diff --git a/packages/abnormal_security/changelog.yml b/packages/abnormal_security/changelog.yml index adc94174388..49cfb55a90c 100644 --- a/packages/abnormal_security/changelog.yml +++ b/packages/abnormal_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.12.0" + changes: + - description: Use links panel in Dashboards. + type: enhancement + link: https://github.com/elastic/integrations/pull/16740 - version: "1.11.1" changes: - description: Downgrade the `format_version` to the minimum version that supports all the necessary features for the package. diff --git a/packages/abnormal_security/img/abnormal_security-ai_security_mailbox_overview.png b/packages/abnormal_security/img/abnormal_security-ai_security_mailbox_overview.png index be34f1fd97c..8883e027797 100644 Binary files a/packages/abnormal_security/img/abnormal_security-ai_security_mailbox_overview.png and b/packages/abnormal_security/img/abnormal_security-ai_security_mailbox_overview.png differ diff --git a/packages/abnormal_security/img/abnormal_security-audit_overview.png b/packages/abnormal_security/img/abnormal_security-audit_overview.png index e969e0d884e..4fbc4d5543a 100644 Binary files a/packages/abnormal_security/img/abnormal_security-audit_overview.png and b/packages/abnormal_security/img/abnormal_security-audit_overview.png differ diff --git a/packages/abnormal_security/img/abnormal_security-case_overview.png b/packages/abnormal_security/img/abnormal_security-case_overview.png index cbe9852e390..4e87e326453 100644 Binary files a/packages/abnormal_security/img/abnormal_security-case_overview.png and b/packages/abnormal_security/img/abnormal_security-case_overview.png differ diff --git a/packages/abnormal_security/img/abnormal_security-mailbox_not_analyzed_overview.png b/packages/abnormal_security/img/abnormal_security-mailbox_not_analyzed_overview.png index 8968d570b38..c8d2d3cb1c6 100644 Binary files a/packages/abnormal_security/img/abnormal_security-mailbox_not_analyzed_overview.png and b/packages/abnormal_security/img/abnormal_security-mailbox_not_analyzed_overview.png differ diff --git a/packages/abnormal_security/img/abnormal_security-threat_overview.png b/packages/abnormal_security/img/abnormal_security-threat_overview.png index 7f36879e6c8..fee8b69acfa 100644 Binary files a/packages/abnormal_security/img/abnormal_security-threat_overview.png and b/packages/abnormal_security/img/abnormal_security-threat_overview.png differ diff --git a/packages/abnormal_security/img/abnormal_security-vendor_case_overview.png b/packages/abnormal_security/img/abnormal_security-vendor_case_overview.png new file mode 100644 index 00000000000..dce9d2ab2de Binary files /dev/null and b/packages/abnormal_security/img/abnormal_security-vendor_case_overview.png differ diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5.json index 8e3b6bcf74b..72553ef8664 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5.json @@ -13,6 +13,8 @@ "02c7d338-2f1d-4a02-8a8c-21e0fdab84ef": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.audit.category", "searchTechnique": "prefix", "selectedOptions": [], @@ -30,6 +32,8 @@ "c6e0076e-0647-4272-ac7b-b3e92a4b7f4b": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "cloud.account.name", "searchTechnique": "prefix", "selectedOptions": [], @@ -47,6 +51,8 @@ "cb6a81c0-2e75-480e-9943-dc03f45142b9": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "event.outcome", "searchTechnique": "prefix", "selectedOptions": [], @@ -124,26 +130,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- [AI Security Mailbox Overview](#/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c)\n- [AI Security Mailbox Not Analyzed Overview](#/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c)\n- **Audit Overview**\n- [Case Overview](#/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664)\n- [Threat Overview](#/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac)\n- [Vendor Case Overview](#/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on Audit logs from the Abnormal AI integration. It includes the top 10 users and source IPs, a breakdown of events by category, action and tenant name, as well as essential details about the Audit data.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on Audit logs from the Abnormal AI integration. It includes the top 10 users and source IPs, a breakdown of events by category, action and tenant name, as well as essential details about the Audit data.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 23, "i": "ca5ffc5c-93d1-4505-b795-313668967c10", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "ca5ffc5c-93d1-4505-b795-313668967c10", - "title": "Table of Content", "type": "visualization" }, { @@ -308,17 +313,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Audit Events by Tenant Name [Logs Abnormal AI]" }, "gridData": { "h": 12, "i": "c7a61847-bf18-4297-a0e2-2fc16216a962", "w": 36, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "c7a61847-bf18-4297-a0e2-2fc16216a962", - "title": "Audit Events by Tenant Name [Logs Abnormal AI]", "type": "lens" }, { @@ -483,17 +488,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Audit Events by Action [Logs Abnormal AI]" }, "gridData": { "h": 11, "i": "cb3ce987-ba73-42ca-ae20-bb4868145bd5", "w": 36, "x": 12, - "y": 12 + "y": 16 }, "panelIndex": "cb3ce987-ba73-42ca-ae20-bb4868145bd5", - "title": "Audit Events by Action [Logs Abnormal AI]", "type": "lens" }, { @@ -635,17 +640,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Audit Events by Category [Logs Abnormal AI]" }, "gridData": { "h": 18, "i": "943d8454-266a-4430-a16a-468ad4e8ab35", "w": 17, "x": 0, - "y": 23 + "y": 27 }, "panelIndex": "943d8454-266a-4430-a16a-468ad4e8ab35", - "title": "Audit Events by Category [Logs Abnormal AI]", "type": "lens" }, { @@ -765,17 +770,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Users [Logs Abnormal AI]" }, "gridData": { "h": 18, "i": "876c8eff-917a-4366-b2e0-8d635bf76593", "w": 15, "x": 17, - "y": 23 + "y": 27 }, "panelIndex": "876c8eff-917a-4366-b2e0-8d635bf76593", - "title": "Top 10 Users [Logs Abnormal AI]", "type": "lens" }, { @@ -893,17 +898,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Source IP [Logs Abnormal AI]" }, "gridData": { "h": 18, "i": "898fe80b-6dab-4c13-bd89-d0442dac4d08", "w": 16, "x": 32, - "y": 23 + "y": 27 }, "panelIndex": "898fe80b-6dab-4c13-bd89-d0442dac4d08", - "title": "Top 10 Source IP [Logs Abnormal AI]", "type": "lens" }, { @@ -913,19 +918,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", + "title": "Audit Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 16, "i": "24aca30e-7efb-4dcc-9290-bb261aa10a33", "w": 48, "x": 0, - "y": 41 + "y": 45 }, "panelIndex": "24aca30e-7efb-4dcc-9290-bb261aa10a33", "panelRefName": "panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", - "title": "Audit Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_33400c81-5fb1-4da4-934d-32b65afcf558_dashboard", + "id": "33400c81-5fb1-4da4-934d-32b65afcf558", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_030a5e00-a69a-4332-9b69-48142c1efb12_dashboard", + "id": "030a5e00-a69a-4332-9b69-48142c1efb12", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_2557a28a-de07-40e2-9303-845f1fab3e64_dashboard", + "id": "2557a28a-de07-40e2-9303-845f1fab3e64", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_9250b058-50f6-4978-9a80-df5ca5ac7198_dashboard", + "id": "9250b058-50f6-4978-9a80-df5ca5ac7198", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_d5f9a705-db40-48a9-bb9b-92267aab6d4b_dashboard", + "id": "d5f9a705-db40-48a9-bb9b-92267aab6d4b", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_0044e276-8253-4288-bbf9-fe324340602e_dashboard", + "id": "0044e276-8253-4288-bbf9-fe324340602e", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "a627f997-3e5f-4eae-949c-79579ef9004c", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "a627f997-3e5f-4eae-949c-79579ef9004c", + "type": "links" } ], "timeRestore": false, @@ -933,7 +1029,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:16.970Z", + "created_at": "2025-12-31T05:45:51.449Z", "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", "references": [ { @@ -941,11 +1037,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", - "name": "24aca30e-7efb-4dcc-9290-bb261aa10a33:panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -981,6 +1072,56 @@ "name": "898fe80b-6dab-4c13-bd89-d0442dac4d08:indexpattern-datasource-layer-3b4093b4-bb39-438f-872e-d0a0ba402e0b", "type": "index-pattern" }, + { + "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", + "name": "24aca30e-7efb-4dcc-9290-bb261aa10a33:panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", + "type": "search" + }, + { + "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", + "name": "24aca30e-7efb-4dcc-9290-bb261aa10a33:panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", + "type": "search" + }, + { + "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", + "name": "24aca30e-7efb-4dcc-9290-bb261aa10a33:panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", + "type": "search" + }, + { + "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", + "name": "24aca30e-7efb-4dcc-9290-bb261aa10a33:panel_24aca30e-7efb-4dcc-9290-bb261aa10a33", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_33400c81-5fb1-4da4-934d-32b65afcf558_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_030a5e00-a69a-4332-9b69-48142c1efb12_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_2557a28a-de07-40e2-9303-845f1fab3e64_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_9250b058-50f6-4978-9a80-df5ca5ac7198_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_d5f9a705-db40-48a9-bb9b-92267aab6d4b_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "a627f997-3e5f-4eae-949c-79579ef9004c:link_0044e276-8253-4288-bbf9-fe324340602e_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_02c7d338-2f1d-4a02-8a8c-21e0fdab84ef:optionsListDataView", @@ -1003,6 +1144,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac.json index a0e14996767..0c63e57bdc6 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac.json @@ -13,6 +13,8 @@ "3d452544-b58c-4706-bf9b-7c2debef77b0": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "threat.technique.name", "searchTechnique": "prefix", "selectedOptions": [], @@ -30,6 +32,8 @@ "5722e6cc-26f3-437b-a8a0-5375f2ef8d6a": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.threat.remediation_status", "searchTechnique": "prefix", "selectedOptions": [], @@ -47,6 +51,8 @@ "d306d5a2-9049-45b0-8151-41bc34bab06e": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.threat.attack.vector", "searchTechnique": "prefix", "selectedOptions": [], @@ -124,26 +130,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- [AI Security Mailbox Overview](#/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c)\n- [AI Security Mailbox Not Analyzed Overview](#/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c)\n- [Audit Overview](#/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5)\n- [Case Overview](#/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664)\n- **Threat Overview**\n- [Vendor Case Overview](#/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on Threat logs from the Abnormal AI integration. It includes the top 10 URLs, senders, recipients and senders domains, a breakdown of events by attack medium, strategy and party, as well as essential details about the Threat data, total threats and threat messages. The dashboard also includes the Top Sender Countries.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on Threat logs from the Abnormal AI integration. It includes the top 10 URLs, senders, recipients and senders domains, a breakdown of events by attack medium, strategy and party, as well as essential details about the Threat data, total threats and threat messages. The dashboard also includes the Top Sender Countries.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 22, "i": "eaacabb3-3b4e-46fa-ac9b-9913699cff32", "w": 14, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "eaacabb3-3b4e-46fa-ac9b-9913699cff32", - "title": "Table of Content", "type": "visualization" }, { @@ -226,17 +231,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 7, "i": "c5da2471-4079-4714-ae26-fa4ac54e849e", "w": 17, "x": 14, - "y": 0 + "y": 4 }, "panelIndex": "c5da2471-4079-4714-ae26-fa4ac54e849e", - "title": "", "type": "lens" }, { @@ -319,17 +324,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 7, "i": "9ff51b21-79b7-4d08-8aa1-dc3ca04e39d8", "w": 17, "x": 31, - "y": 0 + "y": 4 }, "panelIndex": "9ff51b21-79b7-4d08-8aa1-dc3ca04e39d8", - "title": "", "type": "lens" }, { @@ -497,17 +502,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Threat Messages by Attack Strategy [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "98400991-e67c-4879-b08a-4d6b245a41a9", "w": 34, "x": 14, - "y": 7 + "y": 11 }, "panelIndex": "98400991-e67c-4879-b08a-4d6b245a41a9", - "title": "Threat Messages by Attack Strategy [Logs Abnormal AI]", "type": "lens" }, { @@ -651,17 +656,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Threat Messages by Attack Medium [Logs Abnormal AI]" }, "gridData": { "h": 13, "i": "e9839153-ba60-4914-8d09-4553a3648527", "w": 24, "x": 0, - "y": 22 + "y": 26 }, "panelIndex": "e9839153-ba60-4914-8d09-4553a3648527", - "title": "Threat Messages by Attack Medium [Logs Abnormal AI]", "type": "lens" }, { @@ -826,17 +831,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Threat Messages by Attacked Party [Logs Abnormal AI]" }, "gridData": { "h": 13, "i": "ac4681b0-acbf-490d-aebd-7ce16e8f8130", "w": 24, "x": 24, - "y": 22 + "y": 26 }, "panelIndex": "ac4681b0-acbf-490d-aebd-7ce16e8f8130", - "title": "Threat Messages by Attacked Party [Logs Abnormal AI]", "type": "lens" }, { @@ -956,17 +961,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Senders [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "6b9df7a1-43dd-4d3e-a5b7-160b2e1b205e", "w": 24, "x": 0, - "y": 35 + "y": 39 }, "panelIndex": "6b9df7a1-43dd-4d3e-a5b7-160b2e1b205e", - "title": "Top 10 Senders [Logs Abnormal AI]", "type": "lens" }, { @@ -1086,17 +1091,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Recipients [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "427f6b14-14b9-44da-b50b-fe12c9bf4018", "w": 24, "x": 24, - "y": 35 + "y": 39 }, "panelIndex": "427f6b14-14b9-44da-b50b-fe12c9bf4018", - "title": "Top 10 Recipients [Logs Abnormal AI]", "type": "lens" }, { @@ -1216,17 +1221,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Sender Domain [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "10110a3d-648d-49b0-80d1-36482848d887", "w": 24, "x": 24, - "y": 49 + "y": 53 }, "panelIndex": "10110a3d-648d-49b0-80d1-36482848d887", - "title": "Top 10 Sender Domain [Logs Abnormal AI]", "type": "lens" }, { @@ -1347,17 +1352,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 URL [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "c287629a-3a65-4ebc-a28a-039237839f4e", "w": 24, "x": 0, - "y": 49 + "y": 53 }, "panelIndex": "c287629a-3a65-4ebc-a28a-039237839f4e", - "title": "Top 10 URL [Logs Abnormal AI]", "type": "lens" }, { @@ -1470,17 +1475,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top Sender Countries [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "e90a7a49-7669-4434-8c52-65385d2ad495", "w": 48, "x": 0, - "y": 64 + "y": 68 }, "panelIndex": "e90a7a49-7669-4434-8c52-65385d2ad495", - "title": "Top Sender Countries [Logs Abnormal AI]", "type": "lens" }, { @@ -1490,19 +1495,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", + "title": "Threat Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", "w": 48, "x": 0, - "y": 79 + "y": 83 }, "panelIndex": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", "panelRefName": "panel_fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", - "title": "Threat Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_aaec499f-52f4-4955-b2c2-924708dc8d29_dashboard", + "id": "aaec499f-52f4-4955-b2c2-924708dc8d29", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_23af75df-d39e-4bc9-91d2-ac15c70a6b4d_dashboard", + "id": "23af75df-d39e-4bc9-91d2-ac15c70a6b4d", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_d2524958-986c-4292-9dbb-0b403ee174da_dashboard", + "id": "d2524958-986c-4292-9dbb-0b403ee174da", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_16c713d3-e6ce-48dd-8ad0-3b16f2b352f0_dashboard", + "id": "16c713d3-e6ce-48dd-8ad0-3b16f2b352f0", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_0b9ff70b-3f46-4148-8cd8-e1025f7a863a_dashboard", + "id": "0b9ff70b-3f46-4148-8cd8-e1025f7a863a", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_dc8180fe-f6eb-4643-ac1f-f4c95177d697_dashboard", + "id": "dc8180fe-f6eb-4643-ac1f-f4c95177d697", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "b421c903-3685-4142-aa56-182c5c19b4d2", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "b421c903-3685-4142-aa56-182c5c19b4d2", + "type": "links" } ], "timeRestore": false, @@ -1510,7 +1606,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:32.933Z", + "created_at": "2025-12-31T05:45:47.402Z", "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", "references": [ { @@ -1518,11 +1614,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", - "name": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8:panel_fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -1583,6 +1674,51 @@ "name": "e90a7a49-7669-4434-8c52-65385d2ad495:indexpattern-datasource-layer-6c1b2eca-2e67-4e34-857a-8e08fb2e936b", "type": "index-pattern" }, + { + "id": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", + "name": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8:panel_fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", + "type": "search" + }, + { + "id": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", + "name": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8:panel_fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", + "type": "search" + }, + { + "id": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", + "name": "fdcde8e1-3b3a-47c2-854e-c41bbacdabd8:panel_fdcde8e1-3b3a-47c2-854e-c41bbacdabd8", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_aaec499f-52f4-4955-b2c2-924708dc8d29_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_23af75df-d39e-4bc9-91d2-ac15c70a6b4d_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_d2524958-986c-4292-9dbb-0b403ee174da_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_16c713d3-e6ce-48dd-8ad0-3b16f2b352f0_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_0b9ff70b-3f46-4148-8cd8-e1025f7a863a_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "b421c903-3685-4142-aa56-182c5c19b4d2:link_dc8180fe-f6eb-4643-ac1f-f4c95177d697_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_3d452544-b58c-4706-bf9b-7c2debef77b0:optionsListDataView", @@ -1605,6 +1741,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4.json index 61e15321b9d..68677ae0d9b 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4.json @@ -13,6 +13,8 @@ "677cb7d4-ce21-490e-a2d8-cc713a5ebd2a": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.vendor_case.timeline.threat_id", "searchTechnique": "prefix", "selectedOptions": [], @@ -30,6 +32,8 @@ "8f746089-917c-4b9f-977b-b3b3da6aee50": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.vendor_case.domain", "searchTechnique": "prefix", "selectedOptions": [], @@ -47,6 +51,8 @@ "b0d9ba73-c236-4773-b19b-345cc1d60f48": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.vendor_case.timeline.marked_as", "searchTechnique": "prefix", "selectedOptions": [], @@ -64,6 +70,8 @@ "daf4c10c-3f25-4998-a224-cd4b4b83af03": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.vendor_case.timeline.event_timestamp", "searchTechnique": "prefix", "selectedOptions": [], @@ -159,26 +167,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- [AI Security Mailbox Overview](#/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c)\n- [AI Security Mailbox Not Analyzed Overview](#/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c)\n- [Audit Overview](#/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5)\n- [Case Overview](#/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664)\n- [Threat Overview](#/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac)\n- **Vendor Case Overview**\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on Vendor Case logs from the Abnormal AI integration. It includes the top 5 malicious senders, a distribution of events by threat type, breakdown of Insights data and essential details about the Vendor Case data and total cases.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on Vendor Case logs from the Abnormal AI integration. It includes the top 5 malicious senders, a distribution of events by threat type, breakdown of Insights data and essential details about the Vendor Case data and total cases.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 29, "i": "dce7afae-26a2-4a3f-b3f5-a954687b5ff1", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "dce7afae-26a2-4a3f-b3f5-a954687b5ff1", - "title": "Table of Content", "type": "visualization" }, { @@ -279,17 +286,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 11, "i": "92954c45-985b-4baf-b0b1-75320bbd9efa", "w": 16, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "92954c45-985b-4baf-b0b1-75320bbd9efa", - "title": "", "type": "lens" }, { @@ -453,17 +460,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Vendor Case Distribution By Threat Types [Logs Abnormal AI]" }, "gridData": { "h": 11, "i": "7a236256-b643-4d2d-ab20-00dd6b2133e2", "w": 20, "x": 28, - "y": 0 + "y": 4 }, "panelIndex": "7a236256-b643-4d2d-ab20-00dd6b2133e2", - "title": "Vendor Case Distribution By Threat Types [Logs Abnormal AI]", "type": "lens" }, { @@ -614,17 +621,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Vendor Case Top 5 Malicious Senders [Logs Abnormal AI]" }, "gridData": { "h": 18, "i": "d09b9f18-08b3-4808-9506-7e01ba037a4e", "w": 25, "x": 12, - "y": 11 + "y": 15 }, "panelIndex": "d09b9f18-08b3-4808-9506-7e01ba037a4e", - "title": "Vendor Case Top 5 Malicious Senders [Logs Abnormal AI]", "type": "lens" }, { @@ -759,17 +766,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Vendor Case Top 10 Insight Type Breakdown [Logs Abnormal AI]" }, "gridData": { "h": 18, "i": "d951db58-39dd-443d-8b53-d0b6c6917b5d", "w": 11, "x": 37, - "y": 11 + "y": 15 }, "panelIndex": "d951db58-39dd-443d-8b53-d0b6c6917b5d", - "title": "Vendor Case Top 10 Insight Type Breakdown [Logs Abnormal AI]", "type": "lens" }, { @@ -779,19 +786,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", + "title": "Vendor Cases Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "7d98190b-3536-44db-8485-077954f0f7f5", "w": 48, "x": 0, - "y": 29 + "y": 33 }, "panelIndex": "7d98190b-3536-44db-8485-077954f0f7f5", "panelRefName": "panel_7d98190b-3536-44db-8485-077954f0f7f5", - "title": "Vendor Cases Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_63e342a6-26c1-4a85-93cb-a0c8828ee402_dashboard", + "id": "63e342a6-26c1-4a85-93cb-a0c8828ee402", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_55d954b5-f6a2-4453-a143-21e71cbf70dd_dashboard", + "id": "55d954b5-f6a2-4453-a143-21e71cbf70dd", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_19b93adc-ab3f-45c4-91f9-2a0e54bf7717_dashboard", + "id": "19b93adc-ab3f-45c4-91f9-2a0e54bf7717", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_d1e9920a-5a93-4a01-a12f-b64d956f59d0_dashboard", + "id": "d1e9920a-5a93-4a01-a12f-b64d956f59d0", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_bf3f3fd5-d6b9-485a-bee9-89af74857cff_dashboard", + "id": "bf3f3fd5-d6b9-485a-bee9-89af74857cff", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_a1f2436b-9029-449a-959e-8927a5d92d90_dashboard", + "id": "a1f2436b-9029-449a-959e-8927a5d92d90", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935", + "type": "links" } ], "timeRestore": false, @@ -799,7 +897,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:42.095Z", + "created_at": "2025-12-31T05:45:48.406Z", "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", "references": [ { @@ -812,11 +910,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", - "name": "7d98190b-3536-44db-8485-077954f0f7f5:panel_7d98190b-3536-44db-8485-077954f0f7f5", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -852,6 +945,51 @@ "name": "d951db58-39dd-443d-8b53-d0b6c6917b5d:indexpattern-datasource-layer-7d88727f-22ba-4db2-b7ba-ecfe6915f258", "type": "index-pattern" }, + { + "id": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", + "name": "7d98190b-3536-44db-8485-077954f0f7f5:panel_7d98190b-3536-44db-8485-077954f0f7f5", + "type": "search" + }, + { + "id": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", + "name": "7d98190b-3536-44db-8485-077954f0f7f5:panel_7d98190b-3536-44db-8485-077954f0f7f5", + "type": "search" + }, + { + "id": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", + "name": "7d98190b-3536-44db-8485-077954f0f7f5:panel_7d98190b-3536-44db-8485-077954f0f7f5", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_63e342a6-26c1-4a85-93cb-a0c8828ee402_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_55d954b5-f6a2-4453-a143-21e71cbf70dd_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_19b93adc-ab3f-45c4-91f9-2a0e54bf7717_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_d1e9920a-5a93-4a01-a12f-b64d956f59d0_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_bf3f3fd5-d6b9-485a-bee9-89af74857cff_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "9ba7fc3c-27e9-45c8-80bf-c83538d0d935:link_a1f2436b-9029-449a-959e-8927a5d92d90_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_8f746089-917c-4b9f-977b-b3b3da6aee50:optionsListDataView", @@ -884,6 +1022,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c.json index d8011bc9927..c061050f660 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c.json @@ -125,26 +125,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- [AI Security Mailbox Overview](#/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c)\n- **AI Security Mailbox Not Analyzed Overview**\n- [Audit Overview](#/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5)\n- [Case Overview](#/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664)\n- [Threat Overview](#/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac)\n- [Vendor Case Overview](#/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on AI Security Mailbox Not Analyzed logs from the Abnormal AI integration. It includes the top 10 reporters, recipients and email subjects, a breakdown of events by reason that why there were not analyzed, as well as details about the latest ingested messages for the AI Security Mailbox Not Analyzed dataset.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on AI Security Mailbox Not Analyzed logs from the Abnormal AI integration. It includes the top 10 reporters, recipients and email subjects, a breakdown of events by reason that why there were not analyzed, as well as details about the latest ingested messages for the AI Security Mailbox Not Analyzed dataset.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 25, "i": "f1af5c2f-4970-4c2c-81e0-b79d066f448f", "w": 13, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "f1af5c2f-4970-4c2c-81e0-b79d066f448f", - "title": "Table of Content", "type": "visualization" }, { @@ -229,17 +228,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 13, "i": "da990dc5-27ed-4ddc-93a6-c67785c62e75", "w": 11, "x": 13, - "y": 0 + "y": 4 }, "panelIndex": "da990dc5-27ed-4ddc-93a6-c67785c62e75", - "title": "", "type": "lens" }, { @@ -384,17 +383,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Reason of Not Analyzed Messages [Logs Abnormal AI]" }, "gridData": { "h": 13, "i": "cabf9744-18cd-4f5a-b39b-bc7a9a0919d4", "w": 24, "x": 24, - "y": 0 + "y": 4 }, "panelIndex": "cabf9744-18cd-4f5a-b39b-bc7a9a0919d4", - "title": "Reason of Not Analyzed Messages [Logs Abnormal AI]", "type": "lens" }, { @@ -515,17 +514,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Subjects [Logs Abnormal AI]" }, "gridData": { "h": 12, "i": "d1c3b769-dd9a-49c6-917d-ffc1e726c30a", "w": 35, "x": 13, - "y": 13 + "y": 17 }, "panelIndex": "d1c3b769-dd9a-49c6-917d-ffc1e726c30a", - "title": "Top 10 Subjects [Logs Abnormal AI]", "type": "lens" }, { @@ -648,17 +647,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Recipients [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "47baefa1-03f5-46af-a6ce-8bc693809208", "w": 23, "x": 0, - "y": 25 + "y": 29 }, "panelIndex": "47baefa1-03f5-46af-a6ce-8bc693809208", - "title": "Top 10 Recipients [Logs Abnormal AI]", "type": "lens" }, { @@ -781,17 +780,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Reporters [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "16209673-b0c6-423e-826d-993b26b29af0", "w": 25, "x": 23, - "y": 25 + "y": 29 }, "panelIndex": "16209673-b0c6-423e-826d-993b26b29af0", - "title": "Top 10 Reporters [Logs Abnormal AI]", "type": "lens" }, { @@ -801,19 +800,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", + "title": "AI Security Mailbox Not Analyzed Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "5242e2b2-9024-4266-ab58-d490331617ee", "w": 48, "x": 0, - "y": 40 + "y": 44 }, "panelIndex": "5242e2b2-9024-4266-ab58-d490331617ee", "panelRefName": "panel_5242e2b2-9024-4266-ab58-d490331617ee", - "title": "AI Security Mailbox Not Analyzed Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_dc304485-2c1d-43c7-8a03-80e5bc195141_dashboard", + "id": "dc304485-2c1d-43c7-8a03-80e5bc195141", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_8cd3a53c-5e7d-409e-bd47-9c85bf51a8b3_dashboard", + "id": "8cd3a53c-5e7d-409e-bd47-9c85bf51a8b3", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_da0d0f62-10b2-4f03-8be5-4f8566cf0f7c_dashboard", + "id": "da0d0f62-10b2-4f03-8be5-4f8566cf0f7c", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_cdcf14a5-44e3-4e9e-9b0c-9bd2d251f7f7_dashboard", + "id": "cdcf14a5-44e3-4e9e-9b0c-9bd2d251f7f7", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_36eaaeb0-eed3-4f56-b410-b6fe5e68e3b0_dashboard", + "id": "36eaaeb0-eed3-4f56-b410-b6fe5e68e3b0", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_7783a708-6fbd-48dd-a8a9-cccdfd4a0570_dashboard", + "id": "7783a708-6fbd-48dd-a8a9-cccdfd4a0570", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "faabc0e0-2e07-49ba-8e56-ec0cb51da236", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "faabc0e0-2e07-49ba-8e56-ec0cb51da236", + "type": "links" } ], "timeRestore": false, @@ -821,7 +911,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:03.544Z", + "created_at": "2025-12-31T05:45:49.409Z", "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", "references": [ { @@ -829,11 +919,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", - "name": "5242e2b2-9024-4266-ab58-d490331617ee:panel_5242e2b2-9024-4266-ab58-d490331617ee", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -869,6 +954,51 @@ "name": "16209673-b0c6-423e-826d-993b26b29af0:indexpattern-datasource-layer-3dd6a355-de27-4308-bad3-e5071b2be9f9", "type": "index-pattern" }, + { + "id": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", + "name": "5242e2b2-9024-4266-ab58-d490331617ee:panel_5242e2b2-9024-4266-ab58-d490331617ee", + "type": "search" + }, + { + "id": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", + "name": "5242e2b2-9024-4266-ab58-d490331617ee:panel_5242e2b2-9024-4266-ab58-d490331617ee", + "type": "search" + }, + { + "id": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", + "name": "5242e2b2-9024-4266-ab58-d490331617ee:panel_5242e2b2-9024-4266-ab58-d490331617ee", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_dc304485-2c1d-43c7-8a03-80e5bc195141_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_8cd3a53c-5e7d-409e-bd47-9c85bf51a8b3_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_da0d0f62-10b2-4f03-8be5-4f8566cf0f7c_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_cdcf14a5-44e3-4e9e-9b0c-9bd2d251f7f7_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_36eaaeb0-eed3-4f56-b410-b6fe5e68e3b0_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "faabc0e0-2e07-49ba-8e56-ec0cb51da236:link_7783a708-6fbd-48dd-a8a9-cccdfd4a0570_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_685fe137-0601-4e2b-adc0-881c0c9d2ea1:optionsListDataView", @@ -886,6 +1016,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c.json index d493ad5e0ef..8e58b993ae4 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c.json @@ -13,6 +13,8 @@ "82439c26-882e-45ed-a8da-e735acfeb0b8": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.ai_security_mailbox.judgement_status", "searchTechnique": "prefix", "selectedOptions": [], @@ -30,6 +32,8 @@ "feec41a2-407a-4b96-9f3b-0d249cce7b9d": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "threat.tactic.name", "searchTechnique": "prefix", "selectedOptions": [], @@ -107,26 +111,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- **AI Security Mailbox Overview**\n- [AI Security Mailbox Not Analyzed Overview](#/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c)\n- [Audit Overview](#/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5)\n- [Case Overview](#/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664)\n- [Threat Overview](#/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac)\n- [Vendor Case Overview](#/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on AI Security Mailbox logs from the Abnormal AI integration. It includes the top 10 senders and recipients, a breakdown of events by attack type and judgement status, as well as essential details about the AI Security Mailbox data and total campaigns.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on AI Security Mailbox logs from the Abnormal AI integration. It includes the top 10 senders and recipients, a breakdown of events by attack type and judgement status, as well as essential details about the AI Security Mailbox data and total campaigns.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 25, "i": "eef44695-86f7-469b-816f-ecf469827b82", "w": 13, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "eef44695-86f7-469b-816f-ecf469827b82", - "title": "Table of Content", "type": "visualization" }, { @@ -209,17 +212,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 13, "i": "b4f94bcd-729d-45a3-80b7-4049e9485ba8", "w": 11, "x": 13, - "y": 0 + "y": 4 }, "panelIndex": "b4f94bcd-729d-45a3-80b7-4049e9485ba8", - "title": "", "type": "lens" }, { @@ -363,17 +366,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "AI Security Mailbox Events by Judgement Status [Logs Abnormal AI]" }, "gridData": { "h": 13, "i": "952d224b-b3e5-461f-8a14-a212d481f63f", "w": 24, "x": 24, - "y": 0 + "y": 4 }, "panelIndex": "952d224b-b3e5-461f-8a14-a212d481f63f", - "title": "AI Security Mailbox Events by Judgement Status [Logs Abnormal AI]", "type": "lens" }, { @@ -538,17 +541,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "AI Security Mailbox Events by Attack Type [Logs Abnormal AI]" }, "gridData": { "h": 12, "i": "71fa6e5d-4ad2-4827-a257-6191d5783e33", "w": 35, "x": 13, - "y": 13 + "y": 17 }, "panelIndex": "71fa6e5d-4ad2-4827-a257-6191d5783e33", - "title": "AI Security Mailbox Events by Attack Type [Logs Abnormal AI]", "type": "lens" }, { @@ -669,17 +672,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Recipients [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "8a7cc4c9-5172-41a3-99e7-38b38f0dff59", "w": 23, "x": 0, - "y": 25 + "y": 29 }, "panelIndex": "8a7cc4c9-5172-41a3-99e7-38b38f0dff59", - "title": "Top 10 Recipients [Logs Abnormal AI]", "type": "lens" }, { @@ -800,17 +803,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Senders [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "a66b9142-1385-443a-999d-a5362ec81730", "w": 25, "x": 23, - "y": 25 + "y": 29 }, "panelIndex": "a66b9142-1385-443a-999d-a5362ec81730", - "title": "Top 10 Senders [Logs Abnormal AI]", "type": "lens" }, { @@ -820,19 +823,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", + "title": "AI Security Mailbox Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 13, "i": "63370fda-2126-4973-bed8-72fe8f9b7ceb", "w": 48, "x": 0, - "y": 40 + "y": 44 }, "panelIndex": "63370fda-2126-4973-bed8-72fe8f9b7ceb", "panelRefName": "panel_63370fda-2126-4973-bed8-72fe8f9b7ceb", - "title": "AI Security Mailbox Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_f6fd7a0a-5f6c-4ef6-87c8-12c8051ab49c_dashboard", + "id": "f6fd7a0a-5f6c-4ef6-87c8-12c8051ab49c", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_9223b853-2ab6-43a0-af6c-f84d0c15e5ba_dashboard", + "id": "9223b853-2ab6-43a0-af6c-f84d0c15e5ba", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_bcc9b817-5e6c-47fa-bc5a-4bb2392c3e28_dashboard", + "id": "bcc9b817-5e6c-47fa-bc5a-4bb2392c3e28", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_2ca41d0a-df05-495c-a5b4-c91cb5e75245_dashboard", + "id": "2ca41d0a-df05-495c-a5b4-c91cb5e75245", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_d24dc060-86a0-4be8-ae98-7203dad1270b_dashboard", + "id": "d24dc060-86a0-4be8-ae98-7203dad1270b", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_f217b21f-6983-4a84-b27a-2e82f234436c_dashboard", + "id": "f217b21f-6983-4a84-b27a-2e82f234436c", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "19bada91-4842-4d96-9a76-14f8e304eaeb", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "19bada91-4842-4d96-9a76-14f8e304eaeb", + "type": "links" } ], "timeRestore": false, @@ -840,7 +934,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:11.144Z", + "created_at": "2025-12-31T05:45:50.438Z", "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", "references": [ { @@ -848,11 +942,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", - "name": "63370fda-2126-4973-bed8-72fe8f9b7ceb:panel_63370fda-2126-4973-bed8-72fe8f9b7ceb", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -888,6 +977,51 @@ "name": "a66b9142-1385-443a-999d-a5362ec81730:indexpattern-datasource-layer-3dd6a355-de27-4308-bad3-e5071b2be9f9", "type": "index-pattern" }, + { + "id": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", + "name": "63370fda-2126-4973-bed8-72fe8f9b7ceb:panel_63370fda-2126-4973-bed8-72fe8f9b7ceb", + "type": "search" + }, + { + "id": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", + "name": "63370fda-2126-4973-bed8-72fe8f9b7ceb:panel_63370fda-2126-4973-bed8-72fe8f9b7ceb", + "type": "search" + }, + { + "id": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", + "name": "63370fda-2126-4973-bed8-72fe8f9b7ceb:panel_63370fda-2126-4973-bed8-72fe8f9b7ceb", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_f6fd7a0a-5f6c-4ef6-87c8-12c8051ab49c_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_9223b853-2ab6-43a0-af6c-f84d0c15e5ba_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_bcc9b817-5e6c-47fa-bc5a-4bb2392c3e28_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_2ca41d0a-df05-495c-a5b4-c91cb5e75245_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_d24dc060-86a0-4be8-ae98-7203dad1270b_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "19bada91-4842-4d96-9a76-14f8e304eaeb:link_f217b21f-6983-4a84-b27a-2e82f234436c_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_feec41a2-407a-4b96-9f3b-0d249cce7b9d:optionsListDataView", @@ -905,6 +1039,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664.json b/packages/abnormal_security/kibana/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664.json index fe0388c7a16..d9abff03ab3 100644 --- a/packages/abnormal_security/kibana/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664.json +++ b/packages/abnormal_security/kibana/dashboard/abnormal_security-f6562262-e429-470d-af45-4c80afdcf664.json @@ -13,6 +13,8 @@ "60c5c177-c171-4478-aaf7-33bb5aa97d88": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.case.severity_level", "searchTechnique": "exact", "selectedOptions": [], @@ -30,6 +32,8 @@ "8726c0bc-00aa-4084-9da9-c55c0603f7c7": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.case.remediation_status", "searchTechnique": "prefix", "selectedOptions": [], @@ -47,6 +51,8 @@ "a83f2335-8b79-4f09-a91d-3b4c472680e8": { "explicitInput": { "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "abnormal_security.case.status", "searchTechnique": "prefix", "selectedOptions": [], @@ -124,26 +130,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Abnormal AI**\n\n- [AI Security Mailbox Overview](#/dashboard/abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c)\n- [AI Security Mailbox Not Analyzed Overview](#/dashboard/abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c)\n- [Audit Overview](#/dashboard/abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5)\n- **Case Overview**\n- [Threat Overview](#/dashboard/abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac)\n- [Vendor Case Overview](#/dashboard/abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on Case logs from the Abnormal AI integration. It includes the top 10 affected employees, a breakdown of events by remediation status, severity, analysis and status, as well as essential details about the Case data and total cases.\n\n[**Integrations Page**](/app/integrations/detail/abnormal_security/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on Case logs from the Abnormal AI integration. It includes the top 10 affected employees, a breakdown of events by remediation status, severity, analysis and status, as well as essential details about the Case data and total cases.\n\n[**Integration Page**](/app/integrations/detail/abnormal_security/overview)", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 23, "i": "2bb6c91f-2422-4267-9e2b-a801bb5ed541", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "2bb6c91f-2422-4267-9e2b-a801bb5ed541", - "title": "Table of Content", "type": "visualization" }, { @@ -226,17 +231,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "" }, "gridData": { "h": 11, "i": "3bdeee33-c138-47da-94ff-98253e939476", "w": 16, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "3bdeee33-c138-47da-94ff-98253e939476", - "title": "", "type": "lens" }, { @@ -380,17 +385,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Cases by Remediation Status [Logs Abnormal AI]" }, "gridData": { "h": 11, "i": "e4bfcebf-3ee1-41af-aca3-b60b2dc3e6e8", "w": 20, "x": 28, - "y": 0 + "y": 4 }, "panelIndex": "e4bfcebf-3ee1-41af-aca3-b60b2dc3e6e8", - "title": "Cases by Remediation Status [Logs Abnormal AI]", "type": "lens" }, { @@ -555,17 +560,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Cases by Severity [Logs Abnormal AI]" }, "gridData": { "h": 12, "i": "ca37b426-e916-49b2-a23b-d107c1521078", "w": 36, "x": 12, - "y": 11 + "y": 15 }, "panelIndex": "ca37b426-e916-49b2-a23b-d107c1521078", - "title": "Cases by Severity [Logs Abnormal AI]", "type": "lens" }, { @@ -686,17 +691,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Top 10 Affected Employee [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "38a68b80-ba46-4d76-b78a-5bdf65239cc3", "w": 24, "x": 0, - "y": 23 + "y": 27 }, "panelIndex": "38a68b80-ba46-4d76-b78a-5bdf65239cc3", - "title": "Top 10 Affected Employee [Logs Abnormal AI]", "type": "lens" }, { @@ -864,17 +869,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Cases by Analysis [Logs Abnormal AI]" }, "gridData": { "h": 15, "i": "9d8f7d6f-4e3b-4191-be31-718d245f12c2", "w": 24, "x": 24, - "y": 23 + "y": 27 }, "panelIndex": "9d8f7d6f-4e3b-4191-be31-718d245f12c2", - "title": "Cases by Analysis [Logs Abnormal AI]", "type": "lens" }, { @@ -1039,17 +1044,17 @@ }, "syncColors": false, "syncCursor": true, - "syncTooltips": false + "syncTooltips": false, + "title": "Cases by Status [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "e931b4fe-2549-4dec-afcf-d4b087ee117d", "w": 48, "x": 0, - "y": 38 + "y": 42 }, "panelIndex": "e931b4fe-2549-4dec-afcf-d4b087ee117d", - "title": "Cases by Status [Logs Abnormal AI]", "type": "lens" }, { @@ -1059,19 +1064,110 @@ "dynamicActions": { "events": [] } - } + }, + "savedObjectId": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", + "title": "Cases Essential Details [Logs Abnormal AI]" }, "gridData": { "h": 14, "i": "8bd32713-657b-4f64-ae58-baf252cb30c0", "w": 48, "x": 0, - "y": 52 + "y": 56 }, "panelIndex": "8bd32713-657b-4f64-ae58-baf252cb30c0", "panelRefName": "panel_8bd32713-657b-4f64-ae58-baf252cb30c0", - "title": "Cases Essential Details [Logs Abnormal AI]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_339b4371-c55d-4460-bc2a-58e3207296b9_dashboard", + "id": "339b4371-c55d-4460-bc2a-58e3207296b9", + "label": "AI Security Mailbox Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_fbafcc58-b3e5-440a-ac56-55886fd5f943_dashboard", + "id": "fbafcc58-b3e5-440a-ac56-55886fd5f943", + "label": "AI Security Mailbox Not Analyzed Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_8e234aa8-69ac-4be5-b990-e3a2fdbdea99_dashboard", + "id": "8e234aa8-69ac-4be5-b990-e3a2fdbdea99", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_f807017e-eabd-4fc9-82a1-a164a6d1ac72_dashboard", + "id": "f807017e-eabd-4fc9-82a1-a164a6d1ac72", + "label": "Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 3, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_334b473c-0ccb-4600-8158-56eec465cb1a_dashboard", + "id": "334b473c-0ccb-4600-8158-56eec465cb1a", + "label": "Threat Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 4, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_0c7df8d9-4c8b-4841-a0a3-ec77b23cd00e_dashboard", + "id": "0c7df8d9-4c8b-4841-a0a3-ec77b23cd00e", + "label": "Vendor Case Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 5, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "4dc07419-868c-4a14-a445-659c20c4aecc", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "4dc07419-868c-4a14-a445-659c20c4aecc", + "type": "links" } ], "timeRestore": false, @@ -1079,7 +1175,7 @@ "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:37:24.544Z", + "created_at": "2025-12-31T05:45:46.677Z", "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", "references": [ { @@ -1087,11 +1183,6 @@ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, - { - "id": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", - "name": "8bd32713-657b-4f64-ae58-baf252cb30c0:panel_8bd32713-657b-4f64-ae58-baf252cb30c0", - "type": "search" - }, { "id": "abnormal_security-security-solution-default", "name": "tag-ref-abnormal_security-security-solution-default", @@ -1132,6 +1223,51 @@ "name": "e931b4fe-2549-4dec-afcf-d4b087ee117d:indexpattern-datasource-layer-52e9dcf6-9613-4ac0-ba23-6ef7946ca944", "type": "index-pattern" }, + { + "id": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", + "name": "8bd32713-657b-4f64-ae58-baf252cb30c0:panel_8bd32713-657b-4f64-ae58-baf252cb30c0", + "type": "search" + }, + { + "id": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", + "name": "8bd32713-657b-4f64-ae58-baf252cb30c0:panel_8bd32713-657b-4f64-ae58-baf252cb30c0", + "type": "search" + }, + { + "id": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", + "name": "8bd32713-657b-4f64-ae58-baf252cb30c0:panel_8bd32713-657b-4f64-ae58-baf252cb30c0", + "type": "search" + }, + { + "id": "abnormal_security-a4364503-ada3-4fe6-a054-d152accf207c", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_339b4371-c55d-4460-bc2a-58e3207296b9_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-a0e8aab9-b870-4903-a966-7195fd6cee9c", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_fbafcc58-b3e5-440a-ac56-55886fd5f943_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-37ed5d19-c753-43a0-b0a2-f8e6437ddfe5", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_8e234aa8-69ac-4be5-b990-e3a2fdbdea99_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-f6562262-e429-470d-af45-4c80afdcf664", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_f807017e-eabd-4fc9-82a1-a164a6d1ac72_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-6a8e53ac-7759-4564-bcd6-03c6a9792eac", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_334b473c-0ccb-4600-8158-56eec465cb1a_dashboard", + "type": "dashboard" + }, + { + "id": "abnormal_security-7997c0a4-da55-4090-b24f-586dbd19aff4", + "name": "4dc07419-868c-4a14-a445-659c20c4aecc:link_0c7df8d9-4c8b-4841-a0a3-ec77b23cd00e_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_a83f2335-8b79-4f09-a91d-3b4c472680e8:optionsListDataView", @@ -1154,6 +1290,6 @@ } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0", + "typeMigrationVersion": "10.3.0", "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/abnormal_security/kibana/search/abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb.json b/packages/abnormal_security/kibana/search/abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb.json index 5fc91ebbaa9..fe03f752fb5 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb.json @@ -56,7 +56,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-5a32aa45-1ea0-4b68-9c06-53425f4e2deb", "references": [ { diff --git a/packages/abnormal_security/kibana/search/abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923.json b/packages/abnormal_security/kibana/search/abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923.json index 144365c542e..92149ab21e9 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923.json @@ -56,7 +56,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-a2d86921-d69f-4f99-a9eb-88a7ba0b2923", "references": [ { diff --git a/packages/abnormal_security/kibana/search/abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff.json b/packages/abnormal_security/kibana/search/abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff.json