admingit
/
SH-Deployer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
SH-Deployer/apps/DA-ITSI-OS/default/data/models/Host_OS.json

1418 lines
52 KiB
Raw Permalink Blame History

{
"modelName": "Host_OS",
"displayName": "Host Operating System",
"description": "Host Operating System Data Model",
"editable": false,
"objects": [
{
"objectName": "Performance",
"displayName": "Performance",
"parentName": "BaseEvent",
"comment": {"tags": ["oshost", "performance"]},
"fields": [
{
"fieldName": "hypervisor_id",
"displayName": "hypervisor_id",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "resource_type",
"displayName": "resource_type",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "tag",
"displayName": "tag",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
}
],
"calculations": [
{
"calculationID": "Performance_fillnull_dest",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "dest",
"displayName": "dest",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(dest) OR dest=\"\",\"unknown\",dest)"
}
],
"constraints": [
{
"search": "tag=performance tag=oshost"
}
],
"children": []
},
{
"objectName": "CPU",
"displayName": "CPU",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "cpu"]},
"fields": [
{
"comment": "Count of CPU's currently on target host.",
"fieldName": "cpu_count",
"displayName": "cpu_count",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "CPU instance number",
"fieldName": "cpu_instance",
"displayName": "cpu_instance",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Number of processor interrupts per second",
"fieldName": "cpu_interrupts",
"displayName": "cpu_interrupts",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Load of the system",
"fieldName": "cpu_load_mhz",
"displayName": "cpu_load_mhz",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "load of the system in a percent",
"fieldName": "cpu_load_percent",
"displayName": "cpu_load_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "cpu_time",
"displayName": "cpu_time",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "cpu_user_percent",
"displayName": "cpu_user_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total number of system threads",
"fieldName": "system_threads_count",
"displayName": "system_threads_count",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Represents the number of threads waiting for processor time",
"fieldName": "wait_threads_count",
"displayName": "wait_threads_count",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=cpu"
}
],
"children": []
},
{
"objectName": "Memory",
"displayName": "Memory",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "memory"]},
"fields": [
{
"comment": "Number of paging operations per second",
"fieldName": "mem_page_ops",
"displayName": "mem_page_ops",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Number of memory page in operations per second",
"fieldName": "mem_page_in",
"displayName": "mem_page_in",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Number of memory page out operations per second",
"fieldName": "mem_page_out",
"displayName": "mem_page_out",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_used",
"displayName": "mem_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_user_used",
"displayName": "mem_user_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_used_percent",
"displayName": "mem_used_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_user_percent",
"displayName": "mem_user_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_free",
"displayName": "mem_free",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "mem_free_percent",
"displayName": "mem_free_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "swap_used",
"displayName": "swap_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "swap_user_used",
"displayName": "swap_user_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "swap_percent",
"displayName": "swap_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "",
"fieldName": "swap_user_percent",
"displayName": "swap_user_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=memory"
}
],
"children": []
},
{
"objectName": "Storage",
"displayName": "Storage",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "storage"]},
"fields": [
{
"fieldName": "latency",
"displayName": "latency",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "mount",
"displayName": "mount",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "read_blocks",
"displayName": "read_blocks",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "read_latency",
"displayName": "read_latency",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "read_ops",
"displayName": "read_ops",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage",
"displayName": "storage",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage_free",
"displayName": "storage_free",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage_free_percent",
"displayName": "storage_free_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage_used",
"displayName": "storage_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage_used_percent",
"displayName": "storage_used_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total number of storage operations (read/write)",
"fieldName": "total_ops",
"displayName": "total_ops",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "write_blocks",
"displayName": "write_blocks",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "write_latency",
"displayName": "write_latency",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "write_ops",
"displayName": "write_ops",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=storage"
}
],
"children": []
},
{
"objectName": "Network",
"displayName": "Network",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "network"]},
"fields": [
{
"fieldName": "interface",
"displayName": "interface",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total network traffic, in bytes",
"fieldName": "bytes",
"displayName": "bytes",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "bytes_in",
"displayName": "bytes_in",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "bytes_out",
"displayName": "bytes_out",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total network traffic, in packets",
"fieldName": "packets",
"displayName": "packets",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total inbound network traffic, in packets",
"fieldName": "packets_in",
"displayName": "packets_in",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"comment": "Total outbound network traffic, in packets",
"fieldName": "packets_out",
"displayName": "packets_out",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=network"
}
],
"children": []
},
{
"objectName": "OS",
"displayName": "OS",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "os"]},
"fields": [
{
"fieldName": "uptime",
"displayName": "uptime",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=os"
}
],
"children": []
},
{
"objectName": "Facilities",
"displayName": "Facilities",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "facilities"]},
"fields": [
{
"fieldName": "temperature",
"displayName": "temperature",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "power",
"displayName": "power",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "fan_speed",
"displayName": "fan_speed",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=facilities"
}
],
"children": []
},
{
"objectName": "Inventory",
"displayName": "Inventory",
"parentName": "BaseEvent",
"comment": {"tags": ["oshost", "inventory"]},
"fields": [
{
"fieldName": "description",
"displayName": "description",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "enabled",
"displayName": "enabled",
"type": "boolean",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "family",
"displayName": "family",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "hypervisor_id",
"displayName": "hypervisor_id",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "serial",
"displayName": "serial",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "status",
"displayName": "status",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "version",
"displayName": "version",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "tag",
"displayName": "tag",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
}
],
"calculations": [
{
"calculationID": "Inventory_fillnull_dest",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "dest",
"displayName": "dest",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(dest) OR dest=\"\",\"unknown\",dest)"
},
{
"calculationID": "Inventory_vendor_product",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "vendor_product",
"displayName": "vendor_product",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "case(isnotnull(vendor_product),vendor_product,isnotnull(vendor) AND vendor!=\"unknown\" AND isnotnull(product) AND product!=\"unknown\",vendor.\" \".product,isnotnull(vendor) AND vendor!=\"unknown\" AND (isnull(product) OR product=\"unknown\"),vendor.\" unknown\",(isnull(vendor) OR vendor=\"unknown\") AND isnotnull(product) AND product!=\"unknown\",\"unknown \".product,isnotnull(sourcetype),sourcetype,1=1,\"unknown\")"
},
{
"calculationID": "Inventory_role",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "role",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false,
"displayName": "role"
}
],
"expression": "\"operating_system_host\""
}
],
"constraints": [
{
"search": "tag=inventory tag=oshost"
}
],
"children": []
},
{
"objectName": "Machine_Information",
"displayName": "Machine Information",
"parentName": "Inventory",
"comment": {"tags": ["oshost", "inventory", "cpu", "memory"]},
"fields": [
{
"fieldName": "cpu_cores",
"displayName": "cpu_cores",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "cpu_architecture",
"displayName": "cpu_architecture",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "cpu_count",
"displayName": "cpu_count",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "cpu_mhz",
"displayName": "cpu_mhz",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "mem",
"displayName": "mem",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=cpu OR tag=memory"
}
],
"children": []
},
{
"objectName": "Storage_Information",
"displayName": "Storage Information",
"parentName": "Inventory",
"comment": {"tags": ["oshost", "inventory", "storage"]},
"fields": [
{
"fieldName": "blocksize",
"displayName": "blocksize",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "mount",
"displayName": "mount",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "parent",
"displayName": "parent",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "storage",
"displayName": "storage",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=storage"
}
],
"children": []
},
{
"objectName": "Network_Information",
"displayName": "Network Information",
"parentName": "Inventory",
"comment": {"tags": ["oshost", "inventory", "network"]},
"fields": [
{
"fieldName": "dns",
"displayName": "dns",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "interface",
"displayName": "interface",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "ip",
"displayName": "ip",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "dest_ip",
"displayName": "dest_ip",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "src_ip",
"displayName": "src_ip",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "mac",
"displayName": "mac",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=network"
}
],
"children": []
},
{
"objectName": "User_Information",
"displayName": "User Information",
"parentName": "BaseEvent",
"comment": {"tags": ["user", "inventory"]},
"fields": [
{
"fieldName": "shell",
"displayName": "shell",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "user_bunit",
"displayName": "user_bunit",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "user_category",
"displayName": "user_category",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
},
{
"fieldName": "user_id",
"displayName": "user_id",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "user_priority",
"displayName": "user_priority",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [
{
"calculationID": "Security_fillnull_dest",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "dest",
"displayName": "dest",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(dest) OR dest=\"\",\"unknown\",dest)"
},
{
"calculationID": "User_interactive",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "interactive",
"displayName": "interactive",
"type": "boolean",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "case(isnotnull(interactive) AND interactive!=\"\",interactive,tag=\"interactive\",\"true\",1=1,\"false\")"
},
{
"calculationID": "User_password",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "password",
"displayName": "password",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if((password==\"*\" OR password==\"x\" OR password==\"\"),null(),password)"
},
{
"calculationID": "User_user",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "user",
"displayName": "user",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(user) OR user=\"\",\"unknown\",user)"
}
],
"constraints": [
{
"search": "tag=user AND tag=inventory"
}
],
"children": []
},
{
"objectName": "Updates",
"displayName": "Updates",
"parentName": "BaseEvent",
"comment": {"tags": ["update", "status"]},
"fields": [
{
"fieldName": "dest_should_update",
"displayName": "dest_should_update",
"type": "boolean",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "file_name",
"displayName": "file_name",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "file_hash",
"displayName": "file_hash",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "tag",
"displayName": "tag",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
}
],
"calculations": [
{
"calculationID": "Updates_fillnull_dest",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "dest",
"displayName": "dest",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(dest) OR dest=\"\",\"unknown\",dest)"
},
{
"calculationID": "Updates_fillnull_signature",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "signature",
"displayName": "signature",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
}
],
"expression": "case(isnotnull(signature) AND signature!=\"\",signature,isnotnull(signature_id) AND signature_id!=\"\" AND signature_id!=\"unknown\",signature_id,1=1,\"unknown\")"
},
{
"calculationID": "Updates_fillnull_signature_id",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "signature_id",
"displayName": "signature_id",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": true,
"hidden": false
}
],
"expression": "case(isnotnull(signature_id) AND signature_id!=\"\",signature_id,isnotnull(signature) AND signature!=\"\" AND signature!=\"unknown\",signature,1=1,\"unknown\")"
},
{
"calculationID": "Updates_fillnull_status",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "status",
"displayName": "status",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(status) OR status=\"\",\"unknown\",status)"
},
{
"calculationID": "Updates_vendor_product",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "vendor_product",
"displayName": "vendor_product",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "case(isnotnull(vendor_product),vendor_product,isnotnull(vendor) AND vendor!=\"unknown\" AND isnotnull(product) AND product!=\"unknown\",vendor.\" \".product,isnotnull(vendor) AND vendor!=\"unknown\" AND (isnull(product) OR product=\"unknown\"),vendor.\" unknown\",(isnull(vendor) OR vendor=\"unknown\") AND isnotnull(product) AND product!=\"unknown\",\"unknown \".product,isnotnull(sourcetype),sourcetype,1=1,\"unknown\")"
}
],
"constraints": [
{
"search": "tag=update tag=status"
}
],
"children": []
},
{
"objectName": "Available_Updates",
"displayName": "Available Updates",
"parentName": "Updates",
"comment": {"tags": ["update", "status"]},
"fields": [],
"calculations": [],
"constraints": [
{
"search": "status=\"available\""
}
],
"children": []
},
{
"objectName": "Installed_Updates",
"displayName": "Installed Updates",
"parentName": "Updates",
"comment": {"tags": ["update", "status"]},
"fields": [],
"calculations": [],
"constraints": [
{
"search": "status=\"installed\""
}
],
"children": []
},
{
"objectName": "Restart_Required_Updates",
"displayName": "Updates Requiring Restart",
"parentName": "Updates",
"comment": {"tags": ["update", "status"]},
"fields": [],
"calculations": [],
"constraints": [
{
"search": "status=\"restart_required\""
}
],
"children": []
},
{
"objectName": "Update_Errors",
"displayName": "Update Errors",
"parentName": "BaseSearch",
"comment": {"tags": ["update", "error"]},
"fields": [
{
"fieldName": "_time",
"displayName": "_time",
"type": "timestamp",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "host",
"displayName": "host",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "source",
"displayName": "source",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "sourcetype",
"displayName": "sourcetype",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [],
"baseSearch": "tag=update tag=error",
"children": []
},
{
"objectName": "Security",
"displayName": "Security",
"parentName": "BaseEvent",
"comment": {"tags": ["access"]},
"fields": [],
"calculations": [
{
"calculationID": "Security_fillnull_dest",
"calculationType": "Eval",
"outputFields": [
{
"fieldName": "dest",
"displayName": "dest",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"expression": "if(isnull(dest) OR dest=\"\",\"unknown\",dest)"
}
],
"constraints": [
{
"search": "tag=access"
}
],
"children": []
},
{
"objectName": "User_Access",
"displayName": "User Access",
"parentName": "Security",
"comment": {"tags": ["access", "user"]},
"fields": [
{
"fieldName": "user",
"displayName": "user",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "action",
"displayName": "action",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=user"
}
],
"children": []
},
{
"objectName": "File_Access",
"displayName": "File Access",
"parentName": "Security",
"comment": {"tags": ["access", "file"]},
"fields": [
{
"fieldName": "file",
"displayName": "file",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "user",
"displayName": "user",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
},
{
"fieldName": "action",
"displayName": "action",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false
}
],
"calculations": [],
"constraints": [
{
"search": "tag=file"
}
],
"children": []
},
{
"objectName": "Process",
"displayName": "Process",
"parentName": "Performance",
"comment": {"tags": ["oshost", "performance", "process"]},
"fields": [
{
"fieldName": "process_name",
"type": "string",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false,
"displayName": "process_name"
},
{
"fieldName": "process_cpu_used_percent",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false,
"displayName": "process_cpu_used_percent"
},
{
"fieldName": "process_mem_used",
"type": "number",
"fieldSearch": "",
"required": false,
"multivalue": false,
"hidden": false,
"displayName": "process_mem_used"
}
],
"calculations": [],
"constraints": [
{
"search": "tag=process"
}
]
}
]
}
Reference in new issue View Git Blame Copy Permalink