create dashboards for other non-network log data

[mmguero]

Malcolm can accept various third-party logs, and while there's no way we could create dashboards for every conceivable source, we could create them for more than we have.

We have some already (mainly used for data coming from Hedgehog):

• Malcolm nginx Overview and Malcolm nginx Access and Error Logs - for reporting on Malcolm's own nginx logs enabled by NGINX_LOG_ACCESS_AND_ERRORS
• Malcolm Sensor Temperature - for data from fluent bit thermal
• Malcolm Sensor Audit Logs - for data from Hedgehog's auditd logs
• Malcolm Sensor Resources Hosts Overview and Malcolm Sensor Resources System Overview - for resource utilization from Hedgehog or Malcolm (or anything using those fluent bit inputs)
• Malcolm Sensor Journald logs - fluent bit's journald/systemd input for linux logs
• Malcolm Sensor File/Directory Integrity - for hedgehog's file system integrity output from AIDE

But there are lots of others we could/should create dashboards for, potentially including:

• any of the fluent-bit inputs
  • should "just work" as far as getting it into Malcolm if set up with the convenience scripts, this should be the pattern to follow
  • particularly we should prioritize Windows Event Logs (old, new)
  • we should also examine existing dashboards that were made with malcolm/hedgehog itself in mind and make sure they're generally usefull
• Malcolm can now report to itself on capture statistics (#395), we should create dashboards for these
• ???

[mmguero]

I've either ensured we have existing dashboards or created new ones for the following inputs. It is true that I haven't covered every possible fluent-bit input, but I think this is good for now. We may revisit later if there is more interest (esp., perhaps the docker, podman and kubernetes events ones).

Fluent Bit inputs

• [x] cpu (CPU Usage)
  • Resources - System Overview and Resources - Hosts Overview
• [x] mem (Memory Usage)
  • Resources - System Overview and Resources - Hosts Overview
• [x] thermal (Thermal)
  • Hardware Temperature
• [x] kmsg (Kernel Log Buffer)
  • Linux Kernel Messages
• [x] disk (Diskstats)
  • Resources - System Overview and Resources - Hosts Overview
• [x] systemd (Systemd (Journal) reader)
  • Journald Logs
• [x] winevtlog
  • Windows Events
• [x] winlog
  • Windows Events
• [x] winstat
  • Windows Events

Zeek diagnostics

• [x] - analyzer.log
  • Packet Capture Statistics
• [x] - capture_loss.log
  • Packet Capture Statistics
• [x] - reporter.log
  • Packet Capture Statistics
• [x] - stats.log
  • Packet Capture Statistics

Suricata Stats

• [x] - EVE.json stats
  • Packet Capture Statistics

[mmguero]

Here's a dashboard for Packet Capture Statistics: