{"attributes":{"fields":"[{\"count\":0,\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_score\",\"type\":\"number\",\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"count\":0,\"name\":\"action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"formatVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":1,\"name\":\"host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"host\"}}},{\"count\":0,\"name\":\"httpRequest.args\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"httpRequest.args.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"httpRequest.args\"}}},{\"count\":0,\"name\":\"httpRequest.clientIp\",\"type\":\"ip\",\"esTypes\":[\"ip\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpRequest.country\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpRequest.headers.name\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpRequest.headers.value\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"httpRequest.headers.value.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"httpRequest.headers.value\"}}},{\"count\":0,\"name\":\"httpRequest.httpMethod\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpRequest.httpVersion\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpRequest.requestId\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"httpRequest.requestId.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"httpRequest.requestId\"}}},{\"count\":0,\"name\":\"httpRequest.uri\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"httpRequest.uri.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"httpRequest.uri\"}}},{\"count\":0,\"name\":\"httpSourceId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"httpSourceName\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"labels.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"labels.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.name\"}}},{\"count\":0,\"name\":\"ruleGroupList.ruleGroupId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"ruleGroupList.terminatingRule.action\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"ruleGroupList.terminatingRule.ruleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"terminatingRuleId\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"terminatingRuleType\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"userAgent\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"userAgent.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"userAgent\"}}},{\"count\":0,\"name\":\"webaclId\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"webaclId.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"webaclId\"}}},{\"count\":0,\"name\":\"webaclName\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"@timestamp","title":"%%INDEX%%-*"},"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","migrationVersion":{"index-pattern":"7.6.0"},"references":[],"type":"index-pattern","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MTgsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Client IPs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Client IPs\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.clientIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Client IP Address\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"71b2a6fc-6c2e-42d4-82b6-4f5a2741f63f","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MTksMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Total Requests","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Total Requests\",\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{\"customLabel\":\"\"},\"schema\":\"metric\"}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":false},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"}}"},"id":"58bb62ff-66e4-4dab-9b64-c8cf812c46a2","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjAsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"action:BLOCK\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Total Blocked Requests","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Total Blocked Requests\",\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"}],\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":false},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}}}"},"id":"1e59055f-d033-4e25-985c-2902e5d138ea","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjEsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Country or Region By Requests","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Country or Region By Requests\",\"type\":\"region_map\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.country\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Country\"},\"schema\":\"segment\"}],\"params\":{\"legendPosition\":\"bottomright\",\"addTooltip\":true,\"colorSchema\":\"Yellow to Red\",\"selectedLayer\":{\"name\":\"World Countries\",\"origin\":\"elastic_maps_service\",\"id\":\"world_countries\",\"created_at\":\"2017-04-26T17:12:15.978370\",\"attribution\":\"<a href=\\\"http://www.naturalearthdata.com/about/terms-of-use\\\">Made with NaturalEarth</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\",\"fields\":[{\"type\":\"id\",\"name\":\"iso2\",\"description\":\"ISO 3166-1 alpha-2 code\"},{\"type\":\"id\",\"name\":\"iso3\",\"description\":\"ISO 3166-1 alpha-3 code\"},{\"type\":\"property\",\"name\":\"name\",\"description\":\"name\"}],\"format\":{\"type\":\"geojson\"},\"layerId\":\"elastic_maps_service.World Countries\",\"isEMS\":true},\"emsHotLink\":\"https://maps.elastic.co/v6.7?locale=en#file/world_countries\",\"selectedJoinField\":{\"type\":\"id\",\"name\":\"iso2\",\"description\":\"ISO 3166-1 alpha-2 code\"},\"isDisplayWarning\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"default\":true,\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"\",\"id\":\"TMS in config/kibana.yml\",\"origin\":\"self_hosted\"}},\"mapZoom\":2,\"mapCenter\":[0,0],\"outlineWeight\":1,\"showAllShapes\":true}}"},"id":"3cb53d17-ac34-45db-aaeb-97791c9d82d2","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjIsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Executed WAF Rules","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Executed WAF Rules\",\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"terminatingRuleId\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"},\"schema\":\"segment\"}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}}}"},"id":"912530c2-48a6-4618-8010-b8007e44ed2c","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjMsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"},"title":"%%INDEX%%-Filters","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Filters\",\"type\":\"input_control_vis\",\"aggs\":[],\"params\":{\"controls\":[{\"fieldName\":\"webaclName\",\"id\":\"1565169719620\",\"label\":\"WebACL\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1565775477773\",\"fieldName\":\"terminatingRuleType\",\"parent\":\"\",\"label\":\"Rule Type\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":false,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"fieldName\":\"action\",\"id\":\"1565169899571\",\"label\":\"Action\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"indexPatternRefName\":\"control_2_index_pattern\"},{\"fieldName\":\"httpRequest.country\",\"id\":\"1565170498755\",\"label\":\"Country or Region\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"indexPatternRefName\":\"control_3_index_pattern\"},{\"id\":\"1565182161719\",\"fieldName\":\"host.keyword\",\"parent\":\"\",\"label\":\"Host\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_4_index_pattern\"},{\"fieldName\":\"httpRequest.clientIp\",\"id\":\"1565170536048\",\"label\":\"Client IP\",\"options\":{\"dynamicOptions\":true,\"multiselect\":false,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"indexPatternRefName\":\"control_5_index_pattern\"},{\"id\":\"1647912414472\",\"fieldName\":\"httpSourceId\",\"parent\":\"\",\"label\":\"Source\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_6_index_pattern\"},{\"fieldName\":\"ruleGroupList.ruleGroupId\",\"id\":\"1565169760470\",\"label\":\"Rule\",\"options\":{\"dynamicOptions\":true,\"multiselect\":true,\"order\":\"desc\",\"size\":5,\"type\":\"terms\"},\"parent\":\"\",\"type\":\"list\",\"indexPatternRefName\":\"control_7_index_pattern\"},{\"id\":\"1647911642407\",\"fieldName\":\"labels.name.keyword\",\"parent\":\"\",\"label\":\"Label\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_8_index_pattern\"}],\"pinFilters\":true,\"updateFiltersOnChange\":true,\"useTimeFilter\":false}}"},"id":"4394f245-57e6-475e-ad33-cd29742e2b8a","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_0_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_1_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_2_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_3_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_4_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_5_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_6_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_7_index_pattern","type":"index-pattern"},{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"control_8_index_pattern","type":"index-pattern"}],"type":"visualization","updated_at":"2022-03-22T01:29:36.328Z","version":"WzEyMzc3LDFd"}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Countries or Regions","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Countries or Regions\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.country\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Country or Region\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"ecc648d9-2b36-46c4-a527-7fbccad61ba8","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjUsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top User-Agents","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":0,\"direction\":\"asc\"}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top User-Agents\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"userAgent.