You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
125 lines
4.2 KiB
125 lines
4.2 KiB
<dashboard version="2" theme="dark" hiddenElements="{"hideEdit":false,"hideOpenInSearch":false,"hideExport":false}">
|
|
<label>ITSI Audit Logs</label>
|
|
<definition><![CDATA[
|
|
{
|
|
"visualizations": {
|
|
"viz_lQsxSNvq": {
|
|
"type": "splunk.table",
|
|
"options": {
|
|
"count": 20,
|
|
"dataOverlayMode": "none",
|
|
"drilldown": "none",
|
|
"showRowNumbers": false,
|
|
"showInternalFields": false,
|
|
"columnFormat": {
|
|
"Method": {
|
|
"rowBackgroundColors": "> table | seriesByName(\"Method\") | matchValue(MethodColumnColorConfig)"
|
|
}
|
|
}
|
|
},
|
|
"context": {
|
|
"MethodColumnColorConfig": [
|
|
{
|
|
"match": "get_all",
|
|
"value": "#F8BE34"
|
|
},
|
|
{
|
|
"match": "delete_all",
|
|
"value": "#DC4E41"
|
|
},
|
|
{
|
|
"match": "edit",
|
|
"value": "#006D9C"
|
|
},
|
|
{
|
|
"match": "get",
|
|
"value": "#53A051"
|
|
},
|
|
{
|
|
"match": "batch_save",
|
|
"value": "#FF66CC"
|
|
}
|
|
]
|
|
},
|
|
"dataSources": {
|
|
"primary": "ds_ZhPx0O39"
|
|
}
|
|
},
|
|
"viz_d3lE4uG0": {
|
|
"type": "splunk.markdown",
|
|
"options": {
|
|
"markdown": "**NOTE:** You're now using the latest ITSI Audit Logs Dashboard experience. The old version is deprecated and no longer receiving updates. [Access the old dashboard.](/app/itsi/itsi_audit_logs_deprecated)",
|
|
"fontSize": "large"
|
|
}
|
|
}
|
|
},
|
|
"dataSources": {
|
|
"ds_ZhPx0O39": {
|
|
"type": "ds.search",
|
|
"options": {
|
|
"query": "index=_internal sourcetype=itsi_internal_log sub_component=itoa_storage | eval time = strftime(_time, \"%m/%d/%Y %H:%M:%S %p\") | table user, method, objecttype, filter, time | rename user as User, method as Method, objecttype as \"Object Type\", filter as \"Filter/Object IDs\", time as Timestamp",
|
|
"queryParameters": {
|
|
"earliest": "$field1.earliest$",
|
|
"latest": "$field1.latest$"
|
|
}
|
|
},
|
|
"name": "Table search"
|
|
}
|
|
},
|
|
"defaults": {
|
|
"dataSources": {
|
|
"ds.search": {
|
|
"options": {
|
|
"queryParameters": {}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"inputs": {
|
|
"input_dVcSxbCs": {
|
|
"type": "input.timerange",
|
|
"options": {
|
|
"token": "field1",
|
|
"defaultValue": "-24h@h,now"
|
|
},
|
|
"title": ""
|
|
}
|
|
},
|
|
"layout": {
|
|
"type": "grid",
|
|
"options": {
|
|
"height": 250,
|
|
"width": 1440
|
|
},
|
|
"structure": [
|
|
{
|
|
"item": "viz_d3lE4uG0",
|
|
"type": "block",
|
|
"position": {
|
|
"x": 0,
|
|
"y": 0,
|
|
"w": 1440,
|
|
"h": 64
|
|
}
|
|
},
|
|
{
|
|
"item": "viz_lQsxSNvq",
|
|
"type": "block",
|
|
"position": {
|
|
"x": 0,
|
|
"y": 64,
|
|
"w": 1440,
|
|
"h": 649
|
|
}
|
|
}
|
|
],
|
|
"globalInputs": [
|
|
"input_dVcSxbCs"
|
|
]
|
|
},
|
|
"description": "A view of audit logs concerning the access, deletion, and modification of ITOA objects.",
|
|
"title": "ITSI Audit Logs"
|
|
}
|
|
]]></definition>
|
|
<assets><![CDATA[{}]]></assets>
|
|
</dashboard> |