Hi All,
I'm trying to draw 2 black lines in a cross manner right in the middle of the graph. Any suggestions? I'll post a snap and the code below.
{
"$schema": "https://vega.github.io/schema/vega-lite/v5.json",
"description": "A scatterplot showing...",
"data": {
"values": [
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:55.755623",
"source_ip": "1.10.252.196",
"source_host": "hacker_17",
"destination_ip": "172.31.65.89",
"destination_host": "printer_17",
"flow_bytes/s": 5006827.492,
"flow_byte_mb": "5.01mb:",
"class": "neptune",
"severity": "high",
"flow_packets": 11379.15339,
"service": 0,
"flag": "rej",
"threat": 91,
"certainty": 48
},
{
"duration": 898,
"protocol_type": "tcp",
"timestamp": "2018-12-01 11:02:52.858157",
"source_ip": "1.10.252.196",
"source_host": "hacker_17",
"destination_ip": "172.31.65.89",
"destination_host": "printer_17",
"flow_bytes/s": 2674.703056,
"flow_byte_mb": "2.67kb",
"class": "apache_2",
"severity": "low",
"flow_packets": 27.63122992,
"service": "http",
"flag": "rstr",
"threat": 15,
"certainty": 14
},
{
"duration": 0,
"protocol_type": "udp",
"timestamp": "2018-12-01 10:51.852499.",
"source_ip": "1.165.16.250",
"source_host": "hacker_18",
"destination_ip": "172.31.67.67",
"destination_host": "smart_phone_120",
"flow_bytes/s": 82274.24749,
"flow_byte_mb": "82.27kb",
"class": "snmpgetattack",
"severity": "low",
"flow_packets": 2675.585284,
"service": "private",
"flag": "sf",
"threat": 32,
"certainty": 31
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 11:02.890213",
"source_ip": "1.165.16.250",
"source_host": "hacker_18",
"destination_ip": "172.31.67.67",
"destination_host": "smart_phone_120",
"flow_bytes/s": 284211.726,
"flow_byte_mb": "284.21kb",
"class": "normal",
"severity": "medium",
"flow_packets": 651.2642668,
"service": "http",
"flag": "sf",
"threat": 52,
"certainty": 51
},
{
"duration": 0,
"protocol_type": "udp",
"timestamp": "2018-12-01 10:52.941151",
"source_ip": "1.170.218.162",
"source_host": "hacker_18",
"destination_ip": "172.31.65.8",
"destination_host": "printer_14",
"flow_bytes/s": 1349382.811,
"flow_byte_mb": "1.35mb",
"class": "normal",
"severity": "critical",
"flow_packets": 3066.779115,
"service": "private",
"flag": "sf",
"threat": 85,
"certainty": 67
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:59.942030",
"source_ip": "1.170.218.162",
"source_host": "hacker_18",
"destination_ip": "172.31.65.8",
"destination_host": "printer_14",
"flow_bytes/s": 2627179.365,
"flow_byte_mb": "2.63mb",
"class": "normal",
"severity": "high",
"flow_packets": 5970.862193,
"service": "http",
"flag": "sf",
"threat": 0,
"certainty": 1
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:53.569712",
"source_ip": "1.55.176.28",
"source_host": "hacker_19",
"destination_ip": "172.31.69.11",
"destination_host": "smart_phone_144",
"flow_bytes/s": 981333333.3,
"flow_byte_mb": "981.33mb",
"class": "neptune",
"severity": "critical",
"flow_packets": 666666.6667,
"service": "ftp_data",
"flag": "sf",
"threat": 98,
"certainty": 97
},
{
"duration": 4,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:59.778963",
"source_ip": "1.55.176.28",
"source_host": "hacker_19",
"destination_ip": "172.31.69.11",
"destination_host": "smart_phone_144",
"flow_bytes/s": 2588681.931,
"flow_byte_mb": "2.59mb",
"class": "guess_passwd",
"severity": "medium",
"flow_packets": 5931.901768,
"service": "pop_3",
"flag": "sf",
"threat": 43,
"certainty": 42
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:53.986321",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.64.79",
"destination_host": "fax_1",
"flow_bytes/s": 1472000000,
"flow_byte_mb": "1472.00mb",
"class": "guess_passwd",
"severity": "critical",
"flow_packets": 1000000,
"service": "telnet",
"flag": "sf",
"threat": 98,
"certainty": 99
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:53.112587",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.65.90",
"destination_host": "fax_1",
"flow_bytes/s": 2946198.4,
"flow_byte_mb": "2.95mb",
"class": "warezmaster",
"severity": "medium",
"flow_packets": 6695.905454,
"service": "ftp_data",
"flag": "sf",
"threat": 40,
"certainty": 39
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:55.740325",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.68.20",
"destination_host": "phone_4",
"flow_bytes/s": 3677699.766,
