{
  "title": "Events Types by Severity [ArcSight]",
  "visState": "{\"title\":\"Events Types by Severity [ArcSight]\",\"type\":\"metrics\",\"params\":{\"id\":\"5f4e1f70-7523-11e7-b440-f1d91dc5774d\",\"type\":\"timeseries\",\"series\":[{\"id\":\"f7c4afd0-752d-11e7-ae68-d756b92f3a9c\",\"color\":\"#68BC00\",\"split_mode\":\"filters\",\"metrics\":[{\"id\":\"f7c4afd1-752d-11e7-ae68-d756b92f3a9c\",\"type\":\"count\",\"field\":\"bytesIn\"}],\"seperate_axis\":1,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":\"3\",\"point_size\":\"0\",\"fill\":\"0\",\"stacked\":\"none\",\"label\":\"Cumulative Bytes\",\"split_filters\":[{\"filter\":\"(deviceSeverity:\\\"2\\\" OR deviceSeverity:\\\"3\\\" OR deviceSeverity:\\\"5\\\" OR deviceSeverity:\\\"16\\\" OR deviceCustomString4:\\\"SERVFAIL\\\" OR deviceCustomString4:\\\"NXDOMAIN\\\" OR deviceCustomString4:\\\"REFUSED\\\" OR deviceCustomString4:\\\"BADVERS\\\" OR deviceCustomString4:\\\"BADSIG\\\")\",\"label\":\"HIGH\",\"color\":\"rgba(244,78,59,1)\",\"id\":\"53f76f80-7539-11e7-ae68-d756b92f3a9c\"},{\"filter\":\"(deviceSeverity:\\\"1\\\" OR  deviceSeverity:\\\"4\\\" OR  deviceSeverity:\\\"6\\\" OR  deviceSeverity:\\\"7\\\" OR  deviceSeverity:\\\"8\\\" OR  deviceSeverity:\\\"9\\\" OR  deviceSeverity:\\\"10\\\" OR deviceSeverity:\\\"17\\\" OR  deviceSeverity:\\\"18\\\" OR  deviceSeverity:\\\"19\\\" OR  deviceSeverity:\\\"20\\\" OR  deviceSeverity:\\\"21\\\" OR  deviceSeverity:\\\"22\\\" OR   deviceCustomString4:\\\"Error\\\" OR  deviceCustomString4:\\\"ERROR\\\" OR  deviceCustomString4:\\\"Warning\\\" OR  deviceCustomString4:\\\"WARNING\\\" OR  deviceCustomString4:\\\"FORMERR\\\" OR  deviceCustomString4:\\\"NOTIMP\\\" OR  deviceCustomString4:\\\"YXDOMAIN\\\" OR  deviceCustomString4:\\\"YXRRSET\\\" OR  deviceCustomString4:\\\"NXRRSET\\\" OR  deviceCustomString4:\\\"NOTAUTH\\\" OR  deviceCustomString4:\\\"NOTZONE\\\" OR  deviceCustomString4:\\\"BADKEY\\\" OR  deviceCustomString4:\\\"BADTIME\\\" OR  deviceCustomString4:\\\"BADMODE\\\" OR  deviceCustomString4:\\\"BADNAME\\\" OR  deviceCustomString4:\\\"BADALG\\\" OR  deviceCustomString4:\\\"BADTRUNC\\\")\",\"label\":\"MEDIUM\",\"color\":\"rgba(254,146,0,1)\",\"id\":\"6033e990-7539-11e7-ae68-d756b92f3a9c\"},{\"filter\":\"(NOT (deviceSeverity:\\\"2\\\" OR deviceSeverity:\\\"3\\\" OR deviceSeverity:\\\"5\\\" OR deviceSeverity:\\\"16\\\" OR deviceCustomString4:\\\"SERVFAIL\\\" OR deviceCustomString4:\\\"NXDOMAIN\\\" OR deviceCustomString4:\\\"REFUSED\\\" OR deviceCustomString4:\\\"BADVERS\\\" OR deviceCustomString4:\\\"BADSIG\\\" OR deviceSeverity:\\\"1\\\" OR  deviceSeverity:\\\"4\\\" OR  deviceSeverity:\\\"6\\\" OR  deviceSeverity:\\\"7\\\" OR  deviceSeverity:\\\"8\\\" OR  deviceSeverity:\\\"9\\\" OR  deviceSeverity:\\\"10\\\" OR deviceSeverity:\\\"17\\\" OR  deviceSeverity:\\\"18\\\" OR  deviceSeverity:\\\"19\\\" OR  deviceSeverity:\\\"20\\\" OR  deviceSeverity:\\\"21\\\" OR  deviceSeverity:\\\"22\\\" OR deviceCustomString4:\\\"Error\\\" OR  deviceCustomString4:\\\"ERROR\\\" OR  deviceCustomString4:\\\"Warning\\\" OR  deviceCustomString4:\\\"WARNING\\\" OR  deviceCustomString4:\\\"FORMERR\\\" OR  deviceCustomString4:\\\"NOTIMP\\\" OR  deviceCustomString4:\\\"YXDOMAIN\\\" OR  deviceCustomString4:\\\"YXRRSET\\\" OR  deviceCustomString4:\\\"NXRRSET\\\" OR  deviceCustomString4:\\\"NOTAUTH\\\" OR  deviceCustomString4:\\\"NOTZONE\\\" OR  deviceCustomString4:\\\"BADKEY\\\" OR  deviceCustomString4:\\\"BADTIME\\\" OR  deviceCustomString4:\\\"BADMODE\\\" OR  deviceCustomString4:\\\"BADNAME\\\" OR  deviceCustomString4:\\\"BADALG\\\" OR  deviceCustomString4:\\\"BADTRUNC\\\"))\",\"label\":\"LOW\",\"color\":\"rgba(252,220,0,1)\",\"id\":\"6b4be0d0-7539-11e7-ae68-d756b92f3a9c\"}]},{\"id\":\"e1a5d1f0-7525-11e7-b440-f1d91dc5774d\",\"color\":\"rgba(0,156,224,1)\",\"split_mode\":\"terms\",\"metrics\":[{\"id\":\"e1a5d1f1-7525-11e7-b440-f1d91dc5774d\",\"type\":\"count\"}],\"seperate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"bar\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"label\":\"Count by Event Type\",\"terms_field\":\"deviceEventClassId\",\"terms_size\":\"20\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"arcsight-*\",\"interval\":\"auto\",\"axis_position\":\"left\",\"axis_formatter\":\"number\",\"show_legend\":1,\"filter\":\"deviceProduct:\\\"DNS Trace Log\\\"\"},\"aggs\":[],\"listeners\":{}}",
  "uiStateJSON": "{}",
  "description": "",
  "version": 1,
  "kibanaSavedObjectMeta": {
    "searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"
  }
}