{ "annotations": { "list": [ { "builtIn": 1, "datasource": { "type": "datasource", "uid": "grafana" }, "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "target": { "limit": 100, "matchAny": false, "tags": [], "type": "dashboard" }, "type": "dashboard" } ] }, "description": "Deep Dive AWS Web Application Firewall Insights", "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, "id": 34, "links": [], "liveNow": false, "panels": [ { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "color": { "mode": "continuous-GrYlRd", "seriesBy": "last" }, "custom": { "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "Request count", "axisPlacement": "auto", "barAlignment": 0, "drawStyle": "line", "fillOpacity": 20, "gradientMode": "scheme", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, "lineInterpolation": "linear", "lineStyle": { "dash": [ 0, 10 ], "fill": "dot" }, "lineWidth": 3, "pointSize": 5, "scaleDistribution": { "type": "linear" }, "showPoints": "never", "spanNulls": true, "stacking": { "group": "A", "mode": "none" }, "thresholdsStyle": { "mode": "off" } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 24, "x": 0, "y": 0 }, "id": 123153, "options": { "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, "tooltip": { "mode": "single", "sort": "none" } }, "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "SELECT requests, CAST(time AS date) as \"time\" FROM \"timeseriesgraph\" order by time", "refId": "A", "table": "timeseriesgraph" } ], "title": "Traffic Trend by Date", "transparent": true, "type": "timeseries" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "color": { "mode": "continuous-BlYlRd" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 17, "w": 12, "x": 0, "y": 8 }, "id": 123145, "options": { "basemap": { "config": {}, "name": "Layer 0", "type": "default" }, "controls": { "mouseWheelZoom": true, "showAttribution": true, "showDebug": false, "showMeasure": false, "showScale": false, "showZoom": true }, "layers": [ { "config": { "showLegend": true, "style": { "color": { "field": "count", "fixed": "dark-green" }, "opacity": 0.4, "rotation": { "fixed": 0, "max": 360, "min": -360, "mode": "mod" }, "size": { "field": "count", "fixed": 5, "max": 15, "min": 4 }, "symbol": { "fixed": "img/icons/marker/circle.svg", "mode": "fixed" }, "text": { "field": "country", "fixed": "", "mode": "field" }, "textConfig": { "fontSize": 17, "offsetX": 25, "offsetY": 0, "textAlign": "center", "textBaseline": "middle" } } }, "location": { "lookup": "country", "mode": "lookup" }, "name": "Countries", "tooltip": true, "type": "markers" } ], "tooltip": { "mode": "details" }, "view": { "allLayers": true, "id": "zero", "lat": 0, "lon": 0, "shared": true, "zoom": 1 } }, "pluginVersion": "9.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "\nSELECT \n COUNT(httpRequest.country) as count, \n httpRequest.country \nFROM \"waflogs\" \ngroup by httpRequest.country ", "refId": "A", "table": "waflogs" } ], "title": "Request Map Across Countries", "type": "geomap" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "description": "", "fieldConfig": { "defaults": { "color": { "fixedColor": "purple", "mode": "palette-classic" }, "mappings": [], "max": 6, "min": 0, "thresholds": { "mode": "absolute", "steps": [ { "color": "purple", "value": null } ] } }, "overrides": [] }, "gridPos": { "h": 14, "w": 11, "x": 12, "y": 8 }, "id": 123127, "options": { "orientation": "auto", "reduceOptions": { "calcs": [], "fields": "", "values": true }, "showThresholdLabels": false, "showThresholdMarkers": false, "text": {} }, "pluginVersion": "9.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "hide": false, "rawSQL": "select count(*) as AllRequests\nfrom \"waflogs\"", "refId": "A", "table": "newjsons3_aws_waf_logs_firewall_manager_central" }, { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "hide": false, "rawSQL": "select count(*) as AllRequests, action\nfrom \"waflogs\" \ngroup by action", "refId": "B", "table": "waflogs" } ], "title": "Request Count by Action", "transparent": true, "type": "gauge" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 14, "w": 12, "x": 12, "y": 22 }, "id": 123143, "options": { "displayMode": "lcd", "minVizHeight": 10, "minVizWidth": 0, "orientation": "horizontal", "reduceOptions": { "calcs": [], "fields": "", "values": true }, "showUnfilled": true }, "pluginVersion": "9.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "select count(*) , httprequest.clientIp\nfrom \"waflogs\" \ngroup by httprequest.clientIp\n", "refId": "A", "table": "waflogs" } ], "title": "Request Count By IP", "type": "bargauge" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "color": { "mode": "continuous-BlPu" }, "custom": { "axisLabel": "", "axisPlacement": "auto", "axisSoftMin": 0, "fillOpacity": 80, "gradientMode": "none", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, "lineWidth": 1, "scaleDistribution": { "type": "linear" } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] }, "unit": "short" }, "overrides": [] }, "gridPos": { "h": 11, "w": 12, "x": 0, "y": 25 }, "id": 123141, "options": { "barRadius": 0.05, "barWidth": 0.59, "colorByField": "httpsourceid", "groupWidth": 0.7, "legend": { "calcs": [], "displayMode": "list", "placement": "right", "showLegend": false }, "orientation": "horizontal", "showValue": "never", "stacking": "none", "tooltip": { "mode": "single", "sort": "none" }, "xTickLabelMaxLength": 0, "xTickLabelRotation": 0, "xTickLabelSpacing": 0 }, "pluginVersion": "8.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "select count(*) , httpsourceid\nfrom \"waflogs\" \ngroup by httpsourceid\norder by count(*) desc", "refId": "A", "table": "waflogs" } ], "title": "Request Distribution by CloudFront ID", "type": "barchart" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "custom": { "align": "auto", "cellOptions": { "type": "color-text" }, "filterable": true }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 9, "w": 8, "x": 0, "y": 36 }, "id": 123147, "options": { "footer": { "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true }, "pluginVersion": "8.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "SELECT \n COUNT(httpRequest.uri) as count, \n httpRequest.uri \nFROM \"waflogs\" \nGROUP BY httpRequest.uri\nlimit 10;\n", "refId": "A", "table": "waflogs" } ], "title": "Top 10 URIs", "type": "table" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "custom": { "align": "auto", "cellOptions": { "type": "color-text" }, "filterable": true }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 9, "w": 4, "x": 8, "y": 36 }, "id": 123149, "options": { "footer": { "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true }, "pluginVersion": "8.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "SELECT \n COUNT(httpRequest.uri) as count, \n httpRequest.httpMethod \nFROM \"waflogs\" \nGROUP BY httpRequest.httpMethod\nlimit 10;\n", "refId": "A", "table": "waflogs" } ], "title": "Top HTTP Methods", "type": "table" }, { "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "fieldConfig": { "defaults": { "color": { "mode": "continuous-RdYlGr" }, "custom": { "axisLabel": "", "axisPlacement": "auto", "axisSoftMin": 0, "fillOpacity": 48, "gradientMode": "none", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, "lineWidth": 2, "scaleDistribution": { "type": "linear" } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 9, "w": 12, "x": 12, "y": 36 }, "id": 123155, "options": { "barRadius": 0, "barWidth": 0.97, "colorByField": "RuleCount", "groupWidth": 0.7, "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true }, "orientation": "vertical", "showValue": "never", "stacking": "none", "text": {}, "tooltip": { "mode": "single", "sort": "none" }, "xField": "terminatingruletype", "xTickLabelMaxLength": 0, "xTickLabelRotation": -15, "xTickLabelSpacing": 100 }, "pluginVersion": "8.4.7", "targets": [ { "connectionArgs": { "catalog": "__default", "database": "__default", "region": "__default" }, "datasource": { "type": "grafana-athena-datasource", "uid": "RA_RpEB4k" }, "format": 1, "rawSQL": "select count(*) as RuleCount , \"terminatingruletype\" from \"waflogs\" \ngroup by \"terminatingruletype\"", "refId": "A", "table": "waflogs" } ], "title": "Top 10 Terminating Rule Groups", "type": "barchart" } ], "refresh": "", "revision": 1, "schemaVersion": 38, "style": "dark", "tags": [], "templating": { "list": [] }, "time": { "from": "2023-03-15T18:30:00.000Z", "to": "2023-03-28T18:29:59.000Z" }, "timepicker": { "hidden": true, "refresh_intervals": [ "5s", "10s", "30s", "1m", "5m", "15m", "30m", "1h", "2h", "1d" ], "time_options": [ "5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d" ], "type": "timepicker" }, "timezone": "browser", "title": "AWS Web Application Firewall Insights", "uid": "exO6hEB4k", "version": 20, "weekStart": "" }