From 99276ee579e587bdd47bb7c31c88e5a296e24e41 Mon Sep 17 00:00:00 2001
From: SG <13872653+mmguero@users.noreply.github.com>
Date: Wed, 8 Apr 2020 11:22:44 -0600
Subject: [PATCH] v2.0.0 development (#106)

Tons of stuff.

* bump moloch to 2.2.0

* reduce log noise

* bump version for development to 1.8.2

* set elastalert index settings for a single node

* fix issue #97, when using tcpdump the capture files are named .pcap.pcap

* check moloch viewer status page periodically for docker container health check

* fix docker-compose log verbosity

* made kibana_index_refresh.py more robust as suggested by @fabrie in issue #100

use a _find API to get the index ID for a given index name instead of just the saved_objects/index-pattern API

Example in test environment:

Before adding new fields (dry run):
```
/home/user/devel/github/malcolm/kibana/scripts/kibana_index_refresh.py
Arguments: ['-v', '-n', '-k', 'http://192.168.0.11:5601/kibana']
Arguments: Namespace(debug=True, dryrun=True, index='sessions2-*', url='http://192.168.0.11:5601/kibana')
Kibana version is 7.5.1
Index ID for sessions2-* is sessions2-*
sessions2-* would have 465 fields
success (dry run only, no write performed)
```

After adding new fields (dry run):
```
/home/user/devel/github/malcolm/kibana/scripts/kibana_index_refresh.py
Arguments: ['-v', '-n', '-k', 'http://192.168.0.11:5601/kibana']
Arguments: Namespace(debug=True, dryrun=True, index='sessions2-*', url='http://192.168.0.11:5601/kibana')
Kibana version is 7.5.1
Index ID for sessions2-* is sessions2-*
sessions2-* would have 481 fields
success (dry run only, no write performed)
```

After adding new fields (update index mapping):
```
/home/user/devel/github/malcolm/kibana/scripts/kibana_index_refresh.py
Arguments: ['-v', '-k', 'http://192.168.0.11:5601/kibana']
Arguments: Namespace(debug=True, dryrun=False, index='sessions2-*', url='http://192.168.0.11:5601/kibana')
Kibana version is 7.5.1
Index ID for sessions2-* is sessions2-*
sessions2-* would have 481 fields
success
```

* added plugin for detecting cve-2020-0601

* work on issue #102, log access to Malcolm web interface(s) to Elasticsearch for analysis in Kibana

* nginx/php adjustments for issue #101, uploading very large pcap files may fail

* fix a few of the control bash scripts to use GNU coreutils where applicable (issue #103)

A few uses of "grep" and "find" use flags unique to the GNU versions of those tools. As GNU coreutils was already required for a few other utilities I've done the same thing to detect and use ggrep and gfind when needed.

As suggested, it might be a good idea to rewrite these to use Python instead to be more portable (although I'll have to take care to make them work with both python 2/3 for various platforms).

* bump malcolm version to 1.9.0, moloch version to 2.2.1

* work on implementing control scripts (start,stop,restart,wipe,logs) in python rather than bash for portability (see issue #103). have not as of yet removed the bash versions, as I am still testing these new implementations. for now the auth_setup.sh and malcolm_appliance_packager.sh are still in Bash as well

* have ISO use new scripts

* bump elastic to 7.5.2

* update iso build scripts to use new python scripts for install

* compatibility fixes for scripts under linux

* don't source missing files

* more reworking of scripts from bash -> python (not complete yet, may be in a broken state)

* more work on auth_setup

* remove reference to files we're not longer using

* Revert "bump elastic to 7.5.2"

This reverts commit 440c85980b4e58064e164294ee395cf503e93487.

* fix default for external password question

* handle missing python package in windows

* documentation updates

* tweak some codenames

* use specified path (rather than absolute path) for compose file

* make python3 the default

* Revert "make python3 the default"

This reverts commit 52e53f4196cf9221333af69d63ce71bdf12b220d.

* fixes for new control scripts

* fix logs script hanging

* pin filters by default in kibana

* put a hack/fix in for vagrant not liking dhcp nat in 6.1

* create a zeek.service_version field to track protocol version in a single place; also, move password up to the zeek root level

* added security overview dashboard wip

* added freq.Dockerfile to detecting string entropy

* if designated by the FREQ_LOOKUP (true) environment variable, look up DNS query hostnames using freq_server.py

* update docker ignore ifle

* ask about string freq lookup in install.py

* added security overview dashboard wip

* added security overview dashboard wip

* use a ruby block rather than an http filter in order to better handle arrays

* fix volume mapping for local.zeek in docker-compose.yml for testing

* fix volume mapping for local.zeek in docker-compose.yml for testing

* clean up symlinks as well

* initial code for generating and parsing smb_cmd.log

* initial code for generating and parsing smb_cmd.log

* more work on smb command mapping

* more work on smb

* more work on smb

* bump version to 2.0.0

* some field normalization for 2.0.0

- restored kibana swimlane visualization as it has been fixed for 7.5.x
- remove some unused fields from records (agent.ephemeral_id, input.type, path portion of log.file.path)
- remove "_jsonparsefailure" tag on cleanup
- change some places where we were doing calculations to get count values when we already know the count is "1"
- normalization of "action" or "command" values to "zeek.action" field
- normalization of mime type, file names, fuids, and service version

* fixes to SMB action mapping

* remove useless prefix before smb action

* exclude some domains from freq. analysis

* utility script to repackage zeek logs for upload:

* fix issue #111, moloch/etc mount in docker-compose.yml causes custom Zeek fields not to be loaded

* fix Malcolm issue #110, submitting hunt job crashes viewer unless Zeek logs are filtered out (temporary patch of fix for Moloch issue 1374, https://github.com/aol/moloch/issues/1374)

* Added smb_cmd fields to WISE

* fix dashboard referring to zeek_smb.action -> zeek.action

* remove tunnel:: prefix from tunnel type

* added 'action' panel to overview

* added security overview dashboard (wip) to directory

* more work on issue #108, create security overview dashboard in kibana

* working on issue #109, create ICS security overview dashboard

* added ipv4/ipv6

* working on issue #109, create ICS security overview dashboard

* working on issue #109, create ICS security overview dashboard

* added network layer to connections

* fix max font size

* bring sensor local.zeek up to match malcolm's

* fixed spacing of navigation menu

* fix issue #112, region maps not working because of incorrect redirect

* fix issue #112, region maps not working because of incorrect redirect

* fix issue #112, region maps not working because of incorrect redirect

* fix issue #112, region maps not working because of incorrect redirect

* comments

* ignore logs that have been renamed and are in transit being archived

* updates to dashboards

* fix kibana_index_refresh.py for python2

* fix non-ics/iot protocols dashboard

* bump version to 7.6.0 for elastic

* working with es 7.6, but elastalert had to be temporarily disabled. will work on fixing this next

* don't include known_certs in outdated/insecure protocols

* Tons of work refining dashboards

* tweak connections view

* improved maps

* remove warnings

* improvements to how notices can be used througout the other dashboards

* improvements to how notices can be used througout the other dashboards

* do frequency analysis on zeek_ssl.server_name

* merge src/dst mac/oui fields into network.mac and network.oui arrays, respectively to provide aggregated fields that can be used for asset inventory (issue 113)

* experimenting with creating a merged network.mac_oui field that looks like this:

...
    "network": {
      "type": "ipv4",
      "mac_oui": {
        "00:10:db:ff:10:01": "Juniper Networks",
        "8c:85:90:65:85:8f": "Apple, Inc."
      }
    },
...

however, I may revert this for now because although this works kibana does't really play nicely with the data in visualizations

* Revert "experimenting with creating a merged network.mac_oui field that looks like this:"

This reverts commit 8bdcefaed5d2be765f994abc0959fd713d0ea451.

* Revert "merge src/dst mac/oui fields into network.mac and network.oui arrays, respectively to provide aggregated fields that can be used for asset inventory (issue 113)"

This reverts commit ae60cf27c82fbb6e3fa814601facbac3e06181b8.

* make installer work better for vms

* build virtualbox guest debs in a clean environment

* fixed vagrantfile for malcolm build

* only keep vmware/virtualbox guest packages in the right environments

* increase build memory requirements

* fix typo

* updating sensor-iso to match malcolm-iso

* fix relative path

* removed docker-gen in nginx container, we're not using it any more

* update software saved search

* Fixed installation of elastalert kibana plugin, but still broken due to this issue: https://github.com/bitsensor/elastalert-kibana-plugin/issues/141

* fix issue #104, Upload without trailing slash redirects to incorrect hostname and scheme

this fix includes a few things:

- modifying the index.html page to prepend "upload/" before relative HREF/SRC references
- removing some useless code in the file-upload default nginx config
- added the trailing slash to the proxy-pass directive for the upload section of the main nginx proxy
- handle "/server/php" as a separate proxy redirect as that's the XHR where the uploads seem to go
- remove the unused Moloch upload page

* update copyright

* update style of upload screen to match the rest of the app

* working on network diff code (wip)

* work in progress on network time diff, viewer.js not actually used yet

* bump moloch to 2.2.2

* work in progress for network diff

* network diff work in progress

* comments/work in progress

* some test files

* update zeek to 3.0.2

* fix reference to zeek::af_packet

* install zeek::af_packet with zkg

* Revert "install zeek::af_packet with zkg"

This reverts commit a20fa9b370711f4117e0f470fba643716cdfda55.

* added docker files for running moloch regression tests

* added vim to test harnest

* fix af_packet zeek build

* added promotional poster:

* switch test harness branch

* temporarily pull from https://github.com/mmguero-dev/moloch fork for issue #2 development rather than aol/moloch releases

* update elastic to 7.6.1 for security and bug fixes

* update moloch to 2.2.3

* update moloch to 2.2.3

* update zeek to 3.0.3

* update psutil to fix security alert https://github.com/advisories/GHSA-qfc5-mcwq-26q8

* zeek updated website, fix broken link

* restore stuff for generating web documentation

* fix URL for relocated MITRE ATTACK BZAR plugin

* fix broken links for build of Zeek, MITRE ATT&CK BZAR plugin

* fixed duplicate plugin URL in script

* update moloch version in docs to 2.2.3

* remove files no longer needed for testing

* remove files no longer needed for testing and update moloch version in documentation

* should fix issue #114. I discovered that even though moloch-capture isn't writing the PCAP files, the pcapDir and maxFileSizeG values still matter for viewer to be able to delete managed pcap files.

* should fix issue #114. I discovered that even though moloch-capture isn't writing the PCAP files, the pcapDir and maxFileSizeG values still matter for viewer to be able to delete managed pcap files.

* proof of concept for a segment mapping form

* work in progress on the segment mapping ui

* more work on the segment mapping ui

* more work on the segment mapping ui

* more work on the segment mapping ui

* more work on the segment mapping ui

* more work on the segment mapping ui

* more work on the segment mapping ui

* apply tooltip for table columns

* scroll back and forth to selected item

* beautify with icons

* basic validation client-side

* more work on the segment mapping ui (integration with malcolm scripts on logstash startup)

* more work on the segment mapping ui (creation of docker image, integration with malcolm's nginx reverse proxy)

* Added new icon to malcolm iso for subnet mapping editor

* documentation updates

* start logstash under supervisord in order to add a process that will watch for changes to the name matching

* more work on name-map-ui, allow uploading of the JSON file so it can be pushed to the docker image volume automatically

* map location of host/subnet mapping to correct location under name-map-ui container

* integrate upload with name-map-ui

* add the ability to signal logstash from the net-map-ui container

* clear out previous maps between restarts

* add ability to save net-map.json from web ui

* basic control for restarting logstash via ui controls

* put save/restart confirmations in UI

* added import button to name map ui

* send save-state post value to restart-logstash.php

* update documentation

* update documentation

* remove unused variable

* documentation updates

* use fonts-symbola instead of fonts-noto-color-emoji

* re-enable swimlane visualization

* update elasticsearch to 7.6.2; also, fix issue #119

* use default theme in elastalert kibana editor

* update kibana plugin version

* add user to vboxsf group for using shared folders

* the 'run a separate instance of Zeek locally' use case isn't really a big enough use case to have a whole separate docker-compose file for it; especially with the ISO and live capture methods.

* ensure all services have a health check

* reduce verbosity of health checks in logs
---
 .dockerignore                                 |   2 +
 Dockerfiles/curator.Dockerfile                |   2 +-
 Dockerfiles/elastalert.Dockerfile             |   2 +-
 Dockerfiles/file-monitor.Dockerfile           |   2 +-
 Dockerfiles/file-upload.Dockerfile            |  11 +-
 Dockerfiles/filebeat.Dockerfile               |  21 +-
 Dockerfiles/freq.Dockerfile                   |  59 ++
 Dockerfiles/htadmin.Dockerfile                |   2 +-
 Dockerfiles/kibana.Dockerfile                 |  79 +-
 Dockerfiles/logstash.Dockerfile               |  45 +-
 Dockerfiles/moloch.Dockerfile                 |  16 +-
 Dockerfiles/name-map-ui.Dockerfile            |  67 ++
 Dockerfiles/nginx.Dockerfile                  |  19 +-
 Dockerfiles/pcap-capture.Dockerfile           |   2 +-
 Dockerfiles/pcap-monitor.Dockerfile           |   2 +-
 Dockerfiles/zeek.Dockerfile                   |   4 +-
 License.txt                                   |   4 +-
 Notice.txt                                    |   2 +-
 README.md                                     | 189 ++--
 cidr-map.txt                                  |   2 +
 .../register-elasticsearch-snapshot-repo.sh   |   2 +-
 docker-compose-standalone-zeek-live.yml       | 380 -------
 docker-compose-standalone.yml                 | 197 +++-
 docker-compose.yml                            | 205 +++-
 .../ebdca7741674eca4e1fadeca157f3ae6.svg      | 158 ---
 docs/images/malcolm_poster.odg                | Bin 0 -> 390454 bytes
 .../screenshots/malcolm_name_map_ui.png       | Bin 0 -> 106240 bytes
 elastalert/config/config.json                 |   2 +-
 elastalert/config/elastalert.yaml             |   2 +-
 elastalert/elastalert-start.sh                |   2 +-
 file-monitor/supervisord.conf                 |   2 +-
 file-upload/docker-entrypoint.sh              |   2 +-
 .../jquery-file-upload/bootstrap.min.css      |  12 +
 file-upload/jquery-file-upload/index.html     |  73 +-
 file-upload/jquery-file-upload/index.php      |   2 +-
 file-upload/nginx/sites-available/default     |  18 +-
 file-upload/php/php.ini                       |   8 +-
 file-upload/supervisord.conf                  |   2 +-
 filebeat/filebeat-nginx.yml                   |  40 +
 filebeat/filebeat.yml                         |   2 +-
 ...ilebeat-clean-zeeklogs-processed-folder.py |   2 +-
 .../filebeat-process-zeek-folder-functions.sh |   2 +-
 .../scripts/filebeat-process-zeek-folder.sh   |   4 +-
 .../filebeat-watch-zeeklogs-uploads-folder.sh |   2 +-
 filebeat/scripts/zeek-log-field-bitmap.py     |   2 +-
 filebeat/supervisord.conf                     |  20 +-
 freq-server/supervisord.conf                  |  29 +
 host-map.txt                                  |   2 +
 htadmin/docker-entrypoint.sh                  |  33 -
 htadmin/supervisord.conf                      |   2 +-
 .../024062a6-48d6-498f-a91a-3bf2da3a3cd3.json | 208 ++--
 .../05e3e000-f118-11e9-acda-83a8e29e1a24.json |   6 +-
 .../078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b.json | 147 +--
 .../0a490422-0ce9-44bf-9a2d-19329ddde8c3.json | 125 +--
 .../0ad3d7c2-3441-485e-9dfe-dbb22e84e576.json | 260 +++--
 .../0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0.json | 118 ++-
 .../0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa.json | 199 ++--
 .../11be6381-beef-40a7-bdce-88c5398392fc.json | 155 +--
 .../11ddd980-e388-11e9-b568-cf17de8e860c.json |  52 +-
 .../152f29dc-51a2-4f53-93e9-6e92765567b8.json |   6 +-
 .../1ce42250-3f99-11e9-a58e-8bdedb0915e8.json | 124 ++-
 .../1fff49f6-0199-4a0f-820b-721aff9ff1f1.json | 146 +--
 .../29a1b290-eb98-11e9-a384-0fcf32210194.json | 100 +-
 .../2bec1490-eb94-11e9-a384-0fcf32210194.json |   6 +-
 .../2cf94cd0-ecab-40a5-95a7-8419f3a39cd9.json | 205 ++--
 .../2d98bb8e-214c-4374-837b-20e1bcd63a5e.json | 135 +--
 .../32587740-ef88-11e9-b38a-2db3ee640e88.json |   6 +-
 .../36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json |   8 +-
 .../37041ee1-79c0-4684-a436-3173b0e89876.json | 209 ++--
 .../39abfe30-3f99-11e9-a58e-8bdedb0915e8.json | 124 ++-
 .../42e831b9-41a9-4f35-8b7d-e1566d368773.json | 271 +++--
 .../432af556-c5c0-4cc3-8166-b274b4e3a406.json | 163 +--
 .../4a4bde20-4760-11ea-949c-bbb5a9feecbf.json | 465 +++++++++
 .../4e5f106e-c60a-4226-8f64-d534abb912ab.json | 146 +--
 .../50ced171-1b10-4c3f-8b67-2db9635661a6.json | 166 ++--
 .../543118a9-02d7-43fe-b669-b8652177fc37.json | 197 ++--
 .../55e332d0-3f99-11e9-a58e-8bdedb0915e8.json |  40 +-
 .../60d78fbd-471c-4f59-a9e3-189b33a13644.json | 118 ++-
 .../665d1610-523d-11e9-a30e-e3576242f3ed.json |  36 +-
 .../76f2f912-80da-44cd-ab66-6a73c8344cc3.json | 137 +--
 .../77fc9960-3f99-11e9-a58e-8bdedb0915e8.json | 120 ++-
 .../7f41913f-cba8-43f5-82a8-241b7ead03e0.json | 221 ++--
 .../7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb.json | 339 +++++--
 .../82da3101-2a9c-4ae2-bb61-d447a3fbe673.json | 232 ++---
 .../870a5862-6c26-4a08-99fd-0c06cda85ba3.json | 135 +--
 .../87a32f90-ef58-11e9-974e-9d600036d105.json |   6 +-
 .../87d990cc-9e0b-41e5-b8fe-b10ae1da0c85.json | 111 ++-
 .../92985909-dc29-4533-9e80-d3182a0ecf1d.json | 202 ++--
 .../95479950-41f2-11ea-88fa-7151df485405.json | 522 ++++++++++
 .../9ee51f94-3316-4fc5-bd89-93a52af69714.json | 146 +--
 .../a16110b0-3f99-11e9-a58e-8bdedb0915e8.json | 124 ++-
 .../a7514350-eba6-11e9-a384-0fcf32210194.json |  60 +-
 .../abdd7550-2c7c-40dc-947e-f6d186a158c4.json | 294 +++---
 .../ae79b7d1-4281-4095-b2f6-fa7eafda9970.json | 146 +--
 .../af5df620-eeb6-11e9-bdef-65a192b7f586.json |   6 +-
 .../b50c8d17-6ed3-4de6-aed4-5181032810b2.json | 118 ++-
 .../b9f247c0-3f99-11e9-a58e-8bdedb0915e8.json | 124 ++-
 .../bb827f8e-639e-468c-93c8-9f5bc132eb8f.json | 203 ++--
 .../bed185a0-ef82-11e9-b38a-2db3ee640e88.json |   6 +-
 .../caef3ade-d289-4d05-a511-149f3e97f238.json | 284 ++++--
 .../d15a9d40-5c3e-492f-8e17-67a5d6862a3a.json | 845 ----------------
 .../d41fe630-3f98-11e9-a58e-8bdedb0915e8.json | 124 ++-
 .../d4fd6afd-15cb-42bf-8a25-03dd8e59b327.json | 118 ++-
 .../e09a4b86-29b5-4256-bb3b-802ac9f90404.json | 118 ++-
 .../e76d05c0-eb9f-11e9-a384-0fcf32210194.json |   6 +-
 .../ed8a6640-3f98-11e9-a58e-8bdedb0915e8.json |  40 +-
 .../f1f09567-fc7f-450b-a341-19d2f2bb468b.json | 112 +--
 .../f394057d-1b16-4174-b994-7045f423a416.json | 118 ++-
 .../f77bf097-18a8-465c-b634-eb2acc7a4f26.json | 216 ++--
 .../fa141950-ef89-11e9-b38a-2db3ee640e88.json |   6 +-
 .../server/routes/elastalert.js               |  27 +
 kibana/kibana-offline-maps.yml                |   5 +-
 .../kibana-create-moloch-sessions-index.sh    |   5 +-
 kibana/scripts/kibana.sh                      |   2 +-
 kibana/scripts/kibana_index_refresh.py        |  74 +-
 kibana/supervisord.conf                       |   4 +-
 logstash/certs/Makefile                       |  24 -
 logstash/pipelines/enrichment/11_lookups.conf |  87 +-
 .../pipelines/enrichment/12_type_conv.conf    |   2 +
 .../enrichment/18_tags_finalize.conf          |   1 +
 logstash/pipelines/zeek/11_zeek_logs.conf     | 940 ++++++++----------
 .../pipelines/zeek/12_zeek_normalize.conf     | 282 ++++++
 logstash/pipelines/zeek/13_zeek_convert.conf  |  35 +
 logstash/scripts/ip-to-segment-logstash.py    |  86 +-
 logstash/scripts/logstash-start.sh            |  20 +-
 logstash/scripts/set_es_external_keystore.sh  |   2 +-
 logstash/supervisord.conf                     |  30 +
 malcolm-iso/build.sh                          |  36 +-
 .../normal/0169-pip-installs.hook.chroot      |   1 +
 .../hooks/normal/0910-agg-build.hook.chroot   |   2 +-
 .../normal/0911-get-stig-scripts.hook.chroot  |   2 +-
 .../0990-remove-unwanted-pkg.hook.chroot      |   3 +-
 .../hooks/normal/0998-localepurge.hook.chroot |   2 +-
 .../config/includes.binary/boot/grub/grub.cfg |   5 +
 .../includes.binary/install/preseed.cfg       |   2 +-
 .../includes.binary/install/preseed_base.cfg  |   6 +-
 .../install/preseed_vmware.cfg                |  91 ++
 .../includes.chroot/etc/live/config.conf      |   2 +-
 .../skel/.config/lxpanel/LXDE/panels/malcolm  |   3 +
 .../share/applications/malcolm-logs.desktop   |   2 +-
 .../applications/malcolm-mapping.desktop      |  11 +
 .../applications/malcolm-restart.desktop      |   2 +-
 .../share/applications/malcolm-start.desktop  |   2 +-
 .../share/applications/malcolm-stop.desktop   |   2 +-
 .../Auditbeat-auditd-overview-custom.json     |   2 +-
 .../Filebeat-syslog-custom.json               |   2 +-
 .../package-lists/desktopmanager.list.chroot  |   5 +-
 .../config/package-lists/system.list.chroot   |   1 +
 malcolm-iso/vagrant/Vagrantfile               |  21 +-
 moloch/etc/config.ini                         |   4 +-
 .../Dockerfiles/moloch.Dockerfile             |  72 ++
 .../docker-compose.yml                        |  47 +
 moloch/patch/remove_upload.patch              |  24 +
 moloch/scripts/initmoloch.sh                  |   2 +-
 moloch/scripts/moloch-needs-upgrade.sh        |   2 +-
 moloch/scripts/moloch_update_geo.sh           |   2 +-
 moloch/scripts/viewer_service.sh              |   2 +-
 moloch/scripts/wipemoloch.sh                  |   2 +-
 moloch/scripts/wise_service.sh                |   2 +-
 moloch/supervisord.conf                       |   2 +-
 moloch/wise/source.zeeklogs.js                |  69 +-
 name-map-ui/config/fpm-pool.conf              |  56 ++
 name-map-ui/config/nginx.conf                 |  92 ++
 name-map-ui/config/php.ini                    |   7 +
 .../config/supervisor_logstash_ctl.conf       |  10 +
 name-map-ui/config/supervisord.conf           |  48 +
 name-map-ui/scripts/name-map-save-watch.sh    |  22 +
 name-map-ui/site/index.html                   | 523 ++++++++++
 name-map-ui/site/mapping.css                  | 229 +++++
 name-map-ui/site/restart-logstash.php         |   6 +
 name-map-ui/site/upload.html                  |   8 +
 name-map-ui/site/upload.php                   |  57 ++
 net-map.json                                  |   1 +
 nginx/certs/.gitignore                        |   3 +
 nginx/certs/gen_self_signed_certs.sh          |   8 -
 nginx/nginx.conf                              |  78 +-
 nginx/supervisord.conf                        |  24 +-
 pcap-capture/scripts/netsniff-roll.sh         |   2 +-
 pcap-capture/scripts/supervisor.sh            |   2 +-
 pcap-capture/supervisord.conf                 |   2 +-
 pcap-capture/templates/tcpdump.template       |   2 +-
 .../scripts/watch-pcap-uploads-folder.sh      |   2 +-
 pcap-monitor/supervisord.conf                 |   2 +-
 scripts/auth_setup                            |   1 +
 scripts/auth_setup.sh                         | 207 ----
 scripts/build.sh                              |  24 +-
 scripts/control.py                            | 589 +++++++++++
 scripts/install.py                            | 522 ++++------
 scripts/logs                                  |   1 +
 scripts/logs.sh                               |  46 -
 scripts/malcolm_appliance_packager.sh         |  43 +-
 scripts/malcolm_common.py                     | 315 ++++++
 scripts/package_zeek_logs.sh                  | 121 +++
 scripts/restart                               |   1 +
 scripts/restart.sh                            |  42 -
 scripts/start                                 |   1 +
 scripts/start.sh                              |  96 --
 scripts/stop                                  |   1 +
 scripts/stop.sh                               |  56 --
 scripts/wipe                                  |   1 +
 scripts/wipe.sh                               |  50 -
 sensor-iso/README.md                          |   6 +-
 sensor-iso/beats/Dockerfile                   |   2 +-
 sensor-iso/beats/beat-build.sh                |   2 +-
 sensor-iso/build.sh                           |  12 +
 .../normal/0169-pip-installs.hook.chroot      |   3 +-
 .../normal/0900-setup-rc-local.hook.chroot    |   2 +-
 .../normal/0910-sensor-build.hook.chroot      |   9 +-
 .../normal/0911-get-stig-scripts.hook.chroot  |   2 +-
 .../0990-remove-unwanted-pkg.hook.chroot      |   5 +-
 .../0991-security-performance.hook.chroot     |   2 +-
 .../hooks/normal/0992-login.hook.chroot       |   2 +-
 .../hooks/normal/0998-localepurge.hook.chroot |   2 +-
 .../config/includes.binary/boot/grub/grub.cfg |   7 +-
 .../includes.binary/install/preseed.cfg       |   2 +-
 .../includes.binary/install/preseed_base.cfg  |   6 +-
 .../install/preseed_vmware.cfg                |  90 ++
 .../includes.chroot/etc/live/config.conf      |   2 +-
 .../includes.chroot/opt/zeek/bin/zeek.sh      |   2 +-
 .../opt/zeek/bin/zeekdeploy.sh                |   2 +-
 .../opt/zeek/share/zeek/site/extractor.zeek   |   2 +-
 .../share/zeek/site/extractor_params.zeek     |   2 +-
 .../Auditbeat-auditd-overview-custom.json     |   2 +-
 .../Filebeat-syslog-custom.json               |   2 +-
 .../package-lists/desktopmanager.list.chroot  |   5 +-
 .../config/package-lists/system.list.chroot   |   1 +
 sensor-iso/docs/Notes.md                      |  38 +-
 .../auditbeat/sensor_auditbeat_local.sh       |   2 +-
 sensor-iso/interface/sensor_ctl/clean.sh      |   2 +-
 sensor-iso/interface/sensor_ctl/control.sh    |   2 +-
 .../extractor_override.interesting.zeek       |   2 +-
 .../sensor_filebeat-syslog_local.sh           |   2 +-
 .../sensor_ctl/filebeat/filebeat.yml          |   2 +-
 .../filebeat/sensor_filebeat_local.sh         |   2 +-
 .../heatbeat/protologbeat.template.json       |   2 +-
 .../heatbeat/sensor_heatbeat_local.sh         |   2 +-
 .../metricbeat/sensor_metricbeat_local.sh     |   2 +-
 .../sensor_ctl/scripts/log_disk_space.sh      |   2 +-
 .../sensor_ctl/scripts/log_temperature.sh     |   2 +-
 .../supervisor.init/moloch_config_populate.sh |   2 +-
 sensor-iso/interface/sensor_ctl/supervisor.sh |   2 +-
 .../interface/sensor_interface/routes.py      |   2 +-
 .../sensor_interface/static/js/custom.js      |   2 +-
 .../sensor_interface/sysquery/sys_service.py  |   2 +-
 sensor-iso/moloch/Dockerfile                  |   4 +-
 sensor-iso/moloch/build-docker-image.sh       |   2 +-
 sensor-iso/moloch/build-moloch-deb.sh         |   2 +-
 sensor-iso/moloch/etc/.gitignore              |   4 +
 sensor-iso/vagrant/Vagrantfile                |  11 +-
 shared/bin/agg-init.sh                        |   2 +-
 shared/bin/beat-log-temperature.py            |   2 +-
 shared/bin/capture-format-wait.sh             |   2 +-
 shared/bin/common-init.sh                     |   2 +-
 shared/bin/configure-capture.py               |   2 +-
 shared/bin/configure-interfaces.py            |   2 +-
 shared/bin/cron_env_centos.sh                 |   2 +-
 shared/bin/cron_env_deb.sh                    |   2 +-
 shared/bin/docker-load-wait.sh                |   2 +-
 shared/bin/elastic_search_status.sh           |   2 +-
 shared/bin/fstab.py                           |   2 +-
 shared/bin/malass_client.py                   |   2 +-
 shared/bin/pcap_moloch_and_zeek_processor.py  |   2 +-
 shared/bin/pcap_utils.py                      |   2 +-
 shared/bin/pcap_watcher.py                    |   2 +-
 shared/bin/preseed_late_user_config.sh        |   2 +-
 shared/bin/prune_files.sh                     |   2 +-
 shared/bin/sensor-capture-disk-config.py      |   2 +-
 shared/bin/sensor-init.sh                     |   2 +-
 shared/bin/sensorcommon.py                    |   2 +-
 shared/bin/sensormetric.py                    |   2 +-
 shared/bin/ufw_allow_viewer.sh                |   2 +-
 shared/bin/zeek_carve_logger.py               |   2 +-
 shared/bin/zeek_carve_scanner.py              |   2 +-
 shared/bin/zeek_carve_utils.py                |   2 +-
 shared/bin/zeek_carve_watcher.py              |   2 +-
 shared/bin/zeek_install_plugins.sh            |   6 +-
 shared/vbox-guest-build/Dockerfile            |  18 +
 shared/vbox-guest-build/build-docker-image.sh |  11 +
 .../vbox-guest-build/build-vboxguest-deb.sh   |  49 +
 zeek/config/extractor.zeek                    |   2 +-
 .../extractor_override.interesting.zeek       |   2 +-
 zeek/config/extractor_params.zeek             |   2 +-
 zeek/config/local.zeek                        |   3 +
 zeek/supervisord.conf                         |   2 +-
 284 files changed, 10240 insertions(+), 6457 deletions(-)
 create mode 100644 Dockerfiles/freq.Dockerfile
 create mode 100644 Dockerfiles/name-map-ui.Dockerfile
 delete mode 100644 docker-compose-standalone-zeek-live.yml
 delete mode 100644 docs/images/kibana/ebdca7741674eca4e1fadeca157f3ae6.svg
 create mode 100644 docs/images/malcolm_poster.odg
 create mode 100644 docs/images/screenshots/malcolm_name_map_ui.png
 create mode 100644 file-upload/jquery-file-upload/bootstrap.min.css
 create mode 100644 filebeat/filebeat-nginx.yml
 create mode 100644 freq-server/supervisord.conf
 delete mode 100755 htadmin/docker-entrypoint.sh
 create mode 100644 kibana/dashboards/4a4bde20-4760-11ea-949c-bbb5a9feecbf.json
 create mode 100644 kibana/dashboards/95479950-41f2-11ea-88fa-7151df485405.json
 delete mode 100644 kibana/dashboards/d15a9d40-5c3e-492f-8e17-67a5d6862a3a.json
 create mode 100644 kibana/elastalert-kibana-plugin/server/routes/elastalert.js
 delete mode 100644 logstash/certs/Makefile
 create mode 100644 logstash/pipelines/zeek/12_zeek_normalize.conf
 create mode 100644 logstash/pipelines/zeek/13_zeek_convert.conf
 create mode 100644 logstash/supervisord.conf
 create mode 100644 malcolm-iso/config/includes.binary/install/preseed_vmware.cfg
 create mode 100644 malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-mapping.desktop
 create mode 100644 moloch/moloch_regression_test_harness/Dockerfiles/moloch.Dockerfile
 create mode 100644 moloch/moloch_regression_test_harness/docker-compose.yml
 create mode 100644 moloch/patch/remove_upload.patch
 create mode 100644 name-map-ui/config/fpm-pool.conf
 create mode 100644 name-map-ui/config/nginx.conf
 create mode 100644 name-map-ui/config/php.ini
 create mode 100644 name-map-ui/config/supervisor_logstash_ctl.conf
 create mode 100644 name-map-ui/config/supervisord.conf
 create mode 100755 name-map-ui/scripts/name-map-save-watch.sh
 create mode 100644 name-map-ui/site/index.html
 create mode 100644 name-map-ui/site/mapping.css
 create mode 100644 name-map-ui/site/restart-logstash.php
 create mode 100644 name-map-ui/site/upload.html
 create mode 100644 name-map-ui/site/upload.php
 create mode 100644 net-map.json
 create mode 100644 nginx/certs/.gitignore
 delete mode 100755 nginx/certs/gen_self_signed_certs.sh
 create mode 120000 scripts/auth_setup
 delete mode 100755 scripts/auth_setup.sh
 create mode 100755 scripts/control.py
 create mode 120000 scripts/logs
 delete mode 100755 scripts/logs.sh
 create mode 100644 scripts/malcolm_common.py
 create mode 100755 scripts/package_zeek_logs.sh
 create mode 120000 scripts/restart
 delete mode 100755 scripts/restart.sh
 create mode 120000 scripts/start
 delete mode 100755 scripts/start.sh
 create mode 120000 scripts/stop
 delete mode 100755 scripts/stop.sh
 create mode 120000 scripts/wipe
 delete mode 100755 scripts/wipe.sh
 create mode 100644 sensor-iso/config/includes.binary/install/preseed_vmware.cfg
 create mode 100644 sensor-iso/moloch/etc/.gitignore
 create mode 100644 shared/vbox-guest-build/Dockerfile
 create mode 100755 shared/vbox-guest-build/build-docker-image.sh
 create mode 100755 shared/vbox-guest-build/build-vboxguest-deb.sh

diff --git a/.dockerignore b/.dockerignore
index e18e0b551..2790c07f4 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -13,7 +13,9 @@
 docker-compose*yml
 Dockerfiles
 elasticsearch
+elasticsearch-backup
 malcolm-iso
+sensor-iso
 moloch-logs
 moloch-raw
 nginx/nginx_ldap.conf
diff --git a/Dockerfiles/curator.Dockerfile b/Dockerfiles/curator.Dockerfile
index 8cc6969a9..6a8bfa096 100644
--- a/Dockerfiles/curator.Dockerfile
+++ b/Dockerfiles/curator.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/elastalert.Dockerfile b/Dockerfiles/elastalert.Dockerfile
index 1cbe1d181..99754c5bd 100644
--- a/Dockerfiles/elastalert.Dockerfile
+++ b/Dockerfiles/elastalert.Dockerfile
@@ -1,6 +1,6 @@
 FROM mmguero/elastalert:2.0.2
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/file-monitor.Dockerfile b/Dockerfiles/file-monitor.Dockerfile
index 0901ea7ba..66ecf6473 100644
--- a/Dockerfiles/file-monitor.Dockerfile
+++ b/Dockerfiles/file-monitor.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/file-upload.Dockerfile b/Dockerfiles/file-upload.Dockerfile
index 2c17f8dbf..95b825d29 100644
--- a/Dockerfiles/file-upload.Dockerfile
+++ b/Dockerfiles/file-upload.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim AS build
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
@@ -52,14 +52,15 @@ RUN apt-get update && \
     apt-get clean -y -q && \
     rm -rf /var/lib/apt/lists/*
 
-ADD file-upload/supervisord.conf /supervisord.conf
-ADD file-upload/jquery-file-upload/index.html /var/www/upload/index.html
 ADD docs/images/logo/Malcolm_banner.png /var/www/upload/Malcolm_banner.png
+ADD file-upload/docker-entrypoint.sh /docker-entrypoint.sh
+ADD file-upload/jquery-file-upload/bootstrap.min.css /var/www/upload/bower_components/bootstrap/dist/css/bootstrap.min.css
+ADD file-upload/jquery-file-upload/index.html /var/www/upload/index.html
 ADD file-upload/jquery-file-upload/index.php /var/www/upload/server/php/index.php
-ADD file-upload/php/php.ini /etc/php/7.3/fpm/php.ini
 ADD file-upload/nginx/sites-available/default /etc/nginx/sites-available/default
+ADD file-upload/php/php.ini /etc/php/7.3/fpm/php.ini
 ADD file-upload/sshd_config /tmp/sshd_config
-ADD file-upload/docker-entrypoint.sh /docker-entrypoint.sh
+ADD file-upload/supervisord.conf /supervisord.conf
 
 RUN mkdir -p /var/run/sshd /var/www/upload/server/php/chroot /run/php && \
   mv /var/www/upload/server/php/files /var/www/upload/server/php/chroot && \
diff --git a/Dockerfiles/filebeat.Dockerfile b/Dockerfiles/filebeat.Dockerfile
index 7a36ee8f1..46634cd36 100644
--- a/Dockerfiles/filebeat.Dockerfile
+++ b/Dockerfiles/filebeat.Dockerfile
@@ -1,6 +1,6 @@
-FROM docker.elastic.co/beats/filebeat-oss:7.5.1
+FROM docker.elastic.co/beats/filebeat-oss:7.6.2
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
@@ -10,7 +10,6 @@ LABEL org.opencontainers.image.vendor='Idaho National Laboratory'
 LABEL org.opencontainers.image.title='malcolmnetsec/filebeat-oss'
 LABEL org.opencontainers.image.description='Malcolm container providing Filebeat (the Apache-licensed variant)'
 
-
 ARG FILEBEAT_LOG_CLEANUP_MINUTES=0
 ARG FILEBEAT_ZIP_CLEANUP_MINUTES=0
 ARG FILEBEAT_SCAN_FREQUENCY=10s
@@ -22,6 +21,8 @@ ARG FILEBEAT_CLOSE_REMOVED=true
 ARG FILEBEAT_CLOSE_EOF=true
 ARG FILEBEAT_CLEAN_REMOVED=true
 ARG FILEBEAT_LOG_PATH="/data/zeek/current"
+ARG FILEBEAT_NGINX_LOG_PATH="/data/nginx"
+ARG NGINX_LOG_ACCESS_AND_ERRORS=false
 ARG AUTO_TAG=true
 
 USER root
@@ -36,10 +37,16 @@ RUN yum install -y epel-release && \
 
 ADD shared/bin/cron_env_centos.sh /data/
 ADD filebeat/filebeat.yml /usr/share/filebeat/filebeat.yml
+ADD filebeat/filebeat-nginx.yml /usr/share/filebeat-nginx/filebeat-nginx.yml
 ADD filebeat/scripts /data/
+ADD shared/bin/elastic_search_status.sh /data/
 ADD filebeat/supervisord.conf /etc/supervisord.conf
-RUN chmod 755 /data/*.sh /data/*.py && \
-    mkdir -p /var/log/supervisor && \
+RUN mkdir -p /var/log/supervisor /usr/share/filebeat-nginx/data && \
+    chown -R root:filebeat /usr/share/filebeat-nginx && \
+    cp -a /usr/share/filebeat/module /usr/share/filebeat-nginx/module && \
+    chmod 750 /usr/share/filebeat-nginx && \
+    chmod 770 /usr/share/filebeat-nginx/data && \
+    chmod 755 /data/*.sh /data/*.py && \
     (echo -e "* * * * * su -c /data/filebeat-process-zeek-folder.sh filebeat >/dev/null 2>&1\n*/5 * * * * su -c /data/filebeat-clean-zeeklogs-processed-folder.py filebeat >/dev/null 2>&1" | crontab -)
 
 ENV FILEBEAT_LOG_CLEANUP_MINUTES $FILEBEAT_LOG_CLEANUP_MINUTES
@@ -53,13 +60,15 @@ ENV FILEBEAT_CLOSE_REMOVED $FILEBEAT_CLOSE_REMOVED
 ENV FILEBEAT_CLOSE_EOF $FILEBEAT_CLOSE_EOF
 ENV FILEBEAT_CLEAN_REMOVED $FILEBEAT_CLEAN_REMOVED
 ENV FILEBEAT_LOG_PATH $FILEBEAT_LOG_PATH
+ENV FILEBEAT_NGINX_LOG_PATH $FILEBEAT_NGINX_LOG_PATH
+ENV NGINX_LOG_ACCESS_AND_ERRORS $NGINX_LOG_ACCESS_AND_ERRORS
 ENV AUTO_TAG $AUTO_TAG
 
 ENV FILEBEAT_REGISTRY_FILE "/usr/share/filebeat/data/registry/filebeat/data.json"
 ENV FILEBEAT_ZEEK_DIR "/data/zeek/"
 ENV PATH="/data:${PATH}"
 
-VOLUME ["/usr/share/filebeat/data"]
+VOLUME ["/usr/share/filebeat/data", "/usr/share/filebeat-nginx/data"]
 
 CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf", "-u", "root", "-n"]
 
diff --git a/Dockerfiles/freq.Dockerfile b/Dockerfiles/freq.Dockerfile
new file mode 100644
index 000000000..5f87f8be7
--- /dev/null
+++ b/Dockerfiles/freq.Dockerfile
@@ -0,0 +1,59 @@
+FROM debian:buster-slim
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+LABEL maintainer="malcolm.netsec@gmail.com"
+LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
+LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
+LABEL org.opencontainers.image.documentation='https://github.com/idaholab/Malcolm/blob/master/README.md'
+LABEL org.opencontainers.image.source='https://github.com/idaholab/Malcolm'
+LABEL org.opencontainers.image.vendor='Idaho National Laboratory'
+LABEL org.opencontainers.image.title='malcolmnetsec/freq'
+LABEL org.opencontainers.image.description='Malcolm container providing an interface to Mark Baggett''s freq_server.py'
+
+ARG FREQ_USER=freq
+ARG FREQ_PORT=10004
+ARG FREQ_LOOKUP=true
+
+ENV FREQ_USER   $FREQ_USER
+ENV FREQ_PORT   $FREQ_PORT
+ENV FREQ_LOOKUP $FREQ_LOOKUP
+
+RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list && \
+    apt-get update && \
+    apt-get  -y -q install \
+      curl \
+      git \
+      procps \
+      psmisc \
+      python3 \
+      python3-dev \
+      python3-pip && \
+    pip3 install supervisor && \
+      mkdir -p /var/log/supervisor && \
+    git clone --depth=1 --single-branch -b master https://github.com/markbaggett/freq /opt/freq_server && \
+      rm -rf /opt/freq_server/systemd /opt/freq_server/upstart /opt/freq_server/*.md /opt/freq_server/*.exe && \
+      mv -v "$(ls /opt/freq_server/*.freq | tail -n 1)" /opt/freq_server/freq_table.freq && \
+    groupadd --gid 1000 $FREQ_USER && \
+      useradd -M --uid 1000 --gid 1000 --home /nonexistant $FREQ_USER && \
+      chown -R $FREQ_USER:$FREQ_USER /opt/freq_server && \
+    apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages --purge remove git python3-dev && \
+      apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages autoremove && \
+      apt-get clean && \
+      rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+ADD freq-server/supervisord.conf /etc/supervisord.conf
+
+WORKDIR /opt/freq_server
+
+EXPOSE $FREQ_PORT
+
+CMD ["/usr/local/bin/supervisord", "-c", "/etc/supervisord.conf", "-u", "root", "-n"]
+
+# to be populated at build-time:
+ARG BUILD_DATE
+ARG MALCOLM_VERSION
+ARG VCS_REVISION
+
+LABEL org.opencontainers.image.created=$BUILD_DATE
+LABEL org.opencontainers.image.version=$MALCOLM_VERSION
+LABEL org.opencontainers.image.revision=$VCS_REVISION
diff --git a/Dockerfiles/htadmin.Dockerfile b/Dockerfiles/htadmin.Dockerfile
index f8276613b..89b771bae 100644
--- a/Dockerfiles/htadmin.Dockerfile
+++ b/Dockerfiles/htadmin.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/kibana.Dockerfile b/Dockerfiles/kibana.Dockerfile
index f5fb8b2a8..20aefd3f9 100644
--- a/Dockerfiles/kibana.Dockerfile
+++ b/Dockerfiles/kibana.Dockerfile
@@ -1,6 +1,6 @@
-FROM docker.elastic.co/kibana/kibana-oss:7.5.1
+FROM docker.elastic.co/kibana/kibana-oss:7.6.2
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
@@ -47,15 +47,15 @@ ADD kibana/kibana-offline-maps.yml /opt/kibana/config/kibana-offline-maps.yml
 ADD kibana/supervisord.conf /etc/supervisord.conf
 ADD kibana/dashboards /opt/kibana/dashboards
 ADD kibana/maps /opt/maps
+ADD https://github.com/gwintzer/kibana-comments-app-plugin/releases/download/7.4.0/kibana-comments-app-plugin-7.4.0-latest.zip /tmp/kibana-comments.zip
+ADD https://github.com/prelert/kibana-swimlane-vis/releases/download/v7.6.2/prelert_swimlane_vis-7.6.2.zip /tmp/kibana-swimlane.zip
 ADD https://github.com/bitsensor/elastalert-kibana-plugin/releases/download/1.1.0/elastalert-kibana-plugin-1.1.0-7.5.0.zip /tmp/elastalert-kibana-plugin.zip
+ADD kibana/elastalert-kibana-plugin/server/routes/elastalert.js /tmp/elastalert-server-routes.js
 
 # todo: these extra plugins are kind of gutted right now with 7.5.x, need to fix
 
-# ADD https://github.com/prelert/kibana-swimlane-vis/releases/download/v7.4.2/prelert_swimlane_vis-7.4.2.zip /tmp/kibana-swimlane.zip
-# ADD https://github.com/gwintzer/kibana-comments-app-plugin/releases/download/7.4.0/kibana-comments-app-plugin-7.4.0-latest.zip /tmp/kibana-comments.zip
-
 # see https://github.com/walterra/kibana-milestones-vis/issues/9
-#ADD https://github.com/walterra/kibana-milestones-vis/releases/download/v7.1.1/kibana-milestones-vis-7.1.1.zip /tmp/kibana-milestones.zip
+# ADD https://github.com/walterra/kibana-milestones-vis/releases/download/v7.1.1/kibana-milestones-vis-7.1.1.zip /tmp/kibana-milestones.zip
 
 # TODO: commented out because it's not optimizing in 6.6+ correctly
 # put these back in here and below in the build section:
@@ -72,39 +72,46 @@ RUN chmod 755 /data/*.sh /data/*.py && \
     chown -R kibana:kibana /opt/kibana/dashboards /opt/maps /opt/kibana/config/kibana*.yml && \
     chmod 400 /opt/maps/* && \
     mkdir -p /var/log/supervisor && \
-    (echo -e "*/5 * * * * su -c /data/kibana-create-moloch-sessions-index.sh kibana >/dev/null 2>&1\n0 * * * * su -c /data/kibana_index_refresh.py kibana >/dev/null 2>&1\n" | crontab -) && \
+    (echo -e "*/2 * * * * su -c /data/kibana-create-moloch-sessions-index.sh kibana >/dev/null 2>&1\n0 * * * * su -c /data/kibana_index_refresh.py kibana >/dev/null 2>&1\n" | crontab -) && \
     cd /tmp && \
     echo "Installing ElastAlert plugin..." && \
-      unzip elastalert-kibana-plugin.zip kibana/elastalert-kibana-plugin/package.json && \
-      sed -i "s/7\.5\.0/7\.5\.1/g" kibana/elastalert-kibana-plugin/package.json && \
-      zip elastalert-kibana-plugin.zip kibana/elastalert-kibana-plugin/package.json && \
+      unzip elastalert-kibana-plugin.zip kibana/elastalert-kibana-plugin/package.json kibana/elastalert-kibana-plugin/public/components/main/main.js && \
+      sed -i "s/7\.5\.0/7\.6\.2/g" kibana/elastalert-kibana-plugin/package.json && \
+      sed -i "s/^import.*eui_theme_light.css.*$//" kibana/elastalert-kibana-plugin/public/components/main/main.js && \
+      mkdir -p kibana/elastalert-kibana-plugin/server/routes/ && \
+      cp /tmp/elastalert-server-routes.js kibana/elastalert-kibana-plugin/server/routes/elastalert.js && \
+      zip elastalert-kibana-plugin.zip \
+          kibana/elastalert-kibana-plugin/package.json \
+          kibana/elastalert-kibana-plugin/public/components/main/main.js \
+          kibana/elastalert-kibana-plugin/server/routes/elastalert.js && \
+      cd /usr/share/kibana/plugins && \
       /usr/share/kibana/bin/kibana-plugin install file:///tmp/elastalert-kibana-plugin.zip --allow-root && \
-      rm -f /tmp/elastalert-kibana-plugin.zip
-
-    ## && \
-    ## echo "Installing Swimlanes visualization..." && \
-    ##  unzip kibana-swimlane.zip kibana/prelert_swimlane_vis-7.4.2/package.json && \
-    ##  sed -i "s/7\.4\.2/7\.5\.1/g" kibana/prelert_swimlane_vis-7.4.2/package.json && \
-    ##  zip kibana-swimlane.zip kibana/prelert_swimlane_vis-7.4.2/package.json && \
-    ##  /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-swimlane.zip --allow-root && \
-    ##  bash -c "find /usr/share/kibana/plugins/prelert_swimlane_vis/ -type f -exec chmod 644 '{}' \;" && \
-    ##  rm -f /tmp/kibana-swimlane.zip && \
-    ## echo "Installing Comments visualization..." && \
-    ##   unzip kibana-comments.zip kibana/kibana-comments-app-plugin/package.json && \
-    ##   sed -i "s/7\.4\.0/7\.5\.1/g" kibana/kibana-comments-app-plugin/package.json && \
-    ##   zip kibana-comments.zip kibana/kibana-comments-app-plugin/package.json && \
-    ##   /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-comments.zip --allow-root && \
-    ##   rm -rf /tmp/kibana-comments.zip /tmp/kibana && \
-    ## https://github.com/walterra/kibana-milestones-vis/issues/9
-    ## && \
-    ## echo "Installing Milestones visualization..." && \
-    ##  unzip kibana-milestones.zip kibana/kibana-milestones-vis/package.json && \
-    ##  sed -i "s/7\.1\.1/7\.5\.1/g" kibana/kibana-milestones-vis/package.json && \
-    ##  zip kibana-milestones.zip kibana/kibana-milestones-vis/package.json && \
-    ##  /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-milestones.zip --allow-root && \
-    ##  rm -rf /tmp/kibana-milestones.zip /tmp/kibana
-
-ADD docs/images/kibana/ebdca7741674eca4e1fadeca157f3ae6.svg /usr/share/kibana/optimize/bundles/ebdca7741674eca4e1fadeca157f3ae6.svg
+      rm -rf /tmp/elastalert-kibana-plugin.zip /tmp/elastalert.js /tmp/kibana && \
+    cd /tmp && \
+    echo "Installing Comments visualization..." && \
+      unzip kibana-comments.zip kibana/kibana-comments-app-plugin/package.json && \
+      sed -i "s/7\.4\.0/7\.6\.2/g" kibana/kibana-comments-app-plugin/package.json && \
+      zip kibana-comments.zip kibana/kibana-comments-app-plugin/package.json && \
+      cd /usr/share/kibana/plugins && \
+      /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-comments.zip --allow-root && \
+      rm -rf /tmp/kibana-comments.zip /tmp/kibana && \
+    cd /tmp && \
+    echo "Installing Swimlanes visualization..." && \
+      unzip kibana-swimlane.zip kibana/prelert_swimlane_vis/package.json && \
+      sed -i "s/7\.6\.2/7\.6\.2/g" kibana/prelert_swimlane_vis/package.json && \
+      zip kibana-swimlane.zip kibana/prelert_swimlane_vis/package.json && \
+      cd /usr/share/kibana/plugins && \
+      /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-swimlane.zip --allow-root && \
+      bash -c "find /usr/share/kibana/plugins/prelert_swimlane_vis/ -type f -exec chmod 644 '{}' \;" && \
+      rm -rf /tmp/kibana-swimlane.zip /tmp/kibana
+    # cd /tmp && \
+    # echo "Installing Milestones visualization..." && \
+      # unzip kibana-milestones.zip kibana/kibana-milestones-vis/package.json && \
+      # sed -i "s/7\.1\.1/7\.6\.2/g" kibana/kibana-milestones-vis/package.json && \
+      # zip kibana-milestones.zip kibana/kibana-milestones-vis/package.json && \
+      # cd /usr/share/kibana/plugins && \
+      # /usr/share/kibana/bin/kibana-plugin install file:///tmp/kibana-milestones.zip --allow-root && \
+      # rm -rf /tmp/kibana-milestones.zip /tmp/kibana
 
 CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf", "-u", "root", "-n"]
 
diff --git a/Dockerfiles/logstash.Dockerfile b/Dockerfiles/logstash.Dockerfile
index 9d92c15da..61d866e79 100644
--- a/Dockerfiles/logstash.Dockerfile
+++ b/Dockerfiles/logstash.Dockerfile
@@ -1,6 +1,6 @@
 FROM centos:7 AS build
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
@@ -10,21 +10,6 @@ LABEL org.opencontainers.image.vendor='Idaho National Laboratory'
 LABEL org.opencontainers.image.title='malcolmnetsec/logstash-oss'
 LABEL org.opencontainers.image.description='Malcolm container providing Logstash (the Apache-licensed variant)'
 
-
-ARG LOGSTASH_JAVA_EXECUTION_ENGINE=true
-ARG LOGSTASH_ENRICHMENT_PIPELINE=enrichment
-ARG LOGSTASH_PARSE_PIPELINE_ADDRESSES=zeek-parse
-ARG LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL=internal-es
-ARG LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL=external-es
-ARG LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES=internal-es,external-es
-
-ENV LOGSTASH_JAVA_EXECUTION_ENGINE $LOGSTASH_JAVA_EXECUTION_ENGINE
-ENV LOGSTASH_ENRICHMENT_PIPELINE $LOGSTASH_ENRICHMENT_PIPELINE
-ENV LOGSTASH_PARSE_PIPELINE_ADDRESSES $LOGSTASH_PARSE_PIPELINE_ADDRESSES
-ENV LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL $LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL
-ENV LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL $LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL
-ENV LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES $LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES
-
 RUN yum install -y epel-release && \
     yum update -y && \
     yum install -y java-1.8.0-openjdk-devel git curl wget tar which \
@@ -42,7 +27,20 @@ RUN /bin/bash -lc "command curl -sSL https://rvm.io/mpapis.asc | gpg2 --import -
     git clone --depth 1 https://github.com/mmguero/logstash-filter-ieee_oui.git /opt/logstash-filter-ieee_oui && \
     /bin/bash -lc "cd /opt/logstash-filter-ieee_oui && bundle install && gem build logstash-filter-ieee_oui.gemspec && bundle info logstash-filter-ieee_oui"
 
-FROM docker.elastic.co/logstash/logstash-oss:7.5.1
+FROM docker.elastic.co/logstash/logstash-oss:7.6.2
+
+ARG LOGSTASH_ENRICHMENT_PIPELINE=enrichment
+ARG LOGSTASH_PARSE_PIPELINE_ADDRESSES=zeek-parse
+ARG LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL=internal-es
+ARG LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL=external-es
+ARG LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES=internal-es,external-es
+
+ENV LOGSTASH_ENRICHMENT_PIPELINE $LOGSTASH_ENRICHMENT_PIPELINE
+ENV LOGSTASH_PARSE_PIPELINE_ADDRESSES $LOGSTASH_PARSE_PIPELINE_ADDRESSES
+ENV LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL $LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL
+ENV LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL $LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL
+ENV LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES $LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES
+
 USER root
 
 COPY --from=build /opt/logstash-filter-ieee_oui /opt/logstash-filter-ieee_oui
@@ -51,9 +49,9 @@ RUN yum install -y epel-release && \
     yum update -y && \
     yum install -y gettext python-setuptools python-pip python-requests python-yaml && \
     yum clean all && \
-    pip install py2-ipaddress && \
+    pip install py2-ipaddress supervisor && \
     logstash-plugin install logstash-filter-translate logstash-filter-cidr logstash-filter-dns \
-                            logstash-filter-json logstash-filter-prune \
+                            logstash-filter-json logstash-filter-prune logstash-filter-http \
                             logstash-filter-grok logstash-filter-geoip logstash-filter-uuid \
                             logstash-filter-kv logstash-filter-mutate logstash-filter-dissect \
                             logstash-input-beats logstash-output-elasticsearch && \
@@ -65,9 +63,11 @@ ADD logstash/config/log4j2.properties /usr/share/logstash/config/
 ADD logstash/config/logstash.yml /usr/share/logstash/config/
 ADD logstash/pipelines/ /usr/share/logstash/malcolm-pipelines/
 ADD logstash/scripts /usr/local/bin/
+ADD logstash/supervisord.conf /etc/supervisord.conf
 ADD https://raw.githubusercontent.com/wireshark/wireshark/master/manuf /usr/share/logstash/config/oui.txt
 
 RUN bash -c "chmod --silent 755 /usr/local/bin/*.sh /usr/local/bin/*.py || true" && \
+    mkdir -p /var/log/supervisor && \
     rm -f /usr/share/logstash/pipeline/logstash.conf && \
     rmdir /usr/share/logstash/pipeline && \
     mkdir /logstash-persistent-queue && \
@@ -83,10 +83,11 @@ ENV LOGSTASH_KEYSTORE_PASS "a410a267b1404c949284dee25518a917"
 
 VOLUME ["/logstash-persistent-queue"]
 
-USER logstash
-
-ENTRYPOINT ["/usr/local/bin/logstash-start.sh"]
+EXPOSE 5044
+EXPOSE 9001
+EXPOSE 9600
 
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf", "-u", "root", "-n"]
 
 # to be populated at build-time:
 ARG BUILD_DATE
diff --git a/Dockerfiles/moloch.Dockerfile b/Dockerfiles/moloch.Dockerfile
index eb9078887..6c69c9b62 100644
--- a/Dockerfiles/moloch.Dockerfile
+++ b/Dockerfiles/moloch.Dockerfile
@@ -1,10 +1,10 @@
 FROM debian:buster-slim AS build
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ENV DEBIAN_FRONTEND noninteractive
 
-ENV MOLOCH_VERSION "2.1.2"
+ENV MOLOCH_VERSION "2.2.3"
 ENV MOLOCHDIR "/data/moloch"
 
 ADD moloch/scripts/bs4_remove_div.py /data/
@@ -12,7 +12,10 @@ ADD moloch/patch/* /data/patches/
 ADD README.md $MOLOCHDIR/doc/
 ADD doc.css $MOLOCHDIR/doc/
 ADD docs/images $MOLOCHDIR/doc/images/
-ADD https://github.com/aol/moloch/archive/v$MOLOCH_VERSION.tar.gz /data/moloch.tar.gz
+
+# TODO: temporarily using my github fork branch until issue https://github.com/aol/moloch/issues/1162 and
+# https://github.com/idaholab/Malcolm/issues/2 are merged in
+# ADD https://github.com/aol/moloch/archive/v$MOLOCH_VERSION.tar.gz /data/moloch.tar.gz
 
 RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list && \
     apt-get -q update && \
@@ -62,14 +65,16 @@ RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list
     sed -i "s@docs/images@images@g" README.md && \
     pandoc -s --self-contained --metadata title="Malcolm README" --css $MOLOCHDIR/doc/doc.css -o $MOLOCHDIR/doc/README.html $MOLOCHDIR/doc/README.md && \
   cd /data && \
-  tar -xvf "moloch.tar.gz" && \
+  # TODO: see comment above about aol/moloch vs. mmguero-dev/moloch
+  # tar -xvf "moloch.tar.gz" && \
+  git clone --recursive --depth=1 --single-branch -b "topic/netdiff_2.2.3" "https://github.com/mmguero-dev/moloch.git" "./moloch-"$MOLOCH_VERSION && \
     cd "./moloch-"$MOLOCH_VERSION && \
+    rm -rf ./.git && \
     bash -c 'for i in /data/patches/*; do patch -p 1 -r - --no-backup-if-mismatch < $i || true; done' && \
     cp -v $MOLOCHDIR/doc/images/moloch/moloch_155.png ./viewer/public/moloch_155.png && \
     cp -v $MOLOCHDIR/doc/images/moloch/moloch_77.png ./viewer/public/moloch_77.png && \
     cp -v $MOLOCHDIR/doc/images/moloch/header_logo.png ./parliament/vueapp/src/assets/header_logo.png && \
     cp -v $MOLOCHDIR/doc/images/moloch/header_logo.png ./viewer/public/header_logo.png && \
-    cp -v $MOLOCHDIR/doc/images/moloch/header_logo.png ./viewer/vueapp/src/assets/logo.png && \
     find $MOLOCHDIR/doc/images/screenshots -name "*.png" -delete && \
     export PATH="$MOLOCHDIR/bin:${PATH}" && \
     ln -sfr $MOLOCHDIR/bin/npm /usr/local/bin/npm && \
@@ -77,6 +82,7 @@ RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list
     ln -sfr $MOLOCHDIR/bin/npx /usr/local/bin/npx && \
     python3 /data/bs4_remove_div.py -i ./viewer/vueapp/src/components/users/Users.vue -o ./viewer/vueapp/src/components/users/Users.new -c "new-user-form" && \
     mv -vf ./viewer/vueapp/src/components/users/Users.new ./viewer/vueapp/src/components/users/Users.vue && \
+    rm -rf ./viewer/vueapp/src/components/upload && \
     ./easybutton-build.sh --install && \
     npm cache clean --force && \
     bash -c "file ${MOLOCHDIR}/bin/* ${MOLOCHDIR}/node-v*/bin/* | grep 'ELF 64-bit' | sed 's/:.*//' | xargs -l -r strip -v --strip-unneeded"
diff --git a/Dockerfiles/name-map-ui.Dockerfile b/Dockerfiles/name-map-ui.Dockerfile
new file mode 100644
index 000000000..383269c7d
--- /dev/null
+++ b/Dockerfiles/name-map-ui.Dockerfile
@@ -0,0 +1,67 @@
+FROM alpine:3.11
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+LABEL maintainer="malcolm.netsec@gmail.com"
+LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
+LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
+LABEL org.opencontainers.image.documentation='https://github.com/idaholab/Malcolm/blob/master/README.md'
+LABEL org.opencontainers.image.source='https://github.com/idaholab/Malcolm'
+LABEL org.opencontainers.image.vendor='Idaho National Laboratory'
+LABEL org.opencontainers.image.title='malcolmnetsec/name-map-ui'
+LABEL org.opencontainers.image.description='Malcolm container providing a user interface for mapping names to network hosts and subnets'
+
+ENV JQUERY_VERSION 1.6.4
+ENV LISTJS_VERSION v1.5.0
+
+RUN apk --no-cache add bash php7 php7-fpm php7-mysqli php7-json php7-openssl php7-curl php7-fileinfo \
+    php7-zlib php7-xml php7-phar php7-intl php7-dom php7-xmlreader php7-ctype php7-session \
+    php7-mbstring php7-gd nginx supervisor curl inotify-tools file psmisc
+
+COPY name-map-ui/config/nginx.conf /etc/nginx/nginx.conf
+COPY name-map-ui/config/fpm-pool.conf /etc/php7/php-fpm.d/www.conf
+COPY name-map-ui/config/php.ini /etc/php7/conf.d/custom.ini
+COPY name-map-ui/config/supervisord.conf /etc/supervisord.conf
+COPY name-map-ui/config/supervisor_logstash_ctl.conf /etc/supervisor/logstash/supervisord.conf
+COPY name-map-ui/scripts/*.sh /usr/local/bin/
+
+ADD https://code.jquery.com/jquery-${JQUERY_VERSION}.min.js /tmp/jquery.min.js
+ADD https://raw.githubusercontent.com/javve/list.js/${LISTJS_VERSION}/dist/list.min.js /tmp/list.min.js
+
+RUN rm -rf /etc/nginx/conf.d/default.conf /var/www/html/* && \
+    mkdir -p /var/www/html/upload /var/www/html/maps && \
+    cd /var/www/html && \
+    mv /tmp/jquery.min.js /tmp/list.min.js ./ && \
+    chmod 644 ./jquery.min.js ./list.min.js && \
+    ln -s . name-map-ui && \
+    addgroup -g 1000 nginxsrv ; \
+    adduser -D -H -u 1000 -h /var/www/html -s /sbin/nologin -G nginxsrv -g nginxsrv nginxsrv ; \
+    addgroup nginxsrv nginx ; \
+    addgroup nginxsrv shadow ; \
+    chown -R nginxsrv.nginxsrv /var/www/html && \
+    chown -R nginxsrv.nginxsrv /run && \
+    chown -R nginxsrv.nginxsrv /var/lib/nginx && \
+    chown -R nginxsrv.nginxsrv /var/log/nginx && \
+    chmod 755 /usr/local/bin/*.sh
+
+VOLUME /var/www/html
+
+USER nginxsrv
+
+WORKDIR /var/www/html
+
+COPY --chown=1000 name-map-ui/site/ /var/www/html/
+COPY --chown=1000 docs/images/logo/Malcolm_banner.png /var/www/html/
+COPY --chown=1000 docs/images/favicon/favicon.ico /var/www/html/
+
+EXPOSE 8080
+
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
+
+# to be populated at build-time:
+ARG BUILD_DATE
+ARG MALCOLM_VERSION
+ARG VCS_REVISION
+
+LABEL org.opencontainers.image.created=$BUILD_DATE
+LABEL org.opencontainers.image.version=$MALCOLM_VERSION
+LABEL org.opencontainers.image.revision=$VCS_REVISION
diff --git a/Dockerfiles/nginx.Dockerfile b/Dockerfiles/nginx.Dockerfile
index 84a1c8ac3..3b1cb044a 100644
--- a/Dockerfiles/nginx.Dockerfile
+++ b/Dockerfiles/nginx.Dockerfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ####################################################################################
 # thanks to:  nginx                       -  https://github.com/nginxinc/docker-nginx/blob/master/mainline/alpine/Dockerfile
@@ -10,7 +10,7 @@
 # build a patched APK of stunnel supporting ldap StartTLS (patched protocols.c)
 # (based on https://www.stunnel.org/pipermail/stunnel-users/2013-November/004437.html)
 
-FROM alpine:3.10 as stunnel_build
+FROM alpine:3.11 as stunnel_build
 
 ADD https://codeload.github.com/alpinelinux/aports/tar.gz/master /aports-master.tar.gz
 ADD nginx/src/*.patch /usr/src/patches/
@@ -18,7 +18,7 @@ ADD nginx/src/*.patch /usr/src/patches/
 USER root
 
 RUN set -x ; \
-    apk add --no-cache alpine-sdk patchutils sudo ; \
+    apk add --no-cache alpine-sdk patchutils sudo openssl-dev linux-headers; \
     sed -i 's/^#\s*\(%wheel\s\+ALL=(ALL)\s\+NOPASSWD:\s\+ALL\)/\1/' /etc/sudoers ; \
     adduser -D -u 1000 -h /apkbuild -G abuild builder ; \
     addgroup builder wheel ; \
@@ -39,7 +39,7 @@ RUN set -x ; \
 
 ####################################################################################
 
-FROM alpine:3.10
+FROM alpine:3.11
 
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
@@ -67,12 +67,10 @@ ENV NGINX_LDAP_TLS_STUNNEL_PROTOCOL $NGINX_LDAP_TLS_STUNNEL_PROTOCOL
 
 
 # build latest nginx with nginx-auth-ldap
-ENV NGINX_VERSION=1.17.6
-ENV DOCKER_GEN_VERSION=0.7.4
+ENV NGINX_VERSION=1.17.9
 ENV NGINX_AUTH_LDAP_BRANCH=master
 ENV NGINX_AUTH_PAM_BRANCH=master
 
-ADD https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz /docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz
 ADD https://codeload.github.com/kvspb/nginx-auth-ldap/tar.gz/$NGINX_AUTH_LDAP_BRANCH /nginx-auth-ldap.tar.gz
 ADD https://codeload.github.com/sto/ngx_http_auth_pam_module/tar.gz/$NGINX_AUTH_PAM_BRANCH /ngx_http_auth_pam_module.tar.gz
 ADD http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz /nginx.tar.gz
@@ -201,14 +199,11 @@ RUN set -x ; \
   apk add --no-cache --virtual .nginx-rundeps $runDeps ca-certificates bash wget openssl apache2-utils openldap linux-pam nss-pam-ldapd supervisor tzdata; \
   update-ca-certificates; \
   apk add --no-cache --allow-untrusted /tmp/stunnel-*.apk; \
-  tar -C /usr/local/bin -xzf /docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz; \
   apk del .nginx-build-deps ; \
   apk del .gettext ; \
   mv /tmp/envsubst /usr/local/bin/ ; \
   mkdir -p /var/log/supervisor ; \
-  rm -rf /usr/src/* /var/tmp/* /var/cache/apk/* /tmp/stunnel-*.apk /nginx.tar.gz /nginx-auth-ldap.tar.gz /ngx_http_auth_pam_module.tar.gz /docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz; \
-  ln -sf /dev/stdout /var/log/nginx/access.log; \
-  ln -sf /dev/stderr /var/log/nginx/error.log; \
+  rm -rf /usr/src/* /var/tmp/* /var/cache/apk/* /tmp/stunnel-*.apk /nginx.tar.gz /nginx-auth-ldap.tar.gz /ngx_http_auth_pam_module.tar.gz; \
   touch /etc/nginx/nginx_ldap.conf /etc/nginx/nginx_blank.conf;
 
 COPY --from=jwilder/nginx-proxy:alpine /app/nginx.tmpl /etc/nginx/
@@ -222,8 +217,6 @@ ADD docs/images/icon/favicon.ico /etc/nginx/favicon.ico
 
 EXPOSE 80
 
-ENV DOCKER_HOST unix:///tmp/docker.sock
-
 VOLUME ["/etc/nginx/certs", "/etc/nginx/dhparam"]
 
 ENTRYPOINT ["/usr/local/bin/docker_entrypoint.sh"]
diff --git a/Dockerfiles/pcap-capture.Dockerfile b/Dockerfiles/pcap-capture.Dockerfile
index 572d0a266..71bbfa016 100644
--- a/Dockerfiles/pcap-capture.Dockerfile
+++ b/Dockerfiles/pcap-capture.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/pcap-monitor.Dockerfile b/Dockerfiles/pcap-monitor.Dockerfile
index 1e7649438..c02a981bf 100644
--- a/Dockerfiles/pcap-monitor.Dockerfile
+++ b/Dockerfiles/pcap-monitor.Dockerfile
@@ -1,6 +1,6 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 LABEL maintainer="malcolm.netsec@gmail.com"
 LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
 LABEL org.opencontainers.image.url='https://github.com/idaholab/Malcolm'
diff --git a/Dockerfiles/zeek.Dockerfile b/Dockerfiles/zeek.Dockerfile
index 115341bf9..d41854e11 100644
--- a/Dockerfiles/zeek.Dockerfile
+++ b/Dockerfiles/zeek.Dockerfile
@@ -1,11 +1,11 @@
 FROM debian:buster-slim AS build
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ENV DEBIAN_FRONTEND noninteractive
 
 ENV SRC_BASE_DIR "/usr/local/src"
-ENV ZEEK_VERSION "3.0.1"
+ENV ZEEK_VERSION "3.0.3"
 ENV ZEEK_DIR "/opt/zeek"
 ENV ZEEK_SRC_DIR "${SRC_BASE_DIR}/zeek-${ZEEK_VERSION}"
 ENV ZEEK_PATCH_DIR "${SRC_BASE_DIR}/zeek-patches"
diff --git a/License.txt b/License.txt
index 4d044c4b5..ec86f9075 100644
--- a/License.txt
+++ b/License.txt
@@ -2,7 +2,7 @@ Software License Agreement
 
 For more information, please see DHS_TOU.pdf.
 
-Malcolm is Copyright (c) 2019 Battelle Energy Alliance, LLC, and is developed
+Malcolm is Copyright (c) 2020 Battelle Energy Alliance, LLC, and is developed
 and released through the cooperation of the Cybersecurity and Infrastructure
 Security Agency of the U.S. Department of Homeland Security. All rights reserved.
 
@@ -22,7 +22,7 @@ means, and for any purpose whatsoever.
 https://github.com/idaholab/Malcolm
 
 
-Copyright 2019 Battelle Energy Alliance, LLC
+Copyright 2020 Battelle Energy Alliance, LLC
 
 
 ALL RIGHTS RESERVED
diff --git a/Notice.txt b/Notice.txt
index 19d797946..30c7a7221 100644
--- a/Notice.txt
+++ b/Notice.txt
@@ -4,7 +4,7 @@ https://github.com/idaholab/Malcolm
 
 See License.txt for license terms.
 
-Malcolm is Copyright (c) 2019 Battelle Energy Alliance, LLC, and is developed
+Malcolm is Copyright (c) 2020 Battelle Energy Alliance, LLC, and is developed
 and released through the cooperation of the Cybersecurity and Infrastructure
 Security Agency of the U.S. Department of Homeland Security. All rights reserved.
 
diff --git a/README.md b/README.md
index 3a2beedda..debc950d3 100644
--- a/README.md
+++ b/README.md
@@ -46,7 +46,6 @@ In short, Malcolm provides an easily deployable network analysis tool suite for
     * [Capturing traffic on local network interfaces](#LocalPCAP)
     * [Using a network sensor appliance](#Hedgehog)
     * [Manually forwarding Zeek logs from an external source](#ZeekForward)
-    * [Monitoring a local Zeek instance](#LiveZeek) 
 * [Moloch](#Moloch)
     * [Zeek log integration](#MolochZeek)
         - [Correlating Zeek logs and Moloch sessions](#ZeekMolochFlowCorrelation)
@@ -73,6 +72,7 @@ In short, Malcolm provides an easily deployable network analysis tool suite for
     - [Automatic host and subnet name assignment](#HostAndSubnetNaming)
         + [IP/MAC address to hostname mapping via `host-map.txt`](#HostNaming)
         + [CIDR subnet to network segment name mapping via `cidr-map.txt`](#SegmentNaming)
+        + [Defining hostname and CIDR subnet names interface](#NameMapUI)
         + [Applying mapping changes](#ApplyMapping)
     - [Elasticsearch index curation](#Curator)
 * [Malcolm installer ISO](#ISO)
@@ -111,10 +111,12 @@ Pulling elastalert      ... done
 Pulling elasticsearch   ... done
 Pulling file-monitor    ... done
 Pulling filebeat        ... done
+Pulling freq            ... done
 Pulling htadmin         ... done
 Pulling kibana          ... done
 Pulling logstash        ... done
 Pulling moloch          ... done
+Pulling name-map-ui     ... done
 Pulling nginx-proxy     ... done
 Pulling pcap-capture    ... done
 Pulling pcap-monitor    ... done
@@ -126,23 +128,25 @@ You can then observe that the images have been retrieved by running `docker imag
 ```
 $ docker images
 REPOSITORY                                          TAG                 IMAGE ID            CREATED             SIZE
-malcolmnetsec/moloch                                1.8.1               xxxxxxxxxxxx        10 minutes ago      491MB
-malcolmnetsec/logstash-oss                          1.8.1               xxxxxxxxxxxx        17 minutes ago      1.4GB
-malcolmnetsec/zeek                                  1.8.1               xxxxxxxxxxxx        17 minutes ago      232MB
-malcolmnetsec/file-upload                           1.8.1               xxxxxxxxxxxx        23 minutes ago      199MB
-malcolmnetsec/pcap-capture                          1.8.1               xxxxxxxxxxxx        23 minutes ago      112MB
-malcolmnetsec/file-monitor                          1.8.1               xxxxxxxxxxxx        25 minutes ago      369MB
-malcolmnetsec/filebeat-oss                          1.8.1               xxxxxxxxxxxx        28 minutes ago      501MB
-malcolmnetsec/kibana-oss                            1.8.1               xxxxxxxxxxxx        28 minutes ago      964MB
-malcolmnetsec/pcap-monitor                          1.8.1               xxxxxxxxxxxx        28 minutes ago      156MB
-malcolmnetsec/curator                               1.8.1               xxxxxxxxxxxx        29 minutes ago      240MB
-malcolmnetsec/nginx-proxy                           1.8.1               xxxxxxxxxxxx        29 minutes ago      54.5MB
-malcolmnetsec/elastalert                            1.8.1               xxxxxxxxxxxx        30 minutes ago      276MB
-malcolmnetsec/htadmin                               1.8.1               xxxxxxxxxxxx        31 minutes ago      256MB
-docker.elastic.co/elasticsearch/elasticsearch-oss   7.5.1               xxxxxxxxxxxx        5 weeks ago         825MB
-```
-
-You must run [`auth_setup.sh`](#AuthSetup) prior to running `docker-compose pull`. You should also ensure your system configuration and `docker-compose.yml` settings are tuned by running `./scripts/install.py` or `./scripts/install.py --configure` (see [System configuration and tuning](#ConfigAndTuning)).
+malcolmnetsec/moloch                                2.0.0               xxxxxxxxxxxx        10 minutes ago      491MB
+malcolmnetsec/logstash-oss                          2.0.0               xxxxxxxxxxxx        17 minutes ago      1.4GB
+malcolmnetsec/zeek                                  2.0.0               xxxxxxxxxxxx        17 minutes ago      232MB
+malcolmnetsec/file-upload                           2.0.0               xxxxxxxxxxxx        23 minutes ago      199MB
+malcolmnetsec/pcap-capture                          2.0.0               xxxxxxxxxxxx        23 minutes ago      112MB
+malcolmnetsec/file-monitor                          2.0.0               xxxxxxxxxxxx        25 minutes ago      369MB
+malcolmnetsec/filebeat-oss                          2.0.0               xxxxxxxxxxxx        28 minutes ago      501MB
+malcolmnetsec/kibana-oss                            2.0.0               xxxxxxxxxxxx        28 minutes ago      964MB
+malcolmnetsec/pcap-monitor                          2.0.0               xxxxxxxxxxxx        28 minutes ago      156MB
+malcolmnetsec/curator                               2.0.0               xxxxxxxxxxxx        29 minutes ago      240MB
+malcolmnetsec/nginx-proxy                           2.0.0               xxxxxxxxxxxx        29 minutes ago      54.5MB
+malcolmnetsec/elastalert                            2.0.0               xxxxxxxxxxxx        30 minutes ago      276MB
+malcolmnetsec/htadmin                               2.0.0               xxxxxxxxxxxx        31 minutes ago      256MB
+malcolmnetsec/freq                                  2.0.0               xxxxxxxxxxxx        32 minutes ago      188MB
+malcolmnetsec/name-map-ui                           2.0.0               xxxxxxxxxxxx        35 minutes ago      20MB
+docker.elastic.co/elasticsearch/elasticsearch-oss   7.6.2               xxxxxxxxxxxx        5 weeks ago         825MB
+```
+
+You must run [`auth_setup`](#AuthSetup) prior to running `docker-compose pull`. You should also ensure your system configuration and `docker-compose.yml` settings are tuned by running `./scripts/install.py` or `./scripts/install.py --configure` (see [System configuration and tuning](#ConfigAndTuning)).
 
 #### Import from pre-packaged tarballs
 
@@ -161,6 +165,7 @@ A few minutes after starting Malcolm (probably 5 to 10 minutes for Logstash to b
 * Kibana: [https://localhost/kibana/](https://localhost/kibana/) or [https://localhost:5601](https://localhost:5601)
 * Capture File and Log Archive Upload (Web): [https://localhost/upload/](https://localhost/upload/) or [https://localhost:8443](https://localhost:8443)
 * Capture File and Log Archive Upload (SFTP): `sftp://<username>@127.0.0.1:8022/files`
+* [Host and Subnet Name Mapping](#HostAndSubnetNaming) Editor: [https://localhost/name-map-ui/](https://localhost/name-map-ui/)
 * Account Management: [https://localhost:488](https://localhost:488)
 
 ## <a name="Overview"></a>Overview
@@ -189,21 +194,24 @@ Malcolm leverages the following excellent open source tools, among others.
 * [ClamAV](https://www.clamav.net/) - an antivirus engine for scanning files extracted by Zeek
 * [CyberChef](https://github.com/gchq/CyberChef) - a "swiss-army knife" data conversion tool 
 * [jQuery File Upload](https://github.com/blueimp/jQuery-File-Upload) - for uploading PCAP files and Zeek logs for processing
+* [List.js](https://github.com/javve/list.js) - for the [host and subnet name mapping](#HostAndSubnetNaming) interface
 * [Docker](https://www.docker.com/) and [Docker Compose](https://docs.docker.com/compose/) - for simple, reproducible deployment of the Malcolm appliance across environments and to coordinate communication between its various components
 * [Nginx](https://nginx.org/) - for HTTPS and reverse proxying Malcolm components
 * [nginx-auth-ldap](https://github.com/kvspb/nginx-auth-ldap) - an LDAP authentication module for nginx
 * [ElastAlert](https://github.com/Yelp/elastalert) - an alerting framework for Elasticsearch. Specifically, the [BitSensor fork of ElastAlert](https://github.com/bitsensor/elastalert), its Docker configuration and its corresponding [Kibana plugin](https://github.com/bitsensor/elastalert-kibana-plugin) are used.
+* [freq](https://github.com/MarkBaggett/freq) - a tool for calculating entropy of strings
 * These third party Zeek plugins:
     * Amazon.com, Inc.'s [ICS protocol](https://github.com/amzn?q=zeek) analyzers
     * Corelight's [bro-xor-exe](https://github.com/corelight/bro-xor-exe-plugin) plugin
     * Corelight's [community ID](https://github.com/corelight/bro-community-id) flow hashing plugin
-    * J-Gras' [Bro::AF_Packet](https://github.com/J-Gras/bro-af_packet-plugin) plugin
+    * J-Gras' [Zeek::AF_Packet](https://github.com/J-Gras/zeek-af_packet-plugin) plugin
     * Lexi Brent's [EternalSafety](https://github.com/lexibrent/zeek-EternalSafety) plugin
     * MITRE Cyber Analytics Repository's [Bro/Zeek ATT&CK-Based Analytics (BZAR)](https://github.com/mitre-attack/car/tree/master/implementations) script
     * Salesforce's [gQUIC](https://github.com/salesforce/GQUIC_Protocol_Analyzer) analyzer
     * Salesforce's [HASSH](https://github.com/salesforce/hassh) SSH fingerprinting plugin
     * Salesforce's [JA3](https://github.com/salesforce/ja3) TLS fingerprinting plugin
     * SoftwareConsultingEmporium's [Bro::LDAP](https://github.com/SoftwareConsultingEmporium/ldap-analyzer) analyzer
+    * Johanna Amann's [CVE-2020-0601](https://github.com/0xxon/cve-2020-0601) ECC certificate validation plugin
 * [GeoLite2](https://dev.maxmind.com/geoip/geoip2/geolite2/) - Malcolm includes GeoLite2 data created by [MaxMind](https://www.maxmind.com)
 
 ## <a name="Protocols"></a>Supported Protocols
@@ -273,6 +281,7 @@ Checking out the [Malcolm source code](https://github.com/idaholab/Malcolm/tree/
 * `filebeat` - code and configuration for the `filebeat` container which ingests Zeek logs and forwards them to the `logstash` container
 * `file-monitor` - code and configuration for the `file-monitor` container which can scan files extracted by Zeek
 * `file-upload` - code and configuration for the `upload` container which serves a web browser-based upload form for uploading PCAP files and Zeek logs, and which serves an SFTP share as an alternate method for upload
+* `freq-server` - code and configuration for the `freq` container used for calculating entropy of strings
 * `htadmin` - configuration for the `htadmin` user account management container
 * `kibana` - code and configuration for the `kibana` container for creating additional ad-hoc visualizations and dashboards beyond that which is provided by Moloch Viewer
 * `logstash` - code and configuration for the `logstash` container which parses Zeek logs and forwards them to the `elasticsearch` container
@@ -280,23 +289,25 @@ Checking out the [Malcolm source code](https://github.com/idaholab/Malcolm/tree/
 * `moloch` - code and configuration for the `moloch` container which processes PCAP files using `moloch-capture` and which serves the Viewer application
 * `moloch-logs` - an initially empty directory to which the `moloch` container will write some debug log files
 * `moloch-raw` - an initially empty directory to which the `moloch` container will write captured PCAP files; as Moloch as employed by Malcolm is currently used for processing previously-captured PCAP files, this directory is currently unused
+* `name-map-ui` - code and configuration for the `name-map-ui` container which provides the [host and subnet name mapping](#HostAndSubnetNaming) interface
 * `nginx` - configuration for the `nginx` reverse proxy container
 * `pcap` - an initially empty directory for PCAP files to be uploaded, processed, and stored
 * `pcap-capture` - code and configuration for the `pcap-capture` container which can capture network traffic
 * `pcap-monitor` - code and configuration for the `pcap-monitor` container which watches for new or uploaded PCAP files notifies the other services to process them
 * `scripts` - control scripts for starting, stopping, restarting, etc. Malcolm
+* `sensor-iso` - code and configuration for building a [Hedgehog Linux](#Hedgehog) ISO
 * `shared` - miscellaneous code used by various Malcolm components 
 * `zeek` - code and configuration for the `zeek` container which handles PCAP processing using Zeek
 * `zeek-logs` - an initially empty directory for Zeek logs to be uploaded, processed, and stored
 
 and the following files of special note:
 
-* `auth.env` - the script `./scripts/auth_setup.sh` prompts the user for the administrator credentials used by the Malcolm appliance, and `auth.env` is the environment file where those values are stored
+* `auth.env` - the script `./scripts/auth_setup` prompts the user for the administrator credentials used by the Malcolm appliance, and `auth.env` is the environment file where those values are stored
 * `cidr-map.txt` - specify custom IP address to network segment mapping
 * `host-map.txt` - specify custom IP and/or MAC address to host mapping
+* `net-map.json` - an alternative to `cidr-map.txt` and `host-map.txt`, mapping hosts and network segments to their names in a JSON-formatted file
 * `docker-compose.yml` - the configuration file used by `docker-compose` to build, start, and stop an instance of the Malcolm appliance
 * `docker-compose-standalone.yml` - similar to `docker-compose.yml`, only used for the ["packaged"](#Packager) installation of Malcolm
-* `docker-compose-standalone-zeek-live.yml` - identical to `docker-compose-standalone.yml`, only Filebeat is configured to monitor local live Zeek logs (ie., being actively written to on the same host running Malcolm)
 
 ### <a name="Build"></a>Building from source
 
@@ -313,11 +324,13 @@ Then, go take a walk or something since it will be a while. When you're done, yo
 * `malcolmnetsec/filebeat-oss` (based on `docker.elastic.co/beats/filebeat-oss`)
 * `malcolmnetsec/file-monitor` (based on `debian:buster-slim`)
 * `malcolmnetsec/file-upload` (based on `debian:buster-slim`)
+* `malcolmnetsec/freq` (based on `debian:buster-slim`)
 * `malcolmnetsec/htadmin` (based on `debian:buster-slim`)
 * `malcolmnetsec/kibana-oss` (based on `docker.elastic.co/kibana/kibana-oss`)
 * `malcolmnetsec/logstash-oss` (based on `docker.elastic.co/logstash/logstash-oss`)
+* `malcolmnetsec/name-map-ui` (based on `alpine:3.11`)
 * `malcolmnetsec/moloch` (based on `debian:buster-slim`)
-* `malcolmnetsec/nginx-proxy` (based on `alpine:3.10`)
+* `malcolmnetsec/nginx-proxy` (based on `alpine:3.11`)
 * `malcolmnetsec/pcap-capture` (based on `debian:buster-slim`)
 * `malcolmnetsec/pcap-monitor` (based on `debian:buster-slim`)
 * `malcolmnetsec/pcap-zeek` (based on `debian:buster-slim`)
@@ -359,18 +372,19 @@ To install Malcolm:
 
 To start, stop, restart, etc. Malcolm:
   Use the control scripts in the "scripts/" directory:
-   - start.sh      (start Malcolm)
-   - stop.sh       (stop Malcolm)
-   - restart.sh    (restart Malcolm)
-   - logs.sh       (monitor Malcolm logs)
-   - wipe.sh       (stop Malcolm and clear its database)
-   - auth_setup.sh (change authentication-related settings)
+   - start         (start Malcolm)
+   - stop          (stop Malcolm)
+   - restart       (restart Malcolm)
+   - logs          (monitor Malcolm logs)
+   - wipe          (stop Malcolm and clear its database)
+   - auth_setup    (change authentication-related settings)
 
 A minute or so after starting Malcolm, the following services will be accessible:
   - Moloch: https://localhost/
   - Kibana: https://localhost/kibana/
-  - PCAP Upload (web): https://localhost/upload/
-  - PCAP Upload (sftp): sftp://USERNAME@127.0.0.1:8022/files/
+  - PCAP upload (web): https://localhost/upload/
+  - PCAP upload (sftp): sftp://USERNAME@127.0.0.1:8022/files/
+  - Host and subnet name mapping editor: https://localhost/name-map-ui/
   - Account management: https://localhost:488/
 ```
 
