Like 0
Fork 0

Last active 1 day ago

admin revised this gist 1 day ago. Go to revision

1 file changed, 84 insertions

config.yaml(file created)

@@ -0,0 +1,84 @@
1 + # Пример конфига AD-exporter.
2 + # Положить как /etc/ad-exporter/config.yaml и сделать: chmod 600 (внутри токен).
3 +
4 + influx:
5 + url: http://localhost:8086
6 + org: my-organization # InfluxDB v2 organization
7 + bucket: my-initial-bucket # bucket для записи
8 + token: my-super-secret-admin-token-string # API-токен (Authorization: Token ...)
9 +
10 + batch:
11 + size: 100 # сколько точек копить до записи
12 + flush_interval_secs: 5 # либо записать по таймеру, если батч не набрался
13 +
14 + files:
15 + # Файл аудита Samba DC. В одном файле могут лежать несколько типов событий
16 + # (Authentication, Authorization, KDC Authorization) — этот блок мапит только
17 + # события Authentication (вход в домен). Строки других типов не содержат
18 + # ключей Authentication.* и просто молча пропускаются.
19 + - path: /var/log/samba/dc1-auth_audit.json
20 + measurement: samba_auth
21 + timestamp: timestamp # верхнеуровневое поле времени
22 +
23 + # Теги индексируются — для группировок в Grafana.
24 + # status обязателен: NT_STATUS_OK / код ошибки аутентификации.
25 + tags:
26 + status: Authentication.status
27 + account: Authentication.becameAccount # разрешённый аккаунт (user-288, MACHINE6$)
28 + domain: Authentication.becameDomain
29 + service: Authentication.serviceDescription # напр. "Kerberos KDC"
30 +
31 + # Поля — сырые значения. Тип (int/float/string/bool) определяется по JSON.
32 + fields:
33 + remote: Authentication.remoteAddress # ipv4:192.168.33.16:45230 (высокая кардинальность — поле, не тег)
34 + auth_desc: Authentication.authDescription
35 + client_account: Authentication.clientAccount # сырой клиентский логин
36 + logon_type: Authentication.logonType # int
37 + duration: Authentication.duration # int, микросекунды
38 +
39 + # --- dsdb-аудит: изменения объектов каталога (dsdbChange) ---
40 + # Файл dsdb_json_audit. Внутри один тип событий — dsdbChange (Add/Modify/Delete/Rename).
41 + - path: /var/log/samba/dc1-dsdb_audit.json
42 + measurement: samba_dsdb
43 + timestamp: timestamp
44 + tags:
45 + status: dsdbChange.status # Success / код ошибки
46 + operation: dsdbChange.operation # Add / Modify / Delete / Rename
47 + user_sid: dsdbChange.userSid # SID инициатора (S-1-5-18 = система)
48 + as_system: dsdbChange.performedAsSystem # bool: изменение выполнено системой
49 + fields:
50 + dn: dsdbChange.dn # объект (высокая кардинальность — поле)
51 + status_code: dsdbChange.statusCode # int, 0 = успех
52 + tx_id: dsdbChange.transactionId # для связи с журналом транзакций
53 + session_id: dsdbChange.sessionId
54 + # ВНИМАНИЕ: dsdbChange.remoteAddress намеренно НЕ берём. У системных
55 + # изменений он null, а null трактуется как отсутствие ключа => строка была
56 + # бы молча отброшена целиком. Если remoteAddress нужен — заведи под клиентские
57 + # изменения отдельный поток/файл или мирись с потерей системных событий.
58 +
59 + # --- dsdb-аудит: транзакции каталога (dsdbTransaction) ---
60 + # Файл dsdb_transaction_json_audit. Главная метрика — длительность транзакции.
61 + - path: /var/log/samba/dc1-dsdb_transaction.json
62 + measurement: samba_dsdb_tx
63 + timestamp: timestamp
64 + tags:
65 + action: dsdbTransaction.action # begin / prepare commit / commit / rollback
66 + fields:
67 + duration: dsdbTransaction.duration # int, микросекунды
68 + tx_id: dsdbTransaction.transactionId
69 +
70 + # ВНИМАНИЕ: один файл = один блок (маппинг). Один и тот же path нельзя
71 + # указать дважды — выживет только последний блок. Чтобы собирать другой тип
72 + # событий (Authorization, KDC Authorization), направь его в Samba в отдельный
73 + # файл и опиши своим блоком ниже. Пример для Authorization:
74 + #
75 + # - path: /var/log/samba/dc1-authz_audit.json
76 + # measurement: samba_authz
77 + # timestamp: timestamp
78 + # tags:
79 + # account: Authorization.account
80 + # domain: Authorization.domain
81 + # service: Authorization.serviceDescription # напр. "LDAP"
82 + # fields:
83 + # remote: Authorization.remoteAddress
84 + # auth_type: Authorization.authType

admin revised this gist 1 day ago. Go to revision

No changes

admin revised this gist 1 day ago. Go to revision

No changes

admin revised this gist 1 day ago. Go to revision

1 file changed, 568 insertions

board.json(file created)

@@ -0,0 +1,568 @@
1 + {
2 + "apiVersion": "dashboard.grafana.app/v2",
3 + "kind": "Dashboard",
4 + "metadata": {
5 + "name": "ad-samba-audit",
6 + "generation": 1,
7 + "labels": {},
8 + "annotations": {}
9 + },
10 + "spec": {
11 + "annotations": [
12 + {
13 + "kind": "AnnotationQuery",
14 + "spec": {
15 + "query": {
16 + "kind": "DataQuery",
17 + "group": "grafana",
18 + "version": "v0",
19 + "spec": {},
20 + "labels": {
21 + "grafana.app/export-label": "grafana-1"
22 + }
23 + },
24 + "enable": true,
25 + "hide": true,
26 + "iconColor": "rgba(0, 211, 255, 1)",
27 + "name": "Annotations & Alerts",
28 + "builtIn": true
29 + }
30 + }
31 + ],
32 + "cursorSync": "Off",
33 + "editable": true,
34 + "elements": {
35 + "panel-1": {
36 + "kind": "Panel",
37 + "spec": {
38 + "id": 1,
39 + "title": "Logins OK",
40 + "description": "Успешные входы в домен (samba_auth): машинные и пользовательские, разбивка по домену.",
41 + "links": [],
42 + "data": {
43 + "kind": "QueryGroup",
44 + "spec": {
45 + "queries": [
46 + {
47 + "kind": "PanelQuery",
48 + "spec": {
49 + "query": {
50 + "kind": "DataQuery",
51 + "group": "influxdb",
52 + "version": "v0",
53 + "spec": {
54 + "alias": "machine_login",
55 + "groupBy": [
56 + { "params": ["$interval"], "type": "time" },
57 + { "params": ["domain::tag"], "type": "tag" },
58 + { "params": ["null"], "type": "fill" }
59 + ],
60 + "measurement": "samba_auth",
61 + "orderByTime": "ASC",
62 + "policy": "default",
63 + "query": "SELECT count(\"client_account\") FROM \"samba_auth\" WHERE (\"status\"::tag = 'NT_STATUS_OK' AND \"account\"::tag =~ /^MACHINE/) AND $timeFilter GROUP BY time($interval), \"domain\"::tag fill(null)",
64 + "rawQuery": false,
65 + "resultFormat": "time_series",
66 + "select": [
67 + [
68 + { "params": ["client_account"], "type": "field" },
69 + { "params": [], "type": "count" }
70 + ]
71 + ],
72 + "tags": [
73 + { "key": "status::tag", "operator": "=", "value": "NT_STATUS_OK" },
74 + { "condition": "AND", "key": "account::tag", "operator": "=~", "value": "/^MACHINE/" }
75 + ]
76 + },
77 + "labels": {
78 + "grafana.app/export-label": "influxdb-1"
79 + }
80 + },
81 + "refId": "A",
82 + "hidden": false
83 + }
84 + },
85 + {
86 + "kind": "PanelQuery",
87 + "spec": {
88 + "query": {
89 + "kind": "DataQuery",
90 + "group": "influxdb",
91 + "version": "v0",
92 + "spec": {
93 + "alias": "user_login",
94 + "groupBy": [
95 + { "params": ["$interval"], "type": "time" },
96 + { "params": ["domain::tag"], "type": "tag" },
97 + { "params": ["null"], "type": "fill" }
98 + ],
99 + "measurement": "samba_auth",
100 + "orderByTime": "ASC",
101 + "policy": "default",
102 + "query": "SELECT count(\"client_account\") FROM \"samba_auth\" WHERE (\"status\"::tag = 'NT_STATUS_OK' AND \"account\"::tag =~ /^user/) AND $timeFilter GROUP BY time($interval), \"domain\"::tag fill(null)",
103 + "rawQuery": false,
104 + "resultFormat": "time_series",
105 + "select": [
106 + [
107 + { "params": ["client_account"], "type": "field" },
108 + { "params": [], "type": "count" }
109 + ]
110 + ],
111 + "tags": [
112 + { "key": "status::tag", "operator": "=", "value": "NT_STATUS_OK" },
113 + { "condition": "AND", "key": "account::tag", "operator": "=~", "value": "/^user/" }
114 + ]
115 + },
116 + "labels": {
117 + "grafana.app/export-label": "influxdb-1"
118 + }
