Mayne0213
9583be9b46
- to JSON and use sidecar ConfigMaps - Export 14 dashboards to JSON files - Use kustomize configMapGenerator for dashboard ConfigMaps - Enable Grafana sidecar to load dashboards from ConfigMaps - Keep Longhorn and Traefik Official from grafana.com
2868 lines
72 KiB
JSON
2868 lines
72 KiB
JSON
{
|
|
"annotations": {
|
|
"list": [
|
|
{
|
|
"builtIn": 1,
|
|
"datasource": {
|
|
"type": "datasource",
|
|
"uid": "grafana"
|
|
},
|
|
"enable": true,
|
|
"hide": true,
|
|
"iconColor": "rgba(0, 211, 255, 1)",
|
|
"name": "Annotations & Alerts",
|
|
"target": {
|
|
"limit": 100,
|
|
"matchAny": false,
|
|
"tags": [],
|
|
"type": "dashboard"
|
|
},
|
|
"type": "dashboard"
|
|
}
|
|
]
|
|
},
|
|
"description": "Grafana dashboard for Falco output events",
|
|
"editable": true,
|
|
"fiscalYearStartMonth": 0,
|
|
"gnetId": 17319,
|
|
"graphTooltip": 0,
|
|
"id": 18,
|
|
"links": [],
|
|
"liveNow": false,
|
|
"panels": [
|
|
{
|
|
"collapsed": false,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 0
|
|
},
|
|
"id": 18,
|
|
"panels": [],
|
|
"title": "Overview",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "${datasource}"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "thresholds"
|
|
},
|
|
"mappings": [],
|
|
"thresholds": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 1000
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 5000
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 10000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"overrides": []
|
|
},
|
|
"gridPos": {
|
|
"h": 9,
|
|
"w": 4,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 22,
|
|
"options": {
|
|
"colorMode": "value",
|
|
"graphMode": "area",
|
|
"justifyMode": "auto",
|
|
"orientation": "auto",
|
|
"percentChangeColorMode": "standard",
|
|
"reduceOptions": {
|
|
"calcs": [
|
|
"lastNotNull"
|
|
],
|
|
"fields": "",
|
|
"values": false
|
|
},
|
|
"showPercentChange": false,
|
|
"textMode": "auto",
|
|
"wideLayout": true
|
|
},
|
|
"pluginVersion": "11.2.0",
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"editorMode": "code",
|
|
"expr": "sum(count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[$__range]))",
|
|
"hide": false,
|
|
"queryType": "instant",
|
|
"refId": "B"
|
|
}
|
|
],
|
|
"title": "Total Events",
|
|
"type": "stat"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"description": "",
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"hideFrom": {
|
|
"legend": false,
|
|
"tooltip": false,
|
|
"viz": false
|
|
}
|
|
},
|
|
"mappings": []
|
|
},
|
|
"overrides": []
|
|
},
|
|
"gridPos": {
|
|
"h": 9,
|
|
"w": 6,
|
|
"x": 4,
|
|
"y": 1
|
|
},
|
|
"id": 12,
|
|
"options": {
|
|
"displayLabels": [],
|
|
"legend": {
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true,
|
|
"values": [
|
|
"value"
|
|
]
|
|
},
|
|
"pieType": "pie",
|
|
"reduceOptions": {
|
|
"calcs": [
|
|
"lastNotNull"
|
|
],
|
|
"fields": "",
|
|
"values": false
|
|
},
|
|
"tooltip": {
|
|
"mode": "single",
|
|
"sort": "none"
|
|
}
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[$__range]))",
|
|
"legendFormat": "{{source}}",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Sources",
|
|
"type": "piechart"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"description": "",
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"hideFrom": {
|
|
"legend": false,
|
|
"tooltip": false,
|
|
"viz": false
|
|
}
|
|
},
|
|
"mappings": []
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Critical"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "dark-red",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Error"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "red",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Warning"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "orange",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Notice"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "yellow",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Informational"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "blue",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Debug"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "purple",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 9,
|
|
"w": 6,
|
|
"x": 10,
|
|
"y": 1
|
|
},
|
|
"id": 9,
|
|
"options": {
|
|
"displayLabels": [],
|
|
"legend": {
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true,
|
|
"values": [
|
|
"value"
|
|
]
|
|
},
|
|
"pieType": "pie",
|
|
"reduceOptions": {
|
|
"calcs": [
|
|
"lastNotNull"
|
|
],
|
|
"fields": "",
|
|
"values": false
|
|
},
|
|
"tooltip": {
|
|
"mode": "single",
|
|
"sort": "none"
|
|
}
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (priority) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[$__range]))",
|
|
"legendFormat": "{{priority}}",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Priorities",
|
|
"type": "piechart"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"description": "",
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"hideFrom": {
|
|
"legend": false,
|
|
"tooltip": false,
|
|
"viz": false
|
|
}
|
|
},
|
|
"mappings": []
|
|
},
|
|
"overrides": []
|
|
},
|
|
"gridPos": {
|
|
"h": 9,
|
|
"w": 8,
|
|
"x": 16,
|
|
"y": 1
|
|
},
|
|
"id": 13,
|
|
"options": {
|
|
"displayLabels": [],
|
|
"legend": {
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true,
|
|
"values": [
|
|
"value"
|
|
]
|
|
},
|
|
"pieType": "pie",
|
|
"reduceOptions": {
|
|
"calcs": [
|
|
"lastNotNull"
|
|
],
|
|
"fields": "",
|
|
"values": false
|
|
},
|
|
"tooltip": {
|
|
"mode": "single",
|
|
"sort": "none"
|
|
}
|
|
},
|
|
"pluginVersion": "8.5.3",
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[$__range]))",
|
|
"legendFormat": "{{rule}}",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Rules",
|
|
"type": "piechart"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "${datasource}"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"axisBorderShow": false,
|
|
"axisCenteredZero": false,
|
|
"axisColorMode": "text",
|
|
"axisLabel": "",
|
|
"axisPlacement": "auto",
|
|
"barAlignment": 0,
|
|
"barWidthFactor": 0.6,
|
|
"drawStyle": "bars",
|
|
"fillOpacity": 10,
|
|
"gradientMode": "none",
|
|
"hideFrom": {
|
|
"legend": false,
|
|
"tooltip": false,
|
|
"viz": false
|
|
},
|
|
"insertNulls": false,
|
|
"lineInterpolation": "linear",
|
|
"lineStyle": {
|
|
"fill": "solid"
|
|
},
|
|
"lineWidth": 1,
|
|
"pointSize": 5,
|
|
"scaleDistribution": {
|
|
"type": "linear"
|
|
},
|
|
"showPoints": "auto",
|
|
"spanNulls": false,
|
|
"stacking": {
|
|
"group": "A",
|
|
"mode": "normal"
|
|
},
|
|
"thresholdsStyle": {
|
|
"mode": "off"
|
|
}
|
|
},
|
|
"mappings": [],
|
|
"thresholds": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 80
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"overrides": []
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 10
|
|
},
|
|
"id": 14,
|
|
"options": {
|
|
"legend": {
|
|
"calcs": [
|
|
"lastNotNull",
|
|
"mean",
|
|
"min",
|
|
"max"
|
|
],
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true
|
|
},
|
|
"tooltip": {
|
|
"mode": "multi",
|
|
"sort": "none"
|
|
}
|
|
},
|
|
"pluginVersion": "8.5.3",
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"editorMode": "code",
|
|
"expr": "sum by (priority) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[1m]))",
|
|
"legendFormat": "{{priority}}",
|
|
"queryType": "range",
|
|
"refId": "A",
|
|
"resolution": 1
|
|
}
|
|
],
|
|
"title": "Events rate",
|
|
"type": "timeseries"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"default": false,
|
|
"type": "loki",
|
|
"uid": "${datasource}"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "thresholds"
|
|
},
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": false,
|
|
"inspect": false
|
|
},
|
|
"mappings": [],
|
|
"min": 0,
|
|
"noValue": "No Rule Violations from Pods",
|
|
"thresholds": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "orange",
|
|
"value": null
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Rule Violations"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"mode": "gradient",
|
|
"type": "gauge"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 10
|
|
},
|
|
"id": 16,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"countRows": false,
|
|
"fields": "",
|
|
"reducer": [
|
|
"sum"
|
|
],
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Rule Violations"
|
|
}
|
|
]
|
|
},
|
|
"pluginVersion": "11.2.0",
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"editorMode": "code",
|
|
"expr": "sum by (pod) (count_over_time({app=\"falcosidekick\"}[$__range]))",
|
|
"hide": false,
|
|
"legendFormat": "",
|
|
"queryType": "range",
|
|
"refId": "B"
|
|
}
|
|
],
|
|
"title": "Top $top Pods",
|
|
"transformations": [
|
|
{
|
|
"id": "reduce",
|
|
"options": {
|
|
"labelsToFields": true,
|
|
"reducers": [
|
|
"lastNotNull"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "sortBy",
|
|
"options": {
|
|
"fields": {},
|
|
"sort": [
|
|
{
|
|
"desc": true,
