{
"attributes": {
"description": "TLP of indicators ingested by the threat intel Filebeat module. Top 10 datasets.",
"kibanaSavedObjectMeta": {
"searchSourceJSON": {
"filter": [
{
"$state": {
"store": "appState"
},
"exists": {
"field": "threat.indicator.marking.tlp"
},
"meta": {
"alias": null,
"disabled": false,
"indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
"key": "threat.indicator.marking.tlp",
"negate": false,
"type": "exists",
"value": "exists"
}
}
],
"query": {
"language": "kuery",
"query": ""
}
}
},
"savedSearchRefName": "search_0",
"title": "Indicator TLP [Filebeat Threat Intel]",
"uiStateJSON": {
"vis": {
"colors": {
"green": "#7EB26D",
"white": "#E0F9D7"
}
}
},
"version": 1,
"visState": {
"aggs": [
{
"enabled": true,
"id": "1",
"params": {
"customLabel": ""
},
"schema": "metric",
"type": "count"
},
{
"enabled": true,
"id": "2",
"params": {
"customLabel": "Indicator Marking TLP",
"field": "threat.indicator.marking.tlp",
"missingBucket": false,
"missingBucketLabel": "Missing",
"order": "desc",
"orderBy": "1",
"otherBucket": false,
"otherBucketLabel": "Other",
"size": 10
},
"schema": "segment",
"type": "terms"
},
{
"enabled": true,
"id": "3",
"params": {
"field": "threat.indicator.marking.tlp",
"missingBucket": false,
"missingBucketLabel": "Missing",
"order": "desc",
"orderBy": "1",
"otherBucket": false,
"otherBucketLabel": "Other",
"size": 10
},
"schema": "group",
"type": "terms"
}
],
"params": {
"addLegend": true,
"addTimeMarker": false,
"addTooltip": true,
"categoryAxes": [
{
"id": "CategoryAxis-1",
"labels": {
"filter": true,
"show": true,
"truncate": 100
},
"position": "bottom",
"scale": {
"type": "linear"
},
"show": true,
"style": {},
"title": {},
"type": "category"
}
],
"detailedTooltip": true,
"grid": {
"categoryLines": false
},
"isVislibVis": true,
"labels": {
"show": true
},
"legendPosition": "right",
"palette": {
"name": "kibana_palette",
"type": "palette"
},
"seriesParams": [
{
"data": {
"id": "1",
"label": "Count"
},
"drawLinesBetweenPoints": true,
"lineWidth": 2,
"mode": "stacked",
"show": true,
"showCircles": true,
"type": "histogram",
"valueAxis": "ValueAxis-1"
}
],
"thresholdLine": {
"color": "#E7664C",
"show": false,
"style": "full",
"value": 10,
"width": 1
},
"times": [],
"type": "histogram",
"valueAxes": [
{
"id": "ValueAxis-1",
"labels": {
"filter": false,
"rotate": 0,
"show": true,
"truncate": 100
},
"name": "LeftAxis-1",
"position": "left",
"scale": {
"mode": "normal",
"type": "linear"
},
"show": true,
"style": {},
"title": {
"text": "Count"
},
"type": "value"
}
]
},
"title": "Indicator TLP [Filebeat Threat Intel]",
"type": "histogram"
}
},
"coreMigrationVersion": "8.0.0",
"id": "aebde030-72d2-11eb-a3e3-b3cc7c78a70f",
"migrationVersion": {
"visualization": "7.14.0"
},
"references": [
{
"id": "filebeat-*",
"name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
"type": "index-pattern"
},
{
"id": "6acbb070-72d0-11eb-a3e3-b3cc7c78a70f",
"name": "search_0",
"type": "search"
},
{
"id": "d6ef8f20-70a9-11eb-a3e3-b3cc7c78a70f",
"name": "tag-d6ef8f20-70a9-11eb-a3e3-b3cc7c78a70f",
"type": "tag"
}
],
"type": "visualization",
"updated_at": "2021-08-04T16:34:32.145Z",
"version": "WzQ2NTcsMV0="
}