{"attributes":{"fields":"[{\"name\":\"@id\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@log_s3bucket\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@log_s3key\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@log_type\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@timestamp_received\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"SchemaVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"apiVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"cloud.account.id\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"cloud.provider\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"cloud.region\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.as.number\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.bytes\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.geo.location\",\"type\":\"geo_point\",\"esTypes\":[\"geo_point\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.ip\",\"type\":\"ip\",\"esTypes\":[\"ip\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.packets\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination.port\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ecs.version\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event.action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event.category\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event.ingested\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event.kind\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event.module\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"formatVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.request.bytes\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.request.method\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.request.referrer\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.response.bytes\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.response.status_code\",\"type\":\"number\",\"esTypes\":[\"short\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"http.version\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.args\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.clientIp\",\"type\":\"ip\",\"esTypes\":[\"ip\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.country\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.headers.name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.headers.value\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.httpMethod\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.httpVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.requestId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpRequest.uri\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpSourceId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"httpSourceName\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"network.bytes\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"network.iana_number\",\"type\":\"number\",\"esTypes\":[\"short\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"network.packets\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"nonTerminatingMatchingRules.action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"nonTerminatingMatchingRules.ruleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"process.pid\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"responseElements.version\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"rule.name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"rule.ruleset\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ruleGroupList.excludedRules.exclusionType\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ruleGroupList.excludedRules.ruleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ruleGroupList.ruleGroupId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ruleGroupList.terminatingRule.action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ruleGroupList.terminatingRule.ruleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.address\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.as.number\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.as.organization.name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.bytes\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.geo.city_name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.geo.country_iso_code\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.geo.country_name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.geo.location\",\"type\":\"geo_point\",\"esTypes\":[\"geo_point\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.ip\",\"type\":\"ip\",\"esTypes\":[\"ip\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.packets\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source.port\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"terminatingRuleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"terminatingRuleMatchDetails.conditionType\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"terminatingRuleMatchDetails.location\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"terminatingRuleMatchDetails.matchedData\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"terminatingRuleType\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url.domain\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url.full\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url.full.text\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false,\"subType\":{\"multi\":{\"parent\":\"url.full\"}}},{\"name\":\"url.original\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url.original.text\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false,\"subType\":{\"multi\":{\"parent\":\"url.original\"}}},{\"name\":\"url.path\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url.query\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"user_agent.original\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"user_agent.original.text\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":10,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false,\"subType\":{\"multi\":{\"parent\":\"user_agent.original\"}}},{\"name\":\"webaclId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"@timestamp","title":"log-aws-waf-*"},"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","migrationVersion":{"index-pattern":"7.6.0"},"references":[],"type":"index-pattern","updated_at":"2020-10-11T08:56:47.278Z","version":"WzE0MzMsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"AWSWAF - AWS Account(Bar)","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"cloud.account.id\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"cloud.account.id\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}},\"title\":\"AWSWAF - AWS Account(Bar)\"}"},"id":"b01486c0-0aac-11eb-b53e-8512e4ebda3e","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzODYsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"AWSWAF - Region(Bar)","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"cloud.region\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"cloud.region\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}},\"title\":\"AWSWAF - Region(Bar)\"}"},"id":"55cf6fd0-0aad-11eb-b53e-8512e4ebda3e","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzODcsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Executed WAF Rules","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"AWSWAF - Executed WAF Rules\"}"},"id":"89b102d0-f123-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzODgsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Number of All Requests","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":false},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":30,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"AWSWAF - Number of All Requests\"}"},"id":"969b9ff0-f15f-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzODksMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"},"title":"AWSWAF - Allowed vs Blocked Requests","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"timelion\",\"aggs\":[],\"params\":{\"interval\":\"auto\",\"expression\":\".es(index=\\\"log-aws-waf-*\\\",q='action:ALLOW').label(\\\"Allowed Requests\\\").color(#009933), .es(index=\\\"log-aws-waf-*\\\",q='action:BLOCK').label(\\\"Blocked Requests\\\").color(#cc0000)\"},\"title\":\"AWSWAF - Allowed vs Blocked Requests\"}"},"id":"db357bd0-f129-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTAsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"action:BLOCK\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Number of Blocked Requests","uiStateJSON":"{}","version":1,"visState":"{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":false},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":30,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"AWSWAF - Number of Blocked Requests\",\"type\":\"metric\"}"},"id":"bb12a590-f15f-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTEsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"},"title":"AWSWAF - Filters","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"input_control_vis\",\"aggs\":[],\"params\":{\"pinFilters\":true,\"updateFiltersOnChange\":true,\"useTimeFilter\":false,\"controls\":[{\"id\":\"1565169719620\",\"label\":\"WebACL\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"fieldName\":\"rule.ruleset\",\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1565169760470\",\"label\":\"Rule\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"fieldName\":\"rule.name\",\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1565169899571\",\"label\":\"Action\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"fieldName\":\"action\",\"indexPatternRefName\":\"control_2_index_pattern\"},{\"id\":\"1565170498755\",\"label\":\"Country\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"fieldName\":\"source.geo.country_iso_code\",\"indexPatternRefName\":\"control_3_index_pattern\"},{\"id\":\"1565170536048\",\"label\":\"Client IP\",\"options\":{\"dynamicOptions\":true,\"multiselect\":false,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"fieldName\":\"httpRequest.clientIp\",\"indexPatternRefName\":\"control_4_index_pattern\"},{\"id\":\"1565182161719\",\"parent\":\"\",\"label\":\"Host\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"fieldName\":\"url.domain\",\"indexPatternRefName\":\"control_5_index_pattern\"},{\"id\":\"1565775477773\",\"parent\":\"\",\"label\":\"Rule Type\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"fieldName\":\"terminatingRuleType\",\"indexPatternRefName\":\"control_6_index_pattern\"}]},\"title\":\"AWSWAF - Filters\"}"},"id":"2fa41610-f128-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_0_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_1_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_2_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_3_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_4_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_5_index_pattern","type":"index-pattern"},{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"control_6_index_pattern","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTIsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"AWSWAF - Countries By Number of Request","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"region_map\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"httpRequest.country\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Country\"}}],\"params\":{\"legendPosition\":\"bottomright\",\"addTooltip\":true,\"colorSchema\":\"Yellow to Red\",\"selectedLayer\":{\"name\":\"World Countries\",\"origin\":\"elastic_maps_service\",\"id\":\"world_countries\",\"created_at\":\"2017-04-26T17:12:15.978370\",\"attribution\":\"<a href=\\\"http://www.naturalearthdata.com/about/terms-of-use\\\">Made with NaturalEarth</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\",\"fields\":[{\"type\":\"id\",\"name\":\"iso2\",\"description\":\"ISO 3166-1 alpha-2 code\"},{\"type\":\"id\",\"name\":\"iso3\",\"description\":\"ISO 3166-1 alpha-3 code\"},{\"type\":\"property\",\"name\":\"name\",\"description\":\"name\"}],\"format\":{\"type\":\"geojson\"},\"layerId\":\"elastic_maps_service.World Countries\",\"isEMS\":true},\"emsHotLink\":\"https://maps.elastic.co/v6.7?locale=en#file/world_countries\",\"selectedJoinField\":{\"type\":\"id\",\"name\":\"iso2\",\"description\":\"ISO 3166-1 alpha-2 code\"},\"isDisplayWarning\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"default\":true,\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"\",\"id\":\"TMS in config/kibana.yml\",\"origin\":\"self_hosted\"}},\"mapZoom\":2,\"mapCenter\":[0,0],\"outlineWeight\":1,\"showAllShapes\":true},\"title\":\"AWSWAF - Countries By Number of Request\"}"},"id":"a2c32ce0-f127-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTMsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - HTTP Methods","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"httpRequest.httpMethod\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"AWSWAF - HTTP Methods\"}"},"id":"28101cd0-f125-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTQsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - HTTP Versions","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"httpRequest.httpVersion\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"AWSWAF - HTTP Versions\"}"},"id":"59903b50-f125-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTUsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Unique IP Count","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"httpRequest.clientIp\"}}],\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":false},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":30}}},\"title\":\"AWSWAF - Unique IP Count\"}"},"id":"92923030-f160-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTYsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"},"title":"AWSWAF - Requests Count","uiStateJSON":"{}","version":1,"visState":"{\"type\":\"timelion\",\"aggs\":[],\"params\":{\"interval\":\"auto\",\"expression\":\".es(index=\\\"log-aws-waf-*\\\").label(\\\"Requests Count\\\").color(#AA9933)\"},\"title\":\"AWSWAF - Requests Count\"}"},"id":"requestcount","migrationVersion":{"visualization":"7.7.0"},"references":[],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTcsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 URI","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":0,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"httpRequest.uri\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"URI\"}}],\"params\":{\"perPage\":10,\"percentageCol\":\"\",\"showMetricsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":0,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"AWSWAF - Top 10 URI\"}"},"id":"48048c10-f11b-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTgsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 IP Addresses","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"httpRequest.clientIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Client IP Address\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 IP Addresses\"}"},"id":"6f9d3eb0-f108-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzEzOTksMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 Countries","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"httpRequest.country\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Country\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 Countries\"}"},"id":"8c122780-f127-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDAsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 WebACL","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"rule.ruleset\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"WebACL Name\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 WebACL\"}"},"id":"fa2d3cf0-f15e-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDEsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 User-Agents","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"user_agent.original\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"User-Agent\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 User-Agents\"}"},"id":"bfdb9460-f114-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDIsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 Hosts","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"url.domain\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 Hosts\"}"},"id":"6545f700-f116-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDMsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}"},"title":"AWSWAF - Top 10 Rules","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"rule.name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Rule Name\"}}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"AWSWAF - Top 10 Rules\"}"},"id":"26b91520-f121-11ea-99e6-53b5a9b5c41b","migrationVersion":{"visualization":"7.7.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDQsMV0="}
{"attributes":{"columns":["cloud.account.id","cloud.region","httpSourceName","rule.ruleset","terminatingRuleId","action","source.ip","source.geo.country_name"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"search - AWSWAF","version":1},"id":"8a161670-0aaf-11eb-b53e-8512e4ebda3e","migrationVersion":{"search":"7.4.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDUsMV0="}
{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"Default Action\",\"disabled\":true,\"key\":\"terminatingRuleId\",\"negate\":true,\"params\":{\"query\":\"Default_Action\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match\":{\"terminatingRuleId\":{\"query\":\"Default_Action\",\"type\":\"phrase\"}}}}]}"},"optionsJSON":"{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":24,\"h\":9,\"i\":\"f0a3bcf6-6723-4234-8ae3-167c70605e89\"},\"panelIndex\":\"f0a3bcf6-6723-4234-8ae3-167c70605e89\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":24,\"y\":0,\"w\":23,\"h\":9,\"i\":\"246c3389-e6dc-4a7e-80a6-9b85a565f915\"},\"panelIndex\":\"246c3389-e6dc-4a7e-80a6-9b85a565f915\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":9,\"w\":15,\"h\":10,\"i\":\"d15c34d5-c544-4434-93f1-b4ac1b3e4d61\"},\"panelIndex\":\"d15c34d5-c544-4434-93f1-b4ac1b3e4d61\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":15,\"y\":9,\"w\":8,\"h\":5,\"i\":\"f6682dc4-86fd-405a-a050-5b0975027d10\"},\"panelIndex\":\"f6682dc4-86fd-405a-a050-5b0975027d10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":23,\"y\":9,\"w\":25,\"h\":10,\"i\":\"e425438e-1a3f-4c1f-ae6a-4bbabf6f51e1\"},\"panelIndex\":\"e425438e-1a3f-4c1f-ae6a-4bbabf6f51e1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":15,\"y\":14,\"w\":8,\"h\":5,\"i\":\"3c391222-6006-4561-9ab7-da41b1d1b392\"},\"panelIndex\":\"3c391222-6006-4561-9ab7-da41b1d1b392\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":19,\"w\":48,\"h\":9,\"i\":\"e973d2be-d03b-4700-a8e8-c1832af9e3a4\"},\"panelIndex\":\"e973d2be-d03b-4700-a8e8-c1832af9e3a4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":28,\"w\":48,\"h\":17,\"i\":\"dd23dcac-f30d-4528-97a5-fdbc79b5d741\"},\"panelIndex\":\"dd23dcac-f30d-4528-97a5-fdbc79b5d741\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":45,\"w\":20,\"h\":9,\"i\":\"d83fd765-daad-4a6b-b962-8a01df8bdc76\"},\"panelIndex\":\"d83fd765-daad-4a6b-b962-8a01df8bdc76\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":20,\"y\":45,\"w\":19,\"h\":9,\"i\":\"c545ee32-5cd0-4df0-99de-b407d32c4151\"},\"panelIndex\":\"c545ee32-5cd0-4df0-99de-b407d32c4151\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":39,\"y\":45,\"w\":9,\"h\":9,\"i\":\"b41c017e-c5e7-4224-8ec1-0a92be7ba71e\"},\"panelIndex\":\"b41c017e-c5e7-4224-8ec1-0a92be7ba71e\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":54,\"w\":48,\"h\":9,\"i\":\"ea00f18d-3563-496f-83d8-ce93c916aa1a\"},\"panelIndex\":\"ea00f18d-3563-496f-83d8-ce93c916aa1a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":63,\"w\":21,\"h\":16,\"i\":\"19852f7d-6ef5-4311-a68e-ae4d3ad67c71\"},\"panelIndex\":\"19852f7d-6ef5-4311-a68e-ae4d3ad67c71\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":21,\"y\":63,\"w\":8,\"h\":16,\"i\":\"78f1d156-f48a-4c3d-bc71-bfaa686806d8\"},\"panelIndex\":\"78f1d156-f48a-4c3d-bc71-bfaa686806d8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":29,\"y\":63,\"w\":8,\"h\":16,\"i\":\"b4d6c482-fbff-46e8-b3bb-a6a0ead69e92\"},\"panelIndex\":\"b4d6c482-fbff-46e8-b3bb-a6a0ead69e92\",\"embeddableConfig\":{},\"panelRefName\":\"panel_14\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":37,\"y\":63,\"w\":11,\"h\":16,\"i\":\"b1540ba4-0929-4ecf-9ef9-e3e6e21f6dd9\"},\"panelIndex\":\"b1540ba4-0929-4ecf-9ef9-e3e6e21f6dd9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_15\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":79,\"w\":21,\"h\":16,\"i\":\"06400f7d-b268-4611-a2da-1938f4ecc29d\"},\"panelIndex\":\"06400f7d-b268-4611-a2da-1938f4ecc29d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_16\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":21,\"y\":79,\"w\":16,\"h\":16,\"i\":\"042ecf84-9228-4126-9f72-64663ce74918\"},\"panelIndex\":\"042ecf84-9228-4126-9f72-64663ce74918\",\"embeddableConfig\":{},\"panelRefName\":\"panel_17\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":37,\"y\":79,\"w\":11,\"h\":16,\"i\":\"a80fb6f7-d171-45ee-bc28-121ebb5d2b49\"},\"panelIndex\":\"a80fb6f7-d171-45ee-bc28-121ebb5d2b49\",\"embeddableConfig\":{},\"panelRefName\":\"panel_18\"},{\"version\":\"7.7.0\",\"gridData\":{\"x\":0,\"y\":95,\"w\":48,\"h\":21,\"i\":\"a65b4e15-95e1-4717-9d2f-69a43f0c54db\"},\"panelIndex\":\"a65b4e15-95e1-4717-9d2f-69a43f0c54db\",\"embeddableConfig\":{},\"panelRefName\":\"panel_19\"}]","timeRestore":false,"title":"AWSWAF Summary","version":1},"id":"326483e0-f3c0-11ea-99e6-53b5a9b5c41b","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"eb70b590-efdb-11ea-99e6-53b5a9b5c41b","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"b01486c0-0aac-11eb-b53e-8512e4ebda3e","name":"panel_0","type":"visualization"},{"id":"55cf6fd0-0aad-11eb-b53e-8512e4ebda3e","name":"panel_1","type":"visualization"},{"id":"89b102d0-f123-11ea-99e6-53b5a9b5c41b","name":"panel_2","type":"visualization"},{"id":"969b9ff0-f15f-11ea-99e6-53b5a9b5c41b","name":"panel_3","type":"visualization"},{"id":"db357bd0-f129-11ea-99e6-53b5a9b5c41b","name":"panel_4","type":"visualization"},{"id":"bb12a590-f15f-11ea-99e6-53b5a9b5c41b","name":"panel_5","type":"visualization"},{"id":"2fa41610-f128-11ea-99e6-53b5a9b5c41b","name":"panel_6","type":"visualization"},{"id":"a2c32ce0-f127-11ea-99e6-53b5a9b5c41b","name":"panel_7","type":"visualization"},{"id":"28101cd0-f125-11ea-99e6-53b5a9b5c41b","name":"panel_8","type":"visualization"},{"id":"59903b50-f125-11ea-99e6-53b5a9b5c41b","name":"panel_9","type":"visualization"},{"id":"92923030-f160-11ea-99e6-53b5a9b5c41b","name":"panel_10","type":"visualization"},{"id":"requestcount","name":"panel_11","type":"visualization"},{"id":"48048c10-f11b-11ea-99e6-53b5a9b5c41b","name":"panel_12","type":"visualization"},{"id":"6f9d3eb0-f108-11ea-99e6-53b5a9b5c41b","name":"panel_13","type":"visualization"},{"id":"8c122780-f127-11ea-99e6-53b5a9b5c41b","name":"panel_14","type":"visualization"},{"id":"fa2d3cf0-f15e-11ea-99e6-53b5a9b5c41b","name":"panel_15","type":"visualization"},{"id":"bfdb9460-f114-11ea-99e6-53b5a9b5c41b","name":"panel_16","type":"visualization"},{"id":"6545f700-f116-11ea-99e6-53b5a9b5c41b","name":"panel_17","type":"visualization"},{"id":"26b91520-f121-11ea-99e6-53b5a9b5c41b","name":"panel_18","type":"visualization"},{"id":"8a161670-0aaf-11eb-b53e-8512e4ebda3e","name":"panel_19","type":"search"}],"type":"dashboard","updated_at":"2020-10-11T06:17:54.046Z","version":"WzE0MDYsMV0="}
{"exportedCount":22,"missingRefCount":0,"missingReferences":[]}