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"User-Agent\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"b12eee40-37c6-436e-bcfb-d993d3a51aca","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjYsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-HTTP Methods","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-HTTP Methods\",\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.httpMethod\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"},\"schema\":\"segment\"}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}}}"},"id":"c02eb336-6502-4ac4-aa53-91de17910031","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjcsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Unique Client IPs","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Unique Client IPs\",\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"params\":{\"field\":\"httpRequest.clientIp\"},\"schema\":\"metric\"}],\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":false},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}}}"},"id":"866d8631-5f43-4246-8c7d-ed39d70c9a9f","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MjksMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Hosts","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Hosts\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"host.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"exclude\":\"\",\"include\":\"\",\"customLabel\":\"Host\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"row\":true}}"},"id":"e9522627-5bf8-4a3e-b995-0037300bb082","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzEsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top WebACLs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top WebACLs\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"webaclName\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"WebACL Name\"},\"schema\":\"bucket\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"webaclId.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"WebACL ID\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"1935ea3d-8155-44d4-b837-8a1397f00980","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzIsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Rules","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Rules\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"terminatingRuleId\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Rule Name\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"3fa73516-89de-41c8-bacf-035da4e959af","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzMsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Request URIs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":0,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Request URIs\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.uri.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"URI\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":0,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"a0cac454-18c9-4099-91bb-93a76512bb93","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzQsMV0="}
{"attributes":{"columns":["httpRequest.clientIp","httpRequest.args","httpRequest.uri","host","httpRequest.country","action","labels","terminatingRuleMatchDetails","terminatingRuleId"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"%%INDEX%%-Matched Details","version":1},"id":"d0ee6b41-8ebb-44a2-9ea7-86251ae7e089","migrationVersion":{"search":"7.9.3"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2022-03-22T01:57:25.407Z","version":"WzEyNDQ4LDFd"}
{"attributes":{"columns":["httpRequest.clientIp","terminatingRuleMatchDetails","labels","ruleGroupList","rateBasedRuleList","httpRequest.args","terminatingRuleId","action","nonTerminatingMatchingRules"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"terminatingRuleId:*\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"%%INDEX%%-Terminating Matching Rule","version":1},"id":"712af10a-14a8-4eca-b791-ea701f80529f","migrationVersion":{"search":"7.9.3"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2022-03-21T02:29:23.065Z","version":"WzExNTE2LDFd"}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Web ACLs","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Web ACLs\",\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"webaclName\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"},\"schema\":\"segment\"}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}}}"},"id":"f3400632-1596-403b-a447-57bc3971246e","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzcsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Requests History","uiStateJSON":"{\"vis\":{\"colors\":{\"BLOCK\":\"#E24D42\",\"ALLOW\":\"#629E51\"}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Requests