@@ -390,7 +404,7 @@ total 2.0G
 If you have obtained pre-packaged installation files to install Malcolm on a non-networked machine via an internal network share or on a USB key, you likely have the following files:
 
 * `malcolm_YYYYMMDD_HHNNSS_xxxxxxx.README.txt` - This readme file contains a minimal set up instructions for extracting the contents of the other tarballs and running the Malcolm appliance.
-* `malcolm_YYYYMMDD_HHNNSS_xxxxxxx.tar.gz` - This tarball contains the configuration files and directory configuration used by an instance of Malcolm. It can be extracted via `tar -xf malcolm_YYYYMMDD_HHNNSS_xxxxxxx.tar.gz` upon which a directory will be created (named similarly to the tarball) containing the directories and configuration files. Alternately, `install.py` can accept this filename as an argument and handle its extraction and initial configuration for you.
+* `malcolm_YYYYMMDD_HHNNSS_xxxxxxx.tar.gz` - This tarball contains the configuration files and directory configuration used by an instance of Malcolm. It can be extracted via `tar -xf malcolm_YYYYMMDD_HHNNSS_xxxxxxx.tar.gz` upon which a directory will be created (named similarly to the tarball) containing the directories and configuration files. Alternatively, `install.py` can accept this filename as an argument and handle its extraction and initial configuration for you.
 * `malcolm_YYYYMMDD_HHNNSS_xxxxxxx_images.tar.gz` - This tarball contains the Docker images used by Malcolm. It can be imported manually via `docker load -i malcolm_YYYYMMDD_HHNNSS_xxxxxxx_images.tar.gz`
 * `install.py` - This install script can load the Docker images and extract Malcolm configuration files from the aforementioned tarballs and do some initial configuration for you.
 
@@ -423,6 +437,8 @@ Various other environment variables inside of `docker-compose.yml` can be tweake
 
 * `NGINX_BASIC_AUTH` - if set to `true`, use [TLS-encrypted HTTP basic](#AuthBasicAccountManagement) authentication (default); if set to `false`, use [Lightweight Directory Access Protocol (LDAP)](#AuthLDAP) authentication
 
+* `NGINX_LOG_ACCESS_AND_ERRORS` - if set to `true`, all access to Malcolm via its [web interfaces](#UserInterfaceURLs) will be logged to Elasticsearch (default `false`)
+
 * `MANAGE_PCAP_FILES` – if set to `true`, all PCAP files imported into Malcolm will be marked as available for deletion by Moloch if available storage space becomes too low (default `false`)
 
 * `ZEEK_AUTO_ANALYZE_PCAP_FILES` – if set to `true`, all PCAP files imported into Malcolm will automatically be analyzed by Zeek, and the resulting logs will also be imported (default `false`)
@@ -433,8 +449,6 @@ Various other environment variables inside of `docker-compose.yml` can be tweake
 
 * `ZEEK_AUTO_ANALYZE_PCAP_THREADS` – the number of threads available to Malcolm for analyzing Zeek logs (default `1`)
 
-* `LOGSTASH_JAVA_EXECUTION_ENGINE` – if set to `true`, Logstash will use the new [Logstash Java Execution Engine](https://www.elastic.co/blog/meet-the-new-logstash-java-execution-engine) which may significantly speed up Logstash startup and processing
-
 * `LOGSTASH_OUI_LOOKUP` – if set to `true`, Logstash will map MAC addresses to vendors for all source and destination MAC addresses when analyzing Zeek logs (default `true`)
 
 * `LOGSTASH_REVERSE_DNS` – if set to `true`, Logstash will perform a reverse DNS lookup for all external source and destination IP address values when analyzing Zeek logs (default `false`)
@@ -619,7 +633,7 @@ After making these changes, right click on the Docker 🐋 icon in the system tr
 Installing and configuring Docker to run under Windows must be done manually, rather than through the `install.py` script as is done for Linux and macOS.
 
 1. In order to be able to configure Docker volume mounts correctly, you should be running [Windows 10, version 1803](https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1803) or higher.
-1. The control scripts in the `scripts/` directory are written in the Bash command language. The easiest way to run Bash in Windows is using the [Windows Subsystem for Linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10) (WSL). To install WSL, run the following command in PowerShell as Administrator:
+1. The control scripts in the `scripts/` directory are written in the Python. They also rely on a few other utilities such as OpenSSL and htpasswd. The easiest way to run these tools in Windows is using the [Windows Subsystem for Linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10) (WSL) (however, they may also be installed and configured manually: [Python](https://www.python.org/downloads/windows); [OpenSSL](https://wiki.openssl.org/index.php/Binaries); [htpasswd](https://httpd.apache.org/docs/current/platform/windows.html#down), download the `httpd….zip` file and extract `htpasswd.exe` from the `Apache…\bin\` directory). To install WSL, run the following command in PowerShell as Administrator:
     + `Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux`
 1. Install the [Linux distribution of your choice](https://docs.microsoft.com/en-us/windows/wsl/install-win10#install-your-linux-distribution-of-choice) in WSL. These instructions have been tested using Debian, but will probably work with other distributions as well.
 1. Run the following commands in PowerShell as Administrator to enable required Windows features:
@@ -648,6 +662,8 @@ Installing and configuring Docker to run under Windows must be done manually, ra
 
 Once Docker is installed, configured and running as described in the previous section, run [`./scripts/install.py --configure`](#ConfigAndTuning) (in WSL it will probably be something like `sudo python3 ./scripts/install.py --configure`) to finish configuration of the local Malcolm installation.
 
+The control scripts outlined in the [Running Malcolm](#Running) section may not be symlinked correctly under Windows. Rather than running `./scripts/start`, `./scripts/stop`, etc., you can run `python3 ./scripts/control.py --start`, `python3 ./scripts/control.py --stop`, etc. to the same effect.
+
 ## <a name="Running"></a>Running Malcolm
 
 ### <a name="AuthSetup"></a>Configure authentication
@@ -660,7 +676,7 @@ LDAP authentication are managed on a remote directory service, such as a [Micros
 
 Malcolm's authentication method is defined in the `x-auth-variables` section near the top of the [`docker-compose.yml`](#DockerComposeYml) file with the `NGINX_BASIC_AUTH` environment variable: `true` for local TLS-encrypted HTTP basic authentication, `false` for LDAP authentication.
 
-In either case, you **must** run `./scripts/auth_setup.sh` before starting Malcolm for the first time in order to:
+In either case, you **must** run `./scripts/auth_setup` before starting Malcolm for the first time in order to:
 
 * define the local Malcolm administrator account username and password (although these credentials will only be used for basic authentication, not LDAP authentication)
 * specify whether or not to (re)generate the self-signed certificates used for HTTPS access
@@ -673,7 +689,7 @@ In either case, you **must** run `./scripts/auth_setup.sh` before starting Malco
 
 ##### <a name="AuthBasicAccountManagement"></a>Local account management
 
-[`auth_setup.sh`](#AuthSetup) is used to define the username and password for the administrator account. Once Malcolm is running, the administrator account can be used to manage other user accounts via a **Malcolm User Management** page served over HTTPS on port 488 (e.g., [https://localhost:488](https://localhost:488) if you are connecting locally).
+[`auth_setup`](#AuthSetup) is used to define the username and password for the administrator account. Once Malcolm is running, the administrator account can be used to manage other user accounts via a **Malcolm User Management** page served over HTTPS on port 488 (e.g., [https://localhost:488](https://localhost:488) if you are connecting locally).
 
 Malcolm user accounts can be used to access the [interfaces](#UserInterfaceURLs) of all of its [components](#Components), including Moloch. Moloch uses its own internal database of user accounts, so when a Malcolm user account logs in to Moloch for the first time Malcolm creates a corresponding Moloch user account automatically. This being the case, it is *not* recommended to use the Moloch **Users** settings page or change the password via the **Password** form under the Moloch **Settings** page, as those settings would not be consistently used across Malcolm.
 
@@ -681,7 +697,7 @@ Users may change their passwords via the **Malcolm User Management** page by cli
 
 #### <a name="AuthLDAP"></a>Lightweight Directory Access Protocol (LDAP) authentication
 
-The [nginx-auth-ldap](https://github.com/kvspb/nginx-auth-ldap) module serves as the interface between Malcolm's [Nginx](https://nginx.org/) web server and a remote LDAP server. When you run [`auth_setup.sh`](#AuthSetup) for the first time, a sample LDAP configuration file is created at `nginx/nginx_ldap.conf`. 
+The [nginx-auth-ldap](https://github.com/kvspb/nginx-auth-ldap) module serves as the interface between Malcolm's [Nginx](https://nginx.org/) web server and a remote LDAP server. When you run [`auth_setup`](#AuthSetup) for the first time, a sample LDAP configuration file is created at `nginx/nginx_ldap.conf`. 
 
 ```
 # This is a sample configuration for the ldap_server section of nginx.conf.
@@ -716,7 +732,7 @@ The contents of `nginx_ldap.conf` will vary depending on how the LDAP server is
 * **`group_attribute_is_dn`** - whether or not to search for the full distinguished name in the member object
 * **`require`** and **`satisfy`** - `require user`, `require group` and `require valid_user` can be used in conjunction with `satisfy any` or `satisfy all` to limit the users that are allowed to access the Malcolm instance
 
-Before starting Malcolm, edit `nginx/nginx_ldap.conf` according to the specifics of your LDAP server and directory tree structure. Using a LDAP search tool such as [`ldapsearch`](https://www.openldap.org/software/man.cgi?query=ldapsearch) in Linux or [`dsquery`](https://social.technet.microsoft.com/wiki/contents/articles/2195.active-directory-dsquery-commands.aspx) in Windows may be of help as you formulate the configuration. Your changes should be made within the curly braces of the `ldap_server ad_server { … }` section. You can troubleshoot configuration file syntax errors and LDAP connection or credentials issues by running `./scripts/logs.sh` (or `docker-compose logs nginx`) and examining the output of the `nginx` container.
+Before starting Malcolm, edit `nginx/nginx_ldap.conf` according to the specifics of your LDAP server and directory tree structure. Using a LDAP search tool such as [`ldapsearch`](https://www.openldap.org/software/man.cgi?query=ldapsearch) in Linux or [`dsquery`](https://social.technet.microsoft.com/wiki/contents/articles/2195.active-directory-dsquery-commands.aspx) in Windows may be of help as you formulate the configuration. Your changes should be made within the curly braces of the `ldap_server ad_server { … }` section. You can troubleshoot configuration file syntax errors and LDAP connection or credentials issues by running `./scripts/logs` (or `docker-compose logs nginx`) and examining the output of the `nginx` container.
 
 The **Malcolm User Management** page described above is not available when using LDAP authentication.
 
@@ -745,23 +761,23 @@ In addition to the `NGINX_BASIC_AUTH` environment variable being set to `false`
 
 [Docker compose](https://docs.docker.com/compose/) is used to coordinate running the Docker containers. To start Malcolm, navigate to the directory containing `docker-compose.yml` and run:
 ```
-$ ./scripts/start.sh
+$ ./scripts/start
 ```
 This will create the containers' virtual network and instantiate them, then leave them running in the background. The Malcolm containers may take a several minutes to start up completely. To follow the debug output for an already-running Malcolm instance, run:
 ```
-$ ./scripts/logs.sh
+$ ./scripts/logs
 ```
 You can also use `docker stats` to monitor the resource utilization of running containers.
 
 ### <a name="StopAndRestart"></a>Stopping and restarting Malcolm
 
-You can run `./scripts/stop.sh` to stop the docker containers and remove their virtual network. Alternately, `./scripts/restart.sh` will restart an instance of Malcolm. Because the data on disk is stored on the host in docker volumes, doing these operations will not result in loss of data. 
+You can run `./scripts/stop` to stop the docker containers and remove their virtual network. Alternatively, `./scripts/restart` will restart an instance of Malcolm. Because the data on disk is stored on the host in docker volumes, doing these operations will not result in loss of data. 
 
 Malcolm can be configured to be automatically restarted when the Docker system daemon restart (for example, on system reboot). This behavior depends on the [value](https://docs.docker.com/config/containers/start-containers-automatically/) of the [`restart:`](https://docs.docker.com/compose/compose-file/#restart) setting for each service in the `docker-compose.yml` file. This value can be set by running [`./scripts/install.py --configure`](#ConfigAndTuning) and answering "yes" to "`Restart Malcolm upon system or Docker daemon restart?`."
 
 ### <a name="Wipe"></a>Clearing Malcolm’s data
 
-Run `./scripts/wipe.sh` to stop the Malcolm instance and wipe its Elasticsearch database (including [index snapshots](#Curator)).
+Run `./scripts/wipe` to stop the Malcolm instance and wipe its Elasticsearch database (including [index snapshots](#Curator)).
 
 ## <a name="Upload"></a>Capture file and log archive upload
 
@@ -846,23 +862,6 @@ output.logstash:
   ssl.verification_mode: "none"
 ```
 
-### <a name="LiveZeek"></a>Monitoring a local Zeek instance
-
-Another option for analyzing live network data is to run an external local copy of Zeek (ie., not within Malcolm) so that the log files it creates are seen by Malcolm and automatically processed as they are written to a local directory on the same host.
-
-To do this, you'll need to configure Malcolm's local Filebeat log forwarder so that it will continue to look for changes to Zeek logs that are actively being written to even once it reaches the end of the file. You can do this by replacing `docker-compose.yml` with `docker-compose-standalone-zeek-live.yml` before starting Malcolm:
-
-```
-$ mv -f ./docker-compose-standalone-zeek-live.yml ./docker-compose.yml
-```
-
-Alternately, you can run the `start.sh` script (and the other control scripts) like this, without modifying your original `docker-compose.yml` file:
-```
-$ ./scripts/start.sh ./docker-compose-standalone-zeek-live.yml
-```
-
-Once Malcolm has been [started](#Starting), `cd` into `./zeek-logs/current/` and run `bro` from inside that directory.
-
 ## <a name="Moloch"></a>Moloch
 
 The Moloch interface will be accessible over HTTPS on port 443 at the docker hosts IP address (e.g., [https://localhost](https://localhost) if you are connecting locally).
@@ -1301,8 +1300,29 @@ If both `zeek.orig_segment` and `zeek.resp_segment` are added to a log, and if t
 
 ![Cross-segment traffic in Connections](./docs/images/screenshots/moloch_connections_segments.png)
 
+#### <a name="NameMapUI"></a>Defining hostname and CIDR subnet names interface
+
+As an alternative to manually editing `cidr-map.txt` and `host-map.txt`, a **Host and Subnet Name Mapping** editor is available at [https://localhost/name-map-ui/](https://localhost/name-map-ui/) if you are connecting locally. Upon loading, the editor is populated from `cidr-map.txt`, `host-map.txt` and `net-map.json`. 
+
+This editor provides the following controls:
+
+* 🔎 **Search mappings** - narrow the list of visible items using a search filter
+* **Type**, **Address**, **Name** and **Tag** *(column headings)* - sort the list of items by clicking a column header
+* 📝 *(per item)* - modify the selected item
+* 🚫 *(per item)* - remove the selected item
+* 🖳 **host** / 🖧 **segment**, **Address**, **Name**, **Tag (optional)** and 💾 - save the item with these values (either adding a new item or updating the item being modified)
+* 📥 **Import** - clear the list and replace it with the contents of an uploaded `net-map.json` file
+* 📤 **Export** - format and download the list as a `net-map.json` file
+* 💾 **Save Mappings** - format and store `net-map.json` in the Malcolm directory (replacing the existing `net-map.json` file)
+* 🔁 **Restart Logstash** - restart log ingestion, parsing and enrichment
+
+![Host and Subnet Name Mapping Editor](./docs/images/screenshots/malcolm_name_map_ui.png)
+
 #### <a name="ApplyMapping"></a>Applying mapping changes
-When changes are made to either `cidr-map.txt` or `host-map.txt`, Malcolm's Logstash container must be restarted. The easiest way to do this is to restart malcolm via `restart.sh` (see [Stopping and restarting Malcolm](#StopAndRestart)).
+
+When changes are made to either `cidr-map.txt`, `host-map.txt` or `net-map.json`, Malcolm's Logstash container must be restarted. The easiest way to do this is to restart malcolm via `restart` (see [Stopping and restarting Malcolm](#StopAndRestart)) or by clicking the 🔁 **Restart Logstash** button in the [name mapping interface](#NameMapUI) interface.
+
+Restarting Logstash may take several minutes, after which log ingestion will be resumed.
 
 ## <a name="Curator"></a>Elasticsearch index curation
 
@@ -1353,7 +1373,7 @@ Building the ISO may take 30 minutes or more depending on your system. As the bu
 
 ```
 …
-Finished, created "/malcolm-build/malcolm-iso/malcolm-1.8.1.iso"
+Finished, created "/malcolm-build/malcolm-iso/malcolm-2.0.0.iso"
 …
 ```
 
@@ -1392,7 +1412,7 @@ Following these prompts, the installer will reboot and the Malcolm base operatin
 
 When the system boots for the first time, the Malcolm Docker images will load if the installer was built with pre-packaged installation files as described above. Wait for this operation to continue (the progress dialog will disappear when they have finished loading) before continuing the setup.
 
-Open a terminal (click the red terminal 🗔 icon next to the Debian swirl logo 🍥 menu button in the menu bar). At this point, setup is similar to the steps described in the [Quick start](#QuickStart) section. Navigate to the Malcolm directory (`cd ~/Malcolm`) and run [`auth_setup.sh`](#AuthSetup) to configure authentication. If the ISO didn't have pre-packaged Malcolm images, or if you'd like to retrieve the latest updates, run `docker-compose pull`. Finalize your configuration by running `sudo python3 scripts/install.py -c` and follow the prompts as illustrated in the [installation example](#InstallationExample).
+Open a terminal (click the red terminal 🗔 icon next to the Debian swirl logo 🍥 menu button in the menu bar). At this point, setup is similar to the steps described in the [Quick start](#QuickStart) section. Navigate to the Malcolm directory (`cd ~/Malcolm`) and run [`auth_setup`](#AuthSetup) to configure authentication. If the ISO didn't have pre-packaged Malcolm images, or if you'd like to retrieve the latest updates, run `docker-compose pull`. Finalize your configuration by running `sudo python3 scripts/install.py -c` and follow the prompts as illustrated in the [installation example](#InstallationExample).
 
 Once Malcolm is configured, you can [start Malcolm](#Starting) via the command line or by clicking the circular yellow Malcolm icon in the menu bar.
 
@@ -1639,7 +1659,7 @@ Enter installation path for Malcolm [/home/user/Downloads/malcolm]: /home/user/M
 Malcolm runtime files extracted to /home/user/Malcolm
 ```
 
-Alternately, **if you are configuring Malcolm from within a git working copy**, `install.py` will now exit. Run `install.py` again like you did at the beginning of the example, only remove the `sudo` and add `--configure` to run `install.py` in "configuration only" mode. 
+Alternatively, **if you are configuring Malcolm from within a git working copy**, `install.py` will now exit. Run `install.py` again like you did at the beginning of the example, only remove the `sudo` and add `--configure` to run `install.py` in "configuration only" mode. 
 ```
 user@host:~/Malcolm$ python3 scripts/install.py --configure
 ```
@@ -1715,7 +1735,7 @@ At this point you should **reboot your computer** so that the new system setting
 
 Now we need to [set up authentication](#AuthSetup) and generate some unique self-signed SSL certificates. You can replace `analyst` in this example with whatever username you wish to use to log in to the Malcolm web interface.
 ```
-user@host:~/Malcolm$ ./scripts/auth_setup.sh
+user@host:~/Malcolm$ ./scripts/auth_setup
 Username: analyst
 analyst password:
 analyst password (again):
@@ -1735,6 +1755,8 @@ Pulling elastalert    ... done
 Pulling elasticsearch ... done
 Pulling file-monitor  ... done
 Pulling filebeat      ... done
+Pulling freq          ... done
+Pulling name-map-ui   ... done
 Pulling htadmin       ... done
 Pulling kibana        ... done
 Pulling logstash      ... done
@@ -1747,34 +1769,38 @@ Pulling zeek          ... done
 
