run_command_in_path("bin/logstash-plugin install logstash-filter-qatest") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-filter-qatest") expect(command).to install_successfully expect(logstash).to have_installed?("logstash-filter-qatest") expect(logstash).not_to be_running @@ -64,7 +64,7 @@ shared_examples "logstash install" do |logstash| end it "successfully install the plugin when verification is disabled" do - command = logstash.run_command_in_path("bin/logstash-plugin install --no-verify logstash-filter-qatest") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install --no-verify logstash-filter-qatest") expect(command).to install_successfully expect(logstash).to have_installed?("logstash-filter-qatest") expect(logstash).not_to be_running @@ -74,7 +74,7 @@ shared_examples "logstash install" do |logstash| end it "fails when installing a non logstash plugin" do - command = logstash.run_command_in_path("bin/logstash-plugin install bundler") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install bundler") expect(command).not_to install_successfully expect(logstash).not_to be_running with_running_logstash_service(logstash) do @@ -83,7 +83,7 @@ shared_examples "logstash install" do |logstash| end it "allow to install a specific version" do - command = logstash.run_command_in_path("bin/logstash-plugin install --no-verify --version 0.1.0 logstash-filter-qatest") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install --no-verify --version 0.1.0 logstash-filter-qatest") expect(command).to install_successfully expect(logstash).to have_installed?("logstash-filter-qatest", "0.1.0") with_running_logstash_service(logstash) do @@ -95,7 +95,7 @@ shared_examples "logstash install" do |logstash| context "when the plugin doesnt exist" do it "fails to install and report an error" do - command = logstash.run_command_in_path("bin/logstash-plugin install --no-verify logstash-output-impossible-plugin") + command = logstash.run_sudo_command_in_path("bin/logstash-plugin install --no-verify logstash-output-impossible-plugin") expect(command.stderr).to match(/Plugin not found, aborting/) with_running_logstash_service(logstash) do expect(logstash).to be_running diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/integration_plugin.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/integration_plugin.rb index b087f95c6..c37d8652f 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/integration_plugin.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/integration_plugin.rb @@ -33,11 +33,11 @@ shared_examples "integration plugins compatible" do |logstash| context "when the integration is installed" do before(:each) do - logstash.run_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") + logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") end context "trying to install an inner plugin separately" do it "fails to install" do - result = logstash.run_command_in_path("bin/logstash-plugin install logstash-input-rabbitmq") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-input-rabbitmq") expect(result.stderr).to match(/is already provided by/) end end @@ -46,11 +46,11 @@ shared_examples "integration plugins compatible" do |logstash| # Muting test. Tracked in https://github.com/elastic/logstash/issues/10459 xcontext "if an inner plugin is installed" do before(:each) do - logstash.run_command_in_path("bin/logstash-plugin install logstash-input-rabbitmq") + logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-input-rabbitmq") end it "installing the integrations uninstalls the inner plugin" do - logstash.run_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") - result = logstash.run_command_in_path("bin/logstash-plugin list logstash-input-rabbitmq") + logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list logstash-input-rabbitmq") expect(result.stdout).to_not match(/^logstash-input-rabbitmq/) end end @@ -70,11 +70,11 @@ shared_examples "integration plugins compatible" do |logstash| context "when the integration is installed" do before(:each) do - logstash.run_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") + logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") end context "trying to uninstall an inner plugin" do it "fails to uninstall it" do - result = logstash.run_command_in_path("bin/logstash-plugin uninstall logstash-input-rabbitmq") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin uninstall logstash-input-rabbitmq") expect(result.stderr).to match(/is already provided by/) end end @@ -94,16 +94,16 @@ shared_examples "integration plugins compatible" do |logstash| context "when the integration is installed" do before(:each) do - logstash.run_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") + logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-integration-rabbitmq") end context "listing an integration" do - let(:result) { logstash.run_command_in_path("bin/logstash-plugin list logstash-integration-rabbitmq") } + let(:result) { logstash.run_sudo_command_in_path("bin/logstash-plugin list logstash-integration-rabbitmq") } it "shows its inner plugin" do expect(result.stdout).to match(/logstash-input-rabbitmq/m) end end context "listing an inner plugin" do - let(:result) { logstash.run_command_in_path("bin/logstash-plugin list logstash-input-rabbitmq") } + let(:result) { logstash.run_sudo_command_in_path("bin/logstash-plugin list logstash-input-rabbitmq") } it "matches the integration that contains it" do expect(result.stdout).to match(/logstash-integration-rabbitmq/m) end diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/list.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/list.rb index 7f1d56574..3ddeabce7 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/list.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/list.rb @@ -35,17 +35,17 @@ shared_examples "logstash list" do |logstash| context "without a specific plugin" do it "display a list of plugins" do - result = logstash.run_command_in_path("bin/logstash-plugin list") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list") expect(result.stdout.split("\n").size).to be > 1 end it "display a list of installed plugins" do - result = logstash.run_command_in_path("bin/logstash-plugin list --installed") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list --installed") expect(result.stdout.split("\n").size).to be > 1 end it "list the plugins with their versions" do - result = logstash.run_command_in_path("bin/logstash-plugin list --verbose") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list --verbose") stdout = StringIO.new(result.stdout) stdout.set_encoding(Encoding::UTF_8) @@ -74,12 +74,12 @@ shared_examples "logstash list" do |logstash| context "with a specific plugin" do let(:plugin_name) { "logstash-input-stdin" } it "list the plugin and display the plugin name" do - result = logstash.run_command_in_path("bin/logstash-plugin list #{plugin_name}") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list #{plugin_name}") expect(result).to run_successfully_and_output(/^#{plugin_name}$/) end it "list the plugin with his version" do - result = logstash.run_command_in_path("bin/logstash-plugin list --verbose #{plugin_name}") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin list --verbose #{plugin_name}") expect(result).to run_successfully_and_output(/^#{plugin_name} \(\d+\.\d+.\d+\)/) end end diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/remove.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/remove.rb index 3f9651e1d..aeae0857f 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/remove.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/remove.rb @@ -32,17 +32,17 @@ shared_examples "logstash remove" do |logstash| context "when the plugin isn't installed" do it "fails to remove it" do - result = logstash.run_command_in_path("bin/logstash-plugin remove logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin remove logstash-filter-qatest") expect(result.stderr).to match(/This plugin has not been previously installed/) end end context "when the plugin is installed" do it "successfully removes it" do - result = logstash.run_command_in_path("bin/logstash-plugin install logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-filter-qatest") expect(logstash).to have_installed?("logstash-filter-qatest") - result = logstash.run_command_in_path("bin/logstash-plugin remove logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin remove logstash-filter-qatest") expect(logstash).not_to have_installed?("logstash-filter-qatest") expect(logstash).not_to be_running with_running_logstash_service(logstash) do diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/uninstall.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/uninstall.rb index df7f32022..ea379008f 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/uninstall.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/uninstall.rb @@ -32,17 +32,17 @@ shared_examples "logstash uninstall" do |logstash| context "when the plugin isn't installed" do it "fails to uninstall it" do - result = logstash.run_command_in_path("bin/logstash-plugin uninstall logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin uninstall logstash-filter-qatest") expect(result.stderr).to match(/This plugin has not been previously installed/) end end context "when the plugin is installed" do it "successfully uninstall it" do - result = logstash.run_command_in_path("bin/logstash-plugin install logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin install logstash-filter-qatest") expect(logstash).to have_installed?("logstash-filter-qatest") - result = logstash.run_command_in_path("bin/logstash-plugin uninstall logstash-filter-qatest") + result = logstash.run_sudo_command_in_path("bin/logstash-plugin uninstall logstash-filter-qatest") expect(logstash).not_to have_installed?("logstash-filter-qatest") expect(logstash).not_to be_running with_running_logstash_service(logstash) do diff --git a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/update.rb b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/update.rb index 09e523414..0e00d6d47 100644 --- a/qa/acceptance/spec/shared_examples/cli/logstash-plugin/update.rb +++ b/qa/acceptance/spec/shared_examples/cli/logstash-plugin/update.rb @@ -33,8 +33,8 @@ shared_examples "logstash update" do |logstash| let(:previous_version) { "0.1.0" } before do - logstash.run_command_in_path("bin/logstash-plugin install --no-verify --version #{previous_version} #{plugin_name}") - logstash.run_command_in_path("bin/logstash-plugin list") + logstash.run_sudo_command_in_path("bin/logstash-plugin install --no-verify --version #{previous_version} #{plugin_name}") + logstash.run_sudo_command_in_path("bin/logstash-plugin list") expect(logstash).to have_installed?(plugin_name, previous_version) # Logstash won't update when we have a pinned version in the gemfile so we remove them logstash.replace_in_gemfile(',[[:space:]]"0.1.0"', "") @@ -42,7 +42,7 @@ shared_examples "logstash update" do |logstash| context "update a specific plugin" do it "has executed successfully" do - cmd = logstash.run_command_in_path("bin/logstash-plugin update --no-verify #{plugin_name}") + cmd = logstash.run_sudo_command_in_path("bin/logstash-plugin update --no-verify #{plugin_name}") expect(cmd.stdout).to match(/Updating #{plugin_name}/) expect(logstash).to have_installed?(plugin_name, "0.1.1") expect(logstash).not_to have_installed?(plugin_name, previous_version) @@ -55,7 +55,7 @@ shared_examples "logstash update" do |logstash| context "update all the plugins" do it "has executed successfully" do - logstash.run_command_in_path("bin/logstash-plugin update --no-verify") + logstash.run_sudo_command_in_path("bin/logstash-plugin update --no-verify") expect(logstash).to have_installed?(plugin_name, "0.1.1") expect(logstash).not_to be_running with_running_logstash_service(logstash) do diff --git a/qa/rspec/commands.rb b/qa/rspec/commands.rb index c13f48ebd..eff0df907 100644 --- a/qa/rspec/commands.rb +++ b/qa/rspec/commands.rb @@ -144,6 +144,14 @@ module ServiceTester client.uninstall(name) end + def run_sudo_command_in_path(cmd) + client.run_sudo_command_in_path(cmd) + end + + def run_sudo_command(cmd) + client.run_sudo_command(cmd) + end + def run_command_in_path(cmd) client.run_command_in_path(cmd) end diff --git a/qa/rspec/commands/base.rb b/qa/rspec/commands/base.rb index 27ca77353..c2af5cced 100644 --- a/qa/rspec/commands/base.rb +++ b/qa/rspec/commands/base.rb @@ -24,8 +24,8 @@ LS_BUILD_PATH = File.expand_path(File.join(File.dirname(__FILE__), '..', '..', ' class Command def initialize() @stdout, @stderr, @exit_status = nil - end - + end + def stdout @stdout end @@ -47,12 +47,16 @@ class Command end end -def sudo_exec!(cmd) +def exec!(cmd) command = Command.new() - command.execute("sudo #{cmd}") + command.execute("#{cmd}") return command end +def sudo_exec!(cmd) + exec!("sudo #{cmd}") +end + module ServiceTester class InstallException < Exception; end @@ -68,16 +72,22 @@ module ServiceTester service_manager(service, "stop") end + def run_sudo_command(cmd) + sudo_exec!("JARS_SKIP='true' #{cmd}") + end + def run_command(cmd) - response = nil - response = sudo_exec!("JARS_SKIP='true' #{cmd}") - response + exec!("JARS_SKIP='true' #{cmd}") end def replace_in_gemfile(pattern, replace) gemfile = File.join(LOGSTASH_PATH, "Gemfile") cmd = "sed -i.sedbak 's/#{pattern}/#{replace}/' #{gemfile}" - run_command(cmd) + run_sudo_command(cmd) + end + + def run_sudo_command_in_path(cmd) + run_sudo_command("#{File.join(LOGSTASH_PATH, cmd)}") end def run_command_in_path(cmd) @@ -86,10 +96,10 @@ module ServiceTester def plugin_installed?(plugin_name, version = nil) if version.nil? - cmd = run_command_in_path("bin/logstash-plugin list") + cmd = run_sudo_command_in_path("bin/logstash-plugin list") search_token = plugin_name else - cmd = run_command_in_path("bin/logstash-plugin list --verbose") + cmd = run_sudo_command_in_path("bin/logstash-plugin list --verbose") search_token = "#{plugin_name} (#{version})" end From 852149be2ea08742436ad36ecd91bf70458975b3 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Mon, 4 Nov 2024 16:40:20 +0100 Subject: [PATCH 098/290] Update JDK to latest in versions.yml (#16627) Update JDK to version 21.0.5+11 --- versions.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/versions.yml b/versions.yml index f8249cb19..71143136a 100644 --- a/versions.yml +++ b/versions.yml @@ -7,8 +7,8 @@ logstash-core-plugin-api: 2.1.16 bundled_jdk: # for AdoptOpenJDK/OpenJDK jdk-14.0.1+7.1, the revision is 14.0.1 while the build is 7.1 vendor: "adoptium" - revision: 21.0.3 - build: 9 + revision: 21.0.5 + build: 11 # jruby must reference a *released* version of jruby which can be downloaded from the official download url # *and* for which jars artifacts are published for compile-time From 849f431033892607f4a1f1a2d8e3d9357cb3636b Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 5 Nov 2024 10:15:51 +0000 Subject: [PATCH 099/290] fix Windows java not found log (#16633) --- bin/setup.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/setup.bat b/bin/setup.bat index 8a7dd4310..18b19e699 100644 --- a/bin/setup.bat +++ b/bin/setup.bat @@ -42,7 +42,7 @@ if defined LS_JAVA_HOME ( ) if not exist "%JAVACMD%" ( - echo could not find java; set JAVA_HOME or ensure java is in PATH 1>&2 + echo could not find java; set LS_JAVA_HOME or ensure java is in PATH 1>&2 exit /b 1 ) From 6703aec476ee481cb82f283cd47e27a37c8bc809 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Tue, 5 Nov 2024 13:49:07 +0000 Subject: [PATCH 100/290] bump jruby to 9.4.9.0 (#16634) --- rubyUtils.gradle | 2 +- versions.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rubyUtils.gradle b/rubyUtils.gradle index fd3131c41..65458c4f8 100644 --- a/rubyUtils.gradle +++ b/rubyUtils.gradle @@ -25,7 +25,7 @@ buildscript { dependencies { classpath "org.yaml:snakeyaml:${snakeYamlVersion}" classpath "de.undercouch:gradle-download-task:4.0.4" - classpath "org.jruby:jruby-core:9.4.8.0" + classpath "org.jruby:jruby-core:9.4.9.0" } } diff --git a/versions.yml b/versions.yml index 71143136a..9151224b0 100644 --- a/versions.yml +++ b/versions.yml @@ -13,8 +13,8 @@ bundled_jdk: # jruby must reference a *released* version of jruby which can be downloaded from the official download url # *and* for which jars artifacts are published for compile-time jruby: - version: 9.4.8.0 - sha1: 57089c106c6d0ad09a00db519ab1e984ea716d13 + version: 9.4.9.0 + sha1: 64d8ea53d3ef7637069637f6affa2e7d971c0ade # jruby-runtime-override, if specified, will override the jruby version installed in vendor/jruby #jruby-runtime-override: # url: https://oss.sonatype.org/content/repositories/snapshots/org/jruby/jruby-dist/9.3.0.0-SNAPSHOT/jruby-dist-9.3.0.0-20210723.214927-259-bin.tar.gz From 113585d4a57cc5e9fc2dd3f0147f305ed49f23fc Mon Sep 17 00:00:00 2001 From: Nicole Albee <2642763+a03nikki@users.noreply.github.com> Date: Tue, 5 Nov 2024 08:21:15 -0600 Subject: [PATCH 101/290] Anchor the `-java` match pattern at the end of the string. (#16626) This fixes the offline install problem of the logstash-input-java_filter_example off-line install. --- lib/pluginmanager/pack_installer/pack.rb | 2 +- .../pack_installer/pack_spec.rb | 20 +++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/lib/pluginmanager/pack_installer/pack.rb b/lib/pluginmanager/pack_installer/pack.rb index 7b05db598..fd3c67ea6 100644 --- a/lib/pluginmanager/pack_installer/pack.rb +++ b/lib/pluginmanager/pack_installer/pack.rb @@ -39,7 +39,7 @@ module LogStash module PluginManager module PackInstaller class GemInformation EXTENSION = ".gem" SPLIT_CHAR = "-" - JAVA_PLATFORM_RE = /-java/ + JAVA_PLATFORM_RE = /-java$/ DEPENDENCIES_DIR_RE = /dependencies/ attr_reader :file, :name, :version, :platform diff --git a/spec/unit/plugin_manager/pack_installer/pack_spec.rb b/spec/unit/plugin_manager/pack_installer/pack_spec.rb index 5467dd2f8..de73a8cf1 100644 --- a/spec/unit/plugin_manager/pack_installer/pack_spec.rb +++ b/spec/unit/plugin_manager/pack_installer/pack_spec.rb @@ -113,4 +113,24 @@ describe LogStash::PluginManager::PackInstaller::Pack::GemInformation do expect(subject.plugin?).to be_falsey end end + + context "when it is Java plugin example from an offline zip file" do + let(:gem) { "/tmp/randomValue/randomValue2/logstash/logstash-filter-java_filter_example-1.0.5.gem"} + + it "#dependency? return false" do + expect(subject.dependency?).to be_falsey + end + + it "#plugin? return true" do + expect(subject.plugin?).to be_truthy + end + + it "returns the version" do + expect(subject.version).to eq("1.0.5") + end + + it "returns the name" do + expect(subject.name).to eq("logstash-filter-java_filter_example") + end + end end From 5847d773311463e7450708f1b305ddc2b01fbe17 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 5 Nov 2024 15:37:19 +0000 Subject: [PATCH 102/290] skip `allow_superuser` in Windows OS (#16629) As user id is always zero in Windows, this commit excluded the checking of running as root in Windows. --- config/logstash.yml | 2 +- logstash-core/lib/logstash/runner.rb | 2 + logstash-core/spec/logstash/runner_spec.rb | 70 ++++++++++++---------- 3 files changed, 43 insertions(+), 31 deletions(-) diff --git a/config/logstash.yml b/config/logstash.yml index 59703aa54..d96ad4674 100644 --- a/config/logstash.yml +++ b/config/logstash.yml @@ -320,7 +320,7 @@ # # ------------ Other Settings -------------- # -# Allow or block running Logstash as superuser (default: true) +# Allow or block running Logstash as superuser (default: true). Windows are excluded from the checking # allow_superuser: false # # Where to find custom plugins diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 0fd7a503b..cf8917164 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -454,6 +454,8 @@ class LogStash::Runner < Clamp::StrictCommand end # def self.main def running_as_superuser + return if LogStash::Environment.windows? # windows euid always returns 0, skip checking + if Process.euid() == 0 if setting("allow_superuser") logger.warn("NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk. " + diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index 3a0a7e131..00c6d04e3 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -574,41 +574,51 @@ describe LogStash::Runner do let(:deprecation_logger_stub) { double("DeprecationLogger").as_null_object } before(:each) { allow(runner).to receive(:deprecation_logger).and_return(deprecation_logger_stub) } - context "unintentionally running logstash as superuser" do - before do - expect(Process).to receive(:euid).and_return(0) - end - it "fails with bad exit" do - LogStash::SETTINGS.set("allow_superuser", false) - expect(logger).to receive(:fatal) do |msg, hash| - expect(msg).to eq("An unexpected error occurred!") - expect(hash[:error].to_s).to match("Logstash cannot be run as superuser.") + if LogStash::Environment.windows? + context "unintentionally running logstash as superuser" do + it "runs successfully" do + LogStash::SETTINGS.set("allow_superuser", false) + expect(logger).not_to receive(:fatal) + expect { subject.run(args) }.not_to raise_error + end + end + else + context "unintentionally running logstash as superuser" do + before do + expect(Process).to receive(:euid).and_return(0) + end + it "fails with bad exit" do + LogStash::SETTINGS.set("allow_superuser", false) + expect(logger).to receive(:fatal) do |msg, hash| + expect(msg).to eq("An unexpected error occurred!") + expect(hash[:error].to_s).to match("Logstash cannot be run as superuser.") + end + expect(subject.run(args)).to eq(1) end - expect(subject.run(args)).to eq(1) end - end - context "intentionally running logstash as superuser " do - before do - expect(Process).to receive(:euid).and_return(0) + context "intentionally running logstash as superuser " do + before do + expect(Process).to receive(:euid).and_return(0) + end + it "runs successfully with warning message" do + LogStash::SETTINGS.set("allow_superuser", true) + expect(logger).not_to receive(:fatal) + expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) + expect { subject.run(args) }.not_to raise_error + end end - it "runs successfully with warning message" do - LogStash::SETTINGS.set("allow_superuser", true) - expect(logger).not_to receive(:fatal) - expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) - expect { subject.run(args) }.not_to raise_error - end - end - context "running logstash as non-root " do - before do - expect(Process).to receive(:euid).and_return(100) - end - it "runs successfully without any messages" do - LogStash::SETTINGS.set("allow_superuser", false) - expect(logger).not_to receive(:fatal) - expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) - expect { subject.run(args) }.not_to raise_error + context "running logstash as non-root " do + before do + expect(Process).to receive(:euid).and_return(100) + end + it "runs successfully without any messages" do + LogStash::SETTINGS.set("allow_superuser", false) + expect(logger).not_to receive(:fatal) + expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) + expect { subject.run(args) }.not_to raise_error + end end end end From efbee31461a61a84cd34262791a082c2670a2f14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 6 Nov 2024 08:22:37 +0000 Subject: [PATCH 103/290] Update .ruby-version to jruby-9.4.9.0 (#16642) --- .ruby-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ruby-version b/.ruby-version index dac625a87..489dd416b 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -jruby-9.4.8.0 +jruby-9.4.9.0 From 046ea1f5a8a5e26f82d1495bb2ed9a7a3fe96332 Mon Sep 17 00:00:00 2001 From: Nicole Albee <2642763+a03nikki@users.noreply.github.com> Date: Wed, 6 Nov 2024 02:48:21 -0600 Subject: [PATCH 104/290] For custom java plugins, set the platform = 'java'. (#16628) --- rubyUtils.gradle | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/rubyUtils.gradle b/rubyUtils.gradle index 65458c4f8..94d020543 100644 --- a/rubyUtils.gradle +++ b/rubyUtils.gradle @@ -343,7 +343,8 @@ void generateRubySupportFilesForPlugin(String projectDescription, String project gemspecFile.append(" s.authors = ['" + String.join("', '", pluginInfo.authors) + "']\n") gemspecFile.append(" s.email = ['" + String.join("', '", pluginInfo.email) + "']\n") gemspecFile.append(" s.homepage = '" + pluginInfo.homepage + "'\n") - gemspecFile.append(" s.require_paths = ['lib', 'vendor/jar-dependencies']\n") + gemspecFile.append(" s.platform = 'java'\n") + gemspecFile.append(" s.require_paths = ['lib', 'vendor/jar-dependencies']\n") gemspecFile.append("\n") gemspecFile.append(" s.files = Dir[\"lib/**/*\",\"*.gemspec\",\"*.md\",\"CONTRIBUTORS\",\"Gemfile\",\"LICENSE\",\"NOTICE.TXT\", \"vendor/jar-dependencies/**/*.jar\", \"vendor/jar-dependencies/**/*.rb\", \"VERSION\", \"docs/**/*\"]\n") gemspecFile.append("\n") From d9ead9a8db338891cb95e6aaa15a7f8291a4dba0 Mon Sep 17 00:00:00 2001 From: Ellie <4158750+esenmarti@users.noreply.github.com> Date: Fri, 8 Nov 2024 15:03:47 +0100 Subject: [PATCH 105/290] Remove link to deleted cluster (#16658) --- .github/ISSUE_TEMPLATE/test-failure.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/test-failure.md b/.github/ISSUE_TEMPLATE/test-failure.md index 96b43f986..6e6023e45 100644 --- a/.github/ISSUE_TEMPLATE/test-failure.md +++ b/.github/ISSUE_TEMPLATE/test-failure.md @@ -21,6 +21,5 @@ to reproduce locally **Failure history**: **Failure excerpt**: From 5826c6f902fb0dae8c2207e05131379883cf51f2 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 8 Nov 2024 16:25:12 +0000 Subject: [PATCH 106/290] Use UBI as base image (#16599) Logstash Docker images, full and OSS, now use UBI image as its base, replacing the previous Ubuntu base. - change the base image of `full` and `oss` to ubi - Set locale to C.UTF-8 - remove ubi flavour - use go image to build env2yaml - remove redundant and refactor steps - add support to build image in mac aarch64 - allow customizing ELASTIC_VERSION and LOCAL_ARTIFACTS for test purpose --- .buildkite/scripts/dra/build_docker.sh | 18 +- .buildkite/scripts/dra/common.sh | 4 - .buildkite/scripts/dra/publish.sh | 7 - ci/docker_acceptance_tests.sh | 11 - docker/Makefile | 78 ++---- docker/templates/Dockerfile.erb | 271 ++++++-------------- docker/templates/IronbankDockerfile.erb | 65 +++++ qa/docker/shared_examples/image_metadata.rb | 21 +- qa/docker/spec/full/container_spec.rb | 4 +- qa/docker/spec/oss/container_spec.rb | 4 +- qa/docker/spec/ubi8/container_spec.rb | 27 -- qa/docker/spec/ubi8/image_spec.rb | 38 --- rakelib/artifacts.rake | 28 +- 13 files changed, 188 insertions(+), 388 deletions(-) create mode 100644 docker/templates/IronbankDockerfile.erb delete mode 100644 qa/docker/spec/ubi8/container_spec.rb delete mode 100644 qa/docker/spec/ubi8/image_spec.rb diff --git a/.buildkite/scripts/dra/build_docker.sh b/.buildkite/scripts/dra/build_docker.sh index 516e991d6..9310e3e9e 100755 --- a/.buildkite/scripts/dra/build_docker.sh +++ b/.buildkite/scripts/dra/build_docker.sh @@ -15,17 +15,11 @@ case "$WORKFLOW_TYPE" in rake artifact:docker_oss || error "artifact:docker_oss build failed." rake artifact:docker_wolfi || error "artifact:docker_wolfi build failed." rake artifact:dockerfiles || error "artifact:dockerfiles build failed." - if [ "$ARCH" != "aarch64" ]; then - rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed." - fi else VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker || error "artifact:docker build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_oss || error "artifact:docker_oss build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_wolfi || error "artifact:docker_wolfi build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:dockerfiles || error "artifact:dockerfiles build failed." - if [ "$ARCH" != "aarch64" ]; then - VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed." - fi # Qualifier is passed from CI as optional field and specify the version postfix # in case of alpha or beta releases: # e.g: 8.0.0-alpha1 @@ -41,17 +35,11 @@ case "$WORKFLOW_TYPE" in RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed." RELEASE=1 rake artifact:docker_wolfi || error "artifact:docker_wolfi build failed." RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed." - if [ "$ARCH" != "aarch64" ]; then - RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed." - fi else VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker || error "artifact:docker build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_wolfi || error "artifact:docker_wolfi build failed." VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed." - if [ "$ARCH" != "aarch64" ]; then - VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed." - fi # Qualifier is passed from CI as optional field and specify the version postfix # in case of alpha or beta releases: # e.g: 8.0.0-alpha1 @@ -73,10 +61,6 @@ for file in build/logstash-*; do shasum $file;done info "Uploading DRA artifacts in buildkite's artifact store ..." # Note the deb, rpm tar.gz AARCH64 files generated has already been loaded by the build_packages.sh images="logstash logstash-oss logstash-wolfi" -if [ "$ARCH" != "aarch64" ]; then - # No logstash-ubi8 for AARCH64 - images="logstash logstash-oss logstash-wolfi logstash-ubi8" -fi for image in ${images}; do buildkite-agent artifact upload "build/$image-${STACK_VERSION}-docker-image-${ARCH}.tar.gz" done @@ -84,7 +68,7 @@ done # Upload 'docker-build-context.tar.gz' files only when build x86_64, otherwise they will be # overwritten when building aarch64 (or viceversa). if [ "$ARCH" != "aarch64" ]; then - for image in logstash logstash-oss logstash-wolfi logstash-ubi8 logstash-ironbank; do + for image in logstash logstash-oss logstash-wolfi logstash-ironbank; do buildkite-agent artifact upload "build/${image}-${STACK_VERSION}-docker-build-context.tar.gz" done fi diff --git a/.buildkite/scripts/dra/common.sh b/.buildkite/scripts/dra/common.sh index 6618c6314..e58cef7f2 100755 --- a/.buildkite/scripts/dra/common.sh +++ b/.buildkite/scripts/dra/common.sh @@ -11,10 +11,6 @@ function save_docker_tarballs { local arch="${1:?architecture required}" local version="${2:?stack-version required}" local images="logstash logstash-oss logstash-wolfi" - if [ "${arch}" != "aarch64" ]; then - # No logstash-ubi8 for AARCH64 - images="logstash logstash-oss logstash-wolfi logstash-ubi8" - fi for image in ${images}; do tar_file="${image}-${version}-docker-image-${arch}.tar" diff --git a/.buildkite/scripts/dra/publish.sh b/.buildkite/scripts/dra/publish.sh index 67c6ce895..21c7e4570 100755 --- a/.buildkite/scripts/dra/publish.sh +++ b/.buildkite/scripts/dra/publish.sh @@ -46,13 +46,6 @@ if [ "$RELEASE_VER" != "7.17" ]; then : fi -# Deleting ubi8 for aarch64 for the time being. This image itself is not being built, and it is not expected -# by the release manager. -# See https://github.com/elastic/infra/blob/master/cd/release/release-manager/project-configs/8.5/logstash.gradle -# for more details. -# TODO filter it out when uploading artifacts instead -rm -f build/logstash-ubi8-${STACK_VERSION}-docker-image-aarch64.tar.gz - info "Downloaded ARTIFACTS sha report" for file in build/logstash-*; do shasum $file;done diff --git a/ci/docker_acceptance_tests.sh b/ci/docker_acceptance_tests.sh index 3f4d2de11..86a721a15 100755 --- a/ci/docker_acceptance_tests.sh +++ b/ci/docker_acceptance_tests.sh @@ -15,7 +15,6 @@ fi # Can run either a specific flavor, or all flavors - # eg `ci/acceptance_tests.sh oss` will run tests for open source container # `ci/acceptance_tests.sh full` will run tests for the default container -# `ci/acceptance_tests.sh ubi8` will run tests for the ubi8 based container # `ci/acceptance_tests.sh wolfi` will run tests for the wolfi based container # `ci/acceptance_tests.sh` will run tests for all containers SELECTED_TEST_SUITE=$1 @@ -56,16 +55,6 @@ elif [[ $SELECTED_TEST_SUITE == "full" ]]; then echo "--- Acceptance: Running the tests" bundle exec rspec docker/spec/full/*_spec.rb -elif [[ $SELECTED_TEST_SUITE == "ubi8" ]]; then - echo "--- Building $SELECTED_TEST_SUITE docker images" - cd $LS_HOME - rake artifact:docker_ubi8 - echo "--- Acceptance: Installing dependencies" - cd $QA_DIR - bundle install - - echo "--- Acceptance: Running the tests" - bundle exec rspec docker/spec/ubi8/*_spec.rb elif [[ $SELECTED_TEST_SUITE == "wolfi" ]]; then echo "--- Building $SELECTED_TEST_SUITE docker images" cd $LS_HOME diff --git a/docker/Makefile b/docker/Makefile index 68d8e1fb9..8a8fc4b70 100644 --- a/docker/Makefile +++ b/docker/Makefile @@ -2,7 +2,7 @@ SHELL=/bin/bash ELASTIC_REGISTRY ?= docker.elastic.co # Determine the version to build. -ELASTIC_VERSION := $(shell ../vendor/jruby/bin/jruby bin/elastic-version) +ELASTIC_VERSION ?= $(shell ../vendor/jruby/bin/jruby bin/elastic-version) ifdef STAGING_BUILD_NUM VERSION_TAG := $(ELASTIC_VERSION)-$(STAGING_BUILD_NUM) @@ -14,9 +14,13 @@ ifdef DOCKER_ARCHITECTURE ARCHITECTURE := $(DOCKER_ARCHITECTURE) else ARCHITECTURE := $(shell uname -m) + # For MacOS + ifeq ($(ARCHITECTURE), arm64) + ARCHITECTURE := aarch64 + endif endif -IMAGE_FLAVORS ?= oss full ubi8 wolfi +IMAGE_FLAVORS ?= oss full wolfi DEFAULT_IMAGE_FLAVOR ?= full IMAGE_TAG := $(ELASTIC_REGISTRY)/logstash/logstash @@ -26,7 +30,7 @@ all: build-from-local-artifacts build-from-local-oss-artifacts public-dockerfile # Build from artifacts on the local filesystem, using an http server (running # in a container) to provide the artifacts to the Dockerfile. -build-from-local-full-artifacts: dockerfile env2yaml +build-from-local-full-artifacts: dockerfile docker run --rm -d --name=$(HTTPD) \ -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' @@ -36,7 +40,7 @@ build-from-local-full-artifacts: dockerfile env2yaml docker tag $(IMAGE_TAG)-full:$(VERSION_TAG) $(IMAGE_TAG):$(VERSION_TAG); docker kill $(HTTPD) -build-from-local-oss-artifacts: dockerfile env2yaml +build-from-local-oss-artifacts: dockerfile docker run --rm -d --name=$(HTTPD) \ -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ python:3 bash -c 'cd /mnt && python3 -m http.server' @@ -45,15 +49,6 @@ build-from-local-oss-artifacts: dockerfile env2yaml (docker kill $(HTTPD); false); -docker kill $(HTTPD) -build-from-local-ubi8-artifacts: dockerfile env2yaml - docker run --rm -d --name=$(HTTPD) \ - -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ - python:3 bash -c 'cd /mnt && python3 -m http.server' - timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done' - docker build --progress=plain --network=host -t $(IMAGE_TAG)-ubi8:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-ubi8 data/logstash || \ - (docker kill $(HTTPD); false); - -docker kill $(HTTPD) - build-from-local-wolfi-artifacts: dockerfile docker run --rm -d --name=$(HTTPD) \ -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \ @@ -66,8 +61,6 @@ build-from-local-wolfi-artifacts: dockerfile COPY_FILES := $(ARTIFACTS_DIR)/docker/config/pipelines.yml $(ARTIFACTS_DIR)/docker/config/logstash-oss.yml $(ARTIFACTS_DIR)/docker/config/logstash-full.yml COPY_FILES += $(ARTIFACTS_DIR)/docker/config/log4j2.file.properties $(ARTIFACTS_DIR)/docker/config/log4j2.properties COPY_FILES += $(ARTIFACTS_DIR)/docker/pipeline/default.conf $(ARTIFACTS_DIR)/docker/bin/docker-entrypoint -COPY_FILES += $(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-arm64 -COPY_FILES += $(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-amd64 $(ARTIFACTS_DIR)/docker/config/pipelines.yml: data/logstash/config/pipelines.yml $(ARTIFACTS_DIR)/docker/config/logstash-oss.yml: data/logstash/config/logstash-oss.yml @@ -76,8 +69,6 @@ $(ARTIFACTS_DIR)/docker/config/log4j2.file.properties: data/logstash/config/log4 $(ARTIFACTS_DIR)/docker/config/log4j2.properties: data/logstash/config/log4j2.properties $(ARTIFACTS_DIR)/docker/pipeline/default.conf: data/logstash/pipeline/default.conf $(ARTIFACTS_DIR)/docker/bin/docker-entrypoint: data/logstash/bin/docker-entrypoint -$(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-arm64: data/logstash/env2yaml/env2yaml-arm64 -$(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-amd64: data/logstash/env2yaml/env2yaml-amd64 $(ARTIFACTS_DIR)/docker/%: cp -f $< $@ @@ -86,7 +77,6 @@ docker_paths: mkdir -p $(ARTIFACTS_DIR)/docker/ mkdir -p $(ARTIFACTS_DIR)/docker/bin mkdir -p $(ARTIFACTS_DIR)/docker/config - mkdir -p $(ARTIFACTS_DIR)/docker/env2yaml mkdir -p $(ARTIFACTS_DIR)/docker/pipeline COPY_IRONBANK_FILES := $(ARTIFACTS_DIR)/ironbank/scripts/config/pipelines.yml $(ARTIFACTS_DIR)/ironbank/scripts/config/logstash.yml @@ -118,7 +108,7 @@ ironbank_docker_paths: mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/vendor mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/pipeline -public-dockerfiles: public-dockerfiles_oss public-dockerfiles_full public-dockerfiles_ubi8 public-dockerfiles_wolfi public-dockerfiles_ironbank +public-dockerfiles: public-dockerfiles_oss public-dockerfiles_full public-dockerfiles_wolfi public-dockerfiles_ironbank public-dockerfiles_full: templates/Dockerfile.erb docker_paths $(COPY_FILES) ../vendor/jruby/bin/jruby -S erb -T "-"\ @@ -132,7 +122,7 @@ public-dockerfiles_full: templates/Dockerfile.erb docker_paths $(COPY_FILES) templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-full" && \ cd $(ARTIFACTS_DIR)/docker && \ cp $(ARTIFACTS_DIR)/Dockerfile-full Dockerfile && \ - tar -zcf ../logstash-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline + tar -zcf ../logstash-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline public-dockerfiles_oss: templates/Dockerfile.erb docker_paths $(COPY_FILES) ../vendor/jruby/bin/jruby -S erb -T "-"\ @@ -146,21 +136,7 @@ public-dockerfiles_oss: templates/Dockerfile.erb docker_paths $(COPY_FILES) templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-oss" && \ cd $(ARTIFACTS_DIR)/docker && \ cp $(ARTIFACTS_DIR)/Dockerfile-oss Dockerfile && \ - tar -zcf ../logstash-oss-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline - -public-dockerfiles_ubi8: templates/Dockerfile.erb docker_paths $(COPY_FILES) - ../vendor/jruby/bin/jruby -S erb -T "-"\ - created_date="${BUILD_DATE}" \ - elastic_version="${ELASTIC_VERSION}" \ - arch="${ARCHITECTURE}" \ - version_tag="${VERSION_TAG}" \ - release="${RELEASE}" \ - image_flavor="ubi8" \ - local_artifacts="false" \ - templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-ubi8" && \ - cd $(ARTIFACTS_DIR)/docker && \ - cp $(ARTIFACTS_DIR)/Dockerfile-ubi8 Dockerfile && \ - tar -zcf ../logstash-ubi8-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline + tar -zcf ../logstash-oss-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline public-dockerfiles_wolfi: templates/Dockerfile.erb docker_paths $(COPY_FILES) ../vendor/jruby/bin/jruby -S erb -T "-"\ @@ -174,9 +150,9 @@ public-dockerfiles_wolfi: templates/Dockerfile.erb docker_paths $(COPY_FILES) templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-wolfi" && \ cd $(ARTIFACTS_DIR)/docker && \ cp $(ARTIFACTS_DIR)/Dockerfile-wolfi Dockerfile && \ - tar -zcf ../logstash-wolfi-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline + tar -zcf ../logstash-wolfi-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline -public-dockerfiles_ironbank: templates/hardening_manifest.yaml.erb templates/Dockerfile.erb ironbank_docker_paths $(COPY_IRONBANK_FILES) +public-dockerfiles_ironbank: templates/hardening_manifest.yaml.erb templates/IronbankDockerfile.erb ironbank_docker_paths $(COPY_IRONBANK_FILES) ../vendor/jruby/bin/jruby -S erb -T "-"\ elastic_version="${ELASTIC_VERSION}" \ templates/hardening_manifest.yaml.erb > $(ARTIFACTS_DIR)/ironbank/hardening_manifest.yaml && \ @@ -188,35 +164,11 @@ public-dockerfiles_ironbank: templates/hardening_manifest.yaml.erb templates/Doc release="${RELEASE}" \ image_flavor="ironbank" \ local_artifacts="false" \ - templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-ironbank" && \ + templates/IronbankDockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-ironbank" && \ cd $(ARTIFACTS_DIR)/ironbank && \ cp $(ARTIFACTS_DIR)/Dockerfile-ironbank Dockerfile && \ tar -zcf ../logstash-ironbank-$(VERSION_TAG)-docker-build-context.tar.gz scripts Dockerfile hardening_manifest.yaml LICENSE README.md -# Push the image to the dedicated push endpoint at "push.docker.elastic.co" -push: - $(foreach FLAVOR, $(IMAGE_FLAVORS), \ - docker tag $(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG) push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \ - docker push push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \ - docker rmi push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \ - ) - # Also push the default version, with no suffix like '-oss' or '-full' - docker tag $(IMAGE_TAG):$(VERSION_TAG) push.$(IMAGE_TAG):$(VERSION_TAG); - docker push push.$(IMAGE_TAG):$(VERSION_TAG); - docker rmi push.