diff --git a/README.md b/README.md index 59637947..1df9c4ea 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ Logging Analytics knowledge content consists of one or more of the following: | :arrow_double_down: Oracle Enterprise Manager monitored by O&M Services | OCI Cloud Service or On-prem | :heavy_check_mark: | :heavy_check_mark: | :raising_hand: |:raising_hand:| :no_entry_sign: | :arrow_double_down: ZFS Storage Appliance Monitoring | OCI Cloud Service | :heavy_check_mark: | :heavy_check_mark: | :raising_hand: |:raising_hand:| :no_entry_sign: | :arrow_double_down: GenAI Solutions Monitoring using APM | OCI Cloud Service | :heavy_check_mark: | :raising_hand: | :raising_hand: |:raising_hand:| :no_entry_sign: +| :arrow_double_down: Oracle Enterprise Scheduler | Fusion Apps | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :raising_hand: Legend @@ -57,5 +58,5 @@ Knowledge content files in [knowldge-content](./knowlege-content/) folder are or ## License -Copyright (c) 2023, Oracle and/or its affiliates. +Copyright (c) 2025, Oracle and/or its affiliates. Licensed under the Universal Permissive License v1.0 as shown at . diff --git a/knowledge-content/MAP/security-fundamentals-dashboards/Network Security-v2.json b/knowledge-content/MAP/security-fundamentals-dashboards/Network Security-v2.json new file mode 100644 index 00000000..f4bfe799 --- /dev/null +++ b/knowledge-content/MAP/security-fundamentals-dashboards/Network Security-v2.json @@ -0,0 +1,8211 @@ +{ + "dashboards": [ + { + "dashboardId": "a5c2bb6b93bd6aaece0f9a076936b241", + "providerId": "log-analytics", + "providerName": "Logging Analytics", + "providerVersion": "3.0.0", + "tiles": [ + { + "displayName": "Load Balancer", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 10, + "column": 0, + "height": 9, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Load Balancer Errors", + "savedSearchId": "7f62f9c8e7defd82b4235c3777ec4c73", + "row": 3, + "column": 0, + "height": 6, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "HTTP Response Code ", + "savedSearchId": "8b67c0682153628f21ab8f027c69406d", + "row": 0, + "column": 0, + "height": 3, + "width": 3, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "HTTP Response 4XX and 5XX", + "savedSearchId": "d70f1e5eb925f39c402a4e313e5fdbad", + "row": 0, + "column": 3, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Total Request by LB", + "savedSearchId": "409163fc98a3bf851839c440e8f966a1", + "row": 0, + "column": 7, + "height": 3, + "width": 5, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "DNS Host Access", + "savedSearchId": "78b3d077a4e0d8e9abb4db6b45b9746a", + "row": 3, + "column": 6, + "height": 6, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + }, + { + "displayName": "Web Application Firewall", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 19, + "column": 0, + "height": 13, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "WAF Statistics", + "savedSearchId": "a6ad885e52a29f5ad1f5ade099a7cbb0", + "row": 0, + "column": 0, + "height": 7, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Top 10 Country Code - count", + "savedSearchId": "c761c329457c586aa7af9b9bd13490e5", + "row": 10, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Top 10 URL", + "savedSearchId": "a5c18cf60909a2f42e6f8438ae8d0344", + "row": 10, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Response Code", + "savedSearchId": "07c38686f917d98f4929013b25f4c157", + "row": 7, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Top 10 Source IP diagram", + "savedSearchId": "7fb4b1eb8e0cabc3b98343876a7fcdec", + "row": 10, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Backend Response Code", + "savedSearchId": "775e518fa3725bf80b3a048c0e352bcc", + "row": 7, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Action Count", + "savedSearchId": "5551612a4a1ac557d32335723a35b906", + "row": 7, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + }, + { + "displayName": "Network Firewall", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 32, + "column": 0, + "height": 18, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Top 10 Denied Sources", + "savedSearchId": "9ebbc09391b5d0eae3654f3a46b392aa", + "row": 3, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Allowed Destination Ports", + "savedSearchId": "0cc4a572747189c70d310b56b581ec53", + "row": 0, + "column": 6, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Denied Destination Ports", + "savedSearchId": "ad8cacb041fe7feda52138357cf2b564", + "row": 0, + "column": 0, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Destination IPs", + "savedSearchId": "d9d16bb036946d34724d76e5d200eb10", + "row": 3, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Source IPs", + "savedSearchId": "cd4a2f2d883399f25776fe75787a5d9d", + "row": 3, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Policy hit count by name", + "savedSearchId": "f50cf4dd203e75bc2f074a149693fc6d", + "row": 6, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Threat Logs By Severity Threat Subtype", + "savedSearchId": "9c59330490fbd8728513603496e0f38c", + "row": 14, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)" + } + }, + "description": null + }, + { + "displayName": "Network Firewall Flows Analysis", + "savedSearchId": "2d5224dd9d7f92a5e171d0949c76dc2b", + "row": 10, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + }, + { + "displayName": "Tab Widget Group 1", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 0, + "column": 0, + "height": 10, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "layout": { + "type": "tab" + }, + "subTiles": [ + { + "displayName": "Virtual Cloud Network", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 9, + "column": 0, + "height": 10, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Total Network Traffic", + "savedSearchId": "263f833ff1592f9bd12a8426d39eb101", + "row": 0, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Network Ingress Traffic from Public", + "savedSearchId": "2dbfa3ca662c90e4136726adacfcaf1b", + "row": 0, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Threat IPs", + "savedSearchId": "0e1f607aa7651f10493a670556c4a086", + "row": 3, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Network Egress Traffic to Public", + "savedSearchId": "fe65d72b75c7e672b11507538e4a900e", + "row": 0, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Denied Connections by Source", + "savedSearchId": "fda6c2b24788890de038e2de06befce1", + "row": 3, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Denied Connections by Destination Port", + "savedSearchId": "864a9e2650a81b05f1b4f429df5c0905", + "row": 3, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Virtual Cloud Network Flows Analysis", + "savedSearchId": "180047b635ea81827871e75300ef2bae", + "row": 6, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + }, + { + "displayName": "Virtual Cloud Network - Network Changes", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 0, + "column": 0, + "height": 10, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Security List Changes", + "savedSearchId": "33e3d66763f2969d21be13b8ae4702c6", + "row": 0, + "column": 0, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + }, + { + "displayName": "Network Security Group Changes", + "savedSearchId": "a78b20c2de45872f8868ba666853fd30", + "row": 0, + "column": 6, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + }, + { + "displayName": "Network Changes Analysis", + "savedSearchId": "219a37c2f8e8b56bc96ffe285192c26a", + "row": 3, + "column": 0, + "height": 9, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + } + ], + "displayName": "Network Security", + "description": "Network Security", + "compartmentId": "${compartment_ocid}", + "isOobDashboard": false, + "isShowInHome": false, + "metadataVersion": "2.0", + "isShowDescription": true, + "screenImage": "todo: provide value[mandatory]", + "nls": {}, + "uiConfig": { + "isFilteringEnabled": false, + "isTimeRangeEnabled": true, + "isRefreshEnabled": true + }, + "dataConfig": [], + "type": "normal", + "isFavorite": false, + "savedSearches": [ + { + "id": "78b3d077a4e0d8e9abb4db6b45b9746a", + "displayName": "DNS Hostname", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "For Load Balancer", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "ms": [ + "on" + ], + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | where 'Host Name (Server)' != 'Load Balancer IP' | link 'Host Name (Server)', Listener, URI | fields -'Start Time', -'End Time'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "78b3d077a4e0d8e9abb4db6b45b9746a", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "2dbfa3ca662c90e4136726adacfcaf1b", + "displayName": "Network Ingress Traffic from Public", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Network Ingress Traffic from Public", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Source IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "8b67c0682153628f21ab8f027c69406d", + "displayName": "HTTP Response Code ", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l7day" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | stats count as 'HTTP Response' by Status | sort -'HTTP Response'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "c761c329457c586aa7af9b9bd13490e5", + "displayName": "WAF Top 10 Country Code - count", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Top 10 Country Code - table format", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Client Host Country Code' as 'Country Code' | stats count by 'Country Code' | top limit = 10 Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "fe65d72b75c7e672b11507538e4a900e", + "displayName": "Network Egress Traffic to Public", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Network Egress Traffic to Public", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Destination IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "9ebbc09391b5d0eae3654f3a46b392aa", + "displayName": "Top 10 Denied Sources", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l8hr" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (deny, drop, 'reset-both', 'drop-icmp') | stats count as 'Denied Connections' by 'Source IP' | top 'Denied Connections'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "9ebbc09391b5d0eae3654f3a46b392aa", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "263f833ff1592f9bd12a8426d39eb101", + "displayName": "Total Network Traffic", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Total Network Traffic", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "219a37c2f8e8b56bc96ffe285192c26a", + "displayName": "Network Changes Analysis", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Network Changes Analysis - SFD", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' = 'OCI Audit Logs' and Type like '%virtualnetwork%' and Method in (post, put, delete) | link Event, Method, 'Event Source', 'User Name' | stats unique(Path) as Path | fields -'Start Time', -'End Time'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "219a37c2f8e8b56bc96ffe285192c26a", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "cd4a2f2d883399f25776fe75787a5d9d", + "displayName": "Top 10 Source IPs", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Top 10 Source IPs - Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Source IP' | top Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "7f62f9c8e7defd82b4235c3777ec4c73", + "displayName": "SFD_LB_analysis", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l7day" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_CLASSIFY_SETTINGS": { + "Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 150, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 10, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "func8_unique_srvrhostname", + "7": "mtag", + "8": "default", + "9": "default", + "10": "default", + "11": "default" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10, + 11 + ], + "classifyNarrowResults": [ + "on" + ] + }, + "chartNumber": 0, + "selectedItems": [] + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": true, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [ + "on" + ], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {}, + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "hideYAxis": [ + "off" + ] + } + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | link Label, 'Problem Priority' | stats unique(Destination) as Destination, avg('Content Size In') as 'Content Size In', avg('Content Size Out') as 'Content Size Out', avg('Backend Connect Time') as 'Backend Connect Time', avg('Backend Processing Time') as 'Backend Processing Time', unique('Originating IP Address') as 'Originating IP Address', unique('Error Text') as 'Error Text', unique('Host Name (Server)') as 'Host Name (Server)' | classify topcount = 300 correlate = -*, 'Originating IP Address', 'Error Text' 'Host Name (Server)', Label, 'Content Size In', 'Content Size Out', 'Backend Connect Time', 'Backend Processing Time' as 'Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time' | fields -'Start Time', -'End Time', -'Originating IP Address', -'Error Text'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "7f62f9c8e7defd82b4235c3777ec4c73", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "0cc4a572747189c70d310b56b581ec53", + "displayName": "Top 10 Allowed Destination Ports", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Top 10 Allowed Destination Ports - Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (allow, alert) | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "0cc4a572747189c70d310b56b581ec53", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "d70f1e5eb925f39c402a4e313e5fdbad", + "displayName": "HTTP Response 4XX and 5XX", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l7day" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') and Status like '4%' or Status like '5%' | timestats count as 'HTTP Response' by Status | sort -'HTTP Response'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "864a9e2650a81b05f1b4f429df5c0905", + "displayName": "Denied Connections by Destination Port", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Destination Port' as Port | timestats count by Port", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "864a9e2650a81b05f1b4f429df5c0905", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "ad8cacb041fe7feda52138357cf2b564", + "displayName": "Top 10 Denied Destination Ports", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Top 10 Denied Destination Ports - Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action like 'drop%' or Action = 'reset-both' | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "ad8cacb041fe7feda52138357cf2b564", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "d9d16bb036946d34724d76e5d200eb10", + "displayName": "Top 10 Destination IPs", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Top 10 Destination IPs - Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Destination IP' | top Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "d9d16bb036946d34724d76e5d200eb10", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "f50cf4dd203e75bc2f074a149693fc6d", + "displayName": "Policy hit count by name", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Policy hit count by name- Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_CLASSIFY_SETTINGS": {}, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link Rule, Action, Entity | rename Entity as Firewall | stats avg('Packets In') as 'Packets In', latest(Time) as Latest_Hit", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "f50cf4dd203e75bc2f074a149693fc6d", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "07c38686f917d98f4929013b25f4c157", + "displayName": "WAF Response Code", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Response Code", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'WAF Status Code'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "180047b635ea81827871e75300ef2bae", + "displayName": "Virtual Cloud Network Flows Analysis", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Virtual Cloud Network Flows Analysis - VCN", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "recsPerPage": 10, + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": true, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + }, + "LINK_CLASSIFY_SETTINGS": { + "flows analysis": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 1, + "colorColumn": 8, + "descendingXAxis": [], + "descendingYAxis": [], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "tranprot", + "7": "default", + "8": "srcip" + }, + "classifyColorPaletteCustom": { + "6": {}, + "8": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + }, + "chartNumber": 0, + "selectedItems": [] + } + } + } + }, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "180047b635ea81827871e75300ef2bae", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "775e518fa3725bf80b3a048c0e352bcc", + "displayName": "WAF Backend Response Code", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Backend Response Code", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'Backend Status Code'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "9c59330490fbd8728513603496e0f38c", + "displayName": "ThreatLogsByThreatSubtypeDevice", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + }, + "LINK_CLASSIFY_SETTINGS": { + "Threat Analysis": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 1, + "colorColumn": 8, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "risk_level", + "7": "subtype", + "8": "ticket_status" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {}, + "8": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + } + } + }, + "queryString": "'Log Source' = 'OCI Network Firewall Threat Logs' | link Severity, Threat, 'Protocol (Transport)', Subtype | stats unique(Entity) as Firewall, unique('Threat Category') as 'Threat Category', unique(Action) as Action | eval score = if(Severity = critical, 10, Severity = high, 8, Severity = medium, 5, Severity = low, 2, Severity = informational, 1, 0) | sort -score, -Count | fields -'Start Time', -'End Time', -score | classify topcount = 300 correlate = -*, Action, 'Threat Category' Severity, Subtype, Threat as 'Threat Analysis'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "9c59330490fbd8728513603496e0f38c", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "5551612a4a1ac557d32335723a35b906", + "displayName": "WAF Action Count", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Action Count", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | stats count by Action", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "33e3d66763f2969d21be13b8ae4702c6", + "displayName": "Security List Changes", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Security List Changes", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 7, + "units": "DAYS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "table_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "Type like '%virtualnetwork%securitylist%' and Method != get | timestats count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "7c24ee80875c75895a43ff85b6e2fa69", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "a5c18cf60909a2f42e6f8438ae8d0344", + "displayName": "WAF Top 10 URL", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Top 10 URL", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename URI as 'Request URL' | stats count by 'Request URL' | top limit = 10 Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "7fb4b1eb8e0cabc3b98343876a7fcdec", + "displayName": "WAF Top 10 Source IP diagram", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "WAF Top 10 Source IP diagram", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Host IP Address (Client)' as 'Source IP' | stats count by 'Source IP' | top limit = 10 Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "a78b20c2de45872f8868ba666853fd30", + "displayName": "Network Security Group Changes", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Network Security Group Changes", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "table_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "Type like '%networksecuritygroup%' and Method != get | timestats count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "2d5224dd9d7f92a5e171d0949c76dc2b", + "displayName": "Network Firewall Flows Analysis", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Network Firewall Flows Analysis - Network Firewall", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "recsPerPage": 10, + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": true, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + }, + "LINK_CLASSIFY_SETTINGS": { + "flows analysis": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 1, + "colorColumn": 8, + "descendingXAxis": [], + "descendingYAxis": [], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "tranprot", + "7": "default", + "8": "srcip" + }, + "classifyColorPaletteCustom": { + "6": {}, + "8": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + }, + "chartNumber": 0, + "selectedItems": [] + } + } + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Entity) as Firewall, unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "2d5224dd9d7f92a5e171d0949c76dc2b", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "409163fc98a3bf851839c440e8f966a1", + "displayName": "Total Request by LB", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "For Load Balancer", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l7day" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | timestats count as 'Total Request by LB' by 'OCI Resource Name' | sort -'Total Request by LB'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "a6ad885e52a29f5ad1f5ade099a7cbb0", + "displayName": "SFD WAF Logs Correlation Widget", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Backend Status Code, Action, Content Size Out": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "func6_unique_bkendstatuscode", + "7": "func4_unique_countryclnt", + "8": "default", + "9": "func1_unique_wafstatcode", + "10": "func6_unique_clnthostip", + "11": "default" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' = 'OCI WAF Logs' | link 'Host IP Address (Client)', Method, 'OCI Resource Name' | stats unique('WAF Status Code') as 'WAF Status Code', unique(Action) as Action, avg('Content Size Out') as 'Content Size Out', unique('Client Host Country') as 'Client Host Country', unique(Port) as Port, unique('Backend Status Code') as 'Backend Status Code' | classify topcount = 10 correlate = -*, Method, Port, 'OCI Resource Name' 'Backend Status Code', 'Client Host Country', 'Content Size Out', 'WAF Status Code', 'WAF Status Code' as 'Backend Status Code, Action, Content Size Out'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "a6ad885e52a29f5ad1f5ade099a7cbb0", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "fda6c2b24788890de038e2de06befce1", + "displayName": "Denied Connections by Source", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Source IP' as Source | timestats count by Source", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "fda6c2b24788890de038e2de06befce1", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "0e1f607aa7651f10493a670556c4a086", + "displayName": "Threat IPs", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "isOobSavedSearch": false, + "description": "Threat IPs", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 8, + "units": "HOURS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs', 'OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs', 'OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs', 'OCI WAF Logs', 'OCI Audit Logs') | timestats count('Threat IPs') by 'Log Source'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + } + }, + "internalKey": "0e1f607aa7651f10493a670556c4a086", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + } + ], + "parametersConfig": [ + { + "savedSearchId": "OOBSS-management-dashboard-filter-4a", + "displayName": "Log Group Compartment", + "width": 4, + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-4a", + "filterName": "log-analytics-loggroup-filter", + "vizFilterType": "lxLogGroupDashFilterType", + "defaultWidth": 3, + "minWidth": 3 + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-loggroup-filter", + "localStorageKey": "log-analytics-loggroup-filter" + }, + { + "savedSearchId": "OOBSS-management-dashboard-compartment-filter", + "displayName": "Compartment", + "width": 2, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": false, + "isActiveCompartment": "true" + }, + "name": "compartmentId", + "localStorageKey": "compartmentId" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-2a", + "displayName": "Entity", + "width": 6, + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-2a", + "filterName": "log-analytics-entity-filter", + "vizFilterType": "lxEntityDashFilterType", + "defaultWidth": 6, + "minWidth": 6 + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-entity-filter", + "localStorageKey": "log-analytics-entity-filter" + }, + { + "savedSearchId": "OOBSS-management-dashboard-region-filter", + "width": 6, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": true, + "selectionMode": "multiple" + }, + "name": "regionFilter", + "localStorageKey": "regionFilter" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-xlog", + "displayName": "Network Resource Name", + "width": 6, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": true, + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "logFieldName": "Entity", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "name": "log-analytics-log-field-filter", + "localStorageKey": "logField_Entity" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-xlog", + "displayName": "Source IP", + "width": 4, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": true, + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "logFieldName": "Source IP" + }, + "name": "log-analytics-log-field-filter3", + "localStorageKey": "logField_Source IP" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-xlog", + "displayName": "Destination IP", + "width": 4, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": true, + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "logFieldName": "Destination IP", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "name": "log-analytics-log-field-filter1", + "localStorageKey": "logField_Destination IP" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-xlog", + "displayName": "Destination Port", + "width": 4, + "state": "DEFAULT", + "parametersMap": { + "isStoreInLocalStorage": true, + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "logFieldName": "Destination Port", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "name": "log-analytics-log-field-filter2", + "localStorageKey": "logField_Destination Port" + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "src": "$(context.time)" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-3a", + "displayName": "Log Set", + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-3a", + "filterName": "log-analytics-logset-filter", + "vizFilterType": "lxLogSetDashFilterType", + "defaultWidth": 6, + "minWidth": 6, + "hidden": "$(window.logSetNotEnabled)" + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-logset-filter", + "localStorageKey": "log-analytics-logset-filter", + "uniqueId": "513d7ba3-270e-3807-d125-549045724e43" + } + ], + "featuresConfig": { + "crossService": { + "shared": false + }, + "serviceTypes": [ + "log-analytics", + "management-dashboard" + ], + "dependencies": [ + { + "libProviderId": "management-dashboard", + "version": "1.88.1" + } + ] + }, + "drilldownConfig": [], + "freeformTags": {}, + "definedTags": {} + } + ] +} \ No newline at end of file diff --git a/knowledge-content/MAP/security-fundamentals-dashboards/Network Security.json b/knowledge-content/MAP/security-fundamentals-dashboards/Network Security.json index f4bfe799..bc75c8dc 100644 --- a/knowledge-content/MAP/security-fundamentals-dashboards/Network Security.json +++ b/knowledge-content/MAP/security-fundamentals-dashboards/Network Security.json @@ -1,15 +1,15 @@ { "dashboards": [ { - "dashboardId": "a5c2bb6b93bd6aaece0f9a076936b241", + "dashboardId": "a3c360fec1104238bd04c6a20d7fd1d7", "providerId": "log-analytics", "providerName": "Logging Analytics", "providerVersion": "3.0.0", "tiles": [ { - "displayName": "Load Balancer", + "displayName": "Tab Widget Group 1", "savedSearchId": "OOBSS-management-dashboard-container", - "row": 10, + "row": 0, "column": 0, "height": 9, "width": 12, @@ -18,589 +18,296 @@ "internalKey": "OOBSS-management-dashboard-container", "vizType": "tileContainer", "containerInfo": { + "layout": { + "type": "tab" + }, "subTiles": [ { - "displayName": "Load Balancer Errors", - "savedSearchId": "7f62f9c8e7defd82b4235c3777ec4c73", - "row": 3, + "displayName": "Virtual Cloud Network", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 9, "column": 0, - "height": 6, - "width": 6, + "height": 9, + "width": 12, "nls": {}, - "uiConfig": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Total Network Traffic", + "savedSearchId": "f8c1e6be9183e5f5e05c274d0cb581ab", + "row": 0, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Network Ingress Traffic from Public", + "savedSearchId": "d8c839d237000d1e5af7697a8160c4fa", + "row": 0, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Threat IPs", + "savedSearchId": "d2112f4d03dbc73334daae1929fe9792", + "row": 3, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Network Egress Traffic to Public", + "savedSearchId": "6176718513109fa1d9161638904c87e6", + "row": 0, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Denied Connections by Source", + "savedSearchId": "b7b45d7e01c4ea8273c4290c13e50889", + "row": 3, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Denied Connections by Destination Port", + "savedSearchId": "6b3e85c34bf529ea6a7b249bd5415049", + "row": 3, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + }, + { + "displayName": "Virtual Cloud Network Flows Analysis", + "savedSearchId": "637ecacba93c5bd566847f4cf8f14d1b", + "row": 6, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + }, + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)" + }, + "description": null + } + ] + } + }, "dataConfig": [], "state": "DEFAULT", "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, + "parametersMap": {}, "description": null }, { - "displayName": "HTTP Response Code ", - "savedSearchId": "8b67c0682153628f21ab8f027c69406d", + "displayName": "Virtual Cloud Network - Network Changes", + "savedSearchId": "OOBSS-management-dashboard-container", "row": 0, "column": 0, - "height": 3, - "width": 3, + "height": 9, + "width": 12, "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "Security List Changes", + "savedSearchId": "e18e0ec23751d81ef88b363227d8b6a4", + "row": 0, + "column": 0, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + }, + { + "displayName": "Network Security Group Changes", + "savedSearchId": "52b316b39e8a83a85cab1b28c10233a8", + "row": 0, + "column": 6, + "height": 3, + "width": 6, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + }, + { + "displayName": "Network Changes Analysis", + "savedSearchId": "49989b5841016077afd5fddd2f4a1382", + "row": 3, + "column": 0, + "height": 9, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)" + }, + "description": null + } + ] } }, - "description": null - }, - { - "displayName": "HTTP Response 4XX and 5XX", - "savedSearchId": "d70f1e5eb925f39c402a4e313e5fdbad", - "row": 0, - "column": 3, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, "dataConfig": [], "state": "DEFAULT", "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, + "parametersMap": {}, "description": null }, { - "displayName": "Total Request by LB", - "savedSearchId": "409163fc98a3bf851839c440e8f966a1", + "displayName": "Load Balancer", + "savedSearchId": "OOBSS-management-dashboard-container", "row": 0, - "column": 7, - "height": 3, - "width": 5, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "DNS Host Access", - "savedSearchId": "78b3d077a4e0d8e9abb4db6b45b9746a", - "row": 3, - "column": 6, - "height": 6, - "width": 6, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - } - ] - } - }, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": {}, - "description": null - }, - { - "displayName": "Web Application Firewall", - "savedSearchId": "OOBSS-management-dashboard-container", - "row": 19, - "column": 0, - "height": 13, - "width": 12, - "nls": {}, - "uiConfig": { - "internalKey": "OOBSS-management-dashboard-container", - "vizType": "tileContainer", - "containerInfo": { - "subTiles": [ - { - "displayName": "WAF Statistics", - "savedSearchId": "a6ad885e52a29f5ad1f5ade099a7cbb0", - "row": 0, - "column": 0, - "height": 7, - "width": 12, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Top 10 Country Code - count", - "savedSearchId": "c761c329457c586aa7af9b9bd13490e5", - "row": 10, - "column": 0, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Top 10 URL", - "savedSearchId": "a5c18cf60909a2f42e6f8438ae8d0344", - "row": 10, - "column": 4, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Response Code", - "savedSearchId": "07c38686f917d98f4929013b25f4c157", - "row": 7, - "column": 8, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Top 10 Source IP diagram", - "savedSearchId": "7fb4b1eb8e0cabc3b98343876a7fcdec", - "row": 10, - "column": 8, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Backend Response Code", - "savedSearchId": "775e518fa3725bf80b3a048c0e352bcc", - "row": 7, - "column": 4, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - }, - { - "displayName": "WAF Action Count", - "savedSearchId": "5551612a4a1ac557d32335723a35b906", - "row": 7, - "column": 0, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Entity": "$(dashboard.params.log-analytics-log-field-filter)", - "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", - "Port": "$(dashboard.params.log-analytics-log-field-filter2)" - } - }, - "description": null - } - ] - } - }, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": {}, - "description": null - }, - { - "displayName": "Network Firewall", - "savedSearchId": "OOBSS-management-dashboard-container", - "row": 32, - "column": 0, - "height": 18, - "width": 12, - "nls": {}, - "uiConfig": { - "internalKey": "OOBSS-management-dashboard-container", - "vizType": "tileContainer", - "containerInfo": { - "subTiles": [ - { - "displayName": "Top 10 Denied Sources", - "savedSearchId": "9ebbc09391b5d0eae3654f3a46b392aa", - "row": 3, - "column": 0, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "time": "$(dashboard.params.time)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Top 10 Allowed Destination Ports", - "savedSearchId": "0cc4a572747189c70d310b56b581ec53", - "row": 0, - "column": 6, - "height": 3, - "width": 6, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Top 10 Denied Destination Ports", - "savedSearchId": "ad8cacb041fe7feda52138357cf2b564", - "row": 0, - "column": 0, - "height": 3, - "width": 6, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Top 10 Destination IPs", - "savedSearchId": "d9d16bb036946d34724d76e5d200eb10", - "row": 3, - "column": 8, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Top 10 Source IPs", - "savedSearchId": "cd4a2f2d883399f25776fe75787a5d9d", - "row": 3, - "column": 4, - "height": 3, - "width": 4, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Policy hit count by name", - "savedSearchId": "f50cf4dd203e75bc2f074a149693fc6d", - "row": 6, - "column": 0, - "height": 4, - "width": 12, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - }, - { - "displayName": "Threat Logs By Severity Threat Subtype", - "savedSearchId": "9c59330490fbd8728513603496e0f38c", - "row": 14, - "column": 0, - "height": 4, - "width": 12, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)", - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)" - } - }, - "description": null - }, - { - "displayName": "Network Firewall Flows Analysis", - "savedSearchId": "2d5224dd9d7f92a5e171d0949c76dc2b", - "row": 10, - "column": 0, - "height": 4, - "width": 12, - "nls": {}, - "uiConfig": {}, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": { - "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)", - "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" - } - }, - "description": null - } - ] - } - }, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": {}, - "description": null - }, - { - "displayName": "Tab Widget Group 1", - "savedSearchId": "OOBSS-management-dashboard-container", - "row": 0, - "column": 0, - "height": 10, - "width": 12, - "nls": {}, - "uiConfig": { - "internalKey": "OOBSS-management-dashboard-container", - "vizType": "tileContainer", - "containerInfo": { - "layout": { - "type": "tab" - }, - "subTiles": [ - { - "displayName": "Virtual Cloud Network", - "savedSearchId": "OOBSS-management-dashboard-container", - "row": 9, - "column": 0, - "height": 10, - "width": 12, + "column": 0, + "height": 9, + "width": 12, "nls": {}, "uiConfig": { "internalKey": "OOBSS-management-dashboard-container", @@ -608,12 +315,12 @@ "containerInfo": { "subTiles": [ { - "displayName": "Total Network Traffic", - "savedSearchId": "263f833ff1592f9bd12a8426d39eb101", + "displayName": "HTTP Response Code ", + "savedSearchId": "37f3d16042a87699770a88d479e2f54e", "row": 0, "column": 0, "height": 3, - "width": 4, + "width": 3, "nls": {}, "uiConfig": {}, "dataConfig": [], @@ -621,7 +328,7 @@ "drilldownConfig": [], "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { @@ -633,12 +340,12 @@ "description": null }, { - "displayName": "Network Ingress Traffic from Public", - "savedSearchId": "2dbfa3ca662c90e4136726adacfcaf1b", - "row": 0, - "column": 8, - "height": 3, - "width": 4, + "displayName": "Load Balancer Errors", + "savedSearchId": "8ab30d639a040ab381361514d8a812ec", + "row": 3, + "column": 0, + "height": 6, + "width": 6, "nls": {}, "uiConfig": {}, "dataConfig": [], @@ -646,7 +353,7 @@ "drilldownConfig": [], "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { @@ -658,10 +365,10 @@ "description": null }, { - "displayName": "Threat IPs", - "savedSearchId": "0e1f607aa7651f10493a670556c4a086", - "row": 3, - "column": 0, + "displayName": "HTTP Response 4XX and 5XX", + "savedSearchId": "fdcf367238fdf83cc193afca33e93860", + "row": 0, + "column": 3, "height": 3, "width": 4, "nls": {}, @@ -670,9 +377,9 @@ "state": "DEFAULT", "drilldownConfig": [], "parametersMap": { - "time": "$(dashboard.params.time)", "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", @@ -683,12 +390,12 @@ "description": null }, { - "displayName": "Network Egress Traffic to Public", - "savedSearchId": "fe65d72b75c7e672b11507538e4a900e", + "displayName": "Total Request by LB", + "savedSearchId": "8332eb34f1b9e0ef31c46593fc4dfa30", "row": 0, - "column": 4, + "column": 7, "height": 3, - "width": 4, + "width": 5, "nls": {}, "uiConfig": {}, "dataConfig": [], @@ -696,7 +403,7 @@ "drilldownConfig": [], "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { @@ -708,21 +415,22 @@ "description": null }, { - "displayName": "Denied Connections by Source", - "savedSearchId": "fda6c2b24788890de038e2de06befce1", + "displayName": "DNS Host Access", + "savedSearchId": "f5f27309165bce41b537abee43ce3ab4", "row": 3, - "column": 4, - "height": 3, - "width": 4, + "column": 6, + "height": 6, + "width": 6, "nls": {}, "uiConfig": {}, "dataConfig": [], "state": "DEFAULT", "drilldownConfig": [], "parametersMap": { - "time": "$(dashboard.params.time)", "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", @@ -731,11 +439,157 @@ } }, "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + }, + { + "displayName": "Web Application Firewall", + "savedSearchId": "OOBSS-management-dashboard-container", + "row": 0, + "column": 0, + "height": 9, + "width": 12, + "nls": {}, + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-container", + "vizType": "tileContainer", + "containerInfo": { + "subTiles": [ + { + "displayName": "WAF Statistics", + "savedSearchId": "d107f548cee5d7442914537fe0e35a2d", + "row": 0, + "column": 0, + "height": 7, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null }, { - "displayName": "Denied Connections by Destination Port", - "savedSearchId": "864a9e2650a81b05f1b4f429df5c0905", - "row": 3, + "displayName": "WAF Action Count", + "savedSearchId": "a5c748290418996c86e6743bd34b3712", + "row": 7, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Top 10 Country Code - count", + "savedSearchId": "27768afa53193d63e1e3bafd0b5cdc80", + "row": 10, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Backend Response Code", + "savedSearchId": "41cc7f68e41eb10939f95ab07fd3dc77", + "row": 7, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Top 10 URL", + "savedSearchId": "41e5991b371845a74233f857f7c822a7", + "row": 10, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" + } + }, + "description": null + }, + { + "displayName": "WAF Response Code", + "savedSearchId": "3305308194abf54dbfdbaa41a447623f", + "row": 7, "column": 8, "height": 3, "width": 4, @@ -750,20 +604,20 @@ "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" } }, "description": null }, { - "displayName": "Virtual Cloud Network Flows Analysis", - "savedSearchId": "180047b635ea81827871e75300ef2bae", - "row": 6, - "column": 0, - "height": 4, - "width": 12, + "displayName": "WAF Top 10 Source IP diagram", + "savedSearchId": "130797141cf96c0613e04bbf5ec0862f", + "row": 10, + "column": 8, + "height": 3, + "width": 4, "nls": {}, "uiConfig": {}, "dataConfig": [], @@ -775,9 +629,9 @@ "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", "log-analytics-region": "$(dashboard.params.regionFilter)", "flex": { - "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", - "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", - "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + "Entity": "$(dashboard.params.log-analytics-log-field-filter)", + "Host IP Address (Client)": "$(dashboard.params.log-analytics-log-field-filter3)", + "Port": "$(dashboard.params.log-analytics-log-field-filter2)" } }, "description": null @@ -792,11 +646,11 @@ "description": null }, { - "displayName": "Virtual Cloud Network - Network Changes", + "displayName": "Network Firewall", "savedSearchId": "OOBSS-management-dashboard-container", "row": 0, "column": 0, - "height": 10, + "height": 9, "width": 12, "nls": {}, "uiConfig": { @@ -805,8 +659,8 @@ "containerInfo": { "subTiles": [ { - "displayName": "Security List Changes", - "savedSearchId": "33e3d66763f2969d21be13b8ae4702c6", + "displayName": "Top 10 Denied Destination Ports", + "savedSearchId": "42749df954e0521bd87ce0bf8101abd3", "row": 0, "column": 0, "height": 3, @@ -818,15 +672,20 @@ "drilldownConfig": [], "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)" + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } }, "description": null }, { - "displayName": "Network Security Group Changes", - "savedSearchId": "a78b20c2de45872f8868ba666853fd30", + "displayName": "Top 10 Allowed Destination Ports", + "savedSearchId": "8ce828ef5afd1b68413eaf61a891e720", "row": 0, "column": 6, "height": 3, @@ -838,18 +697,73 @@ "drilldownConfig": [], "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", - "log-analytics-region": "$(dashboard.params.regionFilter)" + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } }, "description": null }, { - "displayName": "Network Changes Analysis", - "savedSearchId": "219a37c2f8e8b56bc96ffe285192c26a", + "displayName": "Top 10 Denied Sources", + "savedSearchId": "834b0a38397ceb7adc4d4f0ed03b8f71", "row": 3, "column": 0, - "height": 9, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Source IPs", + "savedSearchId": "21963e7dab8d746a80d5e831825203ad", + "row": 3, + "column": 4, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Policy hit count by name", + "savedSearchId": "fbc4cf75a3b6293fba6185b82e2d466f", + "row": 6, + "column": 0, + "height": 4, "width": 12, "nls": {}, "uiConfig": {}, @@ -857,38 +771,118 @@ "state": "DEFAULT", "drilldownConfig": [], "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + }, + { + "displayName": "Network Firewall Flows Analysis", + "savedSearchId": "080b436a9189e12688e584683a9550c4", + "row": 10, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", - "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", - "log-analytics-region": "$(dashboard.params.regionFilter)" + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } }, "description": null - } - ] - } - }, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": {}, - "description": null - } - ] - } - }, - "dataConfig": [], - "state": "DEFAULT", - "drilldownConfig": [], - "parametersMap": {}, - "description": null - } - ], - "displayName": "Network Security", - "description": "Network Security", - "compartmentId": "${compartment_ocid}", - "isOobDashboard": false, - "isShowInHome": false, - "metadataVersion": "2.0", + }, + { + "displayName": "Threat Logs By Severity Threat Subtype", + "savedSearchId": "9709ed19c087c0ee71a638316e370fc4", + "row": 14, + "column": 0, + "height": 4, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)", + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)" + } + }, + "description": null + }, + { + "displayName": "Top 10 Destination IPs", + "savedSearchId": "60764b0749352a3d15d480975bca616c", + "row": 3, + "column": 8, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-log-field-filter)", + "time": "$(dashboard.params.time)", + "log-analytics-region": "$(dashboard.params.regionFilter)", + "flex": { + "Destination IP": "$(dashboard.params.log-analytics-log-field-filter1)", + "Destination Port": "$(dashboard.params.log-analytics-log-field-filter2)", + "Source IP": "$(dashboard.params.log-analytics-log-field-filter3)" + } + }, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + } + ] + } + }, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": {}, + "description": null + } + ], + "displayName": "Network Security MultiTab_v2", + "description": "Network Security", + "compartmentId": "${compartment_ocid}", + "isOobDashboard": false, + "isShowInHome": false, + "metadataVersion": "2.0", "isShowDescription": true, "screenImage": "todo: provide value[mandatory]", "nls": {}, @@ -902,100 +896,264 @@ "isFavorite": false, "savedSearches": [ { - "id": "78b3d077a4e0d8e9abb4db6b45b9746a", - "displayName": "DNS Hostname", + "id": "130797141cf96c0613e04bbf5ec0862f", + "displayName": "WAF Top 10 Source IP diagram", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "For Load Balancer", + "description": "WAF Top 10 Source IP diagram", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l60min" + "timePeriod": "l14day" }, "showTitle": true, - "visualizationType": "link", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content", - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "ms": [ - "on" - ], - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Host IP Address (Client)' as 'Source IP' | stats count by 'Source IP' | top limit = 10 Count", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [ - "on" - ], - "showSummary": [], - "showAnalyzeTab": [ - "on" - ], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true }, - "linkSummaryInput": "", - "timeseries": {} + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "41cc7f68e41eb10939f95ab07fd3dc77", + "displayName": "WAF Backend Response Code", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "WAF Backend Response Code", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | where 'Host Name (Server)' != 'Load Balancer IP' | link 'Host Name (Server)', Listener, URI | fields -'Start Time', -'End Time'", + "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'Backend