Skip to content

Commit bd7da28

Browse files
mmguerommguero
committed
cisagov#758; Work in Progress for google threat intelligence
1 parent 9eb37ff commit bd7da28

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

dashboards/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"searchSourceJSON": "{\"highlightAll\":false,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"},\"filter\":[]}"
99
},
1010
"optionsJSON": "{\"useMargins\":true}",
11-
"panelsJSON": "[{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":35,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":0,\"w\":34,\"h\":11,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_1\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":11,\"w\":10,\"h\":18,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":35,\"w\":8,\"h\":18,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_3\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":53,\"w\":8,\"h\":18,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_4\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":53,\"w\":10,\"h\":18,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":2,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":11,\"w\":24,\"h\":25,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":38,\"y\":53,\"w\":10,\"h\":18,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":11,\"w\":6,\"h\":18,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":24,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{\"columns\":[\"source.ip\",\"destination.ip\",\"destination.port\",\"threat.indicator.name\",\"threat.indicator.description\",\"threat.indicator.type\",\"zeek.intel.seen_where\",\"threat.indicator.provider\",\"zeek.intel.category\",\"event.id\"],\"sort\":[]},\"panelRefName\":\"panel_9\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":0,\"w\":6,\"h\":11,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":29,\"w\":16,\"h\":24,\"i\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\"},\"panelIndex\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":36,\"w\":24,\"h\":17,\"i\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\"},\"panelIndex\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":18,\"y\":53,\"w\":20,\"h\":18,\"i\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\"},\"panelIndex\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
11+
"panelsJSON": "[{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":35,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":0,\"w\":34,\"h\":11,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_1\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":14,\"y\":11,\"w\":10,\"h\":18,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":35,\"w\":8,\"h\":18,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_3\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":53,\"w\":8,\"h\":18,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":1,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_4\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":53,\"w\":10,\"h\":18,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"table\":null,\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}},\"sortColumn\":{\"colIndex\":2,\"direction\":\"desc\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":11,\"w\":24,\"h\":25,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":38,\"y\":53,\"w\":10,\"h\":18,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":11,\"w\":6,\"h\":18,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":24,\"i\":\"14\"},\"panelIndex\":\"14\",\"panelRefName\":\"panel_9\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":0,\"w\":6,\"h\":11,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":8,\"y\":29,\"w\":16,\"h\":24,\"i\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\"},\"panelIndex\":\"0e155d98-1bd9-4e89-9a2b-3c18ca7d5c6c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":24,\"y\":36,\"w\":24,\"h\":17,\"i\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\"},\"panelIndex\":\"ee2e2983-4383-49f4-9a1d-c3b49cef7aaf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"3.2.0\",\"gridData\":{\"x\":18,\"y\":53,\"w\":20,\"h\":18,\"i\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\"},\"panelIndex\":\"978c0a0d-4a22-4b08-a1f3-8910250e35de\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
1212
"timeRestore": false,
1313
"title": "Zeek Intelligence",
1414
"version": 1
@@ -370,6 +370,7 @@
370370
"threat.indicator.type",
371371
"zeek.intel.seen_where",
372372
"threat.indicator.provider",
373+
"threat.indicator.reference",
373374
"zeek.intel.category",
374375
"event.id"
375376
],

0 commit comments

Comments
 (0)