$(IMAGE_TAG):$(VERSION_TAG); - -# Compile "env2yaml", the helper for configuring logstash.yml via environment -# variables. -env2yaml: - docker run --rm \ - -v "$(PWD)/data/logstash/env2yaml:/usr/src/env2yaml" \ - -e GOARCH=arm64 -e GOOS=linux \ - -w /usr/src/env2yaml golang:1 go build -o /usr/src/env2yaml/env2yaml-arm64 - docker run --rm \ - -v "$(PWD)/data/logstash/env2yaml:/usr/src/env2yaml" \ - -e GOARCH=amd64 -e GOOS=linux \ - -w /usr/src/env2yaml golang:1 go build -o /usr/src/env2yaml/env2yaml-amd64 - # Generate the Dockerfiles from ERB templates. dockerfile: templates/Dockerfile.erb $(foreach FLAVOR, $(IMAGE_FLAVORS), \ @@ -226,7 +178,7 @@ dockerfile: templates/Dockerfile.erb arch="${ARCHITECTURE}" \ version_tag="${VERSION_TAG}" \ image_flavor="${FLAVOR}" \ - local_artifacts="true" \ + local_artifacts="${LOCAL_ARTIFACTS}" \ templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-${FLAVOR}" ; \ ) diff --git a/docker/templates/Dockerfile.erb b/docker/templates/Dockerfile.erb index cf3eecf75..85296730e 100644 --- a/docker/templates/Dockerfile.erb +++ b/docker/templates/Dockerfile.erb @@ -1,6 +1,30 @@ # This Dockerfile was generated from templates/Dockerfile.erb -<% if image_flavor == 'wolfi' -%> -FROM docker.elastic.co/wolfi/go:1-dev as builder-env2yaml +<%# image_flavor 'full', oss', 'wolfi' -%> +<% if local_artifacts == 'false' -%> + <% url_root = 'https://artifacts.elastic.co/downloads/logstash' -%> +<% else -%> + <% url_root = 'http://localhost:8000' -%> +<% end -%> +<% if image_flavor == 'oss' -%> + <% tarball = "logstash-oss-#{elastic_version}-linux-#{arch}.tar.gz" -%> + <% license = 'Apache 2.0' -%> +<% else -%> + <% tarball = "logstash-#{elastic_version}-linux-#{arch}.tar.gz" -%> + <% license = 'Elastic License' -%> +<% end -%> +<% if image_flavor == 'full' || image_flavor == 'oss' -%> + <% base_image = 'docker.elastic.co/ubi8/ubi-minimal' -%> + <% go_image = 'golang:1.23' -%> + <% package_manager = 'microdnf' -%> +<% else -%> + <% base_image = 'docker.elastic.co/wolfi/chainguard-base' -%> + <% go_image = 'docker.elastic.co/wolfi/go:1.23' -%> + <% package_manager = 'apk' -%> +<% end -%> +<% locale = 'C.UTF-8' -%> + +# Build env2yaml +FROM <%= go_image %> as builder-env2yaml COPY env2yaml/env2yaml.go /tmp/go/src/env2yaml/env2yaml.go COPY env2yaml/go.mod /tmp/go/src/env2yaml/go.mod @@ -9,139 +33,55 @@ COPY env2yaml/go.sum /tmp/go/src/env2yaml/go.sum WORKDIR /tmp/go/src/env2yaml RUN go build -<% end -%> -<% if image_flavor == 'ironbank' -%> -<%# Start image_flavor 'ironbank' %> -ARG BASE_REGISTRY=registry1.dso.mil -ARG BASE_IMAGE=ironbank/redhat/ubi/ubi9 -ARG BASE_TAG=9.3 -ARG LOGSTASH_VERSION=<%= elastic_version %> -ARG GOLANG_VERSION=1.21.8 - -# stage 1: build env2yaml -FROM ${BASE_REGISTRY}/google/golang/ubi9/golang-1.21:${GOLANG_VERSION} AS env2yaml - -ENV GOPATH=/go - -COPY scripts/go /go - -USER root - -RUN dnf-3 -y upgrade && dnf-3 install -y git && \ - cd /go/src/env2yaml && \ - go build - -# Final stage -FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} - -ARG LOGSTASH_VERSION +# Build main image +# Minimal distributions do not ship with en language packs. +FROM <%= base_image %> ENV ELASTIC_CONTAINER true ENV PATH=/usr/share/logstash/bin:$PATH +ENV LANG=<%= locale %> LC_ALL=<%= locale %> WORKDIR /usr/share -COPY --from=env2yaml /go/src/env2yaml/env2yaml /usr/local/bin/env2yaml -COPY scripts/config/* config/ -COPY scripts/pipeline/default.conf pipeline/logstash.conf -COPY scripts/bin/docker-entrypoint /usr/local/bin/ -COPY logstash-${LOGSTASH_VERSION}-linux-x86_64.tar.gz /tmp/logstash.tar.gz - -RUN dnf -y upgrade && \ - dnf install -y procps findutils tar gzip which shadow-utils && \ - dnf clean all && \ - groupadd --gid 1000 logstash && \ - adduser --uid 1000 --gid 1000 --home-dir /usr/share/logstash --no-create-home logstash && \ - tar -zxf /tmp/logstash.tar.gz -C /usr/share/ && \ - mv /usr/share/logstash-${LOGSTASH_VERSION} /usr/share/logstash && \ - chown -R 1000:0 /usr/share/logstash && \ - chown --recursive logstash:logstash /usr/share/logstash/ && \ - chown -R logstash:root /usr/share/logstash config/ pipeline/ && \ - chmod -R g=u /usr/share/logstash && \ - mv config/* /usr/share/logstash/config && \ - mv pipeline /usr/share/logstash/pipeline && \ - mkdir /licenses/ && \ - mv /usr/share/logstash/NOTICE.TXT /licenses/NOTICE.TXT && \ - mv /usr/share/logstash/LICENSE.txt /licenses/LICENSE.txt && \ - ln -s /usr/share/logstash /opt/logstash && \ - chmod 0755 /usr/local/bin/docker-entrypoint && \ - rmdir config && \ - rm /tmp/logstash.tar.gz -<%# End image_flavor 'ironbank' %> -<% else -%> -<%# Start image_flavor 'full', oss', 'ubi8', 'wolfi' %> - <% if local_artifacts == 'false' -%> - <% url_root = 'https://artifacts.elastic.co/downloads/logstash' -%> - <% else -%> - <% url_root = 'http://localhost:8000' -%> - <% end -%> - <% if image_flavor == 'oss' -%> - <% tarball = "logstash-oss-#{elastic_version}-linux-$(arch).tar.gz" -%> - <% license = 'Apache 2.0' -%> - <% else -%> - <% tarball = "logstash-#{elastic_version}-linux-$(arch).tar.gz" -%> - <% license = 'Elastic License' -%> - <% end -%> - <% if image_flavor == 'ubi8' %> - <% base_image = 'docker.elastic.co/ubi8/ubi-minimal' -%> - <% package_manager = 'microdnf' -%> - <% arch_command = 'uname -m' -%> - # Minimal distributions do not ship with en language packs. - <% locale = 'C.UTF-8' -%> - <% elsif image_flavor == 'wolfi' %> - <% base_image = 'docker.elastic.co/wolfi/chainguard-base' -%> - <% package_manager = 'apk' -%> - <% arch_command = 'uname -m' -%> - # Minimal distributions do not ship with en language packs. - <% locale = 'C.UTF-8' -%> - <% else -%> - <% base_image = 'ubuntu:20.04' -%> - <% package_manager = 'apt-get' -%> - <% locale = 'en_US.UTF-8' -%> - <% arch_command = 'dpkg --print-architecture' -%> - <% end -%> - -FROM <%= base_image %> +COPY --from=builder-env2yaml /tmp/go/src/env2yaml/env2yaml /usr/local/bin/env2yaml +COPY config/pipelines.yml config/log4j2.properties config/log4j2.file.properties config/ +<% if image_flavor == 'oss' -%> +COPY config/logstash-oss.yml config/logstash.yml +<% else -%><%# 'full', 'wolfi' -%> +COPY config/logstash-full.yml config/logstash.yml +<% end -%> +COPY pipeline/default.conf pipeline/logstash.conf +COPY bin/docker-entrypoint /usr/local/bin/ +# Install packages RUN for iter in {1..10}; do \ -<% if image_flavor == 'wolfi' %> - <%= package_manager %> add --no-cache curl bash && \ -<% else -%> - <% if image_flavor == 'full' || image_flavor == 'oss' -%> - export DEBIAN_FRONTEND=noninteractive && \ - <% end -%> +<% if image_flavor == 'full' || image_flavor == 'oss' -%> <%= package_manager %> update -y && \ <%= package_manager %> upgrade -y && \ <%= package_manager %> install -y procps findutils tar gzip && \ - <% if image_flavor == 'ubi8' -%> - <%= package_manager %> install -y openssl && \ - <% end -%> - <% if image_flavor == 'ubi8' -%> - <%= package_manager %> install -y which shadow-utils && \ - <% else -%> - <%= package_manager %> install -y locales && \ - <% end -%> - <% if image_flavor != 'ubi9' -%> - <%= package_manager %> install -y curl && \ - <% end -%> + <%= package_manager %> install -y openssl && \ + <%= package_manager %> install -y which shadow-utils && \ + <%= package_manager %> install -y curl && \ <%= package_manager %> clean all && \ - <% if image_flavor == 'full' || image_flavor == 'oss' -%> - locale-gen 'en_US.UTF-8' && \ - <%= package_manager %> clean metadata && \ - <% end -%> +<% else -%><%# 'wolfi' -%> + <%= package_manager %> add --no-cache curl bash && \ <% end -%> -exit_code=0 && break || exit_code=$? && \ -echo "packaging error: retry $iter in 10s" && \ -<%= package_manager %> clean all && \ -<% if image_flavor == 'full' || image_flavor == 'oss' -%> - <%= package_manager %> clean metadata && \ -<% end -%> -sleep 10; done; \ -(exit $exit_code) + exit_code=0 && break || \ + exit_code=$? && echo "packaging error: retry $iter in 10s" && \ + <%= package_manager %> clean all && sleep 10; \ + done; \ + (exit $exit_code) -# Provide a non-root user to run the process. -<% if image_flavor == 'wolfi' -%> +# Provide a non-root user to run the process +# Add Logstash itself and set permissions +<% if image_flavor == 'full' || image_flavor == 'oss' -%> +RUN groupadd --gid 1000 logstash && \ + adduser --uid 1000 --gid 1000 \ + --home "/usr/share/logstash" \ + --no-create-home \ + logstash && \ +<% else -%><%# 'wolfi' -%> RUN addgroup -g 1000 logstash && \ adduser -u 1000 -G logstash \ --disabled-password \ @@ -149,95 +89,48 @@ RUN addgroup -g 1000 logstash && \ --home "/usr/share/logstash" \ --shell "/sbin/nologin" \ --no-create-home \ - logstash -<% else -%> -RUN groupadd --gid 1000 logstash && \ - adduser --uid 1000 --gid 1000 --home /usr/share/logstash --no-create-home logstash + logstash && \ <% end -%> - -# Add Logstash itself. -RUN curl -Lo - <%= url_root %>/<%= tarball %> | \ + curl -Lo - <%= url_root %>/<%= tarball %> | \ tar zxf - -C /usr/share && \ mv /usr/share/logstash-<%= elastic_version %> /usr/share/logstash && \ - chown --recursive logstash:logstash /usr/share/logstash/ && \ - chown -R logstash:root /usr/share/logstash && \ + chown -R logstash:root /usr/share/logstash config/ pipeline/ && \ chmod -R g=u /usr/share/logstash && \ - mkdir /licenses/ && \ + mv config/* /usr/share/logstash/config && \ + mv pipeline /usr/share/logstash/pipeline && \ + mkdir /licenses && \ mv /usr/share/logstash/NOTICE.TXT /licenses/NOTICE.TXT && \ mv /usr/share/logstash/LICENSE.txt /licenses/LICENSE.txt && \ find /usr/share/logstash -type d -exec chmod g+s {} \; && \ - ln -s /usr/share/logstash /opt/logstash + ln -s /usr/share/logstash /opt/logstash && \ + chmod 0755 /usr/local/bin/docker-entrypoint && \ + rmdir config WORKDIR /usr/share/logstash -ENV ELASTIC_CONTAINER true -ENV PATH=/usr/share/logstash/bin:$PATH - -# Provide a minimal configuration, so that simple invocations will provide -# a good experience. -<% if image_flavor == 'oss' -%> - COPY config/logstash-oss.yml config/logstash.yml -<% else -%> - COPY config/logstash-full.yml config/logstash.yml -<% end -%> -COPY config/pipelines.yml config/log4j2.properties config/log4j2.file.properties config/ -COPY pipeline/default.conf pipeline/logstash.conf - -RUN chown --recursive logstash:root config/ pipeline/ -# Ensure Logstash gets the correct locale by default. -ENV LANG=<%= locale %> LC_ALL=<%= locale %> - -<% if image_flavor == 'wolfi' -%> -COPY --from=builder-env2yaml /tmp/go/src/env2yaml/env2yaml /usr/local/bin/env2yaml -<% else -%> -COPY env2yaml/env2yaml-amd64 env2yaml/env2yaml-arm64 env2yaml/ -# Copy over the appropriate env2yaml artifact -RUN env2yamlarch="$(<%= arch_command %>)"; \ - case "${env2yamlarch}" in \ - 'x86_64'|'amd64') \ - env2yamlarch=amd64; \ - ;; \ - 'aarch64'|'arm64') \ - env2yamlarch=arm64; \ - ;; \ - *) echo >&2 "error: unsupported architecture '$env2yamlarch'"; exit 1 ;; \ - esac; \ - mkdir -p /usr/local/bin; \ - cp env2yaml/env2yaml-${env2yamlarch} /usr/local/bin/env2yaml; \ - rm -rf env2yaml -<% end -%> -# Place the startup wrapper script. -COPY bin/docker-entrypoint /usr/local/bin/ - -RUN chmod 0755 /usr/local/bin/docker-entrypoint -<%# End image_flavor 'full', oss', 'ubi8', 'wolfi' %> -<% end -%> USER 1000 EXPOSE 9600 5044 -<% if image_flavor != 'ironbank' -%> -LABEL org.label-schema.schema-version="1.0" \ - org.label-schema.vendor="Elastic" \ - org.opencontainers.image.vendor="Elastic" \ +LABEL org.label-schema.build-date=<%= created_date %> \ + org.label-schema.license="<%= license %>" \ org.label-schema.name="logstash" \ - org.opencontainers.image.title="logstash" \ - org.label-schema.version="<%= elastic_version %>" \ - org.opencontainers.image.version="<%= elastic_version %>" \ + org.label-schema.schema-version="1.0" \ org.label-schema.url="https://www.elastic.co/products/logstash" \ org.label-schema.vcs-url="https://github.com/elastic/logstash" \ - org.label-schema.license="<%= license %>" \ - org.opencontainers.image.licenses="<%= license %>" \ + org.label-schema.vendor="Elastic" \ + org.label-schema.version="<%= elastic_version %>" \ + org.opencontainers.image.created=<%= created_date %> \ org.opencontainers.image.description="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \ - org.label-schema.build-date=<%= created_date %> \ -<% if image_flavor == 'ubi8' -%> license="<%= license %>" \ + org.opencontainers.image.licenses="<%= license %>" \ + org.opencontainers.image.title="logstash" \ + org.opencontainers.image.vendor="Elastic" \ + org.opencontainers.image.version="<%= elastic_version %>" \ description="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \ - name="logstash" \ + license="<%= license %>" \ maintainer="info@elastic.co" \ + name="logstash" \ summary="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \ - vendor="Elastic" \ -<% end -%> - org.opencontainers.image.created=<%= created_date %> -<% end -%> + vendor="Elastic" ENTRYPOINT ["/usr/local/bin/docker-entrypoint"] diff --git a/docker/templates/IronbankDockerfile.erb b/docker/templates/IronbankDockerfile.erb new file mode 100644 index 000000000..db810f830 --- /dev/null +++ b/docker/templates/IronbankDockerfile.erb @@ -0,0 +1,65 @@ +# This Dockerfile was generated from templates/IronbankDockerfile.erb + +ARG BASE_REGISTRY=registry1.dso.mil +ARG BASE_IMAGE=ironbank/redhat/ubi/ubi9 +ARG BASE_TAG=9.3 +ARG LOGSTASH_VERSION=<%= elastic_version %> +ARG GOLANG_VERSION=1.21.8 + +# stage 1: build env2yaml +FROM ${BASE_REGISTRY}/google/golang/ubi9/golang-1.21:${GOLANG_VERSION} AS env2yaml + +ENV GOPATH=/go + +COPY scripts/go /go + +USER root + +RUN dnf-3 -y upgrade && dnf-3 install -y git && \ + cd /go/src/env2yaml && \ + go build + +# Final stage +FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + +ARG LOGSTASH_VERSION + +ENV ELASTIC_CONTAINER true +ENV PATH=/usr/share/logstash/bin:$PATH + +WORKDIR /usr/share + +COPY --from=env2yaml /go/src/env2yaml/env2yaml /usr/local/bin/env2yaml +COPY scripts/config/* config/ +COPY scripts/pipeline/default.conf pipeline/logstash.conf +COPY scripts/bin/docker-entrypoint /usr/local/bin/ +COPY logstash-${LOGSTASH_VERSION}-linux-x86_64.tar.gz /tmp/logstash.tar.gz + +RUN dnf -y upgrade && \ + dnf install -y procps findutils tar gzip which shadow-utils && \ + dnf clean all && \ + groupadd --gid 1000 logstash && \ + adduser --uid 1000 --gid 1000 --home-dir /usr/share/logstash --no-create-home logstash && \ + tar -zxf /tmp/logstash.tar.gz -C /usr/share/ && \ + mv /usr/share/logstash-${LOGSTASH_VERSION} /usr/share/logstash && \ + chown -R 1000:0 /usr/share/logstash && \ + chown --recursive logstash:logstash /usr/share/logstash/ && \ + chown -R logstash:root /usr/share/logstash config/ pipeline/ && \ + chmod -R g=u /usr/share/logstash && \ + mv config/* /usr/share/logstash/config && \ + mv pipeline /usr/share/logstash/pipeline && \ + mkdir /licenses/ && \ + mv /usr/share/logstash/NOTICE.TXT /licenses/NOTICE.TXT && \ + mv /usr/share/logstash/LICENSE.txt /licenses/LICENSE.txt && \ + ln -s /usr/share/logstash /opt/logstash && \ + chmod 0755 /usr/local/bin/docker-entrypoint && \ + rmdir config && \ + rm /tmp/logstash.tar.gz + +WORKDIR /usr/share/logstash + +USER 1000 + +EXPOSE 9600 5044 + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint"] diff --git a/qa/docker/shared_examples/image_metadata.rb b/qa/docker/shared_examples/image_metadata.rb index 77a995258..1750cd0ee 100644 --- a/qa/docker/shared_examples/image_metadata.rb +++ b/qa/docker/shared_examples/image_metadata.rb @@ -13,24 +13,28 @@ shared_examples_for 'the metadata is set correctly' do |flavor| expect(@image.json['Architecture']).to have_correct_architecture end - %w(org.label-schema.license org.opencontainers.image.licenses).each do |label| + %w(license org.label-schema.license org.opencontainers.image.licenses).each do |label| it "should set the license label #{label} correctly" do expect(@labels[label]).to have_correct_license_label(flavor) end end - %w(org.label-schema.name org.opencontainers.image.title).each do |label| + %w(name org.label-schema.name org.opencontainers.image.title).each do |label| it "should set the name label #{label} correctly" do expect(@labels[label]).to eql "logstash" end end - it "should set the vendor label org.opencontainers.image.vendor correctly" do - expect(@labels['org.opencontainers.image.vendor']).to eql "Elastic" + %w(vendor org.opencontainers.image.vendor).each do |label| + it 'should set the vendor label correctly' do + expect(@labels["vendor"]).to eql "Elastic" + end end - it "should set the description label org.opencontainers.image.description correctly" do - expect(@labels['org.opencontainers.image.description']).to eql "Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" + %w(description summary org.opencontainers.image.description).each do |label| + it "should set the description label #{label} correctly" do + expect(@labels[label]).to eql "Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" + end end %w(org.label-schema.version org.opencontainers.image.version).each do |label| @@ -38,4 +42,9 @@ shared_examples_for 'the metadata is set correctly' do |flavor| expect(@labels[label]).to eql qualified_version end end + + it 'should set the maintainer label correctly' do + expect(@labels["maintainer"]).to eql "info@elastic.co" + end + end diff --git a/qa/docker/spec/full/container_spec.rb b/qa/docker/spec/full/container_spec.rb index 81a004a39..d7f8ae64b 100644 --- a/qa/docker/spec/full/container_spec.rb +++ b/qa/docker/spec/full/container_spec.rb @@ -20,8 +20,8 @@ describe 'A container running the full image' do cleanup_container(@container) end - it 'has an Ubuntu 20.04 base image' do - expect(exec_in_container(@container, 'cat /etc/os-release').chomp).to match /Ubuntu 20.04/ + it 'should be based on Red Hat Enterprise Linux' do + expect(exec_in_container(@container, 'cat /etc/redhat-release')).to match /Red Hat Enterprise Linux/ end end end diff --git a/qa/docker/spec/oss/container_spec.rb b/qa/docker/spec/oss/container_spec.rb index ceff09510..cc824fdb3 100644 --- a/qa/docker/spec/oss/container_spec.rb +++ b/qa/docker/spec/oss/container_spec.rb @@ -18,8 +18,8 @@ describe 'A container running the oss image' do cleanup_container(@container) end - it 'has an Ubuntu 20.04 base image' do - expect(exec_in_container(@container, 'cat /etc/os-release').chomp).to match /Ubuntu 20.04/ + it 'should be based on Red Hat Enterprise Linux' do + expect(exec_in_container(@container, 'cat /etc/redhat-release')).to match /Red Hat Enterprise Linux/ end end end diff --git a/qa/docker/spec/ubi8/container_spec.rb b/qa/docker/spec/ubi8/container_spec.rb deleted file mode 100644 index 19e69db11..000000000 --- a/qa/docker/spec/ubi8/container_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require_relative '../spec_helper' -require_relative '../../shared_examples/container_config' -require_relative '../../shared_examples/container_options' -require_relative '../../shared_examples/container' -require_relative '../../shared_examples/xpack' - -describe 'A container running the ubi8 image' do - it_behaves_like 'the container is configured correctly', 'ubi8' - it_behaves_like 'it runs with different configurations', 'ubi8' - it_behaves_like 'it applies settings correctly', 'ubi8' - it_behaves_like 'a container with xpack features', 'ubi8' - - context 'The running container' do - before do - @image = find_image('ubi8') - @container = start_container(@image, {}) - end - - after do - cleanup_container(@container) - end - - it 'should be based on Red Hat Enterprise Linux' do - expect(exec_in_container(@container, 'cat /etc/redhat-release')).to match /Red Hat Enterprise Linux/ - end - end -end diff --git a/qa/docker/spec/ubi8/image_spec.rb b/qa/docker/spec/ubi8/image_spec.rb deleted file mode 100644 index de47bc7da..000000000 --- a/qa/docker/spec/ubi8/image_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require_relative '../spec_helper' -require_relative '../../shared_examples/image_metadata' - -describe 'An image with the full distribution' do - it_behaves_like 'the metadata is set correctly', 'ubi8' - - context 'the ubi8 image should set its specific labels correctly' do - before do - @image = find_image('ubi8') - @image_config = @image.json['Config'] - @labels = @image_config['Labels'] - end - - %w(license org.label-schema.license org.opencontainers.image.licenses).each do |label| - it "should set the license label #{label} correctly" do - expect(@labels[label]).to have_correct_license_label('ubi8') - end - end - - it 'should set the name label correctly' do - expect(@labels['name']).to eql "logstash" - end - - it 'should set the maintainer label correctly' do - expect(@labels["maintainer"]).to eql "info@elastic.co" - end - - %w(description summary).each do |label| - it "should set the name label #{label} correctly" do - expect(@labels[label]).to eql "Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" - end - end - - it 'should set the vendor label correctly' do - expect(@labels["vendor"]).to eql "Elastic" - end - end -end diff --git a/rakelib/artifacts.rake b/rakelib/artifacts.rake index 807618546..1241c3a84 100644 --- a/rakelib/artifacts.rake +++ b/rakelib/artifacts.rake @@ -18,6 +18,7 @@ namespace "artifact" do SNAPSHOT_BUILD = ENV["RELEASE"] != "1" VERSION_QUALIFIER = ENV["VERSION_QUALIFIER"] + LOCAL_ARTIFACTS = ENV["LOCAL_ARTIFACTS"] || "true" if VERSION_QUALIFIER PACKAGE_SUFFIX = SNAPSHOT_BUILD ? "-#{VERSION_QUALIFIER}-SNAPSHOT" : "-#{VERSION_QUALIFIER}" else @@ -139,7 +140,7 @@ namespace "artifact" do desc "Generate rpm, deb, tar and zip artifacts" task "all" => ["prepare", "build"] - task "docker_only" => ["prepare", "build_docker_full", "build_docker_oss", "build_docker_ubi8", "build_docker_wolfi"] + task "docker_only" => ["prepare", "build_docker_full", "build_docker_oss", "build_docker_wolfi"] desc "Build all (jdk bundled and not) tar.gz and zip of default logstash plugins with all dependencies" task "archives" => ["prepare", "generate_build_metadata"] do @@ -329,12 +330,6 @@ namespace "artifact" do build_docker('oss') end - desc "Build UBI8 docker image" - task "docker_ubi8" => %w(prepare generate_build_metadata archives_docker) do - puts("[docker_ubi8] Building UBI docker image") - build_docker('ubi8') - end - desc "Build wolfi docker image" task "docker_wolfi" => %w(prepare generate_build_metadata archives_docker) do puts("[docker_wolfi] Building Wolfi docker image") @@ -346,7 +341,6 @@ namespace "artifact" do puts("[dockerfiles] Building Dockerfiles") build_dockerfile('oss') build_dockerfile('full') - build_dockerfile('ubi8') build_dockerfile('wolfi') build_dockerfile('ironbank') end @@ -363,12 +357,6 @@ namespace "artifact" do build_dockerfile('full') end - desc "Generate Dockerfile for UBI8 images" - task "dockerfile_ubi8" => ["prepare", "generate_build_metadata"] do - puts("[dockerfiles] Building ubi8 Dockerfiles") - build_dockerfile('ubi8') - end - desc "Generate Dockerfile for wolfi images" task "dockerfile_wolfi" => ["prepare", "generate_build_metadata"] do puts("[dockerfiles] Building wolfi Dockerfiles") @@ -390,7 +378,6 @@ namespace "artifact" do unless ENV['SKIP_DOCKER'] == "1" Rake::Task["artifact:docker"].invoke - Rake::Task["artifact:docker_ubi8"].invoke Rake::Task["artifact:docker_wolfi"].invoke Rake::Task["artifact:dockerfiles"].invoke Rake::Task["artifact:docker_oss"].invoke @@ -411,11 +398,6 @@ namespace "artifact" do Rake::Task["artifact:dockerfile_oss"].invoke end - task "build_docker_ubi8" => [:generate_build_metadata] do - Rake::Task["artifact:docker_ubi8"].invoke - Rake::Task["artifact:dockerfile_ubi8"].invoke - end - task "build_docker_wolfi" => [:generate_build_metadata] do Rake::Task["artifact:docker_wolfi"].invoke Rake::Task["artifact:dockerfile_wolfi"].invoke @@ -798,7 +780,8 @@ namespace "artifact" do "ARTIFACTS_DIR" => ::File.join(Dir.pwd, "build"), "RELEASE" => ENV["RELEASE"], "VERSION_QUALIFIER" => VERSION_QUALIFIER, - "BUILD_DATE" => BUILD_DATE + "BUILD_DATE" => BUILD_DATE, + "LOCAL_ARTIFACTS" => LOCAL_ARTIFACTS } Dir.chdir("docker") do |dir| safe_system(env, "make build-from-local-#{flavor}-artifacts") @@ -810,7 +793,8 @@ namespace "artifact" do "ARTIFACTS_DIR" => ::File.join(Dir.pwd, "build"), "RELEASE" => ENV["RELEASE"], "VERSION_QUALIFIER" => VERSION_QUALIFIER, - "BUILD_DATE" => BUILD_DATE + "BUILD_DATE" => BUILD_DATE, + "LOCAL_ARTIFACTS" => LOCAL_ARTIFACTS } Dir.chdir("docker") do |dir| safe_system(env, "make public-dockerfiles_#{flavor}") From 74d87c9ea0b7f35cf38b3c204830f0ce6ef7e12b Mon Sep 17 00:00:00 2001 From: Yehor Shvedov <146825775+ev1yehor@users.noreply.github.com> Date: Tue, 12 Nov 2024 21:40:17 +0200 Subject: [PATCH 107/290] Update catalog-info file with correct system property (#16669) --- catalog-info.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/catalog-info.yaml b/catalog-info.yaml index 0ff6603cb..21d7f9b03 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -142,7 +142,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -185,7 +185,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -236,7 +236,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -294,7 +294,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -345,7 +345,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -388,7 +388,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -439,7 +439,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -494,7 +494,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline @@ -536,7 +536,7 @@ metadata: spec: type: buildkite-pipeline owner: group:logstash - system: buildkite + system: platform-ingest implementation: apiVersion: buildkite.elastic.dev/v1 kind: Pipeline From ff8c154c4dbed836b34dd654ad458c40ec7acee9 Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Tue, 12 Nov 2024 12:46:52 -0800 Subject: [PATCH 108/290] Extend ruby linting tasks to handle file inputs (#16660) This commit extends the gradle and rake tasks to pass through a list of files for rubocop to lint. This allows more specificity and fine grained control for linting when the consumer of the tasks only wishes to lint a select few files. --- build.gradle | 10 ++++++++-- rakelib/lint.rake | 47 +++++++++++++++++++++++++++++++---------------- rubyUtils.gradle | 7 ++++--- 3 files changed, 43 insertions(+), 21 deletions(-) diff --git a/build.gradle b/build.gradle index b9f843a9b..f71190ee6 100644 --- a/build.gradle +++ b/build.gradle @@ -817,10 +817,16 @@ class JDKDetails { } tasks.register("lint") { - // Calls rake's 'lint' task + description = "Lint Ruby source files. Use -PrubySource=file1.rb,file2.rb to specify files" dependsOn installDevelopmentGems doLast { - rake(projectDir, buildDir, 'lint:report') + if (project.hasProperty("rubySource")) { + // Split the comma-separated files and pass them as separate arguments + def files = project.property("rubySource").split(",") + rake(projectDir, buildDir, "lint:report", *files) + } else { + rake(projectDir, buildDir, "lint:report") + } } } diff --git a/rakelib/lint.rake b/rakelib/lint.rake index c3aa4df45..f8d5eea08 100644 --- a/rakelib/lint.rake +++ b/rakelib/lint.rake @@ -14,7 +14,6 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. - namespace "lint" do module RuboCLI def self.run!(*args) @@ -25,28 +24,44 @@ namespace "lint" do end end - # task that runs lint report - desc "Report all Lint Cops" - task "report" do - RuboCLI.run!("--lint") + desc "Report all Lint Cops. Optional: Specify one or more files" + task :report, [:file] do |t, args| + files = [args[:file], *args.extras].compact + + if files.empty? + RuboCLI.run!("--lint") + else + puts "Running lint report on specific files: #{files.join(', ')}" + RuboCLI.run!("--lint", *files) + end end - # Tasks automatically fixes a Cop passed as a parameter (e.g. Lint/DeprecatedClassMethods) - # TODO: Add a way to autocorrect all cops, and not just the one passed as parameter - desc "Automatically fix all instances of a Cop passed as a parameter" - task "correct", [:cop] do |t, args| + # Tasks automatically fixes a Cop passed as a parameter + desc "Automatically fix all instances of a Cop passed as a parameter. Optional: Specify one or more files" + task :correct, [:cop] do |t, args| if args[:cop].to_s.empty? puts "No Cop has been provided, aborting..." exit(0) else - puts "Attempting to correct Lint issues for: #{args[:cop].to_s}" - RuboCLI.run!("--autocorrect-all", "--only", args[:cop].to_s) + files = args.extras + if files.empty? + puts "Attempting to correct Lint issues for: #{args[:cop]}" + RuboCLI.run!("--autocorrect-all", "--only", args[:cop]) + else + puts "Attempting to correct Lint issues for #{args[:cop]} in files: #{files.join(', ')}" + RuboCLI.run!("--autocorrect-all", "--only", args[:cop], *files) + end end end - # task that automatically fixes code formatting - desc "Automatically fix Layout Cops" - task "format" do - RuboCLI.run!("--fix-layout") + desc "Automatically fix Layout Cops. Optional: Specify one or more files" + task :format, [:file] do |t, args| + files = [args[:file], *args.extras].compact + if files.empty? + RuboCLI.run!("--fix-layout") + else + puts "Running format fixes on specific files: #{files.join(', ')}" + RuboCLI.run!("--fix-layout", *files) + end end -end +end \ No newline at end of file diff --git a/rubyUtils.gradle b/rubyUtils.gradle index 94d020543..c515ee2df 100644 --- a/rubyUtils.gradle +++ b/rubyUtils.gradle @@ -151,17 +151,18 @@ void buildGem(File projectDir, File buildDir, String gemspec) { * @param projectDir Gradle projectDir * @param buildDir Gradle buildDir * @param plugin Plugin to run specs for - * @param args CLI arguments to pass to rspec + * @param args Optional arguments to pass to the rake task */ -void rake(File projectDir, File buildDir, String task) { +void rake(File projectDir, File buildDir, String task, String... args) { executeJruby projectDir, buildDir, { ScriptingContainer jruby -> jruby.currentDirectory = projectDir jruby.runScriptlet("require 'rake'; require 'time'") + def rakeArgs = args ? "'${args.join("','")}'" : "" jruby.runScriptlet(""" rake = Rake.application rake.init rake.load_rakefile - rake['${task}'].invoke + rake['${task}'].invoke(${rakeArgs}) """ ) } From 2a23680cfd12438dc1a4429a1717a31e06e47816 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 13 Nov 2024 11:04:02 +0000 Subject: [PATCH 109/290] Update logstash_releases.json for new branching strategy (#16585) See naming rational in https://github.com/logstash-plugins/.ci/pull/63#issue-2597373955 After 8.16 is GA, the "releases" entry should become: ```json "releases": { "7.current": "7.17.24", "8.current": "8.16.0", "8.previous": "8.15.3" }, ``` For snapshots we'll also test against "main", "8.next", and "8.future". The labels are: - `main`: main branch - `8.future`: the future 8.x release, i.e. current version of the 8.x branch - `8.next`: the short lived period between a minor's FF - when the new branch is cut from 8.x - and GA - `8.current`: the most recent 8.x release - `8.previous`: the previous, but still supported, 8.x release --- ci/logstash_releases.json | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 5999c5f1f..b7566d984 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -1,14 +1,15 @@ { "releases": { - "5.x": "5.6.16", - "6.x": "6.8.23", - "7.x": "7.17.25", - "8.x": "8.15.3" + "7.current": "7.17.25", + "8.previous": "8.15.4", + "8.current": "8.16.0" }, "snapshots": { - "7.x": "7.17.26-SNAPSHOT", - "8.15": "8.15.4-SNAPSHOT", - "8.x": "8.16.0-SNAPSHOT", + "7.current": "7.17.26-SNAPSHOT", + "8.previous": "8.15.5-SNAPSHOT", + "8.current": "8.16.1-SNAPSHOT", + "8.next": null, + "8.future": "8.17.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" } } From a94659cf82d7e62c5a5f550df3e4e5bd0c6cf3e1 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Wed, 13 Nov 2024 16:58:56 +0100 Subject: [PATCH 110/290] Default buffer type to 'heap' for 9.0 (#16500) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Switch the default value of `pipeline.buffer.type` to use the heap memory instead of direct one. Change the default value of the setting `pipeline.buffer.type` from direct to heap and update consequently the documentation. Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- config/logstash.yml | 4 +-- docs/static/config-details.asciidoc | 31 +++++++---------------- docs/static/settings-file.asciidoc | 4 +-- logstash-core/lib/logstash/environment.rb | 2 +- 4 files changed, 14 insertions(+), 27 deletions(-) diff --git a/config/logstash.yml b/config/logstash.yml index d96ad4674..0ae8a0abb 100644 --- a/config/logstash.yml +++ b/config/logstash.yml @@ -331,8 +331,8 @@ # pipeline.separate_logs: false # # Determine where to allocate memory buffers, for plugins that leverage them. -# Default to direct, optionally can be switched to heap to select Java heap space. -# pipeline.buffer.type: direct +# Defaults to heap,but can be switched to direct if you prefer using direct memory space instead. +# pipeline.buffer.type: heap # # ------------ X-Pack Settings (not applicable for OSS build)-------------- # diff --git a/docs/static/config-details.asciidoc b/docs/static/config-details.asciidoc index a68e89e26..8cbec38a8 100644 --- a/docs/static/config-details.asciidoc +++ b/docs/static/config-details.asciidoc @@ -118,30 +118,17 @@ To summarize, we have 3 categories of memory usage, where 2 can be limited by th Keep these memory requirements in mind as you calculate your ideal memory allocation. -[[reducing-off-heap-usage]] -===== Upcoming changes to Buffer Allocation and Troubleshooting Out of Memory errors +[[off-heap-buffers-allocation]] +===== Buffer Allocation types +Input plugins such as {agent}, {beats}, TCP, and HTTP allocate buffers in Java heap memory to read events from the network. +Heap memory is the preferred allocation method, as it facilitates debugging memory usage problems (such as leaks and Out of Memory errors) through the analysis of heap dumps. -Plugins such as {agent}, {beats}, TCP, and HTTP inputs, currently default to using direct memory as it tends -to provide better performance, especially when interacting with the network stack. -Under heavy load, namely large number of connections and large messages, the direct memory space can be exhausted and lead to Out of Memory (OOM) errors in off-heap space. +Before version 9.0.0, {ls} defaulted to direct memory instead of heap for this purpose. To re-enable the previous behavior {ls} provides +a `pipeline.buffer.type` setting in <> that lets you control where to allocate +memory buffers for plugins that use them. -An off-heap OOM is difficult to debug, so {ls} provides a `pipeline.buffer.type` setting in <> that lets you control where to allocate memory buffers for plugins that use them. -Currently it is set to `direct` by default, but you can change it to `heap` to use Java heap space instead, which will be become the default in the future. -When set to `heap`, buffer allocations used by plugins are configured to **prefer** the -Java Heap instead of direct memory, as direct memory allocations may still be necessary depending on the plugin. - -When set to "heap", in the event of an out-of-memory, Logstash will produce a heap dump to facilitate debugging. - -It is important to note that the Java heap sizing requirements will be impacted by this change since -allocations that previously resided on the direct memory will use heap instead. - -Performance-wise there shouldn't be a noticeable impact, since while direct memory IO is faster, Logstash Event objects produced by these plugins end up being allocated on the Java Heap, incurring the cost of copying from direct memory to heap memory regardless of the setting. - -[NOTE] --- -* When you set `pipeline.buffer.type` to `heap`, consider incrementing the Java heap by the -amount of memory that had been reserved for direct space. --- +Performance should not be noticeably affected if you switch between `direct` and `heap`. +While copying bytes from OS buffers to direct memory buffers is faster, {ls} Event objects produced by these plugins are allocated on the Java Heap, incurring the cost of copying from direct memory to heap memory, regardless of the setting. [[memory-size-calculation]] ===== Memory sizing diff --git a/docs/static/settings-file.asciidoc b/docs/static/settings-file.asciidoc index 704afa9b1..318ec7308 100644 --- a/docs/static/settings-file.asciidoc +++ b/docs/static/settings-file.asciidoc @@ -363,6 +363,6 @@ separating each log lines per pipeline could be helpful in case you need to trou | `pipeline.buffer.type` | Determine where to allocate memory buffers, for plugins that leverage them. -Currently defaults to `direct` but can be switched to `heap` to select Java heap space, which will become the default in the future. -| `direct` Check out <> for more info. +Defaults to `heap` but can be switched to `direct` to instruct Logstash to prefer allocation of buffers in direct memory. +| `heap` Check out <> for more info. |======================================================================= diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index 6d2c1d5d3..025d5d6a5 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -110,7 +110,7 @@ module LogStash Setting::String.new("keystore.classname", "org.logstash.secret.store.backend.JavaKeyStore"), Setting::String.new("keystore.file", ::File.join(::File.join(LogStash::Environment::LOGSTASH_HOME, "config"), "logstash.keystore"), false), # will be populated on Setting::NullableString.new("monitoring.cluster_uuid"), - Setting::String.new("pipeline.buffer.type", "direct", true, ["direct", "heap"]) + Setting::String.new("pipeline.buffer.type", "heap", true, ["direct", "heap"]) # post_process ].each {|setting| SETTINGS.register(setting) } From d4fb06e498aee771915a35300aacaf9784067906 Mon Sep 17 00:00:00 2001 From: Andrea Selva Date: Tue, 19 Nov 2024 08:52:28 +0100 Subject: [PATCH 111/290] Introduce a new flag to explicitly permit legacy monitoring (#16586) Introduce a new flag setting `xpack.monitoring.allow_legacy_collection` which eventually enable the legacy monitoring collector. Update the method to test if monitoring is enabled so that consider also `xpack.monitoring.allow_legacy_collection` to determine if `monitoring.*` settings are valid or not. By default it's false, the user has to intentionally enable it to continue to use the legacy monitoring settings. --------- Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- .../scripts/benchmark/config/logstash.yml | 1 + config/logstash.yml | 2 ++ docker/data/logstash/env2yaml/env2yaml.go | 2 +- .../monitoring-internal-legacy.asciidoc | 7 +++++- .../logstash/api/commands/default_metadata.rb | 2 ++ .../api/commands/default_metadata_spec.rb | 11 ++++++++- x-pack/lib/monitoring/monitoring.rb | 23 +++++++++++++++---- .../management/multiple_pipelines_spec.rb | 1 + .../monitoring/direct_shipping_spec.rb | 1 + .../es_documents_structure_validation_spec.rb | 1 + .../monitoring/multiple_host_defined_spec.rb | 1 + .../no_ssl_create_monitoring_indexes_spec.rb | 1 + .../persisted_queue_is_enabled_spec.rb | 1 + .../monitoring/pipeline_register_hook_spec.rb | 12 ++++++++++ 14 files changed, 59 insertions(+), 7 deletions(-) diff --git a/.buildkite/scripts/benchmark/config/logstash.yml b/.buildkite/scripts/benchmark/config/logstash.yml index 5b228a64e..59d648889 100644 --- a/.buildkite/scripts/benchmark/config/logstash.yml +++ b/.buildkite/scripts/benchmark/config/logstash.yml @@ -3,6 +3,7 @@ pipeline.workers: ${WORKER} pipeline.batch.size: ${BATCH_SIZE} queue.type: ${QTYPE} +xpack.monitoring.allow_legacy_collection: true xpack.monitoring.enabled: true xpack.monitoring.elasticsearch.username: ${MONITOR_ES_USER} xpack.monitoring.elasticsearch.password: ${MONITOR_ES_PW} diff --git a/config/logstash.yml b/config/logstash.yml index 0ae8a0abb..c80f38efa 100644 --- a/config/logstash.yml +++ b/config/logstash.yml @@ -338,6 +338,8 @@ # # X-Pack Monitoring # https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html +# Flag to allow the legacy internal monitoring (default: false) +#xpack.monitoring.allow_legacy_collection: false #xpack.monitoring.enabled: false #xpack.monitoring.elasticsearch.username: logstash_system #xpack.monitoring.elasticsearch.password: password diff --git a/docker/data/logstash/env2yaml/env2yaml.go b/docker/data/logstash/env2yaml/env2yaml.go index 588f1bb41..e0680957a 100644 --- a/docker/data/logstash/env2yaml/env2yaml.go +++ b/docker/data/logstash/env2yaml/env2yaml.go @@ -17,7 +17,6 @@ package main import ( "errors" "fmt" - "gopkg.in/yaml.v2" "io/ioutil" "log" "os" @@ -82,6 +81,7 @@ var validSettings = []string{ "api.auth.basic.password_policy.include.symbol", "allow_superuser", "monitoring.cluster_uuid", + "xpack.monitoring.allow_legacy_collection", "xpack.monitoring.enabled", "xpack.monitoring.collection.interval", "xpack.monitoring.elasticsearch.hosts", diff --git a/docs/static/monitoring/monitoring-internal-legacy.asciidoc b/docs/static/monitoring/monitoring-internal-legacy.asciidoc index 7b1730bae..bb12923d8 100644 --- a/docs/static/monitoring/monitoring-internal-legacy.asciidoc +++ b/docs/static/monitoring/monitoring-internal-legacy.asciidoc @@ -7,6 +7,11 @@ deprecated[7.9.0] +NOTE: Starting from version 9.0, legacy internal collection is behind a feature flag and is turned off by default. +Set `xpack.monitoring.allow_legacy_collection` to `true` to allow access to the feature. + +Using <> is a better alternative for most {ls} deployments. + ==== Components for legacy collection Monitoring {ls} with legacy collection uses these components: @@ -57,7 +62,7 @@ monitoring cluster will show the Logstash metrics under the _monitoring_ cluster -- -. Verify that the `xpack.monitoring.collection.enabled` setting is `true` on the +. Verify that the `xpack.monitoring.allow_legacy_collection` and `xpack.monitoring.collection.enabled` settings are `true` on the production cluster. If that setting is `false`, the collection of monitoring data is disabled in {es} and data is ignored from all other sources. diff --git a/logstash-core/lib/logstash/api/commands/default_metadata.rb b/logstash-core/lib/logstash/api/commands/default_metadata.rb index 635e3e5f4..7c8f309db 100644 --- a/logstash-core/lib/logstash/api/commands/default_metadata.rb +++ b/logstash-core/lib/logstash/api/commands/default_metadata.rb @@ -71,6 +71,8 @@ module LogStash private def enabled_xpack_monitoring? + LogStash::SETTINGS.registered?("xpack.monitoring.allow_legacy_collection") && + LogStash::SETTINGS.get_value("xpack.monitoring.allow_legacy_collection") && LogStash::SETTINGS.registered?