{ "__inputs": [ { "name": "DS_LOKI", "label": "Loki", "description": "", "type": "datasource", "pluginId": "loki", "pluginName": "Loki" } ], "__elements": [], "__requires": [ { "type": "panel", "id": "bargauge", "name": "Bar gauge", "version": "" }, { "type": "grafana", "id": "grafana", "name": "Grafana", "version": "8.3.5" }, { "type": "panel", "id": "logs", "name": "Logs", "version": "" }, { "type": "datasource", "id": "loki", "name": "Loki", "version": "1.0.0" }, { "type": "panel", "id": "piechart", "name": "Pie chart", "version": "" }, { "type": "panel", "id": "stat", "name": "Stat", "version": "" } ], "annotations": { "list": [ { "builtIn": 1, "datasource": "-- Grafana --", "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "target": { "limit": 100, "matchAny": false, "tags": [], "type": "dashboard" }, "type": "dashboard" } ] }, "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, "id": null, "links": [], "liveNow": false, "panels": [ { "collapsed": false, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 0 }, "id": 6, "panels": [], "title": "Access Log", "type": "row" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 6, "w": 12, "x": 0, "y": 1 }, "id": 11, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "sum by (server_protocol) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"accesslog\" | json\n| server_protocol!= \"\" and server_protocol!= \"-\" | __error__=\"\" [15m]))", "legendFormat": "{{ server_protocol }}", "refId": "A" } ], "title": "Server Portocol", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 6, "w": 12, "x": 12, "y": 1 }, "id": 7, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "sum by (status) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"accesslog\" | json\n| status!= \"\" and status!= \"-\" | __error__=\"\" [15m]))", "legendFormat": "{{ status }}", "refId": "A" } ], "title": "HTTP Status", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "mode": "continuous-GrYlRd" }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "blue", "value": null } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 12, "x": 0, "y": 7 }, "id": 4, "options": { "displayMode": "basic", "orientation": "horizontal", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "showUnfilled": true }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (server_name) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"accesslog\" | json\n| server_name!= \"\" and server_name!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{server_name}}", "refId": "A" } ], "title": "Top 10 ServerName", "type": "bargauge" }, { "fieldConfig": { "defaults": { "color": { "mode": "continuous-GrYlRd" }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 12, "x": 12, "y": 7 }, "id": 9, "options": { "displayMode": "basic", "orientation": "horizontal", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "showUnfilled": true }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (http_user_agent) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"accesslog\" | json\n| http_user_agent!= \"\" and http_user_agent!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{http_user_agent}}", "refId": "A" } ], "title": "Top 10 UserAgent", "type": "bargauge" }, { "collapsed": false, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 15 }, "id": 13, "panels": [], "title": "Security Log", "type": "row" }, { "fieldConfig": { "defaults": { "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null } ] }, "unit": "none" }, "overrides": [] }, "gridPos": { "h": 8, "w": 4, "x": 0, "y": 16 }, "id": 14, "options": { "colorMode": "background", "graphMode": "none", "justifyMode": "auto", "orientation": "auto", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "text": {}, "textMode": "auto" }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (outcome) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| outcome=\"PASSED\" [15m])))", "refId": "A" } ], "title": "Outcome Passed", "type": "stat" }, { "fieldConfig": { "defaults": { "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "yellow", "value": null } ] }, "unit": "none" }, "overrides": [] }, "gridPos": { "h": 8, "w": 4, "x": 4, "y": 16 }, "id": 21, "options": { "colorMode": "background", "graphMode": "none", "justifyMode": "auto", "orientation": "auto", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "text": {}, "textMode": "auto" }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (outcome) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| outcome=\"ALERTED\" [15m])))", "refId": "A" } ], "title": "Outcome ALERTED", "type": "stat" }, { "fieldConfig": { "defaults": { "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "super-light-red", "value": null } ] }, "unit": "none" }, "overrides": [] }, "gridPos": { "h": 8, "w": 4, "x": 8, "y": 16 }, "id": 22, "options": { "colorMode": "background", "graphMode": "none", "justifyMode": "auto", "orientation": "auto", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "text": {}, "textMode": "auto" }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (outcome) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| outcome=\"REJECTED\" [15m])))", "refId": "A" } ], "title": "Outcome REJECTED", "type": "stat" }, { "fieldConfig": { "defaults": { "color": { "mode": "continuous-GrYlRd" }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 12, "x": 12, "y": 16 }, "id": 15, "options": { "displayMode": "basic", "orientation": "horizontal", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "showUnfilled": true }, "pluginVersion": "8.3.5", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (outcome_reason) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| outcome_reason!= \"\" and outcome_reason!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{outcome_reason}}", "refId": "A" } ], "title": "Outcome Reason", "type": "bargauge" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 0, "y": 24 }, "id": 19, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (violations) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| violations!= \"\" and violations!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{violations}}", "refId": "A" } ], "title": "Top10 Violations", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 8, "y": 24 }, "id": 18, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (severity) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| severity!= \"\" and severity!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{severity}}", "refId": "A" } ], "title": "Severity", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 16, "y": 24 }, "id": 17, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (violation_rating) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| violation_rating!= \"\" and violation_rating!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{violation_rating}}", "refId": "A" } ], "title": "Viol Rate", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 0, "y": 31 }, "id": 30, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (sig_names) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| sig_names!= \"\" and sig_names!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{sig_names}}", "refId": "A" } ], "title": "Top10 Sig Names", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 8, "y": 31 }, "id": 29, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (sig_ids) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| sig_ids!= \"\" and sig_ids!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{ sig_ids }}", "refId": "A" } ], "title": "Top10 Sig IDs", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 8, "x": 16, "y": 31 }, "id": 28, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (sig_cves) (count_over_time(\n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| sig_cves!= \"\" and sig_cves!= \"-\" and sig_cves!~ \",+\" | __error__=\"\" [15m])))", "legendFormat": "{{ sig_cves }}", "refId": "A" } ], "title": "Top10 Sig Cves", "transparent": true, "type": "piechart" }, { "collapsed": false, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 38 }, "id": 25, "panels": [], "title": "Bot", "type": "row" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 7, "x": 0, "y": 39 }, "id": 23, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (bot_category) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| bot_category!= \"\" and bot_category!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{ bot_category }}", "refId": "A" } ], "title": "Top 10 Bot Cat", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 7, "x": 7, "y": 39 }, "id": 26, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (bot_signature_name) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| bot_signature_name!= \"\" and bot_signature_name!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{ bot_signature_name }}", "refId": "A" } ], "title": "Top 10 Bot Sig", "transparent": true, "type": "piechart" }, { "fieldConfig": { "defaults": { "color": { "fixedColor": "light-blue", "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 7, "w": 7, "x": 14, "y": 39 }, "id": 27, "options": { "displayLabels": [ "percent" ], "legend": { "displayMode": "list", "placement": "right", "values": [] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "mode": "single" } }, "pluginVersion": "8.3.4", "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "topk(10, sum by (client_class) (count_over_time( \n{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json\n| client_class!= \"\" and client_class!= \"-\" | __error__=\"\" [15m])))", "legendFormat": "{{ client_class }}", "refId": "A" } ], "title": "Top 10 Bot Class", "transparent": true, "type": "piechart" }, { "collapsed": false, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 46 }, "id": 32, "panels": [], "title": "Log", "type": "row" }, { "gridPos": { "h": 9, "w": 24, "x": 0, "y": 47 }, "id": 34, "options": { "dedupStrategy": "none", "enableLogDetails": true, "prettifyLogMessage": false, "showCommonLabels": false, "showLabels": false, "showTime": true, "sortOrder": "Descending", "wrapLogMessage": false }, "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "{namespace=\"nginx-ingress\"} | json | logtype=\"accesslog\" | json", "refId": "A" } ], "title": "NIC Access Log", "type": "logs" }, { "datasource": { "uid": "${DS_LOKI}" }, "gridPos": { "h": 9, "w": 24, "x": 0, "y": 56 }, "id": 35, "options": { "dedupStrategy": "none", "enableLogDetails": true, "prettifyLogMessage": false, "showCommonLabels": false, "showLabels": false, "showTime": true, "sortOrder": "Descending", "wrapLogMessage": false }, "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "{namespace=\"nginx-ingress\"} | json | logtype=\"securitylog\" | json", "refId": "A" } ], "title": "NIC Security Log", "type": "logs" }, { "gridPos": { "h": 9, "w": 24, "x": 0, "y": 65 }, "id": 36, "options": { "dedupStrategy": "none", "enableLogDetails": true, "prettifyLogMessage": false, "showCommonLabels": false, "showLabels": false, "showTime": true, "sortOrder": "Descending", "wrapLogMessage": false }, "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "{container=\"nginx-mesh-sidecar\"} | json | line_format \"{{.log}}\" ", "refId": "A" } ], "title": "NSM SideCar Log", "type": "logs" }, { "gridPos": { "h": 9, "w": 24, "x": 0, "y": 74 }, "id": 37, "options": { "dedupStrategy": "none", "enableLogDetails": true, "prettifyLogMessage": false, "showCommonLabels": false, "showLabels": false, "showTime": true, "sortOrder": "Descending", "wrapLogMessage": false }, "targets": [ { "datasource": { "type": "loki", "uid": "${DS_LOKI}" }, "expr": "{namespace=\"nginx-mesh\"} | json | line_format \"{{.log}}\" ", "refId": "A" } ], "title": "NSM System Log", "type": "logs" } ], "schemaVersion": 34, "style": "dark", "tags": [], "templating": { "list": [] }, "time": { "from": "now-5m", "to": "now" }, "timepicker": {}, "timezone": "", "title": "Loki Visual Dashboard", "uid": "LQ8-B997z", "version": 4, "weekStart": "" }