History\",\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"2022-03-22T19:00:00.000Z\",\"to\":\"now\"},\"useNormalizedOpenSearchInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Time\"},\"schema\":\"segment\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"action\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"},\"schema\":\"group\"}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}}}"},"id":"3390bff0-ab15-11ec-b721-5f83aa22d08e","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-03-24T02:02:37.452Z","version":"WzEzMDI2LDFd"}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Requests by Source","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"%%INDEX%%-Requests by Source\",\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpSourceId\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"},\"schema\":\"segment\"}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}}}"},"id":"9b152580-ab15-11ec-b721-5f83aa22d08e","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-03-24T01:57:39.337Z","version":"WzEyODMyLDFd"}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Block Allow Host Uri","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Block Allow Host Uri\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"host.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"},\"schema\":\"bucket\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.uri.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Request URI\"},\"schema\":\"bucket\"},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"action\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":3,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Action\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"fb588f28-934f-4476-94f4-cd99ad90be69","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-11T09:24:16.830Z","version":"WzQ5MzgsMV0="}
{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"%%INDEX%%-Top Labels","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"}}}}","version":1,"visState":"{\"title\":\"%%INDEX%%-Top Labels\",\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"params\":{},\"schema\":\"metric\"},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"labels.name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Label\"},\"schema\":\"bucket\"},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"host.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"},\"schema\":\"bucket\"},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"httpRequest.uri.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Request URI\"},\"schema\":\"bucket\"}],\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\"}}"},"id":"642534d0-72c0-11ec-acf9-63f0c6197356","migrationVersion":{"visualization":"7.10.0"},"references":[{"id":"d3ff0302-3337-452b-afd2-4e4f87fd37ca","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2022-01-12T01:39:20.829Z","version":"WzU0NzgsMV0="}
{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"embeddableConfig\":{\"hidePanelTitles\":false,\"table\":null,\"title\":\"Top Client IPs\",\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"gridData\":{\"h\":17,\"i\":\"1\",\"w\":12,\"x\":12,\"y\":63},\"panelIndex\":\"1\",\"title\":\"Top Client IPs\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Total Requests\"},\"gridData\":{\"h\":6,\"i\":\"2\",\"w\":12,\"x\":0,\"y\":8},\"panelIndex\":\"2\",\"title\":\"Total Requests\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Total Blocked Requests\"},\"gridData\":{\"h\":6,\"i\":\"3\",\"w\":12,\"x\":0,\"y\":14},\"panelIndex\":\"3\",\"title\":\"Total Blocked Requests\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Country or Region By Requests\"},\"gridData\":{\"h\":22,\"i\":\"6\",\"w\":36,\"x\":0,\"y\":26},\"panelIndex\":\"6\",\"title\":\"Country or Region By Requests\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"WAF Rules\"},\"gridData\":{\"h\":12,\"i\":\"8\",\"w\":12,\"x\":36,\"y\":12},\"panelIndex\":\"8\",\"title\":\"WAF Rules\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Filters\"},\"gridData\":{\"h\":8,\"i\":\"9\",\"w\":36,\"x\":0,\"y\":0},\"panelIndex\":\"9\",\"title\":\"Filters\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top Countries or Regions\"},\"gridData\":{\"h\":15,\"i\":\"10\",\"w\":12,\"x\":36,\"y\":48},\"panelIndex\":\"10\",\"title\":\"Top Countries or Regions\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top User Agents\"},\"gridData\":{\"h\":17,\"i\":\"11\",\"w\":24,\"x\":24,\"y\":63},\"panelIndex\":\"11\",\"title\":\"Top User Agents\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"HTTP Methods\"},\"gridData\":{\"h\":12,\"i\":\"12\",\"w\":12,\"x\":36,\"y\":36},\"panelIndex\":\"12\",\"title\":\"HTTP Methods\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Unique Client IPs\"},\"gridData\":{\"h\":6,\"i\":\"14\",\"w\":12,\"x\":0,\"y\":20},\"panelIndex\":\"14\",\"title\":\"Unique Client IPs\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top Hosts\"},\"gridData\":{\"h\":15,\"i\":\"16\",\"w\":12,\"x\":12,\"y\":48},\"panelIndex\":\"16\",\"title\":\"Top Hosts\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top