("xpack.monitoring.enabled") && LogStash::SETTINGS.get("xpack.monitoring.enabled") end diff --git a/logstash-core/spec/logstash/api/commands/default_metadata_spec.rb b/logstash-core/spec/logstash/api/commands/default_metadata_spec.rb index acdbc8a50..c93a77377 100644 --- a/logstash-core/spec/logstash/api/commands/default_metadata_spec.rb +++ b/logstash-core/spec/logstash/api/commands/default_metadata_spec.rb @@ -54,13 +54,22 @@ describe LogStash::Api::Commands::DefaultMetadata do ) end - it "check monitoring exist when monitoring is enabled" do + it "check monitoring section exist when legacy monitoring is enabled and allowed" do + LogStash::SETTINGS.set_value("xpack.monitoring.allow_legacy_collection", true) LogStash::SETTINGS.set_value("xpack.monitoring.enabled", true) expect(report.keys).to include( :monitoring ) end + it "check monitoring section does not appear when legacy monitoring is not allowed but enabled" do + LogStash::SETTINGS.set_value("xpack.monitoring.allow_legacy_collection", false) + LogStash::SETTINGS.set_value("xpack.monitoring.enabled", true) + expect(report.keys).not_to include( + :monitoring + ) + end + it "check monitoring does not appear when not enabled and nor cluster_uuid is defined" do LogStash::SETTINGS.set_value("xpack.monitoring.enabled", false) LogStash::SETTINGS.get_setting("monitoring.cluster_uuid").reset diff --git a/x-pack/lib/monitoring/monitoring.rb b/x-pack/lib/monitoring/monitoring.rb index fac0b7565..bdc6d51f1 100644 --- a/x-pack/lib/monitoring/monitoring.rb +++ b/x-pack/lib/monitoring/monitoring.rb @@ -155,8 +155,10 @@ module LogStash # For versions prior to 6.3 the default value of "xpack.monitoring.enabled" was true # For versions 6.3+ the default of "xpack.monitoring.enabled" is false. # To help keep passivity, assume that if "xpack.monitoring.elasticsearch.hosts" has been set that monitoring should be enabled. - # return true if xpack.monitoring.enabled=true (explicitly) or xpack.monitoring.elasticsearch.hosts is configured + # return true if xpack.monitoring.allow_legacy_collection=true and xpack.monitoring.enabled=true (explicitly) or xpack.monitoring.elasticsearch.hosts is configured def monitoring_enabled?(settings) + log_warn_if_legacy_is_enabled_and_not_allowed(settings) + return false unless settings.get_value("xpack.monitoring.allow_legacy_collection") return settings.get_value("monitoring.enabled") if settings.set?("monitoring.enabled") return settings.get_value("xpack.monitoring.enabled") if settings.set?("xpack.monitoring.enabled") @@ -170,6 +172,15 @@ module LogStash end end + def log_warn_if_legacy_is_enabled_and_not_allowed(settings) + allowed = settings.get_value("xpack.monitoring.allow_legacy_collection") + legacy_monitoring_enabled = (settings.get_value("xpack.monitoring.enabled") || settings.get_value("monitoring.enabled")) + if !allowed && legacy_monitoring_enabled + logger.warn("You have enabled legacy internal monitoring. However, starting from version 9.0, this feature is deactivated and behind a feature flag. Set `xpack.monitoring.allow_legacy_collection` to `true` to allow access to the feature.") + end + end + private :log_warn_if_legacy_is_enabled_and_not_allowed + def setup_metrics_pipeline settings = LogStash::SETTINGS.clone @@ -195,7 +206,8 @@ module LogStash raise ArgumentError.new("\"xpack.monitoring.enabled\" is configured while also \"monitoring.enabled\"") end - if any_set?(settings, /^xpack.monitoring/) && any_set?(settings, /^monitoring./) + if any_set?(settings, /^xpack.monitoring/, "xpack.monitoring.allow_legacy_collection") && + any_set?(settings, /^monitoring./) raise ArgumentError.new("\"xpack.monitoring.*\" settings can't be configured while using \"monitoring.*\"") end @@ -225,8 +237,8 @@ module LogStash opt end - def any_set?(settings, regexp) - !settings.get_subset(regexp).to_hash.keys.select { |k| settings.set?(k)}.empty? + def any_set?(settings, regexp, to_avoid = []) + !settings.get_subset(regexp).to_hash.keys.select{ |k| !to_avoid.include?(k)}.select { |k| settings.set?(k)}.empty? end end @@ -259,6 +271,9 @@ module LogStash private def register_monitoring_settings(settings, prefix = "") + if prefix == "xpack." + settings.register(LogStash::Setting::Boolean.new("xpack.monitoring.allow_legacy_collection", false)) + end settings.register(LogStash::Setting::Boolean.new("#{prefix}monitoring.enabled", false)) settings.register(LogStash::Setting::ArrayCoercible.new("#{prefix}monitoring.elasticsearch.hosts", String, ["http://localhost:9200"])) settings.register(LogStash::Setting::TimeValue.new("#{prefix}monitoring.collection.interval", "10s")) diff --git a/x-pack/qa/integration/management/multiple_pipelines_spec.rb b/x-pack/qa/integration/management/multiple_pipelines_spec.rb index 0511da0bf..a7b66de6f 100644 --- a/x-pack/qa/integration/management/multiple_pipelines_spec.rb +++ b/x-pack/qa/integration/management/multiple_pipelines_spec.rb @@ -33,6 +33,7 @@ describe "Read configuration from elasticsearch" do "xpack.management.elasticsearch.hosts" => ["http://localhost:9200"], "xpack.management.elasticsearch.username" => "elastic", "xpack.management.elasticsearch.password" => elastic_password, + "xpack.monitoring.allow_legacy_collection" => true, "xpack.monitoring.elasticsearch.username" => "elastic", "xpack.monitoring.elasticsearch.password" => elastic_password diff --git a/x-pack/qa/integration/monitoring/direct_shipping_spec.rb b/x-pack/qa/integration/monitoring/direct_shipping_spec.rb index bded6b361..183f91906 100644 --- a/x-pack/qa/integration/monitoring/direct_shipping_spec.rb +++ b/x-pack/qa/integration/monitoring/direct_shipping_spec.rb @@ -15,6 +15,7 @@ describe "Direct shipping" do @logstash_service = logstash_with_empty_default("bin/logstash -e '#{config}' -w 1 --pipeline.id #{SecureRandom.hex(8)}", { :settings => { + "xpack.monitoring.allow_legacy_collection" => true, "monitoring.enabled" => true, "monitoring.elasticsearch.hosts" => ["http://localhost:9200", "http://localhost:9200"], "monitoring.collection.interval" => "1s", diff --git a/x-pack/qa/integration/monitoring/es_documents_structure_validation_spec.rb b/x-pack/qa/integration/monitoring/es_documents_structure_validation_spec.rb index 9b3c31057..f47115318 100644 --- a/x-pack/qa/integration/monitoring/es_documents_structure_validation_spec.rb +++ b/x-pack/qa/integration/monitoring/es_documents_structure_validation_spec.rb @@ -85,6 +85,7 @@ def start_monitoring_logstash(config, prefix = "") end logstash_with_empty_default("bin/logstash -e '#{config}' -w 1", { :settings => { + "xpack.monitoring.allow_legacy_collection" => true, "#{mon_prefix}monitoring.enabled" => true, "#{mon_prefix}monitoring.elasticsearch.hosts" => ["http://localhost:9200", "http://localhost:9200"], "#{mon_prefix}monitoring.collection.interval" => "1s", diff --git a/x-pack/qa/integration/monitoring/multiple_host_defined_spec.rb b/x-pack/qa/integration/monitoring/multiple_host_defined_spec.rb index 235c92de4..67e7d4f65 100644 --- a/x-pack/qa/integration/monitoring/multiple_host_defined_spec.rb +++ b/x-pack/qa/integration/monitoring/multiple_host_defined_spec.rb @@ -14,6 +14,7 @@ describe "Multiple hosts defined" do @logstash_service = logstash("bin/logstash -e '#{config}' -w 1", { :settings => { + "xpack.monitoring.allow_legacy_collection" => true, "xpack.monitoring.elasticsearch.hosts" => ["http://localhost:9200", "http://localhost:9200"], "xpack.monitoring.collection.interval" => "1s", "xpack.monitoring.elasticsearch.username" => "elastic", diff --git a/x-pack/qa/integration/monitoring/no_ssl_create_monitoring_indexes_spec.rb b/x-pack/qa/integration/monitoring/no_ssl_create_monitoring_indexes_spec.rb index 0213d675a..17b494bfa 100644 --- a/x-pack/qa/integration/monitoring/no_ssl_create_monitoring_indexes_spec.rb +++ b/x-pack/qa/integration/monitoring/no_ssl_create_monitoring_indexes_spec.rb @@ -16,6 +16,7 @@ describe "Without SSL monitoring index" do @logstash_service = logstash("bin/logstash -e '#{config}' -w 1", { :settings => { + "xpack.monitoring.allow_legacy_collection" => true, "xpack.monitoring.collection.interval" => "1s", "xpack.monitoring.elasticsearch.username" => "elastic", "xpack.monitoring.elasticsearch.password" => elastic_password diff --git a/x-pack/qa/integration/monitoring/persisted_queue_is_enabled_spec.rb b/x-pack/qa/integration/monitoring/persisted_queue_is_enabled_spec.rb index 1ed1ca846..126d5efcc 100644 --- a/x-pack/qa/integration/monitoring/persisted_queue_is_enabled_spec.rb +++ b/x-pack/qa/integration/monitoring/persisted_queue_is_enabled_spec.rb @@ -14,6 +14,7 @@ describe "Multiple hosts defined" do @logstash_service = logstash("bin/logstash -e '#{config}' -w 1", { :settings => { + "xpack.monitoring.allow_legacy_collection" => true, "xpack.monitoring.elasticsearch.hosts" => ["http://localhost:9200", "http://localhost:9200"], "xpack.monitoring.collection.interval" => "1s", "queue.type" => "persisted", diff --git a/x-pack/spec/monitoring/pipeline_register_hook_spec.rb b/x-pack/spec/monitoring/pipeline_register_hook_spec.rb index 98723413e..e2074baae 100644 --- a/x-pack/spec/monitoring/pipeline_register_hook_spec.rb +++ b/x-pack/spec/monitoring/pipeline_register_hook_spec.rb @@ -24,6 +24,18 @@ describe LogStash::MonitoringExtension::PipelineRegisterHook do } context 'validate monitoring settings' do + it "it's not enabled with just xpack.monitoring.enabled set to true" do + expect(subject.monitoring_enabled?(settings)).to be_falsey + end + + context 'when legacy monitoring is allowed and xpack monitoring is enabled' do + let(:settings) { super().merge({"xpack.monitoring.allow_legacy_collection" => true}) } + + it "then internal monitoring should be effectively enabled" do + expect(subject.monitoring_enabled?(settings)).to be_truthy + end + end + it "work without any monitoring settings" do settings.set_value("xpack.monitoring.enabled", true) expect(subject.generate_pipeline_config(settings)).to be_truthy From e0ed994ab1668e962d071fd3cc393a55adf9de87 Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Wed, 20 Nov 2024 03:49:28 -0800 Subject: [PATCH 112/290] Update license checker with new logger dependency (#16695) A new transative dependency on the `logger` gem has been added through sinatra 4.1.0. Update the license checker to ensure this is accounted for. --- .../src/main/resources/licenseMapping.csv | 1 + .../main/resources/notices/logger-NOTICE.txt | 22 +++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 tools/dependencies-report/src/main/resources/notices/logger-NOTICE.txt diff --git a/tools/dependencies-report/src/main/resources/licenseMapping.csv b/tools/dependencies-report/src/main/resources/licenseMapping.csv index f46ecf4ab..e98daf533 100644 --- a/tools/dependencies-report/src/main/resources/licenseMapping.csv +++ b/tools/dependencies-report/src/main/resources/licenseMapping.csv @@ -100,6 +100,7 @@ dependency,dependencyUrl,licenseOverride,copyright,sourceURL "jruby-stdin-channel:","https://github.com/colinsurprenant/jruby-stdin-channel",Apache-2.0 "jwt:",https://github.com/jwt/ruby-jwt,MIT "json:",http://json-jruby.rubyforge.org/,Ruby +"logger:",https://github.com/ruby/logger,BSD-2-Clause "lru_redux:","https://github.com/SamSaffron/lru_redux/",MIT "mail:","https://github.com/mikel/mail/",MIT "manticore:","https://github.com/cheald/manticore/",MIT diff --git a/tools/dependencies-report/src/main/resources/notices/logger-NOTICE.txt b/tools/dependencies-report/src/main/resources/notices/logger-NOTICE.txt new file mode 100644 index 000000000..44d33b0b5 --- /dev/null +++ b/tools/dependencies-report/src/main/resources/notices/logger-NOTICE.txt @@ -0,0 +1,22 @@ +Copyright (C) 1993-2013 Yukihiro Matsumoto. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. \ No newline at end of file From 977efbdddef73ff32948c4b2cfb65953f2827cd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 20 Nov 2024 16:37:10 +0000 Subject: [PATCH 113/290] Update branches.json to include 8.15, 8.16 and 8.17 (#16698) --- ci/branches.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ci/branches.json b/ci/branches.json index 0bb2fee21..c105bd7c6 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -7,9 +7,15 @@ { "branch": "8.x" }, + { + "branch": "8.15" + }, { "branch": "8.16" }, + { + "branch": "8.17" + }, { "branch": "7.17" } From 7b3d23b9d5a98303975fad725dadf5cdd9741508 Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Wed, 20 Nov 2024 10:13:30 -0800 Subject: [PATCH 114/290] Replace removed yaml module (#16703) In https://github.com/elastic/logstash/pull/16586 the module include was removed. This causes failures in the script when the module is referenced. This commit re-enables the include for the yaml module. --- docker/data/logstash/env2yaml/env2yaml.go | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/data/logstash/env2yaml/env2yaml.go b/docker/data/logstash/env2yaml/env2yaml.go index e0680957a..b2e93ad16 100644 --- a/docker/data/logstash/env2yaml/env2yaml.go +++ b/docker/data/logstash/env2yaml/env2yaml.go @@ -17,6 +17,7 @@ package main import ( "errors" "fmt" + "gopkg.in/yaml.v2" "io/ioutil" "log" "os" From 15b203448a00a5fb104dd5dc594f07072863bb68 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Wed, 20 Nov 2024 10:26:02 -0800 Subject: [PATCH 115/290] [Health API E2E] Align on agent python version and avoid pip install. (#16704) * Pip install is unnecessary and sometimes hangs with prompt dialog. This commit aligns on agent python version which has a default pip installed. * Update .buildkite/scripts/health-report-tests/main.sh Improve readability. Co-authored-by: Cas Donoghue --------- Co-authored-by: Cas Donoghue --- .buildkite/scripts/health-report-tests/main.sh | 7 +++---- catalog-info.yaml | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.buildkite/scripts/health-report-tests/main.sh b/.buildkite/scripts/health-report-tests/main.sh index 2fcc25252..e6cbf3727 100755 --- a/.buildkite/scripts/health-report-tests/main.sh +++ b/.buildkite/scripts/health-report-tests/main.sh @@ -4,14 +4,13 @@ set -euo pipefail export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:/opt/buildkite-agent/.java/bin:$PATH" export JAVA_HOME="/opt/buildkite-agent/.java" +export PYENV_VERSION="3.11.5" + eval "$(rbenv init -)" eval "$(pyenv init -)" -echo "--- Installing pip" -sudo apt-get install python3-pip -y - echo "--- Installing dependencies" -python3 -mpip install -r .buildkite/scripts/health-report-tests/requirements.txt +python3 -m pip install -r .buildkite/scripts/health-report-tests/requirements.txt echo "--- Running tests" python3 .buildkite/scripts/health-report-tests/main.py \ No newline at end of file diff --git a/catalog-info.yaml b/catalog-info.yaml index 21d7f9b03..cc0ca33d7 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -721,7 +721,7 @@ spec: spec: repository: elastic/logstash pipeline_file: ".buildkite/health_report_tests_pipeline.yml" - maximum_timeout_in_minutes: 60 + maximum_timeout_in_minutes: 30 # usually tests last max ~17mins provider_settings: trigger_mode: none # don't trigger jobs from github activity env: From 0dd64a9d63ed9c6e7b392c3b7e0ee15eb3949efc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:26:13 -0800 Subject: [PATCH 116/290] PipelineBusV2 deadlock proofing (#16671) (#16682) * pipeline bus: add deadlock test for unlisten/unregisterSender * pipeline bus: eliminate deadlock Moves the sync-to-notify out of the `AddressStateMapping#mutate`'s effective synchronous block to eliminate a race condition where unlistening to an address and unregistering a sender could deadlock. It is safe to notify an AddressState's attached input without exclusive access to the AddressState, because notifying an input that has since been disconnected is net zero harm. (cherry picked from commit 8af6343a26393c1a7769ace42039338a7e25e441) Co-authored-by: Ry Biesemeyer --- .../plugins/pipeline/PipelineBusV2.java | 16 +++-- .../plugins/pipeline/PipelineBusTest.java | 61 ++++++++++++++++++- 2 files changed, 70 insertions(+), 7 deletions(-) diff --git a/logstash-core/src/main/java/org/logstash/plugins/pipeline/PipelineBusV2.java b/logstash-core/src/main/java/org/logstash/plugins/pipeline/PipelineBusV2.java index 6626641a1..082b3bc3c 100644 --- a/logstash-core/src/main/java/org/logstash/plugins/pipeline/PipelineBusV2.java +++ b/logstash-core/src/main/java/org/logstash/plugins/pipeline/PipelineBusV2.java @@ -141,16 +141,20 @@ class PipelineBusV2 extends AbstractPipelineBus implements PipelineBus { consumer.accept(addressState); - // If this addressState has a listener, ensure that any waiting + return addressState.isEmpty() ? null : addressState; + }); + + if (result == null) { + return null; + } else { + // If the resulting addressState had a listener, ensure that any waiting // threads get notified so that they can resume immediately - final PipelineInput currentInput = addressState.getInput(); + final PipelineInput currentInput = result.getInput(); if (currentInput != null) { synchronized (currentInput) { currentInput.notifyAll(); } } - - return addressState.isEmpty() ? null : addressState; - }); - return result == null ? null : result.getReadOnlyView(); + return result.getReadOnlyView(); + } } private AddressState.ReadOnly get(final String address) { diff --git a/logstash-core/src/test/java/org/logstash/plugins/pipeline/PipelineBusTest.java b/logstash-core/src/test/java/org/logstash/plugins/pipeline/PipelineBusTest.java index 78f7c22ac..268ed8d09 100644 --- a/logstash-core/src/test/java/org/logstash/plugins/pipeline/PipelineBusTest.java +++ b/logstash-core/src/test/java/org/logstash/plugins/pipeline/PipelineBusTest.java @@ -23,6 +23,7 @@ import org.junit.Before; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatCode; import org.junit.runner.RunWith; import org.junit.runners.Parameterized; @@ -30,8 +31,16 @@ import org.logstash.RubyUtil; import org.logstash.ext.JrubyEventExtLibrary; import java.time.Duration; -import java.util.*; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.List; +import java.util.Set; +import java.util.concurrent.CompletableFuture; import java.util.concurrent.CountDownLatch; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.LongAdder; import java.util.stream.Stream; @@ -307,6 +316,56 @@ public class PipelineBusTest { assertThat(bus.getAddressState(address)).isNotPresent(); } + @Test + public void blockingShutdownDeadlock() throws InterruptedException { + final ExecutorService executor = Executors.newFixedThreadPool(10); + try { + for (int i = 0; i < 100; i++) { + bus.registerSender(output, addresses); + bus.listen(input, address); + bus.setBlockOnUnlisten(true); + + // we use a CountDownLatch to increase the likelihood + // of simultaneous execution + final CountDownLatch startLatch = new CountDownLatch(2); + final CompletableFuture unlistenFuture = CompletableFuture.runAsync(asRunnable(() -> { + startLatch.countDown(); + startLatch.await(); + bus.unlisten(input, address); + }), executor); + final CompletableFuture unregisterFuture = CompletableFuture.runAsync(asRunnable(() -> { + startLatch.countDown(); + startLatch.await(); + bus.unregisterSender(output, addresses); + }), executor); + + // ensure that our tasks all exit successfully, quickly + assertThatCode(() -> CompletableFuture.allOf(unlistenFuture, unregisterFuture).get(1, TimeUnit.SECONDS)) + .withThreadDumpOnError() + .withFailMessage("Expected unlisten and unregisterSender to not deadlock, but they did not return in a reasonable amount of time in the <%s>th iteration", i) + .doesNotThrowAnyException(); + } + } finally { + executor.shutdownNow(); + } + } + + @FunctionalInterface + interface ExceptionalRunnable { + void run() throws E; + } + + private Runnable asRunnable(final ExceptionalRunnable exceptionalRunnable) { + return () -> { + try { + exceptionalRunnable.run(); + } catch (Throwable e) { + throw new RuntimeException(e); + } + }; + } + + @Test public void whenInputFailsOutputRetryOnlyNotYetDelivered() throws InterruptedException { bus.registerSender(output, addresses); From 2f0e10468d8aab8436ef33ced92ace0d75f5715e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 21 Nov 2024 09:35:33 +0000 Subject: [PATCH 117/290] Update logstash_releases.json to account for 8.17 Feature Freeze (#16709) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index b7566d984..df7daec9a 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -8,8 +8,8 @@ "7.current": "7.17.26-SNAPSHOT", "8.previous": "8.15.5-SNAPSHOT", "8.current": "8.16.1-SNAPSHOT", - "8.next": null, - "8.future": "8.17.0-SNAPSHOT", + "8.next": "8.17.0-SNAPSHOT", + "8.future": "8.18.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" } } From aff8d1cce703e3b1c696ebdb3ea5870c6bda543d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 21 Nov 2024 10:03:50 +0000 Subject: [PATCH 118/290] update logstash_release with 8.16.1 and 8.16.2-SNAPSHOT (#16711) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index df7daec9a..a260b003a 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -2,12 +2,12 @@ "releases": { "7.current": "7.17.25", "8.previous": "8.15.4", - "8.current": "8.16.0" + "8.current": "8.16.1" }, "snapshots": { "7.current": "7.17.26-SNAPSHOT", "8.previous": "8.15.5-SNAPSHOT", - "8.current": "8.16.1-SNAPSHOT", + "8.current": "8.16.2-SNAPSHOT", "8.next": "8.17.0-SNAPSHOT", "8.future": "8.18.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" From eb7e1253e003a09e3297321ec760ba73193d17b8 Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Thu, 21 Nov 2024 09:18:59 -0800 Subject: [PATCH 119/290] Revert "Bugfix for BufferedTokenizer to completely consume lines in case of lines bigger then sizeLimit (#16482)" (#16715) This reverts commit 85493ce864adb0ec22c5879b515bd2571cd83337. --- .../logstash/common/BufferedTokenizerExt.java | 67 ++--------- .../common/BufferedTokenizerExtTest.java | 91 --------------- ...BufferedTokenizerExtWithDelimiterTest.java | 66 ----------- ...BufferedTokenizerExtWithSizeLimitTest.java | 110 ------------------ 4 files changed, 12 insertions(+), 322 deletions(-) delete mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java delete mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java delete mode 100644 logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java diff --git a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java index 2c36370af..2d7b90bba 100644 --- a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java +++ b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java @@ -22,7 +22,6 @@ package org.logstash.common; import org.jruby.Ruby; import org.jruby.RubyArray; -import org.jruby.RubyBoolean; import org.jruby.RubyClass; import org.jruby.RubyObject; import org.jruby.RubyString; @@ -41,12 +40,10 @@ public class BufferedTokenizerExt extends RubyObject { freeze(RubyUtil.RUBY.getCurrentContext()); private @SuppressWarnings("rawtypes") RubyArray input = RubyUtil.RUBY.newArray(); - private StringBuilder headToken = new StringBuilder(); private RubyString delimiter = NEW_LINE; private int sizeLimit; private boolean hasSizeLimit; private int inputSize; - private boolean bufferFullErrorNotified = false; public BufferedTokenizerExt(final Ruby runtime, final RubyClass metaClass) { super(runtime, metaClass); @@ -69,6 +66,7 @@ public class BufferedTokenizerExt extends RubyObject { * Extract takes an arbitrary string of input data and returns an array of * tokenized entities, provided there were any available to extract. This * makes for easy processing of datagrams using a pattern like: + * * {@code tokenizer.extract(data).map { |entity| Decode(entity) }.each do} * * @param context ThreadContext @@ -79,63 +77,22 @@ public class BufferedTokenizerExt extends RubyObject { @SuppressWarnings("rawtypes") public RubyArray extract(final ThreadContext context, IRubyObject data) { final RubyArray entities = data.convertToString().split(delimiter, -1); - if (!bufferFullErrorNotified) { - input.clear(); - input.addAll(entities); - } else { - // after a full buffer signal - if (input.isEmpty()) { - // after a buffer full error, the remaining part of the line, till next delimiter, - // has to be consumed, unless the input buffer doesn't still contain fragments of - // subsequent tokens. - entities.shift(context); - input.addAll(entities); - } else { - // merge last of the input with first of incoming data segment - if (!entities.isEmpty()) { - RubyString last = ((RubyString) input.pop(context)); - RubyString nextFirst = ((RubyString) entities.shift(context)); - entities.unshift(last.concat(nextFirst)); - input.addAll(entities); - } - } - } - if (hasSizeLimit) { - if (bufferFullErrorNotified) { - bufferFullErrorNotified = false; - if (input.isEmpty()) { - return RubyUtil.RUBY.newArray(); - } - } - final int entitiesSize = ((RubyString) input.first()).size(); + final int entitiesSize = ((RubyString) entities.first()).size(); if (inputSize + entitiesSize > sizeLimit) { - bufferFullErrorNotified = true; - headToken = new StringBuilder(); - inputSize = 0; - input.shift(context); // consume the token fragment that generates the buffer full throw new IllegalStateException("input buffer full"); } this.inputSize = inputSize + entitiesSize; } - - if (input.getLength() < 2) { - // this is a specialization case which avoid adding and removing from input accumulator - // when it contains just one element - headToken.append(input.shift(context)); // remove head + input.append(entities.shift(context)); + if (entities.isEmpty()) { return RubyUtil.RUBY.newArray(); } - - if (headToken.length() > 0) { - // if there is a pending token part, merge it with the first token segment present - // in the accumulator, and clean the pending token part. - headToken.append(input.shift(context)); // append buffer to first element and - input.unshift(RubyUtil.toRubyObject(headToken.toString())); // reinsert it into the array - headToken = new StringBuilder(); - } - headToken.append(input.pop(context)); // put the leftovers in headToken for later - inputSize = headToken.length(); - return input; + entities.unshift(input.join(context)); + input.clear(); + input.append(entities.pop(context)); + inputSize = ((RubyString) input.first()).size(); + return entities; } /** @@ -147,14 +104,14 @@ public class BufferedTokenizerExt extends RubyObject { */ @JRubyMethod public IRubyObject flush(final ThreadContext context) { - final IRubyObject buffer = RubyUtil.toRubyObject(headToken.toString()); - headToken = new StringBuilder(); + final IRubyObject buffer = input.join(context); + input.clear(); return buffer; } @JRubyMethod(name = "empty?") public IRubyObject isEmpty(final ThreadContext context) { - return RubyBoolean.newBoolean(context.runtime, headToken.toString().isEmpty()); + return input.empty_p(); } } diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java deleted file mode 100644 index 5638cffd8..000000000 --- a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtTest.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.common; - -import org.jruby.RubyArray; -import org.jruby.RubyString; -import org.jruby.runtime.ThreadContext; -import org.jruby.runtime.builtin.IRubyObject; -import org.junit.Before; -import org.junit.Test; -import org.logstash.RubyTestBase; -import org.logstash.RubyUtil; - -import java.util.List; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; -import static org.logstash.RubyUtil.RUBY; - -@SuppressWarnings("unchecked") -public final class BufferedTokenizerExtTest extends RubyTestBase { - - private BufferedTokenizerExt sut; - private ThreadContext context; - - @Before - public void setUp() { - sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); - context = RUBY.getCurrentContext(); - IRubyObject[] args = {}; - sut.init(context, args); - } - - @Test - public void shouldTokenizeASingleToken() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\n")); - - assertEquals(List.of("foo"), tokens); - } - - @Test - public void shouldMergeMultipleToken() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo")); - assertTrue(tokens.isEmpty()); - - tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("bar\n")); - assertEquals(List.of("foobar"), tokens); - } - - @Test - public void shouldTokenizeMultipleToken() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar\n")); - - assertEquals(List.of("foo", "bar"), tokens); - } - - @Test - public void shouldIgnoreEmptyPayload() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("")); - assertTrue(tokens.isEmpty()); - - tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar")); - assertEquals(List.of("foo"), tokens); - } - - @Test - public void shouldTokenizeEmptyPayloadWithNewline() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\n")); - assertEquals(List.of(""), tokens); - - tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\n\n\n")); - assertEquals(List.of("", "", ""), tokens); - } -} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java deleted file mode 100644 index aa2d19763..000000000 --- a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithDelimiterTest.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.logstash.common; - -import org.jruby.RubyArray; -import org.jruby.RubyString; -import org.jruby.runtime.ThreadContext; -import org.jruby.runtime.builtin.IRubyObject; -import org.junit.Before; -import org.junit.Test; -import org.logstash.RubyTestBase; -import org.logstash.RubyUtil; - -import java.util.List; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; -import static org.logstash.RubyUtil.RUBY; - -@SuppressWarnings("unchecked") -public final class BufferedTokenizerExtWithDelimiterTest extends RubyTestBase { - - private BufferedTokenizerExt sut; - private ThreadContext context; - - @Before - public void setUp() { - sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); - context = RUBY.getCurrentContext(); - IRubyObject[] args = {RubyUtil.RUBY.newString("||")}; - sut.init(context, args); - } - - @Test - public void shouldTokenizeMultipleToken() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo||b|r||")); - - assertEquals(List.of("foo", "b|r"), tokens); - } - - @Test - public void shouldIgnoreEmptyPayload() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("")); - assertTrue(tokens.isEmpty()); - - tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo||bar")); - assertEquals(List.of("foo"), tokens); - } -} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java b/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java deleted file mode 100644 index 859bd35f7..000000000 --- a/logstash-core/src/test/java/org/logstash/common/BufferedTokenizerExtWithSizeLimitTest.java +++ /dev/null @@ -1,110 +0,0 @@ -package org.logstash.common; -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import org.jruby.RubyArray; -import org.jruby.RubyString; -import org.jruby.runtime.ThreadContext; -import org.jruby.runtime.builtin.IRubyObject; -import org.junit.Before; -import org.junit.Test; -import org.logstash.RubyTestBase; -import org.logstash.RubyUtil; - -import java.util.List; - -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.containsString; -import static org.junit.Assert.*; -import static org.logstash.RubyUtil.RUBY; - -@SuppressWarnings("unchecked") -public final class BufferedTokenizerExtWithSizeLimitTest extends RubyTestBase { - - private BufferedTokenizerExt sut; - private ThreadContext context; - - @Before - public void setUp() { - sut = new BufferedTokenizerExt(RubyUtil.RUBY, RubyUtil.BUFFERED_TOKENIZER); - context = RUBY.getCurrentContext(); - IRubyObject[] args = {RubyUtil.RUBY.newString("\n"), RubyUtil.RUBY.newFixnum(10)}; - sut.init(context, args); - } - - @Test - public void givenTokenWithinSizeLimitWhenExtractedThenReturnTokens() { - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("foo\nbar\n")); - - assertEquals(List.of("foo", "bar"), tokens); - } - - @Test - public void givenTokenExceedingSizeLimitWhenExtractedThenThrowsAnError() { - Exception thrownException = assertThrows(IllegalStateException.class, () -> { - sut.extract(context, RubyUtil.RUBY.newString("this_is_longer_than_10\nkaboom")); - }); - assertThat(thrownException.getMessage(), containsString("input buffer full")); - } - - @Test - public void givenExtractedThrownLimitErrorWhenFeedFreshDataThenReturnTokenStartingFromEndOfOffendingToken() { - Exception thrownException = assertThrows(IllegalStateException.class, () -> { - sut.extract(context, RubyUtil.RUBY.newString("this_is_longer_than_10\nkaboom")); - }); - assertThat(thrownException.getMessage(), containsString("input buffer full")); - - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("\nanother")); - assertEquals("After buffer full error should resume from the end of line", List.of("kaboom"), tokens); - } - - @Test - public void givenExtractInvokedWithDifferentFramingAfterBufferFullErrorTWhenFeedFreshDataThenReturnTokenStartingFromEndOfOffendingToken() { - sut.extract(context, RubyUtil.RUBY.newString("aaaa")); - - Exception thrownException = assertThrows(IllegalStateException.class, () -> { - sut.extract(context, RubyUtil.RUBY.newString("aaaaaaa")); - }); - assertThat(thrownException.getMessage(), containsString("input buffer full")); - - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("aa\nbbbb\nccc")); - assertEquals(List.of("bbbb"), tokens); - } - - @Test - public void giveMultipleSegmentsThatGeneratesMultipleBufferFullErrorsThenIsAbleToRecoverTokenization() { - sut.extract(context, RubyUtil.RUBY.newString("aaaa")); - - //first buffer full on 13 "a" letters - Exception thrownException = assertThrows(IllegalStateException.class, () -> { - sut.extract(context, RubyUtil.RUBY.newString("aaaaaaa")); - }); - assertThat(thrownException.getMessage(), containsString("input buffer full")); - - // second buffer full on 11 "b" letters - Exception secondThrownException = assertThrows(IllegalStateException.class, () -> { - sut.extract(context, RubyUtil.RUBY.newString("aa\nbbbbbbbbbbb\ncc")); - }); - assertThat(secondThrownException.getMessage(), containsString("input buffer full")); - - // now should resemble processing on c and d - RubyArray tokens = (RubyArray) sut.extract(context, RubyUtil.RUBY.newString("ccc\nddd\n")); - assertEquals(List.of("ccccc", "ddd"), tokens); - } -} \ No newline at end of file From 615545027f44cd411fe1dda50464885c2bc39cf6 Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Fri, 22 Nov 2024 11:16:02 -0500 Subject: [PATCH 120/290] Doc: Roll 6.3 breaking changes under 6.0 series (#16706) --- docs/static/breaking-changes-60.asciidoc | 15 ++++++++++++++- docs/static/breaking-changes-pre63.asciidoc | 8 -------- docs/static/breaking-changes.asciidoc | 2 -- 3 files changed, 14 insertions(+), 11 deletions(-) delete mode 100644 docs/static/breaking-changes-pre63.asciidoc diff --git a/docs/static/breaking-changes-60.asciidoc b/docs/static/breaking-changes-60.asciidoc index 6d4ab3215..327551bb9 100644 --- a/docs/static/breaking-changes-60.asciidoc +++ b/docs/static/breaking-changes-60.asciidoc @@ -1,8 +1,21 @@ [[breaking-6.0]] -=== Breaking changes in 6.0 +=== Breaking changes in 6.0 series Here are the breaking changes for 6.0. +[discrete] +[[breaking-pq]] +=== Breaking change across PQ versions prior to Logstash 6.3.0 + +If you are upgrading from Logstash 6.2.x or any earlier version (including 5.x) +and have the persistent queue enabled, we strongly recommend that you drain or +delete the persistent queue before you upgrade. See <> +for information and instructions. + +[discrete] +[[breaking-6.0-rel]] +=== Breaking changes in 6.0 + [discrete] ==== Changes in Logstash Core diff --git a/docs/static/breaking-changes-pre63.asciidoc b/docs/static/breaking-changes-pre63.asciidoc deleted file mode 100644 index 854b2195b..000000000 --- a/docs/static/breaking-changes-pre63.asciidoc +++ /dev/null @@ -1,8 +0,0 @@ -[[breaking-pq]] -=== Breaking change across PQ versions prior to Logstash 6.3.0 - -If you are upgrading from Logstash 6.2.x or any earlier version (including 5.x) -and have the persistent queue enabled, we strongly recommend that you drain or -delete the persistent queue before you upgrade. See <> -for information and instructions. - diff --git a/docs/static/breaking-changes.asciidoc b/docs/static/breaking-changes.asciidoc index 0169a2bbb..14c1c478f 100644 --- a/docs/static/breaking-changes.asciidoc +++ b/docs/static/breaking-changes.asciidoc @@ -30,12 +30,10 @@ See these topics for breaking changes in earlier releases: * <> * <> -* <> * <> include::breaking-changes-80.asciidoc[] include::breaking-changes-70.asciidoc[] -include::breaking-changes-pre63.asciidoc[] include::breaking-changes-60.asciidoc[] From 0e58e417ee51436990e20e769aa270ef40e8b586 Mon Sep 17 00:00:00 2001 From: Rob Bavey Date: Fri, 22 Nov 2024 11:57:15 -0500 Subject: [PATCH 121/290] Increase timeout for docs PR link action (#16718) Update the timeout from 15 minutes to 30 minutes to try and fix the inline docs previews feature, and cleanup comments --- .github/workflows/add-docs-preview-link.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/add-docs-preview-link.yml b/.github/workflows/add-docs-preview-link.yml index b99a9fdce..e8bbb57ac 100644 --- a/.github/workflows/add-docs-preview-link.yml +++ b/.github/workflows/add-docs-preview-link.yml @@ -20,9 +20,9 @@ jobs: # when running with on: pull_request_target we get the PR base ref by default ref: ${{ github.event.pull_request.head.sha }} statusName: "buildkite/docs-build-pr" - # https://elasticsearch-ci.elastic.co/job/elastic+logstash+pull-request+build-docs + # https://buildkite.com/elastic/docs-build-pr/builds?meta_data[repo_pr]=${REPO}_${PR} # usually finishes in ~ 20 minutes - timeoutSeconds: 900 + timeoutSeconds: 1800 intervalSeconds: 30 - name: Add Docs Preview link in PR Comment if: steps.wait-for-status.outputs.state == 'success' From ccde1eb8fb1bf23fcbff6e6db1cad712acbf61a7 Mon Sep 17 00:00:00 2001 From: Rob Bavey Date: Tue, 26 Nov 2024 16:23:44 -0500 Subject: [PATCH 122/290] =?UTF-8?q?Add=20SSL=20Breaking=20changes=20for=20?= =?UTF-8?q?logstash-output-http=20to=20breaking=20changes=E2=80=A6=20(#167?= =?UTF-8?q?01)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add SSL Breaking changes for logstash-output-http to breaking changes doc * Add missing discrete tags * Improve formatting of plugin breaking chagnes Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- docs/static/breaking-changes-90.asciidoc | 34 ++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/docs/static/breaking-changes-90.asciidoc b/docs/static/breaking-changes-90.asciidoc index 41e923ad2..dcab80e35 100644 --- a/docs/static/breaking-changes-90.asciidoc +++ b/docs/static/breaking-changes-90.asciidoc @@ -13,3 +13,37 @@ Include: * user impact/decription/value prop * link to relevant docs for more information +[discrete] +[[ssl-settings-9.0]] +===== Changes to SSL settings in {ls} plugins + +We've removed deprecated SSL settings in some {ls} plugins, and have replaced them with updated settings. +If your plugin configuration contains any of these obsolete options, the plugin may fail to start. + +Click the arrow beside a plugin name to see the list of settings that have been +removed and their replacements. + +**Plugins with changes to SSL settings** + +[discrete] +[[output-http-ssl-9.0]] +.`logstash-output-http` + +[%collapsible] +==== + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| cacert |<> +| client_cert |<> +| client_key |<> +| keystore |<> +| keystore_password |<> +| keystore_type |<> +| truststore |<> +| truststore_password |<> +| truststore_type |<> +|======================================================================= + +==== \ No newline at end of file From d913e2ae3d135495c275c053c168ddb899506133 Mon Sep 17 00:00:00 2001 From: mmahacek Date: Wed, 27 Nov 2024 03:08:20 -0800 Subject: [PATCH 123/290] Docs: Troubleshooting update for JDK bug handling cgroups v1 (#16721) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --------- Co-authored-by: João Duarte Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com> --- docs/static/troubleshoot/ts-logstash.asciidoc | 72 ++++++++++++++++++- 1 file changed, 71 insertions(+), 1 deletion(-) diff --git a/docs/static/troubleshoot/ts-logstash.asciidoc b/docs/static/troubleshoot/ts-logstash.asciidoc index 219639466..60d247266 100644 --- a/docs/static/troubleshoot/ts-logstash.asciidoc +++ b/docs/static/troubleshoot/ts-logstash.asciidoc @@ -106,6 +106,76 @@ This issue affects some OpenJDK-derived JVM versions (Adoptium, OpenJDK, and Azu -Djdk.io.File.enableADS=true ----- +[[ts-container-cgroup]] +===== Container exits with 'An unexpected error occurred!' message + +{ls} running in a container may not start due to a https://bugs.openjdk.org/browse/JDK-8343191[bug in the JDK]. + +*Sample error* + +[source,sh] +----- +[FATAL] 2024-11-11 11:11:11.465 [LogStash::Runner] runner - An unexpected error occurred! {:error=>#, :backtrace=>[ + "java.util.Objects.requireNonNull(java/util/Objects.java:233)", + "sun.nio.fs.UnixFileSystem.getPath(sun/nio/fs/UnixFileSystem.java:296)", + "java.nio.file.Path.of(java/nio/file/Path.java:148)", + "java.nio.file.Paths.get(java/nio/file/Paths.java:69)", + "jdk.internal.platform.CgroupUtil.lambda$readStringValue$1(jdk/internal/platform/CgroupUtil.java:67)", + "java.security.AccessController.doPrivileged(java/security/AccessController.java:571)", + "jdk.internal.platform.CgroupUtil.readStringValue(jdk/internal/platform/CgroupUtil.java:69)", + "jdk.internal.platform.CgroupSubsystemController.getStringValue(jdk/internal/platform/CgroupSubsystemController.java:65)", + "jdk.internal.platform.cgroupv1.CgroupV1Subsystem.getCpuSetCpus(jdk/internal/platform/cgroupv1/CgroupV1Subsystem.java:275)", + "jdk.internal.platform.CgroupMetrics.getCpuSetCpus(jdk/internal/platform/CgroupMetrics.java:100)", + "com.sun.management.internal.OperatingSystemImpl.isCpuSetSameAsHostCpuSet(com/sun/management/internal/OperatingSystemImpl.java:277)", + "com.sun.management.internal.OperatingSystemImpl$ContainerCpuTicks.getContainerCpuLoad(com/sun/management/internal/OperatingSystemImpl.java:96)", + "com.sun.management.internal.OperatingSystemImpl.getProcessCpuLoad(com/sun/management/internal/OperatingSystemImpl.java:271)", + "org.logstash.instrument.monitors.ProcessMonitor$Report.(org/logstash/instrument/monitors/ProcessMonitor.java:63)", + "org.logstash.instrument.monitors.ProcessMonitor.detect(org/logstash/instrument/monitors/ProcessMonitor.java:136)", + "org.logstash.instrument.reports.ProcessReport.generate(org/logstash/instrument/reports/ProcessReport.java:35)", + "jdk.internal.reflect.DirectMethodHandleAccessor.invoke(jdk/internal/reflect/DirectMethodHandleAccessor.java:103)", + "java.lang.reflect.Method.invoke(java/lang/reflect/Method.java:580)", + "org.jruby.javasupport.JavaMethod.invokeDirectWithExceptionHandling(org/jruby/javasupport/JavaMethod.java:300)", + "org.jruby.javasupport.JavaMethod.invokeStaticDirect(org/jruby/javasupport/JavaMethod.java:222)", + "RUBY.collect_process_metrics(/usr/share/logstash/logstash-core/lib/logstash/instrument/periodic_poller/jvm.rb:102)", + "RUBY.collect(/usr/share/logstash/logstash-core/lib/logstash/instrument/periodic_poller/jvm.rb:73)", + "RUBY.start(/usr/share/logstash/logstash-core/lib/logstash/instrument/periodic_poller/base.rb:72)", + "org.jruby.RubySymbol$SymbolProcBody.yieldSpecific(org/jruby/RubySymbol.java:1541)", + "org.jruby.RubySymbol$SymbolProcBody.doYield(org/jruby/RubySymbol.java:1534)", + "org.jruby.RubyArray.collectArray(org/jruby/RubyArray.java:2770)", + "org.jruby.RubyArray.map(org/jruby/RubyArray.java:2803)", + "org.jruby.RubyArray$INVOKER$i$0$0$map.call(org/jruby/RubyArray$INVOKER$i$0$0$map.gen)", + "RUBY.start(/usr/share/logstash/logstash-core/lib/logstash/instrument/periodic_pollers.rb:41)", + "RUBY.configure_metrics_collectors(/usr/share/logstash/logstash-core/lib/logstash/agent.rb:477)", + "RUBY.initialize(/usr/share/logstash/logstash-core/lib/logstash/agent.rb:88)", + "org.jruby.RubyClass.new(org/jruby/RubyClass.java:949)", + "org.jruby.RubyClass$INVOKER$i$newInstance.call(org/jruby/RubyClass$INVOKER$i$newInstance.gen)", + "RUBY.create_agent(/usr/share/logstash/logstash-core/lib/logstash/runner.rb:552)", + "RUBY.execute(/usr/share/logstash/logstash-core/lib/logstash/runner.rb:434)", + "RUBY.run(/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/clamp-1.0.1/lib/clamp/command.rb:68)", + "RUBY.run(/usr/share/logstash/logstash-core/lib/logstash/runner.rb:293)", + "RUBY.run(/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/clamp-1.0.1/lib/clamp/command.rb:133)", + "usr.share.logstash.lib.bootstrap.environment.
(/usr/share/logstash/lib/bootstrap/environment.rb:89)", + "usr.share.logstash.lib.bootstrap.environment.run(usr/share/logstash/lib/bootstrap//usr/share/logstash/lib/bootstrap/environment.rb)", + "java.lang.invoke.MethodHandle.invokeWithArguments(java/lang/invoke/MethodHandle.java:733)", + "org.jruby.Ruby.runScript(org/jruby/Ruby.java:1245)", + "org.jruby.Ruby.runNormally(org/jruby/Ruby.java:1157)", + "org.jruby.Ruby.runFromMain(org/jruby/Ruby.java:983)", + "org.logstash.Logstash.run(org/logstash/Logstash.java:163)", + "org.logstash.Logstash.main(org/logstash/Logstash.java:73)" + ] +} +[FATAL] 2024-11-11 11:11:11.516 [LogStash::Runner] Logstash - Logstash stopped processing because of an error: (SystemExit) exit + org.jruby.exceptions.SystemExit: (SystemExit) exit + at org.jruby.RubyKernel.exit(org/jruby/RubyKernel.java: 921) ~[jruby.jar:?] + at org.jruby.RubyKernel.exit(org/jruby/RubyKernel.java: 880) ~[jruby.jar:?] + at usr.share.logstash.lib.bootstrap.environment.
(/usr/share/logstash/lib/bootstrap/environment.rb: 90) ~[?:?] +----- + +This error can happen when cgroups v2 is not enabled, such as when running on a Red Had version 8 operating system. + +*Work around* + +Follow your operating system's instructions for enabling cgroups v2. [[ts-pqs]] ==== Troubleshooting persistent queues @@ -265,4 +335,4 @@ adding to the field name a `_1` suffix: "data":"{\"name\": [}" } } ------ \ No newline at end of file +----- From 1851fe6b2dc47785d5f66b1b7c31c6a6605a2a23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Wed, 27 Nov 2024 14:09:22 +0000 Subject: [PATCH 124/290] Update logstash_releases.json to account for GA of 8.15.5 (#16734) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index a260b003a..97788bdf2 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -1,12 +1,12 @@ { "releases": { "7.current": "7.17.25", - "8.previous": "8.15.4", + "8.previous": "8.15.5", "8.current": "8.16.1" }, "snapshots": { "7.current": "7.17.26-SNAPSHOT", - "8.previous": "8.15.5-SNAPSHOT", + "8.previous": "8.15.6-SNAPSHOT", "8.current": "8.16.2-SNAPSHOT", "8.next": "8.17.0-SNAPSHOT", "8.future": "8.18.0-SNAPSHOT", From af76c45e6570efacba11596fa1c834b0995d9df1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Tue, 3 Dec 2024 15:25:55 +0000 Subject: [PATCH 125/290] Update logstash_releases.json to account for 7.17.26 GA (#16746) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index 97788bdf2..a2d6ffe9d 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -1,11 +1,11 @@ { "releases": { - "7.current": "7.17.25", + "7.current": "7.17.26", "8.previous": "8.15.5", "8.current": "8.16.1" }, "snapshots": { - "7.current": "7.17.26-SNAPSHOT", + "7.current": "7.17.27-SNAPSHOT", "8.previous": "8.15.6-SNAPSHOT", "8.current": "8.16.2-SNAPSHOT", "8.next": "8.17.0-SNAPSHOT", From e3265d93e8b2e68ee6c1f59c279a2882fd272251 Mon Sep 17 00:00:00 2001 From: Rob Bavey Date: Tue, 3 Dec 2024 17:35:00 -0500 Subject: [PATCH 126/290] Pin `jar-dependencies` to `0.4.1` (#16747) Pin jar-dependencies to `0.4.1`, until https://github.com/jruby/jruby/issues/7262 is resolved. --- logstash-core/logstash-core.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logstash-core/logstash-core.gemspec b/logstash-core/logstash-core.gemspec index 0f073d3c3..e783f17cd 100644 --- a/logstash-core/logstash-core.gemspec +++ b/logstash-core/logstash-core.gemspec @@ -57,7 +57,7 @@ Gem::Specification.new do |gem| gem.add_runtime_dependency "sinatra", '~> 4' gem.add_runtime_dependency 'puma', '~> 6.3', '>= 6.4.2' gem.add_runtime_dependency 'ruby-maven-libs', '~> 3', '>= 3.8.9' - + gem.add_runtime_dependency "jar-dependencies",'= 0.4.1' # Pin to `0.4.1` until https://github.com/jruby/jruby/issues/7262 is resolved gem.add_runtime_dependency "treetop", "~> 1" #(MIT license) From 4d9942d68a18510bcfa893e8f752fbc88b18d3e0 Mon Sep 17 00:00:00 2001 From: Mashhur <99575341+mashhurs@users.noreply.github.com> Date: Wed, 4 Dec 2024 11:12:21 -0800 Subject: [PATCH 127/290] Update usage of beats-input obsoleted SSL params in the core. (#16753) --- docs/static/ls-ls-lumberjack.asciidoc | 2 +- docsk8s/quick-start/sample-configuration-files.asciidoc | 4 ++-- docsk8s/setting-up/ls-k8s-secure.asciidoc | 4 ++-- qa/integration/fixtures/beats_input_spec.yml | 6 +++--- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/static/ls-ls-lumberjack.asciidoc b/docs/static/ls-ls-lumberjack.asciidoc index 11e8c4fd1..75bb735b1 100644 --- a/docs/static/ls-ls-lumberjack.asciidoc +++ b/docs/static/ls-ls-lumberjack.asciidoc @@ -73,7 +73,7 @@ Start the downstream instance of Logstash: [source,shell] ---- -bin/logstash -e 'input { beats { codec => json port => 5000 ssl => true ssl_certificate => "lumberjack.cert" ssl_key => "lumberjack.key"} }' +bin/logstash -e 'input { beats { codec => json port => 5000 ssl_enabled => true ssl_certificate => "lumberjack.cert" ssl_key => "lumberjack.key"} }' ---- This sample command sets port 5000 to listen for incoming Beats input. diff --git a/docsk8s/quick-start/sample-configuration-files.asciidoc b/docsk8s/quick-start/sample-configuration-files.asciidoc index 8ee4eef1a..4b623c596 100644 --- a/docsk8s/quick-start/sample-configuration-files.asciidoc +++ b/docsk8s/quick-start/sample-configuration-files.asciidoc @@ -41,11 +41,11 @@ data: input { beats { port => "5044" - ssl => true + ssl_enabled => true ssl_certificate_authorities => ["/usr/share/logstash/config/ca.crt"] ssl_certificate => "/usr/share/logstash/config/server.crt" ssl_key => "/usr/share/logstash/config/server.pkcs8.key" - ssl_verify_mode => "force_peer" + ssl_client_authentication => "required" } } output { diff --git a/docsk8s/setting-up/ls-k8s-secure.asciidoc b/docsk8s/setting-up/ls-k8s-secure.asciidoc index 1fde71170..1f61fd021 100644 --- a/docsk8s/setting-up/ls-k8s-secure.asciidoc +++ b/docsk8s/setting-up/ls-k8s-secure.asciidoc @@ -28,11 +28,11 @@ On {ls}, configure the server certificates to the pipeline: input { beats { port => "5044" - ssl => true + ssl_enabled => true ssl_certificate_authorities => ["/usr/share/logstash/config/ca.crt"] ssl_certificate => "/usr/share/logstash/config/server.crt" ssl_key => "/usr/share/logstash/config/server.pkcs8.key" - ssl_verify_mode => "force_peer" + ssl_client_authentication => "required" } } -- diff --git a/qa/integration/fixtures/beats_input_spec.yml b/qa/integration/fixtures/beats_input_spec.yml index 9fc49dd3d..abc431558 100644 --- a/qa/integration/fixtures/beats_input_spec.yml +++ b/qa/integration/fixtures/beats_input_spec.yml @@ -13,7 +13,7 @@ config: tls_server_auth: |- input { beats { - ssl => true + ssl_enabled => true port => 5044 ssl_certificate => '<%=options[:ssl_certificate]%>' ssl_key => '<%=options[:ssl_key]%>' @@ -23,11 +23,11 @@ config: tls_mutual_auth: |- input { beats { - ssl => true + ssl_enabled => true port => 5044 ssl_certificate => '<%=options[:ssl_certificate]%>' ssl_key => '<%=options[:ssl_key]%>' - ssl_verify_mode => "force_peer" + ssl_client_authentication => "required" ssl_certificate_authorities => '<%=options[:ssl_certificate]%>' } } From ab1976952149776b3f7142b9b5b6e1b25c7fd256 Mon Sep 17 00:00:00 2001 From: Rob Bavey Date: Wed, 4 Dec 2024 14:39:50 -0500 Subject: [PATCH 128/290] Pin `date` dependency to `3.3.3` (#16755) Resolves: #16095, #16754 --- Gemfile.template | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile.template b/Gemfile.template index f03636a6d..e810b4537 100644 --- a/Gemfile.template +++ b/Gemfile.template @@ -40,5 +40,6 @@ gem "simplecov", "~> 0.22.0", :group => :development gem "simplecov-json", require: false, :group => :development gem "jar-dependencies", "= 0.4.1" # Gem::LoadError with jar-dependencies 0.4.2 gem "murmurhash3", "= 0.1.6" # Pins until version 0.1.7-java is released +gem "date", "= 3.3.3" gem "thwait" gem "bigdecimal", "~> 3.1" From 202d07cbbf935b707bc70d21768d0dd76b965bbd Mon Sep 17 00:00:00 2001 From: Ry Biesemeyer Date: Wed, 4 Dec 2024 14:27:26 -0800 Subject: [PATCH 129/290] ensure jackson overrides are available to static initializers (#16719) Moves the application of jackson defaults overrides into pure java, and applies them statically _before_ the `org.logstash.ObjectMappers` has a chance to start initializing object mappers that rely on the defaults. We replace the runner's invocation (which was too late to be fully applied) with a _verification_ that the configured defaults have been applied. --- logstash-core/lib/logstash/runner.rb | 4 +- logstash-core/lib/logstash/util/jackson.rb | 73 +----- logstash-core/spec/logstash/runner_spec.rb | 4 +- .../spec/logstash/util/jackson_spec.rb | 113 ---------- .../main/java/org/logstash/ObjectMappers.java | 16 ++ .../jackson/StreamReadConstraintsUtil.java | 134 +++++++++++ .../StreamReadConstraintsUtilTest.java | 213 ++++++++++++++++++ .../log/LogstashConfigurationFactoryTest.java | 3 +- .../log/PluginDeprecationLoggerTest.java | 1 + .../log4j2-log-stream-read-constraints.xml | 14 ++ 10 files changed, 389 insertions(+), 186 deletions(-) delete mode 100644 logstash-core/spec/logstash/util/jackson_spec.rb create mode 100644 logstash-core/src/main/java/org/logstash/jackson/StreamReadConstraintsUtil.java create mode 100644 logstash-core/src/test/java/org/logstash/jackson/StreamReadConstraintsUtilTest.java create mode 100644 logstash-core/src/test/resources/log4j2-log-stream-read-constraints.xml diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index cf8917164..68409ba92 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -321,8 +321,8 @@ class LogStash::Runner < Clamp::StrictCommand # Add local modules to the registry before everything else LogStash::Modules::Util.register_local_modules(LogStash::Environment::LOGSTASH_HOME) - # Set up the Jackson defaults - LogStash::Util::Jackson.set_jackson_defaults(logger) + # Verify the Jackson defaults + LogStash::Util::Jackson.verify_jackson_overrides @dispatcher = LogStash::EventDispatcher.new(self) LogStash::PLUGIN_REGISTRY.hooks.register_emitter(self.class, @dispatcher) diff --git a/logstash-core/lib/logstash/util/jackson.rb b/logstash-core/lib/logstash/util/jackson.rb index 63f072a81..2755d7196 100644 --- a/logstash-core/lib/logstash/util/jackson.rb +++ b/logstash-core/lib/logstash/util/jackson.rb @@ -18,76 +18,13 @@ module LogStash module Util module Jackson - def self.set_jackson_defaults(logger) - JacksonStreamReadConstraintsDefaults.new(logger).configure + + def self.verify_jackson_overrides + java_import org.logstash.ObjectMappers + + ObjectMappers::getConfiguredStreamReadConstraints().validateIsGlobalDefault() end - class JacksonStreamReadConstraintsDefaults - - java_import com.fasterxml.jackson.core.StreamReadConstraints - - PROPERTY_MAX_STRING_LENGTH = 'logstash.jackson.stream-read-constraints.max-string-length'.freeze - PROPERTY_MAX_NUMBER_LENGTH = 'logstash.jackson.stream-read-constraints.max-number-length'.freeze - PROPERTY_MAX_NESTING_DEPTH = 'logstash.jackson.stream-read-constraints.max-nesting-depth'.freeze - - def initialize(logger) - @logger = logger - end - - public - - def configure - max_string_len = get_default_value_override!(PROPERTY_MAX_STRING_LENGTH) - max_num_len = get_default_value_override!(PROPERTY_MAX_NUMBER_LENGTH) - max_nesting_depth = get_default_value_override!(PROPERTY_MAX_NESTING_DEPTH) - - if max_string_len || max_num_len || max_nesting_depth - begin - override_default_stream_read_constraints(max_string_len, max_num_len, max_nesting_depth) - rescue java.lang.IllegalArgumentException => e - raise LogStash::ConfigurationError, "Invalid `logstash.jackson.*` system properties configuration: #{e.message}" - end - end - end - - private - - def get_default_value_override!(property) - value = get_property_value(property) - return if value.nil? - - begin - int_value = java.lang.Integer.parseInt(value) - - if int_value < 1 - raise LogStash::ConfigurationError, "System property '#{property}' must be bigger than zero. Received: #{int_value}" - end - - @logger.info("Jackson default value override `#{property}` configured to `#{int_value}`") - - int_value - rescue java.lang.NumberFormatException => _e - raise LogStash::ConfigurationError, "System property '#{property}' must be a positive integer value. Received: #{value}" - end - end - - def get_property_value(name) - java.lang.System.getProperty(name) - end - - def override_default_stream_read_constraints(max_string_len, max_num_len, max_nesting_depth) - builder = new_stream_read_constraints_builder - builder.maxStringLength(max_string_len) if max_string_len - builder.maxNumberLength(max_num_len) if max_num_len - builder.maxNestingDepth(max_nesting_depth) if max_nesting_depth - - StreamReadConstraints.overrideDefaultStreamReadConstraints(builder.build) - end - - def new_stream_read_constraints_builder - StreamReadConstraints::builder - end - end end end end \ No newline at end of file diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index 00c6d04e3..d4bdf4152 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -462,8 +462,8 @@ describe LogStash::Runner do subject { LogStash::Runner.new("") } let(:args) { ["-e", "input {} output {}"] } - it 'should be set' do - expect(LogStash::Util::Jackson).to receive(:set_jackson_defaults) + it 'should be verified' do + expect(LogStash::Util::Jackson).to receive(:verify_jackson_overrides) subject.run(args) end end diff --git a/logstash-core/spec/logstash/util/jackson_spec.rb b/logstash-core/spec/logstash/util/jackson_spec.rb deleted file mode 100644 index afdfb3b34..000000000 --- a/logstash-core/spec/logstash/util/jackson_spec.rb +++ /dev/null @@ -1,113 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require 'spec_helper' - -describe LogStash::Util::Jackson do - it 'configures the read constraints defaults' do - read_constraints_defaults = double('read_constraints_defaults') - expect(read_constraints_defaults).to receive(:configure) - - expect(LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults).to receive(:new).and_return(read_constraints_defaults) - - LogStash::Util::Jackson.set_jackson_defaults(double('logger').as_null_object) - end -end - -describe LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults do - let(:logger) { double('logger') } - - subject { described_class.new(logger) } - - shared_examples 'stream read constraint property' do |property| - let(:property) { property } - let(:value) { nil } - let(:builder) { double('builder') } - let(:builder_set_value_method) { expected_builder_set_value_method(property) } - - before(:each) do - allow(logger).to receive(:info) - - allow(builder).to receive(:build).and_return(com.fasterxml.jackson.core.StreamReadConstraints::builder.build) - allow(builder).to receive(builder_set_value_method).with(value.to_i) - - allow(subject).to receive(:new_stream_read_constraints_builder).and_return(builder) - allow(subject).to receive(:get_property_value) do |name| - if name == property - value.to_s - else - nil - end - end - end - - context 'with valid number' do - let(:value) { '10' } - it 'does not raises an error and set value' do - expect { subject.configure }.to_not raise_error - expect(builder).to have_received(builder_set_value_method).with(value.to_i) - end - end - - context 'with non-number value' do - let(:value) { 'foo' } - it 'raises an error and does not set value' do - expect { subject.configure }.to raise_error(LogStash::ConfigurationError, /System property '#{property}' must be a positive integer value. Received: #{value}/) - expect(builder).to_not have_received(builder_set_value_method) - end - end - - context 'with zeroed value' do - let(:value) { '0' } - it 'raises an error and does not set value' do - expect { subject.configure }.to raise_error(LogStash::ConfigurationError, /System property '#{property}' must be bigger than zero. Received: #{value}/) - expect(builder).to_not have_received(builder_set_value_method) - end - end - - context 'with zeroed value' do - let(:value) { '-1' } - it 'raises an error and does not set value' do - expect { subject.configure }.to raise_error(LogStash::ConfigurationError, /System property '#{property}' must be bigger than zero. Received: #{value}/) - expect(builder).to_not have_received(builder_set_value_method) - end - end - - def expected_builder_set_value_method(property) - case property - when LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_STRING_LENGTH - return :maxStringLength - when LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_NUMBER_LENGTH - return :maxNumberLength - when LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_NESTING_DEPTH - return :maxNestingDepth - else - raise 'Invalid system property value' - end - end - end - - [ - LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_STRING_LENGTH, - LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_NUMBER_LENGTH, - LogStash::Util::Jackson::JacksonStreamReadConstraintsDefaults::PROPERTY_MAX_NESTING_DEPTH, - ].each { |system_property| - context "#{system_property}" do - it_behaves_like "stream read constraint property", system_property - end - } -end \ No newline at end of file diff --git a/logstash-core/src/main/java/org/logstash/ObjectMappers.java b/logstash-core/src/main/java/org/logstash/ObjectMappers.java index cdc8943a0..fb5ffa3d3 100644 --- a/logstash-core/src/main/java/org/logstash/ObjectMappers.java +++ b/logstash-core/src/main/java/org/logstash/ObjectMappers.java @@ -42,6 +42,7 @@ import java.io.IOException; import java.math.BigDecimal; import java.math.BigInteger; import java.util.HashMap; + import org.apache.logging.log4j.core.jackson.Log4jJsonObjectMapper; import org.jruby.RubyBignum; import org.jruby.RubyBoolean; @@ -52,12 +53,27 @@ import org.jruby.RubyString; import org.jruby.RubySymbol; import org.jruby.ext.bigdecimal.RubyBigDecimal; import org.logstash.ext.JrubyTimestampExtLibrary; +import org.logstash.jackson.StreamReadConstraintsUtil; import org.logstash.log.RubyBasicObjectSerializer; public final class ObjectMappers { static final String RUBY_SERIALIZERS_MODULE_ID = "RubySerializers"; + static final StreamReadConstraintsUtil CONFIGURED_STREAM_READ_CONSTRAINTS; + + static { + // The StreamReadConstraintsUtil needs to load the configured constraints from system + // properties and apply them _statically_, before any object mappers are initialized. + CONFIGURED_STREAM_READ_CONSTRAINTS = StreamReadConstraintsUtil.fromSystemProperties(); + CONFIGURED_STREAM_READ_CONSTRAINTS.applyAsGlobalDefault(); + } + + public static StreamReadConstraintsUtil getConfiguredStreamReadConstraints() { + return CONFIGURED_STREAM_READ_CONSTRAINTS; + } + + private static final SimpleModule RUBY_SERIALIZERS = new SimpleModule(RUBY_SERIALIZERS_MODULE_ID) .addSerializer(RubyString.class, new RubyStringSerializer()) diff --git a/logstash-core/src/main/java/org/logstash/jackson/StreamReadConstraintsUtil.java b/logstash-core/src/main/java/org/logstash/jackson/StreamReadConstraintsUtil.java new file mode 100644 index 000000000..d8e5a96de --- /dev/null +++ b/logstash-core/src/main/java/org/logstash/jackson/StreamReadConstraintsUtil.java @@ -0,0 +1,134 @@ +package org.logstash.jackson; + +import com.fasterxml.jackson.core.StreamReadConstraints; +import com.google.common.collect.Sets; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import java.util.*; +import java.util.function.BiConsumer; +import java.util.function.BiFunction; +import java.util.function.Function; +import java.util.stream.Collectors; + +public class StreamReadConstraintsUtil { + + private final Map propertyOverrides; + private final Logger logger; + + private StreamReadConstraints configuredStreamReadConstraints; + + enum Override { + MAX_STRING_LENGTH(StreamReadConstraints.Builder::maxStringLength, StreamReadConstraints::getMaxStringLength), + MAX_NUMBER_LENGTH(StreamReadConstraints.Builder::maxNumberLength, StreamReadConstraints::getMaxNumberLength), + MAX_NESTING_DEPTH(StreamReadConstraints.Builder::maxNestingDepth, StreamReadConstraints::getMaxNestingDepth), + ; + + static final String PROP_PREFIX = "logstash.jackson.stream-read-constraints."; + + final String propertyName; + private final IntValueApplicator applicator; + private final IntValueObserver observer; + + Override(final IntValueApplicator applicator, + final IntValueObserver observer) { + this.propertyName = PROP_PREFIX + this.name().toLowerCase().replace('_', '-'); + this.applicator = applicator; + this.observer = observer; + } + + @FunctionalInterface + interface IntValueObserver extends Function {} + + @FunctionalInterface + interface IntValueApplicator extends BiFunction {} + } + + /** + * @return an instance configured by {@code System.getProperties()} + */ + public static StreamReadConstraintsUtil fromSystemProperties() { + return new StreamReadConstraintsUtil(System.getProperties()); + } + + StreamReadConstraintsUtil(final Properties properties) { + this(properties, null); + } + + StreamReadConstraintsUtil(final Properties properties, + final Logger logger) { + this(extractProperties(properties), logger); + } + + static private Map extractProperties(final Properties properties) { + return properties.stringPropertyNames().stream() + .filter(propName -> propName.startsWith(Override.PROP_PREFIX)) + .map(propName -> Map.entry(propName, properties.getProperty(propName))) + .filter(entry -> entry.getValue() != null) + .collect(Collectors.toUnmodifiableMap(Map.Entry::getKey, Map.Entry::getValue)); + } + + private StreamReadConstraintsUtil(final Map propertyOverrides, + final Logger logger) { + this.propertyOverrides = Map.copyOf(propertyOverrides); + this.logger = Objects.requireNonNullElseGet(logger, () -> LogManager.getLogger(StreamReadConstraintsUtil.class)); + } + + StreamReadConstraints get() { + if (configuredStreamReadConstraints == null) { + final StreamReadConstraints.Builder builder = StreamReadConstraints.defaults().rebuild(); + + eachOverride((override, value) -> override.applicator.apply(builder, value)); + + this.configuredStreamReadConstraints = builder.build(); + } + return configuredStreamReadConstraints; + } + + public void applyAsGlobalDefault() { + StreamReadConstraints.overrideDefaultStreamReadConstraints(get()); + } + + public void validateIsGlobalDefault() { + validate(StreamReadConstraints.defaults()); + } + + private void validate(final StreamReadConstraints streamReadConstraints) { + final List fatalIssues = new ArrayList<>(); + eachOverride((override, specifiedValue) -> { + final Integer effectiveValue = override.observer.apply(streamReadConstraints); + if (Objects.equals(specifiedValue, effectiveValue)) { + logger.info("Jackson default value override `{}` configured to `{}`", override.propertyName, specifiedValue); + } else { + fatalIssues.add(String.format("`%s` (expected: `%s`, actual: `%s`)", override.propertyName, specifiedValue, effectiveValue)); + } + }); + for (String unsupportedProperty : getUnsupportedProperties()) { + logger.warn("Jackson default value override `{}` is unknown and has been ignored", unsupportedProperty); + } + if (!fatalIssues.isEmpty()) { + throw new IllegalStateException(String.format("Jackson default values not applied: %s", String.join(",", fatalIssues))); + } + } + + void eachOverride(BiConsumer overrideIntegerBiConsumer) { + for (Override override : Override.values()) { + final String propValue = this.propertyOverrides.get(override.propertyName); + if (propValue != null) { + try { + int intValue = Integer.parseInt(propValue); + overrideIntegerBiConsumer.accept(override, intValue); + } catch (IllegalArgumentException e) { + throw new IllegalArgumentException(String.format("System property `%s` must be positive integer value. Received: `%s`", override.propertyName, propValue), e); + } + } + } + } + + Set getUnsupportedProperties() { + Set supportedProps = Arrays.stream(Override.values()).map(p -> p.propertyName).collect(Collectors.toSet()); + Set providedProps = this.propertyOverrides.keySet(); + + return Sets.difference(providedProps, supportedProps); + } +} diff --git a/logstash-core/src/test/java/org/logstash/jackson/StreamReadConstraintsUtilTest.java b/logstash-core/src/test/java/org/logstash/jackson/StreamReadConstraintsUtilTest.java new file mode 100644 index 000000000..ac4f1d0f4 --- /dev/null +++ b/logstash-core/src/test/java/org/logstash/jackson/StreamReadConstraintsUtilTest.java @@ -0,0 +1,213 @@ +package org.logstash.jackson; + +import com.fasterxml.jackson.core.StreamReadConstraints; +import org.apache.logging.log4j.Logger; +import org.apache.logging.log4j.core.LogEvent; +import org.apache.logging.log4j.junit.LoggerContextRule; +import org.apache.logging.log4j.test.appender.ListAppender; +import org.junit.Before; +import org.junit.ClassRule; +import org.junit.Test; + +import java.util.Arrays; +import java.util.List; +import java.util.Properties; +import java.util.function.BiConsumer; +import org.apache.logging.log4j.Level; + +import static org.assertj.core.api.Assertions.*; +import static org.logstash.jackson.StreamReadConstraintsUtil.Override.*; + +public class StreamReadConstraintsUtilTest { + + @ClassRule + public static final LoggerContextRule LOGGER_CONTEXT_RULE = new LoggerContextRule("log4j2-log-stream-read-constraints.xml"); + + private ListAppender listAppender; + private Logger observedLogger; + + @Before + public void setUpLoggingListAppender() { + int i = 1+16; + this.observedLogger = LOGGER_CONTEXT_RULE.getLogger(StreamReadConstraintsUtil.class); + this.listAppender = LOGGER_CONTEXT_RULE.getListAppender("EventListAppender").clear(); + } + + @Test + public void configuresDefaultsByDefault() { + StreamReadConstraintsUtil.fromSystemProperties().validateIsGlobalDefault(); + } + + @Test + public void configuresMaxStringLength() { + final Properties properties = new Properties(); + properties.setProperty(MAX_STRING_LENGTH.propertyName, "10101"); + + fromProperties(properties, (configuredUtil, defaults) -> { + final StreamReadConstraints configuredConstraints = configuredUtil.get(); + + assertThat(configuredConstraints).returns(10101, from(StreamReadConstraints::getMaxStringLength)); + + assertThat(configuredConstraints).as("inherited defaults") + .returns(defaults.getMaxDocumentLength(), from(StreamReadConstraints::getMaxDocumentLength)) + .returns(defaults.getMaxNameLength(), from(StreamReadConstraints::getMaxNameLength)) + .returns(defaults.getMaxNestingDepth(), from(StreamReadConstraints::getMaxNestingDepth)) + .returns(defaults.getMaxNumberLength(), from(StreamReadConstraints::getMaxNumberLength)); + + assertThatThrownBy(configuredUtil::validateIsGlobalDefault).isInstanceOf(IllegalStateException.class).hasMessageContaining(MAX_STRING_LENGTH.propertyName); + + configuredUtil.applyAsGlobalDefault(); + assertThatCode(configuredUtil::validateIsGlobalDefault).doesNotThrowAnyException(); + }); + } + + @Test + public void configuresMaxStringLengthInvalid() { + final Properties properties = new Properties(); + properties.setProperty(MAX_STRING_LENGTH.propertyName, "NaN"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_STRING_LENGTH.propertyName)); + } + + @Test + public void configuresMaxStringLengthNegative() { + final Properties properties = new Properties(); + properties.setProperty(MAX_STRING_LENGTH.propertyName, "-1000"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_STRING_LENGTH.propertyName)); + } + + @Test + public void configuresMaxNumberLength() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NUMBER_LENGTH.propertyName, "101"); + + fromProperties(properties, (configuredUtil, defaults) -> { + final StreamReadConstraints configuredConstraints = configuredUtil.get(); + + assertThat(configuredConstraints).returns(101, from(StreamReadConstraints::getMaxNumberLength)); + + assertThat(configuredConstraints).as("inherited defaults") + .returns(defaults.getMaxDocumentLength(), from(StreamReadConstraints::getMaxDocumentLength)) + .returns(defaults.getMaxNameLength(), from(StreamReadConstraints::getMaxNameLength)) + .returns(defaults.getMaxNestingDepth(), from(StreamReadConstraints::getMaxNestingDepth)) + .returns(defaults.getMaxStringLength(), from(StreamReadConstraints::getMaxStringLength)); + + assertThatThrownBy(configuredUtil::validateIsGlobalDefault).isInstanceOf(IllegalStateException.class).hasMessageContaining(MAX_NUMBER_LENGTH.propertyName); + + configuredUtil.applyAsGlobalDefault(); + assertThatCode(configuredUtil::validateIsGlobalDefault).doesNotThrowAnyException(); + }); + } + + @Test + public void configuresMaxNumberLengthInvalid() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NUMBER_LENGTH.propertyName, "NaN"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_NUMBER_LENGTH.propertyName)); + } + + @Test + public void configuresMaxNumberLengthNegative() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NUMBER_LENGTH.propertyName, "-1000"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_NUMBER_LENGTH.propertyName)); + } + + @Test + public void configuresMaxNestingDepth() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NESTING_DEPTH.propertyName, "101"); + + fromProperties(properties, (configuredUtil, defaults) -> { + final StreamReadConstraints configuredConstraints = configuredUtil.get(); + + assertThat(configuredConstraints).returns(101, from(StreamReadConstraints::getMaxNestingDepth)); + + assertThat(configuredConstraints).as("inherited defaults") + .returns(defaults.getMaxDocumentLength(), from(StreamReadConstraints::getMaxDocumentLength)) + .returns(defaults.getMaxNameLength(), from(StreamReadConstraints::getMaxNameLength)) + .returns(defaults.getMaxStringLength(), from(StreamReadConstraints::getMaxStringLength)) + .returns(defaults.getMaxNumberLength(), from(StreamReadConstraints::getMaxNumberLength)); + + assertThatThrownBy(configuredUtil::validateIsGlobalDefault).isInstanceOf(IllegalStateException.class).hasMessageContaining(MAX_NESTING_DEPTH.propertyName); + + configuredUtil.applyAsGlobalDefault(); + assertThatCode(configuredUtil::validateIsGlobalDefault).doesNotThrowAnyException(); + }); + } + + @Test + public void configuresMaxNestingDepthInvalid() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NESTING_DEPTH.propertyName, "NaN"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_NESTING_DEPTH.propertyName)); + } + + @Test + public void configuresMaxNestingDepthNegative() { + final Properties properties = new Properties(); + properties.setProperty(MAX_NESTING_DEPTH.propertyName, "-1000"); + + fromProperties(properties, (configuredUtil, defaults) -> assertThatThrownBy(configuredUtil::get) + .isInstanceOf(IllegalArgumentException.class) + .hasMessageContaining(MAX_NESTING_DEPTH.propertyName)); + } + + @Test + public void validatesApplication() { + final Properties properties = new Properties(); + properties.setProperty(PROP_PREFIX + "unsupported-option1", "100"); + properties.setProperty(PROP_PREFIX + "unsupported-option2", "100"); + properties.setProperty(MAX_NESTING_DEPTH.propertyName, "1010"); + properties.setProperty(MAX_STRING_LENGTH.propertyName, "1011"); + properties.setProperty(MAX_NUMBER_LENGTH.propertyName, "1110"); + + System.out.format("START%n"); + + fromProperties(properties, (configuredUtil, defaults) -> { + configuredUtil.applyAsGlobalDefault(); + configuredUtil.validateIsGlobalDefault(); + }); + + System.out.format("OK%n"); + + assertLogObserved(Level.INFO, "override `" + MAX_NESTING_DEPTH.propertyName + "` configured to `1010`"); + assertLogObserved(Level.INFO, "override `" + MAX_STRING_LENGTH.propertyName + "` configured to `1011`"); + assertLogObserved(Level.INFO, "override `" + MAX_NUMBER_LENGTH.propertyName + "` configured to `1110`"); + + assertLogObserved(Level.WARN, "override `" + PROP_PREFIX + "unsupported-option1` is unknown and has been ignored"); + assertLogObserved(Level.WARN, "override `" + PROP_PREFIX + "unsupported-option1` is unknown and has been ignored"); + } + + private void assertLogObserved(final Level level, final String... messageFragments) { + List logEvents = listAppender.getEvents(); + assertThat(logEvents) + .withFailMessage("Expected %s to contain a %s-level log event containing %s", logEvents, level, Arrays.toString(messageFragments)) + .filteredOn(logEvent -> logEvent.getLevel().equals(level)) + .anySatisfy(logEvent -> assertThat(logEvent.getMessage().getFormattedMessage()).contains(messageFragments)); + } + + private synchronized void fromProperties(final Properties properties, BiConsumer defaultsConsumer) { + final StreamReadConstraints defaults = StreamReadConstraints.defaults(); + try { + final StreamReadConstraintsUtil util = new StreamReadConstraintsUtil(properties, this.observedLogger); + defaultsConsumer.accept(util, defaults); + } finally { + StreamReadConstraints.overrideDefaultStreamReadConstraints(defaults); + } + } +} \ No newline at end of file diff --git a/logstash-core/src/test/java/org/logstash/log/LogstashConfigurationFactoryTest.java b/logstash-core/src/test/java/org/logstash/log/LogstashConfigurationFactoryTest.java index 6bb5dedb9..3399e314f 100644 --- a/logstash-core/src/test/java/org/logstash/log/LogstashConfigurationFactoryTest.java +++ b/logstash-core/src/test/java/org/logstash/log/LogstashConfigurationFactoryTest.java @@ -59,6 +59,7 @@ public class LogstashConfigurationFactoryTest { ThreadContext.putAll(dumpedLog4jThreadContext); snapshotHelper.restoreSnapshot("log4j.configurationFile", "ls.log.format", "ls.logs", LogstashConfigurationFactory.PIPELINE_SEPARATE_LOGS); + forceLog4JContextRefresh(); } @Before @@ -123,7 +124,7 @@ public class LogstashConfigurationFactoryTest { assertNull("No routing appender should be present", routingApp); } - private void forceLog4JContextRefresh() { + private static void forceLog4JContextRefresh() { LoggerContext context = LoggerContext.getContext(false); context.reconfigure(); } diff --git a/logstash-core/src/test/java/org/logstash/log/PluginDeprecationLoggerTest.java b/logstash-core/src/test/java/org/logstash/log/PluginDeprecationLoggerTest.java index 496e55d4a..2a5e3682e 100644 --- a/logstash-core/src/test/java/org/logstash/log/PluginDeprecationLoggerTest.java +++ b/logstash-core/src/test/java/org/logstash/log/PluginDeprecationLoggerTest.java @@ -48,6 +48,7 @@ public class PluginDeprecationLoggerTest { public static void afterClass() { snapshotHelper.restoreSnapshot("log4j.configurationFile", "ls.log.format", "ls.logs", LogstashConfigurationFactory.PIPELINE_SEPARATE_LOGS); + LogTestUtils.reloadLogConfiguration(); } @Before diff --git a/logstash-core/src/test/resources/log4j2-log-stream-read-constraints.xml b/logstash-core/src/test/resources/log4j2-log-stream-read-constraints.xml new file mode 100644 index 000000000..581e13274 --- /dev/null +++ b/logstash-core/src/test/resources/log4j2-log-stream-read-constraints.xml @@ -0,0 +1,14 @@ + + + + + + + + + + + + + + \ No newline at end of file From e36cacedc83b8af9ca90453308cb9f46c10c1aff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 9 Dec 2024 17:10:54 +0000 Subject: [PATCH 130/290] ensure inputSize state value is reset during buftok.flush (#16760) --- .../spec/logstash/util/buftok_spec.rb | 29 +++++++++++++++++++ .../logstash/common/BufferedTokenizerExt.java | 3 +- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/logstash-core/spec/logstash/util/buftok_spec.rb b/logstash-core/spec/logstash/util/buftok_spec.rb index cccb9c476..acdf20977 100644 --- a/logstash-core/spec/logstash/util/buftok_spec.rb +++ b/logstash-core/spec/logstash/util/buftok_spec.rb @@ -43,6 +43,35 @@ describe FileWatch::BufferedTokenizer do expect(subject.extract("\n\n\n")).to eq(["", "", ""]) end + describe 'flush' do + let(:data) { "content without a delimiter" } + before(:each) do + subject.extract(data) + end + + it "emits the contents of the buffer" do + expect(subject.flush).to eq(data) + end + + it "resets the state of the buffer" do + subject.flush + expect(subject).to be_empty + end + + context 'with decode_size_limit_bytes' do + subject { FileWatch::BufferedTokenizer.new("\n", 100) } + + it "emits the contents of the buffer" do + expect(subject.flush).to eq(data) + end + + it "resets the state of the buffer" do + subject.flush + expect(subject).to be_empty + end + end + end + context 'with delimiter' do subject { FileWatch::BufferedTokenizer.new(delimiter) } diff --git a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java index 2d7b90bba..f704fcb0f 100644 --- a/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java +++ b/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java @@ -106,12 +106,13 @@ public class BufferedTokenizerExt extends RubyObject { public IRubyObject flush(final ThreadContext context) { final IRubyObject buffer = input.join(context); input.clear(); + inputSize = 0; return buffer; } @JRubyMethod(name = "empty?") public IRubyObject isEmpty(final ThreadContext context) { - return input.empty_p(); + return RubyUtil.RUBY.newBoolean(input.isEmpty() && (inputSize == 0)); } } From 095fbbb99218f2c9cadecfe923b8de48dcc2e8dc Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Mon, 9 Dec 2024 13:24:07 -0800 Subject: [PATCH 131/290] Add breaking changes docs for input-elasticsearch (#16744) This commit follows the pattern established in https://github.com/elastic/logstash/pull/16701 for indicating obsolete ssl settings in logstash core plugins. --- docs/static/breaking-changes-90.asciidoc | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/static/breaking-changes-90.asciidoc b/docs/static/breaking-changes-90.asciidoc index dcab80e35..58f6c6288 100644 --- a/docs/static/breaking-changes-90.asciidoc +++ b/docs/static/breaking-changes-90.asciidoc @@ -25,6 +25,24 @@ removed and their replacements. **Plugins with changes to SSL settings** + +[discrete] +[[input-elasticsearch-ssl-9.0]] +.`logstash-input-elasticsearch` + +[%collapsible] +==== + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| ca_file |<> +| ssl |<> +| ssl_certificate_verification |<> +|======================================================================= + +==== + [discrete] [[output-http-ssl-9.0]] .