{ "annotations": { "list": [ { "builtIn": 1, "datasource": { "type": "grafana", "uid": "-- Grafana --" }, "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "type": "dashboard" } ] }, "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, "id": 1, "links": [], "panels": [ { "datasource": { "type": "grafana-clickhouse-datasource", "uid": "PDEE91DDB90597936" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", "axisPlacement": "auto", "fillOpacity": 80, "gradientMode": "none", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, "lineWidth": 1, "scaleDistribution": { "type": "linear" }, "thresholdsStyle": { "mode": "off" } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 18, "x": 0, "y": 0 }, "id": 5, "options": { "barRadius": 0, "barWidth": 0.9, "fullHighlight": false, "groupWidth": 0.7, "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true }, "orientation": "auto", "showValue": "never", "stacking": "normal", "tooltip": { "mode": "single", "sort": "none" }, "xField": "Port", "xTickLabelRotation": 0, "xTickLabelSpacing": 0 }, "pluginVersion": "11.3.1", "targets": [ { "editorType": "sql", "format": 1, "meta": { "builderOptions": { "columns": [], "database": "", "limit": 1000, "mode": "list", "queryType": "table", "table": "" } }, "pluginVersion": "4.5.1", "queryType": "table", "rawSql": "SELECT Port,\r\n src_bw/1024.0/1024.0 AS \"Source Port Bandwidth (MB)\",\r\n dst_bw/1024.0/1024.0 AS \"Destination Port Bandwidth (MB)\"\r\nFROM (\r\n SELECT src_port AS Port,\r\n SUM(pkt_len) AS src_bw\r\n FROM traffic_records_all\r\n GROUP BY src_port\r\n ORDER BY src_bw DESC\r\n LIMIT 40\r\n ) AS src\r\n INNER JOIN (\r\n SELECT dst_port AS Port,\r\n SUM(pkt_len) AS dst_bw\r\n FROM traffic_records_all\r\n GROUP BY dst_port\r\n ORDER BY dst_bw DESC\r\n LIMIT 40\r\n ) AS dst USING (Port)\r\nORDER BY (src_bw + dst_bw) DESC\r\nLIMIT 40;", "refId": "A" } ], "title": "Top ports (by bandwidth)", "type": "barchart" }, { "datasource": { "type": "grafana-clickhouse-datasource", "uid": "PDEE91DDB90597936" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 8, "w": 6, "x": 18, "y": 0 }, "id": 1, "options": { "displayLabels": [ "percent", "name" ], "legend": { "displayMode": "list", "placement": "bottom", "showLegend": true, "values": [ "percent" ] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "/^Protocol frequency$/", "values": true }, "tooltip": { "mode": "single", "sort": "none" } }, "pluginVersion": "11.3.1", "targets": [ { "datasource": { "type": "grafana-clickhouse-datasource", "uid": "PDEE91DDB90597936" }, "editorType": "sql", "format": 1, "meta": { "builderOptions": { "columns": [], "database": "", "limit": 1000, "mode": "list", "queryType": "table", "table": "" } }, "pluginVersion": "4.5.1", "queryType": "table", "rawSql": "SELECT\r\n l4_protocol as Protocol,\r\n COUNT(Protocol) as \"Protocol frequency\"\r\n FROM traffic_records_all\r\n GROUP BY Protocol", "refId": "A" } ], "title": "Distribution of L4 protocol (frequency)", "type": "piechart" }, { "datasource": { "type": "grafana-clickhouse-datasource", "uid": "PDEE91DDB90597936" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", "axisPlacement": "auto", "fillOpacity": 100, "gradientMode": "none", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, "lineWidth": 1, "scaleDistribution": { "type": "linear" }, "thresholdsStyle": { "mode": "off" } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 18, "x": 0, "y": 8 }, "id": 4, "options": { "barRadius": 0, "barWidth": 0.9, "fullHighlight": false, "groupWidth": 0.7, "legend": { "calcs": [], "displayMode": "list", "placement": "bottom", "showLegend": true }, "orientation": "auto", "showValue": "never", "stacking": "normal", "tooltip": { "mode": "single", "sort": "none" }, "xField": "Port", "xTickLabelRotation": 0, "xTickLabelSpacing": 0 }, "pluginVersion": "11.3.1", "targets": [ { "editorType": "sql", "format": 1, "meta": { "builderOptions": { "columns": [], "database": "", "limit": 1000, "mode": "list", "queryType": "table", "table": "" } }, "pluginVersion": "4.5.1", "queryType": "table", "rawSql": "SELECT \r\n Port, \r\n SourcePortCount AS \"Source port frequency\",\r\n DestPortCount AS \"Destination port frequency\"\r\nFROM\r\n(\r\n SELECT \r\n src_port AS Port, \r\n COUNT(*) AS SourcePortCount\r\n FROM traffic_records_all\r\n GROUP BY src_port\r\n ORDER BY SourcePortCount DESC\r\n LIMIT 40\r\n) AS src\r\nINNER JOIN\r\n(\r\n SELECT \r\n dst_port AS Port, \r\n COUNT(*) AS DestPortCount\r\n FROM traffic_records_all\r\n GROUP BY dst_port\r\n ORDER BY DestPortCount DESC\r\n LIMIT 40\r\n) AS dst\r\nUSING (Port)\r\nORDER BY (SourcePortCount + DestPortCount) DESC\r\nLIMIT 40;\r\n", "refId": "A" } ], "title": "Top ports (frequency)", "type": "barchart" }, { "datasource": { "type": "grafana-clickhouse-datasource", "uid": "PDEE91DDB90597936" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 8, "w": 6, "x": 18, "y": 8 }, "id": 6, "options": { "displayLabels": [ "percent", "name" ], "legend": { "displayMode": "list", "placement": "bottom", "showLegend": true, "values": [ "percent" ] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "/^Protocol bandwidth$/", "values": true }, "tooltip": { "mode": "single", "sort": "none" } }, "pluginVersion": "11.3.1", "targets": [ { "editorType": "sql", "format": 1, "meta": { "builderOptions": { "columns": [], "database": "", "limit": 1000, "mode": "list", "queryType": "table", "table": "" } }, "pluginVersion": "4.5.1", "queryType": "table", "rawSql": "SELECT\n l4_protocol as Protocol,\n SUM(pkt_len)/1024.0/1024.0 as \"Protocol bandwidth\"\n FROM traffic_records_all\n GROUP BY Protocol", "refId": "A" } ], "title": "Distribution of L4 protocol (bandwidth)", "type": "piechart" } ], "preload": false, "schemaVersion": 40, "tags": [], "templating": { "list": [] }, "time": { "from": "now-6h", "to": "now" }, "timepicker": {}, "timezone": "browser", "title": "Internet traffic capture analysis", "uid": "be59fkbp3zs3kc", "version": 1, "weekStart": "" }