index 9b12475c1ae..a51ec1a54bc 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff.json @@ -53,7 +53,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-b154b107-1350-48fe-b50e-d5427c5169ff", "references": [ { diff --git a/packages/abnormal_security/kibana/search/abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc.json b/packages/abnormal_security/kibana/search/abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc.json index 37549d986fd..392e138474e 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc.json @@ -55,7 +55,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-e34b2986-68c2-4de9-8601-7bdefab429bc", "references": [ { diff --git a/packages/abnormal_security/kibana/search/abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e.json b/packages/abnormal_security/kibana/search/abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e.json index 50428c11e11..ee3e753f185 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e.json @@ -55,7 +55,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-ecec7bf6-c7a6-4fb4-8054-863c5a1a666e", "references": [ { diff --git a/packages/abnormal_security/kibana/search/abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019.json b/packages/abnormal_security/kibana/search/abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019.json index 40b0149f5e7..2584b26f192 100644 --- a/packages/abnormal_security/kibana/search/abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019.json +++ b/packages/abnormal_security/kibana/search/abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019.json @@ -57,7 +57,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-f9b16544-6009-42fa-b569-ff029cc5c019", "references": [ { diff --git a/packages/abnormal_security/kibana/tag/abnormal_security-1c95de21-1f0d-4245-bdc6-3cf701a1743f.json b/packages/abnormal_security/kibana/tag/abnormal_security-1c95de21-1f0d-4245-bdc6-3cf701a1743f.json index 995fd825c7d..8a0e80218e8 100644 --- a/packages/abnormal_security/kibana/tag/abnormal_security-1c95de21-1f0d-4245-bdc6-3cf701a1743f.json +++ b/packages/abnormal_security/kibana/tag/abnormal_security-1c95de21-1f0d-4245-bdc6-3cf701a1743f.json @@ -5,7 +5,7 @@ "name": "vendor-case" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-27T16:35:26.901Z", + "created_at": "2025-12-31T05:44:54.284Z", "id": "abnormal_security-1c95de21-1f0d-4245-bdc6-3cf701a1743f", "references": [], "type": "tag", diff --git a/packages/abnormal_security/kibana/tag/abnormal_security-security-solution-default.json b/packages/abnormal_security/kibana/tag/abnormal_security-security-solution-default.json index a264644fc64..de9573ecff4 100644 --- a/packages/abnormal_security/kibana/tag/abnormal_security-security-solution-default.json +++ b/packages/abnormal_security/kibana/tag/abnormal_security-security-solution-default.json @@ -1,11 +1,11 @@ { "attributes": { - "color": "#D36086", + "color": "#FEC514", "description": "Tag defined in package-spec", "name": "Security Solution" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-06-20T06:28:48.460Z", + "created_at": "2025-12-31T05:44:55.242Z", "id": "abnormal_security-security-solution-default", "references": [], "type": "tag", diff --git a/packages/abnormal_security/manifest.yml b/packages/abnormal_security/manifest.yml index 6ce933037c4..f201f18e87e 100644 --- a/packages/abnormal_security/manifest.yml +++ b/packages/abnormal_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: abnormal_security title: Abnormal AI -version: "1.11.1" +version: "1.12.0" description: Collect logs from Abnormal AI with Elastic Agent. type: integration categories: @@ -36,6 +36,10 @@ screenshots: title: Threat Overview Dashboard size: 600x600 type: image/png + - src: /img/abnormal_security-vendor_case_overview.png + title: Vendor Case Overview Dashboard + size: 600x600 + type: image/png icons: - src: /img/abnormal-security-logo.svg title: Abnormal AI Logo diff --git a/packages/authentik/changelog.yml b/packages/authentik/changelog.yml index 4ca17b96d7b..bea6534d682 100644 --- a/packages/authentik/changelog.yml +++ b/packages/authentik/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Use links panel in Dashboards. + type: enhancement + link: https://github.com/elastic/integrations/pull/16740 - version: "1.6.1" changes: - description: Downgrade the `format_version` to the minimum version that supports all the necessary features for the package. diff --git a/packages/authentik/img/authentik-event_overview.png b/packages/authentik/img/authentik-event_overview.png index a0115aa4374..5835da05e17 100644 Binary files a/packages/authentik/img/authentik-event_overview.png and b/packages/authentik/img/authentik-event_overview.png differ diff --git a/packages/authentik/img/authentik-user_and_group_overview.png b/packages/authentik/img/authentik-user_and_group_overview.png index 3d9fb53cf27..e470cc01022 100644 Binary files a/packages/authentik/img/authentik-user_and_group_overview.png and b/packages/authentik/img/authentik-user_and_group_overview.png differ diff --git a/packages/authentik/kibana/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84.json b/packages/authentik/kibana/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84.json index 2687b762ccc..9f09b3e4966 100644 --- a/packages/authentik/kibana/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84.json +++ b/packages/authentik/kibana/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84.json @@ -12,12 +12,16 @@ "panelsJSON": { "05d2cb57-af0a-46a6-90f1-26b088413573": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "authentik.user.is_active", - "grow": true, "id": "05d2cb57-af0a-46a6-90f1-26b088413573", - "title": "Active", - "width": "medium" + "searchTechnique": "prefix", + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Active" }, "grow": true, "order": 2, @@ -26,13 +30,16 @@ }, "496e551d-57ee-44e7-876c-bfde3c19b609": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "authentik.user.path", - "grow": true, "id": "496e551d-57ee-44e7-876c-bfde3c19b609", "searchTechnique": "prefix", - "title": "Path", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Path" }, "grow": true, "order": 0, @@ -41,20 +48,24 @@ }, "c6132854-c842-4a8a-974a-6b3cc264cb67": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "authentik.user.type", - "grow": true, "id": "c6132854-c842-4a8a-974a-6b3cc264cb67", "searchTechnique": "prefix", - "title": "Type", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Type" }, "grow": true, "order": 1, "type": "optionsListControl", "width": "medium" } - } + }, + "showApplySelections": false }, "description": "An overview of authentik user and group events.", "kibanaSavedObjectMeta": { @@ -112,7 +123,11 @@ "panelsJSON": [ { "embeddableConfig": { - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "savedVis": { "data": { "aggs": [], @@ -128,7 +143,7 @@ "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**authentik**\n\n- [Event Overview](#/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80)\n- [**User and Group Overview (This Page)**](#/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84)\n\n**Overview**\n\nThis dashboard showcases visualizations based on user and group logs from the authentik integration. It includes metrics such as total users, total active users, total superusers, and total groups. Additionally, it offers a breakdown of users by type, the top 10 user paths, and essential details about the user and group data.\n\n[**Integration Page**](/app/integrations/detail/authentik/overview)", + "markdown": "This dashboard showcases visualizations based on user and group logs from the authentik integration. It includes metrics such as total users, total active users, total superusers, and total groups. Additionally, it offers a breakdown of users by type, the top 10 user paths, and essential details about the user and group data.\n\n[**Integration Page**](/app/integrations/detail/authentik/overview)", "openLinksInNewTab": false }, "title": "", @@ -141,10 +156,10 @@ "i": "14c31a25-2c3c-4e09-9738-604735b46323", "w": 14, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "14c31a25-2c3c-4e09-9738-604735b46323", - "title": "Table of Content", + "title": "Overview", "type": "visualization" }, { @@ -224,7 +239,7 @@ "i": "2a90692d-92f0-40ff-8e40-62dade74a594", "w": 17, "x": 14, - "y": 0 + "y": 4 }, "panelIndex": "2a90692d-92f0-40ff-8e40-62dade74a594", "title": "Total Users [Logs authentik]", @@ -335,7 +350,7 @@ "i": "f2469b8f-100a-4d19-adcc-176f5694416b", "w": 17, "x": 31, - "y": 0 + "y": 4 }, "panelIndex": "f2469b8f-100a-4d19-adcc-176f5694416b", "title": "Total Active Users [Logs authentik]", @@ -418,7 +433,7 @@ "i": "b476fabe-d0d1-41a4-8f5a-57f486714b0e", "w": 17, "x": 31, - "y": 9 + "y": 13 }, "panelIndex": "b476fabe-d0d1-41a4-8f5a-57f486714b0e", "title": "Total Groups [Logs authentik]", @@ -529,7 +544,7 @@ "i": "613cad61-4d4c-401c-9b8e-1364d1b5e256", "w": 17, "x": 14, - "y": 9 + "y": 13 }, "panelIndex": "613cad61-4d4c-401c-9b8e-1364d1b5e256", "title": "Total Super Users [Logs authentik]", @@ -670,7 +685,7 @@ "i": "a5d57c17-3be0-46bf-84c8-547de72511d2", "w": 24, "x": 0, - "y": 18 + "y": 22 }, "panelIndex": "a5d57c17-3be0-46bf-84c8-547de72511d2", "title": "Users by Type [Logs authentik]", @@ -789,7 +804,7 @@ "i": "5f58887d-3733-4d9f-bfbf-8bf33e31845a", "w": 24, "x": 24, - "y": 18 + "y": 22 }, "panelIndex": "5f58887d-3733-4d9f-bfbf-8bf33e31845a", "title": "Top 10 User Paths [Logs authentik]", @@ -797,6 +812,7 @@ }, { "embeddableConfig": { + "description": "", "enhancements": {} }, "gridData": { @@ -804,14 +820,16 @@ "i": "1d5c12d2-cd21-4a70-b0d6-ebfeb6f9895f", "w": 48, "x": 0, - "y": 33 + "y": 37 }, "panelIndex": "1d5c12d2-cd21-4a70-b0d6-ebfeb6f9895f", "panelRefName": "panel_1d5c12d2-cd21-4a70-b0d6-ebfeb6f9895f", + "title": "User Essential Details [Logs authentik]", "type": "search" }, { "embeddableConfig": { + "description": "", "enhancements": {} }, "gridData": { @@ -819,19 +837,64 @@ "i": "1bfccb1a-1926-412c-a666-0f8a6f2004ef", "w": 48, "x": 0, - "y": 50 + "y": 54 }, "panelIndex": "1bfccb1a-1926-412c-a666-0f8a6f2004ef", "panelRefName": "panel_1bfccb1a-1926-412c-a666-0f8a6f2004ef", + "title": "Group Essential Details [Logs authentik]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_025cec48-2c85-4b01-8b15-e143f634e04c_dashboard", + "id": "025cec48-2c85-4b01-8b15-e143f634e04c", + "label": "Event Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_64142dc8-11ba-4852-aba8-f0c2861b878d_dashboard", + "id": "64142dc8-11ba-4852-aba8-f0c2861b878d", + "label": "User and Group Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + } + ] + }, + "enhancements": {} + }, + "gridData": { + "h": 4, + "i": "cb639bb4-bff9-4521-882d-f738c1467015", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "cb639bb4-bff9-4521-882d-f738c1467015", + "title": "Navigation", + "type": "links" } ], "timeRestore": false, "title": "[Logs authentik] User and Group Overview", - "version": 1 + "version": 2 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:43:54.502Z", + "created_at": "2025-12-31T09:39:16.128Z", "id": "authentik-490ec869-2ac1-4c30-9653-7916748d4f84", "references": [ { @@ -890,9 +953,24 @@ "type": "search" }, { - "id": "logs-*", - "name": "controlGroup_05d2cb57-af0a-46a6-90f1-26b088413573:optionsListDataView", - "type": "index-pattern" + "id": "authentik-security-solution-default", + "name": "tag-ref-authentik-security-solution-default", + "type": "tag" + }, + { + "id": "authentik-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, + { + "id": "authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80", + "name": "cb639bb4-bff9-4521-882d-f738c1467015:link_025cec48-2c85-4b01-8b15-e143f634e04c_dashboard", + "type": "dashboard" + }, + { + "id": "authentik-490ec869-2ac1-4c30-9653-7916748d4f84", + "name": "cb639bb4-bff9-4521-882d-f738c1467015:link_64142dc8-11ba-4852-aba8-f0c2861b878d_dashboard", + "type": "dashboard" }, { "id": "logs-*", @@ -905,16 +983,12 @@ "type": "index-pattern" }, { - "id": "authentik-security-solution-default", - "name": "tag-ref-authentik-security-solution-default", - "type": "tag" - }, - { - "id": "authentik-security-solution-default", - "name": "tag-ref-security-solution-default", - "type": "tag" + "id": "logs-*", + "name": "controlGroup_05d2cb57-af0a-46a6-90f1-26b088413573:optionsListDataView", + "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.2.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/authentik/kibana/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80.json b/packages/authentik/kibana/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80.json index e1ddbc42a6e..0a2dc2d82d9 100644 --- a/packages/authentik/kibana/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80.json +++ b/packages/authentik/kibana/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80.json @@ -12,13 +12,16 @@ "panelsJSON": { "24fdda7a-837e-453d-84bb-225379a30e26": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "authentik.event.brand.name", - "grow": true, "id": "24fdda7a-837e-453d-84bb-225379a30e26", "searchTechnique": "prefix", - "title": "Brand Name", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Brand Name" }, "grow": true, "order": 2, @@ -27,13 +30,16 @@ }, "4cdcc8de-a1d0-4024-9802-1a019cf97c8b": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "event.action", - "grow": true, "id": "4cdcc8de-a1d0-4024-9802-1a019cf97c8b", "searchTechnique": "prefix", - "title": "Action", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Action" }, "grow": true, "order": 0, @@ -42,20 +48,24 @@ }, "d70c08e5-effc-4f48-82f0-eac92ea575df": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", "fieldName": "authentik.event.app", - "grow": true, "id": "d70c08e5-effc-4f48-82f0-eac92ea575df", "searchTechnique": "prefix", - "title": "App", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "App" }, "grow": true, "order": 1, "type": "optionsListControl", "width": "medium" } - } + }, + "showApplySelections": false }, "description": "An overview of authentik events.", "kibanaSavedObjectMeta": { @@ -100,7 +110,11 @@ "panelsJSON": [ { "embeddableConfig": { - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "savedVis": { "data": { "aggs": [], @@ -116,7 +130,7 @@ "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**authentik**\n\n- [**Event Overview (This Page)**](#/dashboard/authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80)\n- [User and Group Overview](#/dashboard/authentik-490ec869-2ac1-4c30-9653-7916748d4f84)\n\n**Overview**\n\nThis dashboard displays visualizations based on event logs from the authentik integration. It includes visualizations such as events over time, successful and failed logins over time, login/logout activity, suspicious request trends, and model create/update/delete actions. Additionally, it offers a breakdown of events by action, the top 10 users, the top 10 authorized applications, and essential details about event data. The dashboard also features a world map showing the top login locations.\n\n[**Integration Page**](/app/integrations/detail/authentik/overview)", + "markdown": "This dashboard displays visualizations based on event logs from the authentik integration. It includes visualizations such as events over time, successful and failed logins over time, login/logout activity, suspicious request trends, and model create/update/delete actions. Additionally, it offers a breakdown of events by action, the top 10 users, the top 10 authorized applications, and essential details about event data. The dashboard also features a world map showing the top login locations.