 user@host:~/Malcolm$ docker images
 REPOSITORY                                          TAG                 IMAGE ID            CREATED             SIZE
-malcolmnetsec/moloch                                1.8.1               xxxxxxxxxxxx        27 minutes ago      517MB
-malcolmnetsec/zeek                                  1.8.1               xxxxxxxxxxxx        27 minutes ago      489MB
-malcolmnetsec/htadmin                               1.8.1               xxxxxxxxxxxx        2 hours ago         180MB
-malcolmnetsec/nginx-proxy                           1.8.1               xxxxxxxxxxxx        4 hours ago         53MB
-malcolmnetsec/file-upload                           1.8.1               xxxxxxxxxxxx        24 hours ago        198MB
-malcolmnetsec/pcap-capture                          1.8.1               xxxxxxxxxxxx        24 hours ago        111MB
-malcolmnetsec/pcap-monitor                          1.8.1               xxxxxxxxxxxx        24 hours ago        156MB
-malcolmnetsec/file-monitor                          1.8.1               xxxxxxxxxxxx        24 hours ago        355MB
-malcolmnetsec/logstash-oss                          1.8.1               xxxxxxxxxxxx        25 hours ago        1.24GB
-malcolmnetsec/curator                               1.8.1               xxxxxxxxxxxx        25 hours ago        303MB
-malcolmnetsec/kibana-oss                            1.8.1               xxxxxxxxxxxx        33 hours ago        944MB
-malcolmnetsec/filebeat-oss                          1.8.1               xxxxxxxxxxxx        11 days ago         459MB
-malcolmnetsec/elastalert                            1.8.1               xxxxxxxxxxxx        11 days ago         276MB
-docker.elastic.co/elasticsearch/elasticsearch-oss   7.5.1               xxxxxxxxxxxx        5 weeks ago         769MB
+malcolmnetsec/moloch                                2.0.0               xxxxxxxxxxxx        27 minutes ago      517MB
+malcolmnetsec/zeek                                  2.0.0               xxxxxxxxxxxx        27 minutes ago      489MB
+malcolmnetsec/htadmin                               2.0.0               xxxxxxxxxxxx        2 hours ago         180MB
+malcolmnetsec/nginx-proxy                           2.0.0               xxxxxxxxxxxx        4 hours ago         53MB
+malcolmnetsec/file-upload                           2.0.0               xxxxxxxxxxxx        24 hours ago        198MB
+malcolmnetsec/pcap-capture                          2.0.0               xxxxxxxxxxxx        24 hours ago        111MB
+malcolmnetsec/pcap-monitor                          2.0.0               xxxxxxxxxxxx        24 hours ago        156MB
+malcolmnetsec/file-monitor                          2.0.0               xxxxxxxxxxxx        24 hours ago        355MB
+malcolmnetsec/logstash-oss                          2.0.0               xxxxxxxxxxxx        25 hours ago        1.24GB
+malcolmnetsec/curator                               2.0.0               xxxxxxxxxxxx        25 hours ago        303MB
+malcolmnetsec/kibana-oss                            2.0.0               xxxxxxxxxxxx        33 hours ago        944MB
+malcolmnetsec/filebeat-oss                          2.0.0               xxxxxxxxxxxx        11 days ago         459MB
+malcolmnetsec/elastalert                            2.0.0               xxxxxxxxxxxx        11 days ago         276MB
+malcolmnetsec/freq                                  2.0.0               xxxxxxxxxxxx        11 days ago         188MB
+malcolmnetsec/name-map-ui                           2.0.0               xxxxxxxxxxxx        35 minutes ago      20MB
+docker.elastic.co/elasticsearch/elasticsearch-oss   7.6.2               xxxxxxxxxxxx        5 weeks ago         769MB
 ```
 
 Finally, we can start Malcolm. When Malcolm starts it will stream informational and debug messages to the console. If you wish, you can safely close the console or use `Ctrl+C` to stop these messages; Malcolm will continue running in the background.
 ```
-user@host:~/Malcolm$ ./scripts/start.sh
+user@host:~/Malcolm$ ./scripts/start
 Creating network "malcolm_default" with the default driver
 Creating malcolm_curator_1       ... done
 Creating malcolm_elastalert_1    ... done
 Creating malcolm_elasticsearch_1 ... done
 Creating malcolm_file-monitor_1  ... done
 Creating malcolm_filebeat_1      ... done
+Creating malcolm_freq_1          ... done
 Creating malcolm_htadmin_1       ... done
 Creating malcolm_kibana_1        ... done
 Creating malcolm_logstash_1      ... done
+Creating malcolm_name-map-ui_1   ... done
 Creating malcolm_moloch_1        ... done
 Creating malcolm_nginx-proxy_1   ... done
 Creating malcolm_pcap-capture_1  ... done
@@ -1788,11 +1814,12 @@ In a few minutes, Malcolm services will be accessible via the following URLs:
   - Kibana: https://localhost/kibana/
   - PCAP Upload (web): https://localhost/upload/
   - PCAP Upload (sftp): sftp://username@127.0.0.1:8022/files/
+  - Host and subnet name mapping editor: https://localhost/name-map-ui/
   - Account management: https://localhost:488/
 …
 ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 …
-Attaching to malcolm_curator_1, malcolm_elastalert_1, malcolm_elasticsearch_1, malcolm_file-monitor_1, malcolm_filebeat_1, malcolm_htadmin_1, malcolm_kibana_1, malcolm_logstash_1, malcolm_moloch_1, malcolm_nginx-proxy_1, malcolm_pcap-capture_1, malcolm_pcap-monitor_1, malcolm_upload_1, malcolm_zeek_1
+Attaching to malcolm_curator_1, malcolm_elastalert_1, malcolm_elasticsearch_1, malcolm_file-monitor_1, malcolm_filebeat_1, malcolm_freq_1, malcolm_htadmin_1, malcolm_kibana_1, malcolm_logstash_1, malcolm_name-map-ui_1, malcolm_moloch_1, malcolm_nginx-proxy_1, malcolm_pcap-capture_1, malcolm_pcap-monitor_1, malcolm_upload_1, malcolm_zeek_1
 …
 ```
 
@@ -1808,7 +1835,7 @@ You can now open a web browser and navigate to one of the [Malcolm user interfac
 
 ## <a name="Footer"></a>Copyright
 
-[Malcolm](https://github.com/idaholab/Malcolm) is Copyright 2019 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
+[Malcolm](https://github.com/idaholab/Malcolm) is Copyright 2020 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
 
 See [`License.txt`](./License.txt) for the terms of its release.
 
diff --git a/cidr-map.txt b/cidr-map.txt
index 5ca134e3f..e4417cff2 100644
--- a/cidr-map.txt
+++ b/cidr-map.txt
@@ -10,3 +10,5 @@
 #   required tag (optional): only check match and apply segment name if the event
 #                            contains this tag
 #
+#  Alternatively, as of Malcolm v2.0 there is a web UI editor for defining subnet
+#  to segment name maps, located at https://<Malcolm IP>/name-map-ui.
\ No newline at end of file
diff --git a/curator/scripts/register-elasticsearch-snapshot-repo.sh b/curator/scripts/register-elasticsearch-snapshot-repo.sh
index 883baf522..4564d4e54 100755
--- a/curator/scripts/register-elasticsearch-snapshot-repo.sh
+++ b/curator/scripts/register-elasticsearch-snapshot-repo.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 if [ $# -gt 0 ]; then
   ES_URL="$1"
diff --git a/docker-compose-standalone-zeek-live.yml b/docker-compose-standalone-zeek-live.yml
deleted file mode 100644
index 4c2e1cefa..000000000
--- a/docker-compose-standalone-zeek-live.yml
+++ /dev/null
@@ -1,380 +0,0 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-version: '3.7'
-
-################################################################################
-# Commonly tweaked configuration options
-#-------------------------------------------------------------------------------
-x-auth-variables: &auth-variables
-  # authentication method: encrypted HTTP basic authentication ('true') vs LDAP ('false')
-  NGINX_BASIC_AUTH : 'true'
-  # NGINX LDAP (NGINX_BASIC_AUTH=false) can support LDAP, LDAPS, or LDAP+StartTLS.
-  #   For StartTLS, set NGINX_LDAP_TLS_STUNNEL=true to issue the StartTLS command
-  #   and use stunnel to tunnel the connection.
-  NGINX_LDAP_TLS_STUNNEL : 'false'
-  # When NGINX_LDAP_TLS_STUNNEL=true, which protocol to use when initiating the
-  # "extendedReq(1) LDAP_START_TLS_OID" command: winldap or openldap
-  NGINX_LDAP_TLS_STUNNEL_PROTOCOL : 'winldap'
-
-x-moloch-variables: &moloch-variables
-  MANAGE_PCAP_FILES : 'false'
-  MOLOCH_ANALYZE_PCAP_THREADS : 1
-  MAXMIND_GEOIP_DB_LICENSE_KEY : '0'
-
-x-zeek-variables: &zeek-variables
-  ZEEK_AUTO_ANALYZE_PCAP_FILES : 'true'
-  ZEEK_AUTO_ANALYZE_PCAP_THREADS : 1
-  ZEEK_EXTRACTOR_MODE : 'none'
-  EXTRACTED_FILE_IGNORE_EXISTING : 'false'
-  EXTRACTED_FILE_PRESERVATION : 'quarantined'
-  EXTRACTED_FILE_MIN_BYTES : 64
-  EXTRACTED_FILE_MAX_BYTES : 134217728
-  VTOT_API2_KEY : '0'
-  VTOT_REQUESTS_PER_MINUTE : 4
-  EXTRACTED_FILE_ENABLE_CLAMAV : 'false'
-  EXTRACTED_FILE_ENABLE_FRESHCLAM : 'false'
-  EXTRACTED_FILE_PIPELINE_DEBUG : 'false'
-  EXTRACTED_FILE_PIPELINE_DEBUG_EXTRA : 'false'
-
-x-logstash-variables: &logstash-variables
-  # experimental java execution engine (https://www.elastic.co/blog/meet-the-new-logstash-java-execution-engine)
-  LOGSTASH_JAVA_EXECUTION_ENGINE : 'true'
-  LOGSTASH_OUI_LOOKUP  : 'true'
-  LOGSTASH_REVERSE_DNS : 'false'
-  # ES_EXTERNAL_HOSTS : '10.0.0.123:9200'
-  # ES_EXTERNAL_SSL : 'true'
-  # ES_EXTERNAL_SSL_CERTIFICATE_VERIFICATION : 'false'
-  # For security, ES_EXTERNAL_USER and ES_EXTERNAL_PASSWORD should be stored in Logstash keystore using ./scripts/auth_setup.sh
-  #   See also volume mount for logstash.keystore below.
-  # ES_EXTERNAL_USER : 'janedoe'
-  # ES_EXTERNAL_PASSWORD : 'secret'
-
-x-kibana-variables: &kibana-variables
-  KIBANA_OFFLINE_REGION_MAPS : 'true'
-
-x-curator-variables: &curator-variables
-  # get index dates from actual date index was created (creation_date) vs. extracted from index name (name)
-  CURATOR_TIME_SOURCE : 'name'
-  # for managing automatic closing of older Elasticsearch indices (to conserve memory)
-  CURATOR_CLOSE_UNITS : years
-  CURATOR_CLOSE_COUNT : 10
-  # for managing automatic deleting of older Elasticsearch indices (to reduce disk consumption)
-  CURATOR_DELETE_UNITS : years
-  CURATOR_DELETE_COUNT : 99
-  # for managing automatic deleting of Elasticsearch indices based on cumulative size (to reduce disk consumption)
-  CURATOR_DELETE_GIGS : 1000000
-  # for managing automatic snapshots of Elasticsearch indices
-  CURATOR_SNAPSHOT_DISABLED : 'True'
-  # name of Elasticsearch snapshot repository under path.repo
-  CURATOR_SNAPSHOT_REPO : 'logs'
-  # controls compression of Elasticsearch snapshots managed by the curator
-  CURATOR_SNAPSHOT_COMPRESSED : 'false'
-
-x-common-upload-variables: &common-upload-variables
-  AUTO_TAG : 'true'
-  PCAP_PIPELINE_DEBUG : 'false'
-  PCAP_PIPELINE_DEBUG_EXTRA : 'false'
-  PCAP_PIPELINE_IGNORE_PREEXISTING : 'false'
-  PCAP_MONITOR_HOST : 'pcap-monitor'
-
-x-common-beats-variables: &common-beats-variables
-  BEATS_SSL : 'false'
-
-x-pcap-capture-variables: &pcap-capture-variables
-  PCAP_ENABLE_NETSNIFF : 'false'
-  PCAP_ENABLE_TCPDUMP : 'false'
-  PCAP_IFACE : 'eth0'
-  PCAP_ROTATE_MEGABYTES : 1024
-  PCAP_ROTATE_MINUTES : 10
-  PCAP_FILTER : ''
-################################################################################
-
-services:
-  elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.5.1
-    restart: "no"
-    hostname: elasticsearch
-    environment:
-      logger.level : 'WARN'
-      bootstrap.memory_lock : 'true'
-      ES_JAVA_OPTS : '-Xms4g -Xmx4g -Xss256k -Djava.security.egd=file:/dev/./urandom'
-      VIRTUAL_HOST : 'es.malcolm.local'
-      discovery.type : 'single-node'
-      # cluster.initial_master_nodes : 'elasticsearch'
-      cluster.routing.allocation.disk.threshold_enabled : 'false'
-      cluster.routing.allocation.node_initial_primaries_recoveries : 8
-      path.repo : '/opt/elasticsearch/backup'
-    expose:
-      - 9200
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-    cap_add:
-      - IPC_LOCK
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9200"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 180s
-    volumes:
-      - ./elasticsearch:/usr/share/elasticsearch/data:delegated
-      - ./elasticsearch-backup:/opt/elasticsearch/backup:delegated
-  kibana:
-    image: malcolmnetsec/kibana-oss:1.8.1
-    restart: "no"
-    hostname: kibana
-    environment:
-      << : *kibana-variables
-      ELASTICSEARCH_URL : 'http://elasticsearch:9200'
-      VIRTUAL_HOST : 'kibana.malcolm.local'
-      CREATE_ES_MOLOCH_SESSION_INDEX : 'true'
-      MOLOCH_INDEX_PATTERN : 'sessions2-*'
-      MOLOCH_INDEX_PATTERN_ID : 'sessions2-*'
-      MOLOCH_INDEX_TIME_FIELD : 'firstPacket'
-    depends_on:
-      - elasticsearch
-    expose:
-      - 5601
-      - 28991
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:5601/kibana/api/status"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
-  elastalert:
-    image: malcolmnetsec/elastalert:1.8.1
-    restart: "no"
-    hostname: elastalert
-    environment:
-      ELASTICSEARCH_URL : 'http://elasticsearch:9200'
-      ES_HOST : 'elasticsearch'
-      ES_PORT : 9200
-      VIRTUAL_HOST : 'elastalert.malcolm.local'
-    depends_on:
-      - elasticsearch
-    expose:
-      - 3030
-      - 3333
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:3030"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
-    volumes:
-      - ./elastalert/config/elastalert.yaml:/opt/elastalert/config.yaml
-      - ./elastalert/config/smtp-auth.yaml:/opt/elastalert/smtp-auth.yaml:ro
-      - ./elastalert/config/config.json:/opt/elastalert-server/config/config.json
-      - ./elastalert/rules/:/opt/elastalert/rules/
-  curator:
-    image: malcolmnetsec/curator:1.8.1
-    restart: "no"
-    hostname: curator
-    environment:
-      << : *curator-variables
-      ES_HOST : 'elasticsearch'
-      ES_PORT : 9200
-    depends_on:
-      - elasticsearch
-  logstash:
-    image: malcolmnetsec/logstash-oss:1.8.1
-    restart: "no"
-    hostname: logstash
-    environment:
-      << : *logstash-variables
-      << : *common-beats-variables
-      ES_HOSTS : 'elasticsearch:9200'
-      LS_JAVA_OPTS : '-Xms2g -Xmx2g -Djava.security.egd=file:/dev/./urandom'
-    depends_on:
-      - elasticsearch
-    expose:
-      - 5000
-      - 5044
-      - 9600
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9600"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 600s
-    volumes:
-      # - ./logstash/certs/logstash.keystore:/usr/share/logstash/config/logstash.keystore:ro
-      - ./logstash/certs/ca.crt:/certs/ca.crt:ro
-      - ./logstash/certs/server.crt:/certs/server.crt:ro
-      - ./logstash/certs/server.key:/certs/server.key:ro
-      - ./cidr-map.txt:/usr/share/logstash/config/cidr-map.txt:ro
-      - ./host-map.txt:/usr/share/logstash/config/host-map.txt:ro
-  filebeat:
-    image: malcolmnetsec/filebeat-oss:1.8.1
-    restart: "no"
-    hostname: filebeat
-    environment:
-      << : *common-upload-variables
-      << : *common-beats-variables
-      FILEBEAT_LOG_PATH : '/data/zeek/current'
-      FILEBEAT_LOG_CLEANUP_MINUTES : 180
-      FILEBEAT_ZIP_CLEANUP_MINUTES : 360
-      FILEBEAT_SCAN_FREQUENCY : '10s'
-      FILEBEAT_CLEAN_INACTIVE : '180m'
-      FILEBEAT_IGNORE_OLDER : '120m'
-      FILEBEAT_CLOSE_INACTIVE : '90m'
-      FILEBEAT_CLOSE_RENAMED : 'false'
-      FILEBEAT_CLOSE_REMOVED : 'true'
-      FILEBEAT_CLOSE_EOF : 'false'
-      FILEBEAT_CLEAN_REMOVED : 'true'
-    depends_on:
-      - logstash
-    volumes:
-      - ./zeek-logs:/data/zeek
-      - ./filebeat/certs/ca.crt:/certs/ca.crt:ro
-      - ./filebeat/certs/client.crt:/certs/client.crt:ro
-      - ./filebeat/certs/client.key:/certs/client.key:ro
-  moloch:
-    image: malcolmnetsec/moloch:1.8.1
-    restart: "no"
-    hostname: moloch
-    env_file:
-      - ./auth.env
-    environment:
-      << : *common-upload-variables
-      << : *moloch-variables
-      MOLOCH_VERSION : '2.1.2'
-      VIRTUAL_HOST : 'moloch.malcolm.local'
-      ES_HOST : 'elasticsearch'
-      ES_PORT : 9200
-      ES_MAX_SHARDS_PER_NODE : 2500
-      VIEWER : 'on'
-      WISE : 'on'
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-    depends_on:
-      - elasticsearch
-    expose:
-      - 8000
-      - 8005
-      - 8081
-    volumes:
-      - ./pcap:/data/pcap
-      - ./moloch-logs:/data/moloch/logs
-      - ./moloch-raw:/data/moloch/raw
-  zeek:
-    image: malcolmnetsec/zeek:1.8.1
-    restart: "no"
-    hostname: zeek
-    environment:
-      << : *common-upload-variables
-      << : *zeek-variables
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-    depends_on:
-      - elasticsearch
-    volumes:
-      - ./pcap:/pcap
-      - ./zeek-logs/upload:/zeek/upload
-      - ./zeek-logs/extract_files:/zeek/extract_files
-  file-monitor:
-    image: malcolmnetsec/file-monitor:1.8.1
-    restart: "no"
-    hostname: filemon
-    environment:
-      << : *zeek-variables
-    expose:
-      - 3310
-    volumes:
-      - ./zeek-logs/extract_files:/data/zeek/extract_files
-      - ./zeek-logs/current:/data/zeek/logs
-  pcap-capture:
-    image: malcolmnetsec/pcap-capture:1.8.1
-    restart: "no"
-    network_mode: host
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-    cap_add:
-      - IPC_LOCK
-      - NET_ADMIN
-      - NET_RAW
-      - SYS_ADMIN
-    environment:
-      << : *pcap-capture-variables
-    volumes:
-      - ./pcap/upload:/pcap
-  pcap-monitor:
-    image: malcolmnetsec/pcap-monitor:1.8.1
-    restart: "no"
-    hostname: pcapmon
-    environment:
-      << : *common-upload-variables
-      ELASTICSEARCH_URL : 'http://elasticsearch:9200'
-    depends_on:
-      - elasticsearch
-    expose:
-      - 30441
-    volumes:
-      - ./zeek-logs:/zeek
-      - ./pcap:/pcap
-  upload:
-    image: malcolmnetsec/file-upload:1.8.1
-    restart: "no"
-    hostname: upload
-    env_file:
-      - ./auth.env
-    environment:
-      SITE_NAME : 'Capture File and Log Archive Upload'
-      VIRTUAL_HOST : 'upload.malcolm.local'
-    depends_on:
-      - moloch
-    expose:
-      - 80
-    ports:
-      - 127.0.0.1:8022:22
-    volumes:
-      - ./pcap/upload:/var/www/upload/server/php/chroot/files
-  htadmin:
-    image: malcolmnetsec/htadmin:1.8.1
-    restart: "no"
-    hostname: htadmin
-    environment:
-      << : *auth-variables
-      VIRTUAL_HOST : 'htadmin.malcolm.local'
-    expose:
-      - 80
-    volumes:
-      - ./htadmin/config.ini:/var/www/htadmin/config/config.ini:rw
-      - ./htadmin/metadata:/var/www/htadmin/config/metadata:rw
-      - ./nginx/htpasswd:/var/www/htadmin/config/htpasswd:rw
-  nginx-proxy:
-    image: malcolmnetsec/nginx-proxy:1.8.1
-    restart: "no"
-    hostname: nginx-proxy
-    environment:
-      << : *auth-variables
-    depends_on:
-      - moloch
-      - kibana
-      - upload
-      - htadmin
-    ports:
-      - "443:443"
-      - "488:488"
-      - "3030:3030"
-      - "5601:5601"
-      - "8443:8443"
-      - "9200:9200"
-      - "9600:9600"
-      - "28991:28991"
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./nginx/nginx_ldap.conf:/etc/nginx/nginx_ldap.conf:ro
-      - ./nginx/htpasswd:/etc/nginx/.htpasswd:ro
-      - ./nginx/certs:/etc/nginx/certs:ro
-      - ./nginx/certs/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro
-
diff --git a/docker-compose-standalone.yml b/docker-compose-standalone.yml
index 6da54a451..924ce3cb9 100644
--- a/docker-compose-standalone.yml
+++ b/docker-compose-standalone.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 version: '3.7'
 
@@ -16,6 +16,10 @@ x-auth-variables: &auth-variables
   # "extendedReq(1) LDAP_START_TLS_OID" command: winldap or openldap
   NGINX_LDAP_TLS_STUNNEL_PROTOCOL : 'winldap'
 
+x-nginx-variables: &nginx-variables
+  # Whether or not to write nginx's access.log and error.log to Elasticsearch
+  NGINX_LOG_ACCESS_AND_ERRORS : 'false'
+
 x-moloch-variables: &moloch-variables
   MANAGE_PCAP_FILES : 'false'
   MOLOCH_ANALYZE_PCAP_THREADS : 1
@@ -37,14 +41,12 @@ x-zeek-variables: &zeek-variables
   EXTRACTED_FILE_PIPELINE_DEBUG_EXTRA : 'false'
 
 x-logstash-variables: &logstash-variables
-  # experimental java execution engine (https://www.elastic.co/blog/meet-the-new-logstash-java-execution-engine)
-  LOGSTASH_JAVA_EXECUTION_ENGINE : 'true'
   LOGSTASH_OUI_LOOKUP  : 'true'
   LOGSTASH_REVERSE_DNS : 'false'
   # ES_EXTERNAL_HOSTS : '10.0.0.123:9200'
   # ES_EXTERNAL_SSL : 'true'
   # ES_EXTERNAL_SSL_CERTIFICATE_VERIFICATION : 'false'
-  # For security, ES_EXTERNAL_USER and ES_EXTERNAL_PASSWORD should be stored in Logstash keystore using ./scripts/auth_setup.sh
+  # For security, ES_EXTERNAL_USER and ES_EXTERNAL_PASSWORD should be stored in Logstash keystore using ./scripts/auth_setup
   #   See also volume mount for logstash.keystore below.
   # ES_EXTERNAL_USER : 'janedoe'
   # ES_EXTERNAL_PASSWORD : 'secret'
@@ -77,6 +79,9 @@ x-common-upload-variables: &common-upload-variables
   PCAP_PIPELINE_IGNORE_PREEXISTING : 'false'
   PCAP_MONITOR_HOST : 'pcap-monitor'
 
+x-common-lookup-variables: &common-lookup-variables
+  FREQ_LOOKUP : 'false'
+
 x-common-beats-variables: &common-beats-variables
   BEATS_SSL : 'false'
 
@@ -91,7 +96,7 @@ x-pcap-capture-variables: &pcap-capture-variables
 
 services:
   elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.5.1
+    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.6.2
     restart: "no"
     hostname: elasticsearch
     environment:
@@ -112,17 +117,17 @@ services:
         hard: -1
     cap_add:
       - IPC_LOCK
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9200"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 180s
     volumes:
       - ./elasticsearch:/usr/share/elasticsearch/data:delegated
       - ./elasticsearch-backup:/opt/elasticsearch/backup:delegated
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:9200"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 180s
   kibana:
-    image: malcolmnetsec/kibana-oss:1.8.1
+    image: malcolmnetsec/kibana-oss:2.0.0
     restart: "no"
     hostname: kibana
     environment:
@@ -139,13 +144,13 @@ services:
       - 5601
       - 28991
     healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:5601/kibana/api/status"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:5601/kibana/api/status"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 210s
   elastalert:
-    image: malcolmnetsec/elastalert:1.8.1
+    image: malcolmnetsec/elastalert:2.0.0
     restart: "no"
     hostname: elastalert
     environment:
@@ -158,19 +163,19 @@ services:
     expose:
       - 3030
       - 3333
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:3030"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
     volumes:
       - ./elastalert/config/elastalert.yaml:/opt/elastalert/config.yaml
       - ./elastalert/config/smtp-auth.yaml:/opt/elastalert/smtp-auth.yaml:ro
       - ./elastalert/config/config.json:/opt/elastalert-server/config/config.json
       - ./elastalert/rules/:/opt/elastalert/rules/
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:3030"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 210s
   curator:
-    image: malcolmnetsec/curator:1.8.1
+    image: malcolmnetsec/curator:2.0.0
     restart: "no"
     hostname: curator
     environment:
@@ -179,27 +184,28 @@ services:
       ES_PORT : 9200
     depends_on:
       - elasticsearch
+    healthcheck:
+      test: ["CMD", "pidof", "cron"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 30s
   logstash:
-    image: malcolmnetsec/logstash-oss:1.8.1
+    image: malcolmnetsec/logstash-oss:2.0.0
     restart: "no"
     hostname: logstash
     environment:
       << : *logstash-variables
       << : *common-beats-variables
+      << : *common-lookup-variables
       ES_HOSTS : 'elasticsearch:9200'
       LS_JAVA_OPTS : '-Xms2g -Xmx2g -Djava.security.egd=file:/dev/./urandom'
     depends_on:
       - elasticsearch
     expose:
-      - 5000
       - 5044
+      - 9001
       - 9600
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9600"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 600s
     volumes:
       # - ./logstash/certs/logstash.keystore:/usr/share/logstash/config/logstash.keystore:ro
       - ./logstash/certs/ca.crt:/certs/ca.crt:ro
@@ -207,14 +213,23 @@ services:
       - ./logstash/certs/server.key:/certs/server.key:ro
       - ./cidr-map.txt:/usr/share/logstash/config/cidr-map.txt:ro
       - ./host-map.txt:/usr/share/logstash/config/host-map.txt:ro
+      - ./net-map.json:/usr/share/logstash/config/net-map.json:ro
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:9600"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 600s
   filebeat:
-    image: malcolmnetsec/filebeat-oss:1.8.1
+    image: malcolmnetsec/filebeat-oss:2.0.0
     restart: "no"
     hostname: filebeat
     environment:
+      << : *nginx-variables
       << : *common-upload-variables
       << : *common-beats-variables
       FILEBEAT_LOG_PATH : '/data/zeek/current'
+      FILEBEAT_NGINX_LOG_PATH : '/data/nginx'
       FILEBEAT_LOG_CLEANUP_MINUTES : 180
       FILEBEAT_ZIP_CLEANUP_MINUTES : 360
       FILEBEAT_SCAN_FREQUENCY : '10s'
@@ -228,12 +243,19 @@ services:
     depends_on:
       - logstash
     volumes:
+      - nginx-log-path:/data/nginx:ro
       - ./zeek-logs:/data/zeek
       - ./filebeat/certs/ca.crt:/certs/ca.crt:ro
       - ./filebeat/certs/client.crt:/certs/client.crt:ro
       - ./filebeat/certs/client.key:/certs/client.key:ro
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "filebeat"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   moloch:
-    image: malcolmnetsec/moloch:1.8.1
+    image: malcolmnetsec/moloch:2.0.0
     restart: "no"
     hostname: moloch
     env_file:
@@ -241,7 +263,7 @@ services:
     environment:
       << : *common-upload-variables
       << : *moloch-variables
-      MOLOCH_VERSION : '2.1.2'
+      MOLOCH_VERSION : '2.2.3'
       VIRTUAL_HOST : 'moloch.malcolm.local'
       ES_HOST : 'elasticsearch'
       ES_PORT : 9200
@@ -262,8 +284,14 @@ services:
       - ./pcap:/data/pcap
       - ./moloch-logs:/data/moloch/logs
       - ./moloch-raw:/data/moloch/raw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:8005/_ns_/nstest.html"]
+      interval: 90s
+      timeout: 30s
+      retries: 3
+      start_period: 210s
   zeek:
-    image: malcolmnetsec/zeek:1.8.1
+    image: malcolmnetsec/zeek:2.0.0
     restart: "no"
     hostname: zeek
     environment:
@@ -279,8 +307,14 @@ services:
       - ./pcap:/pcap
       - ./zeek-logs/upload:/zeek/upload
       - ./zeek-logs/extract_files:/zeek/extract_files
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "pcap-zeek"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   file-monitor:
-    image: malcolmnetsec/file-monitor:1.8.1
+    image: malcolmnetsec/file-monitor:2.0.0
     restart: "no"
     hostname: filemon
     environment:
@@ -290,8 +324,14 @@ services:
     volumes:
       - ./zeek-logs/extract_files:/data/zeek/extract_files
       - ./zeek-logs/current:/data/zeek/logs
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "watcher", "scanner", "logger"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   pcap-capture:
-    image: malcolmnetsec/pcap-capture:1.8.1
+    image: malcolmnetsec/pcap-capture:2.0.0
     restart: "no"
     network_mode: host
     ulimits:
@@ -307,8 +347,14 @@ services:
       << : *pcap-capture-variables
     volumes:
       - ./pcap/upload:/pcap
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   pcap-monitor:
-    image: malcolmnetsec/pcap-monitor:1.8.1
+    image: malcolmnetsec/pcap-monitor:2.0.0
     restart: "no"
     hostname: pcapmon
     environment:
@@ -321,8 +367,14 @@ services:
     volumes:
       - ./zeek-logs:/zeek
       - ./pcap:/pcap
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "watch-upload", "pcap-publisher"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 90s
   upload:
-    image: malcolmnetsec/file-upload:1.8.1
+    image: malcolmnetsec/file-upload:2.0.0
     restart: "no"
     hostname: upload
     env_file:
@@ -338,8 +390,14 @@ services:
       - 127.0.0.1:8022:22
     volumes:
       - ./pcap/upload:/var/www/upload/server/php/chroot/files
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   htadmin:
-    image: malcolmnetsec/htadmin:1.8.1
+    image: malcolmnetsec/htadmin:2.0.0
     restart: "no"
     hostname: htadmin
     environment:
@@ -351,17 +409,58 @@ services:
       - ./htadmin/config.ini:/var/www/htadmin/config/config.ini:rw
       - ./htadmin/metadata:/var/www/htadmin/config/metadata:rw
       - ./nginx/htpasswd:/var/www/htadmin/config/htpasswd:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
+  freq:
+    image: malcolmnetsec/freq:2.0.0
+    restart: "no"
+    hostname: freq
+    environment:
+      << : *common-lookup-variables
+      VIRTUAL_HOST : 'freq.malcolm.local'
+    expose:
+      - 10004
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:10004"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
+  name-map-ui:
+    image: malcolmnetsec/name-map-ui:2.0.0
+    restart: "no"
+    hostname: name-map-ui
+    environment:
+      VIRTUAL_HOST : 'name-map-ui.malcolm.local'
+    expose:
+      - 8080
+    volumes:
+      - ./cidr-map.txt:/var/www/html/maps/cidr-map.txt:ro
+      - ./host-map.txt:/var/www/html/maps/host-map.txt:ro
+      - ./net-map.json:/var/www/html/maps/net-map.json:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:8080/fpm-ping"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   nginx-proxy:
-    image: malcolmnetsec/nginx-proxy:1.8.1
+    image: malcolmnetsec/nginx-proxy:2.0.0
     restart: "no"
     hostname: nginx-proxy
     environment:
       << : *auth-variables
+      << : *nginx-variables
     depends_on:
       - moloch
       - kibana
       - upload
       - htadmin
+      - name-map-ui
     ports:
       - "443:443"
       - "488:488"
@@ -370,11 +469,19 @@ services:
       - "8443:8443"
       - "9200:9200"
       - "9600:9600"
-      - "28991:28991"
     volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - nginx-log-path:/var/log/nginx:rw
       - ./nginx/nginx_ldap.conf:/etc/nginx/nginx_ldap.conf:ro
       - ./nginx/htpasswd:/etc/nginx/.htpasswd:ro
       - ./nginx/certs:/etc/nginx/certs:ro
       - ./nginx/certs/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro
+    healthcheck:
+      test: ["CMD", "curl", "--insecure", "--silent", "https://localhost:443"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 120s
 
+# shared named volume so filebeat can access nginx access logs
+volumes:
+  nginx-log-path:
diff --git a/docker-compose.yml b/docker-compose.yml
index 6377e49ae..2350af786 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 version: '3.7'
 
@@ -16,6 +16,10 @@ x-auth-variables: &auth-variables
   # "extendedReq(1) LDAP_START_TLS_OID" command: winldap or openldap
   NGINX_LDAP_TLS_STUNNEL_PROTOCOL : 'winldap'
 
+x-nginx-variables: &nginx-variables
+  # Whether or not to write nginx's access.log and error.log to Elasticsearch
+  NGINX_LOG_ACCESS_AND_ERRORS : 'false'
+
 x-moloch-variables: &moloch-variables
   MANAGE_PCAP_FILES : 'false'
   MOLOCH_ANALYZE_PCAP_THREADS : 1
@@ -37,14 +41,12 @@ x-zeek-variables: &zeek-variables
   EXTRACTED_FILE_PIPELINE_DEBUG_EXTRA : 'false'
 
 x-logstash-variables: &logstash-variables
-  # experimental java execution engine (https://www.elastic.co/blog/meet-the-new-logstash-java-execution-engine)
-  LOGSTASH_JAVA_EXECUTION_ENGINE : 'true'
   LOGSTASH_OUI_LOOKUP  : 'true'
   LOGSTASH_REVERSE_DNS : 'false'
   # ES_EXTERNAL_HOSTS : '10.0.0.123:9200'
   # ES_EXTERNAL_SSL : 'true'
   # ES_EXTERNAL_SSL_CERTIFICATE_VERIFICATION : 'false'
-  # For security, ES_EXTERNAL_USER and ES_EXTERNAL_PASSWORD should be stored in Logstash keystore using ./scripts/auth_setup.sh
+  # For security, ES_EXTERNAL_USER and ES_EXTERNAL_PASSWORD should be stored in Logstash keystore using ./scripts/auth_setup
   #   See also volume mount for logstash.keystore below.
   # ES_EXTERNAL_USER : 'janedoe'
   # ES_EXTERNAL_PASSWORD : 'secret'
@@ -77,6 +79,9 @@ x-common-upload-variables: &common-upload-variables
   PCAP_PIPELINE_IGNORE_PREEXISTING : 'false'
   PCAP_MONITOR_HOST : 'pcap-monitor'
 
+x-common-lookup-variables: &common-lookup-variables
+  FREQ_LOOKUP : 'false'
+
 x-common-beats-variables: &common-beats-variables
   BEATS_SSL : 'false'
 
@@ -91,7 +96,7 @@ x-pcap-capture-variables: &pcap-capture-variables
 
 services:
   elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.5.1
+    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.6.2
     restart: "no"
     hostname: elasticsearch
     environment:
@@ -112,20 +117,20 @@ services:
         hard: -1
     cap_add:
       - IPC_LOCK
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9200"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 180s
     volumes:
       - ./elasticsearch:/usr/share/elasticsearch/data:delegated
       - ./elasticsearch-backup:/opt/elasticsearch/backup:delegated
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:9200"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 180s
   kibana:
     build:
       context: .
       dockerfile: Dockerfiles/kibana.Dockerfile
-    image: malcolmnetsec/kibana-oss:1.8.1
+    image: malcolmnetsec/kibana-oss:2.0.0
     restart: "no"
     hostname: kibana
     environment:
@@ -142,16 +147,16 @@ services:
       - 5601
       - 28991
     healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:5601/kibana/api/status"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:5601/kibana/api/status"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 210s
   elastalert:
     build:
       context: .
       dockerfile: Dockerfiles/elastalert.Dockerfile
-    image: malcolmnetsec/elastalert:1.8.1
+    image: malcolmnetsec/elastalert:2.0.0
     restart: "no"
     hostname: elastalert
     environment:
@@ -164,22 +169,22 @@ services:
     expose:
       - 3030
       - 3333
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:3030"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 200s
     volumes:
       - ./elastalert/config/elastalert.yaml:/opt/elastalert/config.yaml
       - ./elastalert/config/smtp-auth.yaml:/opt/elastalert/smtp-auth.yaml:ro
       - ./elastalert/config/config.json:/opt/elastalert-server/config/config.json
       - ./elastalert/rules/:/opt/elastalert/rules/
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:3030"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 210s
   curator:
     build:
       context: .
       dockerfile: Dockerfiles/curator.Dockerfile
-    image: malcolmnetsec/curator:1.8.1
+    image: malcolmnetsec/curator:2.0.0
     restart: "no"
     hostname: curator
     environment:
@@ -190,30 +195,31 @@ services:
       - elasticsearch
     volumes:
       - ./curator/config/action_file.yml:/config/action_file.yml
+    healthcheck:
+      test: ["CMD", "pidof", "cron"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 30s
   logstash:
     build:
       context: .
       dockerfile: Dockerfiles/logstash.Dockerfile
-    image: malcolmnetsec/logstash-oss:1.8.1
+    image: malcolmnetsec/logstash-oss:2.0.0
     restart: "no"
     hostname: logstash
     environment:
       << : *logstash-variables
       << : *common-beats-variables
+      << : *common-lookup-variables
       ES_HOSTS : 'elasticsearch:9200'
       LS_JAVA_OPTS : '-Xms2g -Xmx2g -Djava.security.egd=file:/dev/./urandom'
     depends_on:
       - elasticsearch
     expose:
-      - 5000
       - 5044
+      - 9001
       - 9600
-    healthcheck:
-        test: ["CMD", "curl", "-f", "http://localhost:9600"]
-        interval: 30s
-        timeout: 15s
-        retries: 3
-        start_period: 600s
     volumes:
       - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro
       - ./logstash/pipelines:/usr/share/logstash/malcolm-pipelines.available:ro
@@ -223,17 +229,26 @@ services:
       - ./logstash/certs/server.key:/certs/server.key:ro
       - ./cidr-map.txt:/usr/share/logstash/config/cidr-map.txt:ro
       - ./host-map.txt:/usr/share/logstash/config/host-map.txt:ro
+      - ./net-map.json:/usr/share/logstash/config/net-map.json:ro
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:9600"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 600s
   filebeat:
     build:
       context: .
       dockerfile: Dockerfiles/filebeat.Dockerfile
-    image: malcolmnetsec/filebeat-oss:1.8.1
+    image: malcolmnetsec/filebeat-oss:2.0.0
     restart: "no"
     hostname: filebeat
     environment:
+      << : *nginx-variables
       << : *common-upload-variables
       << : *common-beats-variables
       FILEBEAT_LOG_PATH : '/data/zeek/current'
+      FILEBEAT_NGINX_LOG_PATH : '/data/nginx'
       FILEBEAT_LOG_CLEANUP_MINUTES : 180
       FILEBEAT_ZIP_CLEANUP_MINUTES : 360
       FILEBEAT_SCAN_FREQUENCY : '10s'
@@ -247,16 +262,23 @@ services:
     depends_on:
       - logstash
     volumes:
+      - nginx-log-path:/data/nginx:ro
       - ./zeek-logs:/data/zeek
       - ./filebeat/certs/ca.crt:/certs/ca.crt:ro
       - ./filebeat/certs/client.crt:/certs/client.crt:ro
       - ./filebeat/certs/client.key:/certs/client.key:ro
       - ./filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "filebeat"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   moloch:
     build:
       context: .
       dockerfile: Dockerfiles/moloch.Dockerfile
-    image: malcolmnetsec/moloch:1.8.1
+    image: malcolmnetsec/moloch:2.0.0
     restart: "no"
     hostname: moloch
     env_file:
@@ -264,7 +286,7 @@ services:
     environment:
       << : *common-upload-variables
       << : *moloch-variables
-      MOLOCH_VERSION : '2.1.2'
+      MOLOCH_VERSION : '2.2.3'
       VIRTUAL_HOST : 'moloch.malcolm.local'
       ES_HOST : 'elasticsearch'
       ES_PORT : 9200
@@ -288,11 +310,17 @@ services:
       - ./moloch/etc/config.ini:/data/moloch/etc/config.ini:ro
       - ./moloch/etc/user_settings.json:/data/moloch/etc/user_settings.json:ro
       - ./moloch/wise/source.zeeklogs.js:/data/moloch/wiseService/source.zeeklogs.js:ro
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:8005/_ns_/nstest.html"]
+      interval: 90s
+      timeout: 30s
+      retries: 3
+      start_period: 210s
   zeek:
     build:
       context: .
       dockerfile: Dockerfiles/zeek.Dockerfile
-    image: malcolmnetsec/zeek:1.8.1
+    image: malcolmnetsec/zeek:2.0.0
     restart: "no"
     hostname: zeek
     environment:
@@ -308,12 +336,18 @@ services:
       - ./pcap:/pcap
       - ./zeek-logs/upload:/zeek/upload
       - ./zeek-logs/extract_files:/zeek/extract_files
-      - ./zeek/config:/usr/share/zeek/site:ro
+      - ./zeek/config/local.zeek:/opt/zeek/share/zeek/site/local.zeek:ro
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "pcap-zeek"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   file-monitor:
     build:
       context: .
       dockerfile: Dockerfiles/file-monitor.Dockerfile
-    image: malcolmnetsec/file-monitor:1.8.1
+    image: malcolmnetsec/file-monitor:2.0.0
     restart: "no"
     hostname: filemon
     environment:
@@ -323,11 +357,17 @@ services:
     volumes:
       - ./zeek-logs/extract_files:/data/zeek/extract_files
       - ./zeek-logs/current:/data/zeek/logs
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "watcher", "scanner", "logger"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   pcap-capture:
     build:
       context: .
       dockerfile: Dockerfiles/pcap-capture.Dockerfile
-    image: malcolmnetsec/pcap-capture:1.8.1
+    image: malcolmnetsec/pcap-capture:2.0.0
     restart: "no"
     network_mode: host
     ulimits:
@@ -343,11 +383,17 @@ services:
       << : *pcap-capture-variables
     volumes:
       - ./pcap/upload:/pcap
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   pcap-monitor:
     build:
       context: .
       dockerfile: Dockerfiles/pcap-monitor.Dockerfile
-    image: malcolmnetsec/pcap-monitor:1.8.1
+    image: malcolmnetsec/pcap-monitor:2.0.0
     restart: "no"
     hostname: pcapmon
     environment:
@@ -360,11 +406,17 @@ services:
     volumes:
       - ./zeek-logs:/zeek
       - ./pcap:/pcap
+    healthcheck:
+      test: ["CMD", "supervisorctl", "status", "watch-upload", "pcap-publisher"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 90s
   upload:
     build:
       context: .
       dockerfile: Dockerfiles/file-upload.Dockerfile
-    image: malcolmnetsec/file-upload:1.8.1
+    image: malcolmnetsec/file-upload:2.0.0
     restart: "no"
     hostname: upload
     env_file:
@@ -380,8 +432,14 @@ services:
       - 127.0.0.1:8022:22
     volumes:
       - ./pcap/upload:/var/www/upload/server/php/chroot/files
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   htadmin:
-    image: malcolmnetsec/htadmin:1.8.1
+    image: malcolmnetsec/htadmin:2.0.0
     build:
       context: .
       dockerfile: Dockerfiles/htadmin.Dockerfile
@@ -396,20 +454,67 @@ services:
       - ./htadmin/config.ini:/var/www/htadmin/config/config.ini:rw
       - ./htadmin/metadata:/var/www/htadmin/config/metadata:rw
       - ./nginx/htpasswd:/var/www/htadmin/config/htpasswd:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
+  freq:
+    image: malcolmnetsec/freq:2.0.0
+    build:
+      context: .
+      dockerfile: Dockerfiles/freq.Dockerfile
+    restart: "no"
+    hostname: freq
+    environment:
+      << : *common-lookup-variables
+      VIRTUAL_HOST : 'freq.malcolm.local'
+    expose:
+      - 10004
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:10004"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
+  name-map-ui:
+    image: malcolmnetsec/name-map-ui:2.0.0
+    build:
+      context: .
+      dockerfile: Dockerfiles/name-map-ui.Dockerfile
+    restart: "no"
+    hostname: name-map-ui
+    environment:
+      VIRTUAL_HOST : 'name-map-ui.malcolm.local'
+    expose:
+      - 8080
+    volumes:
+      - ./cidr-map.txt:/var/www/html/maps/cidr-map.txt:ro
+      - ./host-map.txt:/var/www/html/maps/host-map.txt:ro
+      - ./net-map.json:/var/www/html/maps/net-map.json:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "--fail", "http://localhost:8080/fpm-ping"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 60s
   nginx-proxy:
     build:
       context: .
       dockerfile: Dockerfiles/nginx.Dockerfile
-    image: malcolmnetsec/nginx-proxy:1.8.1
+    image: malcolmnetsec/nginx-proxy:2.0.0
     restart: "no"
     hostname: nginx-proxy
     environment:
       << : *auth-variables
+      << : *nginx-variables
     depends_on:
       - moloch
       - kibana
       - upload
       - htadmin
+      - name-map-ui
     ports:
       - "443:443"
       - "488:488"
@@ -418,12 +523,20 @@ services:
       - "8443:8443"
       - "9200:9200"
       - "9600:9600"
-      - "28991:28991"
     volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - nginx-log-path:/var/log/nginx:rw
       - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
       - ./nginx/nginx_ldap.conf:/etc/nginx/nginx_ldap.conf:ro
       - ./nginx/htpasswd:/etc/nginx/.htpasswd:ro
       - ./nginx/certs:/etc/nginx/certs:ro
       - ./nginx/certs/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro
+    healthcheck:
+      test: ["CMD", "curl", "--insecure", "--silent", "https://localhost:443"]
+      interval: 30s
+      timeout: 15s
+      retries: 3
+      start_period: 120s
 
+# shared named volume so filebeat can access nginx access logs
+volumes:
+  nginx-log-path:
diff --git a/docs/images/kibana/ebdca7741674eca4e1fadeca157f3ae6.svg b/docs/images/kibana/ebdca7741674eca4e1fadeca157f3ae6.svg
deleted file mode 100644
index c821d0e13..000000000
--- a/docs/images/kibana/ebdca7741674eca4e1fadeca157f3ae6.svg
+++ /dev/null
@@ -1,158 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:xlink="http://www.w3.org/1999/xlink"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   viewBox="0 0 147 51"
-   version="1.1"
-   id="svg14"
-   sodipodi:docname="ebdca7741674eca4e1fadeca157f3ae6.svg"
-   inkscape:version="0.92.1 r15371">
-  <metadata
-     id="metadata20">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title />
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <defs
-     id="defs18" />
-  <sodipodi:namedview
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1"
-     objecttolerance="10"
-     gridtolerance="10"
-     guidetolerance="10"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:window-width="2309"
-     inkscape:window-height="1062"
-     id="namedview16"
-     showgrid="false"
-     inkscape:zoom="7.2602824"
-     inkscape:cx="29.944128"
-     inkscape:cy="59.511355"
-     inkscape:window-x="8"
-     inkscape:window-y="32"
-     inkscape:window-maximized="0"
-     inkscape:current-layer="svg14"
-     inkscape:pagecheckerboard="true" />
-  <g
-     id="g3901"
-     transform="matrix(0.15027848,0,0,0.15027848,49.262456,29.778936)">
-    <text
-       inkscape:export-ydpi="96"
-       inkscape:export-xdpi="96"
-       id="text135"
-       y="49.527538"
-       x="159.83919"
-       style="font-style:normal;font-weight:normal;font-size:40px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none"
-       xml:space="preserve"><tspan
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:213.33332825px;line-height:1.25;font-family:'TeX Gyre Adventor';-inkscape-font-specification:'TeX Gyre Adventor Bold';text-align:center;letter-spacing:16px;text-anchor:middle"
-         y="49.527538"
-         x="167.83917"
-         id="tspan133"
-         sodipodi:role="line">Malc  lm</tspan></text>
-    <g
-       transform="translate(-343.21581,-578.47246)"
-       id="g45">
-      <g
-         transform="matrix(0.37234303,0,0,0.37234303,561.91556,455.05161)"
-         style="fill:none;stroke:#888888;stroke-width:0.75999999px"
-         id="g226"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96">
-        <path
-           inkscape:connector-curvature="0"
-           d="M -59.34,433.6 559.26,76.4"
-           id="path220" />
-        <path
-           inkscape:connector-curvature="0"
-           d="M 559.3,433.6 -59.3,76.4"
-           id="path222" />
-        <path
-           inkscape:connector-curvature="0"
-           d="M 250,-102.2 V 612.2"
-           id="path224" />
-      </g>
-      <use
-         height="100%"
-         width="100%"
-         y="0"
-         x="0"
-         xlink:href="#a"
-         transform="matrix(-0.5,-0.866,0.866,-0.5,507.08003,1390.7296)"
-         id="use228"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96" />
-      <use
-         height="100%"
-         width="100%"
-         y="0"
-         x="0"
-         xlink:href="#a"
-         transform="matrix(-0.5,0.866,-0.866,-0.5,1457.9239,256.2673)"
-         id="use230"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96" />
-      <g
-         transform="matrix(0.37234303,0,0,0.37234303,561.91556,454.0515)"
-         id="a"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96">
-        <path
-           style="fill:none;stroke:#888888;stroke-width:0.75999999px"
-           inkscape:connector-curvature="0"
-           d="M 329,140 H 250"
-           id="path232" />
-        <path
-           style="fill:#eedd77;fill-rule:evenodd;stroke:#000000"
-           inkscape:connector-curvature="0"
-           d="m 250,313.2 c 0,-5 -0.7,-10.2 -2,-15 -1.3,-4.8 -3.3,-9.7 -5.8,-14 -2.5,-4.3 -5.6,-8.5 -9.2,-12 -3.5,-3.5 -7.7,-6.7 -12,-9.2 -4.3,-2.5 -9.2,-4.5 -14,-5.8 -4.8,-1.3 -10,-2 -15,-2 -2.9,0 -6,0.2 -8.9,0.7 -1.1,-2.8 -2.4,-5.5 -3.9,-8.1 -2.5,-4.3 -5.6,-8.4 -9.2,-12 -3.5,-3.5 -7.7,-6.7 -12,-9.2 -4.3,-2.5 -9.2,-4.5 -14,-5.8 -4.8,-1.3 -10,-2 -15,-2 -5,0 -10.2,0.7 -15,2 -4.8,1.3 -9.7,3.3 -14,5.8 -4.33,2.5 -8.47,5.7 -12.01,9.2 -3.54,3.6 -6.72,7.7 -9.22,12 -2.5,4.4 -4.5,9.2 -5.79,14 -1.3,4.9 -1.98,10 -1.98,15 0,5 0.68,10.2 1.98,15 1.29,4.9 3.29,9.7 5.79,14 1.47,2.6 3.18,5.1 5.06,7.4 -1.88,2.3 -3.59,4.8 -5.06,7.4 -2.5,4.3 -4.5,9.1 -5.79,14 -1.3,4.8 -1.98,10 -1.98,15 0,5 0.68,10.2 1.98,15 6.33,23.6 25.48,46.2 45.82,61.8 -7.5,-5.8 -14.6,-12 -21.16,-18.6 C 84.5,394.7 72.69,379.3 63.4,363.2 59.08,355.7 55.64,347.4 53.41,339.1 51.17,330.8 50,321.8 50,313.2 c 0,-8.6 1.17,-17.5 3.41,-25.9 2.23,-8.3 5.67,-16.6 9.99,-24.1 4.31,-7.5 9.79,-14.6 15.89,-20.7 6.1,-6.1 13.24,-11.6 20.71,-15.9 7.5,-4.3 15.8,-7.8 24.1,-10 8.4,-2.2 17.3,-3.4 25.9,-3.4 8.6,0 17.5,1.2 25.9,3.4 8.3,2.2 16.6,5.7 24.1,10 7.5,4.3 14.6,9.8 20.7,15.9 6.1,6.1 11.6,13.2 15.9,20.7 4.3,7.5 7.8,15.8 10,24.1 2.2,8.4 3.4,17.3 3.4,25.9 z"
-           id="path234" />
-        <g
-           transform="matrix(2,0,0,2,-350,-260)"
-           id="g238">
-          <path
-             style="fill:none;stroke:#666666;stroke-width:0.5"
-             inkscape:connector-curvature="0"
-             d="m 300,286.6 c 0,-16.6 -12.8,-30.5 -27.5,-39 -14.7,-8.5 -33.1,-12.6 -47.5,-4.3 -3.6,2.1 -6.6,4.8 -9.2,7.9 -2.5,3.1 -4.6,6.7 -6.2,10.5 -1.6,3.8 -2.7,7.9 -3.5,12.1 -0.7,4.2 -1.1,8.6 -1.1,12.8 0,4.3 0.4,8.6 1.1,12.8 0.8,4.2 1.9,8.3 3.5,12.1 3.7,9 9.2,17.4 14.2,22.4 3.3,3.3 6.9,6.4 10.6,9.3"
-             id="path236" />
-        </g>
-        <path
-           style="fill:#eedd77;fill-rule:evenodd;stroke:#000000"
-           inkscape:connector-curvature="0"
-           d="m 436.6,363.2 c -9.3,16.1 -21.1,31.5 -34.2,44.6 -13.2,13.2 -28.6,25 -44.7,34.3 -16.1,9.3 -34,16.7 -51.9,21.5 -18,4.8 -37.2,7.3 -55.8,7.3 -18.6,0 -37.8,-2.5 -55.8,-7.3 -17.9,-4.8 -35.8,-12.2 -51.9,-21.5 -8.1,-4.7 -16,-9.9 -23.5,-15.7 -20.34,-15.6 -39.49,-38.2 -45.82,-61.8 -1.3,-4.8 -1.98,-10 -1.98,-15 0,-5 0.68,-10.2 1.98,-15 1.29,-4.9 3.29,-9.7 5.79,-14 1.47,-2.6 3.18,-5.1 5.06,-7.4 -1.88,-2.3 -3.59,-4.8 -5.06,-7.4 -2.5,-4.3 -4.5,-9.1 -5.79,-14 -1.3,-4.8 -1.98,-10 -1.98,-15 0,-5 0.68,-10.1 1.98,-15 1.29,-4.8 3.29,-9.6 5.79,-14 2.5,-4.3 5.68,-8.4 9.22,-12 3.54,-3.5 7.68,-6.7 12.01,-9.2 4.3,-2.5 9.2,-4.5 14,-5.8 4.8,-1.3 10,-2 15,-2 5,0 10.2,0.7 15,2 4.8,1.3 9.7,3.3 14,5.8 4.3,2.5 8.5,5.7 12,9.2 3.6,3.6 6.7,7.7 9.2,12 1.5,2.6 2.8,5.3 3.9,8.1 2.9,-0.5 6,-0.7 8.9,-0.7 5,0 10.2,0.7 15,2 4.8,1.3 9.7,3.3 14,5.8 4.3,2.5 8.5,5.7 12,9.2 3.6,3.5 6.7,7.7 9.2,12 2.5,4.3 4.5,9.2 5.8,14 1.3,4.8 2,10 2,15 0,8.6 1.2,17.6 3.4,25.9 2.2,8.3 5.7,16.6 10,24.1 4.3,7.5 9.8,14.6 15.9,20.7 6.1,6.1 13.2,11.6 20.7,15.9 7.5,4.3 15.8,7.8 24.1,10 8.4,2.2 17.3,3.4 25.9,3.4 8.6,0 17.5,-1.2 25.9,-3.4 8.3,-2.2 16.6,-5.7 24.1,-10 7.5,-4.3 14.6,-9.8 20.7,-15.9 6.1,-6.1 11.6,-13.2 15.9,-20.7 z m -102.9,68.9 c -5,-0.7 -10,-1.7 -14.8,-3 -10,-2.7 -19.9,-6.8 -28.9,-12 -9,-5.1 -17.5,-11.7 -24.9,-19 -7.3,-7.4 -13.8,-15.9 -19,-24.9 -5.2,-9 -9.3,-18.9 -12,-28.9 -2.7,-10 -4.1,-20.7 -4.1,-31.1 0,-3.3 -0.4,-6.7 -1.3,-9.8 -0.8,-3.2 -2.2,-6.4 -3.8,-9.2 -1.6,-2.8 -3.7,-5.5 -6,-7.9 -2.3,-2.3 -5.1,-4.4 -7.9,-6 -2.8,-1.6 -6,-3 -9.2,-3.8 -3.1,-0.8 -6.5,-1.3 -9.8,-1.3 -3.3,0 -6.7,0.5 -9.8,1.3 -3.2,0.8 -6.4,2.2 -9.2,3.8 -2.5,1.4 -4.9,3.2 -7,5.2 0.7,-2.8 1,-5.8 1,-8.7 0,-3.2 -0.4,-6.6 -1.3,-9.8 -0.8,-3.2 -2.2,-6.3 -3.8,-9.2 -1.6,-2.8 -3.7,-5.5 -6,-7.8 -2.3,-2.4 -5.1,-4.4 -7.9,-6.1 -2.8,-1.6 -6,-2.9 -9.2,-3.8 -3.1,-0.8 -6.5,-1.3 -9.8,-1.3 -3.3,0 -6.7,0.5 -9.8,1.3 -3.2,0.9 -6.4,2.2 -9.2,3.8 -2.8,1.7 -5.6,3.7 -7.9,6.1 -2.29,2.3 -4.37,5 -6.01,7.8 -1.64,2.9 -2.95,6 -3.79,9.2 -0.85,3.2 -1.3,6.6 -1.3,9.8 0,3.3 0.45,6.7 1.3,9.9 0.84,3.1 2.15,6.3 3.79,9.1 1.64,2.9 3.72,5.6 6.01,7.9 2.3,2.3 5.1,4.4 7.9,6 2.5,1.5 5.2,2.7 8,3.5 -2.8,0.8 -5.5,2 -8,3.5 -2.8,1.6 -5.6,3.7 -7.9,6 -2.29,2.3 -4.37,5 -6.01,7.9 -1.64,2.8 -2.95,6 -3.79,9.1 -0.85,3.2 -1.3,6.6 -1.3,9.9 0,3.3 0.45,6.6 1.3,9.8 4.54,17 20.9,37.5 38.7,51.1 6.8,5.3 14,10 21.3,14.3 14.6,8.4 30.8,15.1 47.1,19.5 16.3,4.3 33.7,6.6 50.6,6.6 16.9,0 34.3,-2.3 50.6,-6.6 11.2,-3 22.5,-7.2 33.1,-12.2 z"
-           id="path240" />
-        <path
-           style="fill:none;stroke:#000000;stroke-width:0.38"
-           inkscape:connector-curvature="0"
-           d="m 333.7,432.1 c 45.1,-6.6 78.1,-28.5 102.9,-68.9"
-           id="path242" />
-        <path
-           style="fill:none;stroke:#666666"
-           inkscape:connector-curvature="0"
-           d="M 116.2,313.2 H 60"
-           id="path244" />
-      </g>
-      <path
-         inkscape:connector-curvature="0"
-         style="fill:none;stroke:#666666;stroke-width:0.28298071"
-         d="m 692.04944,570.33422 h -74.09626 l 37.04813,-64.1547 z"
-         id="path247"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96" />
-    </g>
-  </g>
-</svg>
diff --git a/docs/images/malcolm_poster.odg b/docs/images/malcolm_poster.odg
new file mode 100644
index 0000000000000000000000000000000000000000..c891f8f667c20feb761dbe8804ecfc7486494b48
GIT binary patch
literal 390454
zcmb5VV~}n^vo6@!t=+b5+t_W}wr$(Cx!Zc%wr$(Ct=Zq5IX~{inKN-SA|tcbT3Pwz
zs;VEAktr_)`U?dJ2oea0)Lu(I50q|@8VCsJKm6|zkd1|niL-~jiGjVnwS|#^vxS{4
zy{oM;ot=S`g%h2fy@{={oso-;iLEo8nWKTdxrLFF{Qowgf+FBDiVg_qKaBBjLS=Io
z8$(+I3u`BO=l@da>}|~=<YmQRe`Edr_X(_oxUk|sSqTIL3<L@KPy5Jptp@@E1(KIm
z7Wp>>heiL5fQ|tNj*SA1fsPJ|NQ8hxi%rHtj0{Cag3CgI!Nh=1K|w)6%}mM4%|c7f
z$xOw;!GTR9NXRVA#3jfq&CVgJ#35rS%1$B3&93r?PE?RmT!ceWj8;pGRYRFdU5U+D
zgVWN8+tr50%aK<>K|xf_LR{Nk#ZFzy&_&0@T;0M$*WS%kThdzF(85^6%vjyoLc-Nt
z)yrAR*<RVq%*@8l!OGRz%GurC#=_Uu(c8_+&CLzlrJ6$5pWZB*&ZA7-CQ!#ET*N2e
zT_)MVE0i`(S}sCOFkeT$%)%|q!=&CzZB7lSr-3QF2ejgdHfoqG^^&0B1Zkj^X{3vF
zqE9a<Lm{NtA|To-Ji{w6)FU$0Cn3{4`maYysb6lrb6dD)QL|Y3q;SrjTEU`P`KfvB
zs$;{E^xUX=|B31NvdzTRUrm}K6TV<ujUZ2v2xq-e6Z2pXvmg(*L?81?E5ShZ{2=G}
zWQUqt+4N(B+-tk?$N=%kAl0OBiR38t+$6cI1eLf5i-;hv%wW5;NU!V^v-Bjlq71cy
zX!nwAll(0AhA@l9DEs;h=c;^-#!}6$T0KC4X+@!1Q-xV$rF&PM*<A<WSh&tyobhn0
z$w<4yeJ{&Quh~qW!|Isz%BcO#knGKzeSCa;QdUu7d2&oXAhM)By0#~?pgg0jDX*@r
zC_AMvsk*WxtgJAz0T9$!meJ7|*VdR?`i}q&<qZ{;^{tJ7(%S0!*80l!_V$eW{-Dm2
zik6|)vdJF6Y)fZ<cl~_$Kt}3#as6aU#e7rT<VwoyRqXy|&hcK=;8fYzN@xFQ`^aL)
z=3wXCX65Ql%l^Y?P3AyH(@l8GVB6wTa^FMc#PmSTa9>C7V#R7-$<j#M{ZiWDbmzfr
z`|U>l+j`UMZr1y0)5t%XoF7}B9G_pEpB$Z=URj=-SXo(_-8fu0U7kO=J6st**jjm*
zn!4*<epz2V**-o$SU>qkSNEq6=NEU+_gANP*Y~dv7vJCC*;8R||IVkVgs_0J`}&m+
zboRlp$ByLlP+j6u(Ad+y)$+3h>$x#*j%q?1ADeh4M@pp_vWUaM`l5)hc>R8B#Dz8%
zsSJ+9T5i#*ja;IfW94GE9_+S6XULH5FFH;P3vA_c4_aK+4lh8CP(zBJEO;1V=!gjo
zh<fKctoU`}hwtrU8S5sg00PeE+uq0b4rq{o-siA|kDZ~<fsx6dUiCjc++bJuZdD%|
z-BeHAOI~kXCVCpn(d2$N(4cBxYml<rQ+Hj_w&)k!ABk*Bb(Ym_=Ob!2M>@B68_Vl4
zpS?ma+ip8Tak$_6+<#t_XV34KuMEG!Wc2Yb)t_!!LYH*ZEB<)D&dl<RK3nN=IG;vB
z;QhUmq6G-h*LF|oX+OnQ8Ng~lN8GIrOcCE~`@Q6kRKKpD;3@WG>Bpq+Km&Z}X#g2l
z8yL$+AFvvbGtWkGjnR>eY(Ix;H$I2-ai8Sdd%i8~T(d9RA*?^9q=3D3M;kw!S`PQe
z3ENUt9`BjG*9o!h^_IdPcC|BxO`2u=drj&Be2qvKwuPV6Zs?B}m4h~Et_C~G<@bOs
zyQ>cS5q&;H=L4y*(ZCP`$y4+jP82b>ABi8Z2pe1kk-GEmO%Wd-Zr7AoHga&+-un0l
z_VA~`t=mUotD&9Vdr~{S!E;F3OCNMR?kT_Ioe)+GOTW#R0TH?hF|p%~M@a#jy!Z1w
zKBSM3nl9G5s&Kc?pQ|eRPI_0@mL6{hmmqag_xA|4w*GtCD0Q=)?UvP0t~#>B^p3Iv
zqiHfZ-#MEK8=U#`G~eqev1$)MZ(!Q?LmXNiU9(RbEnQDlGa~@T_X%vu#={OhyQ?gw
zX?u%vWW5}8T4W2~mxa&UZ!-6No;WUBpM~#ZwF_R?X=ty(;d5Rq4iMZ_*<~lB?l;=u
z9Z>ORu#HMP`lKVlo^~nrsxJku!!`Tqo)$e9fIGH-Ck8FY`?`yo_BF;E$M;!0(*3?V
zpyv+L=elzRdZ9T;bvU7@Rn%d;sNMaynXt{1eAmP5KDY4u6=a!N!tEm~(ytb~a_7^)
z2c6BQG->vJ18(bUHApO$$N8mjMcd`{-0I&pFd&t!<$ElQQb!&^X0`b2`tHA9z)rGq
zJZ#H@-R{q)*YB#IDE<0Y#1$X(?7YgPzqq;a8wrB<xeh>l7$bi99@=tL`0np=ykC>@
z@pF6wS%$8F7OSnPY5PRc`<#jyW9`P$<pa0NlLlA=Uu<x%0ovMyAYS1wiVR+beQqm=
z$+g*i?{9<hIy^r!iNPkU41H!g&}+Zdqx84yTX|kmQBhn`+sOXhhiTd6**enryC2c&
z=n}n&;Bxhz(Y}R5U0t43a|RM((2TAP#KGx2J=I~b*YQ0PL#t~=BX^lNaK0`5=@Muo
zJ0(lnff(Iz{IXqW?kLEF!{yj22dT=r_IS<xFw8r9db^!H3WMK*_jN6|>1sKk=xPCd
zk+YMpzPstapda$v{`ADYxI|)of3U?BZ@j#_{(i>k{@Ak)mRg;?>G`-tzfNKRY5uzA
z#_zNj0nmE)ZLkxr{94}dwv9W8QqSqWrt@vlg3#3@a@`*MfZMuhMb!J8fWULV{a(Gp
zVdr~T;`OmI*b3IRs$$@`bWm8l2a|A%0#>P)34<fid^Xz3%?_|>idNutd|PQs9~}RJ
z!1vM@tEqjb6>KL^2o`A@R&$~3%cFk+OLGhTkWGZu$Qb#3^?EkPE4J9+`#Fk^@4ZV-
ze~GAC4SF?63T2F5n|u8TCP()GCZpy6fMRvv`!mPkHU)Z>F7I>78<soxg4=dNUwysd
zFc;FZ#tf)(-VOVb{U<K>tx!!4>rwXu2Gt&~et{yrskuJN4Ku#2r)fb2J{%Fl^Ee;o
zcHC?Y813VJcol$d8)iNwfDK94PItLzT+U;{bKIQ18jr-{;ve-a@;R<r53Qf)L+m_U
zQ~N60B1K+2OIAnRn3FX|ImXOfsxy;a0&VmZ-lS!Y3toSn6H~#@16|L2o$;n+$rN;>
z_7CEXv1)wYxkD|xU+X|49-p2Sa{*=HsmFhA+(T=O&3VP)eBUQY?oEXCc%J&Q>y8?=
zkgH)PMp`T3psM58Rr5kdwT09Rzt`iUU$17k9B=`;(b(wtsp|a*!#Fu+{q|yg33oE&
zKaPHUcLu`Xe9jO_6M{hXc!1h*;(7%uOAuY?@F!!%54y?`!30{DM+^`E$ue4V7v;G}
z!wD_%O`-lPF35{Ar_h|uN>a-tHyh9{Xe(XMYzc1Pb+H7*<XGzL(kqOx@RUZxN7<%B
z<c<is<sPNR6&PAhsR3}Z1qIRR3Ki-{`;ZkPM^;}SE=9?-gOHh1Mt~eMfH|BD(GoMt
z6tg#rTFzFSX(>V^ob;4TPB|C_9o0?_RlfM6>`j~rX}6!F?V&o&iIH>YnEKee2`M^v
z@#(Iw9%JW2G;1#zUxJc+LcTcsVGyUZ6{<>#W296vkwBq)b)-X4@}Yt^bYw!{IK~aW
zf(wpx?4p8%AV!8H=8?Db4D)i)n#|EJ5#@xQdR2P67<Q{$J3}48T{{ebFp5GeB4Cf}
zX2o{zIf03i`lJX@$EW&{%26`dBE$ZyW63$(M8l^OQ$8e)U{1(*5FT7~+>2!?G8j{i
zxpACypo`OsRy5e`^>_rxPBY>BlUR6Rz)PWK#F_l4fq8PX<Hs=4s7Ru6HO9OWI)wOi
z%08`3?LjK<zw@9ZO$SoEqM({cn@xLy>!Cc~455;6FR6<}ClMh@SlMc22pb8&h$@m-
zUTvxeSH_L5d=98kQWn1T4^Gz2WFj#>PSHq6W?*BP{)wzuhNJQrl7CFtca1lcn5K^O
zR`C@+MK>VaC~uyq75#(<<MD(PdJXzn&3Pdl?1eLP__IF~FAO1o<DR|zri$lx_r~pa
z@p~ei1U)LUpolpmA6Oth3KEs%v;7bl0K^fj%u*}1%J>(C3gMl=S=sc$$Of&jqp-m^
zXN9Jc7Q?5}LZJW^7J;zb9|#vu+6*F;L_k17DcPlN`Zywr5+Nt5tF@ZhQZ!VfY{>%m
z;!f#cFp>p*XwfC-4pCH<`)lCzH|<ZXP7123l=w6%5LIfZyy;6XLU0@gF)4XX)RKpQ
z0tghPrEl&~WYWycv1MWb!5Yrk5WP=f#W63~5YzHBju6s#)jYIL!ugBuwz>j@BT%#a
zU@Jk<#{xwFRZvq^T*}}26kO0JU`Z92wnxQW(-h<+OM%4Cv_=KY1fED0kp#!GK-Oj`
z0OQx!xn$)N_F*=S#P4Ba7-aWdMpAMK#oFrbcL`tMc1ThDx6Mh=KZAFjdFk&wFKdLI
zzj#!jR3FtAVXLM%d6QL!hlh=Wp;+X>ErhYg3U)gm_$hQ9HC!9k^nt{n_6k4*MU3{x
z8pJ{hHl~?Bmf2@$**s26%A=GhO&WGUkwIldFx*v@MTa8;T8Mfiy9OddzLlw5G^m#7
z<EMPxq`^Z-5xR|sr*kgswYSv!kmTv(>!qohm?<r;H@ldh0%US$VtI@C0fi94XPcc;
zs?T-GKz^y$0R@ufIiNtS9$4bVt~beS7qsftOwl0V?Fd!DOQ`vFC~!7^(r__WSqWe+
zk?8Q<%_{uJY5G9zxHeS-mkw5>J<aXKF>qFG#pxkCf`JWIdQ;Nii@>Y9Pji6YbpmUd
zjjF%8+Vx(tpsF`g&OM{fCW%xP5Im%^HYyM!0)fQyVRgXhgZfc#I<?K4fh}a3cpn4_
z^`?m%KxAu;xlpu$s8SpV$t~U;eMAIR$A6dG*b7iVLtj}Mh$GCafy`5*Est5@!lRy0
zaT@Q9hZ`kumgpDrsW2=NH8-MKQzy?;me;BL4G2f_aJ1;(;jZ3fwm)L^;&1gzOcDAV
zc*L@Vo@R`8XUJ}qP8D|ge1)j)G3428*Fv`>2*($Phl3-H>+0{Q>At_8aQ!Y~_@(eL
zySw{09&Z!+nZWj-_Nhv(V~u0E&sh><8@l!xq&7e5`4Zdn=g14_%fGkp=IBq*z|;!}
z_3ZvEn{N|&QHU}XZ}xW9vCRn(!h}ly?Cor>vluoW$~p>FsMc^KxW68R?V95mCkEE9
z`gJJlL`*!qX-G8_Uoxkqju#z|A)rnxUg29a8<4aWmZqlKdFKh$u-WCK_v)fB0R^1U
zo)>tN!Ab5Hn9DWtYivBUH=)gx_D7_6>H~wtQQf{-7_h=A!zCoS-X#nB8$P!SM^x9K
zK6qF&P9;5$rP<w-8@yHWW=*y(ZWoL5d9V@n1ovp<gDJxyBIgX85(9_I^%}^ul3p`d
z*zZNT;s#=W863|Zpe?-7`<_c+dtC(A;^68;0OCc~5Ecx)z{%QWz~$|<R59%c4f+ju
zA-eB*Ug<(XGH$^3F6A43g0Ou377#0G?esy((D1PhG}HhD38rVK@@74E_?B~I5H1MY
zs4?LWQ1nz7OExe(Fr%Sg&#3w=<%$W{E*#~>oj*OiDXD?kI%M-e{jWxTglESCE`la4
zRp~e!UeAG9+3-$8D~1}S>Ip%I=Q==H%?b2o0^qOh1U}1>>MD2oba)~~bG)g)+Kd2q
zhNMI^BYXHtGWEydAo9LsfNV<~X_vTRKh3I|r~0I%q3X1h1p&Ch&Z@-Gsd{Ez`vw^5
zVMUF<i|2bQMGu#Y4I2y=bTgII+F*$*6ni!|yWh2TK$~?$XY^6?5FaNmFEew>O#M<_
z0r1)ls^%|ApiZJOf0vW%fUS?|DbQtapS6S~)y06b49%)kCA9&paD?8Q{w@&gV-bg6
zmwISn?vby+u}?#FM{t|!wp!N^<ff*kmfv+Mb^CpLga$V$XK7v`&5R&e)JGzOE_cNr
zMZyrOf9FvTe=AIl09(=iX{PFdgV`C<F#>;*wkaPyqSEFG&KNxMytnQQ)b6mZEG}^0
zDQ7*R3TN+SOagc0WnmJTj0(b3HGY_PqT(A-O|<eS47T_)E9i6f8m+B~dcm(c8IC|-
zgI7K`RT`6@J&nIuRIe>OjKLQ!b<EU8rvy~%C(bD1foVmn|FruG{ZVSSMOkzH=Yt+w
zSAc0;bDMY&Hj)$;JvmXKe_lI<CdtZeLNby_64M@^y(puF$}C||r!~?~^xyADT!)HF
zC?+3g7L>eSF0-m4el2#KGA7YTc!6RsdZ1CCK*wp78aGu#K}Jf{{9RKbzICKWNLv!7
zN)KL*en-oVZCcVG*&RQzYi`psgx6!TBdO9AQY3&7N?NX^EYuO||ImP)vH{K~hRI1!
zt?0{(Zv}|2Y1`c)M8(AlzJ&@mlo+MBWzoOs-Iv6)6NOOan!q@QqiBnsJQdv!coqdF
zfK16Z1?Nf!FQqgqzBUqq2<h9qoZao;yQM=tWqWKQ#gq8WVj!=HYemuQ$yPT#0%GBb
zvEY;8GZ4SaZ%Z8LbdrzNHx-xEWB18y?q;%3KP)GLVEs4mt1}oKGU+evXw%v=99@-{
zv%%NuLfd<y9sjEbkRll)H&Lk*L@K4zXx;ao-qzAy=3PKq3#nR*3f^Nmeocsrr)gtj
z(KUG>GiVQ;<lE!#WxVe`{Lel1?~#@p$pu=+Wu`V!q#+b)PHa@m3;ik=SR;7MBN53n
zP|yxIfOgh*rJdi0U!b~L6<E^LxC@#TYn!TkWJP_dcFJSbLX&L;q)upv@-u!BQzc1s
zjOgcmiwNP?ttW{Zy(@9g^|I9y>-oAm1x`xQ+<_F^tqz&VGH05iSY>L-XsWw@4i6jB
zvx$iaXQoE?hCa5z{_&xtLrz`j8N;CZ8lYnfQ9w^joJ3N?ME#j9M1)jyiGYi>d<V1*
z3*lh)^UGa%X`-FW!w{*aqy|<zNg^#ZxU$o=)#QzXr~*WJ1G;TmgEUemkR^*?f-Ra#
zYs=1Mm=<gwj6yDkCn~wq@_4+&_8_s3ivE|eLo1L`(VYHZ^QM}D-a&C%D7N}^3RSz2
zrGv;kwBuYa8y$FC8zqwI*F#|q_Apg(yDTq8wZs+|Wb{xdCc7b$h5!Zz4P1dtG7sBc
z%j$4ldw)EKvkm=>bC9o@;-2Wy_%iR!oI(&j%8N;{^UHJd$bMO-Ix5Xy55tSB3O8?G
z{`E5LEiL??j0F2a^}J~bN6U<P$@*YMre|WDi_pMD83WqSqz*PJwU_0Hh)+HfA@#yO
zYsw@UmldXPVgoM96M{^6DMreqDbqv8T8B1SX}P>a;daCgK_Nr7oPsXe0gF4b!}rh0
z$w^9!B}DWsBiwn2cL%#VTb>=s!*MI2LUsVt=HCtUUz|&Rut%ATo0d&l`1qn1Mpr%?
z$=Z2xhnn1M4(F?qmKz?i%u3Oou`bAtU&VH^<c?K*e2k1f=cz}Q8xc=Na^lNY<SXwZ
zwqLKpL@Oi6LphUFd*|u`ZE<nGYVx~%l|0*1^?mp#t>dE3&mCpPA77ge1C&0@ESKb(
zA@e;i@93JYda-;CJyv@Y^|;#{H?SspUfr=T4v<UhaYMRf@fcp@dTYkJQXRp<l|~+D
z1<Uw=p-bz>$Fo)VRI@x`kJk5BzD9DzADc{!3$LhQxeNsvxKr2k5_P%T_;&an<#4#c
zpihv7LQp-*v8fY(Yj~)UaSQjWDODG{9zmo3VVXN!!8%zf6*FsvV_8xEXs??G6pRXW
zz{T&Xq*$3rx7<XO?7Sbg@Mo9a)2qk**;$OFbg-D#*)=a#%h2lx`J7Xd!OwaPMvvv2
zBl;z!or^8W>7h=%5u%pBrC3HMh6!MYSn7oN)YRGqe2ru}=8OS)K`|H|?7hejE=#*#
zj4wLr5EU(o&om#kobca9NB+Df_%-?E)T}fZDaFxatg-*`_5PPY$Rw~KUv<sn`eNVl
zI_hw2z!?`KH9;oad9TcSU%ble{(6@CTA%TA?&5R4Q`f4-&rbg~{YF9P?|wi)-oNp=
zN$L66w!o`Sa3&*$yIIfS|9aB{EpzjI|7Uhy^VQ#;BODSZIH;0^iK^JqyFMJJQabqH
z-;~HN<E)ICT#va|FANAb>iUA}eUIw79TbI|`Tkm<hao%h*=E-PZSfjFnx-N}M?^5R
z+DN>xXwo4<g;1<YGTE!sJC?Nnp#Rzbvqdm9+t>F<@Tagoi#uqH)RB}!)N-zls51tm
z`QFdOtWT0_hAzY%#_!X;m+jJQ5C)$rMdC?rC3ORhv=@Y>KivkD`bq<h##C4W39NTK
z=F)pr^=7@c7lH^%rY#qJ<6LI~^32*4vX-w$yV|i!(sX1XoKb7%8lkHB%iX1((5|Tf
z4hBY&A2jXJtTc5DHE(p!QDWK(BgTDWu!0-I02F;PTyIg4Cd(DpDl~gT`b=OlVl5!2
zd_qy0OO<;gCS?t#Av0eoY3|&W7lakM-2knGs-)nUb*!GUr(0%Qx<^qoL8)9BEj?%}
zal-vXN-u~Yyvv?18kGIlI2^IBPfxz}wLRvUwPnqAb}A@41afC=O_JEEpNge$@=VSc
z2B}MMEho2z0B>1R4mp5iR;7ziWBGU(+JWL^(Pezkh4=PtX#m)E&>*L_7e1&LngLqS
zJzEdZEFmLEX<ChcT67Fx*Q|&oX*0f1PZ&)PGjc&O7owviRiTcnY*Q<jZJpZ*t&N4E
zQ#w2{s=!uEq^BwgSgJ_))1&^DvMuYl8UT%B500Ie!geRTU0GTaD|=)OhaAc~FuGC+
zCbhwzK_jg%dWAosFY-#I-*oOlgMQ*@iJDbBs`~p4mc!N=&Kq1o>KB-6u0FbfsMSdx
z#5qmbQeQPiUjC?YT?eojf<;20lS`35BciHkT?Lqq=$q#~7#(aGw6;lmol$-Kd+d@+
z$<NfA&i3HD=l~Vj%6nd3*fwLYM-cpXRq+mv#i#x`zZfTj^tT7;-y`RO74&7G1dkB?
zaeA~FY_jPojgZ8A{Yi!;1l!K)TCBGBCYN$DHIovQVo`@`;S_#6*ksLO*ZAn3YG?mY
zHYQ5g4D9I*zDhBNT_yUzd~PC>AAN@ab|h7Hd)iuU_9B5LgWL;nm~Ri1x}4wATaG%&
zf;OdSh^HG>Spm@b5hEjBUDBgyC_zTW&170^M8)&e^tTCu?-<pXo$r5l*V$?f!C<84
zsD@rAp}`fW*%<KHBNr*aNtc+kn_+PwwWKkcCFWxGZOFzIHrqvemRvggd|L~u#+J&P
znQ*)e`ol&a4;Tc_!A$k*Xko&l5({x2)%7TQ0PO^E+^GTbh$#q6>8AWl0Z<B74Ux77
z!^cs*E;I6ygYuKPhOpXbzhHHberxQ4yTA{ghS6bQcEVx;o(gFx=%RRP6;^%%j%WgT
zbNQK$*Hg9XGsZ9qQm;4{jaM0UM9Zhei(&<J$0{aQR~2%onMBJ(FgaMd%+xViS&S`#
z0{fAQ(F*^TM>F=8K$u|~3>J6}l0yaN<=Y}u9w-T|I20S}i#&K$fj%{P!KBezmwnG`
z;p!vkrZ4^moq(ko*|)8{o(eJpo@<S8U{&|w(`R`mf~A>qQXgo*eCTWAyqz@sw^RDu
zAPWbbUd!AWl*9ZV9(uWmCxBUhOCQgR=N%!BFitgxcd$+qL8i%CW&Xwq+8Y)6?lqI8
zR<Nez5~)zlP-ZR4p&e%7mo(YzH<xC=bTIr&q>7sT5)mL3DaC3{BpMZ=Ir2mWD5?)U
zSBeabFPs>mHJyx644h&nAC_6B#xwsuEna~U{(e_!IA*J~UTa(5BI==|FibZlK-8N9
zc#%?r)bMH<T(%mVwqAoPvss#gjzurg;*aL2Gil%)AdfXQ;JEdH<Lo$f5;(8SuW(Mx
zhAV)Waz)vIs+F5zw^tyK^53(81u`&*@B;@gx<IR0qCQ-T8m1xj|J5~$j%DT%Mg0N@
z>JEdm#b8yY5B^J&<p{TmG7{BZI8L#R7hXmW*PhixHck5r({>!!gRi2pBk>giD-rsE
z^z&}qZib`(ycJW$j)8<}V7E!(x(n6{Rssu{>NBIe?g^5UVUP}nMr-Kz<sZo(3-x%{
z=r_iqc1~(rH8r%`vGj;Q)hUR$*$@D4G5Eg-fQU8)y7+d*NlkG=!}U0lm0BO?S~wM6
z(ipHc^8`6z4xqWHNb7^$Bx0KAC|GLks&Pq}x-9f!6~YEW(E_tIAfB0(OK97xs>nvB
zWKOZowL$x0D{m_A^;U9mNl`dz6gl0fL#&u9Ekvu+b6ACxd3=~e*ry!H46UnvTwJZu
zTrMwKIczoRv^NQp)vmLwW5pnnw8RB%Wsn(ZEvd1wM@)zi#c7I0h>K{KDFTjv$I}O7
z#1aSDQr`P}SIV>4*Xb)Naye*IANm7BbJ7wNVpMLU)d})niQ?f$BZ&rpD!5*9u-+aS
zV6bk!^=_>{@feJH+4HP~k+T0LbO*xU4~}ODzD_;Da^K9qRT?*NbQ_FS-mtSw#UC;V
zdx*s919w%uStZltz`tRYa`9C<>mTB$f!Pef<#z>9Zk%T=T}&CN`>hMEJ#HTKwn*#^
z00Fa84C4oX4fx|U0&d`xb2^#*hncU<_Vc#^!>@jfQPQ%x_#8~~BP5r56b+U@oJ|15
zK{H?J9MRF1QceW|1>yo5?M86fB;ap~C8q6GRfA^E9W(E3R-X;4ws?xWNTF&e3?yQ|
zDE)qJlt<$*j_S(_s&y{`L8CSvDwF#GL(4F)GU_++Y5WU3bs-i|A%^RzgT^xLDwOwZ
znOcy4SKk+!QOeyY8Cq08CoVcOx^~P2jkwX;GPCI{FdY{HjZx-6WBY|DsXf&v4en)x
z<>Cg2DpqzzWSQ#t2OCwLBp$Ud6DU0y7n#;{vUbs5M(gMeGwHy;>@vW#JVE5JgVBci
zWrcVfAj@n@HDxX*XYSw^qSw?$F@X4nB<uh-esbH(KzIgF{MTO;ZhX?CVGR)%4)o9o
z%ne&qTIBJ-3*x76jTKWqY*N=?$OsE_m_MVi8`sU8G(qTd050?5mCR*Kl!&@%j|sw9
z{>+M4bd33QKnh_+y>f$YKNy&WWSi(4uQHY67{j>x;w+73FI7g-gB8Azc&&T83=Ha#
zf&gub@kCj&vQD`IXt~EiMVP8TYEkTcRW_1pa(#*T9ErCnH5EursYr3}pzFri3v2lr
zEXZM7c92zkk#GR_OlcK_St^XqJ;-+h@2${nJ_I5z0*w62IwrC+2wl-|<z05{`KpX<
z{{U|~v<6Zm$L@nC_$@e6mWMsGF9-f0-wvkKGZY`3E5_ni3MaKTso?st2!z4n9#qFO
zs%;`ftyH4sw8j7tI6aJkW)($hOlxyGOeY3T+SCXgR(^>AcyWP@p1=Ec<8-pLDC&YD
zVOV|%C`$r6fzXaJZ0_CWOf^=pd-MYhS*9911_@s>dW%1~O`MHty}p3UbslIuXdMpt
znrO%=EE?m2tSAW6Mp3iD@G=>vl@EcIVqk5l4w>VTk^b(U=pr;Po}<tt><vZ{mez?{
zID~s1LVH{H0u9&gyuwAF*=*HH)_|ShE~BJXa<vk>BuCV!Q6>OA($~=n)Fqb_109Mv
z9?jZ^p9NpNLcbWpJTfp6m4|Lb5;2b=A&^T`S!}7lRhAYtje#pl3a*?W$MU^hU5HQZ
z+xyog_7ube57m9Yhwu1k-b=GD73zD`Icq%GBN+Ft8(b8KtZ?-?1b_I0_pvWWG;q8Y
z2B-w^Koz|jpFaI%8#=6&OAlVF>`g@`lv#!(lp0FRUtLuxok9cUoCCm|5&+@gzCylN
zot{1(4hw;W8+KW%tvlcF>MxfSqPVe!jvFL#d|7YOMmoHE*QASf4M+y^pC8aRFz-Ni
z7UgZmJ#0K<?#9D9jhW>-kuDpfrjtex4nCPaj+qe<p;gfBI%`!*cczADNwg+sKo<C1
zU#WpOQWtD?rc*$jHA}gstA(lnUI;>zChu&3>*(T<co3`M%~VIYzQk_532tp?S)Zr0
zHt<7Mh+}w}&`Q`Kx;KU#I0$4Mr<5W-Uv^l`c|zJI7o~Z76W6cx`0Kh97oY$&fim;Q
zM@3tR3DU?W<W!wtcP+XK`qf7BLxR_WvO}P^_1{dj#_{#X4;S#i3*qRJ%VJfOn`kZR
zdnO6T40;_zd>M8Yk`%^xxqa+?7+?Gd-BfnrF)t@VIIw~zZ|G1%CJ*r4cj@|UJjd7t
zN92YzUa2prU;Mtuff0U4HWhyz<iSrfQDpLPn<3TOZ;^!qiy*qEPYy4oi6#iJ)`Nk%
zvY28als}<WS}m(E>vR2qkdm3Wz4-h^lWW|#CzLKNWlinU)!V;Vq<%xY3_CcW729~?
z1psY;@ft1R&7}tYM1$iQ2Z)=c_H`Z>{b|scRK{g?tNe_-QUvRiwu>R$KUqa!lT5JH
zA1G6m7Mgp~z{PndS&Iawnbi5A3MKH?OXyMA06|aMWZcx^VIl;;SWdf6fJkjQT8UI@
zjWk*R0h%%&oQm)Cs9rwW%tR?^y@^5>EhY1<v>uw2XEj4fIK;F0En$d)oo{nmYlT57
z?OcJZx(usqxQfAwB4~qq2gr@1ChSGVD?W}WZ`Gwq>y0`4)`rT0%yL+3lp+(U)}hL}
zTZ>iSI7rj-_+$YJ4w4R-O#0#aHsy{GP{cBul^Zw^N`VQd(>WFZ(mhbo<-I@O3;|pE
zI~{f03AnmnM*#eOz3m-6ND~Qp`U`t7<&bG-c;%G>WrfX?ra$%2=GC+^V02dx0w9lj
z{y5xzv}3_duUuD26O06YoT2ZAPAZUrOh&#RUA5T`ULwWoGy)bL=$yuP2!-kj)^Hx>
z@z=JjMG^-`8Ub<-)muLlU9!h(-GDZP*%DoiYfMk8@QD-nS8;U;>nhrR_^b4y1ANJV
zdjtfj>U8i{0g$=nlIEadN@Pl!DJF7xs=f?O5;l=Ylo3jsA)MmmS{*NzDMKoOH-a>9
z^yRvo_}j5cJHfG{Iy;@_uXgy%p?P(pQj`Z6SUqJ{g^EHaO`_8`6fF7yvQnuX>@Xvp
zzLtWc$7))Bob>*E5#f=fixOQ*g7L|u1}*v>-2rFB(bKi}1i|QJ;Pk#jI7bc+{skx;
zxORFqqtG3J{yeORz)_|Vk@4k-iS^iGyhE(vPB!*Rd6ju9jFw_He59p<0l7WnJY)Z0
zJu0yn3@w>>DdW(mZxPlnMt2w?cWi@#t-J+;rhuwmezI4taJRDZNo*Ey9NQtys0LMd
z>P@&TnB}H*l>>S^p^pd8z8c<+PSW*6n=A6<3=-LrY?Vsag!Xuww-TKu$|sct7vdPz
zw>MC}&g8^Qo8e%MYAMVj6P2L$#?y9TLIeTi5O_~m`-s(&`~g#xej80_43k_Vq_}pc
zgTXMM5-euTDlLj??8xEl80odax^5QF{Z>U5qAtaP;x-9Ol;Q$!DeXBqIU;QlCr;XN
zK?=G;BtEB3#dI!%d<uGE?|pXzKlQTQbS_4fS%<b?h*&BN%}!67ofr~t`kSus%j0kT
zMGExl6)LHnZQf@oMugslMMI&gb2wvTV2ZKH)=oz1xX{J{th3$|2BKB{FsAb70=eNN
z1C^(!^hBZD7D7mh3MA|Ll5`+nExbYSre$k%g;+zYhOV@MW<kHaYw1ltRS%Ac3LEF_
zAsHhK5<;hmMEx@%tMBslf-w-#GhJx3zS#}}jw}=s=c-d_ZFExDnaGZQIyk7kbqv0y
zdoFBuZZ?H=`LuLa5S=L9^NKSK>s4e~rls8|k3Yvut~S@ze_rDfpTBy(ccwymu2%(#
zG{6E@6wwI7e(U}UtRoobEJdckpAe!v^r61Ijm_#<_T3kn*a)o!-+3!EQBUHQy33ku
z7%C4A@-g_huC9$oesHu^nE$lq9$ot7*0uPnG+$<OE#&DPwRYO>m(}anAKg&Y^13l{
zos0Q(Uo=>vP#tt1|F&{z)$4SqG*Wd7Ca57K*4DS!4O`hmuCGZ&z{*`SCSd1H7Tan>
z*4g4`a?*^vy_+;#;H<!RyGUL(AoMWDM7{6HMb3qT*Xe|L#@lm$`aIb0WJ+mE{UizL
z)Cs%qz5jGUE}D<`{qgm6;g;uJSWTl>b$@*jX#?qfA(BFu`gl+|@^C)q7@cL4t4Fs_
z+mUJ&G+}%A$a7?>iQBIG?KlDsFf;W1`PsJG;|r?(b5uie)#7_GFco4)7vaHoF|zft
z7as}%&LSAjKma$ASa!&@>7fPjNC(&+%#rW{$3u48^nS2u5&^8d-NiudJ5}nNOw@i4
zKeqT*Mm%Y4ft}C1cIR=fw^8NbdA^WhGCn1#!9dp~i{!M7KAmqiLsq%9)tT8|TQVDj
z!DUD5NfZ2e*>u@bM-3MoZ>rDM3Vmuh$@_^()$VXr%1TdvE%|l~`_eZkO$SRts-K?*
z27?k?z$F$4EYY5_MN2;oTsP5L86sFdL9+F!hQ0uxO1+)-DmUU>gqf)(RxVb5QA0Z!
zfg6VZwy-cy<Dozg$_9FmM1xQP#~K!qNNl%bRl4YJzioJ{`<ZQfUBl)+b<K?vD6YeV
zh|E+XY70*@`bvTKb8qWLQW%$LD+Dq{goQ*5)S%2ufwXuHAUJlyMe{p;JX=s6k45P~
zJ!_VQJw0B*E_{REdW|sC)2^;DC{406{QC1#xz_!(G4=fENQ}ZI>uX|UvKJo|HEJvo
zhG6z{<@Yw@_mD^ed1l)uOD~wCc@C``EvM`E^<=9wesSCD_c5;4{r&Xwo>JreUXsP<
zgxqMh&ng78h8j<Yh-pzzc0>HZq&V{U`m^Wu{cT2_BKHYxa#qz{s+H(7tasc}ZP)E_
zCxkul-s1Q2RO5ZrV)y<OF$0KZWt?c%KGIPiqxMKvOIFlGaW&yuebxJ!rmpF9+{dn{
z2$yox%*x2sU@GfAg3gtpxoA(RYYuaDHu`#$>A{opdoIb!e8(E+gc_3GUx+nS|9!N4
zRZYUEqDUgHwhIMywpIQ}WY_siJxEP<6f#1Go%3ETmZ8S3W0myIKS?QGR{;Q`5ZSO)
z%yrx1k81qB_Al+Y=Gp=_Su~4m1U4iJN0D!#FJb_}&Otfy^Bxj41cwXxLp=KQajxT7
zKI?Im>~=CA!nSOt_c<HIp6h*$Ot73p-|c=7wL+?XLN?(`h)-Rw%~Lk*Z1}ZN!@f~I
z!=m-UpWsbnAo<dU8Ggr<uWjupQ0o*n+Z}Z`8yf{Sc9q@P^*v7Qr<ahhUN@e{_Z0ny
z7k5NyA%^=P10hg-7J_~caFWaYwm&A9?ftx#RO_tsX{}W4q*PIZGFv8?(y4PX4&Ay@
z&b}^nRRIQSn<Duu$y|NqsiB*Il^iCfyk5wBE9y%SEDmNuqs?e|w)SqEhA3w!oV%p2
zLzd@Za*!E$*K*I~Jyyw0dL`4b>u$}7J(tJhU`)6+&wR|K_!nK@@4=X(Y;C#>*=veK
z(TL2!w>{We+LYHAC1c)LNPAR^neLqKTD{XA<<lN}_TU(O<1$VcdtBs}K&(L)grYAx
zO7aR-FL1aoTnBINPp_6Ov~7=%tClU!Ekt;d_w~=9<EkOh3NmEQFcoVs&gdhe1U+#$
z7uo5;bYrnz(PY4(Xrl{0E{zHN<tlBF>+f>h0Yx@yYR3z43}1B$wIy#%KW<SMs1xL*
z`<rxN30XP&0NE{#4p3b(@`}B{9nJXy7pDQ4Y}^42D7>Kk0D%O0+;}M)*zoWW9qr;q
zQ)FuWtE_Ez<OK%~Ufj?H<ZWs7huvaTsoLp3Er1*^-os6UlX<kn1NNDL&WNWU;LX#S
zj;bT4e+BSBKoTPVE(L=6f&X^_J0v9J|Eh@p&zt|E|5T?tIeS=}IMKP=SYPQ#B^@*)
zcAu!#9y(HS+7E^mC6IAn)OQ_;)py8FRqKpdKobc-=|<}FOJZH|o+!(59{wTuLy+>B
zu3Sv@jV=J{?Y}QHYgBZ{k-3#YI1AL?W6R=in)Gm)^dVvnV32~0vGsaRSz@+7RLB!<
z*w}8d>tPt_lFR+M#DoRe-^0%HoB)eeWR_qjl!e*mkhC>EvauU0z>Y*p+!QtsNXlC5
z$Y+eb7iFh<iouXf4WD+-f;Mb&iM&zT8s^ush$?v}{x@!#nbmAzoOP65ItE^{@y-i2
z<(G-0GfYmTrMnhF>gu_gT43ouds(@7T3YWauwHH<Pm<7EM1%1H)9EzM|9juX2geAL
z`gld%k+(o+AL;xCs+m%3-j;4y0t+jtAXCXW07bsHAE<NgQq)|&x?)*kqf@B?J-Lm;
zXv2*>sG{WH<MWT3u0V<((7s|nYTS!opU+J!)U5Nl(PmZu-eW{G4J9vHdP!RJQL)4)
z>C|4RFaM>lK|OaNf6GijVGh~6AbF8LMGapNK{n5xzIOVJT+@39-G)xGn3}oJi~$uH
z&i2T!#jFCp+ak$v$&90vist|8T{bOlABD~+m#*J64Y-N(Ec(rtn9^+I%IT$#yrzxF
z{Y#;y9?KcK-*^Hc*lKG@7@@qor6IuPDWD|1dy{26BycLSnC9=qXqsm{(EbMoGl&WW
z%9Je?Z`u0qGhiLli@bRu69oc}NnQ~`MI-j)%&0*U#5@9)ZUs%XPSwO#i=_AM?Wg?d
zVAO<<Piq_#;@!vGlS*Iyw@7>f_$<EX{=+xsv#KaVAzjd<maeqm4qw8~J8+SRE#_9a
zDT}wswasVWSi{Uu%P4uYXPDxf^dh_$Z|cEtd7mDy!<JXK;WX^f7&)KxjpQacokE_m
z-C3iNS(nHlh>zr?5LltZBTJ<+Ml+86)PWrGLTD6R=Ev0K*xBo#`r!_kMt9JDCx(~I
zl1A*hz<r!cNGV2L;^EWw6yg-|pmJlG#6xB2rjHn0ZNj{IaceU>ue`Zg_U_~DM0fa!
zx6~$X@@zD*hi4GKxNa@ija<RPfq62CyM2nz)9j*QHIjP?Ze`Lb4R@;Jyt}s=KcmjK
zP4@uwL(+_?g)OD#<wGW%oxL?C;j0T>tsrKn50D!9VAIYV@KVw{jn>bZp6}-!zwfWG
zp6|Obzt6USj;eDb&a;-Q+ImM!Q;%;L*LrX2Snqz^EW+ygv6$5lx7ep^sZjRY2hs=z
z!`lrrUWt<=61cfxnlo4eHj?6mBooGT`D8ScPm~EcF2W<Tw>Z)LB$Yc*Q3XcCJW1@;
z6j3M%PQzvs9{`JGwZI&VXv;`yN{Te)17WbfQ|7k-Q0F4(ZZR8B^(zkrP!jU^kE+~v
zOPs{FQL*1c7^$Ip`p*{J9cj73tjRrj0SEQNwVju3Utx<v4PERMoOw5aLAVdFNb6vX
zzBrOl`Hs!6m1&aOKyZPry;;m0Vfhv|s78^a%prv|098O}?TV5ei#5WsYqeOclYzla
z?GCA>Mwiws0md6~kAS@0{wiB{?cbge1IUqNR}E?uuKjm+4hsY~u2wv)pr~+YS;{;4
zaF<SZfzBTEmcdeiXMS(Gy`iC4&KG5_s8(}=&*ksR*TE+Ufuv7&q-c;Erb>4RkSTC^
zG5#HpY5(52`y1_1R3O=oL_Hu}9s9w3upVzuIeEw)@1=m4zihwC?^IB+oay(2VdoDl
z>|?sX&v?<}y6y%hW4n%4vT%|7yGq4G<|Bd2R<%t%PjelA1Ho||OY6K^Ci+3@p}WSn
zpJa1^yrbEJ|B6l3TM*#uRX71TJq>gse~I#J2tvO3!|Ba4oK!*}&T!0n+MiTN=C`sb
zf4Gu|WfuRVe#UAB9`3gu;Q(yy%KxynrDXxnDVSZP{#yChUXd77lyn@yz!H;y2|&PP
zEihPLy=AdryU&#_>-|F^j76YM@QlZd>Mu9(p%q_vi+Kdl3N_(K-P5e!?78Zy_s}q3
zm*;Q;z~ka}`)}OXNAcvDNf2j(WhBfka$s~24>Y6Vx$kYZ;bHIptZLqQzOv_Lbqar<
z6qj)C|Fm;-1|5QOA}4a12;N}Az($)ch7z!@@7B|99Brx+Hjs6Ck2+w(kl}DgF`uSa
zn{a(b{xC7Tx{a`9BO>sl$8xe*yRpKBfz!9(-hE}F_t6Kv4LS;qut9u|ADSSW^X%@Z
z9=A$uvu6!~lt#O61)>>W39eV$NYj)iJ8)q6>-56w@<9Y9CXtvt^0N6PPf~;T*O0#7
zWZ!k5w(gB}m|`O)57To@(YKglKhJkU$slKKba`5Ya%2ifrt`Law_b9IAd(oYPd|-7
zFhZqG%gVx@Fz8lMPu!tNrYIFVYf?bB)$ijb`t+4zLlSA&CWDJdOMXe{=ZUW#ec|Cl
zm}8n+)W7lmy+lKDTfED5@5*NDU^5amnp6x#Ht^5z7jbuCz$)NjLXBqth!}%<HXQ3@
zu%vP(A+qkZ8&iqGMD$S!MNo}`FwHR)OGNWy?Hf@^C}7Me_+nG*it4tbwA6^~c$bqz
zVI<ZY^IGFfQVyK*)&z{Ds@nP^URx5d!Xkx(QAU#?#ekxawepjQD8=H$Ah!xFPkRZ#
zO|A%QlC5e#AfBzG1ew_vTSrh!Hyy>=bBOo|^4)rxA(R%-98%vQO}QfuCU^vl@S2ae
z>h}03U91R03Cumyz9xddPg@*9V#cl!cx;7v=qAOas(F96^N|^og}(ZZl!2)nw2EA1
zTgPcD`+T*lotGNkwizm4q%jOw-yuGDeat|aEI;^~i+|>F$t@3}PlNJ|RG$%}BPv~U
z--oIdFO)BOVK7}fB3B{w9v5}Bt=_P(gpO&6&+_Gnz^1e9L=q*@&m4k=4F2IG9*eI0
z{xC^Q)F-xP5alDe%<`TFqHbpXWttpGDWfzRW>W#}5dRyvnHs|yVgjq&pYvX1n(prF
zUNn+|#R7qZgY~A;T$!3ZCZ+At2)er!HJs-wo?ES9AXK>?p~jvfV(N?u#=&w_k^((e
zTYH=edA`BU>*sqS?{|<Amx8ryqelEF%v|ycN;}?INZH!gVJvaW6}xtj_X}gOh^cO=
zRmFQwpFDu-i%#ODw~rG9qK+k92}eHE2_Y9x@OliPzBuO(XD~Rqu=ytmB33R8;fdw#
zKP3l-@I_+Z$%o53w=54Y4<^44`Dq~undp(_izRqR_Sf9)$Wd9!`Q_lU9k;uSDE#Z{
zXCpIcz!4=8x1e#z8&rWNl^o?#{l0%9YSe8n&crj*`Ggdhqwp^Tk~3Lpk$PHrv1D3;
zz?_#vCSRIVIZ08Leob*|p*fS^G-%}9#getT)0jHb$EIkSieY8Q#aZrAC8SJ*viBRu
z_x3Xz))}e1(}o1~G--fHD_?$q1dM|zSs@=4nTOkj^ooby+UEe}pFdfj9Jmo23Pz7)
z@S)CRw=4FeShzW(d2WlTw>c|mWzE0*Njfcy)9W>CP|?Ba;Q}o=%1D2@$<*d{!=*p#
zlT_7zN4o0&PDC@0e0R0i6b}~J7vT|`Z?tlX+l$}*+ZTOSF&3Ex$+V)-j!3HAOe`&0
zx?@DIljJ=81tT1`zHj28jaIi`3}Z?wSudB~mWWG1tRg6Av)qFS5Q4;84a-9extT@(
zJk(AJ@mHb~Vil+FVEhYDTmat4=C1UrW8<vJLq#ZBz8d5Jr1gquFEM{xpzm6<y_O12
zw75<*#duF|L!`-FLZi-YujwkN7F*RYpl~f`Zq(RIp;7O|uMEG)?uo^^ue;f_L#`S}
z+*79`6|SqGh8KR!-EAT~ZylEp)p2zR+99p_XLma+x6rn$INrpyWn6i~i3*;Y{f15M
z18~n)2I`WRVF&Z(FuH?&et(u$!di0wI?>HcxNy{0O(eIX@RX945yRx1ap(&7leBF9
z3?mmNNsSVxT$(uYL#^VIUM^JZb`|@OK!L*X*~8U>w{|{jo^qH##cFg<UcF*x+;}ls
zB~=ICFzhOoDLQiZK;Gao)_1+#d8iCwtM@wwFVA5ifBG^*KW8oJ58vk?>Uy0UC5z|o
z^$`!%RIc~3g2i|IBeI&s#dNX!seo77Lm9JIx0YDWTj8#pc8(5rnqXnrwa#?m;w7ak
zZt*dE=O2OMRDs7&S~D-Ii(h@!f*Q~AW+M%D7?<tbCMw&sR<L1hOr5RtnfGuzLj4(A
zg4zkekQ?stBnw?cZ%XHObolbyh*3CK$WfEUfh_y}IQ9HF)Y^1;GG%1EH?$?vSni#I
z*9jsDGJ&H?QqQeBMtUHj%e#%Fr3V?M-Q8mnX73Cy2Ekm}VG3dgsRrt8paq)*x1IN-
zDse&(T+I997UMMS^&8h^Yv(8x=P$L7MCHzI^fOsIe>+E6IyZ60EuUu%wAyjnAu^fb
z(Aour_EE=lt-Npw)||99+#}Vh9(;^396JxW$2V@*_qKVzp;++D0zJBAngSg<6GMa6
zUt5zlz8e=@Q;r8@OSNm{@}3|=h7NAjQn5=zdv|6#7rb5z6XFPg73T5NFx9&$T84Gq
zbpKvMJK@t&-&&A9S#VdJwKwZh$yRLLoWNa+v#ZL|=(t*0Epo065x=g7>AWOfnhL~Y
zb==d_NyxVL4G~H@r25n_FzUR(NN8xE$bj}IE*d-MAS!3IF%$qG6Yz2_;~%=Tg*AQ7
z6Z#RG5{Bt4%5FfzB#3jAijxXm<Daws((Z`SY9`m@hq8nA?o`}Ob`rIOW3mY~=1(*l
z%J%q}JYku0HA~WJJy#jFZLY^mRO!&1HtY{F*H@DfH}U9ckv}i-^VBBXjY6_pcau~8
z?4x{U;D&~u=c7oho6S@Isph0&a9=gzhXA9qG_dKGPI&Ph-rb^En<r26ijki2tsJk9
z1Z$B*q})ulLpu=^K;*$x)UB*pidRIZ-zi&4`#hf=RX3cMJ-=HDoU08Yn$U+C+He61
zw&5h9$f)&q5Rsy<*w9@Pm4a5)g)^iYSJB<*4l(I@t2yNT!IzhUfb7)BRhWbW0y41!
z0{Y*Zxc}?^`yYw(kA>`PO)bn^9RF88xDyk-y`!C(qluG~p@Ad)|F<R9e`jfD?_&S2
zeca{$(9X%(z}e;h$KQX4)WFEd#M<N^aJ&Br>3<s4|KBnG2ju^Ge9m@u*7gRrCf5H$
zeE*#{Q)@c|XOsU^jQ{cWKV!uIZz8j>F)%Z6q8GGqwlT1G`hS4_cj=G+ETFuFk+aLc
zwWe1#Ftj$2cQkReFmYp~b8@x0%7JiKQE47gJJpFqDHqVBAmk@-7I#!41#5*OFH1%M
z`2{H;i0B-DqHjPm%CU-($IMk|H&{ATT6l_`4pAmoch`kU?TRSY7dy#OHfeX`WQ%o4
zaYuGZl6J$rnbk49=9SmA^8T~3?h;B*%S%lu9UApPFWoM&=4XIPXW=And@h|Jl^Jfm
zU%E{S-;`=JBA0#2ayuB2gx4Ms2ky<5X4Pp2d-S`T^>`x!nViJB@Fnb9Z4g)JsW7Hk
zg*btjK1$ow;_T$qz~KF*xAa}-P?McH0o(v-T8w;bOmcE8lbMx{m3Sf#iJjF!*4xn0
zQj{P~&%Q@4&6wz?B?<7EeS6qMeLrw;Tr;iLTyGxYrDZClBCJSDsrMjC>f%(8|LxfH
zqG;f#awe4%PyI%0e<QN_H*)P)`9r%ndUvTr08J8UGF#frn|H~5o8r9*Sl*jA^hvI^
zMx`Gm+EcRU^>1C4$j<_aPoT4_V#-W5bc?0L5(`?U=9tl)wr(3K-zyQK88pnz1T(Iv
z!CYddmP&Cd+Gjzxgy$~dXL%j`9O`=w{M@TjN6xE6g%e!ok9L>b^fT(YzeyqnrV5}9
zW%(M5qZE#lM0!RIWfA`uVP64OSFEjxyA>_P4_e&a-QDF-+@-j?ySr<PQyk903$(Zu
zcXxLidf&Zo-n%nzCf}Cm%1W|#vXi~?FP)hgdTVpWFr951d)y}GXx%J{>XD*9<|+gY
z`}7Ups&!_@^a;!pYr#4*J@mXw^oN$XuB_3#1QJ%p*b1o9*2KD<czC+HT?|vfXBPqc
zNGMvF7OfN}6~8^^ER#{wzd!5tGf5;3Hl-K>JOG(%@KIjC(sMG+#W?!7ud!kWdqw39
zDnq91Oi*SzveUI?WVNMe11iZ!B2*;ZtRKG|NI=DUC8=`XiDFDcrfEP76G4ls0>s0T
zN0USV(_s-Y5ts+?Pb2t+POpeN%{W07VQh+ZWJ7*AU#&5MjtB7v=`USbqQ_XMEpb10
za74CeO00}}W=gni?!_?U3Eg#~8%OqzYqSc>i2!yG7+|b6?<L5T3I|G{IvMD;h##)k
z=r{yn9Y4nz8d%5_T8AiV6&@PNHm8nIC$8<xUw(;k`$*La6a2f^iCAjEy|8_}pjc|M
zwVAyoAD6c5vzK!HFH#%b)*+e%SB9ZSwggwMAulF;eQxdT-_nUT!m}rR;+(-%@lw&-
zvD=v{t#K@XtHB6<&ba4q%SFEc1e@Z1SWK5$N-k}|&%3V3>0+;InNWu1ahpyPJ#%w?
z^oLfsH>_PhbheSXqP?=Q*rR>+vLt**iaO0zgc`ne>9BX}do&Cw+DBWhJ1s4CMN&kx
zBOxr{7~>7`$DTY;N&{(zZ<rvDmA0KZ{HrHu42N=uUCv2<a^!X)H3{VzZf5TtG-_T5
z7?x)sQ`1v&{X|B5&K*jgZksFTVG&8UK;1#!i;enx9h>4ThsCw24bNHwzsCt_i4LJ;
z2+8RXKs#r05^vOTW~>Hg3HGCL1<*d?&uLj|V*j4V)btPDT|uW_RVYbBWQwC$%n-n4
z48dax#_~rec{O6^M<#i_(@uolYIA^^qX1-U{}y4hQ^NM7h-_39&y&YlV3F8%%X&CK
zNsPCeZuaBm)1w&tkeMO2xYyT!7vUp>Ok!L!^r5D@4d5`omC2t)Yq-4`3JAtkTcrfJ
z<2d0&F8d@(AId%lYS>q6Pl=M9*1!e19g?_f#TMj#adtPLw3O4HuMaNp{a`*R++dmT
z03HFXeQB_a(80FCMdgSt8Ywa|pLA@n4AH^1!;NLvO3~RSFvI<sAyGV9#9}_F-C&v1
zc5a^N0McRa$tlp;&bGu=V2!5AzG98`sW(^2(ZP1WeTV@J(*Ky|0<PaYiTegAQT@Kt
zjebjso>LDf$7cNOA^&qR-|2}5_xwrpL?HD9nMb3`1#0{eM0_K{YqztfNP4BspAvgd
z(A9%39eSQFyry%0%}{p=v@XMH<U;a0LQFgfPm2>{r7nnB@@kutTfaRLK4D~Tf@Jn!
z^tdCOV`1e%+b4uE07BBe!q9+1BD;baTKWe7^&d;OjV!OE^nJf=>rG~JO$Lo}Zwd{L
zzo`A7wQHIY1z%7S@hy+Y`p8gkn=kIk@w(28Huk5x96PcRy+3YYIomAT@P-lJXxVQR
zO!r@3IlP|TetljbT{H<nF`dl9dpf{YYI&o^qRWpSweRL8XUQUz{{q+kN+j!xaN<j3
zupBxCj>-cm!Bty*qiMbHX{{$)_6V_w=Mr?nIJ<`e{n^_XTshwwJ>Po0s4x}r8Tab*
zDFmiimvYHT3ez7*d^e40vmV)l$;KvXpxO7)LHx{Xo|v10l|kKhlEJ6M+C$*OIAJ6i
zh9<AR*Obp(stxUIgt-04QQvw+fm8pS7UCYHZ4@x#Rs-K1rUwy-HeVf#gKI+6QgoDl
z)h(=kt>(glc9R*zT2=5;Q~rBSIq(fO5hXy{K2+M6EXg&IHhr2=XQc@0iTd-bMw(*~
z5ebhQO5qZsw3e6PdE-_Qbs4qsV)Qkk#2i6PlDdz8`^YF!G2Qi}xatjkrUqr6Y0WK$
z(yZF%v=z<yr;00&Bz~a+TN0Io=8tLwRp!u~b+Apo7%wAIOOHjGxv5mjYUtAeEz_!*
z5DUBkwsfSoU$}|cTrSZdZc!lII0DC-0_OdMk12(1A@C`;5UDp2{eN=+vYy)V`pH)V
zrF@<&6Qu?=@waeDGKKM}qGKYlJmYN)LDI!A?k+B7KZc6byKnh59<8f$+hGfC$ElEb
z19<<KRK7r1N5b2`iIYEBU};Q6Z_n(0m4APjleZ!{*ax|G+)FQIl1g>xf*h;`tDKG+
zt|JCn@2vw{L<<30-`x&s^4H)V*e&;K@;$O$Iv{S)A(!!jCSn6O$qFo_>KxGu$|p`}
z9T<KNuMhb_Y<=AI$L90L3SN!(d`%QL?5_a!Nq#E)^P)0k^=(<Gt%zK`MuYJJe@C5q
z-sNb1vT`S6_eRqKq*}={%MyJIGk61pXlzi)p!uQ%#~Wo@2+ulwofOEwLX^jV_$fpY
z$aIKCRM~YY3m3a$6^<-JmQB4ZQ<%sb?*3Ur&MBscan3{*x-Juio)k{wEXK`EsxWW+
z5d)_!56)0*cvXha6_QF1GTG2s07m_^n`a(c-w#IL55bcpEUJq#`xFCcl5wIUT5yNp
zixw*^IX@kjK%JE^s5ErNFb7fLac=4^x^LT?r-$JEDms6~Og63;!ry{*X<DY1h+nZi
ztIgy}cV6GMH}tyUJQ&wKh)GfNYsaq1%XB4a<4QJ71;!W3Vz!9jZ_SrJdD9y#^UJ4L
zmkjCZ)U-*mjQz~A^W!E}9!c)?)d9M1xA9hoz}fexLY@M?+{>Q3A$NPBYjb}v&4vx3
zgp}qA;HL}BAc7cB9O?QzKp19));;lPq+-XM3kO~f^h$L^#&*SSFP+(N`avL1m#5%d
zs`j9_zUxpV?i3zvD$#dEK1(j*S=s)xtZ<zY8}w0v<0D8tmX(NazA<SB!>#v4Z?pHM
zo71T1)5G?JX!V=!;YsdBvV>Q24OFi>g?*iCoZscRzW1*S*h?YVC_^ZYL5MhW>soaB
z76z(Cv|xhR2T<QE-s~#^(W`%oD><UAC}mzTPW*&E(<Gzax8HlSu&st+?sX;szrQ2x
zAosX181mV_<q?bIt7{}z{vmwtm`1Y57|p>eg7PUqrAZHFr8mQp7H*p|e}7^VLD}Di
zm*)s0RPYM<0kTZjl3m%k&!*rWBtAX2COjY86GAFlN7-o`aomHp9}kpkeK(**9H2#d
zmRN`88FNzk93|dST&-H$sTDuo9xR2J%VVIzIj&j+;P9)nnwHq*M1rQJG}3tzoHjiy
z&X4b<d(6Wc^K0@bcF;Ml)Hyf#_jI+_E?RLyD26Xt0o&faTaNd%c~wXV;>3W4GXSDC
zf+UcD>PPgKZH=JBI|NDH_%aj|8E1YDfu3CQNr$8%aPk8m(9{)bM-H=%PA9c}(Yj>S
z($8{NyGgb1#Yd}h4=?=j?Kh>R)LXs@?!vEziOAiB&ntc6ftI{6%!akfDywQ(FM4vS
zF)DnW5T)^uF&*7M%&Suymsgq+xQ=a;yHB%?z<t-NnFp*2?y|c_f!(4+C+#5MqDq^-
zGnnA4;z?u9^x!nR0yaKj)6i<{wr=$!_c0jPo~}YCznH(){Bwc;Vaf?o&KNwG8syMX
zKnDYb69mm6oEJqPY{O&wQ$NH0*=esQ(|{8ya5UY6V{dEr*}C=j19eKrqw6okHfo_U
z_<B>1Da^YPOp^ZZJ&wzm<3AOj)%Ach&pwU$-fFxVTkv}7Rs=_e*u<xMi5v>codH~W
zG%}e_wmYnRbUx`?8==9y;+cwYq^GC*HDx>HN8|cX>hAOmqQleo1|QU=Uc_12K#F<Z
zV3wYvthTMdqkt;9fFuiuusxP5x8<BT7M$WYyu$sx;z_Qed<Dm_^w181=I;sKF8-;P
zRw>1+7>d<-v?emO^^|I6v^wPHCXS+!>K>lW)U?h&B#b3R*UP2_jL02-NDju!3C;fc
z6qw8jb-C!+J5cUZ^OEV^8&)(H6@AlC(ydqMS;5#8lf;9*ay^Z-#hLVcHZ#R^e4vWH
z=2bkypgf7QZ_LGR!+yenoFmtp|1lhS0;`HZ3@WM!*{W_-{m)kap(ppI)t40<?#;Ju
z#C$nTzs>QZuy2Hw+M0TiOpVow0`8#TRi<|_CMK;P`0=^Kxrex_L*-}?D!ZxQp>O$#
zhTz*nXL1gyWtu#(+@~MXTjN@kr<~m9M8)eH6mUK4iqLSBwb^EuB<%``PZ43b85-#w
zmw)@HE=fP}OD*vuxPjjV{<MZe>h6M1W>(7OOL3cZ6mIM1zmp8|zbF$pyU#s-m@il$
zx>Xx)y}VID3A78xzEVm(n72tPxzsC~v)X6m;gjv_l<h?QRZpV99g4IN<pd5!6F}wK
z>0z%fNZEHgm6Y9B_i|Q##0<FM{c<VTWV_6VXRD-ir(f4`u0yq1>ocr@-O~^(-i+#&
z9`9c36?qifxp>wz-=)d7zZW{&7n@?elGO0jr|+oF*C2VN_W(X#VY9;Z>{zLk&@^)g
zD4gFWMa(#(&2Cm2*CPL_71BDQzU1Impst2F9lmWwi~7^{9TTm9`$Ay_rvtgZ{iv>R
zR=c0TqOE~c!+=AQ8g9B*rBRCt^$Jz1g?Pf1DRH=0PDx0uue|<6f;iH#uXD{)ZTX5^
z;t?Yf{Ug<sTkDVqYnO4!(Cx=N+aSX@vJ%2UHZ1W!$~One60c*fil8A=(bov^M17yG
zW$eVRJoxQ$wH=ssa;rAzY4Ne!O0J5+_Da11Ao|ma=*4a(5^ZoN+Gvu@O{%=gSL>@)
z!Zh1%m0y?~PvajQM*w^Vm>i>GZ4}mY`ewi#D-IDU5jhv36DP6S6BjTN$R$h4%zl76
z;4A#ObK0JH&dv>E<tTX9)wu;k6#v;Gbj$urU^a8s6LVm?%Kq@gvV^HKHIh3uuM^tn
zVw9xpOnB96h*LOCXPO%51)0_Q#>lTwOw<31p;l;qps&I3mU7Z*uqHXs+G{f?DHVj|
zn?%t$(pmGqb-JNJf15Dww6vJ<XXCjT`|o1)i>^DzT51s6Sxayh{Dr9C{t=^^9)$HO
zi}H@sA|>*MF~i_bU2q<Eqo)n!x2u%7#1c*i4Qho4v&LInq?^@|Km{4P({8Mq!G0u=
zBBuM%o0>w9z>RrnCM6r9u}j{aa#+5~As@|-ApJgu>>7mGbH-6z^XaaGiB<mt`!4`#
zO<g6Q++qA`knU{iHGIOMU&0}k4~T<wmNw}u(my@IKRrq+KQz7tjl@BV{UH|n!5F)f
zG}E1E*mq0DJ!r^Z9`iwt{$U`pu>ikwlQ)It(iW2@18}KBdp8|}#VRc33ff^$bZC{l
z_hi)DPUiu<<skL~NvHhNygEKrk7E4RjQY{!Ra!^6Y9T=Q386ZWmbyZfDak|%KACb*
zg}3Ka!pZs^V^~(P!sWeHee?73&WbskG&r~KBoCphs=_>w*yY|PMEqWpP7b_}Qc|Rf
zn~@JhSFcEaq%muvP_Uu>-iPJ_4Z0#Uc0p?ULp<jpDz7Pmk72~|0@C!lJF7_-yhx7#
zXAtE(0e$U`iEAd)Z{eYSkt%k5UYy2Me80Q|7gyjpPD4}`V^t{;d!J?)@{4N5#OwOM
zBAmcz)Noo~6=+a~vn@pK*nMi%uDM;;D1U(q+gj=T=7Ns6GRwMwi9Uwo={-){C^z?_
zUM9x<+hJI}-Phx%bIc42q0Fjy<ga#YNaFi|qScd8y=8cFei-iK-aK^UT(SD5rW1qX
zHz{g&KOeQTs?uz5n>oByoK5#js_!xlS4S703IKm(4PqB>z4#j9Dtle%_~V9s*Tsuv
zkp^H%Jc~57Hzoq-A?N7GqatD8KuLXxONS!po7*uqcf`9$1)gW}{_Su1L>gV^0hiT~
z{afX<p<Dctg9vu=-dI4dfJ3wNHDS?38vuOi5qGrd)5(PWOQ*zo9i>HNWwXX>{z$u0
z$|Pv@=;QTGD+iCVTIDb1eMq;7__HQcI4OhNG9#IQlW3M`$!rOekux*ghk-1Ktr5g5
ziOvi2Ntg!9A|3W$`Y7*TEoU49N0G|jYIG3iN3*fR0wmN1`Gsxje#eSqe!tf7TZD>g
z6_p+er&Ge^5sCZsGQ#!h5R<wPIJ>aZUJSXNzw)_Dj<)E_B+Px$t{BqG?rf;!lYA~~
z`T84cb>V}xT&vX3mlk(7ahp0Ll-*~>IYHZ&LiYq0ba^tUlash!vv`eCq(y=-5Gd>B
zQk1VtqcYt>W-pXdF_ThiRb#Vu;TLs-fS^jYAssGFd^676RQifc$pk?t=Z3x4ulX0@
z7k{%6Cye5^PgtiBBB!PHf;|AV;zzEcq4c79twPhMiD*2l-)QPz;pl%L;VwW$^CJa6
zqcg5Te%wZ^)!Le?8zOI&>M%;`W0tYek77|j=+J*Ecn+(tQy{#f=;oH0afur8{9aKq
zd;Utcig?4A!?Ri+qAxm#lv)}4CBB)@%>_=~X{I9gy1Z9N!rz+2)iv3W^>YulAT(du
z=f(CcsR2lPa9~CGO`Mh4X#>vcN!57=7)fg>y9Lkvno>#gK;WY~$qN8{D$rf%Co|b8
z=I!h7C1%@MRY=wu1ou6sfaets&lYaMANHdVTI23lXPedgk6PI0cdXnk#50S~6NG1F
zs!u9yi;HzP2`#~$<jM-FUX;V9CykRz;0$5A*s8}(THR<q+;V=CCM}69K@TeCWJ4V#
z-Cz65-*?N>z+LQS980FviXtcS`*AUGb8T-4vqFAp9ms>mhi8~oz65_>Ay0>qwLx8#
ze5_f^(<_u;KilTQ-T~JJ1sG0H5gdtgnqrSRy#!Rj<PvEfY$h{qoh{-W#U*=jxH2Sk
ztp0>|s&&1H0K+K?mU=*V1f}i=xkhR1hp3}wQ)Bea$h-0gpA1D$RvMeKp_fMM3ztOX
zjo9oT;+?~|4{hYEmQ>$dJH58p)aS^m8sLtO;n|;_21LmVb}$<SiIEgo7^y2p$qUj(
z$ZHl6zNwY=OculkEFR#(HA||Ov(W^(QmZq}!Z*RcJI5APRee+7_mZZV3YN;V=&ag0
zYzjM!EV4m6O_7Ti1{cb>X!*MOm5Raog<O=%Sgp=YPc5o^scoy*E%c_ZtQJ~|MOkmL
zAot`sHHDSF$l2{a_^-zHHamHGnXyXD@Rwc4ot?PGaiMa1qFIp?bufRtAc{OWmj$4Y
zu_gowj{R_38Q}QO2);R0h(1^s*38UC?zp;|tWGSXa(KCwazW}5WhL}FRC3^clc1_}
zN$5yYa^I*tOwa=wIaX^Ii*=%eN`?K#c$NJFZFkyoko2v~?4Ur4A%S7afAE*Q%udv_
z|948d#O+r3v$0*lO3`C}RrQFBqTwb2W~=3)6}W4`8m+o<Xl*?q+j7)2X6#gwjoe+n
zyv1Cp;+7KEc&AvH4;||-@!dxG2(*m-nX53gg3E&fV*AAUa|FTz7U$eT)WdT#Ur*lA
zQ7Aei^qLWs4w3cC<j$Qg9WACD6#-vA0l;zL(8=O?8S<`!k>dBuXc3muUL2usC!USR
z*a>(zt$bqJnu~lES<-A>L+!Rx*&<$X($R#8XBJT|AmQ!zxtT>INHF_pFXH;wj_>Y;
zpnmL?=NT;ESG0H-P6R!$%KBG(8uHgr4t*8$4i;;tZyftl6boJ7^Sa^`QGRTb{;EJd
z()|%=sNm+u&Cwc|Ps!Hz{t>#V{(ZP4DRU!^D0#p)d9+Bofo3cxU1vL*E81rlW)xr;
zq?2NaOPTq1;p~^>J7U{Lqsni>jS^xY)nQI!&iAi6pI@sEGSx8m?y<^Ki91q0)5gfm
zzEuL)6VhUrx3W25;=Vd1GrpiaN4Gj&<<*jRYQ%YFo~d>s1d^9tcZni>^!+XWNoG!M
zd;Qf0`y0GO8Iht_D(fr;w*&3`Y@uS);(D&VhTW_RCzf}m33%>Hu3(Mi$+wKimD$2i
zRnvpB--vM7>RWhq6JLxz$@|8AuQ_}V1iz>3Rio6%pVj=2;2Dv?a4<A<Wi>CYIp*@=
zJ>K8{aGlQd{u1~Q5U(@;{vXbqNRGG`69VGz$?;!*#;`EI8&>9j+?ZK7B>p=8-o?4a
zB*eKmS-HhoMY+Yqng8!d%aFi#q-Eegkd_~B!fD<K3;jh}mU5J*O_!ldmwi9z)8*a|
z#%x8JR4G8R=%+Y7&!))w*$$c9FB>P@Z*OnIYm@muzoSR88dtl&1J=g(<}|%8n!l5R
zbx~DRg8&#6Y#K?v)j&XCe)<P;E#&b`Xe_J<ig?e({OU8CATFW*Wz=D)vh~fQYX4Xj
zf$DCYwm;5OYBTzZau?>=J=R@lvx7X7TNm^hee)f%)+tH3-b;e|8a$y6x^7L}@B4}+
z7m~dt{Hu1KgS_>Q=+k0fn`wbQt{)uh*%vIU#KS)1@$VPv{5hY!JS}{>-2t1<4FdBu
zvPzDh*>v9YJ6X?gS3jfiYR@-+(t$iKkeGm=-e@h4i%lFL$RiYw3ApiJ{QpLKDYkGr
zSzi>zi0C<&O@=@ty)`^KT4(4J7%}X1Up9rgPD#eQ6gS<blx<S)_W>z;_o_OG@&XMw
z<WXq}n07mQXS{yugC-36G`mux(;KSJZz3~23M<3w%N0yFbJvh8Zd8eZ`==Y#@+BLk
zoy>FDb@_8$H2SElh_&3kt6rhlAZ5Lc+BH!)VEw>5rpS1QKU#+uaKi^!IFLuXy|?mq
zu}HhQ0b(Wwye!R+A9d|KtCf!J&aRjkR?6p$$fcfduMIqT_H+#X`J4DHZEJ175BSC~
zXb6rF^ZfatLr>!R>a=U8)hla#OMy8Yb!ooaCZjLR0$mgMR>VBB)c+NfL+Mu{k~e_d
zL@YGrMJ*3P#0`BKO!&*@t%C_Q6G!hfiT7S1#maZ+4cP+wb?l25!yDk9?HNkLsE!@#
zZT^)O{kKv{UXth4_&ILkHITEvz=!8vNMK-5hTU;3s5X{p3zno-h5dT9?Z)t|-kuQs
z^g?ihE4MToc8Mn-Xamt`Uii#|%NiS%-vt46@veJmxaoqWGVaZKyQLes#su<n#_bz@
zx<_^TQAQ5y{8r1-{w@jA1X`HfpFv7ml!J@IH?UNEkvR9D4YyAw!A(ysLane0Ldqdq
z57Wk{S~B7;>wxC3sqOv9HEkp`2f=Hw+<o3}A_!CmB(&X?TyYfZVK4@8E1ONgU6t7O
zuly8?FCI7eX)w!0eKyBVpgRI7r*(z0D2e<2;e<0U9N0L|t7v2npf|ufHE_wgd|@4<
zwjLpfwI^Q?OCfa5AWQ2@dqtufInZ~bV8R|nZx;aCfXyz@ilB=1$H`&>t+#d@!ZHTB
zscqrVAT5r@ZD#WFZ@`vDiDEoY5pI}$`~4|Ym;mpwC%POPHuTpsf9=uU+uKV+e&@%=
zK985V4iw5*c0paMk`G_sPBmzdgmq&8k@;ya!xnG>AuIk(R#nneHR}GLFOJxEP;y@g
zKQM85#A0p@5uAk~H+EfA#E=s()^Y)nV#ysq>r-Gs-z~Eloyj$iKq@tC2asgp*X`JJ
zWzcd%GICkB_bRus4>n`BNhOvcE>j=1-Xtmo!@yVDQudKfD&SGR4IxXy*OF9cuwu0*
zrEt8K9U*>W{D!X1Lsq%oN%ytKY*f(wxx1KE`m~@E6e#S%bKnE?jiYNE8zj)tH}7kR
zv{P#kdj!OpWFD7)0ZmL9$zsV0=&`}QV>)$m@p?5t6N9J!@pIWn<CQu8+oLFBldSk#
ze10XZ{J!MM=8U^!vqxawBVitH?bi`4jZhZNx0MHRe750QT-xsKF19A#wGMxYt$|Tw
zzId&xktWIGe5S|I%E3ww;ZX@&^<+XCB)iYaC#8+h#<xOKq6f}2H>q=)xRp<NGXx&6
zQ>_!7W6Rl<*N()sQ+&Cxh8A~>y^&%+%G>f6L`GJ3>Tn&t3_W?uXkQ8Kt3=H`W-L_;
zqqvWdR|Wd5HbFl1WEQH!M~Mb#o#(iJFf@V@i>)CBL)kn@vZNjAtLz(^rL_}{EM27N
zgf)age_2#|#vFa~aK4DX*S;gMWiy?N5{<``cYd1U95~id*}wQCy3*b>er4b?Z;34L
z+~sG9a>UE|Y0)H`o3!h^$7*}%3PgyzKFg)BHq`j(qas92qM)}l)Cr|hO5)cl-kT`V
z2rVHyv$vDVKpK-B-P(uk_L{atXSYy1?OIM_)&P{!lGNAxHz~s^_CKy?yR%yyX-8(>
zG58P(T`x)r-9r8s!(2nJUu1={w^k2?AF($~{q^qWm>{6%<$UQa1NX+>Vl<{DSYM~{
zx_kt}gooqyG!YslpvUgQD_6^FCN3YUQZGbAI@_-@Mb<M0JAMYrI04?@+mZ{y#y)Dl
zq9;$gfv-fG<?D;hkjwE}@0-v+P#=ABc5#k&FShnc^>eveZ22f*t^c$r+UhyXm8mwO
ziVkNXd@BT}J3Yb${V09Dgvw%3HK?1>_u~~do48g|Z>F1#79_do3G%X{C!XlhzDW}h
z0H!v#BArAO33JD5>A6iC?hpJ>DL#*%yKikScpWuHa}3m)IO7Yp)&hB5<qg`<xE9ma
zdM3@FZ14lY%@b5VCemLYXSOtykYsY_wU0{=aYBh}n?H;wE#ciBLw)?Qet8|l#ee#_
z+U}$Z9@Pr@UdY=$W|<j76tWR892Z67bn5>ng;90bp-xE3LyQd07xyA)K{PagpQ*J3
z64N#dZv^*MIdhL_p)=mb8@Sp@+QXTjzOB>4UF9K?mnv`t<x$DiPVl6E;|=U`W4joB
z0KGihEORmKmWF>353&<<c+p1}LL&gyaolb(uftk#dBq}}2Q_7PMY81M`Q{LH*a+4-
z7_NcR+#_#a^1lRwNKf3J6k^OgL~c+UV0rd8Js%cP<*_qb+Q;#fu#eO{M4pHZNd}gV
za=MDwK?S}dL8Di{wW=r7u0!yuR>n>*LFUa6Sg`A`O-D;i^ZZOQ9itAwQ9XmM!57yX
z+HtxH?=@hxi-5xovi0oJd08*P>c3soJ^Bb%|8cn)T*9~K8oRW<PER0)Mn?8|oAXjk
zzE~1Zq&pmMTI87KMf=I;4f&<p@FF|;fGH@G8hwC=FSq-~L#LpE)_K7rPY#|efdqQc
zA6BtFJ}1!sE6#cYB1SaN9TEt|@c@h$gd{;GTY3k;5DLzj8rPA7_kmUSB8%{?(K|!T
z=!m*(MLIv4tTjOt{W=sZ26fL5<eIFGWjW+cWN)l;jcLcZlkfQ<IVqvfZ-_Y8gmC|q
zL2t-2oJ$$-1d6K7*`f5+g90wj)ibVt?BAMNOd_4zfUSPYiC4jc9JiyJXirA;9E&5A
zGJLwUrXnZ;FW{ub_)_+02Zsha#IM;(JaoYfbis&rcB|&^HA8hG)#`lD(($yP^(Lpp
zlKGySQ_D0XSavLWx$Q%p`l7b>;K#2`zKIOd*X=R$7|uI{F;srC+N1m<*fvMztw)rp
z5%A2LYVDFpGEqgs=lWwMz#Io=8chLCX%lrf$wCs8UD#3hIe4+{myyhOzb@HL+b<Ic
zS9~%tHKG(}3p!tYjHn{zd(+n?tgf!mc1DxxwL$GU1_$ugOy~J?VX6v|tX;^nm)$ls
zb~uj5H3s{hWUF5uI!Uu7c&O7%+ncg^JzOzsPtyoMw&%M3L@y>VEUV{jpPT5E7Len1
zZpfqiZ_DsOC{=z3_QSMGeswNqb?y$>=d~9|vV7p4(D(0<m9Y49QW9MUsQjAAoDjz5
zId+oWivd1yzDaSWy16<Qk6Z}^6KFxb<v#DH(p%lm2_29hEZZM5?|8FcWl-R5VBf&`
zMcTZbaE7S)MCq+$Tf~Lv+?}rY1#yMLv(4nyZJ3@GV|@R@jMspn7?<ObtoP_24HjVY
zC=Cv0;2oU~?A}R}!_@_*gpY(bs@%ZQ3CC#oN2YT(qLmmhevd-!b``j6^2<5gE1U~c
z%bYmXIXm!=Y9C`7N6xi>16~;`hlfe0paI59HMlt$YYVm|vgupU==c2bMY^(FyK^`n
z9;Z7mZ#ydN55TufHhhHUMV9<t5V%Y=>H^c|lDCZX-X+t%ZjPUfxw{fBd!GN1s6%5X
z2Hebjc_HaDTP}BSc1#4E;~SuB9}&pU?Rfw{rX=6~Six|axrpOhUlM3HT?Wsug4iwg
zDSL-?7q@lQ|FH6pb7(j-cO%=DQRp4=tp+$4Fc^3TuX}knq!~HTJBD!Kd;0tA(|A;F
z;Wx$A`^BHc378*;o*-MC#DTpdHf#Wncf8&jC#_wiy~EO-AbW(H9m*-J+Vi`~F?mQ}
zJ*)$R^(RWn;tU6J=9hZ#{m?)e!g-XvTY`W#YP3Mct#js2Mx5J=N0$y>4|4xtmENNh
zyY4*a@`v@!rrc2Zh*P1L=s|RnaGeY&(DB60#lUM;$FRR$ZQc0Y$J%=X1Fm`GC)JSj
zo`>SVU<ik9u0fYt8gH^@rUot&ebD7+rY#9+pD?ILL*c>%>W0Bu!w)!UfNU@mN)klv
z#!-iNFnA2Xm2O=O)a}JQLKEeL;rr(IOfNq&zIMA7fAP2weX$5vB6kPp9Z3qj>glNz
z4FbMMSwZ^_S2wquy>tx<#ea)0<Z)azthPxq0ogZEv4^Jj?`20LO&Z*uGB6x{4^BTZ
zg_-<SUia}KMR%r}wAE!W_>>Tc=@8JWB7Z0Ay;7m$0|E>?Mq3%|=GPFoN4bNl4vIHn
zU!WYE&Ic}m*0pQ4cmPtpa=ZK>=7zbn@97aKVxTJT;vUXniwmmx;U5hj&g$pTLQhMD
za>6nf)NKNvt;v6>F!Pl3c`4J0du)j`FOs=09?gy;qL@a{(XJ#psbBK?Fo(|BvCD7a
z$j#yUwJaR1^aCN`&loEvwd!UT1URWLlA_Xf<;x;39#6BzWlkIB<lUF8D#FtXvQI+h
z0X#Xw<!m1A?TY@a{n>=>qkHu3i*m>8fis(~iu&CbTR)Ha&H6ngK6|^EfC4)P)(DPo
z9L#4+ULD(KwIVz!Jm&qrwuo{p5eOFO{4?Bju&NXtp2^B8e<a{X)k1%J=I2SmMVrB4
zh0>2(u?M>T4)y7n$KpXC4RofXO?GFPb@hEpr25YBdc3S=_exy2L67&xc5PVclGr=f
z&74ROXg%iZVIC-a3jv`p3ZBMZ;tN}|jJRmuv1b_T(Nwqp!KKY$w98Y#_b6#2-_H8;
z7EW#57_>QgqMXmPW_mVOJ>X$S(uz0~GC8z5Cmb`EKR~i&mR~~=`2t>D_3-);t~DX`
z-0DWURG;H~YaRggUJhf!s2A{W;4s&~kxOh}=60qC^~q=z_6F**ud;DE)4iZ~<d<;t
z%?I$SKD?%tL)iG3qC0Bz1>C9X@fqsv;^WYu&6#C$380tB5KysHS8DOaf%%HNe^@t5
ziEGz88SHmOrmI(v6cT!e!N=o^eeQ6~!IfhS@)5rSk8WI2f+vAp4;WP_pFH)}O!QFw
zc#Ud3EdsP?;9Yz>Gad86Zm`KeZIZJ{BKS=la3=_XxV9HjYUyW1KJnn@d$6U(E>fY|
zt@-;<KuOwh3g=S`{6VxuDS>wW3DzRLAO04Otq02cd+6z7Y|CQL-Ga@7F322Fm@xa*
zUc$#`p~$AybZM$d?BsSt@0g>Q^Bn<ke0^MV)k6XVKK#g(tQ@^&_X7R{++Y~6ApkaO
z5gZZB5@rdu3}d_tbp(I+9d*NBK6XkiW`3>lnM|^i#J@<UUfEr^&4ic!R@<c!J3k8K
z_tl&7P%0pb7qMSPeLne}?x2A!zeFwK(DT^79+zeVX7I7WyM3RhaeRjN8QCM9_h}F8
z;@RkpZN44-#wqfJx7zi11@2Nl{C$76@9@6ed~@=U=G%^4Bii{gxw4)L=N6^i2So0=
z+h+f`g5h)4*4pZ3j?P(%gsB!yo7Hx?bnU6MIaj`C-MLZ28!Az`O1sZYgdbJYmaT{7
zWU$)k<Z3vW5HFo<8@>}iWv4Nr<%ZU-Y%`~-A`~z~I6l06SwHVX;^ZlTR)q4Tpg&8e
zKe)K_aRp;fy>B{yMlwYT;pav$?2@21ebiqsPnOWWrwQ?&7}^EAdfOvCd&V4GKQVR7
z$&c*a1-d3*1#?R;C`AV$sNQ$E9e(^}Od1mSO}P6d9z+oDzs;iKu6P+WwerGohTntC
z1cG4#onwN|rv#Y(i>vnt7)`G=t!hSjR5z<md+V`*8k(Kv6yZ9*4EGt-E4MY_uLH&z
zul#vq=2;59+3~#doz!T(cxki>|KmHkawnmMgx5*Ju`{7!%HgYOwy)D}{z#kkx!e!;
z;E=$`w!;T>il{$(1vspLzS9w3yaD`RQ(P7b`{2!aLjw6%NcrD(WB*G(S*-r;!viV=
z#NYFOUIAm4_>Yw^W^oBlZV4V{E;d#!HcoaP5pLH1`wAGu#(R#d2ypM$;d~3I_Zz;8
zgtm*CgSm^lk&_vOh^d3I8L7-)L1|SpBU8_>zs&gG6_sWGhZ3gaTmxIZ9sB^pw~n#=
zWcHWP0TFCjE30<b?tM*NE6YXLs_FiA0t((j)DvU9S~s@lB85fRDY$9I3HEBD<rp$?
zsmzdpW?W9rFEL@M%_;eR$PSbiOE?rxc$?$FXM9$c)BP9qzHv%PSNv1oi)RFzSGTCo
z?!ar~A0Xd3{cq+Rv(rl{q5bSvh}V55Z*v8?h;&ae#caJ4ky5{*2loOqVrqbpGI|%q
zD}+{~@*o=Jru`tLI@GBuIy$CvfYpM%hPYuY)M44)RX_e0$!3}lcUoRaT?5I}FtFc7
z80nNMbbE(&m_>XbX_J&YuXz&@y(1X{%$j-0Hdgv^x&@y@ARrJS6EGkWFuEIH5PRrb
z5suR2&YO2?{Nw7u@TDp3{jegUXB#$pq_3xFT0&wQ{?r%=yELs5^=~=bKyGQ$1PuKT
zj+W{Jc>==k_T_>Uh7A0=lu;}c3K*^-fv4u*?}*nhm_c+<rvfx#hsaQvLCE{EmK(WP
zFi?m+sNX^WWUbN%$#UwVi5U7=%z6p+Lc|4_Q6cNN?HFQ|*oZw0kZ+fHAEm<o5+TS)
zo#0CTN5bnA_IEWR2#iLWqWONw!XuE{zuA$`C4x3>B7xJ1bkbH;%Gm*biB{Og(c7l2
zSNxntPW=^2QfzWKq>Gs>OM@AdtHX-RiLO$lD6K=NDEB!vQ&ajcNz??^I#HRnB7>+s
zHuDP!3u)9;Wr`3<E|Vpb-9k!wLVg)aml~jyC^Jb-k)bTPRiv$fg)E{pLM(-Y^lLte
z%;#LJwV(v?Qv<p})Rlf%#6lyq&cu|YLjpx*RaH0#13+T!YFP;i7AXY`HOs01<<Fj(
zl(lrHFrDs5L67kJO=JXY%ph_oVv@w(4(j38u38?ztC=09uVwK)UJE8O1q|P$Nk}L(
z^bTxHSiiq-2T$C7G#uq+_en%V$QMKEiG<~~H9QrCF)PH!pZWXB3RArrssI3{s0oZZ
z3}&wRS95DOb%37<IFk|*u}~7p0bRZ#M6oS{P91AT>-FX_4=?d)4ojLMM0X-p*&yb#
zHyK`2%s2}}ntA8?3K8a_3pu2O=r>tm<W%Lg-ZHD~!s$XvlvW=+8sT0ZF^<#;YlO9y
zv~>WPdP$h<Hw~A!1oO|Bq5@E|5AUv^7V2+l0J4-~W6JCH`<PT^xdrA=>HyXS0z@OE
zG}^+^#Hdu|A7q%KsMty+v|6Hk#;zP<wWDEy*?1p3C}3i1LJmu1cBa$T2=^M~x+@#V
zNXhnpw!Ph34#--r4=_qKvs^RT8~wt<40?|_d$EI1RVM_k$or-c-G(5&Z{R{wXH3by
z?tIM#bAb2GMw>9Frl^GvNm)G^nf%XFS<9bPp8@SqPjO>VF(%}@RGn%F@IUt)*{-e2
zUQhx;fCVYUZ0H3%ND$Hp0U;3Yhcp5NYDwDRKALMkB2fTk()-Kw5A$2)rN7_T`|i6x
z7Zxvs96znz=?c#@*2f|UM|=txVNnPQnD^uT{x9n}vF$Z`cmyoe58glYE0Y;j_SR_`
zLIr+#?Y_SLw@Ic^VT6i?Ddd?dS055E4!?-WW!px%XT@t~U|iu+Rt;hP`WOb{c#H%+
z{z4Faull|+k8mHb&3Bj3URMicUq;`Y(Y@`qhVt#%86K#Z5aqblUCoD^-yEtbNhon<
zb^<N9j~iwyPA$KylyZsLvuoBFvCYl#`LMWt1)^q~n&^f5)K{x{slSaQx~SdkaaASN
zy10CBVI{NN>`CD7G7q-Z#6Pq?wY5wCxe)>K+W?WDJ#{A?jfjq`i3OXleHaSK!*Mh`
z+bc)l4jc>P%9g<0d(4Y>sbznP3wRGwzJs>dWE-`M<51veFRGA$p|~b&N7R++R+6x_
zN_L~HP6iwnp^_F_Oh{xnDNGz7JUu&wACmJ%5=U3LOT#2MDi-WKMJCnhx=^`P_<uuY
z6FPb8CX|Dr$hkY#oz=UtdDp6up);u%XUh2dPLRL9wGf$Ed;<!du?>hhJ@Qahrc=?d
z(Q_TzE)<<Nc01L^CT}4o>hQHQA^FVDv988>JDSop&nH&L;kkJ}B0MB-N2yN?267(@
zDgjX-f;gjvm&!6!|2xg+XoaapBV`v6(fM}A$Yb56vF0nQdf-PMgISwvOe%0nq!B_^
zah_>ztd8<DHiEi<df{HAVEv`$dz(%;UoX-ZF7%_$a>gnsDNXB{LSO=nzzY+GPrt*@
zn3b>*!IH~?zve~*7dvje;%F8y5PQt*BbzW_{`nX=M!(vIk&=?l1m|(6(Rp<PYl|Q#
zu2G)U$eZ&U{-k1Ol`Ek;sU%G3Q4nQxWO5>LfKPuVznF?pToc#M=ODVOu^a3F3w1&H
zH~!t6_YDYCj$8=>edUx3>Gc}D>Nuk+xseO&c!&bAxC4=XWD|t25Ud-^qDtG%CdA)s
zVs>o^i@qc>VS0T6x3;7SNY$R8pAr#Q*yJQ+hffjS(DNmq%?apV_)!_82V_NNhrfRF
zF6B?s{x!BFz0c6xHK(P8%b!)x<*cw=Th|fyq6~?+hutpwc)xy;1$?siYCNUaW@J0$
zV@v#yIKg&&f1Yq{P-TyI!uG(j)UZBFsJUm3MMH6ot@rq9rz4*GlGAQdE2$-S<H9K{
zs#FMnULAEGhRJ*~5rfB2&`FNPW}SfXVYq;8eO>!c;@w;yHbO*5#5ZyMw?CEBxHgRe
zgG9PMPs<C_m(hVH??KFgjDPm4xLM-%Qv%u_zH6!NueA0UWU#OyPxj#n)V?VY>$Z!Y
z+Qw#!!MhdG<?HgNv67K#ueX#7a-s`V?wop*^ArG;y3VR6u`kKUW`b~~NO;NZEv=GI
zEk{7p4m_V--)j7ilNL$@l88A5U-z%b$mRoZt@x7@M|ZKX&EH4n_YwMEgY<v576i_)
zy1Rt)Zib+BW6FsBv-jCK*LVs-W}?3R9zGf}=1Ob_rfzeda>(Q9Y03<plWAsH`=9zE
z2UaG|w;Nd82&VSN)2oyp<t3*2n|hGa+D##{-HvxHCp?*nsm8k*AB)5LrC-t=B4BIc
zVJUFyIM25BEdv8ar4a2XF>w5ct*;Q=d}WX<-lAe~?subLot&d@YNv*@CsQt(HV9P#
zMxiJK*69;Jo+vTis<z?t%D!7;<$mZ|#z7o5K<+CG>4<yR&>DH5K{KL_sCo?7(DuGi
z|AmP+`1Sq|?!vbaanZV&GjZ{!$(LUz0xaWE5g{5;-<~4ZQFO%(wnaoU5`_mPFSu5O
zNeMUgWW^~$qG0$sg)s<4EktWM<Pz)B3Yw}o>B`qpz!w;pL80A~6s|EhCuGCHZ_@i_
zh{eMQL4BjD6e0NaCN;DWm{6o-5Tr)cA9ai&r1z<Q9?QIIH`=cV$uxn1OqgJheYjGU
zCnuZld)C$=0a6s2EfJ<LQkE{`r@q8x3pEVk4TZ#}@nhrpPb**^KmLHxb->!{<%5BJ
zPkJfFlm%e5L$!=+7q<VBj?F|&^mc@E^dVn}c3|IVe6W=5IK5QGyFAlX;+Zw4BZ)jK
zSTORjGFvH&MV2*zCBab;(K5%|&WVkqU0t*uhnBB%`(S=~5<hL!;FeKnDqFZIyjHrE
zkvK_Q&9&(0#fI4X41hW2D%<vfa{WwjG$48L61fJ;fB4g9bGQ)(%=Zp$k>2oin}ou9
zJA4{xAK8@#a;}2<({7wCaMgP^mCeM*h(8}OcBHXr1^{Gvs`sqfEDgkebqS@M_)`gV
z^c)`%o>{&XJySW9P<;SUc^Zf^jLb{Lb8LfM;86OxEX}B2fM*Ja8i-G-w(D}vjUq5v
zS~3MM&T24(=?yCl$i8=#yMH^jTvS!lNEkk@NTxs4&vb8QSC^t|FBVQdD*P+d>b~p@
zQD7@3s?IOb_kieYyZjNT5qT&@Q?c61CsWC0#(3itEy`=y?Eba(KW$tz_&#d1b$jBP
zNmj*&_5ANcH|OPkp-NCd$U0SrMzXqvn6T*Fg!|(S@6ucHW^_QvX^-{O#RgJVsq}tU
zz_PeYPOhw|!8b?>Tbioot}>lRbJ<5#PpH6<*x?{)ZhV1Y^Wn}9tN=_-0IYeb<D<l;
zvSfcP*ey;FfXOT8XUXK9pu10QzaZ3m4vWc4y8g?;Doj^gOTqh<-}DwI@dM(K<QZQU
z-z^<X6{J9c5E=Q)&#&{VMemATvP8BUq$GVUIhmp|yk}gvU@0cqUsI3Au}vx5&3b+O
z2NLRyzgOI4AZPQBk|4%bIYaL}E?10e5emq!jrWutz9Q+FKHGS_GNxvc&>f``wrxAy
zb3*%yLRiLx)M9W#xKkdJ+d`x*m~@0x-%;Gi=+r_fXO`INty*-1q%XYB7LG4Us1P+c
zm#c~0uuKAe@YnoUCmy5#(Qmq4#X@|shFfl4cCx9jAw!}p@+;08)=BgOcx29)p?jqS
zXi!q;=jLzr4o8M~NjnOBnm*9-he=NMyBdiE-Z<n;u;&QAtIzqXtNLGN7xNA83j_%r
z`XLdXMbuy4|BmeSuel^Fn)wG}PY8&==l^3aDJuRCX$odh5fOGyQ7%ztHgO3aaSm42
z|7k7>e$TP}A9Km4DftKp2p9@0F)?KsF)>nQCkJyYTQdj<?hm0FYYt25*n*J`swKEW
zq}o#9Q9o-n)b!d2K2;CE$t0Ja$l{hB%+peA^KwOgCxBl%Xs%H54&;J+h7?|aMwjL%
zLxnT;UbyXUlu-+(t&oxS-tR{zqdI}r*ywOGrdI3Mzj++yS>xH`+XF6%3m958W#MZ?
zq*d1Bj#H#2m*b}7DMU>*%*a8{R30cYBo2>aGWOuyjU8<eMIj8IB%Z!1-ja8DMK4cA
z0+hP#afp2J?@?4nW^9_}u)E-&?yXwjmahoUr#WGuDxuPSb1*$72dM=V$%GK&CTNdv
zsu4hN{GfSrrWPYZ=#N9m8yfZm?Ev${hUz3Er|}J@_^&N2Z|IEKuGhx~!P-wbrEMmy
z=#i^*x9XjdLUT>mgy(W~hP7=nM*gt(@sCqJP#z>I*WZ(TT~_y`3=ONXSK(G+y(b;Z
zkrke-U0J*dKh{s)P#$Frk#o<vT3|Mm;02s%-Z##h>?eL3QnOk&TJMqdt;jUY`l`7b
zvNGJDn>hkS9&g%JKDr$MA0X6N4f+N<I>pPyR)l*gr)6Vb^Ic@ICQC;J`Gqx;4;Vl6
z*{&nCH-%&vt=+8<e;8MGVDf;<zuMf(;=|%RY)2m6VnY7P)UgZPN6&d75HHg%9O06|
zjH+>SaktdIxH!2YE`#yxcUis?<viAuey}7bKPBr>NNC@%5eq<R3e$GQlP7*_FeK&&
z9+;s>rIc^5*0JkXy|$3r0^~D^al<h)fdy7c9oKyJI}}$BZx0$Ql9L@T4(+rr&CL}^
z$yFVfS5f)$S=g5*LS<~>?9=0D{A*ZNogCdYxzYp+yWR;FDLj^?E7z1@xs8p`@jDPQ
zT*v*`NvDmC%k$T(*p+CzLC!k+f#%-(`PzDhXFF9WzAs);X@$Sf-Fgu{$cY5>A*U%(
zj~v!@CKgo}>x)Yd9|9-Hsd|Kl1V^UYHYO@wi(bFme>41sH?ziP9fHqSM&V2AOZP(K
zOYO__A|K_V(++r{Fi7o8WQ67EI0NTX&U@Dy8ey$O8CcHR<a1D~DgO4}#@k7G20j1a
zC#b`2GbBzf-v*x_Bi@dpybysux*#=JD>QjCT)=!}N2i3#g_|2t{~1#0f~&KXpIoNO
zIW#bTO<wM%pR<z|<-wa5MJ*k97Om7jxXA|9k_Wm6-c!|;LEpS4V=?pcuG`VeQx36h
z=JI~kl(<H6$(|TB@Pk`JE0U>n`@{JgM{A+BqV_YQ&+k@NgITF?oKbe1@f{jY_f~Lk
zbTLI|Fd%MUWc8_2!fge`?o>}a{H>SoNYhg98<y`0#!c6!#jtZlpIx@1X!x6U@aA5z
z^fp|g8gJd&6VZX(=88+pq({J=#yGV&9|_l|w;HZbe1?EG+)1-5AsvXX9<~H@Snr(&
zqNB8qGXw<kyB!$|5+W<-9U%Y;(Mnz0MO#6h*Tlh&(dh4b)H?>D<KNy5g5QJp-D+p%
zVnq55OK9)R>mdO6M-1L~`(JM+0O>!XxY!5)v=x*|#T=Z>NI4i;7+C>=NTj5s{7$Ck
zysF}o|4jbw5&&4bxH$4MF}>@pXLM&{ba1j@V&UQ8VPa-wVr6A`kHO&VY42j>!C>!9
z{vSmCMMvDs*~H1p(Z$Nap7bwWBVz|w7Xbj^Z$|%V{>i7E<9}vk@BGhFy_b*4!^n||
zg^`)*KPkT_<bN+Cub7kBU+f0;cc25oe_xd2XZrUT|ICt~=`SDug|B}U`Y*|U^Z)<x
z>tbd8ziZ~dG5j~=|K#|uFRzl5mDzhu{jCo{7JjDx!|(se<bSaK-ZX+p@5TF9GYcZc
zsiGZ1KnO$pQ<lyEHUQ@*L4F5$NypLt>1i4otQ7`^IOJzYXccu7l<oL{B6hb4GRhUQ
zm9H-DeOvc$epmLl=65HZ-e;#oMVCFRV`GZo6^E{e-AY8S`}0B%D5bn^{{uvrw{*Yb
z<af1Ji06p>B9GJ_=lR}HN(rw*cfa$W*Qur7VBmA|gc0ofzqUUpjm3|}Bh_eDFK+J)
zr*qM1R?Qdoh9bXB{4g6{K>fr%9}Iu7p8w4JdSoKxeQR69)b;%1bh*tLo|xC=n`syd
zet!TYbeQYGl-UGzzE9Hje7#9qa8QubCXZP#1O?XAL4sl^InPvNVmiV>xnqAkx3qe3
zu!-?(g~m7Qpu4xnqgr<bo=I@Q^+5hsG*c%{Sf@UR%^$Z?h3r2++2eC~oLBq6ftJxi
ztF@f@DR18Sb8$p`Q-PMTYG+A%hqE^AtfoWzztb49k<ZF;5pphSZk*zo1;~^=Ho2TQ
zZRhLY{r6iD)%5Wg^;7neDCIt(hoD>R{7w~M?oJR!eFrtHzf#c$d9YZG=LvL8ez@B?
z6)=EDBL)=7mF$79_QpGip-T)u(eR&pAM*G;dwk_bsP~+PyAUnE9k_UfCy8b$mW-;_
zYl-@uO7~W4(BTFx8T(0tT<3>rxXvpgzortY>7Oc{+z!{H+u2Mui|y_#c3;hR0NHYY
z))?WX*H#(B=JkOZE7*MW)AV|!W;NqEP(nI~8=%<#0TVOGMc?y8aWL`D?9-h#Cj~`K
z1Rhfy1f8k%_-T>o!zF8n=BV`{=R!q5z?w7(A)$VPfWu<zBzr(lFc7a=uL<L<^C|D%
z{?PPd#eL1}T^jP@)zJUNRk~C*RZx7xQ7x1j&wm)J)oDj|{~h-C$Hz136zFbx2B7~H
z!{qZqS=mJuu;GtOwV~;FqMGTuIyMSv3`71Kbtu9MiRb%^uerh$9*3Vj6*CeZq^ad;
zFv&)}BQq3Jl>I(>c?*`YJ!&)lHujTqsLL1{)a0_)XF?-p#rmom`CW}F($GJjQ8t~C
zPFh0vCVZXDK{7Q(C2m(HaNY;1r(nJ|jaK8ZK=l3<dJO{^m;PGV1I>70O31{Se$sBq
z!KdkHXibuviBbhMv0@4G`@r+V70kVuCxNZv#^%rHd`JiFpEb|PAZ>pr8B$Yi!xsA$
zqlDkmL5-Fd`J2;5BvI<$`K=~5Ddm2S;7`Yh*fowE4#Z03pJ%hx6BKnxJJ2d|n)eS)
zx}E$E=P|!dhe8HIeunUT`6BJ{3d6($gCl=3&v{P4Mydo6Ql?!j89R1+G*^3n^S=Pf
zKsCSX*G0Sb&r5<-t7diE_BnfZXy49s4=j=CI<_x1ZTU+q`E$8EEPchbTu1BD-!I1l
zS^M_xDfaK%D~RBBz{PHn!UaW>#*O5{s7aG1ZviU5|Ni^+QU0!7ohNw#c>+QE_wVme
zzkdDkr0xXHyiV_l_etT2@M;0eJUcjY_>j1C@j{FivIPp{7um996{Si@xrout|Gpf9
z8R#Q%^5h94PfJh-a8tXEUeZr7Py+NK#gi0my*KnD7x;H6x}=E9+p%HeW<vzVHX!;u
zhVrTW?B8z@>wmQUpqVpgex4*r5<`^y#s5ZmeLw2m@jbCD->rJr!-o%V6I&w7rq48U
zZQQ)YG&Wvm%9PpYUyTD}%o2$A=`Ru`Qv;ylLdkR01B>cxMSMKSJLk@w%N2+p@}vzz
zmLClMeWH3#JX5C<)w{9YCs9*v3>h*c81JeguJ5V5K%d7?G>>udl4VB!?28{A#+WY<
z?>UH#_yK9KAU#c4Jb@CL4?p@yIPr&e?Na`$SRLL6pD#9S*iboT%9PGBGP{PJ<k>xe
zkP#zB{MNT`-$v>t*HmONeT9n`FNwi#zazdHGs>v)%P+sgf9|>G9`x$fi{=GI!^6WX
zLDpUdxKj-09LV!vdyUEtiLkIRF=x&k(_J9Cs9B?`k=MOPFO0*@Hdm=qMZolh!h5r<
z+$ilw!p|=!v)wdDs^AaRw^Do{z6%t;uAgJ^cb59MmyZKBWGP;~K_Pu*Y4F_TOu!j|
zGq~Oc)AQ!diyy_iA@QUJJ}wTHO@M>uD9Lc7#E}+9W*nT=i{q$`qxZgj`*!l(tNzNC
zEpM8Uu&6ffvCM@F7iywjjNhZb4dk>#dJc#W3j^}`utWSn{ir}Zn15Isae?rw74q;*
zLgdf;(0O>h9j1ZwNn`1G1VOs=iN5x*^7l1sJ#8R9B!5i;F%Ex`J|7mK#vs(g0h{B3
z+}E#%%ok!se724J{DJsk|DiVGW6{bf-*_+nB0S#(?WlA<UT+Wg)5qfTtf&)G^70&y
zItC1U!}wiLa<&e{IQ-?s;)RBW;(56Fc~A#ICC7#h>-^&DWdm%ZR0%P2)@&)qXC8Sx
