Skip to content

Commit 6bce43e

Browse files
mmguerommguero
committed
cisagov#758; Work in Progress for google threat intelligence
1 parent 66fce7e commit 6bce43e

File tree

1 file changed

+25
-25
lines changed

1 file changed

+25
-25
lines changed

dashboards/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json

Lines changed: 25 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"searchSourceJSON": "{\"highlightAll\":false,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"},\"filter\":[]}"
99
},
1010
"optionsJSON": "{\"useMargins\":true}",
11-
"panelsJSON": "[{\"version\":\"3.2.0\",\"gridData\":{\"h\":35,\"i\":\"2\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":11,\"i\":\"3\",\"w\":34,\"x\":14,\"y\":0},\"panelIndex\":\"3\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_1\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"5\",\"w\":10,\"x\":14,\"y\":11},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"6\",\"w\":8,\"x\":0,\"y\":35},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_3\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"7\",\"w\":8,\"x\":0,\"y\":53},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_4\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"8\",\"w\":10,\"x\":8,\"y\":53},\"panelIndex\":\"8\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":2,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":25,\"i\":\"11\",\"w\":24,\"x\":24,\"y\":11},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"12\",\"w\":10,\"x\":38,\"y\":53},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"13\",\"w\":6,\"x\":8,\"y\":11},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":24,\"i\":\"14\",\"w\":48,\"x\":0,\"y\":71},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":11,\"i\":\"17\",\"w\":6,\"x\":8,\"y\":0},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":24,\"i\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\",\"w\":16,\"x\":8,\"y\":29},\"panelIndex\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_11\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":17,\"i\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\",\"w\":24,\"x\":24,\"y\":36},\"panelIndex\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"3.2.0\",\"gridData\":{\"h\":18,\"i\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\",\"w\":20,\"x\":18,\"y\":53},\"panelIndex\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
11+
"panelsJSON": "[{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":35,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":0,\"w\":34,\"h\":11,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_1\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":11,\"w\":10,\"h\":18,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":11,\"w\":9,\"h\":25,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_3\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":35,\"w\":8,\"h\":18,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_4\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":53,\"w\":8,\"h\":18,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":2,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":33,\"y\":11,\"w\":15,\"h\":25,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":41,\"y\":53,\"w\":7,\"h\":18,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":11,\"w\":6,\"h\":18,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":24,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":0,\"w\":6,\"h\":11,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":29,\"w\":16,\"h\":42,\"i\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\"},\"panelIndex\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_11\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":36,\"w\":24,\"h\":17,\"i\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\"},\"panelIndex\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":53,\"w\":17,\"h\":18,\"i\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\"},\"panelIndex\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
1212
"timeRestore": false,
1313
"title": "Zeek Intelligence",
1414
"version": 1
@@ -93,8 +93,8 @@
9393
}
9494
],
9595
"type": "dashboard",
96-
"updated_at": "2025-09-11T22:19:30.784Z",
97-
"version": "WzExMzYsMV0="
96+
"updated_at": "2025-09-15T18:07:10.491Z",
97+
"version": "WzExMzksMV0="
9898
},
9999
{
100100
"attributes": {
@@ -116,7 +116,7 @@
116116
],
117117
"references": [],
118118
"type": "visualization",
119-
"updated_at": "2025-09-11T21:40:38.628Z",
119+
"updated_at": "2025-09-15T16:45:36.348Z",
120120
"version": "WzExMjMsMV0="
121121
},
122122
{
@@ -146,7 +146,7 @@
146146
}
147147
],
148148
"type": "visualization",
149-
"updated_at": "2025-09-11T21:39:24.222Z",
149+
"updated_at": "2025-09-15T16:44:21.847Z",
150150
"version": "WzI3MSwxXQ=="
151151
},
152152
{
@@ -176,20 +176,20 @@
176176
}
177177
],
178178
"type": "visualization",
179-
"updated_at": "2025-09-11T21:39:24.222Z",
179+
"updated_at": "2025-09-15T16:44:21.847Z",
180180
"version": "WzI3MiwxXQ=="
181181
},
182182
{
183183
"attributes": {
184184
"description": "",
185185
"kibanaSavedObjectMeta": {
186-
"searchSourceJSON": "{\"filter\":[]}"
186+
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
187187
},
188188
"savedSearchRefName": "search_0",
189189
"title": "Intel - Source",
190-
"uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
190+
"uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}}",
191191
"version": 1,
192-
"visState": "{\"title\":\"Intel - Source\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"threat.indicator.provider\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}],\"listeners\":{}}"
192+
"visState": "{\"title\":\"Intel - Source\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.provider\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\"}}"
193193
},
194194
"id": "80cabf50-a849-4e24-a9c7-130cba1a8141",
195195
"migrationVersion": {
@@ -206,8 +206,8 @@
206206
}
207207
],
208208
"type": "visualization",
209-
"updated_at": "2025-09-11T21:39:24.222Z",
210-
"version": "WzI3MywxXQ=="
209+
"updated_at": "2025-09-15T18:05:52.908Z",
210+
"version": "WzExMzgsMV0="
211211
},
212212
{
213213
"attributes": {
@@ -236,7 +236,7 @@
236236
}
237237
],
238238
"type": "visualization",
239-
"updated_at": "2025-09-11T21:39:24.222Z",
239+
"updated_at": "2025-09-15T16:44:21.847Z",
240240
"version": "WzI3NCwxXQ=="
241241
},
242242
{
@@ -266,7 +266,7 @@
266266
}
267267
],
268268
"type": "visualization",
269-
"updated_at": "2025-09-11T21:39:24.222Z",
269+
"updated_at": "2025-09-15T16:44:21.847Z",
270270
"version": "WzI3NSwxXQ=="
271271
},
272272
{
@@ -277,9 +277,9 @@
277277
},
278278
"savedSearchRefName": "search_0",
279279
"title": "Intel - Indicator",
280-
"uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":5,\"direction\":\"desc\"}}}",
280+
"uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":3,\"direction\":\"desc\"}}}",
281281
"version": 1,
282-
"visState": "{\"title\":\"Intel - Indicator\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"zeek.intel.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Category\"},\"schema\":\"bucket\"},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.description\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Description\"},\"schema\":\"bucket\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Type\"},\"schema\":\"bucket\"},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"zeek.intel.seen_where\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Seen Where\"},\"schema\":\"bucket\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Indicator\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\"}}"
282+
"visState": "{\"title\":\"Intel - Indicator\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Type\"},\"schema\":\"bucket\"},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"zeek.intel.seen_where\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Seen Where\"},\"schema\":\"bucket\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"threat.indicator.name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Indicator\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\"}}"
283283
},
284284
"id": "a2d0a8bb-a6a2-4a1e-826c-0ce3ea8ff074",
285285
"migrationVersion": {
@@ -296,8 +296,8 @@
296296
}
297297
],
298298
"type": "visualization",
299-
"updated_at": "2025-09-11T21:39:24.222Z",
300-
"version": "WzI3NiwxXQ=="
299+
"updated_at": "2025-09-15T18:04:44.043Z",
300+
"version": "WzExMzcsMV0="
301301
},
302302
{
303303
"attributes": {
@@ -326,7 +326,7 @@
326326
}
327327
],
328328
"type": "visualization",
329-
"updated_at": "2025-09-11T21:39:24.222Z",
329+
"updated_at": "2025-09-15T16:44:21.847Z",
330330
"version": "WzI3NywxXQ=="
331331
},
332332
{
@@ -356,7 +356,7 @@
356356
}
357357
],
358358
"type": "visualization",
359-
"updated_at": "2025-09-11T21:39:24.222Z",
359+
"updated_at": "2025-09-15T16:44:21.847Z",
360360
"version": "WzI3OCwxXQ=="
361361
},
362362
{
@@ -403,7 +403,7 @@
403403
}
404404
],
405405
"type": "search",
406-
"updated_at": "2025-09-11T21:39:24.222Z",
406+
"updated_at": "2025-09-15T16:44:21.847Z",
407407
"version": "WzI3OSwxXQ=="
408408
},
409409
{
@@ -433,7 +433,7 @@
433433
}
434434
],
435435
"type": "visualization",
436-
"updated_at": "2025-09-11T21:39:24.222Z",
436+
"updated_at": "2025-09-15T16:44:21.847Z",
437437
"version": "WzI4MCwxXQ=="
438438
},
439439
{
@@ -463,8 +463,8 @@
463463
}
464464
],
465465
"type": "visualization",
466-
"updated_at": "2025-09-11T22:18:57.818Z",
467-
"version": "WzExMzUsMV0="
466+
"updated_at": "2025-09-15T18:08:01.106Z",
467+
"version": "WzExNDAsMV0="
468468
},
469469
{
470470
"attributes": {
@@ -493,7 +493,7 @@
493493
}
494494
],
495495
"type": "visualization",
496-
"updated_at": "2025-09-11T21:39:24.222Z",
496+
"updated_at": "2025-09-15T16:44:21.847Z",
497497
"version": "WzI4MiwxXQ=="
498498
},
499499
{
@@ -523,7 +523,7 @@
523523
}
524524
],
525525
"type": "visualization",
526-
"updated_at": "2025-09-11T21:39:24.222Z",
526+
"updated_at": "2025-09-15T16:44:21.847Z",
527527
"version": "WzI4MywxXQ=="
528528
}
529529
],

0 commit comments

Comments
 (0)