\n\n[**Integration Page**](/app/integrations/detail/authentik/overview)", "openLinksInNewTab": false }, "title": "", @@ -129,10 +143,10 @@ "i": "bd43741e-9e6c-47f5-a767-82fc8ec0814e", "w": 11, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "bd43741e-9e6c-47f5-a767-82fc8ec0814e", - "title": "Table of Content", + "title": "Overview", "type": "visualization" }, { @@ -262,7 +276,7 @@ "i": "b9ff3b86-de78-4b32-a180-0d42eb04654a", "w": 37, "x": 11, - "y": 0 + "y": 4 }, "panelIndex": "b9ff3b86-de78-4b32-a180-0d42eb04654a", "title": "Events over Time [Logs authentik]", @@ -423,7 +437,7 @@ "i": "8fa4ee19-f8d6-4f6a-9b04-9d2a94f298d0", "w": 37, "x": 11, - "y": 13 + "y": 17 }, "panelIndex": "8fa4ee19-f8d6-4f6a-9b04-9d2a94f298d0", "title": "Suspicious Request Trend [Logs authentik]", @@ -564,7 +578,7 @@ "i": "1230b49f-b8a2-4073-bc03-de60fd8f1344", "w": 19, "x": 0, - "y": 26 + "y": 30 }, "panelIndex": "1230b49f-b8a2-4073-bc03-de60fd8f1344", "title": "Events by Action [Logs authentik]", @@ -730,7 +744,7 @@ "i": "bd13fb75-4e3c-4827-9087-7c5a4caf8b0f", "w": 29, "x": 19, - "y": 26 + "y": 30 }, "panelIndex": "bd13fb75-4e3c-4827-9087-7c5a4caf8b0f", "title": "Top 10 Users [Logs authentik]", @@ -925,7 +939,7 @@ "i": "c5702812-e548-4381-95b7-47d31840061a", "w": 19, "x": 0, - "y": 41 + "y": 45 }, "panelIndex": "c5702812-e548-4381-95b7-47d31840061a", "title": "Top 10 Authorized Application [Logs authentik]", @@ -1137,7 +1151,7 @@ "i": "1aa4cc9f-6ea8-486c-95c2-e075961c9149", "w": 29, "x": 19, - "y": 41 + "y": 45 }, "panelIndex": "1aa4cc9f-6ea8-486c-95c2-e075961c9149", "title": "Model Create/Update/Delete Actions [Logs authentik]", @@ -1371,7 +1385,7 @@ "i": "3b953786-f0b7-4c5b-a6c0-1d9853914486", "w": 24, "x": 0, - "y": 56 + "y": 60 }, "panelIndex": "3b953786-f0b7-4c5b-a6c0-1d9853914486", "title": "Successful/Failed Logins over Time [Logs authentik]", @@ -1557,7 +1571,7 @@ "i": "2e93789b-c9dd-42ee-913f-b2d7c2b32543", "w": 24, "x": 24, - "y": 56 + "y": 60 }, "panelIndex": "2e93789b-c9dd-42ee-913f-b2d7c2b32543", "title": "Login/Logout Activity [Logs authentik]", @@ -1676,7 +1690,11 @@ ] } }, - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "hiddenLayers": [], "isLayerTOCOpen": true, "mapBuffer": { @@ -1699,7 +1717,7 @@ "i": "27d5ecb1-c8fe-4e1e-9cc9-4402ab80dc5b", "w": 48, "x": 0, - "y": 71 + "y": 75 }, "panelIndex": "27d5ecb1-c8fe-4e1e-9cc9-4402ab80dc5b", "title": "Top Logins over World Map [Logs authentik]", @@ -1707,6 +1725,7 @@ }, { "embeddableConfig": { + "description": "", "enhancements": {} }, "gridData": { @@ -1714,19 +1733,65 @@ "i": "0ef351fb-23b9-492f-ab53-9b748fa3bbcf", "w": 48, "x": 0, - "y": 88 + "y": 92 }, "panelIndex": "0ef351fb-23b9-492f-ab53-9b748fa3bbcf", "panelRefName": "panel_0ef351fb-23b9-492f-ab53-9b748fa3bbcf", + "title": "Event Essential Details [Logs authentik]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_60330042-ba28-47a8-8670-546040480105_dashboard", + "id": "60330042-ba28-47a8-8670-546040480105", + "label": "Event Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_a3c24a93-c5e6-410b-9dfd-23a9c00e9345_dashboard", + "id": "a3c24a93-c5e6-410b-9dfd-23a9c00e9345", + "label": "User and Group Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + } + ] + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 4, + "i": "89403a4d-e6e8-4206-954d-320d3d44f590", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "89403a4d-e6e8-4206-954d-320d3d44f590", + "title": "Navigation", + "type": "links" } ], "timeRestore": false, "title": "[Logs authentik] Event Overview", - "version": 1 + "version": 2 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:43:54.502Z", + "created_at": "2025-12-31T09:39:15.122Z", "id": "authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80", "references": [ { @@ -1799,21 +1864,36 @@ "name": "2e93789b-c9dd-42ee-913f-b2d7c2b32543:80c28fc8-3127-46a6-a581-b3208ebf347e", "type": "index-pattern" }, - { - "id": "logs-*", - "name": "27d5ecb1-c8fe-4e1e-9cc9-4402ab80dc5b:layer_1_source_index_pattern", - "type": "index-pattern" - }, { "id": "authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79", "name": "0ef351fb-23b9-492f-ab53-9b748fa3bbcf:panel_0ef351fb-23b9-492f-ab53-9b748fa3bbcf", "type": "search" }, + { + "id": "authentik-security-solution-default", + "name": "tag-ref-authentik-security-solution-default", + "type": "tag" + }, + { + "id": "authentik-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, { "id": "logs-*", - "name": "controlGroup_24fdda7a-837e-453d-84bb-225379a30e26:optionsListDataView", + "name": "27d5ecb1-c8fe-4e1e-9cc9-4402ab80dc5b:layer_1_source_index_pattern", "type": "index-pattern" }, + { + "id": "authentik-e3c4a5f9-e47c-4cde-b755-859122e7ef80", + "name": "89403a4d-e6e8-4206-954d-320d3d44f590:link_60330042-ba28-47a8-8670-546040480105_dashboard", + "type": "dashboard" + }, + { + "id": "authentik-490ec869-2ac1-4c30-9653-7916748d4f84", + "name": "89403a4d-e6e8-4206-954d-320d3d44f590:link_a3c24a93-c5e6-410b-9dfd-23a9c00e9345_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_4cdcc8de-a1d0-4024-9802-1a019cf97c8b:optionsListDataView", @@ -1825,16 +1905,12 @@ "type": "index-pattern" }, { - "id": "authentik-security-solution-default", - "name": "tag-ref-authentik-security-solution-default", - "type": "tag" - }, - { - "id": "authentik-security-solution-default", - "name": "tag-ref-security-solution-default", - "type": "tag" + "id": "logs-*", + "name": "controlGroup_24fdda7a-837e-453d-84bb-225379a30e26:optionsListDataView", + "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.2.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/authentik/kibana/search/authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79.json b/packages/authentik/kibana/search/authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79.json index d45b0c1c486..e462d8c6aa4 100644 --- a/packages/authentik/kibana/search/authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79.json +++ b/packages/authentik/kibana/search/authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79.json @@ -55,7 +55,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:43:54.502Z", + "created_at": "2025-12-31T09:31:48.122Z", "id": "authentik-16fb2a4f-720c-416f-9713-dfc87ce0cb79", "references": [ { diff --git a/packages/authentik/kibana/search/authentik-cfd98a0c-37de-40a7-a785-72104f99c515.json b/packages/authentik/kibana/search/authentik-cfd98a0c-37de-40a7-a785-72104f99c515.json index 274df708758..05aedb36f84 100644 --- a/packages/authentik/kibana/search/authentik-cfd98a0c-37de-40a7-a785-72104f99c515.json +++ b/packages/authentik/kibana/search/authentik-cfd98a0c-37de-40a7-a785-72104f99c515.json @@ -55,7 +55,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:43:54.502Z", + "created_at": "2025-12-31T09:31:48.122Z", "id": "authentik-cfd98a0c-37de-40a7-a785-72104f99c515", "references": [ { diff --git a/packages/authentik/kibana/search/authentik-cfe038cb-a2ed-494f-a7ee-40723b96c029.json b/packages/authentik/kibana/search/authentik-cfe038cb-a2ed-494f-a7ee-40723b96c029.json index 23108dab69d..0f0181bb941 100644 --- a/packages/authentik/kibana/search/authentik-cfe038cb-a2ed-494f-a7ee-40723b96c029.json +++ b/packages/authentik/kibana/search/authentik-cfe038cb-a2ed-494f-a7ee-40723b96c029.json @@ -54,7 +54,7 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:43:54.502Z", + "created_at": "2025-12-31T09:31:48.122Z", "id": "authentik-cfe038cb-a2ed-494f-a7ee-40723b96c029", "references": [ { diff --git a/packages/authentik/kibana/tag/authentik-security-solution-default.json b/packages/authentik/kibana/tag/authentik-security-solution-default.json index 7537a396567..0c9cef58605 100644 --- a/packages/authentik/kibana/tag/authentik-security-solution-default.json +++ b/packages/authentik/kibana/tag/authentik-security-solution-default.json @@ -1,11 +1,11 @@ { "attributes": { - "color": "#AAA8A5", + "color": "#A0A0A0", "description": "Tag defined in package-spec", "name": "Security Solution" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-07-08T10:41:14.671Z", + "created_at": "2025-12-31T09:31:48.758Z", "id": "authentik-security-solution-default", "references": [], "type": "tag", diff --git a/packages/authentik/manifest.yml b/packages/authentik/manifest.yml index dc2bd1627b1..2dfcc64029d 100644 --- a/packages/authentik/manifest.yml +++ b/packages/authentik/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: authentik title: authentik -version: "1.6.1" +version: "1.7.0" description: Collect logs from authentik with Elastic Agent. type: integration categories: diff --git a/packages/cyberark_epm/changelog.yml b/packages/cyberark_epm/changelog.yml index 69d41acce61..ed24e75ffff 100644 --- a/packages/cyberark_epm/changelog.yml +++ b/packages/cyberark_epm/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Use links panel in Dashboards. + type: enhancement + link: https://github.com/elastic/integrations/pull/16740 - version: "1.2.2" changes: - description: Downgrade the `format_version` to the minimum version that supports all the necessary features for the package. diff --git a/packages/cyberark_epm/img/cyberark_epm-admin_audit_overview.png b/packages/cyberark_epm/img/cyberark_epm-admin_audit_overview.png index f64d67a68cb..776bdea953c 100644 Binary files a/packages/cyberark_epm/img/cyberark_epm-admin_audit_overview.png and b/packages/cyberark_epm/img/cyberark_epm-admin_audit_overview.png differ diff --git a/packages/cyberark_epm/img/cyberark_epm-event_overview.png b/packages/cyberark_epm/img/cyberark_epm-event_overview.png index a373f5e1a29..707f97da7c9 100644 Binary files a/packages/cyberark_epm/img/cyberark_epm-event_overview.png and b/packages/cyberark_epm/img/cyberark_epm-event_overview.png differ diff --git a/packages/cyberark_epm/img/cyberark_epm-policy_audit_overview.png b/packages/cyberark_epm/img/cyberark_epm-policy_audit_overview.png index d3b1f64a1db..03f04f0a268 100644 Binary files a/packages/cyberark_epm/img/cyberark_epm-policy_audit_overview.png and b/packages/cyberark_epm/img/cyberark_epm-policy_audit_overview.png differ diff --git a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f.json b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f.json index 458769cd196..370897ce406 100644 --- a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f.json +++ b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f.json @@ -150,7 +150,7 @@ "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**CyberArk EPM**\n\n- **Event Overview**\n- [Policy Audit Overview](#/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a)\n- [Admin Audit Overview](#/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4)\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on event logs from the CyberArk EPM integration. It includes the top users, policies, products, and logon status; a breakdown of events by type, threat protection action, access target type, access target name, source type, and logon attempt type; along with a time-based event trend line chart and essential details about the event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on event logs from the CyberArk EPM integration. It includes the top users, policies, products, and logon status; a breakdown of events by type, threat protection action, access target type, access target name, source type, and logon attempt type; along with a time-based event trend line chart and essential details about the event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", "openLinksInNewTab": false }, "title": "", @@ -163,10 +163,10 @@ "i": "25bc2ebb-c787-4f3c-8e96-86dbd13d7e4b", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "25bc2ebb-c787-4f3c-8e96-86dbd13d7e4b", - "title": "Table of Content", + "title": "Overview", "type": "visualization" }, { @@ -304,7 +304,7 @@ "i": "feadc383-ff7a-4e41-979a-ec728a785573", "w": 18, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "feadc383-ff7a-4e41-979a-ec728a785573", "title": "Events by Type [Logs CyberArk EPM]", @@ -446,7 +446,7 @@ "i": "b029b7c2-bbf1-4ad8-9fd3-449a07481f76", "w": 18, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "b029b7c2-bbf1-4ad8-9fd3-449a07481f76", "title": "Events by Threat Protection Action [Logs CyberArk EPM]", @@ -564,7 +564,7 @@ "i": "9e89c42a-d43d-4ed3-8975-143bf8233120", "w": 18, "x": 12, - "y": 15 + "y": 19 }, "panelIndex": "9e89c42a-d43d-4ed3-8975-143bf8233120", "title": "Top 10 Users [Logs CyberArk EPM]", @@ -681,7 +681,7 @@ "i": "16b6dbb7-7e89-4e45-96f5-b962bc012bf6", "w": 18, "x": 30, - "y": 15 + "y": 19 }, "panelIndex": "16b6dbb7-7e89-4e45-96f5-b962bc012bf6", "title": "Top 10 Policies [Logs CyberArk EPM]", @@ -831,7 +831,7 @@ "i": "c8fa1b36-e8df-4054-9770-13068f69f17d", "w": 24, "x": 0, - "y": 30 + "y": 34 }, "panelIndex": "c8fa1b36-e8df-4054-9770-13068f69f17d", "title": "Events Over Time [Logs CyberArk EPM]", @@ -996,7 +996,7 @@ "i": "cec66801-851c-4e29-b6ba-aee578cd776c", "w": 24, "x": 24, - "y": 30 + "y": 34 }, "panelIndex": "cec66801-851c-4e29-b6ba-aee578cd776c", "title": "Events by Access Target Type [Logs CyberArk EPM]", @@ -1162,7 +1162,7 @@ "i": "9589182b-82ff-46ef-b8d1-2bfbd11aa07e", "w": 21, "x": 0, - "y": 45 + "y": 49 }, "panelIndex": "9589182b-82ff-46ef-b8d1-2bfbd11aa07e", "title": "Events by Source Type [Logs CyberArk EPM]", @@ -1328,7 +1328,7 @@ "i": "636eb8b5-3704-48c9-945c-883e2b5a7201", "w": 27, "x": 21, - "y": 45 + "y": 49 }, "panelIndex": "636eb8b5-3704-48c9-945c-883e2b5a7201", "title": "Events by Logon Attempt Type [Logs CyberArk EPM]", @@ -1446,7 +1446,7 @@ "i": "0d38643f-d6af-4fed-8d5d-fe291c3a2daa", "w": 21, "x": 0, - "y": 60 + "y": 64 }, "panelIndex": "0d38643f-d6af-4fed-8d5d-fe291c3a2daa", "title": "Top 10 Products [Logs CyberArk EPM]", @@ -1564,7 +1564,7 @@ "i": "86278f64-7472-424a-8fd0-d0c0f6cd7466", "w": 27, "x": 21, - "y": 60 + "y": 64 }, "panelIndex": "86278f64-7472-424a-8fd0-d0c0f6cd7466", "title": "Top 10 Logon Status [Logs CyberArk EPM]", @@ -1680,7 +1680,7 @@ "i": "a5c22c7d-4aaf-412c-8e9c-b6c9b6c7a3f1", "w": 48, "x": 0, - "y": 75 + "y": 79 }, "panelIndex": "a5c22c7d-4aaf-412c-8e9c-b6c9b6c7a3f1", "title": "Top 10 Access Targets [Logs CyberArk EPM]", @@ -1696,12 +1696,68 @@ "i": "b0a26d89-f95f-4937-bfee-51d1d58d9480", "w": 48, "x": 0, - "y": 91 + "y": 95 }, "panelIndex": "b0a26d89-f95f-4937-bfee-51d1d58d9480", "panelRefName": "panel_b0a26d89-f95f-4937-bfee-51d1d58d9480", "title": "Event Essential Details [Logs CyberArk EPM]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_50d8c982-a205-4a6a-bb91-49cb9744e64a_dashboard", + "id": "50d8c982-a205-4a6a-bb91-49cb9744e64a", + "label": "Event Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_e458b450-547e-4ec4-b9c3-f6169b73436c_dashboard", + "id": "e458b450-547e-4ec4-b9c3-f6169b73436c", + "label": "Policy Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_ba1762ee-38da-4fde-b0c2-f791aba7e1bd_dashboard", + "id": "ba1762ee-38da-4fde-b0c2-f791aba7e1bd", + "label": "Admin Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + }, + "enhancements": {} + }, + "gridData": { + "h": 4, + "i": "84489be0-d869-4b29-9128-ae7744fa49a0", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "84489be0-d869-4b29-9128-ae7744fa49a0", + "title": "Navigation", + "type": "links" } ], "timeRestore": false, @@ -1709,9 +1765,8 @@ "version": 2 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T10:03:19.581Z", "id": "cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f", - "managed": true, "references": [ { "id": "logs-*", @@ -1778,6 +1833,31 @@ "name": "b0a26d89-f95f-4937-bfee-51d1d58d9480:panel_b0a26d89-f95f-4937-bfee-51d1d58d9480", "type": "search" }, + { + "id": "cyberark_epm-security-solution-default", + "name": "tag-ref-cyberark_epm-security-solution-default", + "type": "tag" + }, + { + "id": "cyberark_epm-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, + { + "id": "cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f", + "name": "84489be0-d869-4b29-9128-ae7744fa49a0:link_50d8c982-a205-4a6a-bb91-49cb9744e64a_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a", + "name": "84489be0-d869-4b29-9128-ae7744fa49a0:link_e458b450-547e-4ec4-b9c3-f6169b73436c_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4", + "name": "84489be0-d869-4b29-9128-ae7744fa49a0:link_ba1762ee-38da-4fde-b0c2-f791aba7e1bd_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_b98ebcbe-97cf-448d-ba36-a2e8220f4d7e:optionsListDataView", @@ -1797,18 +1877,9 @@ "id": "logs-*", "name": "controlGroup_1417e6e5-9c46-4c33-839e-be3eefa617b8:optionsListDataView", "type": "index-pattern" - }, - { - "id": "cyberark_epm-security-solution-default", - "name": "tag-ref-cyberark_epm-security-solution-default", - "type": "tag" - }, - { - "id": "cyberark_epm-security-solution-default", - "name": "tag-ref-security-solution-default", - "type": "tag" } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.2.