`logstash-output-http` @@ -46,4 +64,4 @@ removed and their replacements. | truststore_type |<> |======================================================================= -==== \ No newline at end of file +==== From 5bff2ad436e0382ce76b8481d974c8065d3bf571 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 12 Dec 2024 11:09:22 +0000 Subject: [PATCH 132/290] [CI] benchmark readme (#16783) - add instruction to run benchmark in v8 with `xpack.monitoring.allow_legacy_collection` - remove scripted field 5m_num from dashboards --- .buildkite/scripts/benchmark/README.md | 3 ++- .../benchmark/save-objects/CHANGELOG.md | 3 +++ .../save-objects/benchmark_objects.ndjson | 22 +++++++++---------- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/.buildkite/scripts/benchmark/README.md b/.buildkite/scripts/benchmark/README.md index 330e7b266..63cc8dbac 100644 --- a/.buildkite/scripts/benchmark/README.md +++ b/.buildkite/scripts/benchmark/README.md @@ -18,4 +18,5 @@ ## Notes - Benchmarks should only be compared using the same hardware setup. - Please do not send the test metrics to the benchmark cluster. You can set `VAULT_PATH` to send data and metrics to your own server. -- Run `all.sh` as calibration which gives you a baseline of performance in different versions. \ No newline at end of file +- Run `all.sh` as calibration which gives you a baseline of performance in different versions. +- [#16586](https://github.com/elastic/logstash/pull/16586) allows legacy monitoring using the configuration `xpack.monitoring.allow_legacy_collection: true`, which is not recognized in version 8. To run benchmarks in version 8, use the script of the corresponding branch (e.g. `8.16`) instead of `main` in buildkite. \ No newline at end of file diff --git a/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md b/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md index 335acb0ac..75a297e75 100644 --- a/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md +++ b/.buildkite/scripts/benchmark/save-objects/CHANGELOG.md @@ -1,3 +1,6 @@ +## 20241210 +Remove scripted field `5m_num` from dashboards + ## 20240912 Updated runtime field `release` to return `true` when `version` contains "SNAPSHOT" diff --git a/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson index ef4511357..32bdf55cc 100644 --- a/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson +++ b/.buildkite/scripts/benchmark/save-objects/benchmark_objects.ndjson @@ -1,30 +1,30 @@ {"attributes":{"allowHidden":false,"fieldAttrs":"{\"5m_num\":{\"customLabel\":\"\"},\"avg_heap_num\":{\"customLabel\":\"\"},\"avg_non_heap_num\":{\"customLabel\":\"\"},\"max_worker_utilization_num\":{\"customLabel\":\"\"},\"max_worker_concurrency_num\":{\"customLabel\":\"\"},\"max_queue_events\":{\"customLabel\":\"\"},\"max_queue_events_num\":{\"customLabel\":\"\"},\"total_events_out_num\":{\"customLabel\":\"\"},\"avg_cpu_percentage_num\":{\"customLabel\":\"\"},\"release\":{},\"version_num\":{}}","fieldFormatMap":"{\"5m_num\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}},\"avg_heap_num\":{\"id\":\"number\"},\"avg_non_heap_num\":{\"id\":\"number\"},\"max_worker_utilization_num\":{\"id\":\"number\"},\"max_worker_concurrency_num\":{\"id\":\"number\"},\"max_queue_events\":{\"id\":\"number\"},\"max_queue_events_num\":{\"id\":\"number\"},\"avg_cpu_percentage_num\":{\"id\":\"number\"}}","fields":"[{\"name\":\"5m_num\",\"script\":\"return Integer.parseInt(doc['max_eps_5m.keyword'].value)\",\"lang\":\"painless\",\"type\":\"number\",\"scripted\":true,\"customLabel\":\"\"}]","name":"benchmark","runtimeFieldMap":"{\"release\":{\"type\":\"boolean\",\"script\":{\"source\":\"def version = doc['version.keyword'].value;\\nif (version.contains(\\\"SNAPSHOT\\\")) {\\n\\temit(false);\\n}\\nelse {\\n\\temit(true);\\n}\"}},\"version_num\":{\"type\":\"long\",\"script\":{\"source\":\"if (doc.containsKey('version.keyword') && !doc['version.keyword'].empty) {\\n // Get the version string\\n String version = doc['version.keyword'].value;\\n \\n // Remove any suffix after the patch number (e.g., -SNAPSHOT)\\n int dashIndex = version.indexOf('-');\\n if (dashIndex != -1) {\\n version = version.substring(0, dashIndex);\\n }\\n \\n // Find positions of dots\\n int firstDot = version.indexOf('.');\\n int secondDot = version.indexOf('.', firstDot + 1);\\n \\n // Extract major, minor, and patch parts of the version\\n int major = Integer.parseInt(version.substring(0, firstDot));\\n int minor = Integer.parseInt(version.substring(firstDot + 1, secondDot));\\n int patch = Integer.parseInt(version.substring(secondDot + 1));\\n \\n // Combine into a sortable numeric value\\n emit(major * 10000 + minor * 100 + patch);\\n}\\n\\nemit(0);\"}}}","sourceFilters":"[]","timeFieldName":"timestamp","title":"benchmark_*"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"c5493557-3fd6-4929-8dc2-40d248303942","managed":false,"references":[],"type":"index-pattern","typeMigrationVersion":"8.0.0","updated_at":"2024-09-12T20:34:35.037Z","updated_by":"u_4132377203_cloud","version":"WzE1NjYsOF0="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":100},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Release EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:29.581Z","id":"2c017667-7403-402c-b027-3cc790945a27","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:29.581Z","version":"WzEzOTMsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"893cd07c-e480-4dc1-9109-c6ebf926f0bf","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"jvm heap / non heap"}},"title":"[MQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T13:24:44.067Z","created_by":"u_4132377203_cloud","id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"893cd07c-e480-4dc1-9109-c6ebf926f0bf","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T13:24:44.067Z","updated_by":"u_4132377203_cloud","version":"WzE3OTAsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"columns":{"0ad565fc-0a55-492b-ba69-1be57f501e13":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"74d4500c-b3ea-4cd1-9c8c-6b4852a4baf4","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"jvm heap / non heap"}},"title":"[PQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T13:24:31.401Z","created_by":"u_4132377203_cloud","id":"4d1f7bef-c184-4457-b159-465128d2d70b","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"74d4500c-b3ea-4cd1-9c8c-6b4852a4baf4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T13:24:31.401Z","updated_by":"u_4132377203_cloud","version":"WzE3ODksOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"a3c80a6b-82a1-4a58-9832-16f1ff9d2ac4","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"jvm heap / non heap"}},"title":"[PQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T13:24:22.412Z","created_by":"u_4132377203_cloud","id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"a3c80a6b-82a1-4a58-9832-16f1ff9d2ac4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T13:24:22.412Z","updated_by":"u_4132377203_cloud","version":"WzE3ODgsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"7c4a3d0f-46e7-4d19-bde0-0ea79a3cbdd9","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"jvm heap / non heap"}},"title":"[MQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T13:24:09.653Z","created_by":"u_4132377203_cloud","id":"a577558f-f9a6-4c86-b562-7618b2c71db0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"7c4a3d0f-46e7-4d19-bde0-0ea79a3cbdd9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T13:24:09.653Z","updated_by":"u_4132377203_cloud","version":"WzE3ODcsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_eps_5m","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_eps_5m"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"8963247c-0194-4916-8a2b-e121fefbb4b3","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","legendStats":[],"position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"[PQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T11:50:10.083Z","created_by":"u_4132377203_cloud","id":"f24fc69c-7714-40d3-b34e-3d90fa9b7023","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"8963247c-0194-4916-8a2b-e121fefbb4b3","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T11:50:10.083Z","updated_by":"u_4132377203_cloud","version":"WzE3ODEsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":false,"dataType":"number","isBucketed":false,"label":"Median of max_eps_5m","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_eps_5m"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"8171fdc1-2ff4-4f45-8796-dffd31749c63","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","legendStats":[],"position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"[MQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T11:49:58.528Z","created_by":"u_4132377203_cloud","id":"5c7f9518-5dac-4a3f-b8e1-6ece4135a8be","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T11:49:58.528Z","updated_by":"u_4132377203_cloud","version":"WzE3ODAsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of max_eps_5m","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_eps_5m"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"release","index":"6feecd96-2840-4a20-bb3c-73837932d9ff","key":"release","negate":false,"params":{"query":false},"type":"phrase"},"query":{"match_phrase":{"release":false}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Daily EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T11:48:00.951Z","created_by":"u_4132377203_cloud","id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"6feecd96-2840-4a20-bb3c-73837932d9ff","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T11:48:00.951Z","updated_by":"u_4132377203_cloud","version":"WzE3NzUsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"currentIndexPatternId":"c5493557-3fd6-4929-8dc2-40d248303942","layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":100},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of max_eps_5m","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_eps_5m"}},"incompleteColumns":{},"indexPatternId":"c5493557-3fd6-4929-8dc2-40d248303942","sampling":1}}},"indexpattern":{"currentIndexPatternId":"c5493557-3fd6-4929-8dc2-40d248303942","layers":{}},"textBased":{"indexPatternRefs":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","timeField":"timestamp","title":"benchmark_*"}],"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Release EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-10-24T11:46:07.298Z","created_by":"u_4132377203_cloud","id":"2c017667-7403-402c-b027-3cc790945a27","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-10-24T11:46:07.298Z","updated_by":"u_4132377203_cloud","version":"WzE3NjQsOV0="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[MQ][R] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:13.413Z","id":"9546a73b-5937-4d3d-850f-30625d6e1405","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"7edb6dc9-8b2b-47ec-be64-bae2a4958cc9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:13.413Z","version":"WzEzOTEsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"2786f33f-2ad1-4722-8706-9cba9613662e","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:53:00.945Z","id":"6fba7dff-2564-450b-b885-8c6cf97fa727","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"2786f33f-2ad1-4722-8706-9cba9613662e","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:53:00.945Z","version":"WzEzODksN10="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"368034aa-1121-464d-8aed-8a4312274fa8","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ][R] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:50.960Z","id":"6295535b-736d-4704-99d3-1cc0c4bb4cb4","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"368034aa-1121-464d-8aed-8a4312274fa8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:50.960Z","version":"WzEzODcsN10="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"0586bc7c-4662-41bd-8e6d-2337477ca621","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[MQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:40.740Z","id":"a577558f-f9a6-4c86-b562-7618b2c71db0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"0586bc7c-4662-41bd-8e6d-2337477ca621","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:40.740Z","version":"WzEzODUsN10="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"d556c1f1-16ab-45de-adda-366de4703635","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[PQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:31.089Z","id":"1872e84f-56f2-4a17-9426-3d25d6e03931","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"d556c1f1-16ab-45de-adda-366de4703635","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:31.089Z","version":"WzEzODQsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"a22f82f6-c7b8-4e06-b2f5-69e25c5aefc4","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[PQ][R] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:52.744Z","id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"a22f82f6-c7b8-4e06-b2f5-69e25c5aefc4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:52.744Z","version":"WzEzODAsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_queue_events","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_queue_events"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"48ba7011-43c1-48fc-bc36-858bcec74547","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"events in queue"}},"title":"[PQ][R] events in queue by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:43.703Z","id":"d79b8742-6284-4842-ac44-65640d090179","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"48ba7011-43c1-48fc-bc36-858bcec74547","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:43.703Z","version":"WzEzNzgsN10="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"d556c1f1-16ab-45de-adda-366de4703635","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[PQ][R] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:31.089Z","id":"1872e84f-56f2-4a17-9426-3d25d6e03931","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"d556c1f1-16ab-45de-adda-366de4703635","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:31.089Z","version":"WzEzODQsN10="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":true},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":true}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":19,\"i\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\"},\"panelIndex\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\",\"embeddableConfig\":{\"enhancements\":{},\"attributes\":{\"title\":\"Release EPS by worker & queue\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"axisTitlesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"fittingFunction\":\"Linear\",\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"layers\":[{\"accessors\":[\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"colorMapping\":{\"assignments\":[{\"color\":{\"colorIndex\":0,\"paletteId\":\"eui_amsterdam_color_blind\",\"type\":\"categorical\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"memory\"]]},\"touched\":false},{\"color\":{\"colorIndex\":1,\"paletteId\":\"eui_amsterdam_color_blind\",\"type\":\"categorical\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"memory\"]]},\"touched\":false},{\"color\":{\"colorIndex\":2,\"paletteId\":\"eui_amsterdam_color_blind\",\"type\":\"categorical\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"memory\"]]},\"touched\":false},{\"color\":{\"colorCode\":\"#5e6c94\",\"type\":\"colorCode\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"persisted\"]]},\"touched\":true},{\"color\":{\"colorIndex\":4,\"paletteId\":\"eui_amsterdam_color_blind\",\"type\":\"categorical\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"persisted\"]]},\"touched\":false},{\"color\":{\"colorCode\":\"#a0df7b\",\"type\":\"colorCode\"},\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"persisted\"]]},\"touched\":true}],\"colorMode\":{\"type\":\"categorical\"},\"paletteId\":\"eui_amsterdam_color_blind\",\"specialAssignments\":[{\"color\":{\"type\":\"loop\"},\"rule\":{\"type\":\"other\"},\"touched\":false}]},\"layerId\":\"999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"layerType\":\"data\",\"seriesType\":\"line\",\"splitAccessor\":\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"xAccessor\":\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\"}],\"legend\":{\"isVisible\":true,\"position\":\"right\"},\"preferredSeriesType\":\"line\",\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"valueLabels\":\"hide\",\"yTitle\":\"5m eps\"},\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filters\":[],\"datasourceStates\":{\"formBased\":{\"layers\":{\"999c9564-cba1-4f3b-af99-ccbacb8e034f\":{\"columnOrder\":[\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"columns\":{\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\":{\"customLabel\":true,\"dataType\":\"string\",\"isBucketed\":true,\"label\":\"version\",\"operationType\":\"terms\",\"params\":{\"exclude\":[],\"excludeIsRegex\":false,\"include\":[],\"includeIsRegex\":false,\"missingBucket\":false,\"orderAgg\":{\"dataType\":\"number\",\"isBucketed\":false,\"label\":\"Maximum of version_num\",\"operationType\":\"max\",\"params\":{\"emptyAsNull\":true},\"scale\":\"ratio\",\"sourceField\":\"version_num\"},\"orderBy\":{\"type\":\"custom\"},\"orderDirection\":\"asc\",\"otherBucket\":true,\"parentFormat\":{\"id\":\"terms\"},\"size\":100},\"scale\":\"ordinal\",\"sourceField\":\"version.keyword\"},\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\":{\"dataType\":\"string\",\"isBucketed\":true,\"label\":\"Top values of workers.keyword + 1 other\",\"operationType\":\"terms\",\"params\":{\"exclude\":[],\"excludeIsRegex\":false,\"include\":[],\"includeIsRegex\":false,\"missingBucket\":false,\"orderBy\":{\"columnId\":\"be033d18-2c04-44f2-b403-0b88d888143d\",\"type\":\"column\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"parentFormat\":{\"id\":\"multi_terms\"},\"secondaryFields\":[\"queue_type.keyword\"],\"size\":100},\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\"},\"be033d18-2c04-44f2-b403-0b88d888143d\":{\"dataType\":\"number\",\"isBucketed\":false,\"label\":\"Median of max_eps_5m\",\"operationType\":\"median\",\"params\":{\"emptyAsNull\":true},\"scale\":\"ratio\",\"sourceField\":\"max_eps_5m\"}},\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"type\":\"index-pattern\",\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f\"}],\"type\":\"lens\"}},\"panelRefName\":\"panel_329684df-6ec4-4973-8c96-bc91eaa23fe9\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":19,\"w\":16,\"h\":17,\"i\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},\"panelIndex\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":19,\"w\":16,\"h\":17,\"i\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\"},\"panelIndex\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_485385cb-cd2b-408b-a119-5e7b15c15eeb\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":19,\"w\":16,\"h\":17,\"i\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},\"panelIndex\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":36,\"w\":16,\"h\":16,\"i\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\"},\"panelIndex\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_2934659f-462a-41b1-bdc0-344a7a4a2267\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":36,\"w\":16,\"h\":16,\"i\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},\"panelIndex\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\"},\"panelIndex\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_99c4094f-8906-4ded-b56f-8e20107a8f3b\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":44,\"w\":16,\"h\":8,\"i\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\"},\"panelIndex\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_a8dd132b-9212-4c33-83ef-19ec5152448e\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-1y","timeRestore":true,"timeTo":"now","title":"Logstash release benchmark","version":2},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:43:43.023Z","id":"901317cf-f97a-4d20-8420-53f0bf67c606","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"2c017667-7403-402c-b027-3cc790945a27","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:panel_329684df-6ec4-4973-8c96-bc91eaa23fe9","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"a577558f-f9a6-4c86-b562-7618b2c71db0","name":"68db206a-6de8-40a8-bd6c-b82d78a41ac7:panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7","type":"lens"},{"id":"9546a73b-5937-4d3d-850f-30625d6e1405","name":"485385cb-cd2b-408b-a119-5e7b15c15eeb:panel_485385cb-cd2b-408b-a119-5e7b15c15eeb","type":"lens"},{"id":"6fba7dff-2564-450b-b885-8c6cf97fa727","name":"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce:panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce","type":"lens"},{"id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","name":"2934659f-462a-41b1-bdc0-344a7a4a2267:panel_2934659f-462a-41b1-bdc0-344a7a4a2267","type":"lens"},{"id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","name":"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2:panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2","type":"lens"},{"id":"d79b8742-6284-4842-ac44-65640d090179","name":"99c4094f-8906-4ded-b56f-8e20107a8f3b:panel_99c4094f-8906-4ded-b56f-8e20107a8f3b","type":"lens"},{"id":"1872e84f-56f2-4a17-9426-3d25d6e03931","name":"a8dd132b-9212-4c33-83ef-19ec5152448e:panel_a8dd132b-9212-4c33-83ef-19ec5152448e","type":"lens"}],"type":"dashboard","typeMigrationVersion":"10.2.0","updated_at":"2024-10-24T11:45:42.246Z","updated_by":"u_4132377203_cloud","version":"WzE3NjMsOV0="} +{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"368034aa-1121-464d-8aed-8a4312274fa8","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ][R] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:52:50.960Z","id":"6295535b-736d-4704-99d3-1cc0c4bb4cb4","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"368034aa-1121-464d-8aed-8a4312274fa8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:52:50.960Z","version":"WzEzODcsN10="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"b16664e5-7dda-45f4-853a-0ae2a0e0a692","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[PQ][R] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:33.831Z","id":"64d0f8a7-afe3-4443-88e1-7551d666fee8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"b16664e5-7dda-45f4-853a-0ae2a0e0a692","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:33.831Z","version":"WzEzNzcsN10="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"version","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"9f57d841-9266-4f58-af56-7fa5e40d8da7","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":"release : true "},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[PQ][R] memory by worker ","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-11T09:51:25.955Z","id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"9f57d841-9266-4f58-af56-7fa5e40d8da7","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-11T09:51:25.955Z","version":"WzEzNzYsN10="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"999c9564-cba1-4f3b-af99-ccbacb8e034f":{"columnOrder":["a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","9ddc0f02-5530-4930-99bd-2a914ada1b8f","be033d18-2c04-44f2-b403-0b88d888143d"],"columns":{"9ddc0f02-5530-4930-99bd-2a914ada1b8f":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e":{"dataType":"string","isBucketed":true,"label":"Top values of workers.keyword + 1 other","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"be033d18-2c04-44f2-b403-0b88d888143d","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"multi_terms"},"secondaryFields":["queue_type.keyword"],"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"be033d18-2c04-44f2-b403-0b88d888143d":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"release","index":"0e2f84c5-7f78-4388-ad55-1230425efb24","key":"release","negate":false,"params":{"query":false},"type":"phrase"},"query":{"match_phrase":{"release":false}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["be033d18-2c04-44f2-b403-0b88d888143d"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["4","memory"]]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["8","memory"]]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","memory"]]},"touched":false},{"color":{"colorCode":"#5e6c94","type":"colorCode"},"rule":{"type":"matchExactly","values":[["8","persisted"]]},"touched":true},{"color":{"colorIndex":4,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":[["16","persisted"]]},"touched":false},{"color":{"colorCode":"#a0df7b","type":"colorCode"},"rule":{"type":"matchExactly","values":[["4","persisted"]]},"touched":true}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"999c9564-cba1-4f3b-af99-ccbacb8e034f","layerType":"data","seriesType":"line","splitAccessor":"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e","xAccessor":"9ddc0f02-5530-4930-99bd-2a914ada1b8f"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"5m eps"}},"title":"Daily EPS by worker & queue","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"0e2f84c5-7f78-4388-ad55-1230425efb24","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzczOCw3XQ=="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"columns":{"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"2c32a023-462c-4205-b462-6a87182732e4":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"ba0999ad-bf15-429c-ba76-93b1ff919cea","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","2c32a023-462c-4205-b462-6a87182732e4"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[MQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"ba0999ad-bf15-429c-ba76-93b1ff919cea","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0NCw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"8e8a8743-f0a4-47ed-a4f0-21e21971e264","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[MQ] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"8cbdba7b-e921-42b9-b55b-da567717e259","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"8e8a8743-f0a4-47ed-a4f0-21e21971e264","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Nyw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_queue_events","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_queue_events"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"738fa511-8000-4f6a-b892-4a767bd733ab","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"events in queue"}},"title":"[PQ] events in queue by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"7a2c9e96-8e48-4546-b736-065757a52c47","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"738fa511-8000-4f6a-b892-4a767bd733ab","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Myw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"6dab2bf1-e8cd-4d30-99d6-4e8038c8d19b","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[PQ] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"daa3722a-cab7-49ba-b5bb-033e81133096","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"6dab2bf1-e8cd-4d30-99d6-4e8038c8d19b","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0MSw3XQ=="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","16dcf8b0-378f-48df-8bb3-f537324eea46","cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"columns":{"0ad565fc-0a55-492b-ba69-1be57f501e13":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"non_heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_non_heap"},"16dcf8b0-378f-48df-8bb3-f537324eea46":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"customLabel":true,"dataType":"number","isBucketed":false,"label":"heap","operationType":"median","params":{"emptyAsNull":true,"format":{"id":"bytes","params":{"decimals":2}}},"scale":"ratio","sourceField":"avg_heap"},"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3":{"dataType":"number","isBucketed":true,"label":"Top 10 values of workers","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"secondaryFields":[],"size":10},"scale":"ordinal","sourceField":"workers"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"962f0beb-0dd8-4449-a652-878d0d2c63e8","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e","0ad565fc-0a55-492b-ba69-1be57f501e13"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"e7fa90f9-5d12-46d7-a62d-d6a77e6b2bd3","xAccessor":"16dcf8b0-378f-48df-8bb3-f537324eea46"}],"legend":{"horizontalAlignment":"left","isInside":false,"isVisible":true,"position":"right","verticalAlignment":"bottom"},"preferredSeriesType":"line","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","yTitle":"heap / non heap"}},"title":"[PQ] memory by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"4d1f7bef-c184-4457-b159-465128d2d70b","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"962f0beb-0dd8-4449-a652-878d0d2c63e8","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"WzczOSw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_concurrency","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_concurrency"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_concurrency"}},"title":"[PQ] Worker Concurrency by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"80e5b5e1-481a-478e-b5cd-3ad74106ff85","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Miw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of total_events_out","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"total_events_out"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"total events out"}},"title":"[MQ] total events out by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"dd6c6d40-b512-4c67-94f0-02cb3e9e65bd","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0Niw3XQ=="} {"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":false},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":false}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":14,\"i\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},\"panelIndex\":\"c0ef3cf2-9dbe-4a88-a176-c50422d9041f\",\"embeddableConfig\":{\"enhancements\":{},\"attributes\":{\"title\":\"Daily EPS by queue & worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"axisTitlesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"seriesType\":\"line\",\"xAccessor\":\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"splitAccessor\":\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"accessors\":[\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#207f8c\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#0055fc\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"memory\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#99e6e8\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"8\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#c3513a\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"16\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#fd1900\"},\"touched\":true},{\"rule\":{\"type\":\"matchExactly\",\"values\":[[\"4\",\"persisted\"]]},\"color\":{\"type\":\"colorCode\",\"colorCode\":\"#e88888\"},\"touched\":true}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}}}],\"yTitle\":\"5m eps\"},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"datasourceStates\":{\"formBased\":{\"layers\":{\"999c9564-cba1-4f3b-af99-ccbacb8e034f\":{\"columns\":{\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\":{\"label\":\"Top values of workers.keyword + 1 other\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":6,\"orderBy\":{\"type\":\"column\",\"columnId\":\"be033d18-2c04-44f2-b403-0b88d888143d\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"multi_terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"secondaryFields\":[\"queue_type.keyword\"]}},\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"be033d18-2c04-44f2-b403-0b88d888143d\":{\"label\":\"Median of 5m_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"5m_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"a58f8c48-c2a7-4fc6-b54e-716bf4ca001e\",\"9ddc0f02-5530-4930-99bd-2a914ada1b8f\",\"be033d18-2c04-44f2-b403-0b88d888143d\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f\",\"type\":\"index-pattern\"}],\"type\":\"lens\"}},\"panelRefName\":\"panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":14,\"w\":16,\"h\":14,\"i\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\"},\"panelIndex\":\"3fc59b3e-512e-4a47-baa4-e89e4978b685\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_3fc59b3e-512e-4a47-baa4-e89e4978b685\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":14,\"w\":16,\"h\":14,\"i\":\"6294036c-7c92-4e51-990d-ace6af0de939\"},\"panelIndex\":\"6294036c-7c92-4e51-990d-ace6af0de939\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_6294036c-7c92-4e51-990d-ace6af0de939\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":28,\"w\":16,\"h\":8,\"i\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\"},\"panelIndex\":\"77d40890-d175-436f-aac3-7bcc9f7beacc\",\"embeddableConfig\":{\"attributes\":{\"title\":\"PQ max q events by worker\",\"description\":\"\",\"visualizationType\":\"lnsXY\",\"state\":{\"visualization\":{\"legend\":{\"isVisible\":true,\"position\":\"right\",\"isInside\":true,\"showSingleSeries\":true,\"legendSize\":\"small\",\"shouldTruncate\":true,\"verticalAlignment\":\"bottom\",\"horizontalAlignment\":\"left\"},\"valueLabels\":\"hide\",\"fittingFunction\":\"Linear\",\"yTitle\":\"events in queue\",\"hideEndzones\":false,\"showCurrentTimeMarker\":false,\"valuesInLegend\":false,\"axisTitlesVisibilitySettings\":{\"x\":false,\"yLeft\":true,\"yRight\":true},\"tickLabelsVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"labelsOrientation\":{\"x\":0,\"yLeft\":0,\"yRight\":0},\"gridlinesVisibilitySettings\":{\"x\":true,\"yLeft\":true,\"yRight\":true},\"preferredSeriesType\":\"line\",\"layers\":[{\"layerId\":\"eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"seriesType\":\"line\",\"splitAccessor\":\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"accessors\":[\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"layerType\":\"data\",\"colorMapping\":{\"assignments\":[{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"4\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":0},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"8\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":1},\"touched\":false},{\"rule\":{\"type\":\"matchExactly\",\"values\":[\"16\"]},\"color\":{\"type\":\"categorical\",\"paletteId\":\"eui_amsterdam_color_blind\",\"colorIndex\":2},\"touched\":false}],\"specialAssignments\":[{\"rule\":{\"type\":\"other\"},\"color\":{\"type\":\"loop\"},\"touched\":false}],\"paletteId\":\"eui_amsterdam_color_blind\",\"colorMode\":{\"type\":\"categorical\"}},\"xAccessor\":\"9542ed03-9691-42a3-b5c2-407bcaab221c\"}]},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"index\":\"599131c3-0cd9-4a1f-b9da-9894538d58cc\",\"key\":\"queue_type.keyword\",\"field\":\"queue_type.keyword\",\"params\":{\"query\":\"persisted\"},\"type\":\"phrase\"},\"query\":{\"match_phrase\":{\"queue_type.keyword\":\"persisted\"}},\"$state\":{\"store\":\"appState\"}}],\"datasourceStates\":{\"formBased\":{\"layers\":{\"eb818eba-fa75-45d1-a9ee-6619eecc9280\":{\"columns\":{\"0da92b64-fe48-439e-9b3a-47775ce1a149\":{\"label\":\"workers\",\"dataType\":\"string\",\"operationType\":\"terms\",\"scale\":\"ordinal\",\"sourceField\":\"workers.keyword\",\"isBucketed\":true,\"params\":{\"size\":3,\"orderBy\":{\"type\":\"column\",\"columnId\":\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"},\"orderDirection\":\"desc\",\"otherBucket\":true,\"missingBucket\":false,\"parentFormat\":{\"id\":\"terms\"},\"include\":[],\"exclude\":[],\"includeIsRegex\":false,\"excludeIsRegex\":false,\"accuracyMode\":false},\"customLabel\":true},\"9542ed03-9691-42a3-b5c2-407bcaab221c\":{\"label\":\"timestamp\",\"dataType\":\"date\",\"operationType\":\"date_histogram\",\"sourceField\":\"timestamp\",\"isBucketed\":true,\"scale\":\"interval\",\"params\":{\"interval\":\"auto\",\"includeEmptyRows\":true,\"dropPartials\":false}},\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\":{\"label\":\"Median of max_queue_events_num\",\"dataType\":\"number\",\"operationType\":\"median\",\"sourceField\":\"max_queue_events_num\",\"isBucketed\":false,\"scale\":\"ratio\",\"params\":{\"emptyAsNull\":true}}},\"columnOrder\":[\"0da92b64-fe48-439e-9b3a-47775ce1a149\",\"9542ed03-9691-42a3-b5c2-407bcaab221c\",\"cc8c1413-0ccc-4109-a6c3-0c910eff776e\"],\"incompleteColumns\":{},\"sampling\":1,\"indexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"}},\"currentIndexPatternId\":\"c5493557-3fd6-4929-8dc2-40d248303942\"},\"indexpattern\":{\"layers\":{}},\"textBased\":{\"layers\":{}}},\"internalReferences\":[],\"adHocDataViews\":{}},\"references\":[{\"id\":\"c5493557-3fd6-4929-8dc2-40d248303942\",\"name\":\"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280\",\"type\":\"index-pattern\"}],\"type\":\"lens\"},\"enhancements\":{}},\"panelRefName\":\"panel_77d40890-d175-436f-aac3-7bcc9f7beacc\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\"},\"panelIndex\":\"8bd920f9-5be7-4481-b733-ba83bdd127d5\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_8bd920f9-5be7-4481-b733-ba83bdd127d5\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":16,\"i\":\"23581637-2ff1-4cae-a839-345620c3d180\"},\"panelIndex\":\"23581637-2ff1-4cae-a839-345620c3d180\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_23581637-2ff1-4cae-a839-345620c3d180\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":28,\"w\":16,\"h\":16,\"i\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\"},\"panelIndex\":\"c7ab44aa-4607-40b7-b268-d69136bfdcde\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_c7ab44aa-4607-40b7-b268-d69136bfdcde\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":14,\"w\":16,\"h\":14,\"i\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\"},\"panelIndex\":\"01628fc9-19c2-4c65-bc9f-3f284f77c309\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_01628fc9-19c2-4c65-bc9f-3f284f77c309\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-2M","timeRestore":true,"timeTo":"now","title":"Logstash daily benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:44:20.764Z","id":"9ef273e3-bee2-48bb-9976-7edc19454b93","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"94ae4c78-8004-4abb-80c9-271f37c94cdc","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:panel_c0ef3cf2-9dbe-4a88-a176-c50422d9041f","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"c0ef3cf2-9dbe-4a88-a176-c50422d9041f:indexpattern-datasource-layer-999c9564-cba1-4f3b-af99-ccbacb8e034f","type":"index-pattern"},{"id":"f5104988-461c-4f65-b31d-ed22d04cb6b8","name":"3fc59b3e-512e-4a47-baa4-e89e4978b685:panel_3fc59b3e-512e-4a47-baa4-e89e4978b685","type":"lens"},{"id":"8cbdba7b-e921-42b9-b55b-da567717e259","name":"6294036c-7c92-4e51-990d-ace6af0de939:panel_6294036c-7c92-4e51-990d-ace6af0de939","type":"lens"},{"id":"7a2c9e96-8e48-4546-b736-065757a52c47","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:panel_77d40890-d175-436f-aac3-7bcc9f7beacc","type":"lens"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"77d40890-d175-436f-aac3-7bcc9f7beacc:indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"daa3722a-cab7-49ba-b5bb-033e81133096","name":"8bd920f9-5be7-4481-b733-ba83bdd127d5:panel_8bd920f9-5be7-4481-b733-ba83bdd127d5","type":"lens"},{"id":"4d1f7bef-c184-4457-b159-465128d2d70b","name":"23581637-2ff1-4cae-a839-345620c3d180:panel_23581637-2ff1-4cae-a839-345620c3d180","type":"lens"},{"id":"f233b0e6-8ca5-4c29-a6b3-1f1bc83509fd","name":"c7ab44aa-4607-40b7-b268-d69136bfdcde:panel_c7ab44aa-4607-40b7-b268-d69136bfdcde","type":"lens"},{"id":"b0a3d8ea-030a-46e5-95b4-9f73b625f6ee","name":"01628fc9-19c2-4c65-bc9f-3f284f77c309:panel_01628fc9-19c2-4c65-bc9f-3f284f77c309","type":"lens"}],"type":"dashboard","typeMigrationVersion":"10.2.0","updated_at":"2024-09-09T13:44:20.764Z","version":"WzE0ODksOF0="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"disabled\":false,\"negate\":false,\"alias\":null,\"key\":\"release\",\"field\":\"release\",\"params\":{\"query\":true},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"release\":true}},\"$state\":{\"store\":\"appState\"}}]}"},"optionsJSON":"{\"useMargins\":true,\"syncColors\":false,\"syncCursor\":true,\"syncTooltips\":false,\"hidePanelTitles\":false}","panelsJSON":"[{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":19,\"i\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\"},\"panelIndex\":\"329684df-6ec4-4973-8c96-bc91eaa23fe9\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_329684df-6ec4-4973-8c96-bc91eaa23fe9\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":19,\"w\":16,\"h\":17,\"i\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},\"panelIndex\":\"68db206a-6de8-40a8-bd6c-b82d78a41ac7\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":19,\"w\":16,\"h\":17,\"i\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\"},\"panelIndex\":\"485385cb-cd2b-408b-a119-5e7b15c15eeb\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_485385cb-cd2b-408b-a119-5e7b15c15eeb\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":19,\"w\":16,\"h\":17,\"i\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},\"panelIndex\":\"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce\"},{\"type\":\"lens\",\"gridData\":{\"x\":0,\"y\":36,\"w\":16,\"h\":16,\"i\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\"},\"panelIndex\":\"2934659f-462a-41b1-bdc0-344a7a4a2267\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_2934659f-462a-41b1-bdc0-344a7a4a2267\"},{\"type\":\"lens\",\"gridData\":{\"x\":16,\"y\":36,\"w\":16,\"h\":16,\"i\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},\"panelIndex\":\"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":36,\"w\":16,\"h\":8,\"i\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\"},\"panelIndex\":\"99c4094f-8906-4ded-b56f-8e20107a8f3b\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_99c4094f-8906-4ded-b56f-8e20107a8f3b\"},{\"type\":\"lens\",\"gridData\":{\"x\":32,\"y\":44,\"w\":16,\"h\":8,\"i\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\"},\"panelIndex\":\"a8dd132b-9212-4c33-83ef-19ec5152448e\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_a8dd132b-9212-4c33-83ef-19ec5152448e\"}]","refreshInterval":{"pause":true,"value":60000},"timeFrom":"now-1y","timeRestore":true,"timeTo":"now","title":"Logstash release benchmark","version":1},"coreMigrationVersion":"8.8.0","created_at":"2024-09-09T13:43:43.023Z","id":"901317cf-f97a-4d20-8420-53f0bf67c606","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"2c017667-7403-402c-b027-3cc790945a27","name":"329684df-6ec4-4973-8c96-bc91eaa23fe9:panel_329684df-6ec4-4973-8c96-bc91eaa23fe9","type":"lens"},{"id":"a577558f-f9a6-4c86-b562-7618b2c71db0","name":"68db206a-6de8-40a8-bd6c-b82d78a41ac7:panel_68db206a-6de8-40a8-bd6c-b82d78a41ac7","type":"lens"},{"id":"9546a73b-5937-4d3d-850f-30625d6e1405","name":"485385cb-cd2b-408b-a119-5e7b15c15eeb:panel_485385cb-cd2b-408b-a119-5e7b15c15eeb","type":"lens"},{"id":"6fba7dff-2564-450b-b885-8c6cf97fa727","name":"f29c5ed5-423f-44bc-8ded-2bdf8844f1ce:panel_f29c5ed5-423f-44bc-8ded-2bdf8844f1ce","type":"lens"},{"id":"72ae6cc9-47cd-4b51-b441-86905c2b92bd","name":"2934659f-462a-41b1-bdc0-344a7a4a2267:panel_2934659f-462a-41b1-bdc0-344a7a4a2267","type":"lens"},{"id":"661cb795-bb69-4599-8c4b-a4798ef69dc6","name":"76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2:panel_76f881d0-d2d3-4eaa-b71e-8cf8b7c1c5c2","type":"lens"},{"id":"d79b8742-6284-4842-ac44-65640d090179","name":"99c4094f-8906-4ded-b56f-8e20107a8f3b:panel_99c4094f-8906-4ded-b56f-8e20107a8f3b","type":"lens"},{"id":"1872e84f-56f2-4a17-9426-3d25d6e03931","name":"a8dd132b-9212-4c33-83ef-19ec5152448e:panel_a8dd132b-9212-4c33-83ef-19ec5152448e","type":"lens"}],"type":"dashboard","typeMigrationVersion":"10.2.0","updated_at":"2024-09-09T13:43:43.023Z","version":"WzE0OTAsOF0="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"position":"top","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[PQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"07700ebe-b8c9-498f-9a91-30efb0c48784","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"9aee27f1-97bc-46c4-b369-81b7cd5fe38c","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0MCw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of