"flow_byte_mb": "3.68mb",
"class": "neptune",
"severity": "low",
"flow_packets": 8358.408559,
"service": "uucp",
"flag": "s0",
"threat": 8,
"certainty": 7
},
{
"duration": 10,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:55.378945",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.65.69",
"destination_host": "phone_4",
"flow_bytes/s": 410040.3983,
"flow_byte_mb": "410.04kb",
"class": "guess_passwd",
"severity": "critical",
"flow_packets": 931.9099961,
"service": "pop_3",
"flag": "sf",
"threat": 75,
"certainty": 74
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:57.123456",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.64.69",
"destination_host": "printer_8",
"flow_bytes/s": 484420.4509,
"flow_byte_mb": "484.42kb",
"class": "normal",
"severity": "critical",
"flow_packets": 1105.112734,
"service": "http",
"flag": "sf",
"threat": 61,
"certainty": 83
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:57.189042",
"source_ip": "101.96.116.77",
"source_host": "hacker_1",
"destination_ip": "172.31.66.28",
"destination_host": "printer_8",
"flow_bytes/s": 21111324.376,
"flow_byte_mb": "2.11mb",
"class": "smurf",
"severity": "critical",
"flow_packets": 4798.464491,
"service": "http",
"flag": "sf",
"threat": 65,
"certainty": 38
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:56.984301",
"source_ip": "101.99.59.70",
"source_host": "hacker_20",
"destination_ip": "172.31.64.19",
"destination_host": "email_server",
"flow_bytes/s": 243458.8314,
"flow_byte_mb": "243.46kb",
"class": "neptune",
"severity": "medium",
"flow_packets": 555.4048231,
"service": "http",
"flag": "sf",
"threat": 33,
"certainty": 12
},
{
"duration": 0,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:52.874563",
"source_ip": "103.46.12.151",
"source_host": "hacker_2",
"destination_ip": "172.31.64.119",
"destination_host": "asus_access_point_1",
"flow_bytes/s": 1112572.064,
"flow_byte_mb": "1.11mb",
"class": "satan",
"severity": "high",
"flow_packets": 2528.572873,
"service": "rej",
"flag": "rej",
"threat": 99,
"certainty": 32
},
{
"duration": 0,
"protocol_type": "icmp",
"timestamp": "2018-12-01 10:53.102584",
"source_ip": "103.70.130.74",
"source_host": "hacker_3",
"destination_ip": "172.31.65.9",
"destination_host": "cisco_router_3",
"flow_bytes/s": 0,
"flow_byte_mb": "0",
"class": "ipsweep",
"severity": "critical",
"flow_packets": 19607.84314,
"service": "eco_i",
"flag": "sf",
"threat": 88,
"certainty": 122
},
{
"duration": 1,
"protocol_type": "tcp",
"timestamp": "2018-12-1 10:57.649701",
"source_ip": "103.94.120.3",
"source_host": "hacker_22",
"destination_ip": "172.31.64.61",
"destination_host": "desktop_30",
"flow_bytes/s": 43820.2953,
"flow_byte_mb": "483.82kb",
"class": "mailbomb",
"severity": "high",
"flow_packets": 628.3380459,
"service": "smtp",
"flag": "sf",
"threat": 70,
"certainty": 82
},
{
"duration": 805,
"protocol_type": "tcp",
"timestamp": "2018-12-01 11:02.978546",
"source_ip": "104.16.24.92",
"source_host": "hacker_4",
"destination_ip": "192.168.10.25",
"destination_host": "palo_alto_firewall",
"flow_bytes/s": 2414536.323,
"flow_byte_mb": "2.41mb",
"class": "apache2",
"severity": "low",
"flow_packets": 5510.410491,
"service": "http",
"flag": "rstr",
"threat": 22,
"certainty": 62
},
{
"duration": 7695,
"protocol_type": "tcp",
"timestamp": "2018-12-01 10:57.369636",
"source_ip": "104.20.117.11",
"source_host": "hacker_29",
"destination_ip": "172.31.68.23",
"destination_host": "smart_phone_137",
"flow_bytes/s": 3318796.405,
"flow_byte_mb": "3.32mb",
"class": "processtable",
"severity": "high",
"flow_packets": 7581.086362,
"service": "high",
"flag": "sf",
"threat": 58,
"certainty": 24
}
]
},
"width": 1000,
"height": 600,
"layer": [
{
"mark": {
"type": "circle",
"opacity": 1,
"tooltip": {
"content": "data"
},
"size": 100
},
"encoding": {
"x": {
"field": "certainty",
"type": "quantitative",
"scale": {"domain": [0, 100]},
"axis": {"tickCount": 10, "title": "certainty"}
},
"y": {
"field": "threat",
"type": "quantitative",
"scale": {"domain": [0, 100]},
"axis": {"tickCount": 10, "title": "threat"}
},
"color": {
"field": "severity",
"title": "severity"
}
}
},
{
"mark": "rule",
"encoding": {
"x": {
"field": "certainty",
"type": "quantitative",
"aggregate": "mean"
},
"y": {
"field": "threat",
"type": "quantitative",
"aggregate": "mean"
}
}
}
]
}