|
|
"field": "Last *"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "limit",
|
|
"options": {
|
|
"limitField": "$top"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Field": true,
|
|
"Time": true
|
|
},
|
|
"includeByName": {},
|
|
"indexByName": {
|
|
"Time": 0,
|
|
"Value #B": 3,
|
|
"k8s_ns": 1,
|
|
"k8s_pod_name": 2
|
|
},
|
|
"renameByName": {
|
|
"Last *": "Rule Violations",
|
|
"Total": "Rule Violations",
|
|
"Value #B": "Rule Violations",
|
|
"k8s_ns": "Namespace",
|
|
"k8s_pod": "Pod",
|
|
"k8s_pod_name": "Pod"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"axisCenteredZero": false,
|
|
"axisColorMode": "text",
|
|
"axisLabel": "",
|
|
"axisPlacement": "auto",
|
|
"barAlignment": 0,
|
|
"drawStyle": "bars",
|
|
"fillOpacity": 80,
|
|
"gradientMode": "none",
|
|
"hideFrom": {
|
|
"legend": false,
|
|
"tooltip": false,
|
|
"viz": false
|
|
},
|
|
"lineWidth": 1,
|
|
"scaleDistribution": {
|
|
"type": "linear"
|
|
},
|
|
"showPoints": "never",
|
|
"stacking": {
|
|
"group": "A",
|
|
"mode": "normal"
|
|
}
|
|
},
|
|
"mappings": [],
|
|
"thresholds": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"overrides": []
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 14
|
|
},
|
|
"id": 30,
|
|
"options": {
|
|
"legend": {
|
|
"calcs": [
|
|
"sum"
|
|
],
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true
|
|
},
|
|
"tooltip": {
|
|
"mode": "multi",
|
|
"sort": "desc"
|
|
}
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[1m]))",
|
|
"legendFormat": "{{hostname}}",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host",
|
|
"type": "timeseries"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "palette-classic"
|
|
},
|
|
"custom": {
|
|
"drawStyle": "bars",
|
|
"fillOpacity": 80,
|
|
"stacking": {
|
|
"group": "A",
|
|
"mode": "normal"
|
|
}
|
|
},
|
|
"mappings": []
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Critical"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "dark-red",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Error"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "red",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Warning"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "orange",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Notice"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "yellow",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Informational"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "blue",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Debug"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"fixedColor": "purple",
|
|
"mode": "fixed"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 14
|
|
},
|
|
"id": 31,
|
|
"options": {
|
|
"legend": {
|
|
"calcs": [
|
|
"sum"
|
|
],
|
|
"displayMode": "table",
|
|
"placement": "right",
|
|
"showLegend": true
|
|
},
|
|
"tooltip": {
|
|
"mode": "multi",
|
|
"sort": "desc"
|
|
}
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (priority) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=~\"$severity\"}[1m]))",
|
|
"legendFormat": "{{priority}}",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Priority",
|
|
"type": "timeseries"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 30
|
|
},
|
|
"id": 100,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 31
|
|
},
|
|
"id": 101,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Critical\"} | json | line_format \"🔴 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Critical Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 102,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Critical\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 103,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Critical\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "🔴 Critical",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 32
|
|
},
|
|
"id": 110,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 33
|
|
},
|
|
"id": 111,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Error\"} | json | line_format \"🟠 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Error Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 112,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Error\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 113,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Error\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "🟠 Error",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 34
|
|
},
|
|
"id": 120,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 35