Status Code'", "scopeFilters": { "filters": [ { @@ -1010,11 +1168,16 @@ } ] }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" }, "values": [] }, @@ -1023,6 +1186,18 @@ "flags": {}, "values": [] }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, { "type": "Region", "flags": {}, @@ -1047,11 +1222,16 @@ } ] }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" }, "values": [] }, @@ -1060,6 +1240,18 @@ "flags": {}, "values": [] }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] + }, "Region": { "type": "Region", "flags": {}, @@ -1071,7 +1263,6 @@ ] } }, - "internalKey": "78b3d077a4e0d8e9abb4db6b45b9746a", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -1170,24 +1361,29 @@ "drilldownConfig": [] }, { - "id": "2dbfa3ca662c90e4136726adacfcaf1b", - "displayName": "Network Ingress Traffic from Public", + "id": "fdcf367238fdf83cc193afca33e93860", + "displayName": "HTTP Response 4XX and 5XX", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Network Ingress Traffic from Public", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l60min" + "timePeriod": "l7day" }, "showTitle": true, - "visualizationType": "line", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Source IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') and Status like '4%' or Status like '5%' | timestats count as 'HTTP Response' by Status | sort -'HTTP Response'", "scopeFilters": { "filters": [ { @@ -1197,21 +1393,16 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -1220,30 +1411,13 @@ "flags": {}, "values": [] }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" - } - ] - }, - { - "type": "LogFields", - "flags": {}, - "values": [] - }, { "type": "Region", "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } @@ -1256,21 +1430,16 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -1279,30 +1448,13 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" - } - ] - }, - "LogFields": { - "type": "LogFields", - "flags": {}, - "values": [] - }, "Region": { "type": "Region", "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } @@ -1373,6 +1525,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -1393,29 +1548,31 @@ "drilldownConfig": [] }, { - "id": "8b67c0682153628f21ab8f027c69406d", - "displayName": "HTTP Response Code ", + "id": "3305308194abf54dbfdbaa41a447623f", + "displayName": "WAF Response Code", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "WAF Response Code", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l7day" + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" }, "showTitle": true, - "visualizationType": "pie", + "visualizationType": "records_histogram", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | stats count as 'HTTP Response' by Status | sort -'HTTP Response'", + "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'WAF Status Code'", "scopeFilters": { "filters": [ { @@ -1430,11 +1587,16 @@ } ] }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" }, "values": [] }, @@ -1443,6 +1605,18 @@ "flags": {}, "values": [] }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, { "type": "Region", "flags": {}, @@ -1452,6 +1626,11 @@ "label": "US Midwest (Chicago)" } ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] } ], "isGlobal": false, @@ -1467,11 +1646,16 @@ } ] }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" }, "values": [] }, @@ -1480,6 +1664,18 @@ "flags": {}, "values": [] }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, "Region": { "type": "Region", "flags": {}, @@ -1489,6 +1685,11 @@ "label": "US Midwest (Chicago)" } ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] } }, "vizType": "lxSavedSearchWidgetType", @@ -1510,7 +1711,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -1524,7 +1728,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -1539,7 +1746,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -1580,26 +1790,29 @@ "drilldownConfig": [] }, { - "id": "c761c329457c586aa7af9b9bd13490e5", - "displayName": "WAF Top 10 Country Code - count", + "id": "b7b45d7e01c4ea8273c4290c13e50889", + "displayName": "Denied Connections by Source", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "WAF Top 10 Country Code - table format", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "numUnits": 60, - "units": "WEEKS", - "timePeriod": "relative" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "pie", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Client Host Country Code' as 'Country Code' | stats count by 'Country Code' | top limit = 10 Count", + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Source IP' as Source | timestats count by Source", "scopeFilters": { "filters": [ { @@ -1614,16 +1827,11 @@ } ] }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -1632,18 +1840,6 @@ "flags": {}, "values": [] }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] - }, { "type": "Region", "flags": {}, @@ -1653,11 +1849,6 @@ "label": "US Midwest (Chicago)" } ] - }, - { - "type": "LogFields", - "flags": {}, - "values": [] } ], "isGlobal": false, @@ -1668,21 +1859,16 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" - } - ] - }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" + } + ] }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -1691,18 +1877,6 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] - }, "Region": { "type": "Region", "flags": {}, @@ -1712,13 +1886,9 @@ "label": "US Midwest (Chicago)" } ] - }, - "LogFields": { - "type": "LogFields", - "flags": {}, - "values": [] } }, + "internalKey": "fda6c2b24788890de038e2de06befce1", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -1738,10 +1908,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -1755,10 +1922,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -1773,10 +1937,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -1794,9 +1955,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -1817,24 +1975,172 @@ "drilldownConfig": [] }, { - "id": "fe65d72b75c7e672b11507538e4a900e", - "displayName": "Network Egress Traffic to Public", + "id": "9709ed19c087c0ee71a638316e370fc4", + "displayName": "ThreatLogsByThreatSubtypeDevice", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Network Egress Traffic to Public", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l14day" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "line", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Destination IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + }, + "LINK_CLASSIFY_SETTINGS": { + "Threat Analysis": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 1, + "colorColumn": 8, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "risk_level", + "7": "subtype", + "8": "ticket_status" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {}, + "8": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + } + } + }, + "queryString": "'Log Source' = 'OCI Network Firewall Threat Logs' | link Severity, Threat, 'Protocol (Transport)', Subtype | stats unique(Entity) as Firewall, unique('Threat Category') as 'Threat Category', unique(Action) as Action | eval score = if(Severity = critical, 10, Severity = high, 8, Severity = medium, 5, Severity = low, 2, Severity = informational, 1, 0) | sort -score, -Count | fields -'Start Time', -'End Time', -score | classify topcount = 300 correlate = -*, Action, 'Threat Category' Severity, Subtype, Threat as 'Threat Analysis'", "scopeFilters": { "filters": [ { @@ -1869,6 +2175,10 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -1906,10 +2216,15 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } }, + "internalKey": "9c59330490fbd8728513603496e0f38c", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -2008,29 +2323,29 @@ "drilldownConfig": [] }, { - "id": "9ebbc09391b5d0eae3654f3a46b392aa", - "displayName": "Top 10 Denied Sources", + "id": "52b316b39e8a83a85cab1b28c10233a8", + "displayName": "Network Security Group Changes", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "Network Security Group Changes", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l8hr" + "timePeriod": "l14day" }, "showTitle": true, - "visualizationType": "pie", + "visualizationType": "table_histogram", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (deny, drop, 'reset-both', 'drop-icmp') | stats count as 'Denied Connections' by 'Source IP' | top 'Denied Connections'", + "queryString": "Type like '%networksecuritygroup%' and Method != get | timestats count", "scopeFilters": { "filters": [ { @@ -2040,16 +2355,21 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -2058,13 +2378,30 @@ "flags": {}, "values": [] }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + }, { "type": "Region", "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -2076,17 +2413,22 @@ "IncludeSubCompartments": true }, "values": [ - { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -2095,18 +2437,34 @@ "flags": {}, "values": [] }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + }, "Region": { "type": "Region", "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } }, - "internalKey": "9ebbc09391b5d0eae3654f3a46b392aa", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -2193,14 +2551,14 @@ "drilldownConfig": [] }, { - "id": "263f833ff1592f9bd12a8426d39eb101", - "displayName": "Total Network Traffic", + "id": "f5f27309165bce41b537abee43ce3ab4", + "displayName": "DNS Hostname", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Total Network Traffic", + "description": "For Load Balancer", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -2208,9 +2566,85 @@ "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "line", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "ms": [ + "on" + ], + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | where 'Host Name (Server)' != 'Load Balancer IP' | link 'Host Name (Server)', Listener, URI | fields -'Start Time', -'End Time'", "scopeFilters": { "filters": [ { @@ -2220,8 +2654,8 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, @@ -2229,7 +2663,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -2243,8 +2677,8 @@ "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } @@ -2257,8 +2691,8 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, @@ -2266,7 +2700,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -2280,12 +2714,13 @@ "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } }, + "internalKey": "78b3d077a4e0d8e9abb4db6b45b9746a", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -2305,7 +2740,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -2319,7 +2757,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -2334,7 +2775,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -2352,6 +2796,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -2372,102 +2819,24 @@ "drilldownConfig": [] }, { - "id": "219a37c2f8e8b56bc96ffe285192c26a", - "displayName": "Network Changes Analysis", + "id": "a5c748290418996c86e6743bd34b3712", + "displayName": "WAF Action Count", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Network Changes Analysis - SFD", + "description": "WAF Action Count", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "numUnits": 60, - "units": "WEEKS", - "timePeriod": "relative" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "link", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content", - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true, - "g_startepoch": true, - "g_endepoch": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "hideYAxis": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [ - "on" - ], - "showSummary": [], - "showAnalyzeTab": [], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {} - } - } - }, - "queryString": "'Log Source' = 'OCI Audit Logs' and Type like '%virtualnetwork%' and Method in (post, put, delete) | link Event, Method, 'Event Source', 'User Name' | stats unique(Path) as Path | fields -'Start Time', -'End Time'", + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | stats count by Action", "scopeFilters": { "filters": [ { @@ -2502,10 +2871,6 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" - }, - { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" } ] } @@ -2543,15 +2908,10 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" - }, - { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" } ] } }, - "internalKey": "219a37c2f8e8b56bc96ffe285192c26a", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -2650,29 +3010,31 @@ "drilldownConfig": [] }, { - "id": "cd4a2f2d883399f25776fe75787a5d9d", - "displayName": "Top 10 Source IPs", + "id": "e18e0ec23751d81ef88b363227d8b6a4", + "displayName": "Security List Changes", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Top 10 Source IPs - Network Firewall", + "description": "Security List Changes", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l60min" + "numUnits": 7, + "units": "DAYS", + "timePeriod": "relative" }, "showTitle": true, - "visualizationType": "pie", + "visualizationType": "table_histogram", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Source IP' | top Count", + "queryString": "Type like '%virtualnetwork%securitylist%' and Method != get | timestats count", "scopeFilters": { "filters": [ { @@ -2682,8 +3044,8 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, @@ -2691,7 +3053,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -2705,8 +3067,8 @@ "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -2719,8 +3081,8 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, @@ -2728,7 +3090,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -2742,12 +3104,13 @@ "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } }, + "internalKey": "7c24ee80875c75895a43ff85b6e2fa69", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -2767,10 +3130,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -2784,10 +3144,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -2802,10 +3159,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -2823,9 +3177,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -2846,183 +3197,26 @@ "drilldownConfig": [] }, { - "id": "7f62f9c8e7defd82b4235c3777ec4c73", - "displayName": "SFD_LB_analysis", + "id": "27768afa53193d63e1e3bafd0b5cdc80", + "displayName": "WAF Top 10 Country Code - count", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "WAF Top 10 Country Code - table format", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l7day" + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" }, "showTitle": true, - "visualizationType": "link", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content", - "LINK_CLASSIFY_SETTINGS": { - "Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time": { - "drilldown": "on", - "chartType": "bubble", - "showDimensions": [ - "on" - ], - "chartHeight": 150, - "swapXY": [ - "off" - ], - "showAnomaly": [ - "on" - ], - "showBaseline": [ - "off" - ], - "groupAlias": "Groups", - "groupAliasS": "Group", - "sizeColumn": 8, - "colorColumn": 10, - "descendingXAxis": [ - null - ], - "descendingYAxis": [ - null - ], - "zeroXAxis": [ - "on" - ], - "zeroYAxis": [ - "on" - ], - "classifyDrilldown": [ - "off" - ], - "classifyColorPalette": { - "1": "default", - "6": "func8_unique_srvrhostname", - "7": "mtag", - "8": "default", - "9": "default", - "10": "default", - "11": "default" - }, - "classifyColorPaletteCustom": { - "6": {}, - "7": {} - }, - "classifyFilters": { - "selectAllFilters": [ - "on" - ], - "showClassifyFilters": [], - "selectedClassifyFilters": [ - 6, - 7, - 8, - 9, - 10, - 11 - ], - "classifyNarrowResults": [ - "on" - ] - }, - "chartNumber": 0, - "selectedItems": [] - } - }, - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": true, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [ - "on" - ], - "showSummary": [ - "on" - ], - "showAnalyzeTab": [], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {}, - "showUnitRawData": [], - "showNonUnitRawData": [ - "off" - ], - "ms": [ - "on" - ], - "mergeHighlightColumns": [ - "off" - ], - "groupAdditionalTables": [ - "on" - ], - "hideYAxis": [ - "off" - ] - } - } - }, - "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | link Label, 'Problem Priority' | stats unique(Destination) as Destination, avg('Content Size In') as 'Content Size In', avg('Content Size Out') as 'Content Size Out', avg('Backend Connect Time') as 'Backend Connect Time', avg('Backend Processing Time') as 'Backend Processing Time', unique('Originating IP Address') as 'Originating IP Address', unique('Error Text') as 'Error Text', unique('Host Name (Server)') as 'Host Name (Server)' | classify topcount = 300 correlate = -*, 'Originating IP Address', 'Error Text' 'Host Name (Server)', Label, 'Content Size In', 'Content Size Out', 'Backend Connect Time', 'Backend Processing Time' as 'Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time' | fields -'Start Time', -'End Time', -'Originating IP Address', -'Error Text'", + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Client Host Country Code' as 'Country Code' | stats count by 'Country Code' | top limit = 10 Count", "scopeFilters": { "filters": [ { @@ -3037,11 +3231,16 @@ } ] }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" }, "values": [] }, @@ -3050,6 +3249,18 @@ "flags": {}, "values": [] }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, { "type": "Region", "flags": {}, @@ -3059,6 +3270,11 @@ "label": "US Midwest (Chicago)" } ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] } ], "isGlobal": false, @@ -3074,11 +3290,16 @@ } ] }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" }, "values": [] }, @@ -3087,6 +3308,18 @@ "flags": {}, "values": [] }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "696668181549785d939d2ccee5ab1f5d", + "label": "Sandbox" + } + ] + }, "Region": { "type": "Region", "flags": {}, @@ -3096,9 +3329,13 @@ "label": "US Midwest (Chicago)" } ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] } }, - "internalKey": "7f62f9c8e7defd82b4235c3777ec4c73", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -3118,7 +3355,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -3132,7 +3372,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -3147,7 +3390,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -3188,98 +3434,24 @@ "drilldownConfig": [] }, { - "id": "0cc4a572747189c70d310b56b581ec53", - "displayName": "Top 10 Allowed Destination Ports", + "id": "6176718513109fa1d9161638904c87e6", + "displayName": "Network Egress Traffic to Public", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Top 10 Allowed Destination Ports - Network Firewall", + "description": "Network Egress Traffic to Public", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "startTimeUtc": "2024-10-01T15:07:32.000Z", - "endTimeUtc": "2024-10-10T16:07:32.000Z", - "timePeriod": "cust" + "timePeriod": "l14day" }, "showTitle": true, - "visualizationType": "link", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content", - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "hideYAxis": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [], - "showSummary": [], - "showAnalyzeTab": [], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {} - } - } - }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (allow, alert) | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Destination IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", "scopeFilters": { "filters": [ { @@ -3355,7 +3527,6 @@ ] } }, - "internalKey": "0cc4a572747189c70d310b56b581ec53", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -3454,29 +3625,24 @@ "drilldownConfig": [] }, { - "id": "d70f1e5eb925f39c402a4e313e5fdbad", - "displayName": "HTTP Response 4XX and 5XX", + "id": "f8c1e6be9183e5f5e05c274d0cb581ab", + "displayName": "Total Network Traffic", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "Total Network Traffic", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l7day" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "records_histogram", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" - } - }, - "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') and Status like '4%' or Status like '5%' | timestats count as 'HTTP Response' by Status | sort -'HTTP Response'", + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", "scopeFilters": { "filters": [ { @@ -3486,8 +3652,8 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, @@ -3495,7 +3661,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -3509,8 +3675,8 @@ "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -3523,8 +3689,8 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, @@ -3532,7 +3698,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -3546,8 +3712,8 @@ "flags": {}, "values": [ { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -3618,9 +3784,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -3641,29 +3804,98 @@ "drilldownConfig": [] }, { - "id": "864a9e2650a81b05f1b4f429df5c0905", - "displayName": "Denied Connections by Destination Port", + "id": "8ce828ef5afd1b68413eaf61a891e720", + "displayName": "Top 10 Allowed Destination Ports", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "Top 10 Allowed Destination Ports - Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l60min" + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" }, "showTitle": true, - "visualizationType": "records_histogram", + "visualizationType": "link", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } } }, - "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Destination Port' as Port | timestats count by Port", + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (allow, alert) | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", "scopeFilters": { "filters": [ { @@ -3739,7 +3971,7 @@ ] } }, - "internalKey": "864a9e2650a81b05f1b4f429df5c0905", + "internalKey": "0cc4a572747189c70d310b56b581ec53", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -3759,7 +3991,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -3773,7 +4008,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -3788,7 +4026,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -3806,6 +4047,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -3826,21 +4070,19 @@ "drilldownConfig": [] }, { - "id": "ad8cacb041fe7feda52138357cf2b564", - "displayName": "Top 10 Denied Destination Ports", + "id": "8ab30d639a040ab381361514d8a812ec", + "displayName": "SFD_LB_analysis", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Top 10 Denied Destination Ports - Network Firewall", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "startTimeUtc": "2024-10-01T15:07:32.000Z", - "endTimeUtc": "2024-10-10T16:07:32.000Z", - "timePeriod": "cust" + "timePeriod": "l7day" }, "showTitle": true, "visualizationType": "link", @@ -3848,24 +4090,81 @@ "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content", + "LINK_CLASSIFY_SETTINGS": { + "Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 150, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 10, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "func8_unique_srvrhostname", + "7": "mtag", + "8": "default", + "9": "default", + "10": "default", + "11": "default" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10, + 11 + ], + "classifyNarrowResults": [ + "on" + ] + }, + "chartNumber": 0, + "selectedItems": [] + } + }, "LINK_SEARCH_SETTINGS": { "groupAliasS": "Group", "groupAliasP": "Groups", "logAliasP": "Log Records", - "showUnitRawData": [], - "showNonUnitRawData": [ - "off" - ], - "ms": [ - "on" - ], "selectedTableField": null, - "mergeHighlightColumns": [ - "off" - ], - "groupAdditionalTables": [ - "on" - ], "columnAliases": {}, "hiddenCharts": { "groupColumn": true @@ -3873,7 +4172,7 @@ "hiddenLinkWidgets": { "linkwidgetOption_HeaderId": false, "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_AnalyzeId": true, "linkwidgetOption_TSChartId": false, "linkwidgetOption_HistogramId": true, "linkwidgetOption_TableId": false, @@ -3884,9 +4183,7 @@ "query_start_time": true, "query_end_time": true, "trend_interval": true, - "trend_interval_unit": true, - "g_startepoch": true, - "g_endepoch": true + "trend_interval_unit": true }, "highlightColumnStatus": {}, "hiddenClassifyCharts": {}, @@ -3900,9 +4197,6 @@ "smartGroup": [ "off" ], - "hideYAxis": [ - "off" - ], "styleDefaults": { "lineType": "curved", "markerDisplayed": "on" @@ -3915,8 +4209,12 @@ "on" ], "dashboardWidgetOptions": { - "showTabs": [], - "showSummary": [], + "showTabs": [ + "on" + ], + "showSummary": [ + "on" + ], "showAnalyzeTab": [], "showTSCharts": [], "showChartsTab": [], @@ -3928,11 +4226,27 @@ ] }, "linkSummaryInput": "", - "timeseries": {} + "timeseries": {}, + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "hideYAxis": [ + "off" + ] } } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action like 'drop%' or Action = 'reset-both' | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | link Label, 'Problem Priority' | stats unique(Destination) as Destination, avg('Content Size In') as 'Content Size In', avg('Content Size Out') as 'Content Size Out', avg('Backend Connect Time') as 'Backend Connect Time', avg('Backend Processing Time') as 'Backend Processing Time', unique('Originating IP Address') as 'Originating IP Address', unique('Error Text') as 'Error Text', unique('Host Name (Server)') as 'Host Name (Server)' | classify topcount = 300 correlate = -*, 'Originating IP Address', 'Error Text' 'Host Name (Server)', Label, 'Content Size In', 'Content Size Out', 'Backend Connect Time', 'Backend Processing Time' as 'Label, Destination, Content Size In, Content Size Out, Backend Connect Time, Backend Processing Time' | fields -'Start Time', -'End Time', -'Originating IP Address', -'Error Text'", "scopeFilters": { "filters": [ { @@ -4008,7 +4322,7 @@ ] } }, - "internalKey": "ad8cacb041fe7feda52138357cf2b564", + "internalKey": "7f62f9c8e7defd82b4235c3777ec4c73", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -4028,10 +4342,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4045,10 +4356,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4063,10 +4371,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4107,29 +4412,29 @@ "drilldownConfig": [] }, { - "id": "d9d16bb036946d34724d76e5d200eb10", - "displayName": "Top 10 Destination IPs", + "id": "8332eb34f1b9e0ef31c46593fc4dfa30", + "displayName": "Total Request by LB", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Top 10 Destination IPs - Network Firewall", + "description": "For Load Balancer", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l60min" + "timePeriod": "l7day" }, "showTitle": true, - "visualizationType": "pie", + "visualizationType": "records_histogram", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Destination IP' | top Count", + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | timestats count as 'Total Request by LB' by 'OCI Resource Name' | sort -'Total Request by LB'", "scopeFilters": { "filters": [ { @@ -4205,7 +4510,6 @@ ] } }, - "internalKey": "d9d16bb036946d34724d76e5d200eb10", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -4225,10 +4529,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4242,10 +4543,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4260,10 +4558,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4304,97 +4599,29 @@ "drilldownConfig": [] }, { - "id": "f50cf4dd203e75bc2f074a149693fc6d", - "displayName": "Policy hit count by name", + "id": "37f3d16042a87699770a88d479e2f54e", + "displayName": "HTTP Response Code ", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Policy hit count by name- Network Firewall", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l14day" + "timePeriod": "l7day" }, "showTitle": true, - "visualizationType": "link", + "visualizationType": "pie", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content", - "LINK_CLASSIFY_SETTINGS": {}, - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "hideYAxis": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [], - "showSummary": [], - "showAnalyzeTab": [], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {} - } + "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link Rule, Action, Entity | rename Entity as Firewall | stats avg('Packets In') as 'Packets In', latest(Time) as Latest_Hit", + "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | stats count as 'HTTP Response' by Status | sort -'HTTP Response'", "scopeFilters": { "filters": [ { @@ -4470,7 +4697,6 @@ ] } }, - "internalKey": "f50cf4dd203e75bc2f074a149693fc6d", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -4490,10 +4716,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4507,10 +4730,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4525,10 +4745,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -4569,14 +4786,14 @@ "drilldownConfig": [] }, { - "id": "07c38686f917d98f4929013b25f4c157", - "displayName": "WAF Response Code", + "id": "41e5991b371845a74233f857f7c822a7", + "displayName": "WAF Top 10 URL", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "WAF Response Code", + "description": "WAF Top 10 URL", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -4586,14 +4803,9 @@ "timePeriod": "relative" }, "showTitle": true, - "visualizationType": "records_histogram", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" - } - }, - "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'WAF Status Code'", + "visualizationType": "pie", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI WAF Logs' | rename URI as 'Request URL' | stats count by 'Request URL' | top limit = 10 Count", "scopeFilters": { "filters": [ { @@ -4811,14 +5023,14 @@ "drilldownConfig": [] }, { - "id": "180047b635ea81827871e75300ef2bae", - "displayName": "Virtual Cloud Network Flows Analysis", + "id": "080b436a9189e12688e584683a9550c4", + "displayName": "Network Firewall Flows Analysis", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Virtual Cloud Network Flows Analysis - VCN", + "description": "Network Firewall Flows Analysis - Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -4978,7 +5190,7 @@ } } }, - "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Entity) as Firewall, unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", "scopeFilters": { "filters": [ { @@ -5013,228 +5225,10 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" - }, - { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" - } - ] - } - ], - "isGlobal": false, - "LogGroup": { - "type": "LogGroup", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" - } - ] - }, - "Entity": { - "type": "Entity", - "flags": { - "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" - }, - "values": [] - }, - "LogSet": { - "type": "LogSet", - "flags": {}, - "values": [] - }, - "Region": { - "type": "Region", - "flags": {}, - "values": [ - { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" - }, - { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" - } - ] - } - }, - "internalKey": "180047b635ea81827871e75300ef2bae", - "vizType": "lxSavedSearchWidgetType", - "enableWidgetInApp": true - }, - "dataConfig": [], - "screenImage": " ", - "metadataVersion": "2.0", - "widgetTemplate": "visualizations/chartWidgetTemplate.html", - "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", - "freeformTags": {}, - "definedTags": {}, - "parametersConfig": [ - { - "name": "log-analytics-log-group-compartment", - "displayName": "Log Group Compartment", - "required": true, - "defaultFilterIds": [ - "OOBSS-management-dashboard-filter-4a" - ], - "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } - }, - "valueFormat": { - "type": "object" - } - }, - { - "name": "log-analytics-entity", - "displayName": "Entity", - "required": true, - "defaultFilterIds": [ - "OOBSS-management-dashboard-filter-2a" - ], - "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } - }, - "valueFormat": { - "type": "object" - } - }, - { - "name": "log-analytics-log-set", - "displayName": "Log Set", - "required": true, - "hidden": "$(window.logSetNotEnabled)", - "defaultFilterIds": [ - "OOBSS-management-dashboard-filter-3a" - ], - "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } - }, - "valueFormat": { - "type": "object" - } - }, - { - "name": "log-analytics-region", - "displayName": "Region", - "required": false, - "defaultFilterIds": [ - "OOBSS-management-dashboard-region-filter" - ], - "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-region-filter" - } - }, - "valueFormat": { - "type": "array" - } - }, - { - "name": "time", - "displayName": "$(bundle.globalSavedSearch.TIME)", - "required": true, - "hidden": true - }, - { - "name": "flex" - } - ], - "featuresConfig": { - "crossService": { - "shared": true - } - }, - "drilldownConfig": [] - }, - { - "id": "775e518fa3725bf80b3a048c0e352bcc", - "displayName": "WAF Backend Response Code", - "providerId": "log-analytics", - "providerVersion": "3.0.0", - "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", - "isOobSavedSearch": false, - "description": "WAF Backend Response Code", - "nls": {}, - "type": "WIDGET_SHOW_IN_DASHBOARD", - "uiConfig": { - "timeSelection": { - "timePeriod": "l14day" - }, - "showTitle": true, - "visualizationType": "records_histogram", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" - } - }, - "queryString": "'Log Source' = 'OCI WAF Logs' | timestats count by 'Backend Status Code'", - "scopeFilters": { - "filters": [ - { - "type": "LogGroup", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" - } - ] - }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, - { - "type": "Entity", - "flags": { - "IncludeDependents": true, - "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" - }, - "values": [] - }, - { - "type": "LogSet", - "flags": {}, - "values": [] - }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" - } - ] - }, - { - "type": "Region", - "flags": {}, - "values": [ - { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -5252,16 +5246,11 @@ } ] }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "2507e19d927d458a0cafe461cd07c5ae" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -5270,18 +5259,6 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" - } - ] - }, "Region": { "type": "Region", "flags": {}, @@ -5289,10 +5266,15 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } }, + "internalKey": "2d5224dd9d7f92a5e171d0949c76dc2b", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -5391,14 +5373,14 @@ "drilldownConfig": [] }, { - "id": "9c59330490fbd8728513603496e0f38c", - "displayName": "ThreatLogsByThreatSubtypeDevice", + "id": "d8c839d237000d1e5af7697a8160c4fa", + "displayName": "Network Ingress Traffic from Public", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "Network Ingress Traffic from Public", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -5406,157 +5388,9 @@ "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "link", - "visualizationOptions": { - "customVizOpt": { - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "showUnitRawData": [], - "showNonUnitRawData": [ - "off" - ], - "ms": [ - "on" - ], - "selectedTableField": null, - "mergeHighlightColumns": [ - "off" - ], - "groupAdditionalTables": [ - "on" - ], - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "hideYAxis": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [ - "on" - ], - "showSummary": [], - "showAnalyzeTab": [], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {} - }, - "LINK_CLASSIFY_SETTINGS": { - "Threat Analysis": { - "drilldown": "on", - "chartType": "bubble", - "showDimensions": [ - "on" - ], - "chartHeight": 200, - "swapXY": [ - "off" - ], - "showAnomaly": [ - "on" - ], - "showBaseline": [ - "off" - ], - "groupAlias": "Groups", - "groupAliasS": "Group", - "sizeColumn": 1, - "colorColumn": 8, - "descendingXAxis": [ - null - ], - "descendingYAxis": [ - null - ], - "zeroXAxis": [ - "on" - ], - "zeroYAxis": [ - "on" - ], - "classifyDrilldown": [ - "off" - ], - "classifyColorPalette": { - "1": "default", - "6": "risk_level", - "7": "subtype", - "8": "ticket_status" - }, - "classifyColorPaletteCustom": { - "6": {}, - "7": {}, - "8": {} - }, - "classifyFilters": { - "selectAllFilters": [ - "on" - ], - "showClassifyFilters": [], - "selectedClassifyFilters": [ - 6, - 7, - 8 - ], - "classifyNarrowResults": [ - "on" - ] - } - } - } - } - }, - "queryString": "'Log Source' = 'OCI Network Firewall Threat Logs' | link Severity, Threat, 'Protocol (Transport)', Subtype | stats unique(Entity) as Firewall, unique('Threat Category') as 'Threat Category', unique(Action) as Action | eval score = if(Severity = critical, 10, Severity = high, 8, Severity = medium, 5, Severity = low, 2, Severity = informational, 1, 0) | sort -score, -Count | fields -'Start Time', -'End Time', -score | classify topcount = 300 correlate = -*, Action, 'Threat Category' Severity, Subtype, Threat as 'Threat Analysis'", + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'OCI VCN Flow Unified Schema Logs' | where 'Source IP' = 'Public IP' | eval vol = 'Content Size Out' / 1024 | timestats span = 5minute sum(vol) as 'Volume (KB)'", "scopeFilters": { "filters": [ { @@ -5566,16 +5400,21 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, + { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -5584,14 +5423,27 @@ "flags": {}, "values": [] }, + { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "LogFields", + "flags": {}, + "values": [] + }, { "type": "Region", "flags": {}, "values": [ - { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" - }, { "value": "us-ashburn-1", "label": "US East (Ashburn)" @@ -5607,16 +5459,21 @@ }, "values": [ { - "value": "2507e19d927d458a0cafe461cd07c5ae", - "label": "ociateam (root)" + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" } ] }, + "MetricCompartment": { + "type": "MetricCompartment", + "flags": {}, + "values": [] + }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" }, "values": [] }, @@ -5625,14 +5482,27 @@ "flags": {}, "values": [] }, + "ResourceCompartment": { + "type": "ResourceCompartment", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "LogFields": { + "type": "LogFields", + "flags": {}, + "values": [] + }, "Region": { "type": "Region", "flags": {}, "values": [ - { - "value": "us-chicago-1", - "label": "US Midwest (Chicago)" - }, { "value": "us-ashburn-1", "label": "US East (Ashburn)" @@ -5640,7 +5510,6 @@ ] } }, - "internalKey": "9c59330490fbd8728513603496e0f38c", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -5659,11 +5528,8 @@ "defaultFilterIds": [ "OOBSS-management-dashboard-filter-4a" ], - "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "editUi": { + "inputType": "none" }, "valueFormat": { "type": "object" @@ -5677,10 +5543,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -5695,10 +5558,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -5716,9 +5576,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -5739,14 +5596,14 @@ "drilldownConfig": [] }, { - "id": "5551612a4a1ac557d32335723a35b906", - "displayName": "WAF Action Count", + "id": "21963e7dab8d746a80d5e831825203ad", + "displayName": "Top 10 Source IPs", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "WAF Action Count", + "description": "Top 10 Source IPs - Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -5755,8 +5612,13 @@ }, "showTitle": true, "visualizationType": "pie", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI WAF Logs' | stats count by Action", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Source IP' | top Count", "scopeFilters": { "filters": [ { @@ -5930,31 +5792,29 @@ "drilldownConfig": [] }, { - "id": "33e3d66763f2969d21be13b8ae4702c6", - "displayName": "Security List Changes", + "id": "834b0a38397ceb7adc4d4f0ed03b8f71", + "displayName": "Top 10 Denied Sources", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Security List Changes", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "numUnits": 7, - "units": "DAYS", - "timePeriod": "relative" + "timePeriod": "l8hr" }, "showTitle": true, - "visualizationType": "table_histogram", + "visualizationType": "pie", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", "primaryFieldDname": "Original Log Content" } }, - "queryString": "Type like '%virtualnetwork%securitylist%' and Method != get | timestats count", + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action in (deny, drop, 'reset-both', 'drop-icmp') | stats count as 'Denied Connections' by 'Source IP' | top 'Denied Connections'", "scopeFilters": { "filters": [ { @@ -5964,8 +5824,8 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, @@ -5973,7 +5833,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -5987,8 +5847,8 @@ "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } @@ -6001,8 +5861,8 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, @@ -6010,7 +5870,7 @@ "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6024,13 +5884,13 @@ "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } }, - "internalKey": "7c24ee80875c75895a43ff85b6e2fa69", + "internalKey": "9ebbc09391b5d0eae3654f3a46b392aa", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -6117,26 +5977,29 @@ "drilldownConfig": [] }, { - "id": "a5c18cf60909a2f42e6f8438ae8d0344", - "displayName": "WAF Top 10 URL", + "id": "6b3e85c34bf529ea6a7b249bd5415049", + "displayName": "Denied Connections by Destination Port", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "WAF Top 10 URL", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "numUnits": 60, - "units": "WEEKS", - "timePeriod": "relative" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "pie", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI WAF Logs' | rename URI as 'Request URL' | stats count by 'Request URL' | top limit = 10 Count", + "visualizationType": "records_histogram", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" + } + }, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Destination Port' as Port | timestats count by Port", "scopeFilters": { "filters": [ { @@ -6151,16 +6014,11 @@ } ] }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6169,18 +6027,6 @@ "flags": {}, "values": [] }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] - }, { "type": "Region", "flags": {}, @@ -6190,11 +6036,6 @@ "label": "US Midwest (Chicago)" } ] - }, - { - "type": "LogFields", - "flags": {}, - "values": [] } ], "isGlobal": false, @@ -6210,16 +6051,11 @@ } ] }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6228,18 +6064,6 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] - }, "Region": { "type": "Region", "flags": {}, @@ -6249,13 +6073,9 @@ "label": "US Midwest (Chicago)" } ] - }, - "LogFields": { - "type": "LogFields", - "flags": {}, - "values": [] } }, + "internalKey": "864a9e2650a81b05f1b4f429df5c0905", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -6275,10 +6095,7 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-4a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -6292,10 +6109,7 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-2a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -6310,10 +6124,7 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "savedSearch", - "filterTile": { - "filterId": "OOBSS-management-dashboard-filter-3a" - } + "inputType": "none" }, "valueFormat": { "type": "object" @@ -6331,9 +6142,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -6354,14 +6162,14 @@ "drilldownConfig": [] }, { - "id": "7fb4b1eb8e0cabc3b98343876a7fcdec", - "displayName": "WAF Top 10 Source IP diagram", + "id": "fbc4cf75a3b6293fba6185b82e2d466f", + "displayName": "Policy hit count by name", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "WAF Top 10 Source IP diagram", + "description": "Policy hit count by name- Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -6369,9 +6177,82 @@ "timePeriod": "l14day" }, "showTitle": true, - "visualizationType": "pie", - "visualizationOptions": {}, - "queryString": "'Log Source' = 'OCI WAF Logs' | rename 'Host IP Address (Client)' as 'Source IP' | stats count by 'Source IP' | top limit = 10 Count", + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_CLASSIFY_SETTINGS": {}, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link Rule, Action, Entity | rename Entity as Firewall | stats avg('Packets In') as 'Packets In', latest(Time) as Latest_Hit", "scopeFilters": { "filters": [ { @@ -6386,35 +6267,18 @@ } ] }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" - }, - "values": [] - }, - { - "type": "LogSet", - "flags": {}, - "values": [] - }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] }, { "type": "Region", @@ -6425,11 +6289,6 @@ "label": "US Midwest (Chicago)" } ] - }, - { - "type": "LogFields", - "flags": {}, - "values": [] } ], "isGlobal": false, @@ -6445,16 +6304,11 @@ } ] }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "5617a87cac1c22a0ba0bce45bfd7c441" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6463,18 +6317,6 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "696668181549785d939d2ccee5ab1f5d", - "label": "Sandbox" - } - ] - }, "Region": { "type": "Region", "flags": {}, @@ -6484,13 +6326,9 @@ "label": "US Midwest (Chicago)" } ] - }, - "LogFields": { - "type": "LogFields", - "flags": {}, - "values": [] } }, + "internalKey": "f50cf4dd203e75bc2f074a149693fc6d", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -6589,29 +6427,113 @@ "drilldownConfig": [] }, { - "id": "a78b20c2de45872f8868ba666853fd30", - "displayName": "Network Security Group Changes", + "id": "42749df954e0521bd87ce0bf8101abd3", + "displayName": "Top 10 Denied Destination Ports", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Network Security Group Changes", + "description": "Top 10 Denied Destination Ports - Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l14day" + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" }, "showTitle": true, - "visualizationType": "table_histogram", + "visualizationType": "link", "visualizationOptions": { "customVizOpt": { "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } } }, - "queryString": "Type like '%networksecuritygroup%' and Method != get | timestats count", + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs') and Action like 'drop%' or Action = 'reset-both' | link 'Destination Port', 'Source IP' | fields -'Start Time', -'End Time'", "scopeFilters": { "filters": [ { @@ -6621,21 +6543,16 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, - { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6644,30 +6561,13 @@ "flags": {}, "values": [] }, - { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" - } - ] - }, - { - "type": "LogFields", - "flags": {}, - "values": [] - }, { "type": "Region", "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } @@ -6680,21 +6580,16 @@ }, "values": [ { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" + "value": "2507e19d927d458a0cafe461cd07c5ae", + "label": "ociateam (root)" } ] }, - "MetricCompartment": { - "type": "MetricCompartment", - "flags": {}, - "values": [] - }, "Entity": { "type": "Entity", "flags": { "IncludeDependents": true, - "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + "ScopeCompartmentId": "696668181549785d939d2ccee5ab1f5d" }, "values": [] }, @@ -6703,34 +6598,18 @@ "flags": {}, "values": [] }, - "ResourceCompartment": { - "type": "ResourceCompartment", - "flags": { - "IncludeSubCompartments": true - }, - "values": [ - { - "value": "ee57d587a5124dddbed61c1d98468c09", - "label": "orasenatdpltsecitom02 (root)" - } - ] - }, - "LogFields": { - "type": "LogFields", - "flags": {}, - "values": [] - }, "Region": { "type": "Region", "flags": {}, "values": [ { - "value": "us-ashburn-1", - "label": "US East (Ashburn)" + "value": "us-chicago-1", + "label": "US Midwest (Chicago)" } ] } }, + "internalKey": "ad8cacb041fe7feda52138357cf2b564", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -6750,7 +6629,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -6764,7 +6646,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -6779,7 +6664,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -6797,6 +6685,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -6817,14 +6708,14 @@ "drilldownConfig": [] }, { - "id": "2d5224dd9d7f92a5e171d0949c76dc2b", - "displayName": "Network Firewall Flows Analysis", + "id": "637ecacba93c5bd566847f4cf8f14d1b", + "displayName": "Virtual Cloud Network Flows Analysis", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Network Firewall Flows Analysis - Network Firewall", + "description": "Virtual Cloud Network Flows Analysis - VCN", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { @@ -6984,7 +6875,7 @@ } } }, - "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Entity) as Firewall, unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') | link 'Source IP', 'Destination IP', 'Destination Port', 'Protocol (Transport)' | stats unique(Action) as Action | fields -'Start Time', -'End Time' | classify topcount = 300 correlate = -*, Action 'Protocol (Transport)', 'Destination Port', 'Source IP' as 'flows analysis'", "scopeFilters": { "filters": [ { @@ -7068,7 +6959,7 @@ ] } }, - "internalKey": "2d5224dd9d7f92a5e171d0949c76dc2b", + "internalKey": "180047b635ea81827871e75300ef2bae", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -7167,29 +7058,26 @@ "drilldownConfig": [] }, { - "id": "409163fc98a3bf851839c440e8f966a1", - "displayName": "Total Request by LB", + "id": "d2112f4d03dbc73334daae1929fe9792", + "displayName": "Threat IPs", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "For Load Balancer", + "description": "Threat IPs", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "timePeriod": "l7day" + "numUnits": 8, + "units": "HOURS", + "timePeriod": "relative" }, "showTitle": true, - "visualizationType": "records_histogram", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" - } - }, - "queryString": "'Log Source' in ('OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs') | timestats count as 'Total Request by LB' by 'OCI Resource Name' | sort -'Total Request by LB'", + "visualizationType": "line", + "visualizationOptions": {}, + "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs', 'OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs', 'OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs', 'OCI WAF Logs', 'OCI Audit Logs') | timestats count('Threat IPs') by 'Log Source'", "scopeFilters": { "filters": [ { @@ -7265,6 +7153,7 @@ ] } }, + "internalKey": "0e1f607aa7651f10493a670556c4a086", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -7331,9 +7220,6 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" } }, { @@ -7354,164 +7240,29 @@ "drilldownConfig": [] }, { - "id": "a6ad885e52a29f5ad1f5ade099a7cbb0", - "displayName": "SFD WAF Logs Correlation Widget", + "id": "60764b0749352a3d15d480975bca616c", + "displayName": "Top 10 Destination IPs", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "", + "description": "Top 10 Destination IPs - Network Firewall", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "startTimeUtc": "2024-10-01T15:07:32.000Z", - "endTimeUtc": "2024-10-10T16:07:32.000Z", - "timePeriod": "cust" + "timePeriod": "l60min" }, "showTitle": true, - "visualizationType": "link", + "visualizationType": "pie", "visualizationOptions": { "customVizOpt": { - "LINK_CLASSIFY_SETTINGS": { - "Backend Status Code, Action, Content Size Out": { - "drilldown": "on", - "chartType": "bubble", - "showDimensions": [ - "on" - ], - "chartHeight": 200, - "swapXY": [ - "off" - ], - "showAnomaly": [ - "on" - ], - "showBaseline": [ - "off" - ], - "groupAlias": "Groups", - "groupAliasS": "Group", - "sizeColumn": 8, - "colorColumn": 9, - "descendingXAxis": [ - null - ], - "descendingYAxis": [ - null - ], - "zeroXAxis": [ - "on" - ], - "zeroYAxis": [ - "on" - ], - "classifyDrilldown": [ - "off" - ], - "classifyColorPalette": { - "1": "default", - "6": "func6_unique_bkendstatuscode", - "7": "func4_unique_countryclnt", - "8": "default", - "9": "func1_unique_wafstatcode", - "10": "func6_unique_clnthostip", - "11": "default" - }, - "classifyColorPaletteCustom": { - "6": {}, - "7": {}, - "9": {}, - "10": {} - }, - "classifyFilters": { - "selectAllFilters": [ - "on" - ], - "showClassifyFilters": [], - "selectedClassifyFilters": [ - 6, - 7, - 8 - ], - "classifyNarrowResults": [ - "on" - ] - } - } - }, - "LINK_SEARCH_SETTINGS": { - "groupAliasS": "Group", - "groupAliasP": "Groups", - "logAliasP": "Log Records", - "selectedTableField": null, - "columnAliases": {}, - "hiddenCharts": { - "groupColumn": true - }, - "hiddenLinkWidgets": { - "linkwidgetOption_HeaderId": false, - "linkwidgetOption_SummaryId": false, - "linkwidgetOption_AnalyzeId": false, - "linkwidgetOption_TSChartId": false, - "linkwidgetOption_HistogramId": true, - "linkwidgetOption_TableId": false, - "linkwidgetOption_ExtraTableId": false - }, - "hiddenColumns": { - "g_duration": true, - "query_start_time": true, - "query_end_time": true, - "trend_interval": true, - "trend_interval_unit": true - }, - "highlightColumnStatus": {}, - "hiddenClassifyCharts": {}, - "hiddenTableFields": {}, - "showCombinedCharts": [ - "off" - ], - "showStack": [ - "off" - ], - "smartGroup": [ - "off" - ], - "styleDefaults": { - "lineType": "curved", - "markerDisplayed": "on" - }, - "chartOptions": "bar", - "chartType": "bar", - "chartHeightVal": 200, - "chartWidthVal": 60, - "showToolTips": [ - "on" - ], - "dashboardWidgetOptions": { - "showTabs": [ - "on" - ], - "showSummary": [], - "showAnalyzeTab": [ - "on" - ], - "showTSCharts": [], - "showChartsTab": [], - "showTable": [ - "on" - ], - "showExtraTable": [ - "on" - ] - }, - "linkSummaryInput": "", - "timeseries": {} - } + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content" } }, - "queryString": "'Log Source' = 'OCI WAF Logs' | link 'Host IP Address (Client)', Method, 'OCI Resource Name' | stats unique('WAF Status Code') as 'WAF Status Code', unique(Action) as Action, avg('Content Size Out') as 'Content Size Out', unique('Client Host Country') as 'Client Host Country', unique(Port) as Port, unique('Backend Status Code') as 'Backend Status Code' | classify topcount = 10 correlate = -*, Method, Port, 'OCI Resource Name' 'Backend Status Code', 'Client Host Country', 'Content Size Out', 'WAF Status Code', 'WAF Status Code' as 'Backend Status Code, Action, Content Size Out'", + "queryString": "'Log Source' in ('OCI Network Firewall Traffic Logs') | stats count by 'Destination IP' | top Count", "scopeFilters": { "filters": [ { @@ -7587,7 +7338,7 @@ ] } }, - "internalKey": "a6ad885e52a29f5ad1f5ade099a7cbb0", + "internalKey": "d9d16bb036946d34724d76e5d200eb10", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -7607,7 +7358,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -7621,7 +7375,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -7636,7 +7393,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -7654,52 +7414,125 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } - }, - "valueFormat": { - "type": "array" - } - }, - { - "name": "time", - "displayName": "$(bundle.globalSavedSearch.TIME)", - "required": true, - "hidden": true - }, - { - "name": "flex" - } - ], - "featuresConfig": { - "crossService": { - "shared": true - } - }, - "drilldownConfig": [] - }, - { - "id": "fda6c2b24788890de038e2de06befce1", - "displayName": "Denied Connections by Source", - "providerId": "log-analytics", - "providerVersion": "3.0.0", - "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", - "isOobSavedSearch": false, - "description": "", - "nls": {}, - "type": "WIDGET_SHOW_IN_DASHBOARD", - "uiConfig": { - "timeSelection": { - "timePeriod": "l60min" - }, - "showTitle": true, - "visualizationType": "records_histogram", - "visualizationOptions": { - "customVizOpt": { - "primaryFieldIname": "mbody", - "primaryFieldDname": "Original Log Content" + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "49989b5841016077afd5fddd2f4a1382", + "displayName": "Network Changes Analysis", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "Network Changes Analysis - SFD", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "numUnits": 60, + "units": "WEEKS", + "timePeriod": "relative" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "primaryFieldIname": "mbody", + "primaryFieldDname": "Original Log Content", + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true, + "g_startepoch": true, + "g_endepoch": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "hideYAxis": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } } }, - "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs') and Action in (drop, reject) | rename 'Source IP' as Source | timestats count by Source", + "queryString": "'Log Source' = 'OCI Audit Logs' and Type like '%virtualnetwork%' and Method in (post, put, delete) | link Event, Method, 'Event Source', 'User Name' | stats unique(Path) as Path | fields -'Start Time', -'End Time'", "scopeFilters": { "filters": [ { @@ -7734,6 +7567,10 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } @@ -7771,11 +7608,15 @@ { "value": "us-chicago-1", "label": "US Midwest (Chicago)" + }, + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" } ] } }, - "internalKey": "fda6c2b24788890de038e2de06befce1", + "internalKey": "219a37c2f8e8b56bc96ffe285192c26a", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -7795,7 +7636,10 @@ "OOBSS-management-dashboard-filter-4a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } }, "valueFormat": { "type": "object" @@ -7809,7 +7653,10 @@ "OOBSS-management-dashboard-filter-2a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } }, "valueFormat": { "type": "object" @@ -7824,7 +7671,10 @@ "OOBSS-management-dashboard-filter-3a" ], "editUi": { - "inputType": "none" + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } }, "valueFormat": { "type": "object" @@ -7842,6 +7692,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -7862,26 +7715,164 @@ "drilldownConfig": [] }, { - "id": "0e1f607aa7651f10493a670556c4a086", - "displayName": "Threat IPs", + "id": "d107f548cee5d7442914537fe0e35a2d", + "displayName": "SFD WAF Logs Correlation Widget", "providerId": "log-analytics", "providerVersion": "3.0.0", "providerName": "Logging Analytics", - "compartmentId": "696668181549785d939d2ccee5ab1f5d", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", "isOobSavedSearch": false, - "description": "Threat IPs", + "description": "", "nls": {}, "type": "WIDGET_SHOW_IN_DASHBOARD", "uiConfig": { "timeSelection": { - "numUnits": 8, - "units": "HOURS", - "timePeriod": "relative" + "startTimeUtc": "2024-10-01T15:07:32.000Z", + "endTimeUtc": "2024-10-10T16:07:32.000Z", + "timePeriod": "cust" }, "showTitle": true, - "visualizationType": "line", - "visualizationOptions": {}, - "queryString": "'Log Source' in ('OCI VCN Flow Unified Schema Logs', 'OCI Network Firewall Traffic Logs', 'OCI Network Firewall Threat Logs', 'OCI Load Balancer Error Logs', 'OCI Load Balancer Access Logs', 'OCI WAF Logs', 'OCI Audit Logs') | timestats count('Threat IPs') by 'Log Source'", + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Backend Status Code, Action, Content Size Out": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "6": "func6_unique_bkendstatuscode", + "7": "func4_unique_countryclnt", + "8": "default", + "9": "func1_unique_wafstatcode", + "10": "func6_unique_clnthostip", + "11": "default" + }, + "classifyColorPaletteCustom": { + "6": {}, + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "selectedTableField": null, + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": false, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [ + "on" + ], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": {} + } + } + }, + "queryString": "'Log Source' = 'OCI WAF Logs' | link 'Host IP Address (Client)', Method, 'OCI Resource Name' | stats unique('WAF Status Code') as 'WAF Status Code', unique(Action) as Action, avg('Content Size Out') as 'Content Size Out', unique('Client Host Country') as 'Client Host Country', unique(Port) as Port, unique('Backend Status Code') as 'Backend Status Code' | classify topcount = 10 correlate = -*, Method, Port, 'OCI Resource Name' 'Backend Status Code', 'Client Host Country', 'Content Size Out', 'WAF Status Code', 'WAF Status Code' as 'Backend Status Code, Action, Content Size Out'", "scopeFilters": { "filters": [ { @@ -7957,7 +7948,7 @@ ] } }, - "internalKey": "0e1f607aa7651f10493a670556c4a086", + "internalKey": "a6ad885e52a29f5ad1f5ade099a7cbb0", "vizType": "lxSavedSearchWidgetType", "enableWidgetInApp": true }, @@ -8024,6 +8015,9 @@ "filterTile": { "filterId": "OOBSS-management-dashboard-region-filter" } + }, + "valueFormat": { + "type": "array" } }, { @@ -8075,24 +8069,6 @@ "name": "compartmentId", "localStorageKey": "compartmentId" }, - { - "savedSearchId": "OOBSS-management-dashboard-filter-2a", - "displayName": "Entity", - "width": 6, - "state": "DEFAULT", - "uiConfig": { - "internalKey": "OOBSS-management-dashboard-filter-2a", - "filterName": "log-analytics-entity-filter", - "vizFilterType": "lxEntityDashFilterType", - "defaultWidth": 6, - "minWidth": 6 - }, - "parametersMap": { - "isStoreInLocalStorage": true - }, - "name": "log-analytics-entity-filter", - "localStorageKey": "log-analytics-entity-filter" - }, { "savedSearchId": "OOBSS-management-dashboard-region-filter", "width": 6, @@ -8185,7 +8161,7 @@ }, "name": "log-analytics-logset-filter", "localStorageKey": "log-analytics-logset-filter", - "uniqueId": "513d7ba3-270e-3807-d125-549045724e43" + "uniqueId": "f44f922f-a0eb-931b-8637-d233eb3d2e0c" } ], "featuresConfig": { diff --git a/knowledge-content/fa-ess-scheduler/README.md b/knowledge-content/fa-ess-scheduler/README.md new file mode 100644 index 00000000..be744c0f --- /dev/null +++ b/knowledge-content/fa-ess-scheduler/README.md @@ -0,0 +1,311 @@ +# Fusion Applications Observability by Collecting ESS Logs Using OCI Logging Analytics REST API Ingestion + +Oracle Fusion Applications Enterprise Scheduler Service (ESS) is a critical component that manages scheduled processes across various Fusion Applications modules including ERP, SCM, CX, and HCM. Traditionally, Fusion Applications customers have relied on the Scheduled Processes work area within Fusion Applications to monitor their ESS processes. These scheduled processes handle complex tasks that are too time-consuming to monitor manually, such as data imports, record updates, and report generation. In this blog post, we will explore the ESS REST API endpoints to collect and analyze ESS logs using OCI Logging Analytics. + +## Key Monitoring Use Cases + +While Oracle Fusion Applications provides a basic Scheduled Processes work area, many customers face significant challenges when monitoring and analyzing ESS jobs at scale. The native interface lacks comprehensive monitoring capabilities, especially for enterprises running hundreds or thousands of scheduled processes across multiple modules. + +The most common use cases for monitoring Fusion Applications ESS processes are: + +- ESS Job Requests and Status +- Jobs and Applications Requests Analysis +- ESS Jobs Schedule Heatmap Analysis +- Track historical performance trends +- Correlate ESS process execution with system events +- Generate comprehensive reports across multiple processes +- Set up proactive alerts for process failures +- Analyze process execution patterns over extended periods + +With the ESS job requests data collected, we can build a monitoring dashboard to visualize the ESS job requests and status, and analyze the job requests and status over time. + +![ESS Job Requests and Status Dashboard](./images/blog-ess_job_requests_and_status_dashboard.png) + +![ESS Job Requests and Status Dashboard](./images/blog-ess_job_requests_and_status_dashboard1.png) + +*Figure 1: Fusion Apps Enterprise Scheduler Job Requests and Status Dashboard* + +## Solution Design + +Fusion Apps provided three options to visualize and analyze the ESS job requests data: + +* **Native Fusion Applications Interface**: Use the built-in Scheduled Processes work area within Fusion Applications to search and monitor jobs, though this has limitations for comprehensive monitoring at scale. + +* **Custom BI Publisher Reports**: Create custom BI Publisher reports using SQL queries against ESS_REQUEST_HISTORY and ESS_REQUEST_PROPERTY tables to build tailored monitoring solutions. Oracle provides sample queries in Knowledge Base article "Additional Optimization Opportunities for Scheduled Processes (Doc ID 2820161.1)" for educational purposes. + +* **Scheduler REST API**: Oracle introduced the Scheduler REST API in (23B)[https://docs.oracle.com/en/cloud/saas/applications-common/23b/farcr/index.html] to provide a RESTful interface for managing and monitoringscheduled processes. This API allows for programmatic creation, retrieval, and management of scheduled jobs, making it suitable for monitoring and automation purposes. + +In this blog, we will explore the Scheduler REST API by leveraging OCI Logging Analytics' REST API log collection method to ingest ESS process job requests and status data. This approach provides a robust solution for monitoring and analyzing scheduled processes while ensuring ongoing log collection. The solution uses the Management Agent with appropriate authentication methods to securely collect and analyze ESS logs. + +The solution addresses several critical monitoring requirements: + +- **Complete process visibility**: Ability to collect and analyze ESS process logs comprehensively, including investigating process failures that occurred days or weeks ago +- **Historical analysis**: Track process execution patterns and performance over time, allowing you to analyze performance trends to optimize scheduling +- **Proactive monitoring**: Set up alerts for process failures and performance issues, and generate compliance reports for audit purposes +- **Automated collection**: Management Agent handles log collection based on configured intervals, enabling monitoring of process execution across multiple Fusion Applications instances + +### Reference Architecture +![Reference Architecture for ESS Log Collection](./images/blog-ess_logs_ref_architecture.png) + +*Figure 2: Reference Architecture showing the flow of ESS logs from Fusion Applications to OCI Logging Analytics using REST API ingestion method with Management Agent* + +[Bala Mahalingam](https://blogs.oracle.com/authors/bala-mahalingam) from the A-Team has created a great blog post on the best practices for Fusion Applications ESS monitoring using the Scheduler REST API [here](https://www.ateam-oracle.com/post/introducing-the-scheduler-rest-api-and-guidelines-for-monitoring-scheduled-processes-in-fusion-cloud-applications). Based on the state transition for a submitted ESS job, you can gain insights into the job requests and status. + +![Fusion Applications ESS job requests workflow](./images/blog-ess-job-requests-workflow.png) + +*Figure 3: Fusion Applications ESS job requests workflow* + +## Implementation Overview + +### Prerequisites + +- Set up service policies for Oracle Cloud Logging Analytics. See [Enable Access to Logging Analytics and Its Resources](https://docs.oracle.com/iaas/logging-analytics/doc/enable-access-logging-analytics-and-its-resources.html) and Prerequisite IAM Policies in Oracle Cloud Infrastructure Documentation. +- Install the [Management Agent](https://docs.oracle.com/en-us/iaas/management-agents/doc/install-management-agent.html) on a client host VM which has http or https access to your Fusion Applications endpoint, we will use this host for Log Source entity association. See [Set Up Continuous Log Collection From Your Hosts](https://docs.oracle.com/en-us/iaas/logging-analytics/doc/set-continuous-log-collection-form-your-hosts.html#GUID-310D58A5-9F27-48C9-AE62-009BD094AB69). +- On Unix-based hosts, the user that installs management agent is mgmt_agent for the [manually installed management agent](https://docs.oracle.com/en-us/iaas/management-agents/doc/install-management-agent-manually.html), and oracle-cloud-agent when the management agent is a plugin enabled with [Oracle Cloud Agent](https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/manage-plugins.htm). + + +### Step 1: Create Integration User Account in Fusion Applications with appropriate permissions + +1. Sign in to Oracle Fusion Applications using administrator privileges +2. Navigate to **My Team** > Users and Roles +3. Create a new user account with the following details: + - **Last Name**: SERVICE_APP_ICS_ID + - **Email**: Valid email address + - **User Name**: SERVICE_APP_ICS_ID + - **Person Type**: Employee + - **Legal Employer**: Select appropriate organization + - **Business Unit**: Select appropriate business unit + +4. Configure the necessary security roles for the integration user + - **Customer Service Representative** + - **Employee** + - **Resource** + - **SVC SOA Operator** + +5. Test API Access via Postman + - Create a new Postman request + - Set the request type to GET + - Set the request headers to include the following: + - **Authorization**: Basic {Base64 encoded username:password} + - **Accept**: application/json + - **Content-Type**: application/json; charset=UTF-8 + - Obtain the REST Server URL from the the FA admin + - Construct the request URL by combining the REST Server URL and the appropriate resource path. For example: + ``` + https://.fa.us2.oraclecloud.com/ess/rest/scheduler/v1/requests/search/10?fields=absParentRequestId,requestedEndTime,application,cause,causeDescription,completedTime,deployedApplicationName,description,dispatcher,dmsRID,ecid,elapsedTime,enterpriseId,errorType,errorTypeDescription,errorWarningDetail,errorWarningMessage,errorWarningTime,executableState,executionAttempt,executionMode,executionType,expiration,flowId,instanceParentExecAttempt,instanceParentId,isAsynchronous,isAsyncRecoverable,isCancellable,isForceCancelAllowed,isHoldable,isRecoverable,isTimedOut,jobDefinitionId,jobDescription,jobDisplayName,jobType,lastScheduleInstanceId,lastSubRequestSet,links,logicalClusterName,notificationUrl,parentExecAttempt,parentRequestId,pausedCount,postProcessMessage,postProcessStatus,preProcessMessage,preprocessStatus,previousState,priority,processEndTime,processGroup,processor,processPhase,processPhaseDescription,processStartTime,product,requestCategory,requestedEndTime,requestedStartTime,requestId,requestMode,requestParameters,requestType,retriedCount,runAsUser,schedule,scheduleDefinition,scheduledTime,state,stateChangeTime,stateDescription,stepId,submissionTime,submitter,submitterDmsECID,submitterDmsRID,submitterFlowId,submitterGUID,subRequestSet&orderBy=processStartTime:asc&q=processStartTime gt "2024-10-12T20:00Z" and processEndTime lt "2024-10-13T20:05Z" + ``` + - Send the request and verify the response + - If the response is successful, you have successfully authenticated and can proceed with the next steps + - If the response is not successful, please check the authentication credentials and try again + +### Step 2: Update the Agent Configuration + +To enable the Management Agent to use the REST API for log collection, you need to update its configuration properties: + +1. SSH to the VM host where the Management Agent is installed: + ``` + ssh opc@ + ``` + +2. Switch to the **root** user: + ``` + sudo su - + ``` + +3. Navigate to the agent configuration directory: + - If you're using Oracle Cloud Agent: + ``` + cd /var/lib/oracle-cloud-agent/plugins/oci-managementagent/polaris/agent_inst/config/ + ``` + + - If you manually installed the Management Agent (standalone installation): + ``` + cd /opt/oracle/mgmt_agent/agent_inst/config + ``` + +4. Open the **emd.properties** file for editing: + ``` + vi emd.properties + ``` + +5. Append the following two parameters to the bottom of the file: + ``` + loganalytics.rest_api.enable_oci_api=true + loganalytics.rest_api.report_interval=600 + ``` + + Note: The `loganalytics.rest_api.report_interval` parameter sets the collection interval in seconds. The default is 300 seconds (5 minutes), but in this