Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
An analyst in the field noted that table visualizations in Dashboards are not always consistent in the number of results that are shown: some show top 20, some show top 100, etc.
We should make this consistent by:
setting the size parameter for these tables to something consistent (I'm going to choose 100)
using ripgrep to find them: rg -o '\\"table\\".*?\\"params\\":\{.*?\\"size\\":\d+' ./dashboards/dashboards/
making sure otherBucket is set to true to indicate when there are more than will fit in the top n results
An analyst in the field noted that table visualizations in Dashboards are not always consistent in the number of results that are shown: some show top 20, some show top 100, etc.
We should make this consistent by:
sizeparameter for these tables to something consistent (I'm going to choose 100)rg -o '\\"table\\".*?\\"params\\":\{.*?\\"size\\":\d+' ./dashboards/dashboards/otherBucketis set totrueto indicate when there are more than will fit in the top n results