{"json_schema_version":"1.3","app_version":"2.2.5","qradar_version":"2019.14.0.20191031163225","exported_at":1708167362845,"parameters":{"list":[{"name":"Maximum EPS","value":"30"},{"name":"Percentage of maximum EPS","value":"50"}]},"items":{"list":[{"id":"86","uuid":"c6cda73e-d48a-4179-827c-03eca4c9d01b","name":"EPS Total and Coalesced","description":"","view_definitions":{"list":[{"id":"97","name":"EPS Total and Coalesced timeline","params":{"series":[{"querydata":{"xAxis":"round_minutes","yAxis":"TotalEventsEPS"},"type":"timeseries","mode":"lines+markers","name":"Global EPS","autoSeries":false,"areaChart":false,"fill":""},{"querydata":{"xAxis":"round_minutes","yAxis":"CoalescedEventsEPS"},"type":"timeseries","mode":"lines+markers","fill":"","name":"Coalesced EPS","marker":{"color":"#00ac46"}}],"plotlyLayout":{"autosize":true,"plot_bgcolor":"#152935","paper_bgcolor":"#152935","font":{"color":"white"},"yaxis":{"type":"linear"},"hovermode":"closest","margin":{"l":30,"r":10,"t":20,"b":40},"showlegend":true,"legend":{"orientation":"v"}},"type":"timeseries","thresholds":{"linecolor":{"column":"","levels":[{"threshold":50,"name":"Licence 100%","color":"#9855d4"},{"name":"Licence 50%","threshold":25,"color":"#fdc500"},{"name":"Licence 75%","threshold":37.5}]}},"useCustomRange":{},"customRange":{},"showTitle":true,"showStatus":true,"additiveSeries":false},"localization_key":null}]},"datasource":{"type":"aql"},"query":{"queryVal":"select min(starttime/1000)*1000 as 'round_minutes', dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS' from events\r\nwhere\r\nlogsourceid>69\r\ngroup by DateByMinute\r\norder by round_minutes desc\r\nlast 30 minutes","resultsLimit":0},"localization_key":null},{"id":"85","uuid":"63c35e94-6e33-451b-9f8a-54d424735781","name":"EPS Peaks analysis","description":"","view_definitions":{"list":[{"id":"96","name":"EPS Peaks analysis timeline","params":{"series":[{"querydata":{"xAxis":"round_minutes","yAxis":"TotalEventsEPS","groupBy":"LogSource"},"type":"timeseries","mode":"markers","fill":"","name":"Global EPS","autoSeries":true,"areaChart":false}],"plotlyLayout":{"autosize":true,"plot_bgcolor":"#152935","paper_bgcolor":"#152935","font":{"color":"white"},"yaxis":{"type":"none"},"hovermode":"closest","margin":{"l":30,"r":10,"t":20,"b":40},"showlegend":true,"legend":{"orientation":"v"}},"type":"timeseries","thresholds":{"linecolor":{"column":""}},"useCustomRange":{},"customRange":{},"additiveSeries":false,"showTitle":true,"showStatus":true},"localization_key":null}]},"datasource":{"type":"aql"},"query":{"queryVal":"select min(starttime/1000)*1000 as 'round_minutes', logsourcename(logsourceid) as 'LogSource', dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS' from events\r\nwhere\r\nlogsourceid>69\r\nand DateByMinute in\r\n(select DateByMinute from (select dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS'\r\nfrom events\r\nwhere\r\nlogsourceid > 69\r\ngroup by DateByMinute\r\nlast 12 hours)\r\nwhere\r\n(TotalEventsEPS > {Maximum EPS} or CoalescedEventsEPS > {Maximum EPS}))\r\ngroup by LogSource, DateByMinute\r\nhaving (TotalEventsEPS > ({Maximum EPS}*{Percentage of maximum EPS}/100) or CoalescedEventsEPS > ({Maximum EPS}*{Percentage of maximum EPS}/100))\r\norder by round_minutes, TotalEventsEPS asc\r\nlast 12 hours","resultsLimit":1000,"refreshTime":"300"},"localization_key":null},{"id":"84","uuid":"6ad00e16-3a63-441b-8581-1471da43db2e","name":"EPS Peak","description":"","view_definitions":{"list":[{"id":"95","name":"EPS Peak analysis","params":{"series":[{"querydata":{"xAxis":"DateByMinute","yAxis":"TotalEventsEPS"},"x":[],"y":[],"type":"bar","orientation":"h","name":"Global EPS"},{"querydata":{"xAxis":"DateByMinute","yAxis":"CoalescedEventsEPS"},"x":[],"y":[],"type":"bar","orientation":"h","name":"Coalesced EPS","marker":{"color":"#00ac46"}}],"plotlyLayout":{"autosize":true,"plot_bgcolor":"#152935","paper_bgcolor":"#152935","font":{"color":"white"},"xaxis":{"tickmode":"auto","type":"none"},"yaxis":{"automargin":true,"type":"none"},"hovermode":"closest","margin":{"r":10,"t":20,"b":40},"barmode":"group","legend":{"orientation":"v"},"showlegend":true},"type":"bar","thresholds":{},"useCustomRange":{},"customRange":{},"showTitle":true,"showStatus":true,"additiveSeries":false},"localization_key":null}]},"datasource":{"type":"aql"},"query":{"queryVal":"select min(starttime/1000)*1000 as 'round_minutes', logsourcename(logsourceid) as 'LogSource', dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS' from events\r\nwhere\r\nlogsourceid>69\r\nand DateByMinute in\r\n(select DateByMinute from (select dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS'\r\nfrom events\r\nwhere\r\nlogsourceid > 69\r\ngroup by DateByMinute\r\nlast 12 hours)\r\nwhere\r\n(TotalEventsEPS > {Maximum EPS} or CoalescedEventsEPS > {Maximum EPS}))\r\ngroup by LogSource, DateByMinute\r\nhaving (TotalEventsEPS > ({Maximum EPS}*{Percentage of maximum EPS}/100) or CoalescedEventsEPS > ({Maximum EPS}*{Percentage of maximum EPS}/100))\r\norder by round_minutes, TotalEventsEPS desc\r\nlast 12 hours","resultsLimit":0,"refreshTime":"300"},"localization_key":null},{"id":"87","uuid":"622d689f-21d5-48a1-8138-0c994d82a2ab","name":"EPS Total by Log Source","description":"","view_definitions":{"list":[{"id":"98","name":"EPS Total by Log Source timeline","params":{"series":[{"querydata":{"xAxis":"round_minutes","yAxis":"TotalEventsEPS","groupBy":"LogSource"},"type":"timeseries","mode":"lines+markers","name":"Global EPS","autoSeries":true,"areaChart":false,"fill":""},{"querydata":{"xAxis":"round_minutes","yAxis":"CoalescedEventsEPS"},"type":"timeseries","mode":"lines+markers","fill":"","name":"Coalesced EPS","marker":{"color":"#00ac46"}}],"plotlyLayout":{"autosize":true,"plot_bgcolor":"#152935","paper_bgcolor":"#152935","font":{"color":"white"},"yaxis":{"type":"linear"},"hovermode":"closest","margin":{"l":30,"r":10,"t":20,"b":40},"showlegend":true,"legend":{"orientation":"v"}},"type":"timeseries","thresholds":{"linecolor":{"column":"","levels":[]}},"useCustomRange":{},"customRange":{},"showTitle":true,"showStatus":true,"additiveSeries":false},"localization_key":null}]},"datasource":{"type":"aql"},"query":{"queryVal":"select min(starttime/1000)*1000 as 'round_minutes', logsourcename(logsourceid) as 'LogSource',dateformat(starttime, 'dd-MM-yyyy hh:mm:00') as 'DateByMinute', sum(eventcount)/60 as 'TotalEventsEPS', count(*)/60 as 'CoalescedEventsEPS' from events\r\nwhere\r\nlogsourceid>69\r\ngroup by LogSource,DateByMinute\r\norder by round_minutes desc\r\nlast 30 minutes","resultsLimit":0},"localization_key":null}]},"dashboards":{"list":[{"id":"17","uuid":"21b26652-a16f-4210-bae3-d7e7b7676e5c","name":"EPS Monitoring","type":1,"app_uuid":null,"description":"","localization_key":null,"views":{"list":[{"id":"128","params":{"layout":{"w":7,"h":6,"x":0,"y":2,"i":"128","moved":false,"static":false}},"type":"regular","view_definition":{"id":"97"}},{"id":"129","params":{"layout":{"w":7,"h":6,"x":0,"y":8,"i":"129","moved":false,"static":false}},"type":"regular","view_definition":{"id":"96"}},{"id":"130","params":{"layout":{"w":7,"h":6,"x":7,"y":8,"i":"130","moved":false,"static":false}},"type":"regular","view_definition":{"id":"95"}},{"id":"131","params":{"layout":{"w":7,"h":6,"x":7,"y":2,"i":"131","moved":false,"static":false}},"type":"regular","view_definition":{"id":"98"}},{"id":"134","params":{"layout":{"w":14,"h":2,"x":0,"y":0,"i":"134","moved":false,"static":false},"display":true},"type":"parameter_card","view_definition":null}]}}]}}