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a.json b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a.json index fdd0585a503..95984f4bf97 100644 --- a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a.json +++ b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a.json @@ -152,7 +152,7 @@ "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**CyberArk EPM**\n\n- [Event Overview](#/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f)\n- **Policy Audit Overview**\n- [Admin Audit Overview](#/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4)\n\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on policy audit event logs from the CyberArk EPM integration. It includes the top users, policies, products, and access targets; a breakdown of events by type, access target type, and source type; along with a time-based event trend line chart and essential details about policy audit event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on policy audit event logs from the CyberArk EPM integration. It includes the top users, policies, products, and access targets; a breakdown of events by type, access target type, and source type; along with a time-based event trend line chart and essential details about policy audit event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", "openLinksInNewTab": false }, "title": "", @@ -165,10 +165,10 @@ "i": "3c6e4ff4-794f-413e-a0d1-bdf1268b651a", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "3c6e4ff4-794f-413e-a0d1-bdf1268b651a", - "title": "Table of Content", + "title": "Overview", "type": "visualization" }, { @@ -307,7 +307,7 @@ "i": "dafcea88-f763-4aa9-b2e9-444bfda4d5c0", "w": 18, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "dafcea88-f763-4aa9-b2e9-444bfda4d5c0", "title": "Policy Audit Events by Type [Logs CyberArk EPM]", @@ -473,7 +473,7 @@ "i": "cd0209ca-9de6-4029-8a3e-ebd8d3e6a5c6", "w": 18, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "cd0209ca-9de6-4029-8a3e-ebd8d3e6a5c6", "title": "Policy Audit Events by Access Target Type [Logs CyberArk EPM]", @@ -591,7 +591,7 @@ "i": "2577212d-01cc-42ec-b4ec-6639835e5feb", "w": 18, "x": 12, - "y": 15 + "y": 19 }, "panelIndex": "2577212d-01cc-42ec-b4ec-6639835e5feb", "title": "Top 10 Users [Logs CyberArk EPM]", @@ -708,7 +708,7 @@ "i": "f02d774d-5d6e-48ed-883e-fc64cfa57f79", "w": 18, "x": 30, - "y": 15 + "y": 19 }, "panelIndex": "f02d774d-5d6e-48ed-883e-fc64cfa57f79", "title": "Top 10 Policies [Logs CyberArk EPM]", @@ -858,7 +858,7 @@ "i": "debde220-59ce-4e28-b135-a8d197c26e81", "w": 24, "x": 0, - "y": 30 + "y": 34 }, "panelIndex": "debde220-59ce-4e28-b135-a8d197c26e81", "title": "Policy Audit Events Over Time [Logs CyberArk EPM]", @@ -1024,7 +1024,7 @@ "i": "cbfeb5dd-bda8-4dad-aa68-d10afab7438f", "w": 24, "x": 24, - "y": 30 + "y": 34 }, "panelIndex": "cbfeb5dd-bda8-4dad-aa68-d10afab7438f", "title": "Policy Audit Events by Source Type [Logs CyberArk EPM]", @@ -1142,7 +1142,7 @@ "i": "185279e8-dba7-41fe-a4f7-e0b518d625f2", "w": 20, "x": 0, - "y": 45 + "y": 49 }, "panelIndex": "185279e8-dba7-41fe-a4f7-e0b518d625f2", "title": "Top 10 Products [Logs CyberArk EPM]", @@ -1260,7 +1260,7 @@ "i": "ef35e1c1-1777-4f2f-86a0-351c87afbcec", "w": 28, "x": 20, - "y": 45 + "y": 49 }, "panelIndex": "ef35e1c1-1777-4f2f-86a0-351c87afbcec", "title": "Top 10 Access Targets [Logs CyberArk EPM]", @@ -1276,12 +1276,68 @@ "i": "d45157f6-d934-4a39-a1be-a905105e8942", "w": 48, "x": 0, - "y": 60 + "y": 64 }, "panelIndex": "d45157f6-d934-4a39-a1be-a905105e8942", "panelRefName": "panel_d45157f6-d934-4a39-a1be-a905105e8942", "title": "Policy Audit Event Essential Details [Logs CyberArk EPM]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_c115ce90-0f68-4a64-94b9-f052911f13c9_dashboard", + "id": "c115ce90-0f68-4a64-94b9-f052911f13c9", + "label": "Event Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_2b91f24e-a5f4-4a88-a0bf-bdf906145759_dashboard", + "id": "2b91f24e-a5f4-4a88-a0bf-bdf906145759", + "label": "Policy Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_94cbbd84-543d-45e5-a55c-24726286eb96_dashboard", + "id": "94cbbd84-543d-45e5-a55c-24726286eb96", + "label": "Admin Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + }, + "enhancements": {} + }, + "gridData": { + "h": 4, + "i": "dda61958-1429-4aad-85a1-ab5cb73f0b7a", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "dda61958-1429-4aad-85a1-ab5cb73f0b7a", + "title": "Navigation", + "type": "links" } ], "timeRestore": false, @@ -1289,9 +1345,8 @@ "version": 2 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T10:03:20.593Z", "id": "cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a", - "managed": true, "references": [ { "id": "logs-*", @@ -1343,6 +1398,31 @@ "name": "d45157f6-d934-4a39-a1be-a905105e8942:panel_d45157f6-d934-4a39-a1be-a905105e8942", "type": "search" }, + { + "id": "cyberark_epm-security-solution-default", + "name": "tag-ref-cyberark_epm-security-solution-default", + "type": "tag" + }, + { + "id": "cyberark_epm-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, + { + "id": "cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f", + "name": "dda61958-1429-4aad-85a1-ab5cb73f0b7a:link_c115ce90-0f68-4a64-94b9-f052911f13c9_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a", + "name": "dda61958-1429-4aad-85a1-ab5cb73f0b7a:link_2b91f24e-a5f4-4a88-a0bf-bdf906145759_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4", + "name": "dda61958-1429-4aad-85a1-ab5cb73f0b7a:link_94cbbd84-543d-45e5-a55c-24726286eb96_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_b98ebcbe-97cf-448d-ba36-a2e8220f4d7e:optionsListDataView", @@ -1362,18 +1442,9 @@ "id": "logs-*", "name": "controlGroup_1417e6e5-9c46-4c33-839e-be3eefa617b8:optionsListDataView", "type": "index-pattern" - }, - { - "id": "cyberark_epm-security-solution-default", - "name": "tag-ref-cyberark_epm-security-solution-default", - "type": "tag" - }, - { - "id": "cyberark_epm-security-solution-default", - "name": "tag-ref-security-solution-default", - "type": "tag" } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.2.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4.json b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4.json index 3e46ea31aaa..b8436993f21 100644 --- a/packages/cyberark_epm/kibana/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4.json +++ b/packages/cyberark_epm/kibana/dashboard/cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4.json @@ -116,7 +116,7 @@ "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**CyberArk EPM**\n\n- [Event Overview](#/dashboard/cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f)\n- [Policy Audit Overview](#/dashboard/cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a)\n- **Admin Audit Overview**\n\n**Overview**\n\nThis dashboard displays key statistics and visualizations based on admin audit event logs from the CyberArk EPM integration. It includes the top source IPs, administrators, and activities; a breakdown of events by assigned role and feature; along with a time-based event trend line chart and essential details about admin audit event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", + "markdown": "This dashboard displays key statistics and visualizations based on admin audit event logs from the CyberArk EPM integration. It includes the top source IPs, administrators, and activities; a breakdown of events by assigned role and feature; along with a time-based event trend line chart and essential details about admin audit event data.\n\n[**Integration Page**](/app/integrations/detail/cyberark_epm/overview)", "openLinksInNewTab": false }, "title": "", @@ -129,10 +129,10 @@ "i": "9760aa20-2862-46c9-95a2-d05bf947254d", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "9760aa20-2862-46c9-95a2-d05bf947254d", - "title": "Table of Content", + "title": "Overview", "type": "visualization" }, { @@ -292,7 +292,7 @@ "i": "4550932d-056e-48ed-b95c-0656abfddd6f", "w": 18, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "4550932d-056e-48ed-b95c-0656abfddd6f", "title": "Admin Audit Events by Assigned Role [Logs CyberArk EPM]", @@ -458,7 +458,7 @@ "i": "61c4cde8-2ff7-4758-af5a-b7bfdd8eaaed", "w": 18, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "61c4cde8-2ff7-4758-af5a-b7bfdd8eaaed", "title": "Admin Audit Events by Feature [Logs CyberArk EPM]", @@ -575,7 +575,7 @@ "i": "98d9a216-bd3c-4515-bb78-ccd82b47437d", "w": 18, "x": 12, - "y": 15 + "y": 19 }, "panelIndex": "98d9a216-bd3c-4515-bb78-ccd82b47437d", "title": "Top 10 Administrators [Logs CyberArk EPM]", @@ -693,7 +693,7 @@ "i": "20e09181-f242-4fd1-af3d-61c2ca9c9f5d", "w": 18, "x": 30, - "y": 15 + "y": 19 }, "panelIndex": "20e09181-f242-4fd1-af3d-61c2ca9c9f5d", "title": "Top 10 Source IP [Logs CyberArk EPM]", @@ -843,7 +843,7 @@ "i": "e05d2d41-7529-40a2-bf24-c74f01253238", "w": 22, "x": 0, - "y": 30 + "y": 34 }, "panelIndex": "e05d2d41-7529-40a2-bf24-c74f01253238", "title": "Admin Audit Events Over Time [Logs CyberArk EPM]", @@ -961,7 +961,7 @@ "i": "eb0b5b0e-e8e8-443d-acc8-37fbc36f3200", "w": 26, "x": 22, - "y": 30 + "y": 34 }, "panelIndex": "eb0b5b0e-e8e8-443d-acc8-37fbc36f3200", "title": "Top 10 Activities [Logs CyberArk EPM]", @@ -977,12 +977,68 @@ "i": "60aca238-e05a-4f5e-a26a-596137537eeb", "w": 48, "x": 0, - "y": 45 + "y": 49 }, "panelIndex": "60aca238-e05a-4f5e-a26a-596137537eeb", "panelRefName": "panel_60aca238-e05a-4f5e-a26a-596137537eeb", "title": "Admin Audit Event Essential Details [Logs CyberArk EPM]", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_c4b488e4-103d-44d3-b484-f004dc4fc4f1_dashboard", + "id": "c4b488e4-103d-44d3-b484-f004dc4fc4f1", + "label": "Event Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_cd86e761-4efe-47ee-8add-93a0b9f359d9_dashboard", + "id": "cd86e761-4efe-47ee-8add-93a0b9f359d9", + "label": "Policy Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_a3f6f19e-70f1-4fff-afd4-4ad164054379_dashboard", + "id": "a3f6f19e-70f1-4fff-afd4-4ad164054379", + "label": "Admin Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + }, + "enhancements": {} + }, + "gridData": { + "h": 4, + "i": "9e9f2b1e-2f05-462e-a87f-4cea1b331cfc", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "9e9f2b1e-2f05-462e-a87f-4cea1b331cfc", + "title": "Navigation", + "type": "links" } ], "timeRestore": false, @@ -990,9 +1046,8 @@ "version": 2 }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T10:03:19.149Z", "id": "cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4", - "managed": true, "references": [ { "id": "logs-*", @@ -1034,16 +1089,6 @@ "name": "60aca238-e05a-4f5e-a26a-596137537eeb:panel_60aca238-e05a-4f5e-a26a-596137537eeb", "type": "search" }, - { - "id": "logs-*", - "name": "controlGroup_b98ebcbe-97cf-448d-ba36-a2e8220f4d7e:optionsListDataView", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "controlGroup_8f174546-6fa2-40c0-9825-1cc773570b2c:optionsListDataView", - "type": "index-pattern" - }, { "id": "cyberark_epm-security-solution-default", "name": "tag-ref-cyberark_epm-security-solution-default", @@ -1053,8 +1098,34 @@ "id": "cyberark_epm-security-solution-default", "name": "tag-ref-security-solution-default", "type": "tag" + }, + { + "id": "cyberark_epm-235e1190-62b9-4d30-99d9-f6d640a5065f", + "name": "9e9f2b1e-2f05-462e-a87f-4cea1b331cfc:link_c4b488e4-103d-44d3-b484-f004dc4fc4f1_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-503ef0b0-fbbb-458c-96a1-e6a5d9f5810a", + "name": "9e9f2b1e-2f05-462e-a87f-4cea1b331cfc:link_cd86e761-4efe-47ee-8add-93a0b9f359d9_dashboard", + "type": "dashboard" + }, + { + "id": "cyberark_epm-b015df85-92b5-450a-91d4-4ff8bd9505f4", + "name": "9e9f2b1e-2f05-462e-a87f-4cea1b331cfc:link_a3f6f19e-70f1-4fff-afd4-4ad164054379_dashboard", + "type": "dashboard" + }, + { + "id": "logs-*", + "name": "controlGroup_b98ebcbe-97cf-448d-ba36-a2e8220f4d7e:optionsListDataView", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_8f174546-6fa2-40c0-9825-1cc773570b2c:optionsListDataView", + "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.2.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/cyberark_epm/kibana/search/cyberark_epm-289b72be-f568-4132-a4ed-6d8a36c76b0f.json b/packages/cyberark_epm/kibana/search/cyberark_epm-289b72be-f568-4132-a4ed-6d8a36c76b0f.json index 00830872880..388a2a48522 100644 --- a/packages/cyberark_epm/kibana/search/cyberark_epm-289b72be-f568-4132-a4ed-6d8a36c76b0f.json +++ b/packages/cyberark_epm/kibana/search/cyberark_epm-289b72be-f568-4132-a4ed-6d8a36c76b0f.json @@ -55,9 +55,8 @@ "title": "Event Essential Details [Logs CyberArk EPM]" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T09:50:35.737Z", "id": "cyberark_epm-289b72be-f568-4132-a4ed-6d8a36c76b0f", - "managed": true, "references": [ { "id": "logs-*", diff --git a/packages/cyberark_epm/kibana/search/cyberark_epm-29d9ab5e-24eb-4dc5-ac5c-ee45af9805fe.json b/packages/cyberark_epm/kibana/search/cyberark_epm-29d9ab5e-24eb-4dc5-ac5c-ee45af9805fe.json index 416acb17af5..9f0ed136359 100644 --- a/packages/cyberark_epm/kibana/search/cyberark_epm-29d9ab5e-24eb-4dc5-ac5c-ee45af9805fe.json +++ b/packages/cyberark_epm/kibana/search/cyberark_epm-29d9ab5e-24eb-4dc5-ac5c-ee45af9805fe.json @@ -53,9 +53,8 @@ "title": "Admin Audit Event Essential Details [Logs CyberArk EPM]" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T09:50:35.737Z", "id": "cyberark_epm-29d9ab5e-24eb-4dc5-ac5c-ee45af9805fe", - "managed": true, "references": [ { "id": "logs-*", diff --git a/packages/cyberark_epm/kibana/search/cyberark_epm-d459827d-4bc4-4ca8-85a2-7466fceff573.json b/packages/cyberark_epm/kibana/search/cyberark_epm-d459827d-4bc4-4ca8-85a2-7466fceff573.json index 1db00619d5e..ee924d0a887 100644 --- a/packages/cyberark_epm/kibana/search/cyberark_epm-d459827d-4bc4-4ca8-85a2-7466fceff573.json +++ b/packages/cyberark_epm/kibana/search/cyberark_epm-d459827d-4bc4-4ca8-85a2-7466fceff573.json @@ -55,9 +55,8 @@ "title": "Policy Audit Event Essential Details [Logs CyberArk EPM]" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:08.795Z", + "created_at": "2025-12-31T09:50:35.737Z", "id": "cyberark_epm-d459827d-4bc4-4ca8-85a2-7466fceff573", - "managed": true, "references": [ { "id": "logs-*", diff --git a/packages/cyberark_epm/kibana/tag/cyberark_epm-security-solution-default.json b/packages/cyberark_epm/kibana/tag/cyberark_epm-security-solution-default.json index 33084c43643..e1ba4c081cf 100644 --- a/packages/cyberark_epm/kibana/tag/cyberark_epm-security-solution-default.json +++ b/packages/cyberark_epm/kibana/tag/cyberark_epm-security-solution-default.json @@ -1,13 +1,12 @@ { "attributes": { - "color": "#F583B7", + "color": "#A0A0A0", "description": "Tag defined in package-spec", "name": "Security Solution" }, "coreMigrationVersion": "8.8.0", - "created_at": "2025-01-06T05:42:09.618Z", + "created_at": "2025-12-31T09:31:48.758Z", "id": "cyberark_epm-security-solution-default", - "managed": true, "references": [], "type": "tag", "typeMigrationVersion": "8.0.0" diff --git a/packages/cyberark_epm/manifest.yml b/packages/cyberark_epm/manifest.yml index 00539a6de47..6b033d4485e 100644 --- a/packages/cyberark_epm/manifest.yml +++ b/packages/cyberark_epm/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: cyberark_epm title: CyberArk EPM -version: "1.2.2" +version: "1.3.0" description: Collect logs from CyberArk EPM with Elastic Agent. type: integration categories: diff --git a/packages/proofpoint_on_demand/changelog.yml b/packages/proofpoint_on_demand/changelog.yml index 6a75a9f35f7..16d0f55d083 100644 --- a/packages/proofpoint_on_demand/changelog.yml +++ b/packages/proofpoint_on_demand/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.8.0" + changes: + - description: Use links panel in Dashboards. + type: enhancement + link: https://github.com/elastic/integrations/pull/16740 - version: "1.7.0" changes: - description: Added support for `keep_alive` and `keep_alive_interval` configuration options at the data stream level. diff --git a/packages/proofpoint_on_demand/img/proofpoint_on_demand-audit-dashboard.png b/packages/proofpoint_on_demand/img/proofpoint_on_demand-audit-dashboard.png index b95806492d0..a06dc298b2b 100644 Binary files a/packages/proofpoint_on_demand/img/proofpoint_on_demand-audit-dashboard.png and b/packages/proofpoint_on_demand/img/proofpoint_on_demand-audit-dashboard.png differ diff --git a/packages/proofpoint_on_demand/img/proofpoint_on_demand-mail-dashboard.png b/packages/proofpoint_on_demand/img/proofpoint_on_demand-mail-dashboard.png index b05ea880e51..1fcbd8004ca 100644 Binary files a/packages/proofpoint_on_demand/img/proofpoint_on_demand-mail-dashboard.png and b/packages/proofpoint_on_demand/img/proofpoint_on_demand-mail-dashboard.png differ diff --git a/packages/proofpoint_on_demand/img/proofpoint_on_demand-message-dashboard.png b/packages/proofpoint_on_demand/img/proofpoint_on_demand-message-dashboard.png index b2046a55d30..f5ecf8370f1 100644 Binary files a/packages/proofpoint_on_demand/img/proofpoint_on_demand-message-dashboard.png and b/packages/proofpoint_on_demand/img/proofpoint_on_demand-message-dashboard.png differ diff --git a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609.json b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609.json index 07374c83294..b4161b5eed1 100644 --- a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609.json +++ b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609.json @@ -12,13 +12,17 @@ "panelsJSON": { "1b623d53-b699-43f0-88d5-10d0ca937162": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "proofpoint_on_demand.audit.resource_type", - "grow": true, - "id": "1b623d53-b699-43f0-88d5-10d0ca937162", "searchTechnique": "prefix", - "title": "Resource Type", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Resource Type" }, "grow": true, "order": 2, @@ -27,13 +31,17 @@ }, "216b4986-9d28-4725-9d13-470b51af97f2": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "log.level", - "grow": true, - "id": "216b4986-9d28-4725-9d13-470b51af97f2", "searchTechnique": "prefix", - "title": "Audit Level", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Audit Level" }, "grow": true, "order": 0, @@ -42,20 +50,25 @@ }, "fbececeb-6a79-46c3-bd9c-d722ae99e83e": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "event.action", - "grow": true, - "id": "fbececeb-6a79-46c3-bd9c-d722ae99e83e", "searchTechnique": "prefix", - "title": "Audit Action", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Audit Action" }, "grow": true, "order": 1, "type": "optionsListControl", "width": "medium" } - } + }, + "showApplySelections": false }, "description": "Overview of Proofpoint On Demand Audit Events.", "kibanaSavedObjectMeta": { @@ -100,7 +113,11 @@ "panelsJSON": [ { "embeddableConfig": { - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "savedVis": { "data": { "aggs": [], @@ -113,26 +130,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Proofpoint On Demand** \n\n[Message Overview](#/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4) \n[Mail Overview](#/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef) \n[**Audit Overview (This Page)**](#/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609) \n\n**Audit Overview**\n\nThis dashboard provides a thorough insight into audit operations, showcasing the distribution of audit events by Action and Resource Type. Additionally, it monitors the top 10 Users and Source IPs. By analyzing this data, it strengthens the understanding of audit-related information across organization.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", + "markdown": "This dashboard provides a thorough insight into audit operations, showcasing the distribution of audit events by Action and Resource Type. Additionally, it monitors the top 10 Users and Source IPs. By analyzing this data, it strengthens the understanding of audit-related information across organization.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 31, "i": "8697693d-2c51-4972-8b87-da3571ea3073", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "8697693d-2c51-4972-8b87-da3571ea3073", - "title": "Table Of Contents", "type": "visualization" }, { @@ -264,17 +280,17 @@ "type": "lens", "visualizationType": "lnsPie" }, - "enhancements": {} + "enhancements": {}, + "title": "Audit Events by Action [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "143518df-1984-4cdf-b5e9-e79220f94563", "w": 18, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "143518df-1984-4cdf-b5e9-e79220f94563", - "title": "Audit Events by Action [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -383,17 +399,17 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Source IP [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "8f286997-b981-426a-a1e1-fac0f60553e3", "w": 18, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "8f286997-b981-426a-a1e1-fac0f60553e3", - "title": "Top 10 Source IP [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -547,17 +563,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Audit Events by Resource Type [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "0173ffee-208a-4e77-ab5e-707431280740", "w": 36, "x": 12, - "y": 16 + "y": 20 }, "panelIndex": "0173ffee-208a-4e77-ab5e-707431280740", - "title": "Audit Events by Resource Type [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -667,49 +683,108 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Users [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "98511de2-d302-4be4-9029-58bac2f6d87e", "w": 48, "x": 0, - "y": 31 + "y": 35 }, "panelIndex": "98511de2-d302-4be4-9029-58bac2f6d87e", - "title": "Top 10 Users [Logs Proofpoint On Demand]", "type": "lens" }, { "embeddableConfig": { - "enhancements": {} + "enhancements": {}, + "savedObjectId": "proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c" }, "gridData": { "h": 18, "i": "5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb", "w": 48, "x": 0, - "y": 47 + "y": 51 }, "panelIndex": "5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb", "panelRefName": "panel_5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_08e7a21e-4f08-4bb7-a93a-bbe4eb0338b4_dashboard", + "id": "08e7a21e-4f08-4bb7-a93a-bbe4eb0338b4", + "label": "Message Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_9869df93-4572-4048-be03-220a48e2fe7f_dashboard", + "id": "9869df93-4572-4048-be03-220a48e2fe7f", + "label": "Mail Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_81c824cb-58d5-4a65-babf-07d0a2869890_dashboard", + "id": "81c824cb-58d5-4a65-babf-07d0a2869890", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "b3016cfa-0d46-4f57-9ba1-6ccc949998c8", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "b3016cfa-0d46-4f57-9ba1-6ccc949998c8", + "type": "links" } ], "timeRestore": false, "title": "[Logs Proofpoint On Demand] Audit Overview", - "version": 1 + "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:35:53.320Z", + "created_at": "2025-12-31T06:57:09.567Z", "id": "proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609", - "managed": false, "references": [ { "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, { "id": "logs-*", "name": "143518df-1984-4cdf-b5e9-e79220f94563:indexpattern-datasource-layer-1fb618c2-c018-4d25-b8af-32ce3cd19da5", @@ -736,9 +811,29 @@ "type": "search" }, { - "id": "logs-*", - "name": "controlGroup_1b623d53-b699-43f0-88d5-10d0ca937162:optionsListDataView", - "type": "index-pattern" + "id": "proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c", + "name": "5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb:panel_5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb", + "type": "search" + }, + { + "id": "proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c", + "name": "5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb:panel_5409a90c-b8e7-4a7b-8b1d-1eb364ec4eeb", + "type": "search" + }, + { + "id": "proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4", + "name": "b3016cfa-0d46-4f57-9ba1-6ccc949998c8:link_08e7a21e-4f08-4bb7-a93a-bbe4eb0338b4_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef", + "name": "b3016cfa-0d46-4f57-9ba1-6ccc949998c8:link_9869df93-4572-4048-be03-220a48e2fe7f_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609", + "name": "b3016cfa-0d46-4f57-9ba1-6ccc949998c8:link_81c824cb-58d5-4a65-babf-07d0a2869890_dashboard", + "type": "dashboard" }, { "id": "logs-*", @@ -749,8 +844,19 @@ "id": "logs-*", "name": "controlGroup_fbececeb-6a79-46c3-bd9c-d722ae99e83e:optionsListDataView", "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_1b623d53-b699-43f0-88d5-10d0ca937162:optionsListDataView", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "8.9.0" + "typeMigrationVersion": "10.3.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4.json b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4.json index 051264d173c..47c1d1b6149 100644 --- a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4.json +++ b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4.json @@ -12,13 +12,17 @@ "panelsJSON": { "5865a649-4709-4e40-99a7-ea734c919e0f": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "observer.hostname", - "grow": true, - "id": "5865a649-4709-4e40-99a7-ea734c919e0f", "searchTechnique": "prefix", - "title": "Agent", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Agent" }, "grow": true, "order": 0, @@ -27,13 +31,17 @@ }, "795e2162-11cb-4acb-b387-1c1cbb7a3464": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "proofpoint_on_demand.message.filter.disposition", - "grow": true, - "id": "795e2162-11cb-4acb-b387-1c1cbb7a3464", "searchTechnique": "prefix", - "title": "Disposition", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Disposition" }, "grow": true, "order": 2, @@ -42,20 +50,25 @@ }, "fdf0e4a8-c62f-4ba2-bb15-0ad75d742352": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "network.direction", - "grow": true, - "id": "fdf0e4a8-c62f-4ba2-bb15-0ad75d742352", "searchTechnique": "prefix", - "title": "Route Direction", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Route Direction" }, "grow": true, "order": 1, "type": "optionsListControl", "width": "medium" } - } + }, + "showApplySelections": false }, "description": "Overview of Proofpoint On Demand Message Events.", "kibanaSavedObjectMeta": { @@ -100,7 +113,11 @@ "panelsJSON": [ { "embeddableConfig": { - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "savedVis": { "data": { "aggs": [], @@ -113,26 +130,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Proofpoint On Demand** \n\n[**Message Overview (This Page)**](#/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4) \n[Mail Overview](#/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef) \n[Audit Overview](#/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609) \n\n**Message Overview**\n\nThis dashboard offers a comprehensive view of message traffic, including the geographic locations of senders, a summary of policy outcomes for DMARC, Anti-Spam, and Anti-Virus, as well as an analysis of messages by quarantine folder, disposition, and protocol. Additionally, it monitors the top 10 senders and receivers. Utilizing this data, it enhances the understanding of email traffic trends and helps in improving the email security posture.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", + "markdown": "This dashboard offers a comprehensive view of message traffic, including the geographic locations of senders, a summary of policy outcomes for DMARC, Anti-Spam, and Anti-Virus, as well as an analysis of messages by quarantine folder, disposition, and protocol. Additionally, it monitors the top 10 senders and receivers. Utilizing this data, it enhances the understanding of email traffic trends and helps in improving the email security posture.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 22, "i": "6fafde4b-c6e8-4f2c-908f-b8c5f9225b5e", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "6fafde4b-c6e8-4f2c-908f-b8c5f9225b5e", - "title": "Table Of Contents", "type": "visualization" }, { @@ -242,17 +258,17 @@ "visualizationType": "lnsMetric" }, "enhancements": {}, - "hidePanelTitles": true + "hidePanelTitles": true, + "title": "Total Messages [Logs Proofpoint On Demand]" }, "gridData": { "h": 9, "i": "c47f0c79-8320-47dd-b3ce-46451c64d55d", "w": 9, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "c47f0c79-8320-47dd-b3ce-46451c64d55d", - "title": "Total Messages [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -354,17 +370,17 @@ "visualizationType": "lnsMetric" }, "enhancements": {}, - "hidePanelTitles": true + "hidePanelTitles": true, + "title": "Inbound Messages [Logs Proofpoint On Demand]" }, "gridData": { "h": 9, "i": "708f28ba-a526-423f-8cdf-8d53e88463e6", "w": 9, "x": 21, - "y": 0 + "y": 4 }, "panelIndex": "708f28ba-a526-423f-8cdf-8d53e88463e6", - "title": "Inbound Messages [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -466,17 +482,17 @@ "visualizationType": "lnsMetric" }, "enhancements": {}, - "hidePanelTitles": true + "hidePanelTitles": true, + "title": "Outbound Messages [Logs Proofpoint On Demand]" }, "gridData": { "h": 9, "i": "4232a1fc-38d5-4e9c-a155-828857f0870b", "w": 9, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "4232a1fc-38d5-4e9c-a155-828857f0870b", - "title": "Outbound Messages [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -644,17 +660,17 @@ "visualizationType": "lnsMetric" }, "enhancements": {}, - "hidePanelTitles": true + "hidePanelTitles": true, + "title": "Blocked Messages [Logs Proofpoint On Demand]" }, "gridData": { "h": 9, "i": "edc6b05f-9897-4979-832e-da9da0bd1732", "w": 9, "x": 39, - "y": 0 + "y": 4 }, "panelIndex": "edc6b05f-9897-4979-832e-da9da0bd1732", - "title": "Blocked Messages [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -785,17 +801,17 @@ "type": "lens", "visualizationType": "lnsPie" }, - "enhancements": {} + "enhancements": {}, + "title": "Message Events by Protocol [Logs Proofpoint On Demand]" }, "gridData": { "h": 13, "i": "584d6e10-fe76-4d5c-a2eb-37709faec51e", "w": 18, "x": 12, - "y": 9 + "y": 13 }, "panelIndex": "584d6e10-fe76-4d5c-a2eb-37709faec51e", - "title": "Message Events by Protocol [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -927,17 +943,17 @@ "type": "lens", "visualizationType": "lnsPie" }, - "enhancements": {} + "enhancements": {}, + "title": "Message Events by Disposition [Logs Proofpoint On Demand]" }, "gridData": { "h": 13, "i": "7022829f-c22a-446f-8981-bd0c67e858cb", "w": 18, "x": 30, - "y": 9 + "y": 13 }, "panelIndex": "7022829f-c22a-446f-8981-bd0c67e858cb", - "title": "Message Events by Disposition [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -1129,17 +1145,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Messages Over Time [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "33af2834-6864-4254-9020-ab08f3f1c425", "w": 48, "x": 0, - "y": 22 + "y": 26 }, "panelIndex": "33af2834-6864-4254-9020-ab08f3f1c425", - "title": "Messages Over Time [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -1374,17 +1390,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Blocked Messages Over Time [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "4836326d-d548-4026-8c71-4c3a6f7445e8", "w": 48, "x": 0, - "y": 37 + "y": 41 }, "panelIndex": "4836326d-d548-4026-8c71-4c3a6f7445e8", - "title": "Blocked Messages Over Time [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -1547,17 +1563,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Top AntiSpam Results [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "9c5984e9-e289-4be7-a3f3-06e580d8a326", "w": 24, "x": 0, - "y": 52 + "y": 56 }, "panelIndex": "9c5984e9-e289-4be7-a3f3-06e580d8a326", - "title": "Top AntiSpam Results [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -1720,17 +1736,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Top AntiVirus Results [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "6a21d63d-a125-428d-a388-26bed4e71f0b", "w": 24, "x": 24, - "y": 52 + "y": 56 }, "panelIndex": "6a21d63d-a125-428d-a388-26bed4e71f0b", - "title": "Top AntiVirus Results [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -1866,17 +1882,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "DMARC Summary Results [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "e64b841e-88be-46aa-b74e-87bc2fb7546e", "w": 24, "x": 0, - "y": 67 + "y": 71 }, "panelIndex": "e64b841e-88be-46aa-b74e-87bc2fb7546e", - "title": "DMARC Summary Results [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2030,17 +2046,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Message Events by TLS Cipher Algorithm [Logs Proofpoint On Demand]" }, "gridData": { "h": 15, "i": "3c1a8209-e309-44a4-88c4-1b03ad2198ec", "w": 24, "x": 24, - "y": 67 + "y": 71 }, "panelIndex": "3c1a8209-e309-44a4-88c4-1b03ad2198ec", - "title": "Message Events by TLS Cipher Algorithm [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2154,17 +2170,17 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Sender IP [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "32048013-1e25-48fb-93c0-20e8f39a338e", "w": 24, "x": 0, - "y": 82 + "y": 86 }, "panelIndex": "32048013-1e25-48fb-93c0-20e8f39a338e", - "title": "Top 10 Sender IP [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2317,17 +2333,17 @@ "type": "lens", "visualizationType": "lnsXY" }, - "enhancements": {} + "enhancements": {}, + "title": "Quarantine Trends [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "b4b2df94-e8d7-418f-ac9a-009890ea8bea", "w": 24, "x": 24, - "y": 82 + "y": 86 }, "panelIndex": "b4b2df94-e8d7-418f-ac9a-009890ea8bea", - "title": "Quarantine Trends [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2442,17 +2458,17 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Recipients [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "88255433-785b-48f4-833b-28094cd4d509", "w": 24, "x": 24, - "y": 98 + "y": 102 }, "panelIndex": "88255433-785b-48f4-833b-28094cd4d509", - "title": "Top 10 Recipients [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2566,17 +2582,17 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Senders [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "55e6d13d-3296-4a37-9caf-8633978aaf44", "w": 24, "x": 0, - "y": 98 + "y": 102 }, "panelIndex": "55e6d13d-3296-4a37-9caf-8633978aaf44", - "title": "Top 10 Senders [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -2676,49 +2692,108 @@ "type": "lens", "visualizationType": "lnsChoropleth" }, - "enhancements": {} + "enhancements": {}, + "title": "Top Sender Countries [Logs Proofpoint On Demand]" }, "gridData": { "h": 18, "i": "42bf2288-5174-4998-8192-05cf4dfdcd63", "w": 48, "x": 0, - "y": 114 + "y": 118 }, "panelIndex": "42bf2288-5174-4998-8192-05cf4dfdcd63", - "title": "Top Sender Countries [Logs Proofpoint On Demand]", "type": "lens" }, { "embeddableConfig": { - "enhancements": {} + "enhancements": {}, + "savedObjectId": "proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b" }, "gridData": { "h": 16, "i": "5c02bd3d-f1b8-423f-b813-63676219fe43", "w": 48, "x": 0, - "y": 132 + "y": 136 }, "panelIndex": "5c02bd3d-f1b8-423f-b813-63676219fe43", "panelRefName": "panel_5c02bd3d-f1b8-423f-b813-63676219fe43", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_3d8a9f8a-690e-472d-b443-66f55a9f9f8a_dashboard", + "id": "3d8a9f8a-690e-472d-b443-66f55a9f9f8a", + "label": "Message Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_c0ff5d3c-3d45-4fc3-bbfd-cbdd12d6ae78_dashboard", + "id": "c0ff5d3c-3d45-4fc3-bbfd-cbdd12d6ae78", + "label": "Mail Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_61bd9f19-ab34-4fd2-b4c5-cd61446481b9_dashboard", + "id": "61bd9f19-ab34-4fd2-b4c5-cd61446481b9", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "a46d6116-1270-4ad5-ad03-2913be17ded9", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "a46d6116-1270-4ad5-ad03-2913be17ded9", + "type": "links" } ], "timeRestore": false, "title": "[Logs Proofpoint On Demand] Message Overview", - "version": 1 + "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:35:04.061Z", + "created_at": "2025-12-31T06:57:11.174Z", "id": "proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4", - "managed": false, "references": [ { "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, { "id": "logs-*", "name": "c47f0c79-8320-47dd-b3ce-46451c64d55d:indexpattern-datasource-layer-30fa7362-b510-41fa-a9f3-103c9957f902", @@ -2844,11 +2919,46 @@ "name": "5c02bd3d-f1b8-423f-b813-63676219fe43:panel_5c02bd3d-f1b8-423f-b813-63676219fe43", "type": "search" }, + { + "id": "proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b", + "name": "5c02bd3d-f1b8-423f-b813-63676219fe43:panel_5c02bd3d-f1b8-423f-b813-63676219fe43", + "type": "search" + }, + { + "id": "proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b", + "name": "5c02bd3d-f1b8-423f-b813-63676219fe43:panel_5c02bd3d-f1b8-423f-b813-63676219fe43", + "type": "search" + }, + { + "id": "proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b", + "name": "5c02bd3d-f1b8-423f-b813-63676219fe43:panel_5c02bd3d-f1b8-423f-b813-63676219fe43", + "type": "search" + }, + { + "id": "proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4", + "name": "a46d6116-1270-4ad5-ad03-2913be17ded9:link_3d8a9f8a-690e-472d-b443-66f55a9f9f8a_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef", + "name": "a46d6116-1270-4ad5-ad03-2913be17ded9:link_c0ff5d3c-3d45-4fc3-bbfd-cbdd12d6ae78_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609", + "name": "a46d6116-1270-4ad5-ad03-2913be17ded9:link_61bd9f19-ab34-4fd2-b4c5-cd61446481b9_dashboard", + "type": "dashboard" + }, { "id": "logs-*", "name": "controlGroup_5865a649-4709-4e40-99a7-ea734c919e0f:optionsListDataView", "type": "index-pattern" }, + { + "id": "logs-*", + "name": "controlGroup_fdf0e4a8-c62f-4ba2-bb15-0ad75d742352:optionsListDataView", + "type": "index-pattern" + }, { "id": "logs-*", "name": "controlGroup_795e2162-11cb-4acb-b387-1c1cbb7a3464:optionsListDataView", @@ -2856,10 +2966,11 @@ }, { "id": "logs-*", - "name": "controlGroup_fdf0e4a8-c62f-4ba2-bb15-0ad75d742352:optionsListDataView", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "8.9.0" + "typeMigrationVersion": "10.3.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef.json b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef.json index 085c6537cd9..24bbbf0b0ab 100644 --- a/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef.json +++ b/packages/proofpoint_on_demand/kibana/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef.json @@ -12,13 +12,17 @@ "panelsJSON": { "1c179d43-6d14-402e-89e9-20c7bfc04e7b": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "proofpoint_on_demand.mail.sm.tls.verify", - "grow": true, - "id": "1c179d43-6d14-402e-89e9-20c7bfc04e7b", "searchTechnique": "prefix", - "title": "TLS Verify Result", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "TLS Verify Result" }, "grow": true, "order": 1, @@ -27,20 +31,25 @@ }, "262f7189-64ad-464e-b1e2-c7b484f7e4a3": { "explicitInput": { - "enhancements": {}, + "dataViewId": "logs-*", + "exclude": false, + "existsSelected": false, "fieldName": "observer.hostname", - "grow": true, - "id": "262f7189-64ad-464e-b1e2-c7b484f7e4a3", "searchTechnique": "prefix", - "title": "Agent", - "width": "medium" + "selectedOptions": [], + "sort": { + "by": "_count", + "direction": "desc" + }, + "title": "Agent" }, "grow": true, "order": 0, "type": "optionsListControl", "width": "medium" } - } + }, + "showApplySelections": false }, "description": "Overview of Proofpoint On Demand Mail Events.", "kibanaSavedObjectMeta": { @@ -85,7 +94,11 @@ "panelsJSON": [ { "embeddableConfig": { - "enhancements": {}, + "enhancements": { + "dynamicActions": { + "events": [] + } + }, "savedVis": { "data": { "aggs": [], @@ -98,26 +111,25 @@ } }, "description": "", - "id": "", "params": { "fontSize": 12, - "markdown": "**Navigation**\n\n**Proofpoint On Demand** \n\n[Message Overview](#/dashboard/proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4) \n[**Mail Overview (This Page)**](#/dashboard/proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef) \n[Audit Overview](#/dashboard/proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609) \n\n**Mail Overview**\n\nThis dashboard offers a detailed overview of email activities, covering the distribution of emails by mailer and protocol. It also tracks the top 10 senders and receivers. By leveraging this information, it improves the comprehension of trends in email traffic.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", + "markdown": "This dashboard offers a detailed overview of email activities, covering the distribution of emails by mailer and protocol. It also tracks the top 10 senders and receivers. By leveraging this information, it improves the comprehension of trends in email traffic.\n\n[**Integration Page**](/app/integrations/detail/proofpoint_on_demand/overview)\n", "openLinksInNewTab": false }, "title": "", "type": "markdown", "uiState": {} - } + }, + "title": "Overview" }, "gridData": { "h": 29, "i": "02acfc4c-cfd3-4de6-89b4-18bf474c2bf8", "w": 12, "x": 0, - "y": 0 + "y": 4 }, "panelIndex": "02acfc4c-cfd3-4de6-89b4-18bf474c2bf8", - "title": "Table Of Contents", "type": "visualization" }, { @@ -248,17 +260,17 @@ "type": "lens", "visualizationType": "lnsPie" }, - "enhancements": {} + "enhancements": {}, + "title": "Mail Events by Protocol [Logs Proofpoint On Demand]" }, "gridData": { "h": 13, "i": "d994e79d-8e9a-4a4f-a0e9-c69b357bc78d", "w": 18, "x": 12, - "y": 0 + "y": 4 }, "panelIndex": "d994e79d-8e9a-4a4f-a0e9-c69b357bc78d", - "title": "Mail Events by Protocol [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -389,17 +401,17 @@ "type": "lens", "visualizationType": "lnsPie" }, - "enhancements": {} + "enhancements": {}, + "title": "Mail Events by Mailer [Logs Proofpoint On Demand]" }, "gridData": { "h": 13, "i": "f5ee2134-d947-4c27-8cfe-aca9e4e82eab", "w": 18, "x": 30, - "y": 0 + "y": 4 }, "panelIndex": "f5ee2134-d947-4c27-8cfe-aca9e4e82eab", - "title": "Mail Events by Mailer [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -508,17 +520,17 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Senders [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "cd3b416e-77c5-4a55-96de-2c8d4ff78983", "w": 36, "x": 12, - "y": 13 + "y": 17 }, "panelIndex": "cd3b416e-77c5-4a55-96de-2c8d4ff78983", - "title": "Top 10 Senders [Logs Proofpoint On Demand]", "type": "lens" }, { @@ -628,49 +640,108 @@ "type": "lens", "visualizationType": "lnsDatatable" }, - "enhancements": {} + "enhancements": {}, + "title": "Top 10 Recipients [Logs Proofpoint On Demand]" }, "gridData": { "h": 16, "i": "62340a5d-413f-4f72-b044-06a8ca297655", "w": 48, "x": 0, - "y": 29 + "y": 33 }, "panelIndex": "62340a5d-413f-4f72-b044-06a8ca297655", - "title": "Top 10 Recipients [Logs Proofpoint On Demand]", "type": "lens" }, { "embeddableConfig": { - "enhancements": {} + "enhancements": {}, + "savedObjectId": "proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d" }, "gridData": { "h": 17, "i": "9ece168b-6e07-43ee-9dec-608c033bbfeb", "w": 48, "x": 0, - "y": 45 + "y": 49 }, "panelIndex": "9ece168b-6e07-43ee-9dec-608c033bbfeb", "panelRefName": "panel_9ece168b-6e07-43ee-9dec-608c033bbfeb", "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "layout": "horizontal", + "links": [ + { + "destinationRefName": "link_2b672f5d-d9f6-4459-bda4-bbe1df25cd5f_dashboard", + "id": "2b672f5d-d9f6-4459-bda4-bbe1df25cd5f", + "label": "Message Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 0, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_2f3ee57b-58ec-4432-ace6-9632d2944209_dashboard", + "id": "2f3ee57b-58ec-4432-ace6-9632d2944209", + "label": "Mail Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 1, + "type": "dashboardLink" + }, + { + "destinationRefName": "link_c43f3f92-8a98-443c-b718-a4adee3f6324_dashboard", + "id": "c43f3f92-8a98-443c-b718-a4adee3f6324", + "label": "Audit Overview", + "options": { + "openInNewTab": false, + "useCurrentDateRange": false, + "useCurrentFilters": false + }, + "order": 2, + "type": "dashboardLink" + } + ] + } + }, + "gridData": { + "h": 4, + "i": "803da291-1729-47c7-a53c-e6fad2f27a70", + "w": 48, + "x": 0, + "y": 0 + }, + "panelIndex": "803da291-1729-47c7-a53c-e6fad2f27a70", + "type": "links" } ], "timeRestore": false, "title": "[Logs Proofpoint On Demand] Mail Overview", - "version": 1 + "version": 3 }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:35:27.258Z", + "created_at": "2025-12-31T06:57:10.161Z", "id": "proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef", - "managed": false, "references": [ { "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" + }, { "id": "logs-*", "name": "d994e79d-8e9a-4a4f-a0e9-c69b357bc78d:indexpattern-datasource-layer-1fb618c2-c018-4d25-b8af-32ce3cd19da5", @@ -696,6 +767,41 @@ "name": "9ece168b-6e07-43ee-9dec-608c033bbfeb:panel_9ece168b-6e07-43ee-9dec-608c033bbfeb", "type": "search" }, + { + "id": "proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d", + "name": "9ece168b-6e07-43ee-9dec-608c033bbfeb:panel_9ece168b-6e07-43ee-9dec-608c033bbfeb", + "type": "search" + }, + { + "id": "proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d", + "name": "9ece168b-6e07-43ee-9dec-608c033bbfeb:panel_9ece168b-6e07-43ee-9dec-608c033bbfeb", + "type": "search" + }, + { + "id": "proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d", + "name": "9ece168b-6e07-43ee-9dec-608c033bbfeb:panel_9ece168b-6e07-43ee-9dec-608c033bbfeb", + "type": "search" + }, + { + "id": "proofpoint_on_demand-ae89dee7-9dc7-4121-ba6a-93c408307ee4", + "name": "803da291-1729-47c7-a53c-e6fad2f27a70:link_2b672f5d-d9f6-4459-bda4-bbe1df25cd5f_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-e84a69fa-843b-4697-8b9c-cd9b005581ef", + "name": "803da291-1729-47c7-a53c-e6fad2f27a70:link_2f3ee57b-58ec-4432-ace6-9632d2944209_dashboard", + "type": "dashboard" + }, + { + "id": "proofpoint_on_demand-77feed4b-c40f-45f4-b9dd-7094a6877609", + "name": "803da291-1729-47c7-a53c-e6fad2f27a70:link_c43f3f92-8a98-443c-b718-a4adee3f6324_dashboard", + "type": "dashboard" + }, + { + "id": "logs-*", + "name": "controlGroup_262f7189-64ad-464e-b1e2-c7b484f7e4a3:optionsListDataView", + "type": "index-pattern" + }, { "id": "logs-*", "name": "controlGroup_1c179d43-6d14-402e-89e9-20c7bfc04e7b:optionsListDataView", @@ -703,10 +809,11 @@ }, { "id": "logs-*", - "name": "controlGroup_262f7189-64ad-464e-b1e2-c7b484f7e4a3:optionsListDataView", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" } ], "type": "dashboard", - "typeMigrationVersion": "8.9.0" + "typeMigrationVersion": "10.3.0", + "updated_by": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c.json b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c.json index 2af9f6001c4..237c3aa0b93 100644 --- a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c.json +++ b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c.json @@ -56,9 +56,8 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:28:46.096Z", + "created_at": "2025-12-31T06:56:31.975Z", "id": "proofpoint_on_demand-47445983-1383-4de7-9a0a-3f39f46e5b5c", - "managed": true, "references": [ { "id": "logs-*", @@ -69,8 +68,13 @@ "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" + }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" } ], "type": "search", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.5.0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d.json b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d.json index 034996f08e3..8355928345e 100644 --- a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d.json +++ b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d.json @@ -56,9 +56,8 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:28:46.096Z", + "created_at": "2025-12-31T06:56:31.975Z", "id": "proofpoint_on_demand-7748df39-1f80-4506-8e47-afac86766d3d", - "managed": true, "references": [ { "id": "logs-*", @@ -69,8 +68,13 @@ "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" + }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" } ], "type": "search", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.5.0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b.json b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b.json index bd0d399f847..36925e57351 100644 --- a/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b.json +++ b/packages/proofpoint_on_demand/kibana/search/proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b.json @@ -56,9 +56,8 @@ "usesAdHocDataView": false }, "coreMigrationVersion": "8.8.0", - "created_at": "2024-07-04T10:28:46.096Z", + "created_at": "2025-12-31T06:56:31.975Z", "id": "proofpoint_on_demand-f73aa7a7-3a1d-41aa-b462-308dd0fb347b", - "managed": true, "references": [ { "id": "logs-*", @@ -69,8 +68,13 @@ "id": "logs-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", "type": "index-pattern" + }, + { + "id": "proofpoint_on_demand-security-solution-default", + "name": "tag-ref-security-solution-default", + "type": "tag" } ], "type": "search", - "typeMigrationVersion": "10.2.0" + "typeMigrationVersion": "10.5.0" } \ No newline at end of file diff --git a/packages/proofpoint_on_demand/kibana/tag/proofpoint_on_demand-security-solution-default.json b/packages/proofpoint_on_demand/kibana/tag/proofpoint_on_demand-security-solution-default.json new file mode 100644 index 00000000000..db613a75401 --- /dev/null +++ b/packages/proofpoint_on_demand/kibana/tag/proofpoint_on_demand-security-solution-default.json @@ -0,0 +1,13 @@ +{ + "attributes": { + "color": "#FEC514", + "description": "Tag defined in package-spec", + "name": "Security Solution" + }, + "coreMigrationVersion": "8.8.0", + "created_at": "2025-12-31T05:44:55.242Z", + "id": "proofpoint_on_demand-security-solution-default", + "references": [], + "type": "tag", + "typeMigrationVersion": "8.0.0" +} \ No newline at end of file diff --git a/packages/proofpoint_on_demand/manifest.yml b/packages/proofpoint_on_demand/manifest.yml index a3538470db8..e366ed25edf 100644 --- a/packages/proofpoint_on_demand/manifest.yml +++ b/packages/proofpoint_on_demand/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: proofpoint_on_demand title: Proofpoint On Demand -version: "1.7.0" +version: "1.8.0" description: Collect logs from Proofpoint On Demand with Elastic Agent. type: integration categories: