You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spot.apache.org by na...@apache.org on 2017/09/26 16:18:41 UTC
[1/4] incubator-spot git commit: Add Apache Spot sample dashboards
and README
Repository: incubator-spot
Updated Branches:
refs/heads/SPOT-181_ODM 5f2515546 -> 016a5e4c9
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/46b77b9a/spot-oa/arcadia/spot_app.json
----------------------------------------------------------------------
diff --git a/spot-oa/arcadia/spot_app.json b/spot-oa/arcadia/spot_app.json
new file mode 100644
index 0000000..82fba12
--- /dev/null
+++ b/spot-oa/arcadia/spot_app.json
@@ -0,0 +1 @@
+{"appgroupmembership": [{"pk": 89, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 128, "imported_uuid": "ff1dba14-cfd8-43af-a1be-0e8bbcff70af", "appgroup_group": 8, "appgroup_order": 1.0, "uuid": "8091c8ca-b2eb-49aa-b154-421cc9b48495"}}, {"pk": 91, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 123, "imported_uuid": "d6c0506e-7c80-4c3b-b161-8e69bc719574", "appgroup_group": 10, "appgroup_order": 1.0, "uuid": "14c63aa5-31e9-4b25-abc2-fc862ce2ebc4"}}, {"pk": 92, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 131, "imported_uuid": "ab9b800e-c4d4-4ae4-b08f-3bb9f71114bb", "appgroup_group": 12, "appgroup_order": 0.25, "uuid": "3ab725d3-3c51-4a8a-a1b6-434e34335483"}}, {"pk": 93, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 127, "imported_uuid": "ccb26818-3139-4263-8bc0-f62a2801a6d1", "appgroup_group": 12, "appgroup_order": 0.125, "uuid": "e47b1e6b-1acd-4424-802e-2e8837f4e292"}}, {"pk": 94, "model": "re
ports.appgroupappmembership", "fields": {"appgroup_app": 130, "imported_uuid": "8db04848-9a6f-4e8a-9b82-aa205768dfcb", "appgroup_group": 13, "appgroup_order": 0.0625, "uuid": "a53c534d-04c3-4f5f-96b5-ec675eda09ee"}}, {"pk": 95, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 125, "imported_uuid": "987e3f68-b2bf-40d8-8e41-319120bd76c3", "appgroup_group": 13, "appgroup_order": 0.03125, "uuid": "2768ceed-e805-47ca-8f12-25e5f8570586"}}, {"pk": 96, "model": "reports.appgroupappmembership", "fields": {"appgroup_app": 132, "imported_uuid": null, "appgroup_group": 15, "appgroup_order": 1.0, "uuid": "436e671f-53d7-412a-9314-b966c6fc7da2"}}], "datasets": [{"pk": 16, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.user_context", "uuid": "177ae007-fc85-4b6b-ade8-aadbffb915cc", "imported_uuid": null, "dataset_description": "", "dataset_type": "singletable", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.user_context\",\
"columns\":[{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_time\"},{\"name\":\"user_created\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_created\"},{\"name\":\"user_changed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_changed\"},{\"name\":\"user_last_logon\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_last_logon\"},{\"name\":\"user_logon_count\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"user_logon_count\"},{\"name\":\"user_last_reset\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_last_reset\"},{\"name\":\"user_expiration\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_expiration\"},{\"name\":\"user_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_id\"},{\"name\":\"user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name\"},{\"name\":\"user_name_first\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_first\"},{\"name\":\"user_name_middle\",\"type\":\"STRING\",\"isdim\":true,\"alias
\":\"user_name_middle\"},{\"name\":\"user_name_last\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_last\"},{\"name\":\"user_name_mgr\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_mgr\"},{\"name\":\"user_phone\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_phone\"},{\"name\":\"user_email\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_email\"},{\"name\":\"user_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_code\"},{\"name\":\"user_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_loc\"},{\"name\":\"user_departm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_departm\"},{\"name\":\"user_dn\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_dn\"},{\"name\":\"user_ou\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_ou\"},{\"name\":\"user_empid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_empid\"},{\"name\":\"user_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_title\"},{\"name\":\"dvc_type\",\"t
ype\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_vendor\"},{\"name\":\"user_risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"user_risk\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_version\"},{\"name\":\"user_img\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_img\"}]}]", "cache_sequence": 0, "dataset_name": "User Context"}}, {"pk": 17, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.endpoint_context", "uuid": "161e8da9-0611-4fbd-847b-959b51783149", "imported_uuid": null, "dataset_description": "", "dataset_type": "singletable", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.endpoint_context\",\"columns\":[{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_time\"},{\"name\":\"end_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"end_ip4\"},{\"name\":\"end_ip6\",\"type\":\"BI
GINT\",\"isdim\":false,\"alias\":\"end_ip6\"},{\"name\":\"end_os\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os\"},{\"name\":\"end_os_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_version\"},{\"name\":\"end_os_sp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_sp\"},{\"name\":\"end_tz\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_tz\"},{\"name\":\"end_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_host\"},{\"name\":\"end_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_mac\"},{\"name\":\"end_owner\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_owner\"},{\"name\":\"end_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_loc\"},{\"name\":\"end_departm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_departm\"},{\"name\":\"end_company\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_company\"},{\"name\":\"end_criticality\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_criticality\"},{\"name\":\"end_des
c\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_desc\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_vendor\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_version\"},{\"name\":\"end_architecture\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_architecture\"},{\"name\":\"end_uuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_uuid\"},{\"name\":\"end_risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"end_risk\"},{\"name\":\"end_memtotal\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"end_memtotal\"},{\"name\":\"end_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_ip4_str\"},{\"name\":\"end_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_ip6_str\"}]}]", "cache_sequence": 0, "dataset_name": "Endpoint Context"}}, {"pk": 18, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.vulnerability
_context", "uuid": "75337310-827b-4dee-8682-155294d5661c", "imported_uuid": null, "dataset_description": "", "dataset_type": "singletable", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.vulnerability_context\",\"columns\":[{\"name\":\"vuln_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_id\"},{\"name\":\"vuln_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_title\"},{\"name\":\"vuln_description\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_description\"},{\"name\":\"vuln_solution\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_solution\"},{\"name\":\"vuln_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_type\"},{\"name\":\"vuln_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_category\"},{\"name\":\"vuln_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_severity\"},{\"name\":\"vuln_created\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"vuln_created\"},{\"name\":\"vuln_u
pdated\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"vuln_updated\"}]}]", "cache_sequence": 0, "dataset_name": "Vulnerability Context"}}, {"pk": 19, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.event", "uuid": "8d7bc279-6248-4f3a-a7ba-9a8a914de826", "imported_uuid": null, "dataset_description": "", "dataset_type": "singletable", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.event\",\"columns\":[{\"name\":\"event_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"event_time\"},{\"name\":\"\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"event_hour\",\"expr\":\"from_unixtime([event_time],'yyyy-MM-dd HH')\",\"basecol\":\"event_time\",\"hidden\":false,\"ispartition\":false,\"dflagg\":\"sum\",\"geotype\":\"none\",\"comment\":\"\",\"ispart\":false,\"exprhasagg\":false},{\"name\":\"duration\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"duration\"},{\"name\":\"event_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"e
vent_id\"},{\"name\":\"name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"name\"},{\"name\":\"org\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"org\"},{\"name\":\"type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"type\"},{\"name\":\"n_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"n_proto\"},{\"name\":\"a_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"a_proto\"},{\"name\":\"msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"msg\"},{\"name\":\"mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"mac\"},{\"name\":\"severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"severity\"},{\"name\":\"raw\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"raw\"},{\"name\":\"risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"risk\"},{\"name\":\"code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"code\"},{\"name\":\"category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"category\"},{\"name\":\"query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"query\"},{\
"name\":\"service\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"service\"},{\"name\":\"state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"state\"},{\"name\":\"in_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"in_bytes\"},{\"name\":\"out_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"out_bytes\"},{\"name\":\"xref\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"xref\"},{\"name\":\"version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"version\"},{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_time\"},{\"name\":\"dvc_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip4\"},{\"name\":\"dvc_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip6\"},{\"name\":\"dvc_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_host\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_vendor\"},{\"name\":\"dvc_fwd_ip4\",\"type
\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip4\"},{\"name\":\"dvc_fwd_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip6\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_version\"},{\"name\":\"src_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip4\"},{\"name\":\"src_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip6\"},{\"name\":\"src_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_host\"},{\"name\":\"src_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_domain\"},{\"name\":\"src_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_port\"},{\"name\":\"src_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_code\"},{\"name\":\"src_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_name\"},{\"name\":\"src_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_region\"},{\"name\":\"src_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"s
rc_city\"},{\"name\":\"src_lat\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_lat\"},{\"name\":\"src_long\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_long\"},{\"name\":\"dst_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip4\"},{\"name\":\"dst_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip6\"},{\"name\":\"dst_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_host\"},{\"name\":\"dst_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_domain\"},{\"name\":\"dst_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_port\"},{\"name\":\"dst_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_code\"},{\"name\":\"dst_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_name\"},{\"name\":\"dst_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_region\"},{\"name\":\"dst_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_city\"},{\"name\":\"dst_lat\",\"type\":\"INT\",\"isdim\":false
,\"alias\":\"dst_lat\"},{\"name\":\"dst_long\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_long\"},{\"name\":\"src_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_asn\"},{\"name\":\"dst_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_asn\"},{\"name\":\"net_direction\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_direction\"},{\"name\":\"net_flags\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_flags\"},{\"name\":\"file_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_name\"},{\"name\":\"file_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_path\"},{\"name\":\"file_atime\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"file_atime\"},{\"name\":\"file_acls\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_acls\"},{\"name\":\"file_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_type\"},{\"name\":\"file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"file_size\"},{\"name\":\"file_desc\",\"type\":\"STRING\",\"isdim\":tr
ue,\"alias\":\"file_desc\"},{\"name\":\"file_hash\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_hash\"},{\"name\":\"file_hash_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_hash_type\"},{\"name\":\"end_object\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_object\"},{\"name\":\"end_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_action\"},{\"name\":\"end_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_msg\"},{\"name\":\"end_app\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_app\"},{\"name\":\"end_location\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_location\"},{\"name\":\"end_proc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_proc\"},{\"name\":\"user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name\"},{\"name\":\"src_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_user_name\"},{\"name\":\"dst_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_user_name\"},{\"name\":\"user_em
ail\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_email\"},{\"name\":\"user_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_id\"},{\"name\":\"user_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_loc\"},{\"name\":\"user_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_desc\"},{\"name\":\"dns_class\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_class\"},{\"name\":\"dns_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_len\"},{\"name\":\"dns_query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_query\"},{\"name\":\"dns_response_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_response_code\"},{\"name\":\"dns_answers\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_answers\"},{\"name\":\"dns_type\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_type\"},{\"name\":\"prx_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_category\"},{\"name\":\"prx_browser\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_bro
wser\"},{\"name\":\"prx_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_code\"},{\"name\":\"prx_referrer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_referrer\"},{\"name\":\"prx_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_host\"},{\"name\":\"prx_filter_rule\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_rule\"},{\"name\":\"prx_filter_result\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_result\"},{\"name\":\"prx_query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_query\"},{\"name\":\"prx_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_action\"},{\"name\":\"prx_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_method\"},{\"name\":\"prx_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_type\"},{\"name\":\"http_request_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_method\"},{\"name\":\"http_request_uri\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_uri\"}
,{\"name\":\"http_request_body_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_request_body_len\"},{\"name\":\"http_request_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_user_name\"},{\"name\":\"http_request_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_password\"},{\"name\":\"http_request_proxied\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_proxied\"},{\"name\":\"http_response_status_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_status_code\"},{\"name\":\"http_response_status_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_status_msg\"},{\"name\":\"http_response_body_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_body_len\"},{\"name\":\"http_response_info_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_info_code\"},{\"name\":\"http_response_info_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_info_msg\"},{\"name\":
\"http_response_resp_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_resp_fuids\"},{\"name\":\"http_response_mime_types\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_mime_types\"},{\"name\":\"smtp_trans_depth\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"smtp_trans_depth\"},{\"name\":\"smtp_headers_helo\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_helo\"},{\"name\":\"smtp_headers_mailfrom\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_mailfrom\"},{\"name\":\"smtp_headers_rcptto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_rcptto\"},{\"name\":\"smtp_headers_date\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_date\"},{\"name\":\"smtp_headers_from\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_from\"},{\"name\":\"smtp_headers_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_to\"},{\"name\":\"smtp_headers_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"al
ias\":\"smtp_headers_reply_to\"},{\"name\":\"smtp_headers_msg_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_msg_id\"},{\"name\":\"smtp_headers_in_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_in_reply_to\"},{\"name\":\"smtp_headers_x_originating_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"smtp_headers_x_originating_ip4\"},{\"name\":\"smtp_headers_first_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_first_received\"},{\"name\":\"smtp_headers_second_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_second_received\"},{\"name\":\"smtp_last_reply\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_last_reply\"},{\"name\":\"smtp_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_path\"},{\"name\":\"smtp_user_agent\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_user_agent\"},{\"name\":\"smtp_tls\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"smtp_tls\"},{\"name\":\"smtp_i
s_webmail\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"smtp_is_webmail\"},{\"name\":\"ftp_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_user_name\"},{\"name\":\"ftp_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_password\"},{\"name\":\"ftp_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_command\"},{\"name\":\"ftp_arg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_arg\"},{\"name\":\"ftp_mime_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_mime_type\"},{\"name\":\"ftp_file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_file_size\"},{\"name\":\"ftp_reply_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_reply_code\"},{\"name\":\"ftp_reply_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_reply_msg\"},{\"name\":\"ftp_data_channel_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_data_channel_passive\"},{\"name\":\"ftp_data_channel_rsp_p\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp
_data_channel_rsp_p\"},{\"name\":\"ftp_cwd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cwd\"},{\"name\":\"ftp_cmdarg_ts\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_ts\"},{\"name\":\"ftp_cmdarg_cmd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_cmd\"},{\"name\":\"ftp_cmdarg_arg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_arg\"},{\"name\":\"ftp_cmdarg_seq\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_seq\"},{\"name\":\"ftp_pending_commands\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_pending_commands\"},{\"name\":\"ftp_is_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_is_passive\"},{\"name\":\"ftp_fuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_fuid\"},{\"name\":\"ftp_last_auth_requested\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_last_auth_requested\"},{\"name\":\"snmp_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_version\"},{\"name\":\"snmp_community\",\"type\"
:\"STRING\",\"isdim\":true,\"alias\":\"snmp_community\"},{\"name\":\"snmp_get_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_requests\"},{\"name\":\"snmp_get_bulk_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_bulk_requests\"},{\"name\":\"snmp_get_responses\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_responses\"},{\"name\":\"snmp_set_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_set_requests\"},{\"name\":\"snmp_display_string\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_display_string\"},{\"name\":\"snmp_up_since\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"snmp_up_since\"},{\"name\":\"tls_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_version\"},{\"name\":\"tls_cipher\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cipher\"},{\"name\":\"tls_curve\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_curve\"},{\"name\":\"tls_server_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_s
erver_name\"},{\"name\":\"tls_resumed\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_resumed\"},{\"name\":\"tls_next_protocol\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_next_protocol\"},{\"name\":\"tls_established\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_established\"},{\"name\":\"tls_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cert_chain_fuids\"},{\"name\":\"tls_client_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_client_cert_chain_fuids\"},{\"name\":\"tls_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_subject\"},{\"name\":\"tls_issuer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_issuer\"},{\"name\":\"ssh_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_version\"},{\"name\":\"ssh_auth_success\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ssh_auth_success\"},{\"name\":\"ssh_client\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_client\"},{\"name\":\"ssh_server\"
,\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_server\"},{\"name\":\"ssh_cipher_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_cipher_algorithm\"},{\"name\":\"ssh_mac_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_mac_algorithm\"},{\"name\":\"ssh_compression_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_compression_algorithm\"},{\"name\":\"ssh_key_exchange_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_key_exchange_algorithm\"},{\"name\":\"ssh_host_key_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_host_key_algorithm\"},{\"name\":\"dhcp_assigned_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dhcp_assigned_ip4\"},{\"name\":\"dhcp_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_mac\"},{\"name\":\"dhcp_lease_time\",\"type\":\"DOUBLE\",\"isdim\":false,\"alias\":\"dhcp_lease_time\"},{\"name\":\"irc_user\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_user\"},{\"name\":\"irc_nicknam
e\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_nickname\"},{\"name\":\"irc_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_command\"},{\"name\":\"irc_value\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_value\"},{\"name\":\"irc_additional_data\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_additional_data\"},{\"name\":\"flow_in_packets\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"flow_in_packets\"},{\"name\":\"flow_out_packets\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"flow_out_packets\"},{\"name\":\"flow_conn_state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_conn_state\"},{\"name\":\"flow_history\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_history\"},{\"name\":\"flow_src_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_src_dscp\"},{\"name\":\"flow_dst_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_dst_dscp\"},{\"name\":\"flow_input\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_input\"},{\"name\
":\"flow_output\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_output\"},{\"name\":\"vuln_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_id\"},{\"name\":\"vuln_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_title\"},{\"name\":\"vuln_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_type\"},{\"name\":\"vuln_status\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_status\"},{\"name\":\"vuln_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_severity\"},{\"name\":\"p_dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_vendor\",\"ispart\":true},{\"name\":\"p_dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_type\",\"ispart\":true},{\"name\":\"p_dt\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dt\",\"ispart\":true},{\"name\":\"smtp_headers_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_subject\"},{\"name\":\"dvc_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_ip4_st
r\"},{\"name\":\"dvc_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_ip6_str\"},{\"name\":\"dvc_fwd_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip4_str\"},{\"name\":\"dvc_fwd_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip6_str\"},{\"name\":\"src_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip4_str\"},{\"name\":\"src_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip6_str\"},{\"name\":\"dst_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_ip4_str\"},{\"name\":\"dst_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_ip6_str\"},{\"name\":\"smtp_headers_x_originating_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_x_originating_ip4_str\"},{\"name\":\"dhcp_assigned_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_assigned_ip4_str\"}]}]", "cache_sequence": 0, "dataset_name": "Event"}}, {"pk": 20, "model": "datasets.dataset", "fields": {"dataset_detai
l": "spot.event", "uuid": "a317a728-6b7a-4ea4-bd3f-e8a65c94e70a", "imported_uuid": null, "dataset_description": "", "dataset_type": "multipletables", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.event\",\"columns\":[{\"name\":\"event_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"event_time\"},{\"name\":\"duration\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"duration\"},{\"name\":\"event_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"event_id\"},{\"name\":\"name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"name\"},{\"name\":\"org\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"org\"},{\"name\":\"type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"type\"},{\"name\":\"n_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"n_proto\"},{\"name\":\"a_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"a_proto\"},{\"name\":\"msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"msg\"},{\"name\":\"mac\",\"type\":\"STRING\
",\"isdim\":true,\"alias\":\"mac\"},{\"name\":\"severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"severity\"},{\"name\":\"raw\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"raw\"},{\"name\":\"risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"risk\"},{\"name\":\"code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"code\"},{\"name\":\"category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"category\"},{\"name\":\"query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"query\"},{\"name\":\"service\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"service\"},{\"name\":\"state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"state\"},{\"name\":\"in_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"in_bytes\"},{\"name\":\"out_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"out_bytes\"},{\"name\":\"xref\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"xref\"},{\"name\":\"version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"version\"},{\"name\":\"dvc_time\",\"type
\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_time\"},{\"name\":\"dvc_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip4\"},{\"name\":\"dvc_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip6\"},{\"name\":\"dvc_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_host\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_vendor\"},{\"name\":\"dvc_fwd_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip4\"},{\"name\":\"dvc_fwd_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip6\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_version\"},{\"name\":\"src_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip4\"},{\"name\":\"src_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip6\"},{\"name\":\"src_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_host\"},{\"name\":\"src_domai
n\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_domain\"},{\"name\":\"src_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_port\"},{\"name\":\"src_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_code\"},{\"name\":\"src_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_name\"},{\"name\":\"src_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_region\"},{\"name\":\"src_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_city\"},{\"name\":\"src_lat\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_lat\"},{\"name\":\"src_long\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_long\"},{\"name\":\"dst_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip4\"},{\"name\":\"dst_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip6\"},{\"name\":\"dst_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_host\"},{\"name\":\"dst_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_domain\"},
{\"name\":\"dst_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_port\"},{\"name\":\"dst_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_code\"},{\"name\":\"dst_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_name\"},{\"name\":\"dst_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_region\"},{\"name\":\"dst_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_city\"},{\"name\":\"dst_lat\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_lat\"},{\"name\":\"dst_long\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_long\"},{\"name\":\"src_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_asn\"},{\"name\":\"dst_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_asn\"},{\"name\":\"net_direction\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_direction\"},{\"name\":\"net_flags\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_flags\"},{\"name\":\"file_name\",\"type\":\"STRING\",\"isdim\":true,\"al
ias\":\"file_name\"},{\"name\":\"file_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_path\"},{\"name\":\"file_atime\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"file_atime\"},{\"name\":\"file_acls\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_acls\"},{\"name\":\"file_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_type\"},{\"name\":\"file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"file_size\"},{\"name\":\"file_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_desc\"},{\"name\":\"file_hash\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_hash\"},{\"name\":\"file_hash_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_hash_type\"},{\"name\":\"end_object\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_object\"},{\"name\":\"end_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_action\"},{\"name\":\"end_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_msg\"},{\"name\":\"end_app\",\"type\":\"STRING\"
,\"isdim\":true,\"alias\":\"end_app\"},{\"name\":\"end_location\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_location\"},{\"name\":\"end_proc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_proc\"},{\"name\":\"user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name\"},{\"name\":\"src_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_user_name\"},{\"name\":\"dst_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_user_name\"},{\"name\":\"user_email\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_email\"},{\"name\":\"user_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_id\"},{\"name\":\"user_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_loc\"},{\"name\":\"user_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_desc\"},{\"name\":\"dns_class\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_class\"},{\"name\":\"dns_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_len\"},{\"name\":\"dns_query\",
\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_query\"},{\"name\":\"dns_response_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_response_code\"},{\"name\":\"dns_answers\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_answers\"},{\"name\":\"dns_type\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_type\"},{\"name\":\"prx_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_category\"},{\"name\":\"prx_browser\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_browser\"},{\"name\":\"prx_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_code\"},{\"name\":\"prx_referrer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_referrer\"},{\"name\":\"prx_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_host\"},{\"name\":\"prx_filter_rule\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_rule\"},{\"name\":\"prx_filter_result\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_result\"},{\"name\":\"prx_query\",\"type\":\"STRING
\",\"isdim\":true,\"alias\":\"prx_query\"},{\"name\":\"prx_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_action\"},{\"name\":\"prx_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_method\"},{\"name\":\"prx_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_type\"},{\"name\":\"http_request_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_method\"},{\"name\":\"http_request_uri\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_uri\"},{\"name\":\"http_request_body_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_request_body_len\"},{\"name\":\"http_request_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_user_name\"},{\"name\":\"http_request_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_password\"},{\"name\":\"http_request_proxied\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_proxied\"},{\"name\":\"http_response_status_code\",\"type\":\"INT\",\"isdim\":f
alse,\"alias\":\"http_response_status_code\"},{\"name\":\"http_response_status_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_status_msg\"},{\"name\":\"http_response_body_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_body_len\"},{\"name\":\"http_response_info_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_info_code\"},{\"name\":\"http_response_info_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_info_msg\"},{\"name\":\"http_response_resp_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_resp_fuids\"},{\"name\":\"http_response_mime_types\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_mime_types\"},{\"name\":\"smtp_trans_depth\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"smtp_trans_depth\"},{\"name\":\"smtp_headers_helo\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_helo\"},{\"name\":\"smtp_headers_mailfrom\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"sm
tp_headers_mailfrom\"},{\"name\":\"smtp_headers_rcptto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_rcptto\"},{\"name\":\"smtp_headers_date\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_date\"},{\"name\":\"smtp_headers_from\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_from\"},{\"name\":\"smtp_headers_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_to\"},{\"name\":\"smtp_headers_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_reply_to\"},{\"name\":\"smtp_headers_msg_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_msg_id\"},{\"name\":\"smtp_headers_in_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_in_reply_to\"},{\"name\":\"smtp_headers_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_subject\"},{\"name\":\"smtp_headers_x_originating_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"smtp_headers_x_originating_ip4\"},{\"name\":\"smt
p_headers_first_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_first_received\"},{\"name\":\"smtp_headers_second_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_second_received\"},{\"name\":\"smtp_last_reply\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_last_reply\"},{\"name\":\"smtp_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_path\"},{\"name\":\"smtp_user_agent\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_user_agent\"},{\"name\":\"smtp_tls\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"smtp_tls\"},{\"name\":\"smtp_is_webmail\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"smtp_is_webmail\"},{\"name\":\"ftp_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_user_name\"},{\"name\":\"ftp_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_password\"},{\"name\":\"ftp_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_command\"},{\"name\":\"ftp_arg\",\"type\":\"STRING\",\"
isdim\":true,\"alias\":\"ftp_arg\"},{\"name\":\"ftp_mime_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_mime_type\"},{\"name\":\"ftp_file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_file_size\"},{\"name\":\"ftp_reply_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_reply_code\"},{\"name\":\"ftp_reply_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_reply_msg\"},{\"name\":\"ftp_data_channel_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_data_channel_passive\"},{\"name\":\"ftp_data_channel_rsp_p\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_data_channel_rsp_p\"},{\"name\":\"ftp_cwd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cwd\"},{\"name\":\"ftp_cmdarg_ts\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_ts\"},{\"name\":\"ftp_cmdarg_cmd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_cmd\"},{\"name\":\"ftp_cmdarg_arg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_arg\"},{\"name\":
\"ftp_cmdarg_seq\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_seq\"},{\"name\":\"ftp_pending_commands\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_pending_commands\"},{\"name\":\"ftp_is_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_is_passive\"},{\"name\":\"ftp_fuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_fuid\"},{\"name\":\"ftp_last_auth_requested\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_last_auth_requested\"},{\"name\":\"snmp_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_version\"},{\"name\":\"snmp_community\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_community\"},{\"name\":\"snmp_get_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_requests\"},{\"name\":\"snmp_get_bulk_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_bulk_requests\"},{\"name\":\"snmp_get_responses\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_responses\"},{\"name\":\"snmp_set_requests\
",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_set_requests\"},{\"name\":\"snmp_display_string\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_display_string\"},{\"name\":\"snmp_up_since\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"snmp_up_since\"},{\"name\":\"tls_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_version\"},{\"name\":\"tls_cipher\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cipher\"},{\"name\":\"tls_curve\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_curve\"},{\"name\":\"tls_server_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_server_name\"},{\"name\":\"tls_resumed\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_resumed\"},{\"name\":\"tls_next_protocol\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_next_protocol\"},{\"name\":\"tls_established\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_established\"},{\"name\":\"tls_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cert_ch
ain_fuids\"},{\"name\":\"tls_client_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_client_cert_chain_fuids\"},{\"name\":\"tls_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_subject\"},{\"name\":\"tls_issuer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_issuer\"},{\"name\":\"ssh_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_version\"},{\"name\":\"ssh_auth_success\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ssh_auth_success\"},{\"name\":\"ssh_client\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_client\"},{\"name\":\"ssh_server\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_server\"},{\"name\":\"ssh_cipher_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_cipher_algorithm\"},{\"name\":\"ssh_mac_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_mac_algorithm\"},{\"name\":\"ssh_compression_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_compression_algorithm\"},{\"name\"
:\"ssh_key_exchange_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_key_exchange_algorithm\"},{\"name\":\"ssh_host_key_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_host_key_algorithm\"},{\"name\":\"dhcp_assigned_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dhcp_assigned_ip4\"},{\"name\":\"dhcp_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_mac\"},{\"name\":\"dhcp_lease_time\",\"type\":\"DOUBLE\",\"isdim\":false,\"alias\":\"dhcp_lease_time\"},{\"name\":\"irc_user\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_user\"},{\"name\":\"irc_nickname\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_nickname\"},{\"name\":\"irc_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_command\"},{\"name\":\"irc_value\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_value\"},{\"name\":\"irc_additional_data\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_additional_data\"},{\"name\":\"flow_in_packets\",\"type\":\"INT\",\"i
sdim\":false,\"alias\":\"flow_in_packets\"},{\"name\":\"flow_out_packets\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"flow_out_packets\"},{\"name\":\"flow_conn_state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_conn_state\"},{\"name\":\"flow_history\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_history\"},{\"name\":\"flow_src_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_src_dscp\"},{\"name\":\"flow_dst_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_dst_dscp\"},{\"name\":\"flow_input\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_input\"},{\"name\":\"flow_output\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_output\"},{\"name\":\"vuln_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_id\"},{\"name\":\"vuln_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_title\"},{\"name\":\"vuln_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_type\"},{\"name\":\"vuln_status\",\"type\":\"STRING\",\"isdim\":true,\"
alias\":\"vuln_status\"},{\"name\":\"vuln_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_severity\"},{\"name\":\"p_dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_vendor\",\"ispart\":true},{\"name\":\"p_dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_type\",\"ispart\":true},{\"name\":\"p_dt\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dt\",\"ispart\":true},{\"name\":\"dvc_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_ip4_str\"},{\"name\":\"dvc_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_ip6_str\"},{\"name\":\"dvc_fwd_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip4_str\"},{\"name\":\"dvc_fwd_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip6_str\"},{\"name\":\"src_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip4_str\"},{\"name\":\"src_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip6_str\"},{\"name\":\"dst_ip4_str\",\"type\":\"S
TRING\",\"isdim\":true,\"alias\":\"dst_ip4_str\"},{\"name\":\"dst_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_ip6_str\"},{\"name\":\"smtp_headers_x_originating_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_x_originating_ip4_str\"},{\"name\":\"dhcp_assigned_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_assigned_ip4_str\"}]},{\"tablename\":\"spot.user_context\",\"parent_tablename\":\"spot.event\",\"join_pairs\":[[\"user_name\",\"user_name\"]],\"join_exprs\":[],\"join_type\":\"inner join\",\"columns\":[{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_context dvc_time\"},{\"name\":\"user_created\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_created\"},{\"name\":\"user_changed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_changed\"},{\"name\":\"user_last_logon\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_last_logon\"},{\"name\":\"user_logon_count\",\"type\":\"INT\",\"isdim\":fa
lse,\"alias\":\"user_logon_count\"},{\"name\":\"user_last_reset\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_last_reset\"},{\"name\":\"user_expiration\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"user_expiration\"},{\"name\":\"user_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context user_id\"},{\"name\":\"user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context user_name\"},{\"name\":\"user_name_first\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_first\"},{\"name\":\"user_name_middle\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_middle\"},{\"name\":\"user_name_last\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_last\"},{\"name\":\"user_name_mgr\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name_mgr\"},{\"name\":\"user_phone\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_phone\"},{\"name\":\"user_email\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context user_email\"},{\"name\":\"
user_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_code\"},{\"name\":\"user_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context user_loc\"},{\"name\":\"user_departm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_departm\"},{\"name\":\"user_dn\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_dn\"},{\"name\":\"user_ou\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_ou\"},{\"name\":\"user_empid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_empid\"},{\"name\":\"user_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_title\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context dvc_vendor\"},{\"name\":\"user_risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"user_risk\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_context dvc_version\"},{\"name\":\"user_img\",\"type
\":\"STRING\",\"isdim\":true,\"alias\":\"user_img\"}]},{\"tablename\":\"spot.endpoint_context\",\"parent_tablename\":\"spot.event\",\"join_pairs\":[[\"src_ip4_str\",\"end_ip4_str\"]],\"join_exprs\":[],\"join_type\":\"inner join\",\"columns\":[{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"endpoint_context dvc_time\"},{\"name\":\"end_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"end_ip4\"},{\"name\":\"end_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"end_ip6\"},{\"name\":\"end_os\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os\"},{\"name\":\"end_os_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_version\"},{\"name\":\"end_os_sp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_sp\"},{\"name\":\"end_tz\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_tz\"},{\"name\":\"end_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_host\"},{\"name\":\"end_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_mac
\"},{\"name\":\"end_owner\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_owner\"},{\"name\":\"end_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_loc\"},{\"name\":\"end_departm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_departm\"},{\"name\":\"end_company\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_company\"},{\"name\":\"end_criticality\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_criticality\"},{\"name\":\"end_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_desc\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_vendor\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_version\"},{\"name\":\"end_architecture\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_architecture\"},{\"name\":\"end_uuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"
end_uuid\"},{\"name\":\"end_risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"end_risk\"},{\"name\":\"end_memtotal\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"end_memtotal\"},{\"name\":\"end_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_ip4_str\"},{\"name\":\"end_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_ip6_str\"}]},{\"tablename\":\"spot.threat_intelligence_context\",\"parent_tablename\":\"spot.event\",\"join_pairs\":[[\"src_ip4_str\",\"ti_indicator_hostname\"]],\"join_exprs\":[],\"join_type\":\"inner join\",\"columns\":[{\"name\":\"ti_source\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_source\"},{\"name\":\"ti_provider_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_provider_id\"},{\"name\":\"ti_indicator_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_id\"},{\"name\":\"ti_indicator_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_desc\"},{\"name\":\"ti_date_added\",\"type\":\"BIGINT\",\"isdi
m\":false,\"alias\":\"ti_date_added\"},{\"name\":\"ti_date_modified\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_date_modified\"},{\"name\":\"ti_risk_impact\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_risk_impact\"},{\"name\":\"ti_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_severity\"},{\"name\":\"ti_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_category\"},{\"name\":\"ti_campaign_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_campaign_name\"},{\"name\":\"ti_associated_incidents\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_associated_incidents\"},{\"name\":\"ti_adversarial_identification_group\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_adversarial_identification_group\"},{\"name\":\"ti_adversarial_identification_tactics\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_adversarial_identification_tactics\"},{\"name\":\"ti_adversarial_identification_reports\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_a
dversarial_identification_reports\"},{\"name\":\"ti_phase\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_phase\"},{\"name\":\"ti_indicator_cve\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_cve\"},{\"name\":\"ti_indicator_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_domain\"},{\"name\":\"ti_indicator_hostname\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_hostname\"},{\"name\":\"ti_indicator_file_hash\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_hash\"},{\"name\":\"ti_indicator_file_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_path\"},{\"name\":\"ti_indicator_mutex\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_mutex\"},{\"name\":\"ti_indicator_md5\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_md5\"},{\"name\":\"ti_indicator_sha1\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_sha1\"},{\"name\":\"ti_indicator_sha256\",\"type\":\"STR
ING\",\"isdim\":true,\"alias\":\"ti_indicator_sha256\"},{\"name\":\"ti_indicator_device_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_device_path\"},{\"name\":\"ti_indicator_drive\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_drive\"},{\"name\":\"ti_indicator_file_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_name\"},{\"name\":\"ti_indicator_file_extension\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_extension\"},{\"name\":\"ti_indicator_file_size\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_size\"},{\"name\":\"ti_indicator_file_created\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_created\"},{\"name\":\"ti_indicator_file_accessed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_accessed\"},{\"name\":\"ti_indicator_file_changed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_changed\"},{\"name\":\"ti_indicator_file_en
tropy\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_entropy\"},{\"name\":\"ti_indicator_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_user_name\"},{\"name\":\"ti_indicator_security_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_security_id\"}]}]", "cache_sequence": 0, "dataset_name": "Event User (Join)"}}, {"pk": 21, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.event", "uuid": "e8060682-6b6d-4ea8-aea1-bde667dbe8c7", "imported_uuid": null, "dataset_description": "", "dataset_type": "multipletables", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.event\",\"columns\":[{\"name\":\"event_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"event_time\"},{\"name\":\"duration\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"duration\"},{\"name\":\"event_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"event_id\"},{\"name\":\"name\",\"type\":\"STRING\",\"isdim\":t
rue,\"alias\":\"name\"},{\"name\":\"org\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"org\"},{\"name\":\"type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"type\"},{\"name\":\"n_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"n_proto\"},{\"name\":\"a_proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"a_proto\"},{\"name\":\"msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"msg\"},{\"name\":\"mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"mac\"},{\"name\":\"severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"severity\"},{\"name\":\"raw\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"raw\"},{\"name\":\"risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"risk\"},{\"name\":\"code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"code\"},{\"name\":\"category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"category\"},{\"name\":\"query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"query\"},{\"name\":\"service\",\"type\":\"STRING\",\"isdim\":true,\"alia
s\":\"service\"},{\"name\":\"state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"state\"},{\"name\":\"in_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"in_bytes\"},{\"name\":\"out_bytes\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"out_bytes\"},{\"name\":\"xref\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"xref\"},{\"name\":\"version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"version\"},{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_time\"},{\"name\":\"dvc_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip4\"},{\"name\":\"dvc_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_ip6\"},{\"name\":\"dvc_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_host\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_vendor\"},{\"name\":\"dvc_fwd_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip4\"},{\"n
ame\":\"dvc_fwd_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dvc_fwd_ip6\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_version\"},{\"name\":\"src_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip4\"},{\"name\":\"src_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"src_ip6\"},{\"name\":\"src_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_host\"},{\"name\":\"src_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_domain\"},{\"name\":\"src_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_port\"},{\"name\":\"src_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_code\"},{\"name\":\"src_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_country_name\"},{\"name\":\"src_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_region\"},{\"name\":\"src_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_city\"},{\"name\":\"src_lat\",\"type\":\"INT\",\"isdim\":f
alse,\"alias\":\"src_lat\"},{\"name\":\"src_long\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_long\"},{\"name\":\"dst_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip4\"},{\"name\":\"dst_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dst_ip6\"},{\"name\":\"dst_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_host\"},{\"name\":\"dst_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_domain\"},{\"name\":\"dst_port\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_port\"},{\"name\":\"dst_country_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_code\"},{\"name\":\"dst_country_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_country_name\"},{\"name\":\"dst_region\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_region\"},{\"name\":\"dst_city\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_city\"},{\"name\":\"dst_lat\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_lat\"},{\"name\":\"dst_long\",\"type\":\"INT
\",\"isdim\":false,\"alias\":\"dst_long\"},{\"name\":\"src_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"src_asn\"},{\"name\":\"dst_asn\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dst_asn\"},{\"name\":\"net_direction\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_direction\"},{\"name\":\"net_flags\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"net_flags\"},{\"name\":\"file_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_name\"},{\"name\":\"file_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_path\"},{\"name\":\"file_atime\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"file_atime\"},{\"name\":\"file_acls\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_acls\"},{\"name\":\"file_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_type\"},{\"name\":\"file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"file_size\"},{\"name\":\"file_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_desc\"},{\"name\":\"file_hash\",\"type\":
\"STRING\",\"isdim\":true,\"alias\":\"file_hash\"},{\"name\":\"file_hash_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"file_hash_type\"},{\"name\":\"end_object\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_object\"},{\"name\":\"end_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_action\"},{\"name\":\"end_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_msg\"},{\"name\":\"end_app\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_app\"},{\"name\":\"end_location\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_location\"},{\"name\":\"end_proc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_proc\"},{\"name\":\"user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_name\"},{\"name\":\"src_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_user_name\"},{\"name\":\"dst_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_user_name\"},{\"name\":\"user_email\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_ema
il\"},{\"name\":\"user_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_id\"},{\"name\":\"user_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_loc\"},{\"name\":\"user_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"user_desc\"},{\"name\":\"dns_class\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_class\"},{\"name\":\"dns_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_len\"},{\"name\":\"dns_query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_query\"},{\"name\":\"dns_response_code\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_response_code\"},{\"name\":\"dns_answers\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dns_answers\"},{\"name\":\"dns_type\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"dns_type\"},{\"name\":\"prx_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_category\"},{\"name\":\"prx_browser\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_browser\"},{\"name\":\"prx_code\",\"type\":\"STRING\",\"isdim\":
true,\"alias\":\"prx_code\"},{\"name\":\"prx_referrer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_referrer\"},{\"name\":\"prx_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_host\"},{\"name\":\"prx_filter_rule\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_rule\"},{\"name\":\"prx_filter_result\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_filter_result\"},{\"name\":\"prx_query\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_query\"},{\"name\":\"prx_action\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_action\"},{\"name\":\"prx_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_method\"},{\"name\":\"prx_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"prx_type\"},{\"name\":\"http_request_method\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_method\"},{\"name\":\"http_request_uri\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_uri\"},{\"name\":\"http_request_body_len\",\"type\":\"INT\",\"isdim
\":false,\"alias\":\"http_request_body_len\"},{\"name\":\"http_request_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_user_name\"},{\"name\":\"http_request_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_password\"},{\"name\":\"http_request_proxied\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_request_proxied\"},{\"name\":\"http_response_status_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_status_code\"},{\"name\":\"http_response_status_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_status_msg\"},{\"name\":\"http_response_body_len\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_body_len\"},{\"name\":\"http_response_info_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"http_response_info_code\"},{\"name\":\"http_response_info_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_info_msg\"},{\"name\":\"http_response_resp_fuids\",\"type\":\"STRING\",\"isdim\":tr
ue,\"alias\":\"http_response_resp_fuids\"},{\"name\":\"http_response_mime_types\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"http_response_mime_types\"},{\"name\":\"smtp_trans_depth\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"smtp_trans_depth\"},{\"name\":\"smtp_headers_helo\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_helo\"},{\"name\":\"smtp_headers_mailfrom\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_mailfrom\"},{\"name\":\"smtp_headers_rcptto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_rcptto\"},{\"name\":\"smtp_headers_date\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_date\"},{\"name\":\"smtp_headers_from\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_from\"},{\"name\":\"smtp_headers_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_to\"},{\"name\":\"smtp_headers_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_reply_to\"},{\"name\":\"smtp_headers_msg
_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_msg_id\"},{\"name\":\"smtp_headers_in_reply_to\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_in_reply_to\"},{\"name\":\"smtp_headers_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_subject\"},{\"name\":\"smtp_headers_x_originating_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"smtp_headers_x_originating_ip4\"},{\"name\":\"smtp_headers_first_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_first_received\"},{\"name\":\"smtp_headers_second_received\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_second_received\"},{\"name\":\"smtp_last_reply\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_last_reply\"},{\"name\":\"smtp_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_path\"},{\"name\":\"smtp_user_agent\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_user_agent\"},{\"name\":\"smtp_tls\",\"type\":\"BOOLEAN\",\"isdim\":tr
ue,\"alias\":\"smtp_tls\"},{\"name\":\"smtp_is_webmail\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"smtp_is_webmail\"},{\"name\":\"ftp_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_user_name\"},{\"name\":\"ftp_password\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_password\"},{\"name\":\"ftp_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_command\"},{\"name\":\"ftp_arg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_arg\"},{\"name\":\"ftp_mime_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_mime_type\"},{\"name\":\"ftp_file_size\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_file_size\"},{\"name\":\"ftp_reply_code\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_reply_code\"},{\"name\":\"ftp_reply_msg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_reply_msg\"},{\"name\":\"ftp_data_channel_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_data_channel_passive\"},{\"name\":\"ftp_data_channel_rsp_p\",\"typ
e\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_data_channel_rsp_p\"},{\"name\":\"ftp_cwd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cwd\"},{\"name\":\"ftp_cmdarg_ts\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_ts\"},{\"name\":\"ftp_cmdarg_cmd\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_cmd\"},{\"name\":\"ftp_cmdarg_arg\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_cmdarg_arg\"},{\"name\":\"ftp_cmdarg_seq\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"ftp_cmdarg_seq\"},{\"name\":\"ftp_pending_commands\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_pending_commands\"},{\"name\":\"ftp_is_passive\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ftp_is_passive\"},{\"name\":\"ftp_fuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_fuid\"},{\"name\":\"ftp_last_auth_requested\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ftp_last_auth_requested\"},{\"name\":\"snmp_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_ver
sion\"},{\"name\":\"snmp_community\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_community\"},{\"name\":\"snmp_get_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_requests\"},{\"name\":\"snmp_get_bulk_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_bulk_requests\"},{\"name\":\"snmp_get_responses\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_get_responses\"},{\"name\":\"snmp_set_requests\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"snmp_set_requests\"},{\"name\":\"snmp_display_string\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"snmp_display_string\"},{\"name\":\"snmp_up_since\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"snmp_up_since\"},{\"name\":\"tls_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_version\"},{\"name\":\"tls_cipher\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cipher\"},{\"name\":\"tls_curve\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_curve\"},{\"name\":\"tls_server_name\",\"type\
":\"STRING\",\"isdim\":true,\"alias\":\"tls_server_name\"},{\"name\":\"tls_resumed\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_resumed\"},{\"name\":\"tls_next_protocol\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_next_protocol\"},{\"name\":\"tls_established\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"tls_established\"},{\"name\":\"tls_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_cert_chain_fuids\"},{\"name\":\"tls_client_cert_chain_fuids\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_client_cert_chain_fuids\"},{\"name\":\"tls_subject\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_subject\"},{\"name\":\"tls_issuer\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tls_issuer\"},{\"name\":\"ssh_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_version\"},{\"name\":\"ssh_auth_success\",\"type\":\"BOOLEAN\",\"isdim\":true,\"alias\":\"ssh_auth_success\"},{\"name\":\"ssh_client\",\"type\":\"STRING\",\"isdim\":true,\"ali
as\":\"ssh_client\"},{\"name\":\"ssh_server\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_server\"},{\"name\":\"ssh_cipher_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_cipher_algorithm\"},{\"name\":\"ssh_mac_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_mac_algorithm\"},{\"name\":\"ssh_compression_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_compression_algorithm\"},{\"name\":\"ssh_key_exchange_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_key_exchange_algorithm\"},{\"name\":\"ssh_host_key_algorithm\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ssh_host_key_algorithm\"},{\"name\":\"dhcp_assigned_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"dhcp_assigned_ip4\"},{\"name\":\"dhcp_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_mac\"},{\"name\":\"dhcp_lease_time\",\"type\":\"DOUBLE\",\"isdim\":false,\"alias\":\"dhcp_lease_time\"},{\"name\":\"irc_user\",\"type\":\"STRING\",\"isdim\":true,\"
alias\":\"irc_user\"},{\"name\":\"irc_nickname\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_nickname\"},{\"name\":\"irc_command\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_command\"},{\"name\":\"irc_value\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_value\"},{\"name\":\"irc_additional_data\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"irc_additional_data\"},{\"name\":\"flow_in_packets\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"flow_in_packets\"},{\"name\":\"flow_out_packets\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"flow_out_packets\"},{\"name\":\"flow_conn_state\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_conn_state\"},{\"name\":\"flow_history\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_history\"},{\"name\":\"flow_src_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_src_dscp\"},{\"name\":\"flow_dst_dscp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_dst_dscp\"},{\"name\":\"flow_input\",\"type\":\"STRING\",\"is
dim\":true,\"alias\":\"flow_input\"},{\"name\":\"flow_output\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flow_output\"},{\"name\":\"vuln_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_id\"},{\"name\":\"vuln_title\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_title\"},{\"name\":\"vuln_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_type\"},{\"name\":\"vuln_status\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_status\"},{\"name\":\"vuln_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"vuln_severity\"},{\"name\":\"p_dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_vendor\",\"ispart\":true},{\"name\":\"p_dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dvc_type\",\"ispart\":true},{\"name\":\"p_dt\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"p_dt\",\"ispart\":true},{\"name\":\"dvc_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_ip4_str\"},{\"name\":\"dvc_ip6_str\",\"type\":\"STRING\",\"isdim\":
true,\"alias\":\"dvc_ip6_str\"},{\"name\":\"dvc_fwd_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip4_str\"},{\"name\":\"dvc_fwd_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dvc_fwd_ip6_str\"},{\"name\":\"src_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip4_str\"},{\"name\":\"src_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"src_ip6_str\"},{\"name\":\"dst_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_ip4_str\"},{\"name\":\"dst_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dst_ip6_str\"},{\"name\":\"smtp_headers_x_originating_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"smtp_headers_x_originating_ip4_str\"},{\"name\":\"dhcp_assigned_ip4_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dhcp_assigned_ip4_str\"}]},{\"tablename\":\"spot.endpoint_context\",\"parent_tablename\":\"spot.event\",\"join_pairs\":[[\"src_ip4_str\",\"end_ip4_str\"]],\"join_exprs\":[],\"join_type\":\"inner join\",\"
columns\":[{\"name\":\"dvc_time\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"endpoint_context dvc_time\"},{\"name\":\"end_ip4\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"end_ip4\"},{\"name\":\"end_ip6\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"end_ip6\"},{\"name\":\"end_os\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os\"},{\"name\":\"end_os_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_version\"},{\"name\":\"end_os_sp\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_os_sp\"},{\"name\":\"end_tz\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_tz\"},{\"name\":\"end_host\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_host\"},{\"name\":\"end_mac\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_mac\"},{\"name\":\"end_owner\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_owner\"},{\"name\":\"end_loc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_loc\"},{\"name\":\"end_departm\",\"type\":\"STRING\",\"isdim\":true,\"a
lias\":\"end_departm\"},{\"name\":\"end_company\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_company\"},{\"name\":\"end_criticality\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_criticality\"},{\"name\":\"end_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_desc\"},{\"name\":\"dvc_type\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_type\"},{\"name\":\"dvc_vendor\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_vendor\"},{\"name\":\"dvc_version\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"endpoint_context dvc_version\"},{\"name\":\"end_architecture\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_architecture\"},{\"name\":\"end_uuid\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_uuid\"},{\"name\":\"end_risk\",\"type\":\"FLOAT\",\"isdim\":false,\"alias\":\"end_risk\"},{\"name\":\"end_memtotal\",\"type\":\"INT\",\"isdim\":false,\"alias\":\"end_memtotal\"},{\"name\":\"end_ip4_str\",\"type\":\"STRING\",\"is
dim\":true,\"alias\":\"end_ip4_str\"},{\"name\":\"end_ip6_str\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"end_ip6_str\"}]},{\"tablename\":\"spot.threat_intelligence_context\",\"parent_tablename\":\"spot.event\",\"join_pairs\":[[\"src_ip4_str\",\"ti_indicator_hostname\"]],\"join_exprs\":[],\"join_type\":\"inner join\",\"columns\":[{\"name\":\"ti_source\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_source\"},{\"name\":\"ti_provider_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_provider_id\"},{\"name\":\"ti_indicator_id\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_id\"},{\"name\":\"ti_indicator_desc\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_desc\"},{\"name\":\"ti_date_added\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_date_added\"},{\"name\":\"ti_date_modified\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_date_modified\"},{\"name\":\"ti_risk_impact\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_risk_impact\"},
{\"name\":\"ti_severity\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_severity\"},{\"name\":\"ti_category\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_category\"},{\"name\":\"ti_campaign_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_campaign_name\"},{\"name\":\"ti_associated_incidents\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_associated_incidents\"},{\"name\":\"ti_adversarial_identification_group\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_adversarial_identification_group\"},{\"name\":\"ti_adversarial_identification_tactics\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_adversarial_identification_tactics\"},{\"name\":\"ti_adversarial_identification_reports\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_adversarial_identification_reports\"},{\"name\":\"ti_phase\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_phase\"},{\"name\":\"ti_indicator_cve\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_cve\"},{\"name\":\"ti_
indicator_domain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_domain\"},{\"name\":\"ti_indicator_hostname\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_hostname\"},{\"name\":\"ti_indicator_file_hash\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_hash\"},{\"name\":\"ti_indicator_file_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_path\"},{\"name\":\"ti_indicator_mutex\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_mutex\"},{\"name\":\"ti_indicator_md5\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_md5\"},{\"name\":\"ti_indicator_sha1\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_sha1\"},{\"name\":\"ti_indicator_sha256\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_sha256\"},{\"name\":\"ti_indicator_device_path\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_device_path\"},{\"name\":\"ti_indicator_drive\",\"type\":\"STRING\",\"isdim\"
:true,\"alias\":\"ti_indicator_drive\"},{\"name\":\"ti_indicator_file_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_name\"},{\"name\":\"ti_indicator_file_extension\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_extension\"},{\"name\":\"ti_indicator_file_size\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_size\"},{\"name\":\"ti_indicator_file_created\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_created\"},{\"name\":\"ti_indicator_file_accessed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_accessed\"},{\"name\":\"ti_indicator_file_changed\",\"type\":\"BIGINT\",\"isdim\":false,\"alias\":\"ti_indicator_file_changed\"},{\"name\":\"ti_indicator_file_entropy\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_file_entropy\"},{\"name\":\"ti_indicator_user_name\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_user_name\"},{\"name\":\"ti_indicator_security_id\"
,\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ti_indicator_security_id\"}]}]", "cache_sequence": 0, "dataset_name": "Event Endpoint (Join)"}}, {"pk": 22, "model": "datasets.dataset", "fields": {"dataset_detail": "spot.scores", "uuid": "21e26dcf-ac2f-4fd9-baec-51ad130c443b", "imported_uuid": null, "dataset_description": "", "dataset_type": "singletable", "dataconnection": 4, "dataset_settings": "{}", "dataset_info": "[{\"tablename\":\"spot.scores\",\"columns\":[{\"name\":\"sev\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"sev\"},{\"name\":\"tstart\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"tstart\"},{\"name\":\"srcip\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"srcip\"},{\"name\":\"dstip\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dstip\"},{\"name\":\"sport\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"sport\"},{\"name\":\"dport\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dport\"},{\"name\":\"proto\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"proto\"},
{\"name\":\"flag\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"flag\"},{\"name\":\"ipkt\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ipkt\"},{\"name\":\"ibyt\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"ibyt\"},{\"name\":\"lda_score\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"lda_score\"},{\"name\":\"rank\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"rank\"},{\"name\":\"srcipinternal\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"srcipinternal\"},{\"name\":\"destipinternal\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"destipinternal\"},{\"name\":\"srcgeo\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"srcgeo\"},{\"name\":\"dstgeo\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dstgeo\"},{\"name\":\"srcdomain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"srcdomain\"},{\"name\":\"dstdomain\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dstdomain\"},{\"name\":\"srcip_rep\",\"type\":\"STRING\",\"isdim\":true,\"alias\":\"srcip_rep\"},{\"name\":\"dstip_rep\"
,\"type\":\"STRING\",\"isdim\":true,\"alias\":\"dstip_rep\"}]}]", "cache_sequence": 0, "dataset_name": "Scores"}}], "visuals": [{"pk": 66, "model": "reports.report", "fields": {"report_description": "", "uuid": "ecf05ee6-60dd-49af-9929-0caceb033723", "dataset": 19, "imported_uuid": "96189624-0bb4-456a-af7d-305ee9ddd5f2", "report_data": "{\"report_type\":\"network\",\"report_data\":{\"selected_segments\":[],\"allowLargeTrellisPerm\":false,\"filters_shelf\":[{\"custom_expr\":\"[src_ip4_str] like '%<<source ip:>>%'\",\"expression_for_trigger\":\"[src_ip4_str] like '%<<source ip:>>%'\",\"dataset_colname\":\"src_ip4\",\"dataset_coltype\":\"STRING\",\"filter_column\":\"src_ip4\",\"filter_data\":[],\"filter_input\":{}},{\"custom_expr\":\"[event_hour] >= '<<event_hour.start:2016-01-01 00>>'\",\"expression_for_trigger\":\"[event_hour] >= '<<event_hour.start:2016-01-01 00>>'\",\"dataset_colname\":\"date_hour\",\"dataset_coltype\":\"STRING\",\"dflagg\":\"max\",\"filter_column\":\"date_hour\",\
"filter_data\":[],\"filter_input\":{}},{\"custom_expr\":\"[event_hour] <= '<<event_hour.end:2016-07-31 00>>'\",\"expression_for_trigger\":\"[event_hour] <= '<<event_hour.end:2016-07-31 00>>'\",\"dataset_colname\":\"date_hour\",\"dataset_coltype\":\"STRING\",\"dflagg\":\"max\",\"filter_column\":\"date_hour\",\"filter_data\":[],\"filter_input\":{}}],\"aggregates_shelf\":[{\"col_alias\":\"Record Count\",\"custom_expr\":\"sum(1)\",\"expression_for_trigger\":\"sum(1)\",\"dataset_colname\":\"Record Count\",\"dataset_coltype\":\"BIGINT\",\"expr_hasagg\":true,\"fn_type\":1,\"order\":{\"ascending\":false,\"priority\":1},\"order_limit\":\"100\"}],\"report_title\":\"Network Graph\",\"tooltip_shelf\":[],\"user_settings\":{\"visual_hide_title\":\"false\",\"link_opacity\":\"80\",\"visual_font\":\"default\",\"node_size_range\":\"5-20\",\"link_color\":\"source\",\"default_language\":\"\",\"inline_css\":\"\",\"link_width_range\":\"1-10\",\"color_opacity\":\"80\",\"disable_incremental_queries\":\"fal
se\",\"send_aggregate_parameters\":\"false\",\"same_domain\":\"false\",\"table_header_alignment\":\"data_dependent\",\"title_font\":\"default\",\"link_strength\":\"2\",\"http_auto_link\":\"true\",\"subtitle_font_size\":\"-1\",\"page_size\":\"-1\",\"permit_email_report\":\"true\",\"nulls_order\":\"Default\",\"table_full_width\":\"false\",\"visual_dataset_scope\":\"false\",\"tgt_node_mark_type\":\"square\",\"container_css_class\":\"\",\"table_totals_header\":\"false\",\"table_totals\":\"false\",\"enable_info\":\"false\",\"parameters_send_all_cols\":\"false\",\"title_alignment\":\"Left\",\"fixed_color_legend\":\"false\",\"dim_to_color_mapping\":\"{\\\"mappings\\\":{},\\\"isChecked\\\":false}\",\"subtitle_font\":\"default\",\"permit_png_download\":\"false\",\"max_rowcount\":\"\",\"node_friction\":\".3\",\"remember_node_positions\":\"true\",\"layout_theta\":\"0.8\",\"tgt_node_opacity\":\"80\",\"layout_gravity\":\".5\",\"trellis_borders\":\"true\",\"nulls_display_value\":\"null\",\"link_d
istance\":\"25\",\"explicit_scope\":\"true\",\"css_styles\":\"[]\",\"src_node_mark_type\":\"circle\",\"enable_pagination\":\"false\",\"subtitle_alignment\":\"Left\",\"download_rows\":\"-1\",\"color_palette\":\"{\\\"colors\\\":[\\\"#1f77b4\\\",\\\"#ff7f0e\\\",\\\"#2ca02c\\\",\\\"#d62728\\\",\\\"#9467bd\\\",\\\"#8c564b\\\",\\\"#e377c2\\\",\\\"#7f7f7f\\\",\\\"#bcbd22\\\",\\\"#17becf\\\"],\\\"colorSettings\\\":{},\\\"isReversed\\\":false}\",\"max_columns\":\"20\",\"permit_csv_download_visual\":\"true\",\"table_template\":\"table-template-2\",\"title_font_size\":\"-1\",\"src_node_opacity\":\"80\",\"node_charge\":\"-600\"},\"fixed_nodes\":[],\"sample_pct\":\"Off\",\"core\":{\"saved_shelf_sources\":{\"sub:[src_ip4_str] as 'sub:sub:src_ip4_str'\":\"dimensions_shelf\",\"sub:[dst_ip4_str] as 'sub:sub:dst_ip4_str'\":\"dimensions_shelf\",\"sub:sum(1) as 'sub:Record Count'\":\"aggregates_shelf\",\"sub:[src_ip4_str] like '%<<source ip:>>%' as \\\"sub:sub:src_ip4_str like '%<<source ip:>>%'\\\"\":
\"filters_shelf\",\"sub:[event_hour] >= '<<event_hour.start:2016-01-01 00>>' as \\\"sub:sub:event_hour >= '<<event_hour.start:2016-01-01 00>>'\\\"\":\"filters_shelf\",\"sub:[event_hour] <= '<<event_hour.end:2016-07-31 00>>' as \\\"sub:sub:event_hour <= '<<event_hour.end:2016-07-31 00>>'\\\"\":\"filters_shelf\"},\"viz_type\":\"network\",\"shelves\":[{\"name\":\"x_shelf\",\"shelf_type\":1,\"column_type\":1},{\"name\":\"y_shelf\",\"shelf_type\":1,\"column_type\":1},{\"name\":\"dimensions_shelf\",\"shelf_type\":1,\"column_type\":1},{\"name\":\"aggregates_shelf\",\"shelf_type\":1,\"column_type\":2},{\"name\":\"tooltip_shelf\",\"shelf_type\":1,\"column_type\":2},{\"name\":\"filters_shelf\",\"shelf_type\":2,\"column_type\":3}]},\"report_derived_data\":[],\"click_behaviors\":{},\"lastShelfHistory\":{\"core\":{\"saved_shelf_sources\":{\"sub:[src_ip4] like '%<<source ip:>>%' as \\\"sub:sub:src_ip4 like '%<<source ip:>>%'\\\"\":\"filters_shelf\",\"[dst_ip4] as 'sub:dst_ip4'\":\"dimensions_shel
f\",\"[src_ip4] as 'sub:src_ip4'\":\"dimensions_shelf\",\"sub:sum(1) as 'sub:Record Count'\":\"aggregates_shelf\",\"sub:[event_hour] >= '<<event_hour.start:2016-01-01 00>>' as \\\"sub:sub:event_hour >= '<<event_hour.start:2016-01-01 00>>'\\\"\":\"filters_shelf\",\"sub:[event_hour] <= '<<event_hour.end:2016-07-31 00>>' as \\\"sub:sub:event_hour <= '<<event_hour.end:2016-07-31 00>>'\\\"\":\"filters_sh
<TRUNCATED>
[2/4] incubator-spot git commit: Add Apache Spot sample dashboards
and README
Posted by na...@apache.org.
Add Apache Spot sample dashboards and README
"spot_app.json" is a configuration file containing all of the current sample Apache Spot dashboards. The current set of sample Apache Spot dashboards include: Network Activity, User Activity Summary, User Activity Details, Endpoint Activity Summary, Endpoint Activity Details, and Vulnerabilities views. Details about each of these dashboards can be found in the README along with installation instructions and sources for sample data. This file can be imported into either Arcadia Instant or Enterprise. ODM tables should be setup before importing the configuration file. Once imported the dashboards will align with the ODM tables that have been set up.
Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/46b77b9a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/46b77b9a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/46b77b9a
Branch: refs/heads/SPOT-181_ODM
Commit: 46b77b9a68a1c5ed610cb67ec19f84d1d9c4532f
Parents: 5f25155
Author: Tadd Wood <ta...@arcadiadata.com>
Authored: Thu Sep 21 23:59:52 2017 -0700
Committer: Tadd Wood <ta...@arcadiadata.com>
Committed: Thu Sep 21 23:59:52 2017 -0700
----------------------------------------------------------------------
spot-oa/arcadia/README.md | 84 ++++++++++++++++++++++++++++++++++++++
spot-oa/arcadia/spot_app.json | 1 +
2 files changed, 85 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/46b77b9a/spot-oa/arcadia/README.md
----------------------------------------------------------------------
diff --git a/spot-oa/arcadia/README.md b/spot-oa/arcadia/README.md
new file mode 100644
index 0000000..919676e
--- /dev/null
+++ b/spot-oa/arcadia/README.md
@@ -0,0 +1,84 @@
+# spot-oa/arcadia
+
+## Arcadia Dashboards for Apache Spot
+
+This document describes the steps required to setup and use Arcadia Dashboards as a visualization layer on the Apache Spot Open Data Model (ODM)
+
+## Getting Started
+
+Contained in this directory is a configuration file (spot_app.json) that includes several sample dashboards for end users to setup and use with the Apache Spot ODM.
+
+#### Included Dashboards
+
+- Network Activity - Provides views of events and suspicious network flow activity
+- User Activity Summary - Provides summary level view of suspicious activity related to users in your environment.
+- User Activity Detail - Provides a contextual view of events related to users in your environment
+- Endpoint Activity Summary - Provides a summary level view of suspicious activity related to endpoint in your environment.
+- Endpoint Activity Detail - Provides a contextual view of events related to endpoints in your environment.
+- Vulnerabilities - Provides a contextual view of vulnerabilities and details related to endpoints in your environment.
+
+End users are encouraged to customize these dashboards for their own purposes and use-cases.
+
+## Prerequisites
+
+To setup and configure the Arcadia Dashboards, you must have the following:
+- A running Hadoop cluster with Impala installed and configured
+- Linux user account created in all nodes with sudo privileges
+- Installation and setup of the Open Data Model (ODM) directories and schema (see spot-setup/odm)
+- Download of Arcadia Instant (https://www.arcadiadata.com/product/instant/)
+
+Having the ODM directories populated with data or sample data is also recommended for visualizations to load properly.
+
+## Setup Instructions
+
+Following the completion of the pre-requisites and starting Arcadia Instant, you can perform the following steps to import and configure the Apache Spot dashboards contained in the **spot_app.json** file.
+1. In the Arcadia Instant Control Panel, click "Go" to launch a browser window.
+2. Click the "Data" tab, and then click "New Connection"
+3. Select "Impala" as the connection type, and configure the connection to connect to the Impala daemon on your running Hadoop cluster.
+Click the "Advanced" tab if you need to configure LDAP or Kerberos authentication for your connection.
+Also make sure "Result cache" is enabled in the "Cache" tab of your connection.
+4. Click the "Test" button to make sure you connection is working and then "Connect" to exit.
+5. Click your newly setup connection and look for a button that looks like an ellipsis (...).
+6. Click the ellipsis button, and then click "Import Visual Artifacts"
+7. Choose the **spot_app.json** file to upload.
+8. Click "Accept and Import".
+9. Presto! You should now have live dashboards connected to the Apache Spot (ODM) tables.
+
+## Sources for Sample Data
+
+If you haven't landed any data in the ODM directories yet and would like to demo the Arcadia Dashboards,
+you can complete the following steps to download sample data within your running Hadoop cluster.
+Also note that the dependencies in the Enviornment Variables section below.
+
+**OBLIGITORY DISCLAIMER**: DO NOT RUN THIS SCRIPT IF YOU ALREADY HAVE PRODUCTION DATA POPULATING THE ODM DIRECTORIES.
+
+There is a safe guard in the odm_sample_setup.sh script to prevent overwrites of data in the ODM directories,
+but its best to avoid this step altogether if you know data is already landing in those directories.
+
+#### Environment Variables
+
+The **odm_sample_setup.sh** script is dependent on the **spot.conf** file being installed (see spot-setup/odm),
+which is intended to be located in the /etc directory by default.
+
+#### Sample Data Setup Steps
+
+1. run wget http://get.arcadiadata.com.s3.amazonaws.com/spot/sample/odm_sample_setup.sh to retrieve the sample data setup script.
+2. run chmod +x odm_sample_setup.sh to make the script executable.
+3. run ./odm_sample_setup.sh to retrieve, store, and make sample data available in your ODM tables.
+
+## Licensing
+
+spot-setup is licensed under Apache Version 2.0
+
+## Contributing
+
+Create a pull request and contact the maintainers.
+
+## Issues
+
+Report issues at the Apache Spot [issues] (https://github.com/Open-Network-Insight/open-network-insight/issues) page.
+
+## Maintainers
+
+- [Tadd Wood] (https://github.com/TaddWood)
+
[4/4] incubator-spot git commit: Update dashboard notes in README
Posted by na...@apache.org.
Update dashboard notes in README
In this feature release the number of dashboards have been paired down to 3, which include User Activity Summary, Endpoint Activity Summary, and Vulnerabilities dashboards.
Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/016a5e4c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/016a5e4c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/016a5e4c
Branch: refs/heads/SPOT-181_ODM
Commit: 016a5e4c93c3094d51e4efec09c43e43f78908bb
Parents: 6c72c5d
Author: Tadd Wood <ta...@arcadiadata.com>
Authored: Mon Sep 25 09:26:33 2017 -0700
Committer: Tadd Wood <ta...@arcadiadata.com>
Committed: Mon Sep 25 09:26:33 2017 -0700
----------------------------------------------------------------------
spot-oa/arcadia/README.md | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/016a5e4c/spot-oa/arcadia/README.md
----------------------------------------------------------------------
diff --git a/spot-oa/arcadia/README.md b/spot-oa/arcadia/README.md
index aca4e33..8f6d3f1 100644
--- a/spot-oa/arcadia/README.md
+++ b/spot-oa/arcadia/README.md
@@ -10,11 +10,8 @@ Contained in this directory is a configuration file (spot_app.json) that include
#### Included Dashboards
-- Network Activity - Provides views of events and suspicious network flow activity
-- User Activity Summary - Provides summary level view of suspicious activity related to users in your environment.
-- User Activity Detail - Provides a contextual view of events related to users in your environment
-- Endpoint Activity Summary - Provides a summary level view of suspicious activity related to endpoint in your environment.
-- Endpoint Activity Detail - Provides a contextual view of events related to endpoints in your environment.
+- User Activity Summary - Provides summary level view of activity related to users in your environment.
+- Endpoint Activity Summary - Provides a summary level view of activity related to endpoints in your environment.
- Vulnerabilities - Provides a contextual view of vulnerabilities and details related to endpoints in your environment.
End users are encouraged to customize these dashboards for their own purposes and use-cases.
[3/4] incubator-spot git commit: Fix Jira Issues link
Posted by na...@apache.org.
Fix Jira Issues link
Previous Jira issues link was deprecated.
Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/6c72c5d0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/6c72c5d0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/6c72c5d0
Branch: refs/heads/SPOT-181_ODM
Commit: 6c72c5d025387773996c459f482e3ef2d7c54827
Parents: 46b77b9
Author: Tadd Wood <ta...@arcadiadata.com>
Authored: Fri Sep 22 10:14:55 2017 -0700
Committer: Tadd Wood <ta...@arcadiadata.com>
Committed: Fri Sep 22 10:14:55 2017 -0700
----------------------------------------------------------------------
spot-oa/arcadia/README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/6c72c5d0/spot-oa/arcadia/README.md
----------------------------------------------------------------------
diff --git a/spot-oa/arcadia/README.md b/spot-oa/arcadia/README.md
index 919676e..aca4e33 100644
--- a/spot-oa/arcadia/README.md
+++ b/spot-oa/arcadia/README.md
@@ -76,7 +76,7 @@ Create a pull request and contact the maintainers.
## Issues
-Report issues at the Apache Spot [issues] (https://github.com/Open-Network-Insight/open-network-insight/issues) page.
+Report issues at the Apache Spot [issues] (https://issues.apache.org/jira/projects/SPOT/issues) page.
## Maintainers