119 + },
120 + "refId": "B",
121 + "hidden": false
122 + }
123 + }
124 + ],
125 + "transformations": [],
126 + "queryOptions": {}
127 + }
128 + },
129 + "vizConfig": {
130 + "kind": "VizConfig",
131 + "group": "timeseries",
132 + "version": "13.0.1+security-01",
133 + "spec": {
134 + "options": {
135 + "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true },
136 + "tooltip": { "hideZeros": false, "mode": "single", "sort": "none" }
137 + },
138 + "fieldConfig": {
139 + "defaults": {
140 + "color": { "mode": "palette-classic" },
141 + "custom": {
142 + "axisBorderShow": false,
143 + "axisCenteredZero": false,
144 + "axisColorMode": "text",
145 + "axisLabel": "",
146 + "axisPlacement": "auto",
147 + "barAlignment": 0,
148 + "barWidthFactor": 0.6,
149 + "drawStyle": "line",
150 + "fillOpacity": 10,
151 + "gradientMode": "none",
152 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
153 + "insertNulls": false,
154 + "lineInterpolation": "smooth",
155 + "lineWidth": 1,
156 + "pointSize": 5,
157 + "scaleDistribution": { "type": "linear" },
158 + "showPoints": "auto",
159 + "spanNulls": false,
160 + "stacking": { "group": "A", "mode": "none" },
161 + "thresholdsStyle": { "mode": "off" }
162 + }
163 + },
164 + "overrides": []
165 + }
166 + }
167 + }
168 + }
169 + },
170 + "panel-2": {
171 + "kind": "Panel",
172 + "spec": {
173 + "id": 2,
174 + "title": "DSDB: изменения по операциям",
175 + "description": "Число изменений объектов каталога (samba_dsdb), разбивка по типу операции.",
176 + "links": [],
177 + "data": {
178 + "kind": "QueryGroup",
179 + "spec": {
180 + "queries": [
181 + {
182 + "kind": "PanelQuery",
183 + "spec": {
184 + "query": {
185 + "kind": "DataQuery",
186 + "group": "influxdb",
187 + "version": "v0",
188 + "spec": {
189 + "measurement": "samba_dsdb",
190 + "orderByTime": "ASC",
191 + "policy": "default",
192 + "query": "SELECT count(\"status_code\") FROM \"samba_dsdb\" WHERE $timeFilter GROUP BY time($interval), \"operation\"::tag fill(null)",
193 + "rawQuery": true,
194 + "resultFormat": "time_series",
195 + "select": [],
196 + "groupBy": [],
197 + "tags": []
198 + },
199 + "labels": { "grafana.app/export-label": "influxdb-1" }
200 + },
201 + "refId": "A",
202 + "hidden": false
203 + }
204 + }
205 + ],
206 + "transformations": [],
207 + "queryOptions": {}
208 + }
209 + },
210 + "vizConfig": {
211 + "kind": "VizConfig",
212 + "group": "timeseries",
213 + "version": "13.0.1+security-01",
214 + "spec": {
215 + "options": {
216 + "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true },
217 + "tooltip": { "hideZeros": false, "mode": "multi", "sort": "desc" }
218 + },
219 + "fieldConfig": {
220 + "defaults": {
221 + "color": { "mode": "palette-classic" },
222 + "custom": {
223 + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text",
224 + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "barWidthFactor": 0.6,
225 + "drawStyle": "bars", "fillOpacity": 50, "gradientMode": "none",
226 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
227 + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5,
228 + "scaleDistribution": { "type": "linear" }, "showPoints": "auto", "spanNulls": false,
229 + "stacking": { "group": "A", "mode": "normal" }, "thresholdsStyle": { "mode": "off" }
230 + }
231 + },
232 + "overrides": []
233 + }
234 + }
235 + }
236 + }
237 + },
238 + "panel-3": {
239 + "kind": "Panel",
240 + "spec": {
241 + "id": 3,
242 + "title": "DSDB: система vs пользователь",
243 + "description": "Изменения каталога с разбивкой по performedAsSystem (true = выполнено системой).",
244 + "links": [],
245 + "data": {
246 + "kind": "QueryGroup",
247 + "spec": {
248 + "queries": [
249 + {
250 + "kind": "PanelQuery",
251 + "spec": {
252 + "query": {
253 + "kind": "DataQuery",
254 + "group": "influxdb",
255 + "version": "v0",
256 + "spec": {
257 + "measurement": "samba_dsdb",
258 + "orderByTime": "ASC",
259 + "policy": "default",
260 + "query": "SELECT count(\"status_code\") FROM \"samba_dsdb\" WHERE $timeFilter GROUP BY time($interval), \"as_system\"::tag fill(null)",
261 + "rawQuery": true,
262 + "resultFormat": "time_series",
263 + "select": [],
264 + "groupBy": [],
265 + "tags": []
266 + },
267 + "labels": { "grafana.app/export-label": "influxdb-1" }
268 + },
269 + "refId": "A",
270 + "hidden": false
271 + }
272 + }
273 + ],
274 + "transformations": [],
275 + "queryOptions": {}
276 + }
277 + },
278 + "vizConfig": {
279 + "kind": "VizConfig",
280 + "group": "timeseries",
281 + "version": "13.0.1+security-01",
282 + "spec": {
283 + "options": {
284 + "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true },
285 + "tooltip": { "hideZeros": false, "mode": "multi", "sort": "desc" }
286 + },
287 + "fieldConfig": {
288 + "defaults": {
289 + "color": { "mode": "palette-classic" },
290 + "custom": {
291 + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text",
292 + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "barWidthFactor": 0.6,
293 + "drawStyle": "line", "fillOpacity": 20, "gradientMode": "none",
294 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
295 + "insertNulls": false, "lineInterpolation": "smooth", "lineWidth": 1, "pointSize": 5,
296 + "scaleDistribution": { "type": "linear" }, "showPoints": "auto", "spanNulls": false,
297 + "stacking": { "group": "A", "mode": "none" }, "thresholdsStyle": { "mode": "off" }
298 + }
299 + },
300 + "overrides": []
301 + }
302 + }
303 + }
304 + }
305 + },
306 + "panel-4": {
307 + "kind": "Panel",
308 + "spec": {
309 + "id": 4,
310 + "title": "DSDB: топ инициаторов (SID)",
311 + "description": "Кто инициировал изменения каталога — разбивка по userSid.",
312 + "links": [],
313 + "data": {
314 + "kind": "QueryGroup",
315 + "spec": {
316 + "queries": [
317 + {
318 + "kind": "PanelQuery",
319 + "spec": {
320 + "query": {
321 + "kind": "DataQuery",
322 + "group": "influxdb",
323 + "version": "v0",
324 + "spec": {
325 + "measurement": "samba_dsdb",
326 + "orderByTime": "ASC",
327 + "policy": "default",
328 + "query": "SELECT count(\"status_code\") FROM \"samba_dsdb\" WHERE $timeFilter GROUP BY time($interval), \"user_sid\"::tag fill(null)",
329 + "rawQuery": true,
330 + "resultFormat": "time_series",
331 + "select": [],
332 + "groupBy": [],
333 + "tags": []
334 + },
335 + "labels": { "grafana.app/export-label": "influxdb-1" }
336 + },
337 + "refId": "A",
338 + "hidden": false
339 + }
340 + }
341 + ],
342 + "transformations": [],
343 + "queryOptions": {}
344 + }
345 + },
346 + "vizConfig": {
347 + "kind": "VizConfig",
348 + "group": "timeseries",
349 + "version": "13.0.1+security-01",
350 + "spec": {
351 + "options": {
352 + "legend": { "calcs": ["sum"], "displayMode": "table", "placement": "right", "showLegend": true },
353 + "tooltip": { "hideZeros": false, "mode": "multi", "sort": "desc" }
354 + },
355 + "fieldConfig": {
356 + "defaults": {
357 + "color": { "mode": "palette-classic" },
358 + "custom": {
359 + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text",
360 + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "barWidthFactor": 0.6,
361 + "drawStyle": "bars", "fillOpacity": 50, "gradientMode": "none",
362 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
363 + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5,
364 + "scaleDistribution": { "type": "linear" }, "showPoints": "auto", "spanNulls": false,
365 + "stacking": { "group": "A", "mode": "normal" }, "thresholdsStyle": { "mode": "off" }
366 + }
367 + },
368 + "overrides": []
369 + }
370 + }
371 + }
372 + }
373 + },
374 + "panel-5": {
375 + "kind": "Panel",
376 + "spec": {
377 + "id": 5,
378 + "title": "Транзакции: длительность (mean/max)",
379 + "description": "Длительность транзакций каталога (samba_dsdb_tx) в микросекундах.",
380 + "links": [],
381 + "data": {
382 + "kind": "QueryGroup",
383 + "spec": {
384 + "queries": [
385 + {
386 + "kind": "PanelQuery",
387 + "spec": {
388 + "query": {
389 + "kind": "DataQuery",
390 + "group": "influxdb",
391 + "version": "v0",
392 + "spec": {
393 + "measurement": "samba_dsdb_tx",
394 + "orderByTime": "ASC",
395 + "policy": "default",
396 + "query": "SELECT mean(\"duration\") AS \"mean\", max(\"duration\") AS \"max\" FROM \"samba_dsdb_tx\" WHERE $timeFilter GROUP BY time($interval) fill(null)",
397 + "rawQuery": true,
398 + "resultFormat": "time_series",
399 + "select": [],
400 + "groupBy": [],
401 + "tags": []
402 + },
403 + "labels": { "grafana.app/export-label": "influxdb-1" }
404 + },
405 + "refId": "A",
406 + "hidden": false
407 + }
408 + }
409 + ],
410 + "transformations": [],
411 + "queryOptions": {}
412 + }
413 + },
414 + "vizConfig": {
415 + "kind": "VizConfig",
416 + "group": "timeseries",
417 + "version": "13.0.1+security-01",
418 + "spec": {
419 + "options": {
420 + "legend": { "calcs": ["mean", "max"], "displayMode": "table", "placement": "bottom", "showLegend": true },
421 + "tooltip": { "hideZeros": false, "mode": "multi", "sort": "desc" }
422 + },
423 + "fieldConfig": {
424 + "defaults": {
425 + "unit": "µs",
426 + "color": { "mode": "palette-classic" },
427 + "custom": {
428 + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text",
429 + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "barWidthFactor": 0.6,
430 + "drawStyle": "line", "fillOpacity": 10, "gradientMode": "none",
431 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
432 + "insertNulls": false, "lineInterpolation": "smooth", "lineWidth": 1, "pointSize": 5,
433 + "scaleDistribution": { "type": "linear" }, "showPoints": "auto", "spanNulls": false,
434 + "stacking": { "group": "A", "mode": "none" }, "thresholdsStyle": { "mode": "off" }
435 + }
436 + },
437 + "overrides": []
438 + }
439 + }
440 + }
441 + }
442 + },
443 + "panel-6": {
444 + "kind": "Panel",
445 + "spec": {
446 + "id": 6,
447 + "title": "Транзакции по типу действия",
448 + "description": "Число транзакций каталога, разбивка по action (commit / rollback / prepare commit / begin).",
449 + "links": [],
450 + "data": {
451 + "kind": "QueryGroup",
452 + "spec": {
453 + "queries": [
454 + {
455 + "kind": "PanelQuery",
456 + "spec": {
457 + "query": {
458 + "kind": "DataQuery",
459 + "group": "influxdb",
460 + "version": "v0",
461 + "spec": {
462 + "measurement": "samba_dsdb_tx",
463 + "orderByTime": "ASC",
464 + "policy": "default",
465 + "query": "SELECT count(\"duration\") FROM \"samba_dsdb_tx\" WHERE $timeFilter GROUP BY time($interval), \"action\"::tag fill(null)",
466 + "rawQuery": true,
467 + "resultFormat": "time_series",
468 + "select": [],
469 + "groupBy": [],
470 + "tags": []
471 + },
472 + "labels": { "grafana.app/export-label": "influxdb-1" }
473 + },
474 + "refId": "A",
475 + "hidden": false
476 + }
477 + }
478 + ],
479 + "transformations": [],
480 + "queryOptions": {}
481 + }
482 + },
483 + "vizConfig": {
484 + "kind": "VizConfig",
485 + "group": "timeseries",
486 + "version": "13.0.1+security-01",
487 + "spec": {
488 + "options": {
489 + "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true },
490 + "tooltip": { "hideZeros": false, "mode": "multi", "sort": "desc" }
491 + },
492 + "fieldConfig": {
493 + "defaults": {
494 + "color": { "mode": "palette-classic" },
495 + "custom": {
496 + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text",
497 + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "barWidthFactor": 0.6,
498 + "drawStyle": "bars", "fillOpacity": 50, "gradientMode": "none",
499 + "hideFrom": { "legend": false, "tooltip": false, "viz": false },
500 + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5,
501 + "scaleDistribution": { "type": "linear" }, "showPoints": "auto", "spanNulls": false,
502 + "stacking": { "group": "A", "mode": "normal" }, "thresholdsStyle": { "mode": "off" }
503 + }
504 + },
505 + "overrides": []
506 + }
507 + }
508 + }
509 + }
510 + }
511 + },
512 + "layout": {
513 + "kind": "GridLayout",
514 + "spec": {
515 + "items": [
516 + { "kind": "GridLayoutItem", "spec": { "x": 0, "y": 0, "width": 24, "height": 8, "element": { "kind": "ElementReference", "name": "panel-1" } } },
517 + { "kind": "GridLayoutItem", "spec": { "x": 0, "y": 8, "width": 12, "height": 8, "element": { "kind": "ElementReference", "name": "panel-2" } } },
518 + { "kind": "GridLayoutItem", "spec": { "x": 12, "y": 8, "width": 12, "height": 8, "element": { "kind": "ElementReference", "name": "panel-3" } } },
519 + { "kind": "GridLayoutItem", "spec": { "x": 0, "y": 16, "width": 12, "height": 8, "element": { "kind": "ElementReference", "name": "panel-4" } } },
520 + { "kind": "GridLayoutItem", "spec": { "x": 12, "y": 16, "width": 12, "height": 8, "element": { "kind": "ElementReference", "name": "panel-5" } } },
521 + { "kind": "GridLayoutItem", "spec": { "x": 0, "y": 24, "width": 12, "height": 8, "element": { "kind": "ElementReference", "name": "panel-6" } } }
522 + ]
523 + }
524 + },
525 + "links": [],
526 + "liveNow": false,
527 + "preload": false,
528 + "tags": ["samba", "ad", "audit"],
529 + "timeSettings": {
530 + "timezone": "browser",
531 + "from": "now-6h",
532 + "to": "now",
533 + "autoRefresh": "",
534 + "autoRefreshIntervals": ["5s", "10s", "30s", "1m", "5m", "15m", "30m", "1h", "2h", "1d"],
535 + "hideTimepicker": false,
536 + "fiscalYearStartMonth": 0
537 + },
538 + "title": "Samba AD audit",
539 + "variables": [
540 + {
541 + "kind": "IntervalVariable",
542 + "spec": {
543 + "name": "interval",
544 + "query": "1s,3s,5s,10s,30s,1m,10m,30m,1h,6h,12h,1d,7d,14d,30d",
545 + "current": { "text": "1m", "value": "1m" },
546 + "options": [
547 + { "selected": true, "text": "1m", "value": "1m" },
548 + { "selected": false, "text": "10m", "value": "10m" },
549 + { "selected": false, "text": "30m", "value": "30m" },
550 + { "selected": false, "text": "1h", "value": "1h" },
551 + { "selected": false, "text": "6h", "value": "6h" },
552 + { "selected": false, "text": "12h", "value": "12h" },
553 + { "selected": false, "text": "1d", "value": "1d" }
554 + ],
555 + "auto": false,
556 + "auto_min": "10s",
557 + "auto_count": 30,
558 + "refresh": "onTimeRangeChanged",
559 + "hide": "dontHide",
560 + "skipUrlSync": false
561 + }
562 + }
563 + ],
564 + "preferences": {
565 + "layout": { "kind": "GridLayout", "spec": { "items": [] } }
566 + }
567 + }
568 + }
Newer Older

Powered by Opengist Load: 80ms

English