From 7b8b0c757168227040c50b63340d02e2cad38e27 Mon Sep 17 00:00:00 2001 From: surabhipatel_crest Date: Tue, 19 Nov 2024 15:14:38 +0530 Subject: [PATCH] Made changes in Dashboard --- .../dashboards/extrahop_detections.json | 192 ++++-------------- 1 file changed, 38 insertions(+), 154 deletions(-) diff --git a/extrahop/assets/dashboards/extrahop_detections.json b/extrahop/assets/dashboards/extrahop_detections.json index 14db3b93c05ac..7c40cc745eb7c 100644 --- a/extrahop/assets/dashboards/extrahop_detections.json +++ b/extrahop/assets/dashboards/extrahop_detections.json @@ -2485,75 +2485,6 @@ "height": 5 } }, - { - "id": 4620573212045324, - "definition": { - "title": "Top Investigation Last Interactions", - "title_size": "16", - "title_align": "left", - "type": "toplist", - "requests": [ - { - "queries": [ - { - "data_source": "logs", - "name": "query1", - "indexes": [ - "*" - ], - "compute": { - "aggregation": "cardinality", - "metric": "@id" - }, - "group_by": [ - { - "facet": "@last_interaction_by", - "limit": 10, - "sort": { - "order": "desc", - "aggregation": "cardinality", - "metric": "@id" - } - } - ], - "search": { - "query": "source:extrahop service:investigation" - }, - "storage": "hot" - } - ], - "response_format": "scalar", - "formulas": [ - { - "formula": "query1" - } - ], - "sort": { - "count": 10, - "order_by": [ - { - "type": "formula", - "index": 0, - "order": "desc" - } - ] - } - } - ], - "style": { - "display": { - "type": "stacked", - "legend": "automatic" - } - } - }, - "layout": { - "x": 0, - "y": 13, - "width": 3, - "height": 5 - } - }, { "id": 6458090405877186, "definition": { @@ -2617,113 +2548,66 @@ } }, "layout": { - "x": 3, + "x": 0, "y": 13, - "width": 9, + "width": 12, "height": 5 } }, { - "id": 2822261388112224, + "id": 3952932045796307, "definition": { - "title": "Investigation Details", + "title": "Investigation Log Details", "title_size": "16", "title_align": "left", - "type": "query_table", "requests": [ { - "queries": [ - { - "data_source": "logs", - "name": "query1", - "indexes": [ - "*" - ], - "compute": { - "aggregation": "cardinality", - "metric": "@id" - }, - "group_by": [ - { - "facet": "@description", - "limit": 10, - "sort": { - "order": "desc", - "aggregation": "cardinality", - "metric": "@id" - } - }, - { - "facet": "@notes", - "limit": 10, - "sort": { - "order": "desc", - "aggregation": "cardinality", - "metric": "@id" - } - }, - { - "facet": "@assignee", - "limit": 10, - "sort": { - "order": "desc", - "aggregation": "cardinality", - "metric": "@id" - } - }, - { - "facet": "@http.url", - "limit": 10, - "sort": { - "order": "desc", - "aggregation": "cardinality", - "metric": "@id" - } - } - ], - "search": { - "query": "source:extrahop service:investigation" - }, - "storage": "hot" + "response_format": "event_list", + "query": { + "data_source": "logs_stream", + "query_string": "source:extrahop service:investigation", + "indexes": [], + "storage": "hot", + "sort": { + "order": "desc", + "column": "timestamp" } - ], - "response_format": "scalar", - "sort": { - "count": 10000, - "order_by": [ - { - "type": "formula", - "index": 0, - "order": "desc" - } - ] }, - "formulas": [ + "columns": [ { - "cell_display_mode": "bar", - "alias": "count", - "formula": "query1" + "field": "description", + "width": "auto" + }, + { + "field": "notes", + "width": "auto" + }, + { + "field": "assignee", + "width": "auto" + }, + { + "field": "last_interaction_by", + "width": "auto" + }, + { + "field": "http.url", + "width": "auto" } ] } ], - "has_search_bar": "auto", - "custom_links": [ - { - "label": "URL", - "link": "{{@http.url.value}}" - } - ] + "type": "list_stream" }, "layout": { "x": 0, "y": 18, "width": 12, - "height": 5 + "height": 4 } }, { - "id": 3952932045796307, + "id": 4745866712552, "definition": { "title": "Investigation Log Details", "title_size": "16", @@ -2733,7 +2617,7 @@ "response_format": "event_list", "query": { "data_source": "logs_stream", - "query_string": "source:extrahop service:investigation ", + "query_string": "source:extrahop service:investigation", "indexes": [], "storage": "hot", "sort": { @@ -2797,7 +2681,7 @@ }, "layout": { "x": 0, - "y": 23, + "y": 22, "width": 12, "height": 4 } @@ -2808,7 +2692,7 @@ "x": 0, "y": 61, "width": 12, - "height": 28, + "height": 27, "is_column_break": true } }