max_worker_utilization","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"max_worker_utilization"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"4e0f2401-369e-4818-8a1f-52b64ff175df","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"worker_utilization (%)"}},"title":"[MQ] Worker Utilization (%) by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"29ebb6b1-bee6-4f15-b3dc-aac083d5d2f5","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"4e0f2401-369e-4818-8a1f-52b64ff175df","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0NSw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"string","isBucketed":true,"label":"Top 100 values of version.keyword","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","negate":false,"params":[{"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}},{"meta":{"alias":null,"disabled":false,"field":"release","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"release","negate":false,"params":{"query":true},"type":"phrase"},"query":{"match_phrase":{"release":true}}}],"relation":"AND","type":"combined"},"query":{}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[MQ][R] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"26ec195e-e4a9-4417-be97-6d1fbc6b63c0","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"f4c5b868-7b2c-4d12-b989-9a057dd128e4","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc0OSw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"string","isBucketed":true,"label":"Top 100 values of version.keyword","operationType":"terms","params":{"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderAgg":{"dataType":"number","isBucketed":false,"label":"Maximum of version_num","operationType":"max","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"version_num"},"orderBy":{"type":"custom"},"orderDirection":"asc","otherBucket":true,"parentFormat":{"id":"terms"},"size":100},"scale":"ordinal","sourceField":"version.keyword"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"da1edddb-a868-406c-b3a3-e02cf1069e50","negate":false,"params":[{"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}},{"meta":{"alias":null,"disabled":false,"field":"release","index":"c5493557-3fd6-4929-8dc2-40d248303942","key":"release","negate":false,"params":{"query":true},"type":"phrase"},"query":{"match_phrase":{"release":true}}}],"relation":"AND","type":"combined"},"query":{}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[PQ][R] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"bb65f9af-1246-4e75-8b61-dea93d920da8","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"da1edddb-a868-406c-b3a3-e02cf1069e50","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1MCw3XQ=="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"8171fdc1-2ff4-4f45-8796-dffd31749c63","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"max 5m_eps"}},"title":"[MQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"5c7f9518-5dac-4a3f-b8e1-6ece4135a8be","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1MSw3XQ=="} -{"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of 5m_num","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"4e1e2474-ea84-47f5-bb34-0bda229814df","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"endValue":"None","fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"max 5m_eps"}},"title":"[PQ] EPS by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"f24fc69c-7714-40d3-b34e-3d90fa9b7023","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"4e1e2474-ea84-47f5-bb34-0bda229814df","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1Miw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"637adce1-2cf3-4869-a35d-ead85c340ab9","key":"queue_type.keyword","negate":false,"params":{"query":"persisted"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"persisted"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[PQ] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"fc548f47-c5ab-491f-a234-4f24ce439d55","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"637adce1-2cf3-4869-a35d-ead85c340ab9","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1Myw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"eb818eba-fa75-45d1-a9ee-6619eecc9280":{"columnOrder":["0da92b64-fe48-439e-9b3a-47775ce1a149","9542ed03-9691-42a3-b5c2-407bcaab221c","cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"columns":{"0da92b64-fe48-439e-9b3a-47775ce1a149":{"customLabel":true,"dataType":"string","isBucketed":true,"label":"workers","operationType":"terms","params":{"accuracyMode":false,"exclude":[],"excludeIsRegex":false,"include":[],"includeIsRegex":false,"missingBucket":false,"orderBy":{"columnId":"cc8c1413-0ccc-4109-a6c3-0c910eff776e","type":"column"},"orderDirection":"desc","otherBucket":true,"parentFormat":{"id":"terms"},"size":10},"scale":"ordinal","sourceField":"workers.keyword"},"9542ed03-9691-42a3-b5c2-407bcaab221c":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"cc8c1413-0ccc-4109-a6c3-0c910eff776e":{"dataType":"number","isBucketed":false,"label":"Median of avg_cpu_percentage","operationType":"median","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"avg_cpu_percentage"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"field":"queue_type.keyword","index":"26183784-8280-42c4-ae7c-71c4e9a5908c","key":"queue_type.keyword","negate":false,"params":{"query":"memory"},"type":"phrase"},"query":{"match_phrase":{"queue_type.keyword":"memory"}}}],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":false,"yLeft":true,"yRight":true},"fittingFunction":"Linear","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"hideEndzones":false,"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["cc8c1413-0ccc-4109-a6c3-0c910eff776e"],"colorMapping":{"assignments":[{"color":{"colorIndex":0,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["4"]},"touched":false},{"color":{"colorIndex":1,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["8"]},"touched":false},{"color":{"colorIndex":2,"paletteId":"eui_amsterdam_color_blind","type":"categorical"},"rule":{"type":"matchExactly","values":["16"]},"touched":false}],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"eb818eba-fa75-45d1-a9ee-6619eecc9280","layerType":"data","seriesType":"line","splitAccessor":"0da92b64-fe48-439e-9b3a-47775ce1a149","xAccessor":"9542ed03-9691-42a3-b5c2-407bcaab221c"}],"legend":{"horizontalAlignment":"left","isInside":true,"isVisible":true,"legendSize":"small","position":"right","shouldTruncate":true,"showSingleSeries":true,"verticalAlignment":"bottom"},"preferredSeriesType":"line","showCurrentTimeMarker":false,"tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide","valuesInLegend":false,"yTitle":"avg cpu (%)"}},"title":"[MQ] cpu % by worker","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-09-05T11:52:42.820Z","id":"b3c44ade-7f2f-497a-bc9b-f4b53695d975","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-eb818eba-fa75-45d1-a9ee-6619eecc9280","type":"index-pattern"},{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"26183784-8280-42c4-ae7c-71c4e9a5908c","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-09-05T11:52:42.820Z","version":"Wzc1NCw3XQ=="} {"attributes":{"description":"","state":{"adHocDataViews":{},"datasourceStates":{"formBased":{"layers":{"904fa8c5-7ce1-45ec-bc0d-a52929cabaa6":{"columnOrder":["3dfc74bb-0629-4809-8416-282f6924ecf6","2e3311e8-099f-48bc-81e8-f8dd643cee72","c62ffb65-c24f-49fe-b8ed-683257e60808"],"columns":{"2e3311e8-099f-48bc-81e8-f8dd643cee72":{"dataType":"number","isBucketed":false,"label":"Moving average of Last value of 5m_num","operationType":"moving_average","params":{"window":5},"references":["c62ffb65-c24f-49fe-b8ed-683257e60808"],"scale":"ratio"},"3dfc74bb-0629-4809-8416-282f6924ecf6":{"dataType":"date","isBucketed":true,"label":"timestamp","operationType":"date_histogram","params":{"dropPartials":false,"includeEmptyRows":true,"interval":"auto"},"scale":"interval","sourceField":"timestamp"},"c62ffb65-c24f-49fe-b8ed-683257e60808":{"dataType":"number","filter":{"language":"kuery","query":"\"5m_num\": *"},"isBucketed":false,"label":"Last value of 5m_num","operationType":"last_value","params":{"showArrayValues":true,"sortField":"timestamp"},"scale":"ratio","sourceField":"5m_num"}},"incompleteColumns":{},"sampling":1}}},"indexpattern":{"layers":{}},"textBased":{"layers":{}}},"filters":[],"internalReferences":[],"query":{"language":"kuery","query":""},"visualization":{"axisTitlesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"fittingFunction":"None","gridlinesVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"labelsOrientation":{"x":0,"yLeft":0,"yRight":0},"layers":[{"accessors":["2e3311e8-099f-48bc-81e8-f8dd643cee72"],"colorMapping":{"assignments":[],"colorMode":{"type":"categorical"},"paletteId":"eui_amsterdam_color_blind","specialAssignments":[{"color":{"type":"loop"},"rule":{"type":"other"},"touched":false}]},"layerId":"904fa8c5-7ce1-45ec-bc0d-a52929cabaa6","layerType":"data","position":"top","seriesType":"bar","showGridlines":false,"xAccessor":"3dfc74bb-0629-4809-8416-282f6924ecf6"}],"legend":{"isVisible":true,"position":"right"},"preferredSeriesType":"bar","tickLabelsVisibilitySettings":{"x":true,"yLeft":true,"yRight":true},"valueLabels":"hide"}},"title":"logstash_5m_eps","visualizationType":"lnsXY"},"coreMigrationVersion":"8.8.0","created_at":"2024-07-08T16:56:26.170Z","id":"af3a2cb0-138f-4b4a-aaf8-49ff4325386d","managed":false,"references":[{"id":"c5493557-3fd6-4929-8dc2-40d248303942","name":"indexpattern-datasource-layer-904fa8c5-7ce1-45ec-bc0d-a52929cabaa6","type":"index-pattern"}],"type":"lens","typeMigrationVersion":"8.9.0","updated_at":"2024-07-08T16:56:26.170Z","version":"WzQzLDRd"} From 264283889e62a83f81685143c4d79bc67fde5b4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Thu, 12 Dec 2024 16:32:05 +0000 Subject: [PATCH 133/290] update logstash_releases to account for 8.17.0 GA (#16785) --- ci/logstash_releases.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index a2d6ffe9d..f029252d1 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -1,14 +1,14 @@ { "releases": { "7.current": "7.17.26", - "8.previous": "8.15.5", - "8.current": "8.16.1" + "8.previous": "8.16.1", + "8.current": "8.17.0" }, "snapshots": { "7.current": "7.17.27-SNAPSHOT", - "8.previous": "8.15.6-SNAPSHOT", - "8.current": "8.16.2-SNAPSHOT", - "8.next": "8.17.0-SNAPSHOT", + "8.previous": "8.16.2-SNAPSHOT", + "8.current": "8.17.1-SNAPSHOT", + "8.next": null, "8.future": "8.18.0-SNAPSHOT", "main": "9.0.0-SNAPSHOT" } From 65495263d4066db7060b4a1e164308b31c540f13 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Fri, 13 Dec 2024 13:44:33 +0000 Subject: [PATCH 134/290] [CI] remove 8.15 DRA (#16795) --- ci/branches.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/ci/branches.json b/ci/branches.json index c105bd7c6..5b81cb84e 100644 --- a/ci/branches.json +++ b/ci/branches.json @@ -7,9 +7,6 @@ { "branch": "8.x" }, - { - "branch": "8.15" - }, { "branch": "8.16" }, From 188d9e7ed8e27552b888f1aa222840ca5292e9ee Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Fri, 13 Dec 2024 09:22:45 -0800 Subject: [PATCH 135/290] Update serverless tests to include product origin header (#16766) This commit updates the curl scripts that interact with Kibana's `api/logstash/pipeline/*` endpoin. Additionally this adds the header to any curl that interacts with elasticsearch API as well. --- ci/serverless/common.sh | 4 +++- ci/serverless/cpm_tests.sh | 5 +++-- ci/serverless/elastic_integration_filter_tests.sh | 4 +++- ci/serverless/es_output_tests.sh | 2 +- ci/serverless/kibana_api_tests.sh | 11 +++++++---- ci/serverless/metricbeat_monitoring_tests.sh | 2 +- ci/serverless/monitoring_tests.sh | 2 +- 7 files changed, 19 insertions(+), 11 deletions(-) diff --git a/ci/serverless/common.sh b/ci/serverless/common.sh index 4a5fb3bc2..a0d5c90d1 100755 --- a/ci/serverless/common.sh +++ b/ci/serverless/common.sh @@ -28,7 +28,9 @@ build_logstash() { } index_test_data() { - curl -X POST -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/$INDEX_NAME/_bulk" -H 'Content-Type: application/json' --data-binary @"$CURRENT_DIR/test_data/book.json" + curl -X POST -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/$INDEX_NAME/_bulk" \ + -H 'x-elastic-product-origin: logstash' \ + -H 'Content-Type: application/json' --data-binary @"$CURRENT_DIR/test_data/book.json" } # $1: check function diff --git a/ci/serverless/cpm_tests.sh b/ci/serverless/cpm_tests.sh index 16ed5dc34..14d2338bd 100755 --- a/ci/serverless/cpm_tests.sh +++ b/ci/serverless/cpm_tests.sh @@ -7,7 +7,8 @@ export PIPELINE_NAME='gen_es' # update pipeline and check response code index_pipeline() { - RESP_CODE=$(curl -s -w "%{http_code}" -X PUT -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/_logstash/pipeline/$1" -H 'Content-Type: application/json' -d "$2") + RESP_CODE=$(curl -s -w "%{http_code}" -X PUT -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/_logstash/pipeline/$1" \ + -H 'x-elastic-product-origin: logstash' -H 'Content-Type: application/json' -d "$2") if [[ $RESP_CODE -ge '400' ]]; then echo "failed to update pipeline for Central Pipeline Management. Got $RESP_CODE from Elasticsearch" exit 1 @@ -34,7 +35,7 @@ check_plugin() { } delete_pipeline() { - curl -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -X DELETE "$ES_ENDPOINT/_logstash/pipeline/$PIPELINE_NAME" -H 'Content-Type: application/json'; + curl -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' -X DELETE "$ES_ENDPOINT/_logstash/pipeline/$PIPELINE_NAME" -H 'Content-Type: application/json'; } cpm_clean_up_and_get_result() { diff --git a/ci/serverless/elastic_integration_filter_tests.sh b/ci/serverless/elastic_integration_filter_tests.sh index 3f7c121f8..dbd3ab25f 100755 --- a/ci/serverless/elastic_integration_filter_tests.sh +++ b/ci/serverless/elastic_integration_filter_tests.sh @@ -6,10 +6,12 @@ source ./$(dirname "$0")/common.sh deploy_ingest_pipeline() { PIPELINE_RESP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -X PUT -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/_ingest/pipeline/integration-logstash_test.events-default" \ -H 'Content-Type: application/json' \ + -H 'x-elastic-product-origin: logstash' \ --data-binary @"$CURRENT_DIR/test_data/ingest_pipeline.json") TEMPLATE_RESP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -X PUT -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/_index_template/logs-serverless-default-template" \ -H 'Content-Type: application/json' \ + -H 'x-elastic-product-origin: logstash' \ --data-binary @"$CURRENT_DIR/test_data/index_template.json") # ingest pipeline is likely be there from the last run @@ -29,7 +31,7 @@ check_integration_filter() { } get_doc_msg_length() { - curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/logs-$INDEX_NAME.004-default/_search?size=1" | jq '.hits.hits[0]._source.message | length' + curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/logs-$INDEX_NAME.004-default/_search?size=1" -H 'x-elastic-product-origin: logstash' | jq '.hits.hits[0]._source.message | length' } # ensure no double run of ingest pipeline diff --git a/ci/serverless/es_output_tests.sh b/ci/serverless/es_output_tests.sh index 6bb5e9335..788fb786a 100755 --- a/ci/serverless/es_output_tests.sh +++ b/ci/serverless/es_output_tests.sh @@ -9,7 +9,7 @@ check_named_index() { } get_data_stream_count() { - curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/logs-$INDEX_NAME.001-default/_count" | jq '.count // 0' + curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' "$ES_ENDPOINT/logs-$INDEX_NAME.001-default/_count" | jq '.count // 0' } compare_data_stream_count() { diff --git a/ci/serverless/kibana_api_tests.sh b/ci/serverless/kibana_api_tests.sh index 52f3f0f9b..86e6f6df0 100755 --- a/ci/serverless/kibana_api_tests.sh +++ b/ci/serverless/kibana_api_tests.sh @@ -10,7 +10,7 @@ export EXIT_CODE="0" create_pipeline() { RESP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -X PUT -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$KB_ENDPOINT/api/logstash/pipeline/$PIPELINE_NAME" \ - -H 'Content-Type: application/json' -H 'kbn-xsrf: logstash' \ + -H 'Content-Type: application/json' -H 'kbn-xsrf: logstash' -H 'x-elastic-product-origin: logstash' \ --data-binary @"$CURRENT_DIR/test_data/$PIPELINE_NAME.json") if [[ RESP_CODE -ge '400' ]]; then @@ -20,7 +20,8 @@ create_pipeline() { } get_pipeline() { - RESP_BODY=$(curl -s -X GET -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$KB_ENDPOINT/api/logstash/pipeline/$PIPELINE_NAME") + RESP_BODY=$(curl -s -X GET -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' \ + "$KB_ENDPOINT/api/logstash/pipeline/$PIPELINE_NAME") \ SOURCE_BODY=$(cat "$CURRENT_DIR/test_data/$PIPELINE_NAME.json") RESP_PIPELINE_NAME=$(echo "$RESP_BODY" | jq -r '.id') @@ -41,7 +42,8 @@ get_pipeline() { } list_pipeline() { - RESP_BODY=$(curl -s -X GET -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$KB_ENDPOINT/api/logstash/pipelines" | jq --arg name "$PIPELINE_NAME" '.pipelines[] | select(.id==$name)' ) + RESP_BODY=$(curl -s -X GET -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' \ + "$KB_ENDPOINT/api/logstash/pipelines" | jq --arg name "$PIPELINE_NAME" '.pipelines[] | select(.id==$name)' ) if [[ -z "$RESP_BODY" ]]; then EXIT_CODE=$(( EXIT_CODE + 1 )) echo "Fail to list pipeline." @@ -49,7 +51,8 @@ list_pipeline() { } delete_pipeline() { - RESP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -X DELETE -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$KB_ENDPOINT/api/logstash/pipeline/$PIPELINE_NAME" \ + RESP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -X DELETE -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' \ + "$KB_ENDPOINT/api/logstash/pipeline/$PIPELINE_NAME" \ -H 'Content-Type: application/json' -H 'kbn-xsrf: logstash' \ --data-binary @"$CURRENT_DIR/test_data/$PIPELINE_NAME.json") diff --git a/ci/serverless/metricbeat_monitoring_tests.sh b/ci/serverless/metricbeat_monitoring_tests.sh index cd41d4c17..ce3e47dc7 100755 --- a/ci/serverless/metricbeat_monitoring_tests.sh +++ b/ci/serverless/metricbeat_monitoring_tests.sh @@ -40,7 +40,7 @@ stop_metricbeat() { } get_monitor_count() { - curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" "$ES_ENDPOINT/$INDEX_NAME/_count" | jq '.count // 0' + curl -s -H "Authorization: ApiKey $TESTER_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' "$ES_ENDPOINT/$INDEX_NAME/_count" | jq '.count // 0' } compare_monitor_count() { diff --git a/ci/serverless/monitoring_tests.sh b/ci/serverless/monitoring_tests.sh index 3113e4473..431fc5f2d 100755 --- a/ci/serverless/monitoring_tests.sh +++ b/ci/serverless/monitoring_tests.sh @@ -6,7 +6,7 @@ set -ex source ./$(dirname "$0")/common.sh get_monitor_count() { - curl -s -H "Authorization: ApiKey $LS_ROLE_API_KEY_ENCODED" "$ES_ENDPOINT/.monitoring-logstash-7-*/_count" | jq '.count' + curl -s -H "Authorization: ApiKey $LS_ROLE_API_KEY_ENCODED" -H 'x-elastic-product-origin: logstash' "$ES_ENDPOINT/.monitoring-logstash-7-*/_count" | jq '.count' } compare_monitor_count() { From 2d51cc0ba993c238a5ac5a686984434a3384ef3f Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Fri, 13 Dec 2024 11:21:07 -0800 Subject: [PATCH 136/290] Document obsolete settings for elasticsearch output plugin (#16787) Update breaking changes doc with the standardized ssl settings for the logstash-output-elasticsearch plugin. --- docs/static/breaking-changes-90.asciidoc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/docs/static/breaking-changes-90.asciidoc b/docs/static/breaking-changes-90.asciidoc index 58f6c6288..cadb5620a 100644 --- a/docs/static/breaking-changes-90.asciidoc +++ b/docs/static/breaking-changes-90.asciidoc @@ -43,6 +43,27 @@ removed and their replacements. ==== +[discrete] +[[output-elasticsearch-ssl-9.0]] +.`logstash-output-elasticsearch` + +[%collapsible] +==== + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| cacert |<> +| keystore |<> +| keystore_password |<> +| ssl |<> +| ssl_certificate_verification |<> +| truststore |<> +| truststore_password |<> +|======================================================================= + +==== + [discrete] [[output-http-ssl-9.0]] .`logstash-output-http` From e6e0f9f6ebd3163b7b07a1f689c5549d1026b76d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Mon, 16 Dec 2024 10:41:05 +0000 Subject: [PATCH 137/290] give more memory to tests. 1gb instead of 512mb (#16764) --- build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/build.gradle b/build.gradle index f71190ee6..e235af4d2 100644 --- a/build.gradle +++ b/build.gradle @@ -101,6 +101,7 @@ allprojects { "--add-opens=java.base/java.lang=ALL-UNNAMED", "--add-opens=java.base/java.util=ALL-UNNAMED" ] + maxHeapSize = "2g" //https://stackoverflow.com/questions/3963708/gradle-how-to-display-test-results-in-the-console-in-real-time testLogging { // set options for log level LIFECYCLE From e1f4e772dc220f9582d8fd736d8f6d5d4e66aba3 Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Mon, 16 Dec 2024 15:25:43 -0500 Subject: [PATCH 138/290] Doc: Update security docs to replace obsolete cacert setting (#16798) --- docs/static/security/es-security.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/static/security/es-security.asciidoc b/docs/static/security/es-security.asciidoc index 5df08ec12..cecd32c3b 100644 --- a/docs/static/security/es-security.asciidoc +++ b/docs/static/security/es-security.asciidoc @@ -78,7 +78,7 @@ As always, there's a definite argument for consistency across deployments. [[es-sec-plugin]] ==== Configure the elasticsearch output -Use the <> <> to point to the certificate's location. +Use the <> <> to point to the certificate's location. **Example** @@ -87,7 +87,7 @@ Use the <> < ["https://...] <1> - cacert => '/etc/logstash/config/certs/ca.crt' <2> + ssl_certificate_authorities => ['/etc/logstash/config/certs/ca.crt'] <2> } } ------- From 6e0d235c9d81362e5c208a4a486bdf5ec9460c13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Duarte?= Date: Tue, 17 Dec 2024 10:22:12 +0000 Subject: [PATCH 139/290] update releases file with 8.16.2 GA (#16807) --- ci/logstash_releases.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/logstash_releases.json b/ci/logstash_releases.json index f029252d1..e5aa12db7 100644 --- a/ci/logstash_releases.json +++ b/ci/logstash_releases.json @@ -1,12 +1,12 @@ { "releases": { "7.current": "7.17.26", - "8.previous": "8.16.1", + "8.previous": "8.16.2", "8.current": "8.17.0" }, "snapshots": { "7.current": "7.17.27-SNAPSHOT", - "8.previous": "8.16.2-SNAPSHOT", + "8.previous": "8.16.3-SNAPSHOT", "8.current": "8.17.1-SNAPSHOT", "8.next": null, "8.future": "8.18.0-SNAPSHOT", From 03ddf12893ae9a185d4aa69406737c5660968138 Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Tue, 17 Dec 2024 18:16:48 +0000 Subject: [PATCH 140/290] [doc] use UBI8 as base image (#16812) --- docs/static/docker.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/static/docker.asciidoc b/docs/static/docker.asciidoc index 178167afc..af744a398 100644 --- a/docs/static/docker.asciidoc +++ b/docs/static/docker.asciidoc @@ -1,7 +1,7 @@ [[docker]] === Running Logstash on Docker Docker images for Logstash are available from the Elastic Docker -registry. The base image is https://hub.docker.com/_/ubuntu/[ubuntu:20.04]. +registry. The base image is https://catalog.redhat.com/software/containers/ubi8/ubi-minimal/5c359a62bed8bd75a2c3fba8[Red Hat Universal Base Image 8 Minimal]. A list of all published Docker images and tags is available at https://www.docker.elastic.co[www.docker.elastic.co]. The source code is in From 05789744d2daf458f41d086a58e59dac94715b3e Mon Sep 17 00:00:00 2001 From: kaisecheng <69120390+kaisecheng@users.noreply.github.com> Date: Thu, 19 Dec 2024 14:28:54 +0000 Subject: [PATCH 141/290] Remove the Arcsight module and the modules framework (#16794) Remove all module related code - remove arcsight module - remove module framework - remove module tests - remove module configs --- build.gradle | 4 - config/logstash.yml | 32 --- docker/data/logstash/env2yaml/env2yaml.go | 6 +- .../lib/logstash/config/modules_common.rb | 130 --------- .../lib/logstash/config/source/base.rb | 32 --- .../lib/logstash/config/source/local.rb | 2 +- .../lib/logstash/config/source/modules.rb | 68 ----- .../lib/logstash/config/source/multi_local.rb | 6 +- .../lib/logstash/config/source_loader.rb | 1 - .../lib/logstash/elasticsearch_client.rb | 157 ----------- logstash-core/lib/logstash/environment.rb | 8 - .../lib/logstash/modules/cli_parser.rb | 87 ------ .../logstash/modules/elasticsearch_config.rb | 35 --- .../modules/elasticsearch_importer.rb | 49 ---- .../modules/elasticsearch_resource.rb | 25 -- .../lib/logstash/modules/file_reader.rb | 50 ---- .../lib/logstash/modules/kibana_base.rb | 39 --- .../lib/logstash/modules/kibana_client.rb | 163 ------------ .../lib/logstash/modules/kibana_config.rb | 135 ---------- .../lib/logstash/modules/kibana_dashboards.rb | 50 ---- .../lib/logstash/modules/kibana_importer.rb | 30 --- .../lib/logstash/modules/kibana_resource.rb | 25 -- .../lib/logstash/modules/kibana_settings.rb | 55 ---- .../lib/logstash/modules/logstash_config.rb | 149 ----------- .../lib/logstash/modules/resource_base.rb | 53 ---- .../lib/logstash/modules/scaffold.rb | 69 ----- .../lib/logstash/modules/settings_merger.rb | 94 ------- logstash-core/lib/logstash/modules/util.rb | 33 --- .../lib/logstash/plugins/registry.rb | 1 - logstash-core/lib/logstash/runner.rb | 34 --- logstash-core/lib/logstash/settings.rb | 24 -- .../util/manticore_ssl_config_helper.rb | 86 ------ .../logstash/util/modules_setting_array.rb | 20 -- logstash-core/locales/en.yml | 64 ----- .../spec/logstash/config/source/local_spec.rb | 4 +- .../logstash/elasticsearch_client_spec.rb | 53 ---- .../spec/logstash/modules/cli_parser_spec.rb | 142 ---------- .../logstash/modules/kibana_client_spec.rb | 105 -------- .../logstash/modules/logstash_config_spec.rb | 91 ------- .../spec/logstash/modules/scaffold_spec.rb | 248 ------------------ .../logstash/modules/settings_merger_spec.rb | 156 ----------- .../spec/logstash/plugins/registry_spec.rb | 1 - logstash-core/spec/logstash/runner_spec.rb | 117 --------- .../spec/logstash/settings/modules_spec.rb | 143 ---------- logstash-core/spec/logstash/webserver_spec.rb | 2 + .../modules/tester/configuration/README.txt | 1 - .../configuration/elasticsearch/tester.json | 51 ---- .../kibana/5.x/dashboard/FW-Dashboard.json | 20 -- .../kibana/5.x/dashboard/tester.json | 1 - .../kibana/5.x/index-pattern/tester.json | 7 - .../kibana/5.x/search/Search-Tester.json | 19 -- .../kibana/5.x/visualization/FW-Viz-1.json | 11 - .../kibana/5.x/visualization/FW-Viz-2.json | 11 - .../kibana/6.x/dashboard/FW-Dashboard.json | 20 -- .../kibana/6.x/dashboard/tester.json | 1 - .../kibana/6.x/index-pattern/tester.json | 7 - .../kibana/6.x/search/Search-Tester.json | 19 -- .../kibana/6.x/visualization/FW-Viz-1.json | 11 - .../kibana/6.x/visualization/FW-Viz-2.json | 11 - .../configuration/logstash/tester.conf.erb | 34 --- .../logstash/util/ModulesSettingArray.java | 81 ------ modules/README.md | 2 - rakelib/artifacts.rake | 1 - rakelib/modules.rake | 97 ------- .../lib/config_management/bootstrap_check.rb | 4 - x-pack/lib/config_management/hooks.rb | 2 - x-pack/lib/helpers/elasticsearch_options.rb | 63 ----- x-pack/lib/modules/module_license_checker.rb | 76 ------ x-pack/lib/modules/xpack_scaffold.rb | 22 -- .../monitoring/internal_pipeline_source.rb | 2 +- x-pack/lib/monitoring/monitoring.rb | 2 +- x-pack/lib/x-pack/logstash_registry.rb | 14 +- x-pack/modules/README.md | 99 ------- .../configuration/elasticsearch/arcsight.json | 220 ---------------- .../153e0bf0-752f-11e7-ae68-d756b92f3a9c.json | 20 -- .../37af0b40-398d-11e7-ae19-21fb91585845.json | 20 -- .../64c92510-4555-11e7-83ea-67cb6920446d.json | 20 -- .../82051450-3e56-11e7-96c4-0d3a291ec93a.json | 20 -- .../kibana/5.x/dashboard/arcsight.json | 7 - .../d2fa5030-3e5d-11e7-b212-897f1496dc0e.json | 20 -- .../kibana/5.x/index-pattern/arcsight.json | 7 - .../16a72e70-4543-11e7-9510-4b0b4978ab0e.json | 35 --- .../1d9ba830-3e47-11e7-af78-9fc514b4e118.json | 22 -- .../6315e7a0-34be-11e7-95dc-4f6090d732f6.json | 30 --- .../7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json | 27 -- .../bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json | 38 --- .../039815b0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../08ee04d0-4556-11e7-83ea-67cb6920446d.json | 11 - .../08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json | 10 - .../0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json | 10 - .../0e4558b0-4552-11e7-86b6-95298e9da6dc.json | 10 - .../1439a5e0-3e69-11e7-899c-f940f646009b.json | 10 - .../154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../1bde8be0-3e68-11e7-899c-f940f646009b.json | 11 - .../1c54cda0-752c-11e7-9445-91c40765092f.json | 11 - .../1de45d60-7523-11e7-9445-91c40765092f.json | 11 - .../2a33c810-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../2b369910-4553-11e7-83ea-67cb6920446d.json | 11 - .../31b85570-454a-11e7-86b6-95298e9da6dc.json | 10 - .../35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../4303de60-752b-11e7-9445-91c40765092f.json | 11 - .../45387480-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../463fc740-454e-11e7-86b6-95298e9da6dc.json | 11 - .../47c2a140-454f-11e7-86b6-95298e9da6dc.json | 11 - .../49953800-4547-11e7-a94a-5d0a73686c64.json | 10 - .../4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json | 10 - .../4ee62420-7523-11e7-871d-5f0fb978413c.json | 10 - .../4ff86ee0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json | 11 - .../5acb74d0-398b-11e7-ae19-21fb91585845.json | 10 - .../6414e6b0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../68180c80-4556-11e7-83ea-67cb6920446d.json | 11 - .../6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../6dfc0e30-3958-11e7-ae19-21fb91585845.json | 10 - .../6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json | 11 - .../7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../75582a90-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7a043760-3990-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7c414c90-3e66-11e7-899c-f940f646009b.json | 11 - .../7c6875e0-3e61-11e7-899c-f940f646009b.json | 11 - .../801fff70-395a-11e7-ae19-21fb91585845.json | 10 - .../82caeb10-4556-11e7-83ea-67cb6920446d.json | 11 - .../8bdaafe0-454e-11e7-86b6-95298e9da6dc.json | 11 - .../8cda1c30-752a-11e7-9445-91c40765092f.json | 11 - .../8f0161a0-752d-11e7-b440-f1d91dc5774d.json | 11 - .../8f8d6230-454f-11e7-86b6-95298e9da6dc.json | 11 - .../9141cc20-4553-11e7-83ea-67cb6920446d.json | 11 - .../93531890-4556-11e7-83ea-67cb6920446d.json | 11 - .../96af5bf0-3e50-11e7-af78-9fc514b4e118.json | 10 - .../992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../9d317890-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../9de87d40-3e4e-11e7-af78-9fc514b4e118.json | 11 - .../9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json | 10 - .../a8ce0ef0-4556-11e7-83ea-67cb6920446d.json | 11 - .../aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json | 11 - .../aa57b050-7526-11e7-b440-f1d91dc5774d.json | 10 - .../ad802c10-3973-11e7-ae19-21fb91585845.json | 11 - .../afdba840-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../b74e59b0-3e5f-11e7-899c-f940f646009b.json | 11 - .../b897ce70-4556-11e7-83ea-67cb6920446d.json | 11 - .../bd1c82c0-75a7-11e7-871d-5f0fb978413c.json | 10 - .../bfa45650-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../c53825b0-3e4b-11e7-af78-9fc514b4e118.json | 10 - .../c658b300-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../c6db4140-4544-11e7-a94a-5d0a73686c64.json | 11 - .../c9e333a0-4550-11e7-86b6-95298e9da6dc.json | 11 - .../cc8affd0-3e65-11e7-899c-f940f646009b.json | 11 - .../cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../d6d526f0-395b-11e7-ae19-21fb91585845.json | 10 - .../d72d7940-7529-11e7-9445-91c40765092f.json | 11 - .../d8314510-454f-11e7-86b6-95298e9da6dc.json | 11 - .../ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../e301a830-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../e3888410-3e50-11e7-96c4-0d3a291ec93a.json | 10 - .../e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json | 11 - .../e9c3ee00-3978-11e7-ae19-21fb91585845.json | 11 - .../ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json | 10 - .../ec576ff0-4546-11e7-a94a-5d0a73686c64.json | 10 - .../ec926660-396f-11e7-ae19-21fb91585845.json | 11 - .../ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json | 10 - .../f0664070-4551-11e7-86b6-95298e9da6dc.json | 10 - .../f23438c0-4548-11e7-a94a-5d0a73686c64.json | 10 - .../f57ea930-395d-11e7-ae19-21fb91585845.json | 10 - .../f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json | 11 - .../ff476320-3e4a-11e7-af78-9fc514b4e118.json | 11 - .../153e0bf0-752f-11e7-ae68-d756b92f3a9c.json | 20 -- .../37af0b40-398d-11e7-ae19-21fb91585845.json | 20 -- .../64c92510-4555-11e7-83ea-67cb6920446d.json | 20 -- .../82051450-3e56-11e7-96c4-0d3a291ec93a.json | 20 -- .../kibana/6.x/dashboard/arcsight.json | 7 - .../d2fa5030-3e5d-11e7-b212-897f1496dc0e.json | 20 -- .../kibana/6.x/index-pattern/arcsight.json | 7 - .../16a72e70-4543-11e7-9510-4b0b4978ab0e.json | 35 --- .../1d9ba830-3e47-11e7-af78-9fc514b4e118.json | 22 -- .../6315e7a0-34be-11e7-95dc-4f6090d732f6.json | 30 --- .../7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json | 27 -- .../bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json | 38 --- .../039815b0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../08ee04d0-4556-11e7-83ea-67cb6920446d.json | 11 - .../08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json | 10 - .../0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json | 10 - .../0e4558b0-4552-11e7-86b6-95298e9da6dc.json | 10 - .../1439a5e0-3e69-11e7-899c-f940f646009b.json | 10 - .../154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../1bde8be0-3e68-11e7-899c-f940f646009b.json | 11 - .../1c54cda0-752c-11e7-9445-91c40765092f.json | 11 - .../1de45d60-7523-11e7-9445-91c40765092f.json | 11 - .../2a33c810-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../2b369910-4553-11e7-83ea-67cb6920446d.json | 11 - .../31b85570-454a-11e7-86b6-95298e9da6dc.json | 10 - .../35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../4303de60-752b-11e7-9445-91c40765092f.json | 11 - .../45387480-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../463fc740-454e-11e7-86b6-95298e9da6dc.json | 11 - .../47c2a140-454f-11e7-86b6-95298e9da6dc.json | 11 - .../49953800-4547-11e7-a94a-5d0a73686c64.json | 10 - .../4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json | 10 - .../4ee62420-7523-11e7-871d-5f0fb978413c.json | 10 - .../4ff86ee0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json | 11 - .../5acb74d0-398b-11e7-ae19-21fb91585845.json | 10 - .../6414e6b0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../68180c80-4556-11e7-83ea-67cb6920446d.json | 11 - .../6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../6dfc0e30-3958-11e7-ae19-21fb91585845.json | 10 - .../6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json | 11 - .../7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../75582a90-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7a043760-3990-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7c414c90-3e66-11e7-899c-f940f646009b.json | 11 - .../7c6875e0-3e61-11e7-899c-f940f646009b.json | 11 - .../801fff70-395a-11e7-ae19-21fb91585845.json | 10 - .../82caeb10-4556-11e7-83ea-67cb6920446d.json | 11 - .../8bdaafe0-454e-11e7-86b6-95298e9da6dc.json | 11 - .../8cda1c30-752a-11e7-9445-91c40765092f.json | 11 - .../8f0161a0-752d-11e7-b440-f1d91dc5774d.json | 11 - .../8f8d6230-454f-11e7-86b6-95298e9da6dc.json | 11 - .../9141cc20-4553-11e7-83ea-67cb6920446d.json | 11 - .../93531890-4556-11e7-83ea-67cb6920446d.json | 11 - .../96af5bf0-3e50-11e7-af78-9fc514b4e118.json | 10 - .../992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../9d317890-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../9de87d40-3e4e-11e7-af78-9fc514b4e118.json | 11 - .../9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json | 10 - .../a8ce0ef0-4556-11e7-83ea-67cb6920446d.json | 11 - .../aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json | 11 - .../aa57b050-7526-11e7-b440-f1d91dc5774d.json | 10 - .../ad802c10-3973-11e7-ae19-21fb91585845.json | 11 - .../afdba840-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../b74e59b0-3e5f-11e7-899c-f940f646009b.json | 11 - .../b897ce70-4556-11e7-83ea-67cb6920446d.json | 11 - .../bd1c82c0-75a7-11e7-871d-5f0fb978413c.json | 10 - .../bfa45650-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../c53825b0-3e4b-11e7-af78-9fc514b4e118.json | 10 - .../c658b300-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../c6db4140-4544-11e7-a94a-5d0a73686c64.json | 11 - .../c9e333a0-4550-11e7-86b6-95298e9da6dc.json | 11 - .../cc8affd0-3e65-11e7-899c-f940f646009b.json | 11 - .../cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../d6d526f0-395b-11e7-ae19-21fb91585845.json | 10 - .../d72d7940-7529-11e7-9445-91c40765092f.json | 11 - .../d8314510-454f-11e7-86b6-95298e9da6dc.json | 11 - .../ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../e301a830-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../e3888410-3e50-11e7-96c4-0d3a291ec93a.json | 10 - .../e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json | 11 - .../e9c3ee00-3978-11e7-ae19-21fb91585845.json | 11 - .../ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json | 10 - .../ec576ff0-4546-11e7-a94a-5d0a73686c64.json | 10 - .../ec926660-396f-11e7-ae19-21fb91585845.json | 11 - .../ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json | 10 - .../f0664070-4551-11e7-86b6-95298e9da6dc.json | 10 - .../f23438c0-4548-11e7-a94a-5d0a73686c64.json | 10 - .../f57ea930-395d-11e7-ae19-21fb91585845.json | 10 - .../f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json | 11 - .../ff476320-3e4a-11e7-af78-9fc514b4e118.json | 11 - .../153e0bf0-752f-11e7-ae68-d756b92f3a9c.json | 20 -- .../37af0b40-398d-11e7-ae19-21fb91585845.json | 20 -- .../64c92510-4555-11e7-83ea-67cb6920446d.json | 20 -- .../82051450-3e56-11e7-96c4-0d3a291ec93a.json | 20 -- .../kibana/7.x/dashboard/arcsight.json | 7 - .../d2fa5030-3e5d-11e7-b212-897f1496dc0e.json | 20 -- .../kibana/7.x/index-pattern/arcsight.json | 7 - .../16a72e70-4543-11e7-9510-4b0b4978ab0e.json | 35 --- .../1d9ba830-3e47-11e7-af78-9fc514b4e118.json | 22 -- .../6315e7a0-34be-11e7-95dc-4f6090d732f6.json | 30 --- .../7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json | 27 -- .../bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json | 38 --- .../039815b0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../08ee04d0-4556-11e7-83ea-67cb6920446d.json | 11 - .../08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json | 10 - .../0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json | 10 - .../0e4558b0-4552-11e7-86b6-95298e9da6dc.json | 10 - .../1439a5e0-3e69-11e7-899c-f940f646009b.json | 10 - .../154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../1bde8be0-3e68-11e7-899c-f940f646009b.json | 11 - .../1c54cda0-752c-11e7-9445-91c40765092f.json | 11 - .../1de45d60-7523-11e7-9445-91c40765092f.json | 11 - .../2a33c810-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../2b369910-4553-11e7-83ea-67cb6920446d.json | 11 - .../31b85570-454a-11e7-86b6-95298e9da6dc.json | 10 - .../35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../4303de60-752b-11e7-9445-91c40765092f.json | 11 - .../45387480-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../463fc740-454e-11e7-86b6-95298e9da6dc.json | 11 - .../47c2a140-454f-11e7-86b6-95298e9da6dc.json | 11 - .../49953800-4547-11e7-a94a-5d0a73686c64.json | 10 - .../4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json | 10 - .../4ee62420-7523-11e7-871d-5f0fb978413c.json | 10 - .../4ff86ee0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json | 11 - .../5acb74d0-398b-11e7-ae19-21fb91585845.json | 10 - .../6414e6b0-4549-11e7-86b6-95298e9da6dc.json | 11 - .../68180c80-4556-11e7-83ea-67cb6920446d.json | 11 - .../6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json | 11 - .../6dfc0e30-3958-11e7-ae19-21fb91585845.json | 10 - .../6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json | 11 - .../7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../75582a90-3987-11e7-8b9d-ddc45b5f6d00.json | 11 - .../77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7a043760-3990-11e7-8b9d-ddc45b5f6d00.json | 11 - .../7c414c90-3e66-11e7-899c-f940f646009b.json | 11 - .../7c6875e0-3e61-11e7-899c-f940f646009b.json | 11 - .../801fff70-395a-11e7-ae19-21fb91585845.json | 10 - .../82caeb10-4556-11e7-83ea-67cb6920446d.json | 11 - .../8bdaafe0-454e-11e7-86b6-95298e9da6dc.json | 11 - .../8cda1c30-752a-11e7-9445-91c40765092f.json | 11 - .../8f0161a0-752d-11e7-b440-f1d91dc5774d.json | 11 - .../8f8d6230-454f-11e7-86b6-95298e9da6dc.json | 11 - .../9141cc20-4553-11e7-83ea-67cb6920446d.json | 11 - .../93531890-4556-11e7-83ea-67cb6920446d.json | 11 - .../96af5bf0-3e50-11e7-af78-9fc514b4e118.json | 10 - .../992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../9d317890-3988-11e7-8b9d-ddc45b5f6d00.json | 11 - .../9de87d40-3e4e-11e7-af78-9fc514b4e118.json | 11 - .../9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json | 10 - .../a8ce0ef0-4556-11e7-83ea-67cb6920446d.json | 11 - .../aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json | 11 - .../aa57b050-7526-11e7-b440-f1d91dc5774d.json | 10 - .../ad802c10-3973-11e7-ae19-21fb91585845.json | 11 - .../afdba840-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../b74e59b0-3e5f-11e7-899c-f940f646009b.json | 11 - .../b897ce70-4556-11e7-83ea-67cb6920446d.json | 11 - .../bd1c82c0-75a7-11e7-871d-5f0fb978413c.json | 10 - .../bfa45650-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../c53825b0-3e4b-11e7-af78-9fc514b4e118.json | 10 - .../c658b300-7745-11e7-8fb2-417804dc0ec8.json | 11 - .../c6db4140-4544-11e7-a94a-5d0a73686c64.json | 11 - .../c9e333a0-4550-11e7-86b6-95298e9da6dc.json | 11 - .../cc8affd0-3e65-11e7-899c-f940f646009b.json | 11 - .../cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../d6d526f0-395b-11e7-ae19-21fb91585845.json | 10 - .../d72d7940-7529-11e7-9445-91c40765092f.json | 11 - .../d8314510-454f-11e7-86b6-95298e9da6dc.json | 11 - .../ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json | 11 - .../e301a830-3e4d-11e7-af78-9fc514b4e118.json | 11 - .../e3888410-3e50-11e7-96c4-0d3a291ec93a.json | 10 - .../e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json | 11 - .../e9c3ee00-3978-11e7-ae19-21fb91585845.json | 11 - .../ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json | 10 - .../ec576ff0-4546-11e7-a94a-5d0a73686c64.json | 10 - .../ec926660-396f-11e7-ae19-21fb91585845.json | 11 - .../ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json | 10 - .../f0664070-4551-11e7-86b6-95298e9da6dc.json | 10 - .../f23438c0-4548-11e7-a94a-5d0a73686c64.json | 10 - .../f57ea930-395d-11e7-ae19-21fb91585845.json | 10 - .../f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json | 11 - .../fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json | 11 - .../ff476320-3e4a-11e7-af78-9fc514b4e118.json | 11 - .../configuration/logstash/arcsight.conf.erb | 71 ----- .../lib/arcsight_module_config_helper.rb | 67 ----- .../config_management/bootstrap_check_spec.rb | 32 --- x-pack/spec/config_management/hooks_spec.rb | 4 - .../helpers/elasticsearch_options_spec.rb | 143 ++-------- .../arcsight_module_config_helper_spec.rb | 76 ------ .../arcsight/arcsight_module_config_spec.rb | 19 -- .../yaml/event_broker_with_security.yml | 22 -- .../yaml/smart_connector_with_ssl.yml | 15 -- .../modules/module_license_checker_spec.rb | 114 -------- 369 files changed, 30 insertions(+), 7785 deletions(-) delete mode 100644 logstash-core/lib/logstash/config/modules_common.rb delete mode 100644 logstash-core/lib/logstash/config/source/modules.rb delete mode 100644 logstash-core/lib/logstash/elasticsearch_client.rb delete mode 100644 logstash-core/lib/logstash/modules/cli_parser.rb delete mode 100644 logstash-core/lib/logstash/modules/elasticsearch_config.rb delete mode 100644 logstash-core/lib/logstash/modules/elasticsearch_importer.rb delete mode 100644 logstash-core/lib/logstash/modules/elasticsearch_resource.rb delete mode 100644 logstash-core/lib/logstash/modules/file_reader.