Report on Hosts
This tool allows you to generate a report on the breakdown of a value present on the Hosts returned
by your query. For example, to generate a report on ports seen on Hosts with HTTP services, you could
query for services.service_name: HTTP and then generate a report on the breakdown
of the field
services.port
Report for Hosts
| services.labels | services | |
|---|---|---|
| login-page | 1,148,551 | 36.72% |
| jquery | 702,904 | 22.47% |
| tarpit | 233,519 | 7.47% |
| ics | 181,090 | 5.79% |
| network.device.vpn | 176,302 | 5.64% |
| jquery-migrate | 176,175 | 5.63% |
| jquery-ui | 175,873 | 5.62% |
| scada | 90,382 | 2.89% |
| web.control-panel.hosting | 88,768 | 2.84% |
| medical-device | 88,364 | 2.82% |
| angularjs | 88,022 | 2.81% |
| requirejs | 87,826 | 2.81% |
| underscore.js | 87,824 | 2.81% |
| bootstrap | 87,569 | 2.8% |
| select2 | 87,514 | 2.8% |
| atlassian-confluence | 86,358 | 2.76% |
| remote-access | 48,859 | 1.56% |
| iot | 47,506 | 1.52% |
| database | 35,242 | 1.13% |
| 20,960 | 0.67% | |
| file-sharing | 18,112 | 0.58% |
| network.device | 11,610 | 0.37% |
| printer | 9,652 | 0.31% |
| gaming | 5,920 | 0.19% |
| web-application-firewall | 4,093 | 0.13% |
| network-administration | 3,630 | 0.12% |
| network.device.firewall | 2,831 | 0.09% |
| routing | 2,605 | 0.08% |
| network.device.soho | 2,578 | 0.08% |
| managed-file-transfer | 1,892 | 0.06% |
| camera | 1,717 | 0.05% |
| proxy | 1,068 | 0.03% |
| out-of-band-management | 813 | 0.03% |
| default-landing-page | 559 | 0.02% |
| security-tool | 540 | 0.02% |
| netscaler | 347 | 0.01% |
| media-streaming | 315 | 0.01% |
| load-balancer | 197 | 0.01% |
| open-dir | 158 | 0.01% |
| usenet | 111 | 0.0% |
| suspended | 99 | 0.0% |
| kibana | 91 | 0.0% |
| phppgadmin | 73 | 0.0% |
| wordpress | 32 | 0.0% |
| cisco-xe-webui | 24 | 0.0% |
| google-analytics | 17 | 0.0% |
| google-tag-manager | 13 | 0.0% |
| laravel | 13 | 0.0% |
| react | 12 | 0.0% |
| sweetalert | 10 | 0.0% |
| Remaining Results | 207 | 0.01% |
| Total | 3,128,056 | 100.0% |
JSON Report
{
"query": "labels:tarpit",
"field": "services.labels",
"total": 3128056,
"duration": 326,
"total_omitted": 207,
"potential_deviation": 0,
"buckets": [
{
"key": "login-page",
"count": 1148551
},
{
"key": "jquery",
"count": 702904
},
{
"key": "tarpit",
"count": 233519
},
{
"key": "ics",
"count": 181090
},
{
"key": "network.device.vpn",
"count": 176302
},
{
"key": "jquery-migrate",
"count": 176175
},
{
"key": "jquery-ui",
"count": 175873
},
{
"key": "scada",
"count": 90382
},
{
"key": "web.control-panel.hosting",
"count": 88768
},
{
"key": "medical-device",
"count": 88364
},
{
"key": "angularjs",
"count": 88022
},
{
"key": "requirejs",
"count": 87826
},
{
"key": "underscore.js",
"count": 87824
},
{
"key": "bootstrap",
"count": 87569
},
{
"key": "select2",
"count": 87514
},
{
"key": "atlassian-confluence",
"count": 86358
},
{
"key": "remote-access",
"count": 48859
},
{
"key": "iot",
"count": 47506
},
{
"key": "database",
"count": 35242
},
{
"key": "email",
"count": 20960
},
{
"key": "file-sharing",
"count": 18112
},
{
"key": "network.device",
"count": 11610
},
{
"key": "printer",
"count": 9652
},
{
"key": "gaming",
"count": 5920
},
{
"key": "web-application-firewall",
"count": 4093
},
{
"key": "network-administration",
"count": 3630
},
{
"key": "network.device.firewall",
"count": 2831
},
{
"key": "routing",
"count": 2605
},
{
"key": "network.device.soho",
"count": 2578
},
{
"key": "managed-file-transfer",
"count": 1892
},
{
"key": "camera",
"count": 1717
},
{
"key": "proxy",
"count": 1068
},
{
"key": "out-of-band-management",
"count": 813
},
{
"key": "default-landing-page",
"count": 559
},
{
"key": "security-tool",
"count": 540
},
{
"key": "netscaler",
"count": 347
},
{
"key": "media-streaming",
"count": 315
},
{
"key": "load-balancer",
"count": 197
},
{
"key": "open-dir",
"count": 158
},
{
"key": "usenet",
"count": 111
},
{
"key": "suspended",
"count": 99
},
{
"key": "kibana",
"count": 91
},
{
"key": "phppgadmin",
"count": 73
},
{
"key": "wordpress",
"count": 32
},
{
"key": "cisco-xe-webui",
"count": 24
},
{
"key": "google-analytics",
"count": 17
},
{
"key": "google-tag-manager",
"count": 13
},
{
"key": "laravel",
"count": 13
},
{
"key": "react",
"count": 12
},
{
"key": "sweetalert",
"count": 10
}
]
}