example, we've set it to 600 seconds (10 minutes). You can adjust this value based on your requirements. + +6. Save the file and exit the editor. + +7. Restart the Management Agent to apply the changes. + ``` + systemctl restart oracle-cloud-agent + ``` + + If you use standalone Management Agent: + ``` + systemctl restart mgmt_agent + ``` + +### Step 3: Configure the Fusion Apps Credential file on Management Agent + +1. SSH to the VM host where the Management Agent is installed: + ``` + ssh opc@ + ``` + +3. Navigate to the /home/opc directory: + ``` + cd /home/opc + ``` +4. Create a credential file named **FA_CRED.json** + ``` + touch FA_CRED.json + ``` + +5. Add the following content to the file: + ``` + { + "source":"lacollector.la_rest_api", + "name":"FA_CRED", + "type":"HTTPSCreds", + "description":"These are HTTPS (BasicAuth) credentials.", + "properties": + [ + { "name":"HTTPSUserName", "value":"CLEAR[username]" }, + { "name":"HTTPSPassword", "value":"CLEAR[password]" }, + { "name":"ssl_trustStoreType", "value":"JKS" }, + { "name":"ssl_trustStoreLocation", "value":"/etc/pki/ca-trust/extracted/java/cacerts" }, + { "name":"ssl_trustStorePassword", "value":"changeit" } + ] + } + ``` + + Note: Please check out this blog post to configure the truststore for the Management Agent - **Configure SSL certificate keystore and truststore to access ZFS REST API endpoint** [here](https://www.ateam-oracle.com/post/zfs-storage-appliance-observability-and-monitoring). + +6. Copy the FA_CRED.json file to /tmp directory and update the permission to 755 + ``` + cp FA_CRED.json /tmp/FA_CRED.json + chmod 755 /tmp/FA_CRED.json + ``` + +7. Switch to the **root** user: + ``` + sudo su - + ``` + +8. Register the credential file with the Management Agent + ``` + cat /tmp/FA_CRED.json | sh /var/lib/oracle-cloud-agent/plugins/oci-managementagent/polaris/agent_inst/bin/credential_mgmt.sh -o upsertCredentials -s logan + ``` + ![Management Agent Credential Management UpsertCredentials](images/blog-ess-management-agent-credential-management.png) + + *Figure 4: Management Agent Credential Management UpsertCredentials* + +### Step 3: Import ESS Log Source + +1. Import ESS Log Source: + - Download the ESS Log Source configuration from github [here](https://github.com/jujufugh/oci-o11y-solutions/blob/main/knowledge-content/fa-ess-scheduler/log-sources/Oracle%20Fusion%20Apps_%20Enterprise%20Scheduler%20Service%20(ESS)_1745244403805.zip) + - Navigate to Logging Analytics > Administration > Administration Overview + - Click **Import Configuration Content** + - Select the ESS Log Source file - **Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)_1745244403805.zip** + - Import the ESS Log Source configuration: **Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)** + +2. Validate the Log Endpoints: + - Navigate to Logging Analytics > Administration > Sources + - Click the **Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)** log source + - There are two log endpoints for the ESS Log Source: + * sshishod-ess-requests-v2_1h: ESS job requests log collection with 1 hour interval + * sshishod-ess-requests-v2: ESS job requests log collection with 1 day interval + - Check the **Enabled** checkbox to enable specific log endpoint + - Click **Save Changes** to apply the configuration + +### Step 4: Configure Management Agent Entity Properties for log collection + +1. Management Agent Collection Properties for the VM Linux Host Entity: + - Navigate to Logging Analytics > Administration > Collection Configuration + - Select the **Entity Configuration** tab + - Find and select your VM Linux Host Entity + - Click **Edit** + - In the **Agent Collection Properties** list, locate the following properties and update them: + - (Optional) Set **Historical Data** to **P30D** (this configures the collection to retrieve ESS logs for the past 30 days) + - Set **Enable Filter Duplicate Records** to **true** (this prevents duplicate log entries) + - Click **Save Changes** to apply the configuration + + ![OCI Fusion Apps Enterprise Scheduler Service Management Agent Collection Properties](images/blog-ess-management-agent-collection-properties.png) + + *Figure 5: Update the Management Agent collection properties to enable historical data collection and duplicate filtering* + +2. Associate the Entity with your log source and configure log group: + - Navigate to Logging Analytics > Administration > Sources + - Select Log Source **Oracle Fusion Apps: Enterprise Scheduler Service (ESS)** + - Select the **Unassociated Entities** menu + - Click **Add Association** + - Select your Management Agent host entity + - In the **Log Group** section, select an existing log group or create a new one for the Fusion Apps ESS logs + - Click **Create** to finalize the association + +### Step 5: Import the Oracle Fusion Apps: Enterprise Scheduler Dashboard + +1. Navigate to Logging Analytics > Dashboards > Overview +2. Download the ESS monitoring dashboard from github [here](https://github.com/jujufugh/oci-o11y-solutions/blob/main/knowledge-content/fa-ess-scheduler/dashboards/Oracle%20FA_%20Enterprise%20Scheduler%20Dashboard.json) +3. Click **Import dashboards** +4. Select the dashboard file and click **Import** +5. Specify the compartment for the dashboard +6. Specify the compartment for the saved searches + + ![Import ESS Monitoring Dashboard](./images/blog-ess-import-ess-monitoring-dashboard.png) + + *Figure 6: Import ESS Monitoring Dashboard* + +### Optional: Integrate Fusion Apps Product Family mapping with ESS logs + +* Create User Defined Field in Logging Analytics + + ![Create User Defined Field](./images/blog-ess-create-user-defined-field.png) + + *Figure 7: Create User Defined Field* + +* Import Fusion Apps Lookup Table + - Download the Fusion Apps Lookup file from github [here](https://github.com/jujufugh/oci-o11y-solutions/blob/main/knowledge-content/fa-ess-scheduler/lookups/Fusion_Products_Lookup.csv) + - Navigate to **Logging Analytics** > **Administration** > **Lookups** + - Click **Create Lookup** + - Select Type - **Simple** + - Select the Fusion Apps Lookup file - **Fusion_Products_Lookup.csv** + - Click **Create** + +* Add Field Enrichment to ESS Log Source + - Select **Lookup** as Function + - Select **FA_product_map** as Lookup Table Name + - Select Product as the Log Source Field and PRODUCT_ABBREVIATION as the Lookup Table Column + - Select Actionsto map the New Log Source Field with the Field Value in the Lookup Table + - Add Field Enrichment + + ![Fusion Apps product code Field Enrichment](./images/blog-ess-product-code-field-enrichment.png) + + *Figure 8: Fusion Apps product code Field Enrichment* + +## Conclusion + +By implementing this solution, organizations can achieve comprehensive monitoring of their Fusion Applications ESS processes. The integration with OCI Logging Analytics provides powerful capabilities for historical analysis, trend identification, and proactive monitoring. This enables organizations to optimize their scheduled processes, improve operational efficiency, and maintain compliance with business requirements. + +## References + +- [A-Team Oracle: Introducing the Scheduler REST API](https://www.ateam-oracle.com/post/introducing-the-scheduler-rest-api-and-guidelines-for-monitoring-scheduled-processes-in-fusion-cloud-applications) +- [A-Team Oracle: Five Key Fusion Cloud Applications Monitoring Features](https://www.ateam-oracle.com/post/five-key-fusion-cloud-applications-monitoring-features-for-better-user-adoption) +- [Oracle Fusion Applications REST API QuickStart](https://docs.oracle.com/en/cloud/saas/applications-common/24c/farca/Quick_Start.html) +- [Security User and Role Documentation](https://docs.oracle.com/en/cloud/saas/applications-common/24c/oacsm/index.html) +- [Best Practices for Scheduled Processes](https://docs.oracle.com/en/cloud/saas/applications-common/24c/fabps/how-do-i-make-sure-that-scheduled-processes-run-smoothly-and-quickly.html) +- [Oracle Fusion Financials Documentation](https://docs.oracle.com/en/cloud/saas/financials/24c/farfa/index.html) +- [Oracle Fusion Service: Create a Customer Account](https://docs.oracle.com/en/cloud/saas/fusion-service/faids/create-a-customer-account-in-oracle-fusion-service.html) +- [Oracle Fusion Service: Integration User Account](https://docs.oracle.com/en/cloud/saas/fusion-service/faiec/create-a-fusion-service-integration-user-account-for-other.html) +- [Oracle Fusion Applications REST API QuickStart (24A)](https://docs.oracle.com/en/cloud/saas/applications-common/24a/farca/Quick_Start.html) +- [Oracle Fusion Applications REST API Documentation](https://docs.oracle.com/en/cloud/saas/applications-common/24c/farca/index.html) + + +## Acknowledgments + +**Kumar Varun** - Logging Analytics Product Management + +**Bala Mahalingam** - Fusion Apps Deep Expert, A-Team Oracle \ No newline at end of file diff --git a/knowledge-content/fa-ess-scheduler/dashboards/Oracle FA_ Enterprise Scheduler Dashboard.json b/knowledge-content/fa-ess-scheduler/dashboards/Oracle FA_ Enterprise Scheduler Dashboard.json new file mode 100644 index 00000000..5adc9d8b --- /dev/null +++ b/knowledge-content/fa-ess-scheduler/dashboards/Oracle FA_ Enterprise Scheduler Dashboard.json @@ -0,0 +1,2656 @@ +{ + "dashboards": [ + { + "dashboardId": "a8a9197740c95613302a837ec0670d84", + "providerId": "log-analytics", + "providerName": "Logging Analytics", + "providerVersion": "3.0.0", + "tiles": [ + { + "displayName": "ESS Requests", + "savedSearchId": "d77152c080c110f1e1989caa9c8d88c4", + "row": 0, + "column": 0, + "height": 2, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)" + }, + "description": null + }, + { + "displayName": "Jobs and Applications", + "savedSearchId": "e1635c6ffb513d847a2a91329f4358ec", + "row": 0, + "column": 4, + "height": 8, + "width": 8, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)" + }, + "description": null + }, + { + "displayName": "Job Status", + "savedSearchId": "540629ca40917c89bae306a3918b916c", + "row": 2, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)" + }, + "description": null + }, + { + "displayName": "Applications", + "savedSearchId": "cc4b3e491069d64e225737fdeb385492", + "row": 5, + "column": 0, + "height": 3, + "width": 4, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "log-analytics-log-set": "$(dashboard.params.log-analytics-logset-filter)", + "time": "$(dashboard.params.time)" + }, + "description": null + }, + { + "displayName": "ESS_jobs_by_product_heatmap_schedule", + "savedSearchId": "fbd337f8e4c10c029007f3f2d8dca521", + "row": 8, + "column": 0, + "height": 5, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)", + "time": "$(dashboard.params.time)" + }, + "description": null + }, + { + "displayName": "SD: Fusion ESS Jobs Summary", + "savedSearchId": "0770c1c6209d0b944fd553d59d8b1c17", + "row": 13, + "column": 0, + "height": 14, + "width": 12, + "nls": {}, + "uiConfig": {}, + "dataConfig": [], + "state": "DEFAULT", + "drilldownConfig": [], + "parametersMap": { + "time": "$(dashboard.params.time)", + "log-analytics-log-group-compartment": "$(dashboard.params.log-analytics-loggroup-filter)", + "log-analytics-entity": "$(dashboard.params.log-analytics-entity-filter)" + }, + "description": null + } + ], + "displayName": "Oracle FA: Enterprise Scheduler Dashboard", + "description": "", + "compartmentId": "${compartment_ocid}", + "isOobDashboard": false, + "isShowInHome": false, + "metadataVersion": "2.0", + "isShowDescription": true, + "screenImage": "todo: provide value[mandatory]", + "nls": {}, + "uiConfig": { + "isFilteringEnabled": false, + "isTimeRangeEnabled": true, + "isRefreshEnabled": true + }, + "dataConfig": [], + "type": "normal", + "isFavorite": false, + "savedSearches": [ + { + "id": "e1635c6ffb513d847a2a91329f4358ec", + "displayName": "SD: Fusion ESS Jobs and Applications", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "treemap", + "visualizationOptions": { + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Start Time, Job, Time Taken, Product, Status": { + "drilldown": "on", + "chartType": "trend", + "showDimensions": [ + "on" + ], + "chartHeight": 295, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "off" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "7": "crud", + "8": "default", + "9": "func6_unique_udfs12", + "10": "process_status" + }, + "classifyColorPaletteCustom": { + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": true, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [ + "on" + ], + "showChartsTab": [ + "on" + ], + "showTable": [], + "showExtraTable": [] + }, + "linkSummaryInput": "", + "timeseries": { + "timestats1": { + "showCombinedCharts": [ + "on" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "on" + ], + "showLegend": [ + "off" + ], + "chartOptions": "lineWithMarker", + "chartType": "line", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "off" + ], + "colorColumn": 2, + "hiddenTSCharts": {}, + "timeSeriesColorPalette": { + "0": "crud", + "1": "func6_unique_udfs12", + "2": "process_status" + }, + "timeSeriesColorPaletteCustom": { + "0": {}, + "1": {}, + "2": {} + }, + "tsFilters": { + "selectAllFilters": [ + "off" + ], + "showTSFilters": [ + "on" + ], + "selectedTSFilters": [ + "func4_unique_udfs366", + "func6_unique_udfs12", + "func7_latest_udfs379", + "timestats1_func1_avg_evalVirtualField3" + ], + "filterSelectedKeyMapByFilterIndex": [ + [ + "activate multiple versions", + "activate multiple versions: preprocessor", + "activate multiple versions: subprocess", + "age user context relevancy feed", + "allow file import export queue entry", + "cache application usage insights report data", + "coordinate batch data import from source files to base tables", + "coordinate data import from a source file to base table", + "coordinate data import from source files to base tables", + "coordinate import process from source file to staging table using sql loader", + "create standard import sub-job", + "create standard import subrequest", + "evaluate access group orchestration", + "execute consumer batch preprocessing steps", + "execute entity batch", + "execute log generation", + "generate control and data files for all source files", + "generate relevancy feed", + "generate relevancy feed batch", + "index active meta model version", + "index entity", + "maintain meta model and index", + "perform access extension and predefined rules processing for objects", + "perform near real-time processing of access group object sharing rules", + "perform object sharing rule assignment processing", + "process active time data", + "process click history mapping data", + "process generated log and bad files", + "purge aged signals data", + "purge application metrics", + "purge exported data files and log files from content server", + "purge import and export data files from content server", + "reflect hierarchy change", + "reflect hierarchy change for entity process", + "reflect hierarchy change for hierarchy update", + "reflect search indexes with changes in resource and territory hierarchies", + "refresh access control data", + "refresh bi reports audit data for user adoption reporting", + "resubmit undelivered signals", + "run access group membership rules", + "sales dbml model training job", + "schedule and complete new item request", + "schedule and complete new item request: preprocess", + "schedule and complete new item request: subprocess", + "schedule item changes", + "schedule item changes: preprocess", + "schedule item changes: subprocess", + "smart action auto ranking", + "synchronize access rules data for adaptive search", + "synchronize access rules data for adaptive search for entity", + "synchronize access rules data for adaptive search for entity batch", + "track stuck import jobs", + "update aggregates", + "update aggregates for entity", + "update aggregates for entity batch", + "update references for entity", + "update referencing documents for entity", + "upload interface error and job output file to universal content management", + "user analytics click history data aggregation plsql procedure process" + ] + ], + "legendTypeMap": {} + } + } + } + } + } + }, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | stats distinctcount('Request ID') as Requests by Application, 'Job Display Name'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "e1635c6ffb513d847a2a91329f4358ec", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "cc4b3e491069d64e225737fdeb385492", + "displayName": "SD: Fusion ESS Applications", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l14day" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Start Time, Job, Time Taken, Product, Status": { + "drilldown": "on", + "chartType": "trend", + "showDimensions": [ + "on" + ], + "chartHeight": 295, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "off" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "7": "crud", + "8": "default", + "9": "func6_unique_udfs12", + "10": "process_status" + }, + "classifyColorPaletteCustom": { + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": true, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [ + "on" + ], + "showChartsTab": [ + "on" + ], + "showTable": [], + "showExtraTable": [] + }, + "linkSummaryInput": "", + "timeseries": { + "timestats1": { + "showCombinedCharts": [ + "on" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "on" + ], + "showLegend": [ + "off" + ], + "chartOptions": "lineWithMarker", + "chartType": "line", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "off" + ], + "colorColumn": 2, + "hiddenTSCharts": {}, + "timeSeriesColorPalette": { + "0": "crud", + "1": "func6_unique_udfs12", + "2": "process_status" + }, + "timeSeriesColorPaletteCustom": { + "0": {}, + "1": {}, + "2": {} + }, + "tsFilters": { + "selectAllFilters": [ + "off" + ], + "showTSFilters": [ + "on" + ], + "selectedTSFilters": [ + "func4_unique_udfs366", + "func6_unique_udfs12", + "func7_latest_udfs379", + "timestats1_func1_avg_evalVirtualField3" + ], + "filterSelectedKeyMapByFilterIndex": [ + [ + "activate multiple versions", + "activate multiple versions: preprocessor", + "activate multiple versions: subprocess", + "age user context relevancy feed", + "allow file import export queue entry", + "cache application usage insights report data", + "coordinate batch data import from source files to base tables", + "coordinate data import from a source file to base table", + "coordinate data import from source files to base tables", + "coordinate import process from source file to staging table using sql loader", + "create standard import sub-job", + "create standard import subrequest", + "evaluate access group orchestration", + "execute consumer batch preprocessing steps", + "execute entity batch", + "execute log generation", + "generate control and data files for all source files", + "generate relevancy feed", + "generate relevancy feed batch", + "index active meta model version", + "index entity", + "maintain meta model and index", + "perform access extension and predefined rules processing for objects", + "perform near real-time processing of access group object sharing rules", + "perform object sharing rule assignment processing", + "process active time data", + "process click history mapping data", + "process generated log and bad files", + "purge aged signals data", + "purge application metrics", + "purge exported data files and log files from content server", + "purge import and export data files from content server", + "reflect hierarchy change", + "reflect hierarchy change for entity process", + "reflect hierarchy change for hierarchy update", + "reflect search indexes with changes in resource and territory hierarchies", + "refresh access control data", + "refresh bi reports audit data for user adoption reporting", + "resubmit undelivered signals", + "run access group membership rules", + "sales dbml model training job", + "schedule and complete new item request", + "schedule and complete new item request: preprocess", + "schedule and complete new item request: subprocess", + "schedule item changes", + "schedule item changes: preprocess", + "schedule item changes: subprocess", + "smart action auto ranking", + "synchronize access rules data for adaptive search", + "synchronize access rules data for adaptive search for entity", + "synchronize access rules data for adaptive search for entity batch", + "track stuck import jobs", + "update aggregates", + "update aggregates for entity", + "update aggregates for entity batch", + "update references for entity", + "update referencing documents for entity", + "upload interface error and job output file to universal content management", + "user analytics click history data aggregation plsql procedure process" + ] + ], + "legendTypeMap": {} + } + } + } + } + } + }, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | stats distinctcount('Request ID') as Requests by Application", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "cc4b3e491069d64e225737fdeb385492", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "d77152c080c110f1e1989caa9c8d88c4", + "displayName": "SD: Fusion ESS Requests", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l7day" + }, + "showTitle": true, + "visualizationType": "tile", + "visualizationOptions": { + "changeLabel": "", + "formatNumber": false, + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Start Time, Job, Time Taken, Product, Status": { + "drilldown": "on", + "chartType": "trend", + "showDimensions": [ + "on" + ], + "chartHeight": 295, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "off" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "7": "crud", + "8": "default", + "9": "func6_unique_udfs12", + "10": "process_status" + }, + "classifyColorPaletteCustom": { + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": true, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [ + "on" + ], + "showChartsTab": [ + "on" + ], + "showTable": [], + "showExtraTable": [] + }, + "linkSummaryInput": "", + "timeseries": { + "timestats1": { + "showCombinedCharts": [ + "on" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "on" + ], + "showLegend": [ + "off" + ], + "chartOptions": "lineWithMarker", + "chartType": "line", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "off" + ], + "colorColumn": 2, + "hiddenTSCharts": {}, + "timeSeriesColorPalette": { + "0": "crud", + "1": "func6_unique_udfs12", + "2": "process_status" + }, + "timeSeriesColorPaletteCustom": { + "0": {}, + "1": {}, + "2": {} + }, + "tsFilters": { + "selectAllFilters": [ + "off" + ], + "showTSFilters": [ + "on" + ], + "selectedTSFilters": [ + "func4_unique_udfs366", + "func6_unique_udfs12", + "func7_latest_udfs379", + "timestats1_func1_avg_evalVirtualField3" + ], + "filterSelectedKeyMapByFilterIndex": [ + [ + "activate multiple versions", + "activate multiple versions: preprocessor", + "activate multiple versions: subprocess", + "age user context relevancy feed", + "allow file import export queue entry", + "cache application usage insights report data", + "coordinate batch data import from source files to base tables", + "coordinate data import from a source file to base table", + "coordinate data import from source files to base tables", + "coordinate import process from source file to staging table using sql loader", + "create standard import sub-job", + "create standard import subrequest", + "evaluate access group orchestration", + "execute consumer batch preprocessing steps", + "execute entity batch", + "execute log generation", + "generate control and data files for all source files", + "generate relevancy feed", + "generate relevancy feed batch", + "index active meta model version", + "index entity", + "maintain meta model and index", + "perform access extension and predefined rules processing for objects", + "perform near real-time processing of access group object sharing rules", + "perform object sharing rule assignment processing", + "process active time data", + "process click history mapping data", + "process generated log and bad files", + "purge aged signals data", + "purge application metrics", + "purge exported data files and log files from content server", + "purge import and export data files from content server", + "reflect hierarchy change", + "reflect hierarchy change for entity process", + "reflect hierarchy change for hierarchy update", + "reflect search indexes with changes in resource and territory hierarchies", + "refresh access control data", + "refresh bi reports audit data for user adoption reporting", + "resubmit undelivered signals", + "run access group membership rules", + "sales dbml model training job", + "schedule and complete new item request", + "schedule and complete new item request: preprocess", + "schedule and complete new item request: subprocess", + "schedule item changes", + "schedule item changes: preprocess", + "schedule item changes: subprocess", + "smart action auto ranking", + "synchronize access rules data for adaptive search", + "synchronize access rules data for adaptive search for entity", + "synchronize access rules data for adaptive search for entity batch", + "track stuck import jobs", + "update aggregates", + "update aggregates for entity", + "update aggregates for entity batch", + "update references for entity", + "update referencing documents for entity", + "upload interface error and job output file to universal content management", + "user analytics click history data aggregation plsql procedure process" + ] + ], + "legendTypeMap": {} + } + } + } + } + } + }, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | stats distinctcount('Request ID') as Requests", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "d77152c080c110f1e1989caa9c8d88c4", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "fbd337f8e4c10c029007f3f2d8dca521", + "displayName": "ESS_jobs_by_product_heatmap_schedule", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "startTimeUtc": "2025-03-01T19:41:05.000Z", + "endTimeUtc": "2025-03-08T18:41:05.000Z", + "timePeriod": "cust" + }, + "showTitle": true, + "visualizationType": "heatmap", + "visualizationOptions": {}, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | timestats count('Request ID') as logrecords by Product | sort -logrecords", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-4a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-2a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-filter-3a" + } + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + }, + "valueFormat": { + "type": "array" + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "540629ca40917c89bae306a3918b916c", + "displayName": "SD: Fusion ESS States", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "timePeriod": "l60min" + }, + "showTitle": true, + "visualizationType": "pie", + "visualizationOptions": { + "showDonutChart": true, + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "Start Time, Job, Time Taken, Product, Status": { + "drilldown": "on", + "chartType": "trend", + "showDimensions": [ + "on" + ], + "chartHeight": 295, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "off" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "7": "crud", + "8": "default", + "9": "func6_unique_udfs12", + "10": "process_status" + }, + "classifyColorPaletteCustom": { + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": null, + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": true, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": false, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [ + "on" + ], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [ + "on" + ], + "showChartsTab": [ + "on" + ], + "showTable": [], + "showExtraTable": [] + }, + "linkSummaryInput": "", + "timeseries": { + "timestats1": { + "showCombinedCharts": [ + "on" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "on" + ], + "showLegend": [ + "off" + ], + "chartOptions": "lineWithMarker", + "chartType": "line", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "off" + ], + "colorColumn": 2, + "hiddenTSCharts": {}, + "timeSeriesColorPalette": { + "0": "crud", + "1": "func6_unique_udfs12", + "2": "process_status" + }, + "timeSeriesColorPaletteCustom": { + "0": {}, + "1": {}, + "2": {} + }, + "tsFilters": { + "selectAllFilters": [ + "off" + ], + "showTSFilters": [ + "on" + ], + "selectedTSFilters": [ + "func4_unique_udfs366", + "func6_unique_udfs12", + "func7_latest_udfs379", + "timestats1_func1_avg_evalVirtualField3" + ], + "filterSelectedKeyMapByFilterIndex": [ + [ + "activate multiple versions", + "activate multiple versions: preprocessor", + "activate multiple versions: subprocess", + "age user context relevancy feed", + "allow file import export queue entry", + "cache application usage insights report data", + "coordinate batch data import from source files to base tables", + "coordinate data import from a source file to base table", + "coordinate data import from source files to base tables", + "coordinate import process from source file to staging table using sql loader", + "create standard import sub-job", + "create standard import subrequest", + "evaluate access group orchestration", + "execute consumer batch preprocessing steps", + "execute entity batch", + "execute log generation", + "generate control and data files for all source files", + "generate relevancy feed", + "generate relevancy feed batch", + "index active meta model version", + "index entity", + "maintain meta model and index", + "perform access extension and predefined rules processing for objects", + "perform near real-time processing of access group object sharing rules", + "perform object sharing rule assignment processing", + "process active time data", + "process click history mapping data", + "process generated log and bad files", + "purge aged signals data", + "purge application metrics", + "purge exported data files and log files from content server", + "purge import and export data files from content server", + "reflect hierarchy change", + "reflect hierarchy change for entity process", + "reflect hierarchy change for hierarchy update", + "reflect search indexes with changes in resource and territory hierarchies", + "refresh access control data", + "refresh bi reports audit data for user adoption reporting", + "resubmit undelivered signals", + "run access group membership rules", + "sales dbml model training job", + "schedule and complete new item request", + "schedule and complete new item request: preprocess", + "schedule and complete new item request: subprocess", + "schedule item changes", + "schedule item changes: preprocess", + "schedule item changes: subprocess", + "smart action auto ranking", + "synchronize access rules data for adaptive search", + "synchronize access rules data for adaptive search for entity", + "synchronize access rules data for adaptive search for entity batch", + "track stuck import jobs", + "update aggregates", + "update aggregates for entity", + "update aggregates for entity batch", + "update references for entity", + "update referencing documents for entity", + "upload interface error and job output file to universal content management", + "user analytics click history data aggregation plsql procedure process" + ] + ], + "legendTypeMap": {} + } + } + } + } + } + }, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | stats distinctcount('Request ID') as Requests by 'State Description'", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "540629ca40917c89bae306a3918b916c", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + }, + { + "id": "0770c1c6209d0b944fd553d59d8b1c17", + "displayName": "SD: Fusion ESS Jobs Summary", + "providerId": "log-analytics", + "providerVersion": "3.0.0", + "providerName": "Logging Analytics", + "compartmentId": "d3795e2244844909f059ffa1fadb3ed3", + "isOobSavedSearch": false, + "description": "", + "nls": {}, + "type": "WIDGET_SHOW_IN_DASHBOARD", + "uiConfig": { + "timeSelection": { + "startTimeUtc": "2025-03-23T18:17:43.000Z", + "endTimeUtc": "2025-03-31T17:17:43.000Z", + "timePeriod": "cust" + }, + "showTitle": true, + "visualizationType": "link", + "visualizationOptions": { + "customVizOpt": { + "LINK_CLASSIFY_SETTINGS": { + "ESS Jobs Analysis": { + "drilldown": "on", + "chartType": "bubble", + "showDimensions": [ + "on" + ], + "chartHeight": 200, + "swapXY": [ + "off" + ], + "showAnomaly": [ + "on" + ], + "showBaseline": [ + "off" + ], + "groupAlias": "Groups", + "groupAliasS": "Group", + "sizeColumn": 8, + "colorColumn": 9, + "descendingXAxis": [ + null + ], + "descendingYAxis": [ + null + ], + "zeroXAxis": [ + "on" + ], + "zeroYAxis": [ + "on" + ], + "classifyDrilldown": [ + "off" + ], + "classifyColorPalette": { + "1": "default", + "7": "crud", + "8": "default", + "9": "func6_unique_udfs17", + "10": "process_status" + }, + "classifyColorPaletteCustom": { + "7": {}, + "9": {}, + "10": {} + }, + "classifyFilters": { + "selectAllFilters": [ + "on" + ], + "showClassifyFilters": [], + "selectedClassifyFilters": [ + 6, + 7, + 8, + 9, + 10 + ], + "classifyNarrowResults": [ + "on" + ] + } + } + }, + "LINK_SEARCH_SETTINGS": { + "groupAliasS": "Group", + "groupAliasP": "Groups", + "logAliasP": "Log Records", + "showUnitRawData": [], + "showNonUnitRawData": [ + "off" + ], + "ms": [ + "on" + ], + "selectedTableField": "createTable1", + "mergeHighlightColumns": [ + "off" + ], + "groupAdditionalTables": [ + "on" + ], + "columnAliases": {}, + "hiddenCharts": { + "groupColumn": true + }, + "hiddenLinkWidgets": { + "linkwidgetOption_HeaderId": true, + "linkwidgetOption_SummaryId": false, + "linkwidgetOption_AnalyzeId": false, + "linkwidgetOption_TSChartId": false, + "linkwidgetOption_HistogramId": true, + "linkwidgetOption_TableId": true, + "linkwidgetOption_ExtraTableId": false + }, + "hiddenColumns": { + "g_duration": true, + "query_start_time": true, + "query_end_time": true, + "trend_interval": true, + "trend_interval_unit": true + }, + "highlightColumnStatus": {}, + "hiddenClassifyCharts": {}, + "hiddenTableFields": {}, + "showCombinedCharts": [ + "off" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "off" + ], + "styleDefaults": { + "lineType": "curved", + "markerDisplayed": "on" + }, + "chartOptions": "bar", + "chartType": "bar", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "on" + ], + "dashboardWidgetOptions": { + "showTabs": [], + "showSummary": [], + "showAnalyzeTab": [ + "on" + ], + "showTSCharts": [], + "showChartsTab": [], + "showTable": [], + "showExtraTable": [ + "on" + ] + }, + "linkSummaryInput": "", + "timeseries": { + "timestats1": { + "showCombinedCharts": [ + "on" + ], + "showStack": [ + "off" + ], + "smartGroup": [ + "on" + ], + "showLegend": [ + "off" + ], + "chartOptions": "lineWithMarker", + "chartType": "line", + "chartHeightVal": 200, + "chartWidthVal": 60, + "showToolTips": [ + "off" + ], + "colorColumn": 2, + "hiddenTSCharts": {}, + "timeSeriesColorPalette": { + "0": "crud", + "1": "func6_unique_udfs12", + "2": "process_status" + }, + "timeSeriesColorPaletteCustom": { + "0": {}, + "1": {}, + "2": {} + }, + "tsFilters": { + "selectAllFilters": [ + "off" + ], + "showTSFilters": [ + "on" + ], + "selectedTSFilters": [ + "func4_unique_udfs366", + "func6_unique_udfs12", + "func7_latest_udfs379", + "timestats1_func1_avg_evalVirtualField3" + ], + "filterSelectedKeyMapByFilterIndex": [ + [ + "activate multiple versions", + "activate multiple versions: preprocessor", + "activate multiple versions: subprocess", + "age user context relevancy feed", + "allow file import export queue entry", + "cache application usage insights report data", + "coordinate batch data import from source files to base tables", + "coordinate data import from a source file to base table", + "coordinate data import from source files to base tables", + "coordinate import process from source file to staging table using sql loader", + "create standard import sub-job", + "create standard import subrequest", + "evaluate access group orchestration", + "execute consumer batch preprocessing steps", + "execute entity batch", + "execute log generation", + "generate control and data files for all source files", + "generate relevancy feed", + "generate relevancy feed batch", + "index active meta model version", + "index entity", + "maintain meta model and index", + "perform access extension and predefined rules processing for objects", + "perform near real-time processing of access group object sharing rules", + "perform object sharing rule assignment processing", + "process active time data", + "process click history mapping data", + "process generated log and bad files", + "purge aged signals data", + "purge application metrics", + "purge exported data files and log files from content server", + "purge import and export data files from content server", + "reflect hierarchy change", + "reflect hierarchy change for entity process", + "reflect hierarchy change for hierarchy update", + "reflect search indexes with changes in resource and territory hierarchies", + "refresh access control data", + "refresh bi reports audit data for user adoption reporting", + "resubmit undelivered signals", + "run access group membership rules", + "sales dbml model training job", + "schedule and complete new item request", + "schedule and complete new item request: preprocess", + "schedule and complete new item request: subprocess", + "schedule item changes", + "schedule item changes: preprocess", + "schedule item changes: subprocess", + "smart action auto ranking", + "synchronize access rules data for adaptive search", + "synchronize access rules data for adaptive search for entity", + "synchronize access rules data for adaptive search for entity batch", + "track stuck import jobs", + "update aggregates", + "update aggregates for entity", + "update aggregates for entity batch", + "update references for entity", + "update referencing documents for entity", + "upload interface error and job output file to universal content management", + "user analytics click history data aggregation plsql procedure process" + ] + ], + "legendTypeMap": {} + } + } + }, + "additionalTables": { + "Job Summary": { + "hiddenTableColumns": [], + "selectedGroupByColumn": 0, + "filters": [ + { + "filterName": "Succeeded", + "filterPredicate": "Status = succeeded", + "filterDisabled": false, + "filterEnabled": true + }, + { + "filterName": "Waiting", + "filterPredicate": "Status = wait", + "filterDisabled": false, + "filterEnabled": true + }, + { + "filterName": "Failed", + "filterPredicate": "Status = error", + "filterDisabled": false, + "filterEnabled": true + } + ], + "value": "", + "showTableFilters": [ + "on" + ] + } + } + } + } + }, + "queryString": "'Log Source' = 'Oracle Fusion Apps: Enterprise Scheduler Service (ESS)' | link 'Request ID' | stats unique(Application) as Application, avg(ElapsedTime) as E, unique('Instance Parent Id') as 'Parent ID', unique('Job Display Name') as Job, unique('Parent Request ID') as 'Parent Req ID', unique(Product) as Product, latest('State Description') as Status, unique(Submitter) as Submitter | eval 'Time Taken' = unit(E, ms) | eval U = url('https://oracle.com', View) | eventstats distinctcount('Request ID') as Requests, avg(E) as AE, latest(U) as Details by Product, Job, Status | eval 'Average Time Taken' = unit(AE, ms) | createtable name = 'Job Summary' select Product, Job, Status, Requests, 'Average Time Taken', Details | classify 'Start Time', Job, 'Time Taken', Product, Status as 'ESS Jobs Analysis' | where Job = literal('provide online transaction engine functionality') and Product = literal(xla) and Status = literal(succeeded) | fields -E, -AE", + "scopeFilters": { + "filters": [ + { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + { + "type": "LogSet", + "flags": {}, + "values": [] + }, + { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + ], + "isGlobal": false, + "LogGroup": { + "type": "LogGroup", + "flags": { + "IncludeSubCompartments": true + }, + "values": [ + { + "value": "ee57d587a5124dddbed61c1d98468c09", + "label": "orasenatdpltsecitom02 (root)" + } + ] + }, + "Entity": { + "type": "Entity", + "flags": { + "IncludeDependents": true, + "ScopeCompartmentId": "d3795e2244844909f059ffa1fadb3ed3" + }, + "values": [] + }, + "LogSet": { + "type": "LogSet", + "flags": {}, + "values": [] + }, + "Region": { + "type": "Region", + "flags": {}, + "values": [ + { + "value": "us-ashburn-1", + "label": "US East (Ashburn)" + } + ] + } + }, + "internalKey": "0770c1c6209d0b944fd553d59d8b1c17", + "vizType": "lxSavedSearchWidgetType", + "enableWidgetInApp": true + }, + "dataConfig": [], + "screenImage": " ", + "metadataVersion": "2.0", + "widgetTemplate": "visualizations/chartWidgetTemplate.html", + "widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget", + "freeformTags": {}, + "definedTags": {}, + "parametersConfig": [ + { + "name": "log-analytics-log-group-compartment", + "displayName": "Log Group Compartment", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-4a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-entity", + "displayName": "Entity", + "required": true, + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-2a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-log-set", + "displayName": "Log Set", + "required": true, + "hidden": "$(window.logSetNotEnabled)", + "defaultFilterIds": [ + "OOBSS-management-dashboard-filter-3a" + ], + "editUi": { + "inputType": "none" + }, + "valueFormat": { + "type": "object" + } + }, + { + "name": "log-analytics-region", + "displayName": "Region", + "required": false, + "defaultFilterIds": [ + "OOBSS-management-dashboard-region-filter" + ], + "editUi": { + "inputType": "savedSearch", + "filterTile": { + "filterId": "OOBSS-management-dashboard-region-filter" + } + } + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "required": true, + "hidden": true + }, + { + "name": "flex" + } + ], + "featuresConfig": { + "crossService": { + "shared": true + } + }, + "drilldownConfig": [] + } + ], + "parametersConfig": [ + { + "savedSearchId": "OOBSS-management-dashboard-filter-4a", + "displayName": "Log Group Compartment", + "width": 4, + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-4a", + "filterName": "log-analytics-loggroup-filter", + "vizFilterType": "lxLogGroupDashFilterType", + "defaultWidth": 4, + "minWidth": 4 + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-loggroup-filter", + "localStorageKey": "log-analytics-loggroup-filter" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-2a", + "displayName": "Entity", + "width": 6, + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-2a", + "filterName": "log-analytics-entity-filter", + "vizFilterType": "lxEntityDashFilterType", + "defaultWidth": 6, + "minWidth": 6 + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-entity-filter", + "localStorageKey": "log-analytics-entity-filter" + }, + { + "name": "time", + "displayName": "$(bundle.globalSavedSearch.TIME)", + "src": "$(context.time)" + }, + { + "savedSearchId": "OOBSS-management-dashboard-filter-3a", + "displayName": "Log Set", + "state": "DEFAULT", + "uiConfig": { + "internalKey": "OOBSS-management-dashboard-filter-3a", + "filterName": "log-analytics-logset-filter", + "vizFilterType": "lxLogSetDashFilterType", + "defaultWidth": 6, + "minWidth": 6, + "hidden": "$(window.logSetNotEnabled)" + }, + "parametersMap": { + "isStoreInLocalStorage": true + }, + "name": "log-analytics-logset-filter", + "localStorageKey": "log-analytics-logset-filter", + "uniqueId": "f23dcd77-dfdf-5d3a-ae57-06af7675bf89" + } + ], + "featuresConfig": { + "crossService": { + "shared": false + }, + "serviceTypes": [ + "log-analytics" + ] + }, + "drilldownConfig": [], + "freeformTags": {}, + "definedTags": {} + } + ] +} \ No newline at end of file diff --git a/knowledge-content/fa-ess-scheduler/images/FA_ESS_best_practices.jpg b/knowledge-content/fa-ess-scheduler/images/FA_ESS_best_practices.jpg new file mode 100644 index 00000000..13545b6f Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/FA_ESS_best_practices.jpg differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-create-user-defined-field.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-create-user-defined-field.png new file mode 100644 index 00000000..dd9e9c70 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-create-user-defined-field.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-import-ess-monitoring-dashboard.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-import-ess-monitoring-dashboard.png new file mode 100644 index 00000000..9738ecc7 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-import-ess-monitoring-dashboard.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard.png new file mode 100644 index 00000000..2eba79f0 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard1.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard1.png new file mode 100644 index 00000000..d676bc8b Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-and-status-dashboard1.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-workflow.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-workflow.png new file mode 100644 index 00000000..4e0d7863 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-job-requests-workflow.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-collection-properties.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-collection-properties.png new file mode 100644 index 00000000..db31eae3 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-collection-properties.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-credential-management.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-credential-management.png new file mode 100644 index 00000000..a8dc2430 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-management-agent-credential-management.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess-product-code-field-enrichment.png b/knowledge-content/fa-ess-scheduler/images/blog-ess-product-code-field-enrichment.png new file mode 100644 index 00000000..56c6d44c Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess-product-code-field-enrichment.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard.png b/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard.png new file mode 100644 index 00000000..2eba79f0 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard1.png b/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard1.png new file mode 100644 index 00000000..d676bc8b Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess_job_requests_and_status_dashboard1.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_ref_architecture.png b/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_ref_architecture.png new file mode 100644 index 00000000..c0381f73 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_ref_architecture.png differ diff --git a/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_reference_architecture.png b/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_reference_architecture.png new file mode 100644 index 00000000..d777af0e Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/images/blog-ess_logs_reference_architecture.png differ diff --git a/knowledge-content/fa-ess-scheduler/log-sources/Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)_1745244403805.zip b/knowledge-content/fa-ess-scheduler/log-sources/Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)_1745244403805.zip new file mode 100644 index 00000000..ac9478a5 Binary files /dev/null and b/knowledge-content/fa-ess-scheduler/log-sources/Oracle Fusion Apps_ Enterprise Scheduler Service (ESS)_1745244403805.zip differ diff --git a/knowledge-content/fa-ess-scheduler/lookups/Fusion_Products_Lookup.csv b/knowledge-content/fa-ess-scheduler/lookups/Fusion_Products_Lookup.csv new file mode 100644 index 00000000..a2438385 --- /dev/null +++ b/knowledge-content/fa-ess-scheduler/lookups/Fusion_Products_Lookup.csv @@ -0,0 +1,369 @@ +PRODUCT_ID,PRODUCT_ABBREVIATION,PRODUCT_NAME,PRODUCT_FAMILY_CODE,PRODUCT_FAMILY_NAME +14084,atk, Application Toolkit,atf, Applications Technology +14087,exm, Expenses,fin, Financials +14088,xcc, Budgetary Control,fin, Financials +14089,hrt, Profile Management,hcm, Human Capital Management +14090,wlm,Obsoleted - 14090 - Workforce Lifecycle Manager,hcm, Human Capital Management +14091,cmp, Compensation,hcm, Human Capital Management +14092,pyt, Payroll Test Harness,hcm, Human Capital Management +14093,hra, Performance Management,hcm, Human Capital Management +14094,poz, Supplier Model,prc, Procurement +14095,pjo, Project Control,prj, Projects +14096,pjs, Project Performance Reporting,prj, Projects +14097,doo, Distributed Order Orchestration,scm, Supply Chain Management +14098,m4u, Messages for UCCNet Registry,scm, Supply Chain Management +14099,cst, Cost Management,scm, Supply Chain Management +14100,egi, Product Hub,scm, Supply Chain Management +14101,rcv, Receiving,scm, Supply Chain Management +14102,gmq, Process Manufacturing Quality Management,scm, Supply Chain Management +14103,egp, Product Model,scm, Supply Chain Management +14104,msp, Global Order Promising,scm, Supply Chain Management +14105,hrc, HCM Common Architecture,hcm, Human Capital Management +14106,hrw, HCM Configuration Workbench,hcm, Human Capital Management +14144,zbs, Sales,crm, Customer Relationship Management +14145,zmm, Applications Common Components,crm, Customer Relationship Management +14146,zca, Common CRM,crm, Customer Relationship Management +14147,zcc, Contact Center Application,crm, Customer Relationship Management +14148,zon, Contact Center Common Components,crm, Customer Relationship Management +14149,mkt, Marketing,crm, Customer Relationship Management +14150,zoe, CRM for Microsoft Outlook,crm, Customer Relationship Management +14151,emc, E-Commerce,crm, Customer Relationship Management +14152,ewm, E-Mail and Web Marketing,crm, Customer Relationship Management +14153,emv, E-Service,crm, Customer Relationship Management +14154,zfs, Field Service Management,crm, Customer Relationship Management +14155,csh, Helpdesk,crm, Customer Relationship Management +14156,mkl, Lead Management,crm, Customer Relationship Management +14157,zmc, Marketing Common Components,crm, Customer Relationship Management +14158,mct, Multichannel Technologies,crm, Customer Relationship Management +14159,moo, Opportunity Management,crm, Customer Relationship Management +14160,zoc, Order Capture Common Components,crm, Customer Relationship Management +14161,qsc, Sales Catalog,crm, Customer Relationship Management +14162,qoc, Quote and Order Capture,crm, Customer Relationship Management +14163,zsf, Sales Forecasting,crm, Customer Relationship Management +14164,mks, Segmentation,crm, Customer Relationship Management +14165,emk, Self Service Common CRM Components,crm, Customer Relationship Management +14166,zvc, CRM Infrastructure Components,crm, Customer Relationship Management +14167,cso, Knowledge Management,crm, Customer Relationship Management +14168,csy, Service Request Management,crm, Customer Relationship Management +14169,mot, Territory Management,crm, Customer Relationship Management +14170,zcq, Trading Community Data Quality,crm, Customer Relationship Management +14171,zch, Trading Community Hub,crm, Customer Relationship Management +14172,zcp, Trading Community Policies,crm, Customer Relationship Management +14173,zhc, CDM Common Components,crm, Customer Relationship Management +14174,mow, Work Management,crm, Customer Relationship Management +14264,por, Self Service Procurement,prc, Procurement +14266,arc, Credit Management,fin, Financials +14464,cto, Configure To Order,scm, Supply Chain Management +14465,mcr, Campaign Run Optimization,scm, Supply Chain Management +14466,mop, Promotions and Deal Management,crm, Customer Relationship Management +14467,msn, Strategic Network Optimization,scm, Supply Chain Management +14471,dde, Deductions and Settlement Management,scm, Supply Chain Management +14472,ypd, Demand Management,scm, Supply Chain Management +14473,ddt, Predictive Trade Planning,scm, Supply Chain Management +14474,ddo, Trade Promotion Optimization,scm, Supply Chain Management +14475,dda, Advanced Forecasting and Demand Modeling,scm, Supply Chain Management +14476,ypa, Sales and Operations Planning,scm, Supply Chain Management +14704,fuf, Upgrade Framework,atf, Applications Technology +14705,mss, Production Scheduling,scm, Supply Chain Management +14764,hrx, HCM Country and Vertical Extensions,hcm, Human Capital Management +14848,ap, Payables,fin, Financials +14849,ar, Receivables,fin, Financials +14850,ben, Benefits,hcm, Human Capital Management +14852,ce, Cash Management,fin, Financials +14854,cn, Incentive Compensation,ic, Incentive Compensation. +14855,csd, Depot Repair,scm, Supply Chain Management +14856,cse, Asset Tracking,scm, Supply Chain Management +14858,csi, Installed Base,scm, Supply Chain Management +14865,cz, Configurator,scm, Supply Chain Management +14866,eam, Enterprise Asset Management,scm, Supply Chain Management +14867,edr, E-Signatures and E-Records,scm, Supply Chain Management +14868,ego, Product and Catalog Management,scm, Supply Chain Management +14870,fa, Assets,fin, Financials +14871,ff, Fast Formula,hcm, Human Capital Management +14872,flm, Flow Manufacturing,scm, Supply Chain Management +14873,pjp, Project Portfolio Analysis,prj, Projects +14875,fun, Financials Common Module,fin, Financials +14876,fv,Obsoleted - 14876 - U.S. Federal Financials,fin, Financials +14877,gcs, Financial Consolidation Hub,fin, Financials +14878,ghr, US Federal Human Resources,hcm, Human Capital Management +14879,gl, General Ledger,fin, Financials +14880,gme, Process Manufacturing Process Execution,scm, Supply Chain Management +14881,gmo, MES for Process Manufacturing,scm, Supply Chain Management +14882,gms, Grants Management,prj, Projects +14885,hxt, Time and Labor,hcm, Human Capital Management +14886,hz, Trading Community Model,crm, Customer Relationship Management +14887,iby, Payments,fin, Financials +14888,iex, Advanced Collections,fin, Financials +14889,igi,Obsoleted - 14889 - Public Sector Financials (International),fin, Financials +14893,igw, Grants Proposal,prj, Projects +14894,inv, Inventory Management,scm, Supply Chain Management +14896,irc, Recruiting,hcm, Human Capital Management +14898,ja, Financials for Asia/Pacific,fin, Financials +14899,je, Financials for EMEA,fin, Financials +14900,jl, Financials for the Americas,fin, Financials +14904,msc, Planning Common,scm, Supply Chain Management +14905,msr, Inventory Optimization,scm, Supply Chain Management +14906,mwa, Mobile Supply Chain Applications,scm, Supply Chain Management +14907,okc, Enterprise Contracts,crm, Customer Relationship Management +14910,pay, Global Payroll,hcm, Human Capital Management +14911,per, Global Human Resources,hcm, Human Capital Management +14912,pjb, Project Billing,prj, Projects +14913,pjc, Project Costing,prj, Projects +14914,pjf, Project Foundation,prj, Projects +14915,pjl, Project Collaboration,prj, Projects +14916,pjm, Project Manufacturing,scm, Supply Chain Management +14917,pjr, Project Resource Management,prj, Projects +14918,pjt, Project Management,prj, Projects +14919,pnl, Real Estate Leases,prj, Projects +14920,po, Purchasing,prc, Procurement +14921,poi, Spend Analyzer,prc, Procurement +14922,pon, Sourcing,prc, Procurement +14923,pos, Supplier Portal,prc, Procurement +14924,psp, Labor Distribution,hcm, Human Capital Management +14925,qa, Quality Inspection Management,scm, Supply Chain Management +14926,qp, Pricing,scm, Supply Chain Management +14927,qpr, Price Planning,scm, Supply Chain Management +14928,rlm, Release Management,scm, Supply Chain Management +14931,vea, Automotive Integration Kit,scm, Supply Chain Management +14932,wip, Discrete Manufacturing,scm, Supply Chain Management +14933,wms, Warehouse Management,scm, Supply Chain Management +14934,wsh, Shipping,scm, Supply Chain Management +14936,xla, Subledger Accounting,fin, Financials +14937,xle, Legal Entity Configurator,fin, Financials +14938,xtr,Obsoleted - 14938 - Treasury,fin, Financials +14939,zx, Tax,fin, Financials +14940,jmf, Supply Chain Localizations,scm, Supply Chain Management +14942,ota, Learning Management,hcm, Human Capital Management +14943,gmd, Process Manufacturing Product Development,scm, Supply Chain Management +14946,mso, Constraint Based Optimization,scm, Supply Chain Management +14947,hts, Workforce Scheduling,hcm, Human Capital Management +14948,jai,Obsoleted - 14948 - Financials for India,fin, Financials +15264,hrs, Social Connection,hcm, Human Capital Management +16525,xlh, Accounting Hub,fin, Financials +16526,zcx, CRM Application Composer,crm, Customer Relationship Management +16527,zcm, Customer Center,crm, Customer Relationship Management +16528,hry_obs, Global Payroll Interface_obsoleted,hcm, Human Capital Management +16529,hrg, Goal Management,hcm, Human Capital Management +16530,hcmcn, HRMS (China),hcm, Human Capital Management +16531,hcmsa, HRMS (Saudi Arabia),hcm, Human Capital Management +16532,hcmuk, HRMS (UK),hcm, Human Capital Management +16533,hcmae, HRMS (United Arab Emirates),hcm, Human Capital Management +16534,hcmus, HRMS (US),hcm, Human Capital Management +16535,zms, Mobile Sales,crm, Customer Relationship Management +16536,pjg, Project Integration Gateway,prj, Projects +16537,cmr, Receipt Accounting,scm, Supply Chain Management +16538,zsp, Sales Prediction Engine,crm, Customer Relationship Management +16539,hrr, Talent Review,hcm, Human Capital Management +16540,cms, Total Compensation Statement,hcm, Human Capital Management +16987,hrl, Workforce Directory Management,hcm, Human Capital Management +16988,rcs, Supply Chain Management Common Components,scm, Supply Chain Management +17366,zpm, Partner Management,crm, Customer Relationship Management +17367,hcmkw, HRMS (Kuwait),hcm, Human Capital Management +17368,hwp, Workforce Predictions,hcm, Human Capital Management +17886,acr, Application Common Resources,com, Common +17985,fod, SaaS Enablement,crm, Customer Relationship Management +19389,ach, Common Search,fscm, Financials and Supply Chain Management +19390,acl, Common Analytics,fscm, Financials and Supply Chain Management +19391,acj, Common Java Authorization,fscm, Financials and Supply Chain Management +19769,grc_obs,Obsoleted - 19769 - GRC Manager,grc," Governance, Risk, and Compliance" +20135,gra, GRC Application Access Controls Governor,grc," Governance, Risk, and Compliance" +20534,acg,Obsoleted - 20534 - Agile Product Compliance,scm, Supply Chain Management +20535,acx,Obsoleted - 20535 - Roll Up Engine,scm, Supply Chain Management +20536,acs,Obsoleted - 20536 - Direct Material Sourcing,scm, Supply Chain Management +20537,acb,Obsoleted - 20537 - Sandbox,scm, Supply Chain Management +20538,aca, Product Development,scm, Supply Chain Management +20539,mtm, Transportation Management,scm, Supply Chain Management +20540,hcmru, HRMS (Russia),hcm, Human Capital Management +20541,hcmno, HRMS (Norway),hcm, Human Capital Management +20542,hcmpl, HRMS (Poland),hcm, Human Capital Management +20543,hcmkr, HRMS (Republic of Korea),hcm, Human Capital Management +20544,hcmnz, HRMS (New Zealand),hcm, Human Capital Management +20545,hcmza, HRMS (South Africa),hcm, Human Capital Management +20546,hcmjp, HRMS (Japan),hcm, Human Capital Management +20547,hcmit, HRMS (Italy),hcm, Human Capital Management +20548,hcmhu, HRMS (Hungary),hcm, Human Capital Management +20549,hcmfi, HRMS (Finland),hcm, Human Capital Management +20550,hcmdk, HRMS (Denmark),hcm, Human Capital Management +20551,hcmes, HRMS (Spain),hcm, Human Capital Management +20552,hcmse, HRMS (Sweden),hcm, Human Capital Management +20553,hcmbe, HRMS (Belgium),hcm, Human Capital Management +20554,hbm, Budget Management,hcm, Human Capital Management +20555,dos, Supply Chain Orchestration,scm, Supply Chain Management +20556,vfc, Consumer Goods,crm, Customer Relationship Management +20557,vrm, Revenue Management,fin, Financials +20558,act, Advanced Constraint Technology,scm, Supply Chain Management +20559,hlr, Workforce Relations,hcm, Human Capital Management +20560,hmo, Workforce Modeling,hcm, Human Capital Management +20561,hwa, Workforce Administration,hcm, Human Capital Management +20562,fos, Supply Chain Financial Orchestration Foundation,scm, Supply Chain Management +20563,zst, State Management,crm, Customer Relationship Management +20564,zmf, Disconnected Mobile Client,crm, Customer Relationship Management +20565,acd, Product Concept Design,scm, Supply Chain Management +20566,gbl, Supply Chain Globalization,scm, Supply Chain Management +20567,acn, Product Requirements and Ideation Management,scm, Supply Chain Management +20568,ace, Product Lifecycle Portfolio Management,scm, Supply Chain Management +20569,zso, Activity Stream for CRM,crm, Customer Relationship Management +20570,hcmca, HRMS (Canada),hcm, Human Capital Management +20571,poq, Supplier Qualification,prc, Procurement +20572,hcmde, HRMS (Germany),hcm, Human Capital Management +20573,hcmnl, HRMS (Netherlands),hcm, Human Capital Management +20574,hcmmx, HRMS (Mexico),hcm, Human Capital Management +20575,cml, Landed Cost Management,scm, Supply Chain Management +20576,hwm, Workforce Management,hcm, Human Capital Management +20577,anc, Absence Management,hcm, Human Capital Management +20578,hcmfr, HRMS (France),hcm, Human Capital Management +20579,osm, Social Media Manager,atf, Applications Technology +20580,hcmie, HRMS (Ireland),hcm, Human Capital Management +20581,hrm, Succession Management,hcm, Human Capital Management +20582,hcmhk, HRMS (Hong Kong),hcm, Human Capital Management +20583,hrq, Questionnaire,hcm, Human Capital Management +20584,hcmsg, HRMS (Singapore),hcm, Human Capital Management +20585,hcmau, HRMS (Australia),hcm, Human Capital Management +20586,hcmin, HRMS (India),hcm, Human Capital Management +21135,acm, CRM Analytics,crm, Customer Relationship Management +21136,pje, Project Management Control,prj, Projects +21137,mkw, Web Marketing,crm, Customer Relationship Management +21138,grp, GRC Audit Controls Composer,grc," Governance, Risk, and Compliance" +21139,ccc, GRC Configuration Controls Governor,grc," Governance, Risk, and Compliance" +21140,gtg, Risks and Controls,grc," Governance, Risk, and Compliance" +21141,jg, Financials for Regional Localizations,fin, Financials +21142,ism, Social Media and Intelligence,grc," Governance, Risk, and Compliance" +21143,vvc,Obsoleted - 21143 - Value Chain Visualizer,scm, Supply Chain Management +21144,ypc, Planning Collaboration,scm, Supply Chain Management +21145,yps, Supply Planning,scm, Supply Chain Management +21146,ypm, Planning Performance Management,scm, Supply Chain Management +21147,ypb, Planning Central,scm, Supply Chain Management +21148,fta,Oracle Tap for Oracle Applications,com, Common +21149,hns, Workforce Health and Safety Incidents,hcm, Human Capital Management +21150,pnp, Real Estate Portfolio Management,prj, Projects +21151,pnr, Real Estate Accounting,prj, Projects +21152,arb, Bill Management,fin, Financials +21153,cmf, Fiscal Document Capture,scm, Supply Chain Management +22075,gti, Applications Integration for Oracle Global Trade Management,scm, Supply Chain Management +22076,mti, Applications Integration for Oracle Transportation Management,scm, Supply Chain Management +22077,cmk, Collaboration Messaging Framework,scm, Supply Chain Management +22078,hwr, Workforce Reputation Management,hcm, Human Capital Management +22079,cmm,Obsoleted - 22079 - Human Capital Management Communications Center,hcm, Human Capital Management +22080,hry, Global Payroll Interface,hcm, Human Capital Management +22081,egrcm," Enterprise Governance, Risk, and Compliance Manager",grc," Governance, Risk, and Compliance" +22215,hcmch, HRMS (Switzerland),hcm, Human Capital Management +22216,hrd, Career Development,hcm, Human Capital Management +22556,evi, Enterprise Visualization,scm, Supply Chain Management +22838,ase, Applications Security,hcm, Human Capital Management +22839,evn, Visual Information Navigator,scm, Supply Chain Management +22976,vfa,Oracle Voice for Oracle Cloud Applications,atf, Applications Technology +22977,egs, Product Hub Portal,scm, Supply Chain Management +23456,msa, Mobilytics,atf, Applications Technology +23457,foa, Supply Chain Financial Orchestration,scm, Supply Chain Management +23636,wie, Common Work Execution,scm, Supply Chain Management +23637,wis, Common Work Setup,scm, Supply Chain Management +26679,EVB, Visual Information Builder,scm, Supply Chain Management +27058,atg, Applications Technology Infrastructure,com, Common +27079,hea, Advisement,hed, Higher Education +27080,hef, Financial Aid,hed, Higher Education +27081,hey, Campus Community,hed, Higher Education +27082,her, Student Records,hed, Higher Education +27083,hes, Student Financials,hed, Higher Education +24958,hcmar, HRMS (Argentina),hcm, Human Capital Management +24959,hcmbr, HRMS (Brazil),hcm, Human Capital Management +24960,hcmmy, HRMS (Malaysia),hcm, Human Capital Management +24961,hcmth, HRMS (Thailand),hcm, Human Capital Management +25619,ehw, Employee Wellness,hcm, Human Capital Management +26199,HRH, HCM Connect,hcm, Human Capital Management +26278,wlf, Work Life,hcm, Human Capital Management +18369,afh, Help Portal Content,ahc, AHC Operations +25118,fom, Order Management,scm, Supply Chain Management +25506,hcmrs, HRMS (Serbia),hcm, Human Capital Management +25507,hcmng, HRMS (Nigeria),hcm, Human Capital Management +25508,hcmma, HRMS (Morocco),hcm, Human Capital Management +25509,hcmkz, HRMS (Kazakhstan),hcm, Human Capital Management +25510,hcmve, HRMS (Venezuela),hcm, Human Capital Management +25511,hcmua, HRMS (Ukraine),hcm, Human Capital Management +25512,hcmsy, HRMS (Syria),hcm, Human Capital Management +25513,hcmsd, HRMS (Sudan),hcm, Human Capital Management +25514,hcmsi, HRMS (Slovenia),hcm, Human Capital Management +25515,hcmsk, HRMS (Slovakia),hcm, Human Capital Management +25516,hcmqa, HRMS (Qatar),hcm, Human Capital Management +25517,hcmpt, HRMS (Portugal),hcm, Human Capital Management +25518,hcmom, HRMS (Oman),hcm, Human Capital Management +25519,hcmlu, HRMS (Luxembourg),hcm, Human Capital Management +25520,hcmlt, HRMS (Lithuania),hcm, Human Capital Management +25521,hcmli, HRMS (Liechtenstein),hcm, Human Capital Management +25522,hcmlb, HRMS (Lebanon),hcm, Human Capital Management +25523,hcmlv, HRMS (Latvia),hcm, Human Capital Management +25524,hcmil, HRMS (Israel),hcm, Human Capital Management +25525,hcmiq, HRMS (Iraq),hcm, Human Capital Management +25526,hcmgr, HRMS (Greece),hcm, Human Capital Management +25527,hcmee, HRMS (Estonia),hcm, Human Capital Management +25528,hcmeg, HRMS (Egypt),hcm, Human Capital Management +25529,hcmcz, HRMS (Czech Republic),hcm, Human Capital Management +25530,hcmcy, HRMS (Cyprus),hcm, Human Capital Management +25531,hcmhr, HRMS (Croatia),hcm, Human Capital Management +25532,hcmbh, HRMS (Bahrain),hcm, Human Capital Management +25533,hcmat, HRMS (Austria),hcm, Human Capital Management +25535,hcmtw, HRMS (Taiwan),hcm, Human Capital Management +25536,hcmjo, HRMS (Jordan),hcm, Human Capital Management +25537,hcmvn, HRMS (Vietnam),hcm, Human Capital Management +25538,hcmph, HRMS (Philippines),hcm, Human Capital Management +25539,hcmpk, HRMS (Pakistan),hcm, Human Capital Management +25540,hcmro, HRMS (Romania),hcm, Human Capital Management +25541,hcmid, HRMS (Indonesia),hcm, Human Capital Management +25542,hcmtr, HRMS (Turkey),hcm, Human Capital Management +25543,hcmcl, HRMS (Chile),hcm, Human Capital Management +25544,hcmco, HRMS (Colombia),hcm, Human Capital Management +30059,enq, Quality Issue and Action Management,scm, Supply Chain Management +30138,mnt, Maintenance Management,scm, Supply Chain Management +30158,loy, Loyalty,crm, Customer Relationship Management +31298,hhr, Corporate Social Responsibility,hcm, Human Capital Management +31479,CXI, Customer Experience Integration Solution,crm, Customer Relationship Management +29042,svc, Service,crm, Customer Relationship Management +29098,afs, Sales for Retail Banking,crm, Customer Relationship Management +29099,aht, Sales for High Tech Manufacturing,crm, Customer Relationship Management +29100,atc, Sales for Communications,crm, Customer Relationship Management +29101,aco, Sales for Consumer Goods Retail Execution,crm, Customer Relationship Management +29498,vcs, Supply Chain Collaboration,scm, Supply Chain Management +29499,vcf, Value Chain Collaboration Framework,scm, Supply Chain Management +29918,zqa, Sales for Automotive,crm, Customer Relationship Management +29919,zqp, Sales for Pharmaceuticals,crm, Customer Relationship Management +29920,zqu, Sales for Utilities,crm, Customer Relationship Management +29921,zqw, Sales for Wealth Management,crm, Customer Relationship Management +32138,gto, Business Intelligence for Risk Management,grc," Governance, Risk, and Compliance" +32139,gtr, Risk Manager,grc," Governance, Risk, and Compliance" +32178,zps_gm, Sales Cloud for Gmail,crm, Customer Relationship Management +32179,zps_ibm, Sales Cloud for IBM Notes,crm, Customer Relationship Management +32180,zps_365, Sales Cloud for Office 365,crm, Customer Relationship Management +32438,css,Oracle Digital Customer Service,crm, Customer Relationship Management +27898,hcmbg, HRMS (Bulgaria),hcm, Human Capital Management +28638,fim, Internal Mobility,hcm, Human Capital Management +39242,FV, U.S. Federal Financials,fin, Financials +35078,ahe, Sales Cloud for Higher Education,crm, Customer Relationship Management +36058,hqz, Human Resources Advisor,hcm, Human Capital Management +36438,zem, CX Cloud Mobile,crm, Customer Relationship Management +36819,hcm_cc, HCM Central Components,hcm, Human Capital Management +36938,hex, HCM Extracts,hcm, Human Capital Management +37279,ypr, Replenishment Planning,scm, Supply Chain Management +37506,hcm_im, Human Resources Management Systems (Isle of Man),hcm, Human Capital Management +37507,hcm_gg, Human Resources Management Systems (Guernsey),hcm, Human Capital Management +37508,hcm_je, Human Resources Management Systems (Jersey),hcm, Human Capital Management +37518,heq, Student Admissions,hed, Higher Education +44060,PSX,Oracle PSCR Subledger,psc, Public Sector Cloud +44120,FLA, Lease Accounting,fin, Financials +40422,psc_pz,Oracle Public Sector Planning and Zoning Cloud Service,psc, Public Sector Cloud +40423,psc_per,Oracle Public Sector Permits Cloud Service,psc, Public Sector Cloud +40424,psc_ce,Oracle Public Sector Code Enforcement Cloud Service,psc, Public Sector Cloud +40425,psc_bl,Oracle Public Sector Business Licenses Cloud Service,psc, Public Sector Cloud +40426,psc_pol,Oracle Public Sector Professional Licenses Cloud Service,psc, Public Sector Cloud +40838,RCL, Service Logistics,scm, Supply Chain Management +40839,ZUP, Policy Automation Data Connector,crm, Customer Relationship Management +40982,psc_cc,Oracle Public Sector Common Components,psc, Public Sector Cloud +40983,psc_ts,Oracle Public Sector Tech Stack,psc, Public Sector Cloud +41524,OSS, Subscription Management Cloud Service,crm, Customer Relationship Management +41579,MOB, HCM Cloud Mobile,hcm, Human Capital Management +42499,cjm,Oracle Channel Revenue Management,scm, Supply Chain Management +42727,JV, Joint Venture Management,fin, Financials +43339,PSC,Oracle Public Sector Subledger,psc, Public Sector Cloud +19391,acj, Common Java Authorization,scm, Supply Chain Management +19391,acj, Common Java Authorization,prj, Projects +44842,sch, Supply Chain for Healthcare,scm, Supply Chain Management +1,p4fa,p4fa,p4fa,p4fa +14875,fintech(fun), Financials Common Module,fin, Financials \ No newline at end of file