WebACLs\"},\"gridData\":{\"h\":15,\"i\":\"17\",\"w\":12,\"x\":0,\"y\":48},\"panelIndex\":\"17\",\"title\":\"Top WebACLs\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_11\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top Rules\"},\"gridData\":{\"h\":17,\"i\":\"18\",\"w\":12,\"x\":0,\"y\":63},\"panelIndex\":\"18\",\"title\":\"Top Rules\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_12\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top Request URIs\"},\"gridData\":{\"h\":15,\"i\":\"19\",\"w\":12,\"x\":24,\"y\":48},\"panelIndex\":\"19\",\"title\":\"Top Request URIs\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_13\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"View by httpRequest args,uri,path\"},\"gridData\":{\"h\":18,\"i\":\"20\",\"w\":48,\"x\":0,\"y\":118},\"panelIndex\":\"20\",\"title\":\"View by httpRequest args,uri,path\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_14\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"View by Matching Rule\"},\"gridData\":{\"h\":20,\"i\":\"21\",\"w\":48,\"x\":0,\"y\":98},\"panelIndex\":\"21\",\"title\":\"View by Matching Rule\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_15\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Web ACLs\"},\"gridData\":{\"h\":12,\"i\":\"4e8b942b-3972-4139-915d-521de2e22574\",\"w\":12,\"x\":36,\"y\":0},\"panelIndex\":\"4e8b942b-3972-4139-915d-521de2e22574\",\"title\":\"Web ACLs\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_16\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Requests History\",\"vis\":{\"colors\":{\"ALLOW\":\"#629E51\",\"BLOCK\":\"#BF1B00\"}}},\"gridData\":{\"h\":18,\"i\":\"61ab1f0a-1eb6-4a0a-9673-83506e61ecef\",\"w\":24,\"x\":12,\"y\":8},\"panelIndex\":\"61ab1f0a-1eb6-4a0a-9673-83506e61ecef\",\"title\":\"Requests History\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_17\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Sources\"},\"gridData\":{\"h\":12,\"i\":\"82f50929-a6d5-455d-a3a7-4434b508b749\",\"w\":12,\"x\":36,\"y\":24},\"panelIndex\":\"82f50929-a6d5-455d-a3a7-4434b508b749\",\"title\":\"Sources\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_18\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"table\":null,\"title\":\"Block Allow Host Uri\",\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}},\"gridData\":{\"h\":18,\"i\":\"e48a3b9d-d533-4c45-9263-9f1c946d0e82\",\"w\":24,\"x\":0,\"y\":80},\"panelIndex\":\"e48a3b9d-d533-4c45-9263-9f1c946d0e82\",\"title\":\"Block Allow Host Uri\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_19\"},{\"embeddableConfig\":{\"hidePanelTitles\":false,\"title\":\"Top Labels with Host, Uri\"},\"gridData\":{\"h\":18,\"i\":\"0d730c5b-bdc3-4ff7-9cd5-2a729303b66d\",\"w\":24,\"x\":24,\"y\":80},\"panelIndex\":\"0d730c5b-bdc3-4ff7-9cd5-2a729303b66d\",\"title\":\"Top Labels with Host, Uri\",\"version\":\"1.0.0-SNAPSHOT\",\"panelRefName\":\"panel_20\"}]","timeRestore":false,"title":"%%INDEX%%-dashboard","version":1},"id":"3ce97e1e-b385-4841-8152-c3bce7d68d1f","migrationVersion":{"dashboard":"7.9.3"},"references":[{"id":"71b2a6fc-6c2e-42d4-82b6-4f5a2741f63f","name":"panel_0","type":"visualization"},{"id":"58bb62ff-66e4-4dab-9b64-c8cf812c46a2","name":"panel_1","type":"visualization"},{"id":"1e59055f-d033-4e25-985c-2902e5d138ea","name":"panel_2","type":"visualization"},{"id":"3cb53d17-ac34-45db-aaeb-97791c9d82d2","name":"panel_3","type":"visualization"},{"id":"912530c2-48a6-4618-8010-b8007e44ed2c","name":"panel_4","type":"visualization"},{"id":"4394f245-57e6-475e-ad33-cd29742e2b8a","name":"panel_5","type":"visualization"},{"id":"ecc648d9-2b36-46c4-a527-7fbccad61ba8","name":"panel_6","type":"visualization"},{"id":"b12eee40-37c6-436e-bcfb-d993d3a51aca","name":"panel_7","type":"visualization"},{"id":"c02eb336-6502-4ac4-aa53-91de17910031","name":"panel_8","type":"visualization"},{"id":"866d8631-5f43-4246-8c7d-ed39d70c9a9f","name":"panel_9","type":"visualization"},{"id":"e9522627-5bf8-4a3e-b995-0037300bb082","name":"panel_10","type":"visualization"},{"id":"1935ea3d-8155-44d4-b837-8a1397f00980","name":"panel_11","type":"visualization"},{"id":"3fa73516-89de-41c8-bacf-035da4e959af","name":"panel_12","type":"visualization"},{"id":"a0cac454-18c9-4099-91bb-93a76512bb93","name":"panel_13","type":"visualization"},{"id":"d0ee6b41-8ebb-44a2-9ea7-86251ae7e089","name":"panel_14","type":"search"},{"id":"712af10a-14a8-4eca-b791-ea701f80529f","name":"panel_15","type":"search"},{"id":"f3400632-1596-403b-a447-57bc3971246e","name":"panel_16","type":"visualization"},{"id":"3390bff0-ab15-11ec-b721-5f83aa22d08e","name":"panel_17","type":"visualization"},{"id":"9b152580-ab15-11ec-b721-5f83aa22d08e","name":"panel_18","type":"visualization"},{"id":"fb588f28-934f-4476-94f4-cd99ad90be69","name":"panel_19","type":"visualization"},{"id":"642534d0-72c0-11ec-acf9-63f0c6197356","name":"panel_20","type":"visualization"}],"type":"dashboard","updated_at":"2022-03-24T02:00:22.332Z","version":"WzEyOTI4LDFd"}
{"exportedCount":23,"missingRefCount":0,"missingReferences":[]}