Skip to content

Instantly share code, notes, and snippets.

@therokh

therokh/honeypot_dash.json

Created February 22, 2018 23:11
Show Gist options
  • Save therokh/7800dabc0e33fd1413d456f1a14356bd to your computer and use it in GitHub Desktop.
Save therokh/7800dabc0e33fd1413d456f1a14356bd to your computer and use it in GitHub Desktop.
Download ZIP
Honeypot dashboard for Grafana
Raw
honeypot_dash.json
{
"__inputs": [
{
"name": "DS_INFLUX-HONEYPOT",
"label": "Influx-Honeypot",
"description": "",
"type": "datasource",
"pluginId": "influxdb",
"pluginName": "InfluxDB"
}
],
"__requires": [
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "5.0.0-beta1"
},
{
"type": "panel",
"id": "grafana-worldmap-panel",
"name": "Worldmap Panel",
"version": "0.0.17"
},
{
"type": "panel",
"id": "graph",
"name": "Graph",
"version": ""
},
{
"type": "datasource",
"id": "influxdb",
"name": "InfluxDB",
"version": "1.0.0"
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": "-- Grafana --",
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"gnetId": null,
"graphTooltip": 0,
"id": null,
"links": [],
"panels": [
{
"circleMaxSize": 30,
"circleMinSize": 2,
"colors": [
"rgba(28, 223, 0, 0.9)",
"rgba(255, 84, 0, 0.89)",
"rgba(255, 0, 0, 0.97)"
],
"datasource": "${DS_INFLUX-HONEYPOT}",
"decimals": 0,
"esMetric": "Count",
"gridPos": {
"h": 13,
"w": 16,
"x": 0,
"y": 0
},
"hideEmpty": false,
"hideZero": false,
"id": 2,
"initialZoom": 1,
"links": [],
"locationData": "countries",
"mapCenter": "(0°, 0°)",
"mapCenterLatitude": 0,
"mapCenterLongitude": 0,
"maxDataPoints": 1,
"showLegend": true,
"stickyLabels": false,
"targets": [
{
"alias": "$tag_country_code",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"country_code"
],
"type": "tag"
}
],
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
},
{
"params": [
"metric"
],
"type": "alias"
}
]
],
"tags": []
}
],
"thresholds": "100,1000",
"title": "Sources",
"type": "grafana-worldmap-panel",
"unitPlural": "",
"unitSingle": "",
"valueName": "total"
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "${DS_INFLUX-HONEYPOT}",
"fill": 1,
"gridPos": {
"h": 13,
"w": 8,
"x": 16,
"y": 0
},
"id": 3,
"legend": {
"alignAsTable": false,
"avg": true,
"current": false,
"max": true,
"min": false,
"show": true,
"total": false,
"values": true
},
"lines": true,
"linewidth": 1,
"links": [],
"nullPointMode": "null",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [
{
"alias": "Login Attempts",
"color": "#BF1B00"
}
],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"alias": "Login Attempts",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"1m"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"tags": []
}
],
"thresholds": [],
"timeFrom": null,
"timeShift": null,
"title": "Login Attempts",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
]
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "${DS_INFLUX-HONEYPOT}",
"decimals": 0,
"fill": 1,
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 13
},
"id": 4,
"legend": {
"alignAsTable": true,
"avg": true,
"current": false,
"max": true,
"min": false,
"show": true,
"total": false,
"values": true
},
"lines": true,
"linewidth": 1,
"links": [],
"nullPointMode": "null",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT count(\"source_ip\") FROM \"login_attempt\" WHERE $timeFilter GROUP BY time($__interval), \"country\" fill(null)",
"rawQuery": false,
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": []
}
],
"thresholds": [],
"timeFrom": null,
"timeShift": null,
"title": "Attempts by country over time",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": "Login Attempts",
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
]
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "${DS_INFLUX-HONEYPOT}",
"decimals": 0,
"fill": 1,
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 13
},
"id": 5,
"legend": {
"alignAsTable": true,
"avg": true,
"current": false,
"max": true,
"min": false,
"show": true,
"total": false,
"values": true
},
"lines": true,
"linewidth": 1,
"links": [],
"nullPointMode": "null",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": [
{
"key": "country",
"operator": "=",
"value": "China"
}
]
},
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "B",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": [
{
"key": "country",
"operator": "=",
"value": "United States"
}
]
},
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "C",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": [
{
"key": "country",
"operator": "=",
"value": "Ireland"
}
]
},
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "D",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": [
{
"key": "country",
"operator": "=",
"value": "India"
}
]
},
{
"alias": "$tag_country",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"country"
],
"type": "tag"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"limit": "",
"measurement": "login_attempt",
"orderByTime": "ASC",
"policy": "default",
"refId": "E",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"source_ip"
],
"type": "field"
},
{
"params": [],
"type": "count"
}
]
],
"slimit": "",
"tags": [
{
"key": "country",
"operator": "=",
"value": "Ukraine"
}
]
}
],
"thresholds": [],
"timeFrom": null,
"timeShift": null,
"title": "Attempts by top 5 countries over time",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": "Login Attempts",
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
]
}
],
"refresh": false,
"schemaVersion": 16,
"style": "dark",
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-7d",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "",
"title": "Honeypots",
"uid": "000000006",
"version": 16
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment