78 строки
2.3 KiB
JSON
78 строки
2.3 KiB
JSON
{
|
|
"version": "Notebook/1.0",
|
|
"items": [
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "OrcaAlerts_CL \n| summarize count(alert_id_s) by time_t ",
|
|
"size": 0,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "linechart"
|
|
},
|
|
"name": "Alerts over time"
|
|
},
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "OrcaAlerts_CL \n| summarize count(alert_id_s) by asset_type_s \n",
|
|
"size": 3,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "piechart"
|
|
},
|
|
"customWidth": "33",
|
|
"name": "query - 2"
|
|
},
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "OrcaAlerts_CL \n| summarize count(alert_id_s) by alert_type_s ",
|
|
"size": 3,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "piechart",
|
|
"tileSettings": {
|
|
"showBorder": false
|
|
},
|
|
"graphSettings": {
|
|
"type": 0
|
|
},
|
|
"mapSettings": {
|
|
"locInfo": "LatLong",
|
|
"sizeSettings": "score_d",
|
|
"sizeAggregation": "Sum",
|
|
"legendMetric": "score_d",
|
|
"legendAggregation": "Sum",
|
|
"itemColorSettings": {
|
|
"type": "heatmap",
|
|
"colorAggregation": "Sum",
|
|
"nodeColorField": "score_d",
|
|
"heatmapPalette": "greenRed"
|
|
}
|
|
}
|
|
},
|
|
"customWidth": "33",
|
|
"name": "query - 1"
|
|
},
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "OrcaAlerts_CL \n| summarize count() by tostring(score_d)\n",
|
|
"size": 3,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "piechart"
|
|
},
|
|
"customWidth": "33",
|
|
"name": "query - 3"
|
|
}
|
|
],
|
|
"fromTemplateId": "sentinel-Alerts overview",
|
|
"$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json"
|
|
}
|
|
|