|
|
},
|
|
"id": 121,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Warning\"} | json | line_format \"🟡 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Warning Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 122,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Warning\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 123,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Warning\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "🟡 Warning",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 36
|
|
},
|
|
"id": 130,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 37
|
|
},
|
|
"id": 131,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Notice\"} | json | line_format \"🔵 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Notice Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 132,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Notice\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 133,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Notice\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "🔵 Notice",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 38
|
|
},
|
|
"id": 140,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 39
|
|
},
|
|
"id": 141,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Informational\"} | json | line_format \"💠 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Informational Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 142,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Informational\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 143,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Informational\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "💠 Informational",
|
|
"type": "row"
|
|
},
|
|
{
|
|
"collapsed": true,
|
|
"gridPos": {
|
|
"h": 1,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 40
|
|
},
|
|
"id": 150,
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"gridPos": {
|
|
"h": 12,
|
|
"w": 24,
|
|
"x": 0,
|
|
"y": 41
|
|
},
|
|
"id": 151,
|
|
"options": {
|
|
"dedupStrategy": "signature",
|
|
"enableLogDetails": true,
|
|
"showLabels": false,
|
|
"showTime": true,
|
|
"sortOrder": "Descending",
|
|
"wrapLogMessage": false
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "{rule=~\".+\", hostname=~\"$host\", priority=\"Debug\"} | json | line_format \"🟣 [{{.hostname}}] {{.rule}} | {{.output_fields_proc_cmdline}}\"",
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Debug Events",
|
|
"type": "logs"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 50
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 200
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 500
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 0,
|
|
"y": 1
|
|
},
|
|
"id": 152,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (hostname, source) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Debug\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Events by Host and Source",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"hostname": "Host",
|
|
"source": "Source"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
},
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"filterable": true
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "Count"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 80
|
|
},
|
|
{
|
|
"id": "custom.cellOptions",
|
|
"value": {
|
|
"type": "color-background-solid"
|
|
}
|
|
},
|
|
{
|
|
"id": "thresholds",
|
|
"value": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green",
|
|
"value": null
|
|
},
|
|
{
|
|
"color": "yellow",
|
|
"value": 100
|
|
},
|
|
{
|
|
"color": "orange",
|
|
"value": 500
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 1000
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "color",
|
|
"value": {
|
|
"mode": "thresholds"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 8,
|
|
"w": 12,
|
|
"x": 12,
|
|
"y": 1
|
|
},
|
|
"id": 153,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"enablePagination": true,
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": [
|
|
{
|
|
"desc": true,
|
|
"displayName": "Count"
|
|
}
|
|
]
|
|
},
|
|
"targets": [
|
|
{
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"expr": "sum by (rule) (count_over_time({rule=~\".+\", hostname=~\"$host\", priority=\"Debug\"}[$__range]))",
|
|
"instant": true,
|
|
"range": false,
|
|
"refId": "A"
|
|
}
|
|
],
|
|
"title": "Top Rules",
|
|
"transformations": [
|
|
{
|
|
"id": "labelsToFields",
|
|
"options": {
|
|
"mode": "columns"
|
|
}
|
|
},
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"Time": true
|
|
},
|
|
"renameByName": {
|
|
"Value": "Count",
|
|
"rule": "Rule"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"title": "🟣 Debug",
|
|
"type": "row"
|
|
}
|
|
],
|
|
"refresh": "",
|
|
"schemaVersion": 39,
|
|
"tags": [
|
|
"Security",
|
|
"Runtime"
|
|
],
|
|
"templating": {
|
|
"list": [
|
|
{
|
|
"current": {},
|
|
"hide": 0,
|
|
"includeAll": false,
|
|
"label": "Datasource",
|
|
"multi": false,
|
|
"name": "datasource",
|
|
"options": [],
|
|
"query": "loki",
|
|
"queryValue": "",
|
|
"refresh": 1,
|
|
"regex": "",
|
|
"skipUrlSync": false,
|
|
"type": "datasource"
|
|
},
|
|
{
|
|
"current": {
|
|
"selected": false,
|
|
"text": "app=\"falcosidekick\"",
|
|
"value": "app=\"falcosidekick\""
|
|
},
|
|
"description": "LogQL filter to get only Falco logs.",
|
|
"hide": 2,
|
|
"includeAll": false,
|
|
"multi": false,
|
|
"name": "filter_falco_logs",
|
|
"options": [
|
|
{
|
|
"selected": true,
|
|
"text": "app=\"falcosidekick\"",
|
|
"value": "app=\"falcosidekick\""
|
|
}
|
|
],
|
|
"query": "app=\"falcosidekick\"",
|
|
"skipUrlSync": false,
|
|
"type": "custom"
|
|
},
|
|
{
|
|
"current": {},
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "${datasource}"
|
|
},
|
|
"definition": "",
|
|
"hide": 0,
|
|
"includeAll": true,
|
|
"label": "Priority",
|
|
"multi": true,
|
|
"name": "priority",
|
|
"options": [],
|
|
"query": {
|
|
"label": "priority",
|
|
"refId": "LokiVariableQueryEditor-VariableQuery",
|
|
"stream": "{$filter_falco_logs}",
|
|
"type": 1
|
|
},
|
|
"refresh": 2,
|
|
"regex": "",
|
|
"skipUrlSync": false,
|
|
"sort": 1,
|
|
"type": "query"
|
|
},
|
|
{
|
|
"current": {
|
|
"selected": false,
|
|
"text": "10",
|
|
"value": "10"
|
|
},
|
|
"description": "this variable is only for the Top Panel!",
|
|
"hide": 0,
|
|
"includeAll": false,
|
|
"label": "Top",
|
|
"multi": false,
|
|
"name": "top",
|
|
"options": [
|
|
{
|
|
"selected": false,
|
|
"text": "5",
|
|
"value": "5"
|
|
},
|
|
{
|
|
"selected": true,
|
|
"text": "10",
|
|
"value": "10"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "20",
|
|
"value": "20"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "50",
|
|
"value": "50"
|
|
}
|
|
],
|
|
"query": "5,10,20,50",
|
|
"queryValue": "",
|
|
"skipUrlSync": false,
|
|
"type": "custom"
|
|
},
|
|
{
|
|
"current": {
|
|
"selected": true,
|
|
"text": "",
|
|
"value": ""
|
|
},
|
|
"description": "this variable is only for the Logs Panel!",
|
|
"hide": 0,
|
|
"label": "Search-Pattern",
|
|
"name": "searchpattern",
|
|
"options": [
|
|
{
|
|
"selected": true,
|
|
"text": "",
|
|
"value": ""
|
|
}
|
|
],
|
|
"query": "",
|
|
"skipUrlSync": false,
|
|
"type": "textbox"
|
|
},
|
|
{
|
|
"current": {
|
|
"selected": true,
|
|
"text": "All",
|
|
"value": "$__all"
|
|
},
|
|
"datasource": {
|
|
"type": "loki",
|
|
"uid": "P8E80F9AEF21F6940"
|
|
},
|
|
"definition": "label_values({rule=~\".+\"}, hostname)",
|
|
"hide": 0,
|
|
"includeAll": true,
|
|
"multi": true,
|
|
"name": "host",
|
|
"options": [],
|
|
"query": "label_values({rule=~\".+\"}, hostname)",
|
|
"refresh": 2,
|
|
"regex": "",
|
|
"skipUrlSync": false,
|
|
"sort": 1,
|
|
"type": "query"
|
|
},
|
|
{
|
|
"current": {
|
|
"selected": true,
|
|
"text": "All",
|
|
"value": "$__all"
|
|
},
|
|
"hide": 0,
|
|
"includeAll": true,
|
|
"multi": true,
|
|
"name": "severity",
|
|
"options": [
|
|
{
|
|
"selected": false,
|
|
"text": "Emergency",
|
|
"value": "Emergency"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Alert",
|
|
"value": "Alert"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Critical",
|
|
"value": "Critical"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Error",
|
|
"value": "Error"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Warning",
|
|
"value": "Warning"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Notice",
|
|
"value": "Notice"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Informational",
|
|
"value": "Informational"
|
|
},
|
|
{
|
|
"selected": false,
|
|
"text": "Debug",
|
|
"value": "Debug"
|
|
}
|
|
],
|
|
"query": "Emergency,Alert,Critical,Error,Warning,Notice,Informational,Debug",
|
|
"skipUrlSync": false,
|
|
"type": "custom"
|
|
}
|
|
]
|
|
},
|
|
"time": {
|
|
"from": "now-24h",
|
|
"to": "now"
|
|
},
|
|
"timepicker": {},
|
|
"timezone": "",
|
|
"title": "Falco",
|
|
"uid": "ozk-flc-mon",
|
|
"version": 21,
|
|
"weekStart": ""
|
|
}
|