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_base.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_client.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_config.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_dashboards.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_importer.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_resource.rb delete mode 100644 logstash-core/lib/logstash/modules/kibana_settings.rb delete mode 100644 logstash-core/lib/logstash/modules/logstash_config.rb delete mode 100644 logstash-core/lib/logstash/modules/resource_base.rb delete mode 100644 logstash-core/lib/logstash/modules/scaffold.rb delete mode 100644 logstash-core/lib/logstash/modules/settings_merger.rb delete mode 100644 logstash-core/lib/logstash/modules/util.rb delete mode 100644 logstash-core/lib/logstash/util/manticore_ssl_config_helper.rb delete mode 100644 logstash-core/lib/logstash/util/modules_setting_array.rb delete mode 100644 logstash-core/spec/logstash/elasticsearch_client_spec.rb delete mode 100644 logstash-core/spec/logstash/modules/cli_parser_spec.rb delete mode 100644 logstash-core/spec/logstash/modules/kibana_client_spec.rb delete mode 100644 logstash-core/spec/logstash/modules/logstash_config_spec.rb delete mode 100644 logstash-core/spec/logstash/modules/scaffold_spec.rb delete mode 100644 logstash-core/spec/logstash/modules/settings_merger_spec.rb delete mode 100644 logstash-core/spec/logstash/settings/modules_spec.rb delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/README.txt delete mode 100755 logstash-core/spec/modules_test_files/modules/tester/configuration/elasticsearch/tester.json delete mode 100755 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/dashboard/FW-Dashboard.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/dashboard/tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/index-pattern/tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/search/Search-Tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/visualization/FW-Viz-1.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/5.x/visualization/FW-Viz-2.json delete mode 100755 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/dashboard/FW-Dashboard.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/dashboard/tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/index-pattern/tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/search/Search-Tester.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/visualization/FW-Viz-1.json delete mode 100644 logstash-core/spec/modules_test_files/modules/tester/configuration/kibana/6.x/visualization/FW-Viz-2.json delete mode 100755 logstash-core/spec/modules_test_files/modules/tester/configuration/logstash/tester.conf.erb delete mode 100644 logstash-core/src/main/java/org/logstash/util/ModulesSettingArray.java delete mode 100644 modules/README.md delete mode 100644 rakelib/modules.rake delete mode 100644 x-pack/lib/modules/module_license_checker.rb delete mode 100644 x-pack/lib/modules/xpack_scaffold.rb delete mode 100644 x-pack/modules/README.md delete mode 100644 x-pack/modules/arcsight/configuration/elasticsearch/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/153e0bf0-752f-11e7-ae68-d756b92f3a9c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/37af0b40-398d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/64c92510-4555-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/82051450-3e56-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/dashboard/d2fa5030-3e5d-11e7-b212-897f1496dc0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/index-pattern/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/search/16a72e70-4543-11e7-9510-4b0b4978ab0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/search/1d9ba830-3e47-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/search/6315e7a0-34be-11e7-95dc-4f6090d732f6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/search/7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/search/bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/039815b0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/08ee04d0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/0e4558b0-4552-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/1439a5e0-3e69-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/1bde8be0-3e68-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/1c54cda0-752c-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/1de45d60-7523-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/2a33c810-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/2b369910-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/31b85570-454a-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/4303de60-752b-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/45387480-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/463fc740-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/47c2a140-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/49953800-4547-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/4ee62420-7523-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/4ff86ee0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/5acb74d0-398b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/6414e6b0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/68180c80-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/6dfc0e30-3958-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/75582a90-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/7a043760-3990-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/7c414c90-3e66-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/7c6875e0-3e61-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/801fff70-395a-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/82caeb10-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/8bdaafe0-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/8cda1c30-752a-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/8f0161a0-752d-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/8f8d6230-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/9141cc20-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/93531890-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/96af5bf0-3e50-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/9d317890-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/9de87d40-3e4e-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/a8ce0ef0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/aa57b050-7526-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ad802c10-3973-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/afdba840-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/b74e59b0-3e5f-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/b897ce70-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/bd1c82c0-75a7-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/bfa45650-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/c53825b0-3e4b-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/c658b300-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/c6db4140-4544-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/c9e333a0-4550-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/cc8affd0-3e65-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/d6d526f0-395b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/d72d7940-7529-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/d8314510-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/e301a830-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/e3888410-3e50-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/e9c3ee00-3978-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ec576ff0-4546-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ec926660-396f-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/f0664070-4551-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/f23438c0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/f57ea930-395d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/5.x/visualization/ff476320-3e4a-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/153e0bf0-752f-11e7-ae68-d756b92f3a9c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/37af0b40-398d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/64c92510-4555-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/82051450-3e56-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/dashboard/d2fa5030-3e5d-11e7-b212-897f1496dc0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/index-pattern/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/search/16a72e70-4543-11e7-9510-4b0b4978ab0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/search/1d9ba830-3e47-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/search/6315e7a0-34be-11e7-95dc-4f6090d732f6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/search/7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/search/bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/039815b0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/08ee04d0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/0e4558b0-4552-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/1439a5e0-3e69-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/1bde8be0-3e68-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/1c54cda0-752c-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/1de45d60-7523-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/2a33c810-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/2b369910-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/31b85570-454a-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/4303de60-752b-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/45387480-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/463fc740-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/47c2a140-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/49953800-4547-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/4ee62420-7523-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/4ff86ee0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/5acb74d0-398b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/6414e6b0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/68180c80-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/6dfc0e30-3958-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/75582a90-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/7a043760-3990-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/7c414c90-3e66-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/7c6875e0-3e61-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/801fff70-395a-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/82caeb10-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/8bdaafe0-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/8cda1c30-752a-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/8f0161a0-752d-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/8f8d6230-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/9141cc20-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/93531890-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/96af5bf0-3e50-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/9d317890-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/9de87d40-3e4e-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/a8ce0ef0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/aa57b050-7526-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ad802c10-3973-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/afdba840-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/b74e59b0-3e5f-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/b897ce70-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/bd1c82c0-75a7-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/bfa45650-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/c53825b0-3e4b-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/c658b300-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/c6db4140-4544-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/c9e333a0-4550-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/cc8affd0-3e65-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/d6d526f0-395b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/d72d7940-7529-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/d8314510-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/e301a830-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/e3888410-3e50-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/e9c3ee00-3978-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ec576ff0-4546-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ec926660-396f-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/f0664070-4551-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/f23438c0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/f57ea930-395d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/6.x/visualization/ff476320-3e4a-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/153e0bf0-752f-11e7-ae68-d756b92f3a9c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/37af0b40-398d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/64c92510-4555-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/82051450-3e56-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/dashboard/d2fa5030-3e5d-11e7-b212-897f1496dc0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/index-pattern/arcsight.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/search/16a72e70-4543-11e7-9510-4b0b4978ab0e.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/search/1d9ba830-3e47-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/search/6315e7a0-34be-11e7-95dc-4f6090d732f6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/search/7a2fc9c0-454d-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/search/bb1f4bc0-73fd-11e7-b4d0-0fc7dfb45744.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/039815b0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/08ee04d0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/08f8cf10-3e57-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/0bdbb5a0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/0e4558b0-4552-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/1439a5e0-3e69-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/154ff7e0-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/161e27e0-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/1bde8be0-3e68-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/1c54cda0-752c-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/1de45d60-7523-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/2a33c810-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/2b369910-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/31b85570-454a-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/35ce1310-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/4303de60-752b-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/45387480-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/463fc740-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/47c2a140-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/49953800-4547-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/4cf91f90-3d5c-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/4ee62420-7523-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/4ff86ee0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/5acacad0-3986-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/5acb74d0-398b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/6414e6b0-4549-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/68180c80-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/6bb7d0e0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/6dfc0e30-3958-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/6fb90a30-3e6b-11e7-9d4a-89ea81333ea4.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/7008cd50-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/75582a90-3987-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/77cb1470-3989-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/7a043760-3990-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/7c414c90-3e66-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/7c6875e0-3e61-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/801fff70-395a-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/82caeb10-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/8bdaafe0-454e-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/8cda1c30-752a-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/8f0161a0-752d-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/8f8d6230-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/9141cc20-4553-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/93531890-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/96af5bf0-3e50-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/992c7bd0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/9d317890-3988-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/9de87d40-3e4e-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/9e4c5ca0-76cc-11e7-9fc0-830beaf5fb4b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/a8ce0ef0-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/aa2ff0a0-3e4a-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/aa57b050-7526-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ad802c10-3973-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/afdba840-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/b1f98ce0-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/b74e59b0-3e5f-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/b897ce70-4556-11e7-83ea-67cb6920446d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/bd1c82c0-75a7-11e7-871d-5f0fb978413c.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/bfa45650-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/c53825b0-3e4b-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/c658b300-7745-11e7-8fb2-417804dc0ec8.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/c6db4140-4544-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/c9e333a0-4550-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/cc8affd0-3e65-11e7-899c-f940f646009b.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/cd462cc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/d6d526f0-395b-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/d72d7940-7529-11e7-9445-91c40765092f.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/d8314510-454f-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ddef4fc0-3e55-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/e301a830-3e4d-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/e3888410-3e50-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/e7404c60-71cb-11e7-bdf5-8b8209f1c4b6.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/e9c3ee00-3978-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ebfd45a0-75a4-11e7-b440-f1d91dc5774d.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ec576ff0-4546-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ec926660-396f-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ed2f5570-3d5b-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/f0664070-4551-11e7-86b6-95298e9da6dc.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/f23438c0-4548-11e7-a94a-5d0a73686c64.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/f57ea930-395d-11e7-ae19-21fb91585845.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/f99c22e0-3e4e-11e7-96c4-0d3a291ec93a.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/fd70bca0-398f-11e7-8b9d-ddc45b5f6d00.json delete mode 100644 x-pack/modules/arcsight/configuration/kibana/7.x/visualization/ff476320-3e4a-11e7-af78-9fc514b4e118.json delete mode 100644 x-pack/modules/arcsight/configuration/logstash/arcsight.conf.erb delete mode 100644 x-pack/modules/arcsight/lib/arcsight_module_config_helper.rb delete mode 100644 x-pack/spec/modules/arcsight/arcsight_module_config_helper_spec.rb delete mode 100644 x-pack/spec/modules/arcsight/arcsight_module_config_spec.rb delete mode 100644 x-pack/spec/modules/arcsight/yaml/event_broker_with_security.yml delete mode 100644 x-pack/spec/modules/arcsight/yaml/smart_connector_with_ssl.yml delete mode 100644 x-pack/spec/modules/module_license_checker_spec.rb diff --git a/build.gradle b/build.gradle index e235af4d2..d184538cd 100644 --- a/build.gradle +++ b/build.gradle @@ -334,7 +334,6 @@ tasks.register("assembleTarDistribution") { inputs.files fileTree("${projectDir}/bin") inputs.files fileTree("${projectDir}/config") inputs.files fileTree("${projectDir}/lib") - inputs.files fileTree("${projectDir}/modules") inputs.files fileTree("${projectDir}/logstash-core-plugin-api") inputs.files fileTree("${projectDir}/logstash-core/lib") inputs.files fileTree("${projectDir}/logstash-core/src") @@ -351,7 +350,6 @@ tasks.register("assembleOssTarDistribution") { inputs.files fileTree("${projectDir}/bin") inputs.files fileTree("${projectDir}/config") inputs.files fileTree("${projectDir}/lib") - inputs.files fileTree("${projectDir}/modules") inputs.files fileTree("${projectDir}/logstash-core-plugin-api") inputs.files fileTree("${projectDir}/logstash-core/lib") inputs.files fileTree("${projectDir}/logstash-core/src") @@ -366,7 +364,6 @@ tasks.register("assembleZipDistribution") { inputs.files fileTree("${projectDir}/bin") inputs.files fileTree("${projectDir}/config") inputs.files fileTree("${projectDir}/lib") - inputs.files fileTree("${projectDir}/modules") inputs.files fileTree("${projectDir}/logstash-core-plugin-api") inputs.files fileTree("${projectDir}/logstash-core/lib") inputs.files fileTree("${projectDir}/logstash-core/src") @@ -383,7 +380,6 @@ tasks.register("assembleOssZipDistribution") { inputs.files fileTree("${projectDir}/bin") inputs.files fileTree("${projectDir}/config") inputs.files fileTree("${projectDir}/lib") - inputs.files fileTree("${projectDir}/modules") inputs.files fileTree("${projectDir}/logstash-core-plugin-api") inputs.files fileTree("${projectDir}/logstash-core/lib") inputs.files fileTree("${projectDir}/logstash-core/src") diff --git a/config/logstash.yml b/config/logstash.yml index c80f38efa..aeeabaf87 100644 --- a/config/logstash.yml +++ b/config/logstash.yml @@ -181,38 +181,6 @@ # # api.auth.basic.password_policy.mode: WARN # -# ------------ Module Settings --------------- -# Define modules here. Modules definitions must be defined as an array. -# The simple way to see this is to prepend each `name` with a `-`, and keep -# all associated variables under the `name` they are associated with, and -# above the next, like this: -# -# modules: -# - name: MODULE_NAME -# var.PLUGINTYPE1.PLUGINNAME1.KEY1: VALUE -# var.PLUGINTYPE1.PLUGINNAME1.KEY2: VALUE -# var.PLUGINTYPE2.PLUGINNAME1.KEY1: VALUE -# var.PLUGINTYPE3.PLUGINNAME3.KEY1: VALUE -# -# Module variable names must be in the format of -# -# var.PLUGIN_TYPE.PLUGIN_NAME.KEY -# -# modules: -# -# ------------ Cloud Settings --------------- -# Define Elastic Cloud settings here. -# Format of cloud.id is a base64 value e.g. dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRub3RhcmVhbCRpZGVudGlmaWVy -# and it may have an label prefix e.g. staging:dXMtZ... -# This will overwrite 'var.elasticsearch.hosts' and 'var.kibana.host' -# cloud.id: -# -# Format of cloud.auth is: : -# This is optional -# If supplied this will overwrite 'var.elasticsearch.username' and 'var.elasticsearch.password' -# If supplied this will overwrite 'var.kibana.username' and 'var.kibana.password' -# cloud.auth: elastic: -# # ------------ Queuing Settings -------------- # # Internal queuing model, "memory" for legacy in-memory based queuing and diff --git a/docker/data/logstash/env2yaml/env2yaml.go b/docker/data/logstash/env2yaml/env2yaml.go index b2e93ad16..dc2641edf 100644 --- a/docker/data/logstash/env2yaml/env2yaml.go +++ b/docker/data/logstash/env2yaml/env2yaml.go @@ -17,11 +17,12 @@ package main import ( "errors" "fmt" - "gopkg.in/yaml.v2" "io/ioutil" "log" "os" "strings" + + "gopkg.in/yaml.v2" ) var validSettings = []string{ @@ -67,7 +68,6 @@ var validSettings = []string{ "log.level", "log.format", "log.format.json.fix_duplicate_message_fields", - "modules", "metric.collect", "path.logs", "path.plugins", @@ -126,8 +126,6 @@ var validSettings = []string{ "xpack.management.elasticsearch.ssl.cipher_suites", "xpack.geoip.download.endpoint", "xpack.geoip.downloader.enabled", - "cloud.id", - "cloud.auth", } // Given a setting name, return a downcased version with delimiters removed. diff --git a/logstash-core/lib/logstash/config/modules_common.rb b/logstash-core/lib/logstash/config/modules_common.rb deleted file mode 100644 index 157ead21b..000000000 --- a/logstash-core/lib/logstash/config/modules_common.rb +++ /dev/null @@ -1,130 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/elasticsearch_client" -require "logstash/modules/kibana_client" -require "logstash/modules/elasticsearch_importer" -require "logstash/modules/kibana_importer" -require "logstash/modules/settings_merger" - -module LogStash module Config - class ModulesCommon # extracted here for bwc with 5.x - include LogStash::Util::Loggable - - MODULES_MAX_PIPELINES = 1 - - def self.pipeline_configs(settings) - pipelines = [] - plugin_modules = LogStash::PLUGIN_REGISTRY.plugins_with_type(:modules) - - cli_settings = settings.get("modules.cli") - yml_settings = settings.get("modules") - - modules_array = if !(cli_settings.empty? && yml_settings.empty?) - LogStash::Modules::SettingsMerger.merge(cli_settings, yml_settings) - elsif cli_settings.empty? - yml_settings - else - cli_settings - end - - if modules_array.empty? - # no specified modules - return pipelines - end - logger.debug("Specified modules", :modules_array => modules_array.to_s) - - module_names = modules_array.collect {|module_hash| module_hash["name"]} - if module_names.size > MODULES_MAX_PIPELINES - error_message = I18n.t("logstash.modules.configuration.modules-too-many-specified", :max => MODULES_MAX_PIPELINES, :specified_modules => module_names.join(', ')) - raise LogStash::ConfigLoadingError, error_message - end - - if module_names.length > module_names.uniq.length - duplicate_modules = module_names.group_by(&:to_s).select { |_, v| v.size > 1 }.keys - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.modules-must-be-unique", :duplicate_modules => duplicate_modules) - end - - available_module_names = plugin_modules.map(&:module_name) - specified_and_available_names = module_names & available_module_names - - if (specified_and_available_names).empty? - i18n_opts = {:specified_modules => module_names, :available_modules => available_module_names} - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.modules-unavailable", **i18n_opts) - end - - specified_and_available_names.each do |module_name| - connect_fail_args = {} - begin - module_settings = settings.clone - - module_hash = modules_array.find {|m| m["name"] == module_name} - current_module = plugin_modules.find { |allmodules| allmodules.module_name == module_name } - - enabled = current_module.is_enabled?(module_settings) - unless enabled - logger.warn("The #{module_name} module is not enabled. Please check the logs for additional information.") - next - end - - alt_name = "module-#{module_name}" - pipeline_id = alt_name - module_settings.set("pipeline.id", pipeline_id) - LogStash::Modules::SettingsMerger.merge_cloud_settings(module_hash, module_settings) - LogStash::Modules::SettingsMerger.merge_kibana_auth!(module_hash) - current_module.with_settings(module_hash) - config_test = settings.get("config.test_and_exit") - module_setup = settings.get("modules_setup") - # Only import data if it's not a config test and --setup is true - if !config_test && module_setup - logger.info("Setting up the #{module_name} module") - esclient = LogStash::ElasticsearchClient.build(module_hash) - kbnclient = LogStash::Modules::KibanaClient.new(module_hash) - esconnected = esclient.can_connect? - kbnconnected = kbnclient.can_connect? - if esconnected && kbnconnected - current_module.add_kibana_version(kbnclient.version_parts) - current_module.import( - LogStash::Modules::ElasticsearchImporter.new(esclient), - LogStash::Modules::KibanaImporter.new(kbnclient) - ) - else - connect_fail_args[:module_name] = module_name - connect_fail_args[:elasticsearch_hosts] = esclient.host_settings - connect_fail_args[:kibana_hosts] = kbnclient.host_settings - end - else - logger.info("Starting the #{module_name} module") - end - - config_string = current_module.config_string - pipelines << {"pipeline_id" => pipeline_id, "alt_name" => alt_name, "config_string" => config_string, "settings" => module_settings} - rescue => e - new_error = LogStash::ConfigLoadingError.new(I18n.t("logstash.modules.configuration.parse-failed", :error => e.message)) - new_error.set_backtrace(e.backtrace) - raise new_error - end - - if !connect_fail_args.empty? - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.elasticsearch_connection_failed", **connect_fail_args) - end - end - pipelines - end - - end -end end diff --git a/logstash-core/lib/logstash/config/source/base.rb b/logstash-core/lib/logstash/config/source/base.rb index 0db79bc47..b891551a5 100644 --- a/logstash-core/lib/logstash/config/source/base.rb +++ b/logstash-core/lib/logstash/config/source/base.rb @@ -71,37 +71,5 @@ module LogStash module Config module Source def config_path? !(config_path.nil? || config_path.empty?) end - - def modules_cli_setting - @settings.get_setting("modules.cli") - end - - def modules_cli - modules_cli_setting.value - end - - def modules_cli? - !(modules_cli.nil? || modules_cli.empty?) - end - - def modules_setting - @settings.get_setting("modules") - end - - def modules - modules_setting.value - end - - def modules? - !(modules.nil? || modules.empty?) - end - - def both_module_configs? - modules_cli? && modules? - end - - def modules_defined? - modules_cli? || modules? - end end end end end diff --git a/logstash-core/lib/logstash/config/source/local.rb b/logstash-core/lib/logstash/config/source/local.rb index e9601c2b5..f994130d5 100644 --- a/logstash-core/lib/logstash/config/source/local.rb +++ b/logstash-core/lib/logstash/config/source/local.rb @@ -179,7 +179,7 @@ module LogStash module Config module Source def match? # see basic settings predicates and getters defined in the base class - (config_string? || config_path?) && !(modules_cli? || modules?) && !automatic_reload_with_config_string? + (config_string? || config_path?) && !automatic_reload_with_config_string? end def config_conflict? diff --git a/logstash-core/lib/logstash/config/source/modules.rb b/logstash-core/lib/logstash/config/source/modules.rb deleted file mode 100644 index 47794465c..000000000 --- a/logstash-core/lib/logstash/config/source/modules.rb +++ /dev/null @@ -1,68 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/config/source/base" -require "logstash/config/modules_common" - -module LogStash module Config module Source - class Modules < Base - include LogStash::Util::Loggable - def pipeline_configs - if config_conflict? # double check - raise ConfigurationError, @conflict_messages.join(", ") - end - - pipelines = LogStash::Config::ModulesCommon.pipeline_configs(@settings) - pipelines.map do |hash| - org.logstash.config.ir.PipelineConfig.new(self.class, hash["pipeline_id"].to_sym, - org.logstash.common.SourceWithMetadata.new("module", hash["alt_name"], 0, 0, hash["config_string"]), - hash["settings"]) - end - end - - def match? - # see basic settings predicates and getters defined in the base class - (modules_cli? || modules?) && !(config_string? || config_path?) && !automatic_reload_with_modules? - end - - def config_conflict? - @conflict_messages.clear - # Make note that if modules are configured in both cli and logstash.yml that cli module - # settings will overwrite the logstash.yml modules settings - if modules_cli? && modules? - logger.info(I18n.t("logstash.runner.cli-module-override")) - end - - if automatic_reload_with_modules? - @conflict_messages << I18n.t("logstash.runner.reload-with-modules") - end - - # Check if config (-f or -e) and modules are configured - if (modules_cli? || modules?) && (config_string? || config_path?) - @conflict_messages << I18n.t("logstash.runner.config-module-exclusive") - end - - @conflict_messages.any? - end - - private - - def automatic_reload_with_modules? - (modules_cli? || modules?) && config_reload_automatic? - end - end -end end end diff --git a/logstash-core/lib/logstash/config/source/multi_local.rb b/logstash-core/lib/logstash/config/source/multi_local.rb index 14697835c..1a7904e29 100644 --- a/logstash-core/lib/logstash/config/source/multi_local.rb +++ b/logstash-core/lib/logstash/config/source/multi_local.rb @@ -48,7 +48,7 @@ module LogStash module Config module Source end def match? - if modules_cli? || modules? || config_string? || config_path? + if config_string? || config_path? return false end detect_pipelines if !@detect_pipelines_called @@ -62,7 +62,7 @@ module LogStash module Config module Source def config_conflict? @conflict_messages.clear # are there any auto-reload conflicts? - if !(modules_cli? || modules? || config_string? || config_path?) + if !(config_string? || config_path?) detect_pipelines if !@detect_pipelines_called if @detected_marker.nil? @conflict_messages << I18n.t("logstash.runner.config-pipelines-failed-read", :path => pipelines_yaml_location) @@ -74,7 +74,7 @@ module LogStash module Config module Source @conflict_messages << @detected_marker.message end else - do_warning? && logger.warn("Ignoring the 'pipelines.yml' file because modules or command line options are specified") + do_warning? && logger.warn("Ignoring the 'pipelines.yml' file because command line options are specified") end @conflict_messages.any? end diff --git a/logstash-core/lib/logstash/config/source_loader.rb b/logstash-core/lib/logstash/config/source_loader.rb index 7de6685a5..1774f2fd7 100644 --- a/logstash-core/lib/logstash/config/source_loader.rb +++ b/logstash-core/lib/logstash/config/source_loader.rb @@ -16,7 +16,6 @@ # under the License. require "logstash/config/source/local" -require "logstash/config/source/modules" require "logstash/config/source/multi_local" require "thread" require "set" diff --git a/logstash-core/lib/logstash/elasticsearch_client.rb b/logstash-core/lib/logstash/elasticsearch_client.rb deleted file mode 100644 index 7a79efa16..000000000 --- a/logstash-core/lib/logstash/elasticsearch_client.rb +++ /dev/null @@ -1,157 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "elasticsearch" -require "elasticsearch/transport/transport/http/manticore" -require 'logstash/util/manticore_ssl_config_helper' -require 'logstash/util/password' - -module LogStash class ElasticsearchClient - include LogStash::Util::Loggable - - class Response - # duplicated here from Elasticsearch::Transport::Transport::Response - # to create a normalised response across different client IMPL - attr_reader :status, :body, :headers - - def initialize(status, body, headers = {}) - @status, @body, @headers = status, body, headers - @body = body.force_encoding('UTF-8') if body.respond_to?(:force_encoding) - end - end - - def self.build(settings) - new(RubyClient.new(settings, logger)) - end - - class RubyClient - include LogStash::Util::ManticoreSSLConfigHelper - - def initialize(settings, logger) - @settings = settings - @logger = logger - @client_args = client_args - - ssl_options = manticore_ssl_options_from_config('elasticsearch', settings) - - @client_args[:ssl] = ssl_options - - username = @settings["var.elasticsearch.username"] - if username - password = @settings["var.elasticsearch.password"] - if password.is_a?(LogStash::Util::Password) - password = password.value - end - @client_args[:transport_options] = { :headers => { "Authorization" => 'Basic ' + Base64.encode64("#{username}:#{password}").chomp } } - end - - @client = Elasticsearch::Client.new(@client_args) - end - - def can_connect? - begin - head(SecureRandom.hex(32).prepend('_')) - rescue Elasticsearch::Transport::Transport::Errors::BadRequest - true - rescue Manticore::SocketException - false - end - end - - def host_settings - @client_args[:hosts] - end - - def delete(path) - begin - normalize_response(@client.perform_request('DELETE', path, {}, nil)) - rescue Exception => e - if e.class.to_s =~ /NotFound/ || e.message =~ /Not\s*Found|404/i - Response.new(404, "", {}) - else - raise e - end - end - end - - def put(path, content) - normalize_response(@client.perform_request('PUT', path, {}, content)) - end - - def head(path) - begin - normalize_response(@client.perform_request('HEAD', path, {}, nil)) - rescue Exception => e - if is_404_error?(e) - Response.new(404, "", {}) - else - raise e - end - end - end - - private - - def is_404_error?(error) - error.class.to_s =~ /NotFound/ || error.message =~ /Not\s*Found|404/i - end - - def normalize_response(response) - Response.new(response.status, response.body, response.headers) - end - - def client_args - { - :transport_class => Elasticsearch::Transport::Transport::HTTP::Manticore, - :hosts => [*unpack_hosts], - # :logger => @logger, # silence the client logging - } - end - - def unpack_hosts - setting = @settings.fetch("var.elasticsearch.hosts", "localhost:9200") - if setting.is_a?(String) - return setting.split(',').map(&:strip) - end - setting - end - end - - def initialize(client) - @client = client - end - - def delete(path) - @client.delete(path) - end - - def put(path, content) - @client.put(path, content) - end - - def head(path) - @client.head(path) - end - - def can_connect? - @client.can_connect? - end - - def host_settings - @client.host_settings - end -end end diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb index 025d5d6a5..c125da1ec 100644 --- a/logstash-core/lib/logstash/environment.rb +++ b/logstash-core/lib/logstash/environment.rb @@ -20,7 +20,6 @@ require "logstash/config/cpu_core_strategy" require "logstash/settings" require "logstash/util/cloud_setting_id" require "logstash/util/cloud_setting_auth" -require "logstash/util/modules_setting_array" require "socket" require "stud/temporary" @@ -39,13 +38,6 @@ module LogStash Setting::NullableString.new("path.config", nil, false), Setting::WritableDirectory.new("path.data", ::File.join(LogStash::Environment::LOGSTASH_HOME, "data")), Setting::NullableString.new("config.string", nil, false), - Setting::Modules.new("modules.cli", LogStash::Util::ModulesSettingArray, []), - Setting::Modules.new("modules", LogStash::Util::ModulesSettingArray, []), - Setting.new("modules_list", Array, []), - Setting.new("modules_variable_list", Array, []), - Setting::Modules.new("cloud.id", LogStash::Util::CloudSettingId), - Setting::Modules.new("cloud.auth", LogStash::Util::CloudSettingAuth), - Setting::Boolean.new("modules_setup", false), Setting::Boolean.new("config.test_and_exit", false), Setting::Boolean.new("config.reload.automatic", false), Setting::TimeValue.new("config.reload.interval", "3s"), # in seconds diff --git a/logstash-core/lib/logstash/modules/cli_parser.rb b/logstash-core/lib/logstash/modules/cli_parser.rb deleted file mode 100644 index f69d0884f..000000000 --- a/logstash-core/lib/logstash/modules/cli_parser.rb +++ /dev/null @@ -1,87 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash module Modules class CLIParser - include LogStash::Util::Loggable - - attr_reader :output - - def initialize(module_names, module_variables) - @output = [] - # The #compact here catches instances when module_variables may be nil or - # [nil] and sets it to [] - parse_it(module_names, Array(module_variables).compact) - end - - def parse_modules(module_list) - parsed_modules = [] - module_list.each do |module_value| - # Calling --modules but not filling it results in [nil], so skip that. - next if module_value.nil? - # Catch if --modules was launched empty but an option/flag (-something) - # follows immediately after - if module_value.start_with?('-') - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.modules-invalid-name", :module_name => module_value) - end - parsed_modules.concat module_value.split(',') - end - parsed_modules - end - - def get_kv(module_name, unparsed) - # Ensure that there is at least 1 equals sign in our variable string - # Using String#partition to split on the first '=' - # This hackery is to catch the possibility of an equals (`=`) sign - # in a passphrase, which might result in an incomplete key. The - # portion before the first `=` should always be the key, leaving - # the rest to be the value - k, op, rest = unparsed.partition('=') - if rest.size.zero? - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.modules-variables-malformed", :rawvar => (module_name + '.' + unparsed)) - end - return k.strip, rest.strip - end - - def name_splitter(unparsed) - # It must have at least `modulename.something` - module_name, dot, rest = unparsed.partition('.') - if rest.count('.') >= 1 - return module_name, rest - else - raise LogStash::ConfigLoadingError, I18n.t("logstash.modules.configuration.modules-variables-malformed", :rawvar => unparsed) - end - end - - def parse_vars(module_name, vars_list) - module_hash = {"name" => module_name} - vars_list.each do |unparsed| - extracted_name, modvar = name_splitter(unparsed) - next if extracted_name != module_name - k, v = get_kv(extracted_name, modvar) - module_hash[k] = v - end - module_hash - end - - def parse_it(module_list, module_variable_list) - if module_list.is_a?(Array) - parse_modules(module_list).each do |module_name| - @output << parse_vars(module_name, module_variable_list) - end - end - end -end end end diff --git a/logstash-core/lib/logstash/modules/elasticsearch_config.rb b/logstash-core/lib/logstash/modules/elasticsearch_config.rb deleted file mode 100644 index 683442122..000000000 --- a/logstash-core/lib/logstash/modules/elasticsearch_config.rb +++ /dev/null @@ -1,35 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "elasticsearch_resource" - -module LogStash module Modules class ElasticsearchConfig - attr_reader :index_name - - # We name it `modul` here because `module` has meaning in Ruby. - def initialize(modul, settings) - @directory = ::File.join(modul.directory, "elasticsearch") - @name = modul.module_name - @settings = settings - @full_path = ::File.join(@directory, "#{@name}.json") - @index_name = @settings.fetch("elasticsearch.template_path", "_template") - end - - def resources - [ElasticsearchResource.new(@index_name, "not-used", @full_path)] - end -end end end diff --git a/logstash-core/lib/logstash/modules/elasticsearch_importer.rb b/logstash-core/lib/logstash/modules/elasticsearch_importer.rb deleted file mode 100644 index 07c68cea7..000000000 --- a/logstash-core/lib/logstash/modules/elasticsearch_importer.rb +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash module Modules class ElasticsearchImporter - include LogStash::Util::Loggable - - def initialize(client) - @client = client - end - - def put(resource, overwrite = true) - path = resource.import_path - logger.debug("Attempting PUT", :url_path => path, :file_path => resource.content_path) - if !overwrite && content_exists?(path) - logger.debug("Found existing Elasticsearch resource.", :resource => path) - return - end - put_overwrite(path, resource.content) - end - - private - - def put_overwrite(path, content) - if content_exists?(path) - response = @client.delete(path) - end - # hmmm, versioning? - @client.put(path, content).status == 201 - end - - def content_exists?(path) - response = @client.head(path) - response.status >= 200 && response.status < 300 - end -end end end # class LogStash::Modules::Importer diff --git a/logstash-core/lib/logstash/modules/elasticsearch_resource.rb b/logstash-core/lib/logstash/modules/elasticsearch_resource.rb deleted file mode 100644 index 21ccbc369..000000000 --- a/logstash-core/lib/logstash/modules/elasticsearch_resource.rb +++ /dev/null @@ -1,25 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "resource_base" - -module LogStash module Modules class ElasticsearchResource - include ResourceBase - def import_path - base + "/" + content_id - end -end end end diff --git a/logstash-core/lib/logstash/modules/file_reader.rb b/logstash-core/lib/logstash/modules/file_reader.rb deleted file mode 100644 index e43a9133e..000000000 --- a/logstash-core/lib/logstash/modules/file_reader.rb +++ /dev/null @@ -1,50 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/json" - -module LogStash module Modules class FileReader - # stub these methods for testing - include LogStash::Util::Loggable - - def self.read(path) - begin - ::File.read(path) - rescue => e - logger.error("Error when reading file from path", :path => path) - "" - end - end - - def self.read_json(path) - json = read(path) - begin - LogStash::Json.load(json) - rescue => e - logger.error("Error when parsing json from path", :path => path) - return {} - end - end - - def self.glob(path) - files = Dir.glob(path) - if files.empty? - logger.warn("No files found for glob", :pattern => path) - end - files - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_base.rb b/logstash-core/lib/logstash/modules/kibana_base.rb deleted file mode 100644 index 54e23d98a..000000000 --- a/logstash-core/lib/logstash/modules/kibana_base.rb +++ /dev/null @@ -1,39 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/json" - -module LogStash module Modules class KibanaBase - attr_reader :import_path, :content - - def initialize(import_path, content) - @import_path, @content = import_path, content - end - - def import(client) - raise NotImplementedError, "#{self.class.name} needs to implement `#import`" - end - - def to_s - import_path - end - - def content_as_object - return content unless content.is_a?(String) - LogStash::Json.load(content) rescue nil - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_client.rb b/logstash-core/lib/logstash/modules/kibana_client.rb deleted file mode 100644 index 1dce000c6..000000000 --- a/logstash-core/lib/logstash/modules/kibana_client.rb +++ /dev/null @@ -1,163 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/json" -require "manticore" -require 'logstash/util/manticore_ssl_config_helper' -require 'logstash/util/password' - -module LogStash module Modules class KibanaClient - include LogStash::Util::Loggable - - include LogStash::Util::ManticoreSSLConfigHelper - - class Response - # to create a custom response with body as an Object (Hash or Array) - attr_reader :status, :body, :headers - - def initialize(status, body, headers = {}) - @status, @body, @headers = status, body, headers - @body = body.is_a?(String) ? LogStash::Json.load(body) : body - end - - def succeeded? - @status >= 200 && @status < 300 - end - - def failed? - !succeeded? - end - end - - SCHEME_REGEX = /^https?$/ - - attr_reader :version, :endpoint - - def initialize(settings, client = nil) # allow for test mock injection - @settings = settings - - client_options = { - request_timeout: 5, - connect_timeout: 5, - socket_timeout: 5, - pool_max: 10, - pool_max_per_route: 2 - } - - ssl_options = manticore_ssl_options_from_config('kibana', settings) - ssl_enabled = ssl_options.any? - - client_options[:ssl] = ssl_options - - @host = @settings.fetch("var.kibana.host", "localhost:5601") - implicit_scheme, colon_slash_slash, host = @host.partition("://") - explicit_scheme = @settings["var.kibana.scheme"] - @scheme = "http" - if !colon_slash_slash.empty? - if !explicit_scheme.nil? && implicit_scheme != explicit_scheme - # both are set and not the same - error - msg = sprintf("Detected differing Kibana host schemes as sourced from var.kibana.host: '%s' and var.kibana.scheme: '%s'", implicit_scheme, explicit_scheme) - raise ArgumentError.new(msg) - end - @scheme = implicit_scheme - @host = host - elsif !explicit_scheme.nil? - @scheme = explicit_scheme - end - - if SCHEME_REGEX.match(@scheme).nil? - msg = sprintf("Kibana host scheme given is invalid, given value: '%s' - acceptable values: 'http', 'https'", @scheme) - raise ArgumentError.new(msg) - end - - if ssl_enabled && @scheme != "https" - @scheme = "https" - end - - @endpoint = "#{@scheme}://#{@host}" - - @client = client || Manticore::Client.new(client_options) - @http_options = {:headers => {'Content-Type' => 'application/json'}} - username = @settings["var.kibana.username"] - if username - password = @settings["var.kibana.password"] - if password.is_a?(LogStash::Util::Password) - password = password.value - end - @http_options[:headers]['Authorization'] = 'Basic ' + Base64.encode64("#{username}:#{password}").chomp - end - - # e.g. {"name":"Elastics-MacBook-Pro.local","version":{"number":"6.0.0-beta1","build_hash":"41e69","build_number":15613,"build_snapshot":true}..} - @version = "0.0.0" - response = get("api/status") - if response.succeeded? - status = response.body - if status["version"].is_a?(Hash) - @version = status["version"]["number"] - if status["version"]["build_snapshot"] - @version.concat("-SNAPSHOT") - end - end - end - @http_options[:headers]['kbn-version'] = @version - end - - def version_parts - @version.split(/[.-]/) - end - - def host_settings - "[\"#{@host}\"]" - end - - def get(relative_path) - # e.g. api/kibana/settings - safely(:get, relative_path, @http_options) - end - - # content will be converted to a json string - def post(relative_path, content, headers = nil) - body = content.is_a?(String) ? content : LogStash::Json.dump(content) - options = {:body => body}.merge(headers || @http_options) - safely(:post, relative_path, options) - end - - def head(relative_path) - safely(:head, relative_path, @http_options) - end - - def can_connect? - head("api/status").succeeded? - end - - private - - def safely(method_sym, relative_path, options = {}) - begin - resp = @client.http(method_sym, full_url(relative_path), options).call - Response.new(resp.code, resp.body, resp.headers) - rescue Manticore::ManticoreException => e - logger.error("Error when executing Kibana client request", :error => e) - body = {"statusCode" => 0, "error" => e.message} - Response.new(0, body, {}) - end - end - - def full_url(relative) - "#{@endpoint}/#{relative}" - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_config.rb b/logstash-core/lib/logstash/modules/kibana_config.rb deleted file mode 100644 index bcfa4297f..000000000 --- a/logstash-core/lib/logstash/modules/kibana_config.rb +++ /dev/null @@ -1,135 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "file_reader" -require_relative "kibana_settings" -require_relative "kibana_dashboards" -require_relative "kibana_resource" - -module LogStash module Modules class KibanaConfig - include LogStash::Util::Loggable - - ALLOWED_DIRECTORIES = ["search", "visualization"] - attr_reader :index_name # not used when importing via kibana but for BWC with ElasticsearchConfig - - # We name it `modul` here because `module` has meaning in Ruby. - def initialize(modul, settings) - build_versioned_directory(modul) - @name = modul.module_name - @settings = settings - @index_name = "kibana" - @pattern_name = "#{@name}-*" - @kibana_settings = [ - KibanaSettings::Setting.new("defaultIndex", @pattern_name) - ] - end - - def dashboards - # there can be more than one dashboard to load - filenames = FileReader.read_json(dynamic("dashboard")) - filenames.map do |filename| - KibanaResource.new(@index_name, "dashboard", dynamic("dashboard", filename)) - end - end - - def index_pattern - [KibanaResource.new(@index_name, "index-pattern", dynamic("index-pattern"), nil, @pattern_name)] - end - - def resources - list = index_pattern - dashboards.each do |board| - list << board - extract_panels_into(board, list) - end - list.concat(extract_saved_searches_into(list)) - [ - KibanaSettings.new("api/kibana/settings", @kibana_settings), - KibanaDashboards.new("api/kibana/dashboards/import", list) - ] - end - - private - - def build_versioned_directory(modul) - # try to detect which directory holds the config for the kibana version - base_dir = ::File.join(modul.directory, "kibana") - maj, min, patch = modul.kibana_version_parts - version_dir = "#{maj}.#{min}.#{patch}" - @directory = ::File.join(base_dir, version_dir) - return if ::File.directory?(@directory) - version_dir = "#{maj}.#{min}.x" - @directory = ::File.join(base_dir, version_dir) - return if ::File.directory?(@directory) - version_dir = "#{maj}.x" - @directory = ::File.join(base_dir, version_dir) - unless ::File.directory?(@directory) - logger.error("Cannot find kibana version sub-directory", :module => @name, :base_directory => base_dir) - end - end - - def dynamic(dynamic_folder, filename = @name) - ::File.join(@directory, dynamic_folder, "#{filename}.json") - end - - def extract_panels_into(dashboard, list) - dash = dashboard.content_as_object - - if !dash.is_a?(Hash) - logger.warn("Kibana dashboard JSON is not an Object", :module => @name) - return - end - - panelsjson = dash["panelsJSON"] - - if panelsjson.nil? - logger.info("No panelJSON key found in kibana dashboard", :module => @name) - return - end - - begin - panels = LogStash::Json.load(panelsjson) - rescue => e - logger.error("JSON parse error when reading kibana panelsJSON", :module => @name) - return - end - - panels.each do |panel| - panel_type = panel["type"] - if ALLOWED_DIRECTORIES.member?(panel_type) - list << KibanaResource.new(@index_name, panel_type, dynamic(panel_type, panel["id"])) - else - logger.warn("panelJSON contained unknown type", :type => panel_type) - end - end - end - - def extract_saved_searches_into(list) - result = [] # must not add to list while iterating - list.each do |resource| - content = resource.content_as_object - next if content.nil? - next unless content.keys.include?("savedSearchId") - saved_search = content["savedSearchId"] - next if saved_search.nil? - ss_resource = KibanaResource.new(@index_name, "search", dynamic("search", saved_search)) - next if list.member?(ss_resource) || result.member?(ss_resource) - result << ss_resource - end - result - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_dashboards.rb b/logstash-core/lib/logstash/modules/kibana_dashboards.rb deleted file mode 100644 index c34fceb4e..000000000 --- a/logstash-core/lib/logstash/modules/kibana_dashboards.rb +++ /dev/null @@ -1,50 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "kibana_base" - -module LogStash module Modules class KibanaDashboards < KibanaBase - include LogStash::Util::Loggable - - attr_reader :import_path, :content - - # content is a list of kibana file resources - def initialize(import_path, content) - @import_path, @content = import_path, content - end - - def import(client) - # e.g. curl "http://localhost:5601/api/kibana/dashboards/import" - # extract and prepare all objects - objects = [] - content.each do |resource| - hash = { - "id" => resource.content_id, - "type" => resource.content_type, - "version" => 1, - "attributes" => resource.content_as_object - } - objects << hash - end - body = {"version": client.version, "objects": objects} - response = client.post(import_path, body) - if response.failed? - logger.error("Attempted POST failed", :url_path => import_path, :response => response.body) - end - response - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_importer.rb b/logstash-core/lib/logstash/modules/kibana_importer.rb deleted file mode 100644 index 403217f53..000000000 --- a/logstash-core/lib/logstash/modules/kibana_importer.rb +++ /dev/null @@ -1,30 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash module Modules class KibanaImporter - include LogStash::Util::Loggable - - def initialize(client) - @client = client - end - - def put(via_kibana) - path = via_kibana.import_path - logger.debug("Attempting POST", :url_path => path, :content => via_kibana.content) - via_kibana.import(@client) - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_resource.rb b/logstash-core/lib/logstash/modules/kibana_resource.rb deleted file mode 100644 index ef98c3d36..000000000 --- a/logstash-core/lib/logstash/modules/kibana_resource.rb +++ /dev/null @@ -1,25 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "resource_base" - -module LogStash module Modules class KibanaResource - include ResourceBase - def import_path - base + "/" + content_type + "/" + content_id - end -end end end diff --git a/logstash-core/lib/logstash/modules/kibana_settings.rb b/logstash-core/lib/logstash/modules/kibana_settings.rb deleted file mode 100644 index d2ed4f24b..000000000 --- a/logstash-core/lib/logstash/modules/kibana_settings.rb +++ /dev/null @@ -1,55 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "kibana_base" - -module LogStash module Modules class KibanaSettings < KibanaBase - include LogStash::Util::Loggable - - class Setting - attr_reader :name, :value - - def initialize(name, value) - @name, @value = name, value - end - end - - attr_reader :import_path, :content - - # content is an array of Setting required for this module - def initialize(import_path, content) - @import_path, @content = import_path, content - end - - def import(client) - # e.g. curl "http://localhost:5601/api/kibana/settings" - # 6.0.0-beta1 -> {"settings":{"buildNum":{"userValue":15613},"defaultIndex":{"userValue":"arcsight-*"}}} - # 5.4 -> {"settings":{"defaultIndex":{"userValue":"cef-*"},"metrics:max_buckets":{"userValue":"600000"}}} - # array of Setting objects - # The POST api body { "changes": { "defaultIndex": "arcsight-*", "metrics:max_buckets": "400" } } - settings = {} - content.each do |setting| - settings[setting.name] = "#{setting.value}" - end - body = {"changes" => settings} - response = client.post(import_path, body) - if response.failed? - logger.error("Attempted POST failed", :url_path => import_path, :response => response.body) - end - response - end -end end end diff --git a/logstash-core/lib/logstash/modules/logstash_config.rb b/logstash-core/lib/logstash/modules/logstash_config.rb deleted file mode 100644 index a9848b9f1..000000000 --- a/logstash-core/lib/logstash/modules/logstash_config.rb +++ /dev/null @@ -1,149 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "file_reader" -require "logstash/settings" - -module LogStash module Modules class LogStashConfig - include LogStash::Util::Loggable - # We name it `modul` here because `module` has meaning in Ruby. - def initialize(modul, settings) - @directory = ::File.join(modul.directory, "logstash") - @name = modul.module_name - @settings = settings - end - - def template - ::File.join(@directory, "#{@name}.conf.erb") - end - - def configured_inputs(default = [], aliases = {}) - name = "var.inputs" - values = get_setting(LogStash::Setting::SplittableStringArray.new(name, String, default)) - aliases.each { |k, v| values << v if values.include?(k) } - aliases.invert.each { |k, v| values << v if values.include?(k) } - values.flatten.uniq - end - - def alias_settings_keys!(aliases) - aliased_settings = alias_matching_keys(aliases, @settings) - @settings = alias_matching_keys(aliases.invert, aliased_settings) - end - - def array_to_string(array) - "[#{array.collect { |i| "'#{i}'" }.join(", ")}]" - end - - def csv_string(array) - "'#{array.join(',')}'" - end - - def get_setting(setting_class) - raw_value = @settings[setting_class.name] - # If we dont check for NIL, the Settings class will try to coerce the value - # and most of the it will fails when a NIL value is explicitly set. - # This will be fixed once we wrap the plugins settings into a Settings class - setting_class.set(raw_value) unless raw_value.nil? - setting_class.value - end - - def setting(name, default) - # by default we use the more permissive setting which is a `NullableString` - # This is fine because the end format of the logstash configuration is a string representation - # of the pipeline. There is a good reason why I think we should use the settings classes, we - # can `preprocess` a template and generate a configuration from the defined settings - # validate the values and replace them in the template. - case default - when String - get_setting(LogStash::Setting::NullableString.new(name, default.to_s)) - when Numeric - get_setting(LogStash::Setting::Numeric.new(name, default)) - when true, false - get_setting(LogStash::Setting::Boolean.new(name, default)) - else - get_setting(LogStash::Setting::NullableString.new(name, default.to_s)) - end - end - - def has_setting?(name) - @settings.key?(name) - end - - def raw_setting(name) - @settings[name] - end - - def fetch_raw_setting(name, default) - @settings.fetch(name, default) - end - - def elasticsearch_output_config(type_string = nil, index_suffix = "-%{+YYYY.MM.dd}") - hosts = array_to_string(get_setting(LogStash::Setting::SplittableStringArray.new("var.elasticsearch.hosts", String, ["localhost:9200"]))) - index = "#{@name}#{index_suffix}" - user = @settings["var.elasticsearch.username"] - password = @settings["var.elasticsearch.password"] - lines = ["hosts => #{hosts}", "index => \"#{index}\""] - lines.push(user ? "user => \"#{user}\"" : nil) - lines.push(password ? "password => \"#{password.value}\"" : nil) - lines.push(type_string ? "document_type => #{type_string}" : nil) - lines.push("ssl_enabled => #{@settings.fetch('var.elasticsearch.ssl.enabled', false)}") - if cacert = @settings["var.elasticsearch.ssl.certificate_authority"] - lines.push("ssl_certificate_authorities => \"#{cacert}\"") if cacert - end - # NOTE: the first line should be indented in the conf.erb - <<-CONF -elasticsearch { - #{lines.compact.join("\n ")} - manage_template => false - } -CONF - end - - def config_string - # process the template and settings - # send back as a string - renderer = ERB.new(FileReader.read(template)) - renderer.result(binding) - end - - private - # For a first version we are copying the values of the original hash, - # this might become problematic if we users changes the values of the - # settings in the template, which could result in an inconsistent view of the original data - # - # For v1 of the feature I think its an OK compromise, v2 we have a more advanced hash that - # support alias. - def alias_matching_keys(aliases, target) - aliased_target = target.dup - - aliases.each do |matching_key_prefix, new_key_prefix| - target.each do |k, v| - re = /^#{matching_key_prefix}\./ - - if k =~ re - alias_key = k.gsub(re, "#{new_key_prefix}.") - - # If the user setup the same values twices with different values lets just halt. - raise "Cannot create an alias, the destination key has already a value set: original key: #{k}, alias key: #{alias_key}" if (!aliased_target[alias_key].nil? && aliased_target[alias_key] != v) - aliased_target[alias_key] = v unless v.nil? - end - end - end - - aliased_target - end -end end end diff --git a/logstash-core/lib/logstash/modules/resource_base.rb b/logstash-core/lib/logstash/modules/resource_base.rb deleted file mode 100644 index 5e351b064..000000000 --- a/logstash-core/lib/logstash/modules/resource_base.rb +++ /dev/null @@ -1,53 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/json" -require_relative "file_reader" - -module LogStash module Modules module ResourceBase - attr_reader :base, :content_type, :content_path, :content_id - - def initialize(base, content_type, content_path, content = nil, content_id = nil) - @base, @content_type, @content_path = base, content_type, content_path - @content_id = content_id || ::File.basename(@content_path, ".*") - # content at this time will be a JSON string - @content = content - if !@content.nil? - @content_as_object = LogStash::Json.load(@content) rescue {} - end - end - - def content - @content ||= FileReader.read(@content_path) - end - - def to_s - "#{base}, #{content_type}, #{content_path}, #{content_id}" - end - - def content_as_object - @content_as_object ||= FileReader.read_json(@content_path) rescue nil - end - - def <=>(other) - to_s <=> other.to_s - end - - def ==(other) - to_s == other.to_s - end -end end end diff --git a/logstash-core/lib/logstash/modules/scaffold.rb b/logstash-core/lib/logstash/modules/scaffold.rb deleted file mode 100644 index 548825be6..000000000 --- a/logstash-core/lib/logstash/modules/scaffold.rb +++ /dev/null @@ -1,69 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "erb" - -require_relative "elasticsearch_config" -require_relative "kibana_config" -require_relative "logstash_config" - -module LogStash module Modules class Scaffold - include LogStash::Util::Loggable - - attr_reader :directory, :module_name, :kibana_version_parts - attr_reader :kibana_configuration, :logstash_configuration, :elasticsearch_configuration - - def initialize(name, directory) - @module_name = name - @directory = directory # this is the 'configuration folder in the GEM root.' - @kibana_version_parts = "6.0.0".split('.') # this is backup in case kibana client fails to connect - logger.debug("Found module", :module_name => name, :directory => directory) - end - - def add_kibana_version(version_parts) - @kibana_version_parts = version_parts - end - - def import(import_engine, kibana_import_engine) - @elasticsearch_configuration.resources.each do |resource| - import_engine.put(resource) - end - @kibana_configuration.resources.each do |resource| - kibana_import_engine.put(resource) - end - end - - def with_settings(module_settings) - @logstash_configuration = LogStashConfig.new(self, module_settings) - @kibana_configuration = KibanaConfig.new(self, module_settings) - @elasticsearch_configuration = ElasticsearchConfig.new(self, module_settings) - self - end - - def config_string() - # settings should be set earlier by the caller. - # settings should be the subset from the YAML file with a structure like - # {"name" => "plugin name", "k1" => "v1", "k2" => "v2"}, etc. - return nil if @logstash_configuration.nil? - @logstash_configuration.config_string - end - - # subclass may override - def is_enabled?(settings) - true - end -end end end # class LogStash::Modules::Scaffold diff --git a/logstash-core/lib/logstash/modules/settings_merger.rb b/logstash-core/lib/logstash/modules/settings_merger.rb deleted file mode 100644 index 05a5151aa..000000000 --- a/logstash-core/lib/logstash/modules/settings_merger.rb +++ /dev/null @@ -1,94 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require "logstash/util" - -module LogStash module Modules module SettingsMerger - include LogStash::Util::Loggable - extend self - - # cli_settings Array or LogStash::Util::ModulesSettingArray - # yml_settings Array or LogStash::Util::ModulesSettingArray - def merge(cli_settings, yml_settings) - # both args are arrays of hashes, e.g. - # [{"name"=>"mod1", "var.input.tcp.port"=>"3333"}, {"name"=>"mod2"}] - # [{"name"=>"mod1", "var.input.tcp.port"=>2222, "var.kibana.username"=>"rupert", "var.kibana.password"=>"fotherington"}, {"name"=>"mod3", "var.input.tcp.port"=>4445}] - merged = [] - # union and group_by preserves order - # union will also coalesce identical hashes - # this "|" operator is provided to Java List by RubyJavaIntegration - union_of_settings = (cli_settings | yml_settings) - grouped_by_name = union_of_settings.group_by {|e| e["name"]} - grouped_by_name.each do |_, array| - if array.size == 2 - merged << array.last.merge(array.first) - else - merged.concat(array) - end - end - merged - end - - def merge_cloud_settings(module_settings, logstash_settings) - cloud_id = logstash_settings.get("cloud.id") - cloud_auth = logstash_settings.get("cloud.auth") - if cloud_id.nil? - if cloud_auth.nil? - return # user did not specify cloud settings - else - raise ArgumentError.new("Cloud Auth without Cloud Id") - end - end - if logger.debug? - settings_copy = LogStash::Util.deep_clone(module_settings) - end - - module_settings["var.kibana.scheme"] = cloud_id.kibana_scheme - module_settings["var.kibana.host"] = cloud_id.kibana_host - # elasticsearch client does not use scheme, it URI parses the host setting - module_settings["var.elasticsearch.hosts"] = "#{cloud_id.elasticsearch_scheme}://#{cloud_id.elasticsearch_host}" - unless cloud_auth.nil? - module_settings["var.elasticsearch.username"] = cloud_auth.username - module_settings["var.elasticsearch.password"] = cloud_auth.password - module_settings["var.kibana.username"] = cloud_auth.username - module_settings["var.kibana.password"] = cloud_auth.password - end - if logger.debug? - format_module_settings(settings_copy, module_settings).each {|line| logger.debug(line)} - end - end - - def merge_kibana_auth!(module_settings) - module_settings["var.kibana.username"] = module_settings["var.elasticsearch.username"] if module_settings["var.kibana.username"].nil? - module_settings["var.kibana.password"] = module_settings["var.elasticsearch.password"] if module_settings["var.kibana.password"].nil? - end - - def format_module_settings(settings_before, settings_after) - output = [] - output << "-------- Module Settings ---------" - settings_after.each do |setting_name, setting| - setting_before = settings_before.fetch(setting_name, "") - line = "#{setting_name}: '#{setting}'" - if setting_before != setting - line.concat(", was: '#{setting_before}'") - end - output << line - end - output << "-------- Module Settings ---------" - output - end -end end end diff --git a/logstash-core/lib/logstash/modules/util.rb b/logstash-core/lib/logstash/modules/util.rb deleted file mode 100644 index 64dea4996..000000000 --- a/logstash-core/lib/logstash/modules/util.rb +++ /dev/null @@ -1,33 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -require_relative "scaffold" - -# This module function should be used when gems or -# x-pack defines modules in their folder structures. -module LogStash module Modules module Util - def self.register_local_modules(path) - modules_path = ::File.join(path, "modules") - ::Dir.foreach(modules_path) do |item| - # Ignore unix relative path ids - next if item == '.' or item == '..' - # Ignore non-directories - next if !::File.directory?(::File.join(modules_path, ::File::Separator, item)) - LogStash::PLUGIN_REGISTRY.add(:modules, item, Scaffold.new(item, ::File.join(modules_path, item, "configuration"))) - end - end -end end end diff --git a/logstash-core/lib/logstash/plugins/registry.rb b/logstash-core/lib/logstash/plugins/registry.rb index 849e50119..680b9c396 100644 --- a/logstash-core/lib/logstash/plugins/registry.rb +++ b/logstash-core/lib/logstash/plugins/registry.rb @@ -17,7 +17,6 @@ require "rubygems/package" require "logstash/plugin" -require "logstash/modules/scaffold" require "logstash/codecs/base" require "logstash/filters/base" require "logstash/outputs/base" diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 68409ba92..1df665712 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -34,7 +34,6 @@ end require "clamp" require "logstash-core/logstash-core" require "logstash/environment" -require "logstash/modules/cli_parser" require "logstash/util/settings_helper" require "logstash/util/jackson" @@ -46,7 +45,6 @@ require "logstash/patches/clamp" require "logstash/settings" require "logstash/version" require 'logstash/plugins' -require "logstash/modules/util" require "logstash/bootstrap_check/default_config" require 'logstash/deprecation_message' @@ -92,31 +90,6 @@ class LogStash::Runner < Clamp::StrictCommand :default => LogStash::SETTINGS.get_default("config.field_reference.escape_style"), :attribute_name => "config.field_reference.escape_style" - - # Module settings - option ["--modules"], "MODULES", - I18n.t("logstash.runner.flag.modules"), - :multivalued => true, - :attribute_name => "modules_list" - - option ["-M", "--modules.variable"], "MODULES_VARIABLE", - I18n.t("logstash.runner.flag.modules_variable"), - :multivalued => true, - :attribute_name => "modules_variable_list" - - option ["--setup"], :flag, - I18n.t("logstash.runner.flag.modules_setup"), - :default => LogStash::SETTINGS.get_default("modules_setup"), - :attribute_name => "modules_setup" - - option ["--cloud.id"], "CLOUD_ID", - I18n.t("logstash.runner.flag.cloud_id"), - :attribute_name => "cloud.id" - - option ["--cloud.auth"], "CLOUD_AUTH", - I18n.t("logstash.runner.flag.cloud_auth"), - :attribute_name => "cloud.auth" - # Pipeline settings option ["--pipeline.id"], "ID", I18n.t("logstash.runner.flag.pipeline-id"), @@ -266,7 +239,6 @@ class LogStash::Runner < Clamp::StrictCommand # Default we check local sources: `-e`, `-f` and the logstash.yml options. @source_loader = LogStash::Config::SourceLoader.new(@settings) @source_loader.add_source(LogStash::Config::Source::Local.new(@settings)) - @source_loader.add_source(LogStash::Config::Source::Modules.new(@settings)) @source_loader.add_source(LogStash::Config::Source::MultiLocal.new(@settings)) super(*args) @@ -318,8 +290,6 @@ class LogStash::Runner < Clamp::StrictCommand jvmArgs = ManagementFactory.getRuntimeMXBean().getInputArguments() logger.info "JVM bootstrap flags: #{jvmArgs}" - # Add local modules to the registry before everything else - LogStash::Modules::Util.register_local_modules(LogStash::Environment::LOGSTASH_HOME) # Verify the Jackson defaults LogStash::Util::Jackson.verify_jackson_overrides @@ -340,10 +310,6 @@ class LogStash::Runner < Clamp::StrictCommand return start_shell(setting("interactive"), binding) if setting("interactive") - module_parser = LogStash::Modules::CLIParser.new(setting("modules_list"), setting("modules_variable_list")) - # Now populate Setting for modules.list with our parsed array. - @settings.set("modules.cli", module_parser.output) - begin @bootstrap_checks.each { |bootstrap| bootstrap.check(@settings) } rescue LogStash::BootstrapCheckError => e diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb index d34039064..0447a2f03 100644 --- a/logstash-core/lib/logstash/settings.rb +++ b/logstash-core/lib/logstash/settings.rb @@ -800,30 +800,6 @@ module LogStash end end - class Modules < Coercible - def initialize(name, klass, default = nil) - super(name, klass, default, false) - end - - def set(value) - coerced_value = coerce(value) - @wrapped_setting.set(coerced_value) - coerced_value - end - - def coerce(value) - if value.is_a?(@klass) - return value - end - @klass.new(value) - end - - protected - def validate(value) - coerce(value) - end - end - # @see Setting#nullable # @api internal class Nullable < SimpleDelegator diff --git a/logstash-core/lib/logstash/util/manticore_ssl_config_helper.rb b/logstash-core/lib/logstash/util/manticore_ssl_config_helper.rb deleted file mode 100644 index 2654c05d4..000000000 --- a/logstash-core/lib/logstash/util/manticore_ssl_config_helper.rb +++ /dev/null @@ -1,86 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash; module Util; module ManticoreSSLConfigHelper - extend self - - ## - # Extract Manticore-style SSL directives from the given configuration. - # - # @param namespace [String] a string namespace (e.g., `kibana` in `var.kibana.ssl.*`) - # @param settings [Hash] a collection of Manticore-friendly SSL directives. - # if SSL explicitly disabled, an _empty_ hash will be returned. - # - # @return [Hash] - def manticore_ssl_options_from_config(namespace, settings) - ssl_settings = strip_prefix(settings, "var.#{namespace}.ssl.") - - # boolean settings may be strings if set through the cli - # or booleans if set through the yaml file, so we use .to_s - if ssl_settings.include?('enabled') && !coerce_boolean(ssl_settings['enabled']) - logger.warn('SSL explicitly disabled; other SSL settings will be ignored') if logger && ssl_settings.size > 1 - return {} - end - - { - :verify => ssl_settings.fetch('verification_mode', :strict).to_sym, - :ca_file => ssl_settings.fetch('certificate_authority', nil), - :client_cert => ssl_settings.fetch('certificate', nil), - :client_key => ssl_settings.fetch('key', nil), - } - end - - private - - ## - # Returns the subset of the hash whose keys match the given prefix, with the prefix removed - # - # @param hash [Hash] - # @param prefix [String] - # @return [Hash] - def strip_prefix(hash, prefix) - hash.each_with_object({}) do |(key, value), memo| - next unless key.start_with?(prefix) - unprefixed_key = key[prefix.length..-1] - memo[unprefixed_key] = value - end - end - - ## - # Coerces the non-nil input to boolean - # - # @param value [Boolean,String,Integer] - # @return [Boolean] - def coerce_boolean(value) - case value - when true, "true", "T", 1 then true - when false, "false", "F", 0 then false - else - fail("Boolean value required, received `#{value}`") - end - end - - ## - # Adapter to enable logging via the including class' `#logger` method or `@logger` instance variable - # - # @return [Logger,nil] - def logger - return super if defined?(super) - - @logger - end -end end end diff --git a/logstash-core/lib/logstash/util/modules_setting_array.rb b/logstash-core/lib/logstash/util/modules_setting_array.rb deleted file mode 100644 index d092f7e36..000000000 --- a/logstash-core/lib/logstash/util/modules_setting_array.rb +++ /dev/null @@ -1,20 +0,0 @@ -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -module LogStash; module Util - java_import "org.logstash.util.ModulesSettingArray" -end; end diff --git a/logstash-core/locales/en.yml b/logstash-core/locales/en.yml index eddc2b221..4985edbd2 100644 --- a/logstash-core/locales/en.yml +++ b/logstash-core/locales/en.yml @@ -67,33 +67,11 @@ en: logging: unrecognized_option: |- unrecognized option [%{option}] - modules: - configuration: - parse-failed: |- - Failed to parse the module configuration: [%{error}] - modules-must-be-unique: >- - Only a single instance of any module can be run at a time. Duplicate - modules: %{duplicate_modules} - modules-invalid-name: >- - Invalid module name: %{module_name} - modules-variables-malformed: >- - Failed to parse module variable %{rawvar}. Must be in -M - "MODULE_NAME.KEY.SUBKEY=VALUE" format - modules-unavailable: >- - The modules specified are not available yet. - Specified modules: %{specified_modules} - Available modules: %{available_modules} - elasticsearch_connection_failed: >- - Failed to import module configurations to Elasticsearch and/or Kibana. - Module: %{module_name} has Elasticsearch hosts: %{elasticsearch_hosts} and Kibana hosts: %{kibana_hosts} - modules-too-many-specified: >- - Too many modules specified. Maximum allowed: %{max}, specified: %{specified_modules} runner: short-help: |- usage: bin/logstash -f CONFIG_PATH [-t] [-r] [] [-w COUNT] [-l LOG] - bin/logstash --modules MODULE_NAME [-M "MODULE_NAME.var.PLUGIN_TYPE.PLUGIN_NAME.VARIABLE_NAME=VALUE"] [-t] [-w COUNT] [-l LOG] bin/logstash -e CONFIG_STR [-t] [--log.level fatal|error|warn|info|debug|trace] [-w COUNT] [-l LOG] bin/logstash -i SHELL [--log.level fatal|error|warn|info|debug|trace] bin/logstash -V [--log.level fatal|error|warn|info|debug|trace] @@ -108,14 +86,6 @@ en: the '-f yourlogstash.conf' flag? config-string-path-exclusive: Settings 'path.config' (-f) and 'config.string' (-e) can't be used simultaneously. - config-module-exclusive: >- - Settings 'path.config' (-f) or 'config.string' (-e) can't be used in conjunction with - (--modules) or the "modules:" block in the logstash.yml file. - reload-with-modules: >- - Configuration reloading can't be used with command-line or logstash.yml specified modules. - cli-module-override: >- - Both command-line and logstash.yml modules configurations detected. - Using command-line module configuration to override logstash.yml module configuration. config-pipelines-failed-read: >- Failed to read pipelines yaml file. Location: %{path} config-pipelines-failed-read-with-exception: >- @@ -244,40 +214,6 @@ en: HTML-style ampersand-hash encoding notation representing decimal unicode codepoints (`[` is `[`; `]` is `]`). - modules: |+ - Load Logstash modules. - Modules can be defined using multiple instances - '--modules module1 --modules module2', - or comma-separated syntax - '--modules=module1,module2' - Cannot be used in conjunction with '-e' or '-f' - Use of '--modules' will override modules declared - in the 'logstash.yml' file. - modules_variable: |+ - Load variables for module template. - Multiple instances of '-M' or - '--modules.variable' are supported. - Ignored if '--modules' flag is not used. - Should be in the format of - '-M "MODULE_NAME.var.PLUGIN_TYPE.PLUGIN_NAME.VARIABLE_NAME=VALUE"' - as in - '-M "example.var.filter.mutate.fieldname=fieldvalue"' - modules_setup: |+ - Load index template into Elasticsearch, and saved searches, - index-pattern, visualizations, and dashboards into Kibana when - running modules. - cloud_id: |+ - Sets the elasticsearch and kibana host settings for - module connections in Elastic Cloud. - Your Elastic Cloud User interface or the Cloud support - team should provide this. - Add an optional label prefix '