z$dswQP0s5l5akm{v3m9DeXw&f<bFV0uVP837OAA7I1_BD)U8mSuYsYE)baw6q_VRK
z^#@LnBxzFP7S<B}ir9_1dcv<ps#dKUa_!nRS)XPI-CphyEo9dRK*S$8YP5K+*)uX5
zh#wD#zjgNP*+r3YRWJJ_Z9D-YOIaZNvU>IE#ZgE@MD-?zH)?xH(3B)a^5o)&@2ARA
zU_C_p_U+r2C{bb_7RX*|I^H5-<w2*EcsLT`pc**Oq)C%n|L=eQ%c}GU5L1fc#rWFo
z0gL9q_-ptxU0^6Ba2V4K)8qx!R1}jl7g2iKFnPU)_WEJ5(*Y*1T=@9Qiv26guUoe+
zY52qN{cy5y>AY|a_&1P6iOD-)U9y~HSM_(nbo%t^J@Tw&VtQ?dOZr*^(xXSu)8j`K
zvHM|s;L+jftuKhu2EBdAn_UwpPITdX{Rz^`k3J5ZJr2eO!t;aC5lnv%OlQpKDb=x-
ziODs2cPl>dx_yU^22KDE$_D}u{Gx_MiWJG~?T2w86jS8K6m9%S_C*R4p_rif%dheN
z+sfmmf6Qm1Q+P_vNS%ow(K!^d+leamcdd&S_57HmDVZU%Q#5He_KO!Un{Z*<wr!aM
z@lO3xPQCEL3mGR&m~ad~)GJVFMSkBOrHE>f$`Sb8df0zJTs0QFeh*ddKX}dz#bB6H
z465Ic*-`ZA<^N-$VVUxMP;GfTgW!qn+qcUi9XoY-B=+=lOnUpRH)NkwVjetrkhVAc
z5Ml&=NpE19>R!cq>5?8e)Y3)=;n^&u2wd1&;qABI?uNV?*8Km-bud2qxmJYdvyKkJ
z^O<qMI^v7rf;RP_@?IY!5f08nUdsgfCao+L!n17{DZY<Wj1it~`SnYnioS)Z)z$+F
ze7zKR&6xgsj3qj>$G3>gq#Ghu`wKB<vRMB$=nvPvg8GjpqSC!DCO`s1oBC6yPD<o=
zY70UIr(3a-KVi~T@qCANM%!R-MaPaEM;I9~O!$TL=qvpB=b!)9uFpT0EE3(iy(Gp@
zoa*6GWmi6`JW?Sm1;XlGKuos-b)Dr}Q8oO}yWbXU-G|DTRSo~;9<LbwtST=$XPOgt
zM_ZqL@{w(IiY%cAu)P=P%tMEdhz`$p0+-OiFfGQKPApoqi0?dL;%k4Ap3}@{9Ecqd
z@w;^HAadu*DV=}m0F1?ofcdChaj$u#LIYoa(^Q7?Xvn35f%sHl(Ta-lY7<<#bcxyw
zk9<?1$Lr!Lm|v8#84};kTR`~9R>Lf=ndp=3FOVSdU1ZFd$#_4tYt=9rms#8F)2Gk0
z)TvXCvF69db&BLEMEdj@OidHl(EmPDW=t=lu^JAVF=NI>^h^FK%7apY=$N*u)jY+a
zcKu+=WoU{OD3=ol7vwzh!5Ys6JCt2W=Z(m7l=wg#S{miA<2Z%(#z7QV33cM&aI6!+
zd%=75?0FXa@;#UlP<l}yqU~Uu3xkK>L&=rhZ;!5oj7EV@&(p3SK1+<H7>?w+seoNs
zfAeTuMq7G#-mwqUK{I2$J-nOCC?ka~ILG+iM7M$2l%eYbv!<!wpxoCV>r3m8=k<))
zb6siDq;c$v_Bxn-Ttpmx2x=UBVW6O!(FQH^65+7>t-&a>UKhvV<=%k<byJil@`2wy
zl@RAZeh6%@37+2>C3<B4)JNb511sUE2uheRp$m&w6M~>EzpqJz*p7Nuc4v+WM1^e^
z!4ZV#a>lM)Ao3`>v>KXObq2e4@6L^J*u6u)^Zc%W7t@}|MMSe2pYcJG3dKZjZ1)oV
zp-%csAX0IRL?}|uy?gieM*F33q{a~s2dPJ9{bON$)&tc)h<iQw@=4`p&X_q3*QIep
zWoD~CQ?}3YIi^pa-X3FE$>-)o!S%5_rK3ybF$Ry1gED%yXH^RF_mimcx!@xt0T6lf
z=B52jR~)oYSc@YJ2WR|SIAZKvLQg5Hyk57k#Cx2}aRlP<yAiN99q=O^sRSuJA7V@?
zy#A7`CJNsAkLq5E6e(PY&FF&vC{1SNN0BH|B9Grg#I(+4%p=m`;|as~M&n>4w^p1P
zFw-=^(F#XTd@vs%f9Y3WeRZ#FSx=RIRAY3y9|$UsaY^JS!qe5$stmOD4STD>sN*-D
zpbkHH9-J}b;@}LI21h|0ZD3xqn$J?rcI=nz4(=I;?mfkFxR(S+bjD(;!$F}xzaV|m
zq)AUGBPVY)x!}s1FQ3ShH=oF#Kc7gBs8}>8;v&^wC{w1KjJ4x$y?;}AP~~WegXyhy
z_3BlzbJuQ2MNWz>n>Psx9ejb$KmWWpA}M$(PJF2xb(tIxN^C?hFuI{ipwcX7j_m4E
zlq*+3tY6QGMF<!n)&j*}CNE<0CpuparoFl7(}OxX<#91f69rOiQW*5<_rYn{sr~;#
zeoUx5*-a>+{945FnUcC*zI-_}IymA-oecUS*=kS!a`#t^_l}w29Y5MNQFpzbU#7))
z5E2l+x!wHv^Uo`jP?fKrN#(0nuOZ5oEn^!&OE2q7ntr&?JlkB%pJ(=~^rf!9Wx~TF
zXTR`pPixlTU|Pw#AvpNaNJrlq{Fds{?=#J}c@RiR=gggtSfm?e_(gAxjT||0Z1UvE
z!@QLVz&)=aJu+mB)D|QDPM!et7rofwS+i!nJay{SDzLL&VTbt9b!3R@2YveKCt}ym
zo#NcNvr!fOSKX(+!WthYx<8QS2g-B-ibg>>y&YgZvld#=UUv8V%p+A$2dPDT9Mq*`
z#Ze#q4A9LhLPMGD2mx^}iWa5kkjj@YzXnkZs?@AmbA>)=-lHcydH#3ac{?ClL$*mE
zuh+XzKk@O0G{g9BK=BeK#T&2n5BQIzqRLLe1(rsD!ruhK*G8wtG>0e)E;|Aj-GMP`
z+Tz8FWxP|>1{G&IKd<uD87#^Xm5#|d+DOk%5w>Fu0=m95c<|t_;Q=ENT@6M?E=Jft
z@S>t*snROjIMV|wU%vc)8>V%CxvSW<Yo}PbV!6>46L;_46*q6*5J{3G6LI6l=x3SQ
zeH0hBZrv2OZry_BF^#D^hQogMy?0G{zFd%n89w|AkpY@lE1ZU%&5Y^OJgit*4!pJa
z`RAWSo;-Q_;PQ@Mck<-P(*8-$3uKy_`|;z(c{F+Y)F~qmlDBQfMGO+rk>1GeAe!re
zFO?y<6WM*W-o`{@vY5;QSFT(YJ$m*MN5jk?{-Hw$Oq3%z)Y|#;7kK0rg5G{R??LG!
z!Z7xG_wLG~@#4i7#fz8l2w~l;cVE%sxo4tk&hfsY=23;|Qw>0&Cul+(0n4!!Pc5Y7
z0taTzF6)f03dZD27r{1d+l$v<8weum$-U^(8;F7nR;*Yt#wH2TMtaDmhhPAHudX1$
z@teBaJ=C4M_lP&&cvDhH{r=rMcLW@WC8EbieDuc^!XG@4vlGY1*zUn0k&9#IJ&Q#<
zXSJ9D{S#WWY~{0vQuPO$pN&wal~>m~(g$i&25!8d2X|6^sWYuDX?#W?+Xe1`VI}X&
zj2QfhHXl%-LWTEW<5C_n+?u}juOmFI`*iSEeqRUyK!*(*CWZ`oSKPTxrJx%a`2XI$
zd)V=UKFId)00?&la_fZLL;!~!MAe43`)vQljT;h?lO#@T*SyRlvfGWbT!o6!LU<*Q
zR~?3iW|M2GUw;0{FT|%78iEQ2*tLa6u_?o)OIO4<Uw>uvk45)TT*MgR*<iGh9(BXv
z9nS|d3y5Ebjd=sIG}*Fd7VvrWDk_6aU#wWU(x(M*{(O1FYnT>4{nTt%&iQx+c>d7P
zQ0#nRM!K}=(ustL5{X;4Z^KM^r7=^G72=K>G~s2sOqsH>oYQaOb~23KyLIbd0yZ&{
zA3t{Ns8Kv?)@-6o*>aL)!LEJc9@ZQ>96x@HYa)>k?3WI#!${D+!hqM_bTkWQ8x$Qk
zYSI)Di@W<o?Sb(3AfU*L^~7ag#}MdpMEDjhTN+9!Qu%k@dFS&$^%HIOMjJpdDE>$U
z`FzQnmX;5nVMC$<C{hfWa#Us2eR|pa_~Vc2Ql2kgz9iPKTPy9dQ>98Ja_7z?a^%cy
zqU`tY-v@tvPTavFk`NL%u0+HnNhneC4cG?zx`Bncf;9NBtZf`U8Yb5u2M+9qMmiP3
zmlqW|a^+T4<T+jXjN*g$-!|p>a=}GlR2o)ao<CTaQ`k<k1h&$=VC`3DZ(`G3kg@4s
zf9-X#WHJ4P+yL9D7LX=QQ`a#)2LkCih9E35T47*QV<Og4><{_SzqWcV)V;AlD_5=-
zzfYU)_w%6C<idsXpw@|Kx9xX*y~5r-yG80WX`|InI@pc(ex<vdHS{)B+RC~xUp<fL
z^6jc^o}p!*frV=uBxyY60YLgYSjbAwAU2Tx_vtf%=u3=%t!e;};}3;RKSfw_L9Oy*
zat;*I%P~NT!%e(aVNWA_FB2~#B_+z3DU)g27rWvtSE_Vrh(XJUri~kz?0B|r+b(9$
znJ4btF~7GfmoJKSYgeQF%;F~W2UoATop82n*(_j3Bx*lh7dApBZ#=uMqs&wNuw59Z
zNoNgKV!xL!T@s1G-<K?1&ZC_|g$jr!jp~~ao=E=7ufK@{`}alpOkjnIzA}1c8$CLW
z$N)PN4*tCn^e!Z=j)(=MKL@0jMpJ=W$X>_n$eC~BhV_Q0ls-<_{R{@{%m@&U<I>Cf
znhq$^M|2t&tNsr#*nTmg`o8=CJO2MRq&L4|qqozi&05>5SFeff+qQ^{py~v&ADJ>|
z7F?9Yj~`em4>iVNM-Gcq5xZ$nB$)%w)%o(9KdgB1;)*&?*A`rx=s@>9Jyf=SFOX^4
zP=UI)Lz~WV^&&b1(r*OP7Y}6rPHj<N0Cu%~zI^%2JgZX$Kl5V)>D3Ujg6c!3F}bog
zUSAdV=gdWMwdyrJD7|Wf%9%wL>5#e?)tMsCqhVnp8y3M)i9A^jwkaYRj_5$PELlX2
zn$^TpHj*Yq>6c@dKVQ~D{`3!|x{a9g4RYtsy%P0&qM|_h5kPw1SJ?gxD55N9LPWg~
zwCzIHPtj<?rz)|D^c+ACLh|LsB6rSjzx@_!b#C@$gj|5;FHle{U-qXok0sks7Urh8
z^W>GrY}Kn)F|jyAc(OV7@4FnEpEYxaX+g_^)cj$rh^=x!#_Z9QG>+}ux^-Jjojeio
zV75W2QxqD|j2`XgFHlHi&g`ifRgI=eoyx;pm<Z2(Txk@xZ|`0M>8n(!CgNbRy$J#V
z6;o8T<I9=Kr&nKn_4~$+8+Su_lg2fw`Y=PtfSG$W${EHnOP4N%c6^sd)rJili+p%z
zxpL(ag$fn~tCv<j7b#A@e-F=V7tEY@$=^41$|R5au<1H5Wy%y<$ldn18Gww~MtU_w
zE`XMU?J0|m)>K}U=ZY08i`sSS!mJ>!fWx;K_sv%l@vRjV<=12FoIZ0-N>wQSqIrT2
zH*Ve(KmYWT*oGZd_V3>-r77jhR}_VSxTQ*!6p0fh(u<43VMj#{$h=wa#?4zIeOj}*
z!0tVJ#o9Hi#fjs`#agT#2z>En%U6ITs-&qc?y8+Ec`}hIWeSllU0SItU;%!tW4{?E
zoG5$Uy7fhM@a_*DxTIKh<Ots-c(6eikbrQ3T^C&~HVr6x7fGSKI>TVQs(OkPDW%Ct
z&04ka+frhE;@jrQd_SYV`dW<rYP5;3$82;0CNAU$Z>l~5b$(Px&+(>#x6*02o%uC(
zisPQHQ%~B{T)1#aj2SgTT)AQ|LgpfO;Onn@m@?mivg+*VGveZ<%Rm~#hRQUKQ;^Re
z2I9esO6HS-9fO#W3&}SI4HkKF=aTtv4H_hFLgG`PKmn08Tc}8zHm%IRi4USu#R{f2
z^$W_H)22z|p=zh(#k$>%UXST!&0Bz-t1euw2ja+)BVzKzakd}7wVt|W2oEe)E8%*b
z%8S7{1T)1JICK~b6fUHnZPr|}dePl6oXFn?QIU1ZkBzratXQ!kAI9p}tQ6I6dz47e
z{gCe3g?py`MW+|KiJd#Pip7f-LYrw`SCI-gg<784&Fj!~{`SjH#*}aO1D#Bpr6v}3
zJJ&7kt2Vy+>Kid>;&{V!xl`vZqEn|%B1;xCd%|)H7tEK6Db}suprPoFxbOuF^8J`0
zZrpf4^b~UYc=H|Kwy^BgyPqghv=|WnK0KZ_i*Lq`u{I-$;(opQ4e?AinB?24AS5&l
ziARZ=hx}cY@%0Rzdo;E~C3_@+Gf>0EO{6IWwcF7}det7c)KsR=%)?@PB^KMXfA(qZ
zq1y3wew0X`9{!g6a!unQB_Hv>5rSp~l$np8I9W`ZFkVpXr$ez~#YN{XU8NP}eei`7
z#(g8!LHVQuk-bLEn$Y}a^{U_^^4|sZhii>qJ>Y4wGL+Cb0a=<buugR2`{BE(9v^bQ
zR|iT9)%!sBjT<(I(O-@*HAO4T#!a3Pef#z?;<|tG*$DC4fWD@3yns*YFj!9x^0?tg
z#(@I|%9boya<vjn)T&)a)UDS*YO-lk5eTH`aP%0Kyk5C-<uh<8oXvC~;87uc9QZ;m
z#lQ^%CJvsgMEee%pmJ^@s#mRS{GRPQcZ=bl4~GftZ>DKH2gHlrUhXMEvt<)R1a7js
zZQE8^kE{*V?S%5>%EAP}ZFeFwEPsgfG)l9BKbI~yvdOFO-?vYs&yYd9`T78H@$zNS
zrgd9UwOVyi4jy3ymg(8uAbdt$CK&804$Kvtfc8g3cp?!^ewCOqIm{p!0JmJZa+1P-
zH+8CqtiBq?&<@Y8b*tvax*+W6QS1i3NKBbL!Gj=>uLn!Q#fUv`=rqX4{1EW*C&9-{
z4PKr+`9z0~oq+J<-Q#;u`qN++5oK7MJaJsyhHX@EP_Q%t3_?synwoR-<Yvz}ukYw3
z#}JVO@b~w?-&0NQES-=gef#q$kUj{pW#%9faUETHLwglY$y@+&p-P^&a^)(bMvW@+
zB~sr0%Wu=gWKjL3OP3hGh6qumN>#B3+D|GryaDC-HEY%O5N~ouak*UL9!v<VK(pn(
zefx<yvuDa%z5Be1sBUi<#kOtRDFzOBRnA0|Bn=w;j%d~LIpe-c#0iNb*C8}0<L@I7
z$rmhK<g;TospvHr#;sYiN;NC(g1Wx=lIYyIv&fg%z0TOSeWzHpdJS0^NUiRR`<TW4
z!c1uubwb(mA=D@S+c}_jv|T<z#3{$p^~IN^Sl5d5d-v`aOBVfMEa;7a+a$==^5eF1
zW;t~Dh{^s6Q8?;C2oi`zxQKP62cj1Qh2LgXR5fVONTf-dP9lUv3?N55AV=J|uq`i9
z6qLWJT=a1dqzMxyiLqagk<u9b**yi*;XC*^q5?+deSKhmlW3E5NbxU$dK1wfJTS95
zj2gfXks4b&Ko}4>!FclUNs}hVhn(D&hyQKb4DrdwAA2C9UHf)<PeXIu^OauEAlDQR
zF;nf`yH6tfc`Wen-@PNPOC{0+@#$3a$NafgXOVEo=M!*GSiAPU<-t*C{?MUAYqJbl
z%?6F00Xq}lMCs?up5-wkd23VMBa8d-u#Y`lBK3V_F;i{EOjTCZiOD(EksiEc-TwXi
zV^*AFjI%I|t++TNze{Z;DWO7qBK=cOkvhhcym|R@rA6BG>BJv@EE26-Hunk1RY#O6
zd<-O0PSGmgdM2VAJ$4)ja>jbg=j#NRxpKjsF*(GM-hk4YF<*aU3PbI!yt+rR?9lh$
zlZ)crd-h3P#Ely_r6UT>oQdQ-yD2@>_aWxJD5g*QO*J7+Bk(SALRNp&$n-4{7s{#I
zP)^Cx&$VcUur38mNdL$DdB*I>LL?Yi!wI;PiX1s|7`;&RykyA|4_84_{pDEi>F$Cw
zJ}X_)?a<ElpqogHhN7l&MsM~BXNJ?hyx+MHQHC{Z*37g!bT;thV0QsQMj%o0zsw3k
zbOELr5B=QvvtsTa3q>lhKxfaLF(G{G*0nLcClqB%y2Q9CFg^Hn3D~2mV)N#WhPiN(
zB=N-uAADdMGnHDIGG!7KE0i}r27YvOn9hKYYv-;#;`oUZraIm(5++CpiVq9U?4hP&
zMDC@_SAY%Ux?r!#l@eCjqGZWp80%K~(U*rjf9uvQlK=nW)5_uwtdLKieJDnaUL(D%
z*f0@#|AB+z)S0t_T4S<j!P>J53JL+=9PtdnKl2$9QOJTRwvuTeJQWB2B7GW#@Ei*R
z!0NDR<3<z0N9YBHLND+u%ALdksey#2@Hc(OjvcwSdjqpasB$ws36qWf{RfynQaZyU
z=A|?-=DG*#!fb)?oQid%$Bzr=m#u&-2|*$`UlK5#>4<~~iFlDR59LCD{FICL>e*e^
z<DVu?tBbLt-S2JJ_E3rNw9}sg?Wj&27B5-~#gwydgZ{hY$9-$CJzQ9qEmI0w#QfsW
zk)x2)A2&WAqjMzqkz~k_PGroGUS!RhMZYD}bkk$>W^ceX4dJb~he)1QjeGTaEYLqX
zAn)bNQ(m-eGfSp_`T0j_vtO=!IroB4BN!}zCulrVd5sLp^%(_NA$<hmR>6J0%yi);
zXJC0+vZP=|bx;dV<^kbPfek5)q}!@bFX#>dcnMj%aZG^dvnZlaF9#w^<p|s1bI>C{
z<bhsC1$)A}qR>AD>65Qr8!1{O4?bs(`$f{kfQwD?%_&o*mIh!7*%cMzGdqk$jSeM>
zk<TUp5n|yox98KJOBTxqHevikna@8&c(!d-*;CTvZF?Xhe-T(d@?aaJ+NVyR76>FO
zO^`D{t?mt|8LnETqIAwy5*byVzn4C%Tuc+FiL6(zj!@&CHR~@RJ!f$t>ebyV&+5-%
zIIX}M6387av)qKkoxXYNhB$xjoHVF&``{jyW)-TgIzua78OkMf>C+kJ8R=BPbm=JW
zkAxF&hEd8w&Llv1^8I!QA6dzr;v#A*Jn$H`Y^`E{=g(hYLVC{33N~-voR?usVhXWN
z=^@)KXkEmrK~ws|LkEh&$o?cxkwS!qW*1pNNy+j=1)Lrg|EHHF!oT!V1M&6ObB%0n
z$UA%140-UO($bN^r0jqn01rEgZY|G`W9s)mN}CcT%huTodQ(-doL7AR{VAiWb=+<z
z?mWhQJt5s9F)OkREjSTTS)4n2M(p0b%Ou*>>sZsj{`zZSe~}(-xThs+W4OL>;k=Ps
zs#Gba4;mT1CAN|8S4d9{xDy}*i08EGRM<;?tRp>sOgk_Ad)%Te3=bVh9i1R=Zl^o$
z{L-b0fmb*GOskg>cj0i-;(BjA@-B_Unlx@?m6k*nK#J~!C5jgZ(wnkP7j4@<jq5O(
zcm1lH;;RBjj)aN!ZCk0!Xq^$kf>Q$zdqstPt5{|D3~c*>&!xdF(o$7{A{OdeKLhFA
zys@4cjkFmXqR~JURe~X3tr|s{C~v!|Uu3c6E6<C*z1-LJ>+OM7vbvZxb7^D&E%j>O
zY~q^<k<>`LWlE9_fuu>$iTW^*>yHHsCB;^SPC<lu0*V&;uoAdPq>`n5+t!l0`|8)4
zJxe$i(8a{YO>RkuYG0k(w~DKhV%~zRNN+K&@7|5M(INT!Wy_WYSF2XdXQT(RT`&e=
zN$9b9Hf`F(yCnCK{H&$C&1E-z%~ztNoGomM$u*1FKE<|F)S0o3^hvB{2i74aPMk!t
zGt^vW$&yt@5TGe>R;07%%r3HJ$t<XDp9fy=#V(y>^*@)a5%d3OZ1B8eMqGtm&eNcv
z3ytPEJG}dL8IdCCefW>AG4j17I0KN4QT(=D*_kt@8QBbIHRz3jUdtPWBNCH;ye_7E
zn@qem#QdT1L*NHmq2eB+%C{4a8fi)~5Lz6PojWi(J1Py&F2EF;=EtOt*AOx6G7Rx9
zU%n!a9z9~zvr8;rzMM#Jcgr>p;l>SqY{!mmqE5Z~M!C#*Pua3%mwobsg4T8k_<HhZ
zCyYY&i6CTmfkfsL#85IyFf51;mS9hZ^?T7x$12ie(Ii*p`ryd3XV0D;=CvtAA?z2M
z8jHj9kO*W!q=dAvE!TNxYGu!#zX;y-G<ZidvFSHpi^!HKzbH`ns7RXZhWP5s8{)10
zRmIU0ZkC`z#RFpZj+>%cn@A+m$KjN=B0N7HMcs*9R@TT`-l<)cKXb-Xuv-npcM}hY
zUE7})SFgJ%JI5<T<X8v3nOkhw5V;OX1Y^5>;CEA`NQDSwIU#Z_tD2ON9ZsA$DUKgM
zDL;UH`}fO5?S7PJ6ov&bj?)2rJ);ZgSzgoW(xv0BDTdhfDn78Z=^{g?RIgDJhI-><
z8(?SS0rA6N%KSfwEWbqNNgVehIw0$l1V=R-pH7-IDF-*tQ!EX``dQ=P@HZ$ZQ>F~1
zJ~4(^RZaovGh!>qV@hPk(b9;jU%x&gQ^pJ)gFglZ(GeJ6k%Ez8@nI-6K9yJ$Y3Y=f
z3XT5#N{JTF9urA`_&SWASU`L>e3QvWoA=4PCx_hso3BUPN;mX2>^3H*DZ!g>yy25p
zmDZOu%KH4%VIJdX*Y0UCsQ(?2DXUo_wsv)HF=qTN{LV;rjnNYZ4IUz;N0is!r63=W
zBxw?SKopy1hVCJwVS}UphV>gZ!A_{Oo+Y4_O$e>*JyT{B7nm7NV1`J~ViffjDqPGj
z<rJh&+z2BM9d)o<pny}6AxdSNe3vt3%`!=DXl|S;RSMpgfV$ZcHs!dwj_x^DksgCe
z46WQ1oyF<-N+0p%$S)*9Z{M*SeDX<XLyt+MPzbJqAW<tDKYm<z3*ijeFz<giWwHn5
z;*Y27Ucsh~2Rx9B_b40h)9*Dg;MLyZ*ojl(i{Zl!3Z?3*Gxj{PwF%*UN@=`B4XaeC
ziZsS*)9N`yb=V;~KHnZM__VFgphnFKSRcff-JU*m1=Rg7H3WGk`#1E%kEPxI-Mjas
z29{b^BELHB-i5u*{k!t_QSrtPAum?=RJd*5xknT&T)@;Ocyvl*{6hNS!-sc+Vrw)T
zqD1P2uH8*Y&vzDGGX%13qsELjAw2uh&5R?=qxqoxStPR=4~T7~4}zcU$x)+58G>zo
z(X_Royq;zVZp3z*B2ei=#Rp9hi0q{9(o_LR9|u8M4<0xm#(g^$Q+x^;tNy1Szqdth
z{a3bZ)mC28<aqU}Rnh{HP8n}wde4_9x0p3&uIPx3dUYih<@g&mtkawENR#5*g}J5;
z{-8l`!eJyeUgTJ52}+&AXTwKIx5C4R4vI67`74EsN5c^roa*^JeueJ<)6L+daTlfq
z_h44-!r?}AH{#O-!EJuvHbYP!15L2`oOM$KHV>pvij!MW5Ye9xr&Q2+oK>s{<4+bS
zSjc31L(^g!oc;3C_Z|{ByY`6-)R**l`6UnM8kR3tE^-$Ve01aCi_y)l9e?v;m8ZvG
z9>V^b%-)-7V3bSmfn1r6*WuxD<Zcl({0a#Pk><XP@faQwF4GU-8s~Ba<DN_G{A;^3
zy`_2axCs+QnNlT0&fK}h)-7A)j@RU^m12v&nEUr1K=grp@Wh!YsV%3~=FOW+2bJG{
z`vuz8qoDfz1^H7Q;W<veh^T;aecJX|d3+)n*CIV%=`A(Hv?3*ILYtgg`0&cU@tWAQ
zd5fr9r?y09hW{e~5#>2^<}A|Jwsq@PB5USM2pf__Oq}qoIF8wnro4Pk)U?txn$OMU
zaz88i+>pn79uFUe%bCE6@br@fq``4icIf+`i%<;B1_5itDs!P=%#kyXM0&l6;>C)H
z3gycRWm-%V41V<U=FSn-Yt)j;!aUH8l!f`XGAh*Tt2Axu6=C3d0#>EN)V-LVV;kv1
zIwH>b8{mO;zJAxP9WurZB{tmYBRrf4ug-j#oUYyW*TKOq__FSXxxiRyR@?uzH$=tq
z<q-OBl}L@ftLoOR2b+};i3~v@_&}h%Aq+#D%d?Os(1<Ku+SF2`%8%%|=UPexqS<Ya
zmtPbG3sGZk28JK>1sH3_3iIa9meCZHIq(3Cms(6x-ITDt<bGRQ{&I^et5mH9lLt5J
zA(0i0g#)4QyIh#n4vI7gKJ^AZ5-NbGOyl@lwP^<=3Xy3dJ)f11@XT|65aCc@aSdsP
zXP$Y68AEY&z~TPVnBxOr`<rgy#T)Tmau2J;3+IXEEn3^wq~TaW*v!)qFA@A@zy0=G
zoRLnH(5sID8>1=0+i$&LwA;IP?=_I%9WgRunBZzUHXsgE;gzvE-v{=lG&QU`kSg!n
zyU%zzMEC~}+>}ecw1}5^4-pOMK1hV8*s@>$fub$=<Zat`h!ZDIgOa&<+q(#PO@5aP
zyxW-SnI;QFC+$O!xo69kRnWd&vIMSsqGP8QM2Qk5rTTpJsulXsWSWt~d;xACX9XgI
zLU`<#1YSIyba>%dVUG^W$18|tut8SK1vkDs7_&UMK)rnjV<fABG_KdKT_-ity?gf&
z6)RSj?unyEjsSaf3KZUja(r&)!%gWQV9j*R!={}SliG2(ZMKG}Z~_KF-ri?`6zAO6
zUw_?ORiNkE;)Q>x%YdAT@J%%{2{@1l*yuDv<9>ah-UbtBqz|4mYff7%UT?r*dTFOl
zokB4kVwzg-F^0W+cVR1?9U8@oe0i>j7rAQrQXu^TS@+py&x!W!T8mp?9r$1*VgR}C
zVF5=Zr~H~ofA=<!2<c?W+*-cbv**bAdEs#3=5<|ieb5XPpC6JP9L9$dQ=kD{0Z?)B
z;1nBjZ9<zJx(IGV&{u*SGd@^(#<=B&OXTMVjN>xw{8z79E5&#nJHH@kl70NdaY+Qu
zAt>wve85(u=QTe(Jr<<;E#$}fKIo?mABXmcS$Pd2!#=nlsS#6!9nNs%7{d^N>h>Rh
z%tMrlucc3d%8Txq3s;(wkOe02BZUUJGm=qj7iA6K{sa=~<0D?ll15D$O@_3_C$@<@
zicq;iO6PugE_tTu?1K4o4UZ|>lDBKu9&7^b>KDs}+<j0^h4>0d_yKUE10p{cfrLW`
z_DeBn?p!&M7e^u?7k#v+;fG`gM4FgDK7<G?1O#R59WFXKR>prJtVamDLs-m~ELmEP
zlfRwg=eY0iz_t71#2Iz>?%O9#ircnnDcax}aPi0S(It><2A`WE5=?WWibbHlzUU8F
zA5Pbw0r^iZTed8hkH7gL>a>KBm_f-Hx%tDP?}9)rk~#w)+cAnU059DGb%$^wJd|-u
zA+DWj6bw)zAV?3zQ4$39*@qaGmHi#p0U+g^*)!zJ;sWh9LTJ-fPx-#qhMb$yo*LDw
z;3HUpNCoGB6qwrKBTJ;eN2&;9kw^oCxdW<7DMzZ*Zh;Z~G!GvRlfx=nw6H`%H&WdP
zg5B|VxTf+}>rHhtSMFRuMzSAVh(C~#(ipn$9Cjf23$qk~k`9hjeXtxiX9W2n<9G1G
z<OjpC{;^<@tn*y+XC-nd%TX$X7%n^<ePQcMv25uQNho|lc-dgYA0U6q>eZ|7g@mNB
zp6@0709x1Tg9i_$Moj`EH*-9+4H`3g6m~G2CmmhXef>;VKqC4;gc+xVrdG{rhCeLJ
zQ9QYE<HmcKjhf;zU~G*VgHIG$6}CGQ;o-o10K8&qyZgT6@g*(A3rqgj7Ab+@10+!1
zT?;O9+=7N~gBxMnLFok-zz-gTNXi`?j9o{<gTw<YV1t7~jP6{Z`UI-v*TA%ynm#VB
zmM&c;k&#GwG%QS(iS8dKi@-IjSBb(!iptr9>y;A4i^wjH!akqd?hukDOA1PVNB&+V
zxxrr8QtHAjJ>4^(TN1;M^M@aQl{>gR+w58SA^h<DR4Iv~vMy)NTypl14aeXQ<nYtr
zyz@Mw1b=UB1`*$K?AWnmI`Z@5@JcLcI<Cyet?l@7&2<M{G2@|ZjHX;XS6lqH&Gcnp
z5oMkN!tb&}cuw(|AaW~PuA+4RV|j|NXbx)?^Qr!nT{f?&g)9nROu6S0#CcP{{|P)S
zM4NHk+oT5vQ%dnbN;2qW6#~f(o#ov&=0Q^Ir`lz|)bwUYgoJ{y>tV!$<x3YE3r<x|
zo!72g?`UeQ%J95ly}c}-ZhE7z;B5X}3mLRkEsVGC*d><!xmY$qQ6y(81w?!vM0m9r
zbxUE~YaLox{)w56Gaf&l1Nco#5$cdYcF75p83j$KIYSV_5HM;7LJ@M7)t@=<f#07D
z6X9@B*&lhW0EFgSq}@E4%KV3(V}kS{<l%wvCb=D{PAMpNKKS5$lfR?>e5lc+E8P#U
zv7I|-wq#B8`%F`=PO}3>NH}ot077hElT<z&6h7P)R|G>$88=QikeqIFZudC%*^>xS
zCcg)MrAfgjE(G5>X4FV2-LUqluKAHf1zeC?tv~fTl%7nSFiyHKmMC6SniO+;dIg-V
z$lB<@k60l;DLs*%a(Id*c|C3VbRg*!v1;WC1L5`hDotHR*KRM1=FOflMHEo?)p^3C
z@8tHR=MZICU&qw1Uw`W1!-x07c4o6Gi*dP~RaM46_#9o0Y!EEt#y4%+l(Jp}xX2p%
z;V@`8+ZcJiB>E3{UG5sP%0_&s>T_XJs8A8<U6n3<2D!2i4vynScql*OfYK}Fl&bT?
zci%xnxJzEvL1;i~S;_k<s93Qw%!&7S7_(8$zIX3FRm}GM!;in%?h8fAO3BS9!#*_C
zV+4T^h)p+d-YD}a&Sbz>HD)3^K~i^8dx&tu!x6U<+S}vsPTIb0s}Xrk7PS1KXtW%B
zZ5bL*k0E3!=5e`c%U02*RZ9>aILCt(Q~*(-3$bRX#FFN`a11wg7t}XpV3>0{@>6@B
zAOX`)AreHw$Tae3{*eH&aS}pCPg%Wkl~jEN@~oaG+r%@qCF-`BQ4Inf?a#gR(n}_U
zr&kbTPWpoI+$X6lf+aP7mg^J&1ydav?t0>+iE<0~g$w==^XIumjcP0ux2fQ$%%gNB
z0i3d_d8G1(Q#Y?kwFrzZrVyUjx}{;UVkN}$ojOZtfi;>I%TlWG!_U8p+R(Z>!Imv<
z<h9;!`pmOp*vB7;+O=y5gef;RN}z;8hnX{e2hZ=e2n9uzNXOrD^k|q|bCBvQZLMBU
zPt#_lG89~VmW=AgO&k=$b2jbMw_lW7mzF9~O#JZE&!SO-dQvi^#D(yuje}i4{s6l}
z;Y7IJ?>{{q9ZH`LY|TkXYK-5`Sc-gsSkc?sP#6Ux63WYnCcBXNO8%J=8tzP?`>v9Q
zT?ZLId1uO{>3PIOuD{X=c1z1Z^0h6VYi>kAU_OzfaN)uptO~`X9Ger+jDW0$6@LAF
zy74jd9@(JfD^^R%%D%mkVYjXIyj^n!<)+Yi^W{a@?<@$PQdC9<qjs0=bE9NB!7N(*
zr(k5aAAkBqd^P$@(H6hqQ_GCw)K9<uuZf?2_|EhkB9vLL!Z-MT|0YWBFVY9YTzDfC
z6h-xiM+fhAn9_CCv3}n!O~mify}LBgrGXb0tyET#n$rQhIh04-VuvOHYHuaI9lmVF
zfmCqx7=1?FYIlb9Q(#wD-BafgBS+ir=r?il_b_4L3~z=_2&8KFTYWK9V@otvQ{Xgi
z-naAH<#VG|DnpAbUA##0_O$P5(6EuTTvevm3~=Qu!m}?f^cx}cAH}S?yC!XQU{ahP
zNWVvg0r^j{H&|R&hkd*W;psI)m$44*{o~^qfN4Gg1kIQ=S5iUl@~7ArZjCc}(gY*6
zBVUS=LXi4U{onni7e%g`Id}`AOgNNe74id-84-V|aV0g33aAvBJ!__iRB6h@@uG9r
z7d@&o7QG$#VyMP?{1DYfa{Q=uTOa)+Wkj^~>o>@7;biZuQZEt*^73TqIE!%4E+Tuk
z7rS^}z}k(Sk}Vp9ZQkTIkx*r57CvdxB>Nw%3jNd0N?PE<IS6siPvG~t^rJ$BN-iwi
zT&VxZ53nGnvFPK{)3Ang!Fj}m-3uMZh^;(r+j_BEch{GrzcLQ20c^{G%6n}a_W3Tb
zShjWbu`-Ph+yz#}vAx)O*7FuDav?0b#~49qT#(ay<Xgx6xLrHpw9o7fT+HHq_~D1Q
zs5nqI)%cMJrdmx>!{^(z=H=f4r1TWIF#<4SP*Q26rg`gtIAaWa{Y{g~Ta~d})N;1y
z+3Qt9*RU4BRB0w_1uHMl`yAH?AAI0A7P3R!DKSIFOd>zbpp&C7ozh$Tcof%-8aI{J
zskA~>K%=i?V5u0A@1F!fdV4{Q)7RjT-vvCL@x@~S>uT7ji3@z`Bd1CjUzB|U5haBu
z<;2S}9h@aDT)1dzgV&_k*0TJauMT+K)vM2|E+~~e?vsLB$HQ60u3yeNa6@!K!|YMV
z+Q#2;&6%uPwd$td2#Z-4MVQv-;>$HcExO<~>1x=pv8!?8rY`<|U+M*-44$8%_t4Y!
zUjlk`fL)}d3dm1p&z=L33o@xJpU$MHty{J5i|?eAg?uozrL=ibCIC9GODe9MxM}N7
z3i|A`&x-fodshZcr9?w1lo-i?+F^$LP<%hnAAa<ahes6cfG8HFnDoXC&nOh1efFv8
zciV;aqx6W<AWBy#&7p*a#&!g!-=Nkn8Sy)c6fS6zI+;3jxZnc4Aw-dM8}t<zjetrt
z72$yO7>Efn`vyoZ!a?z6dzhb0Wc+;2{5q5?S04I;iZH_{VzQ^Ft&wg|PfOX=tJli4
zl+_}Xwm0k6t>Ye9)zJ1Tz5PI>eP(ai8NyTd%b!30CrndfQx-q4DV!3#1=nX;EAVA}
z^6`hL`z*YVYMMlR*0Snau`uddoptGlLLxiXh9XERZ`Q3{W5~|g1}KjS@tH?G0s}zl
zK!pkwFjlp_)tA<a@ca<zNWu@yZWA@KI9!10W&*nONgsnRtPiDHbLP&MJDad>RBn%Y
z`%IIdbbG10WEYjLBx291xVTLXS`aAzN;rC#(-EG*b89_aM_Q8-!F}CmjeXMiY}BYP
zO-5(@;OEbuf2v}|ilHbHSUrJG_M=D#fl{5r0Oa(94HaB3bm`_gb^2_yrfKUm$7`|)
zJk)}di$5OGVFg%+i$UuGk}OAymaR=wELk1=cH?kjbJTBFXO3B~$Ntnkp5dq>**}#>
z)=4d>xp3C&`kLmmVZR(B4~|_uH!C|u_RiOK^>V{L{leAZ`OYrbKgr+2g)HvJ!@(%Z
ztwD)RzY`)%*SF&*xxV}1XV>r3X1eChU+7x4e5GsM`i-t_J9fG7A-YbUI_<(f04`XM
zI*tj%(9|ybL4Q@*Zy*nUD18ywU2mbb(k(}CCDrJ5yGY<AM+szC7^huPXI3CfLUu%#
zPpjRt@uEew>NSi7pIrxJeF(IjY0|W*X$E0`6pzyFjxzye+qAS)=E2r*A5M<ndcRZ#
zsj*s>T+~ognMO)p72~#3ig8!LL@+#~Hd!rX_4ZYo3v~Xb8Plgp<<#ggaJGQRm%x6f
ze*YuHzJIFX(nN!SPSx0q8$Kqe6l92wLkACtg$w_XwT2HLz6jdcFeoOw>WWDaK5U{<
z0*?HF*>j3i|M?E>3`deGRjZs?zHB)J(gCFQK7K(#_|arQ<(J6C>wtl8xE3y2;`r5~
z-GJRA1to>FQZh9jb>@ARQ!|62hSst0KFhHlSQdF^U6$9&LgsCvJgOg_IfHmBORBDB
zEWI4l`uMo0CFR!Jwo9`N%UZ{1Z95RxFn@6MeRZG<JAoMEf<2N8_EyF<$H>_LQ65}~
z`VbIGuf{%p;uKRq6DCZkfqMa?_P$d3lA!YIN#zMNmP(C9Y?n?QOcBZC%~<|J-kv79
zO8d(0$p6v7+Dh5T-*)Tvk{CPoYum*f@4xfTyWr`6kUpnCWK*mgQqg+#>U#us;;f@D
zzSs^uvk068KN|MAw0)NumOos?6Ra~N+u%;;)U@hA{@xc}Uau2~^n^)MrSr{_Me~hK
z+p=WI0^>J#tfh+Zb*NXLI}3Vlv=$B<A}ZCk!`_HCN6H>bjf){oxF&4T@;Q%KH>wOB
zOg@cRSK)(0r1aC-aF1(>n1c^rPzb!>PoXFI^%X2w$o1*x|8tEV^Noqpsju{LJ1fy4
zskRdzO)(vR9}w2#H(B{~mb11)3e0?jEcB?)=RxYsagh3xVm}IM9n<%~-}uq6&s>P(
zW1_kW5Bl^Q;DSZ1iPDp=@6z=p+w!WO^^6Zd^8D8EUc7kO1)C$IEo>536lDTJ?LCdp
zF)AHkdhjx~NHKyn6-N{Sik|Z3&7&84Y}4EzVdSXMQgTwJbV+H-OG=|3`C!OJo*s)P
zlU)pd6lV`geiX2r;-^*K^xuDzO1gP4tKb?$Z=2%A)TvX+ok^&O(nX}I{^NM&%teV+
z&Rn@YhF7&}br={jBxNKpio>{X#v&Nk*O8e%r06qI74|)xS#(I5GPx=K5Lm0h`u&)s
zqhfD7Havd)jkiR;0tH0nise1_S&GR(9z|V>6KPvQ@gaeswsn00?cizGW5;?B2`Fpl
zOR@qHd*-a!#>b%dL)MG^_$x2B_VIUI)Ar}uwHspM_-}>o>%a(c`SKTnDYtufL5}T5
zxGySS0bWzq-lIp4ePzp*{S3Q}>_*m29BDvA%flLX!0*5Ro`mv$9X28emcI4Qp~L2F
zH9_eUp}gA<RIli7+RKy?JZa)28i5;A4AZk_&y!*)>vZ&QxK?b4-EZN-RV_fR_sQN^
z^ZpIjWN|3=?9{od2?wa59yItpgS|l{1Jix5!+Y`jv*B=JM@Vcdty;C}vM&CFe}Knx
zWS+voY15|V_tK_QUmp36><u(-U0><-iYfdTqwpq0q}(i7GW+{&{Ugd#BTIJ34oLl-
zG@E+p3cI@h)Vz!t;h}~Q;komeSy^hR_wLy#e-@)q=%E84<vWPrOvIZ=yKm12zy;|l
zD4w!H^D4uDvk1fZ{XTuBskFXHLs(c?In&K(UN|9r%G$MSkJb&#*nYu+g{7o~@n@dE
zzyAp^2yHS%Z78StC#YY|c%UGR(z!?Fk)?qwpHw5#<6YgfKVOHbK~4B)7<YH?-eaVh
zpi8BK!-o$SSLv9XZIK@FOvWgO0lo3O`SL@llN>Q5Q|Q?~r73EppD3;Pn0^9}<_XZG
zg3kIc!cp8`psf)_u$dA2p24ZC@GG|YqykO>cRmC}8fU2+-p>cP(V7C?d0yqIGyGpY
zSJmpKA7>AwhY4{A90!{7tF=Pu(xpVQq{*V?*xRr{eHp-sTetUm#n}zd+UJw&=sy8Q
zI~X<c3yGNDBJ|!@-;DRWu{4l8k<gLgSs`Ek0^;(;i$*rhj{(Ju4BrwDb+=0{{G9;&
z{5_|8{^WZgJ$9&g0Qay^gjDk|CoEDZzfV4})&cbD-A^hgsBUMxmwgCTr{D?IS5G2v
zXZ1{1uUaXc<@wARrC`Y5L4J3_@P`*0^5XyiGJi=#K~yQQ`(M8NW~8rPy(T=ZYKqb@
zI#d8lOtL%^a2-$O`EbssZ?s0kJ1^kYj(REJ%PkM2kEnDaPo6w&^{<ZNy66I9ne*W#
zg7Y}fiE${PpRDdPs`8(l{eJ?~AXDs0jWr=dMmm%yk&97oTS<xv1(Lky>mNpx<3ZaX
z9nxpWATMcNPBUZz*MKlLP7TEW1DEk-ruRSD5OHCRF1l>fx}~XxG9hOs_9|O#x*5$2
zC!}X{YwcJZfBX6A=igxzbpcYJWOxBdaU>IEH0sc(NmFUR&X+}1{1fp12@u(7-oU61
zOW-Wtv@uQJg(!gd@I?AViId{_CzovL_;0`QzXQ~uSC<Z)Jrr;&A_X)z2I5yi0D%k0
zqgIce^`!hkI6`nRJa|#e_Tyl@cBo&!envyY0ft`GVZX)|Ak_J0{a$p_-keB0*qi8d
zGH%>AQceon9cV+{8!b?oqky77S_smqg9m4ncJ14nEF@LgCuj2$AdwjR%{cKro*SKG
zU^FL{WXdTfOXiG{on$Qrk-B*Cyezk3<!Vu-az%4vF}TVW8Y+5VFR{^Ij*zVo@gb2(
z0GpZd+(kST_pu|5oN0Iu@_E?gY&G@B5HKUY_`;M&<&@fugg3Bj;Q>>DXkK_j`UlZ$
z)2KFo;bL*?<_#Hsnt_;r_40GijlG_9pz)S++@RSn557RgZP9~5>2?0AX(BqEM6A&p
zXax81#~&M7VLqQCg$u#)C7xS3gX@HN2Mh)~dh{5-k^TyNkaciraX6VzKiWQh`^)W)
zpmmi+X`raHE_!`EO$twhr|E$XW5<4LT*6It1}*}!koAW2Mu$u|1uHcb(k`xEy@r^P
zqh#o9?l}|>;x8gSkE9VBCaB_kk&My8&=q{4w6W(jt$Q!2&=y=&5fn93ZTwr$d^S{y
z(c8?5=$sX~@T>E5ZD}LKvN}-4&W-D+#UvyJi^8bMXR*`aq$xl66pc=`XSM!>qR7K8
zhqgueVWPs_V;DA^woKlDHcCBvzT&ZWEbDN`7Di@P0RMnNDjn0a&q%L)OMUI|^ATSn
zbas%8!$`g|Ui|pLcOX50yZY(CJ!3h&amTu-w43B#U+B`+!)``zFRC=#Ao%j(C`3})
zSV~5$24_zFDTH;p?=7G9J9Ky<tH-|iT%4W_`=Oy59a5|To^rupOv=)M_;j4%Mi>O{
zjm7<C^I_}F=m4WHGe8$3uIZ3ERVvY`Q)k-UU_*)hQc@QO3t?`qN1x@)Fi$QBGw@<X
zi+J$wdOM8CsX`2bP1=Kv*7oc7W0LlU^ll8*TKDxOQW_I>_@Jcfoa!)WNpXnuY?RT3
zbs!QE;k$J1AjW<*+7#MPFUK?yb^N$*CE_#67^iirswocDeM@!US$Z8&vcQjT#23S5
zll*W<CCNTjuUbX6%a4K1=d8PT?;hzO&BC;dRPe`wg`!F0M)*i;OXD>5NoQ~MQSi6Z
z(}`4>zlr$@f!PL)&lK2=m$RIjRk=7-@jg`@{mc&#J9EpRSXLW<RW1ph3ujr<`V=YM
zfqb1~bX;%Lw<or3+eu?hjK*k^#zxbijcpr^Z5xekr;V+~HlOo<pRdn)v({PjWoAvz
ztT|`yd+*=At{PT7J~n)4*R@B4ovdE_v48nvf>~#j{ObIFcat~JLsyV&!j=G1NT8-2
zWSG)q%(l`Sdk$`jdWiyOL=+Kk45RLYllk5d`Sze6T{ZV9)c0}KjgvahX^};y&S&}Q
z!s~q|SyPIYt$xmFJ|jiC)m)B5y9}j_pRd^NGl}6mm(06nzSTnIRwdQPI@7kH25Jj{
zrI;}Os;ddLCT;q~#k+x}7Pt9MJLTc@xxkq4?C9)S-Mw=Bhs)db@{POBsxe7t$9Wx0
zg*KizHQ}_uoy6vf9owBlG%;Y_e9^dAJ$f)9V+QuZ-k9vu3>AymxHWH`Tcx2KX>8`5
zX}ENfuYKR10nyi7zaRqIEQs$Tf<e7I#ixX~PL$CVmac~pt;0ZUbR%xXbQo#i8yn;P
z4arJN;tr4bq117ai5?+}47FbvWV<oGhK{8&AJS1Bi%zhAx|gxk5?!Fw?C`H^D{0We
zi6g9$;c?|q(KEGq3Eu+4c`;+nl#R6NqLA)z`9l%zlZSiqLT4vmHV|Qx9jl_>*R}7C
zW${48AL&IYLAdo|j0CmqJw<K<4##B$Zfj54kMDTq0l|rM%Km8&Qb$Y~AbED*0*YFc
z>q|51KdotS@lW<}Xr#8$W?Q8~gf~MQ)SBo1#Gu~en155wAHrz61@1R^BV-eNr=L@p
zdF<4sl^Gx(Nx~oXmN1t{-NgqN9H{Dmw9t4hjv2zpajC4Xq?^(M;_PUMLy6GJwMLbi
zYCT58U|h7!E5)?~6ntBaW8OqCJINda4^6`HNb!eAa4HfmYXT}ga#62G=0SxRQQ3oa
zRY}tKV=BtXzF>M$WSnm4nu4K<htcm`IFKD8wcQLhL^&}1CATMwTJLr%ogcr=!ZBX3
z8VYPMr-fsX_4Da-+j^@c!*5^TO6qF$L2|lTCEv<cRkPcjjwpLvMt&eiUO!p(LuY+v
z)T*N3RgS6m4}%OvCF@-f7ae!4a&y~&>{Ev7YZ2qjg`aNjr0^zWnrjFkaZqQ6eNaZ`
z(y;UFCVh!KzSd+l!{>sPB=zgeyHusmwd~G6mAvfg^d$5WxR^Z;#9oV_?w}RF4par3
zsq|)#;GIO;D?Gt&Dh4f{lszk1F3_-BF?(B-DPO|$V2%hdkH@CTXR?0ACD0rV{h8IP
z81r{{GQ&n%9R^Uox=T&UzMj2?$^NbCPE=#{CIJ_4kPeVknk#};IZT`*N@^YZo{;bc
zx2cRp1Yu_@{jXil`>HR^_?yA|VpQA%1K4@|KgM*j&7XkyCTiSAcgP)16+;S}uFW;~
zm%zZe;{pct;*P)*hh)5&hJ4Th7o;G!v<&S#79wiOy5sF3$71>46TQe3=ESas1&=US
zgsx|tBmK<+OZx%w<+Ir-wr<5lp-)eT+f-dnXQB=>1yTB&doNXQM~iz81WmnPUEe|`
z4W529L+mAXlpCb%Mnte#=DebK2p4k@5vt<favWPXPuA(2e63mj#Wo$qVf#4Y-e|Qv
zw5#*CYO#mg`+ykFh22TadcV#2rTP1&7uz!*21vddhWwWk1!=-jw!u`+CumaF+|eqV
z!9lR0OoCpN5*)d=S)A*d)qHbcD^i4AaOlkKAOwwEY_z{}jtJ8R3Fp#R$#e=?8z?np
z6JLny)%J(UFPWbV_f<P23r8FEeHVr{eSP6ALI_O`ZV5~lCXN!?=8=DW@z<=-#3B)B
zOxCRYj>GU(_7(c5Kfd2Mfu$fiG@YQ-q(rim+l5XUfwAJ)B#><MVmgOcOCg7Y=nsK$
zW1S9xzw`CpBoc;^$d$spG-qtxhO;c<eaKt^D#;2}^~5Kg6jRzycGpp*koSJgbY*JA
zagIB8Z3~}PZRSezgxu^$>-T@yE{G`S2r#&sQpd*zdbd@AE41JVYnAPZRJMbDJS4^$
zP5*F5?*xZt3A)OAdORv~VW#<vUwks%GG!`JtsV5mO16Jm_shW{#;af2cxStu2-fs8
z9g4vssg)_k8L7a^!{|ixPfs7M;;1rjo#&S5!r1;D7d%b<IGny<0_iy$(XvTmvx<g9
zCh$XJZz6lLV53{OfA!*^vo{bnoN`b;ViE5C&JFuw%RQlnqN%X-$Jkytsd*}g^)cGc
zGA&AxH)>Xg&IaP%@_${725Uaq1%*1Eh5ChW5lIpf5-5(`E^LL?eLS+3U6Rz?Ho7(1
zCj$#jSVd?XUEb~fm+;DTUwQ0lizicQ2>(=A5+eBu<!N1rG{aAO0vWbmX)6lMZFg^&
zm6di^VM`QN^mf-1N`Q?6H`^h_B#WJG>Ig-Db8$1qlrLUX4)3V1rctIb+xqYG&e&fj
z6UfJ(ZN26Ll?mLREilq2->FQN|9)GDz|n?ov0jx1LPhv&%(5LX8!BQ*{XgO^@K{WQ
zC}Yo4YQD1E@KkRG>Co}sJC$Fk4(SeISP3mwualG16A0aBwQO?YY&Ls`K9aU`%_(KG
z@2yjiHbA*Motw~O@If9aMqA+p8j#U5CNb^CY(n)7=uhEH3`vh9Gk!tOGCZ^)f1AwU
zg+U`JHTts)arA&McMjity;lk1?KN)YmF@nZpI1r}K|mg0t*CkIj}?^)YY9|AjK;B?
z=Ey7}+A*F@7joyEZP^4Vtmc&2uHKy3qw>UMBazs>*uhNU0yR=h-DcZgEv0|Tzg88G
zK!oDL!r7>NScfsYM!KXr{#h#5tYFnavZ2yZf-oG>S@P+4*g)r(PA0>3(et{Q<h^bw
z70T8WRG9W>XhhYn=n1Ivn*bWbHIGkpElaTk)bL||c36}wrH*Bu|Ah#?He0ctl#A}t
zDd4UeIhd1NYzM-bVRZV2Ouk(9KkO?ASYK;|TUC5v=E}xk0xz7;!reSowpyO|huU$K
zlU#oPyJ|r|f^G>*_@|Q+n(Kjkav`Mqspq{jpnHG(Bbr@Xpp$jpODQi;r-)%RcGK4q
z)1tJ#aV^;Jl)4qcMb$m_`84R3zb9m=+&eal&pPS~A}VH~dNquNU>!RxtO1$nhalL2
zoPbHn#$1e}-Q~zkOTn&L+8Y$VLu?V&nEOM@ctWH73yRno<+ecSkYx_aut?SBN^`G*
z+ht_6zG0k=eY?1=sencGAkv2eG1rOMEG;b9Og2|%a4M@^a`@kBMx5?O)T2bo$PSG>
z#j}=h*!kE|i^9<+g@u_F%1L!#Ir{2Rc-P57SyBB!deccR%?2f}hy|@HP0g1o#%4km
ztE5>h00tJ!&|`1~(sjao4{8j_muIT2;X>EF4y0)!<+5nJ^;FrH-Y$54EXX^ayP6nr
zHI<GHqP}1w7z<4Qi-!&~ji~(?;`_9pQVUKBz&ttA?v62CgzA!P3H95jC4mh)M6_G$
zplR;Y4M9w>QQ5Z?%X~iFT0PyGI$K2-EoLu$LkJ2TkE7_60iav1@;V=@_Gs6wCC?W4
zRvQ=V?RfOdoWB>#88fj?0_x4>CEhb7Ey@Iry963grg&_Iwui@4ro43#!h37VHw#zD
zJ13BIabyJso>7SQPw9|$mFsqDB_PHJEOWQs-#i(Q9PQRhySD1SEdpk#=}XuFH|Tp^
z$nQAJhb}8KtGRs&TInRBKA1_K)x?Q1a3ihIPyC7^mxlFx4?PvD5G~^0=Zl-JGMX=z
z803?qu<5}+%(Nz{Vky5tnl7p=7hag>;thQ%=)LH?GkC{7QahcwA=6yJJ(|wpXRC`p
z4HnU#x06gk9f-wKb~>6{#;@?19*L4&>u{Iw*ovFOqCe`z#&hJo9tagS8IYZ=`evyz
z9ukltLOsxyM<4LYM2{rF0GZ5hJtMt8hO^y%k`1E)L;+RJ|D=s13c4!IM}B#@b@{V|
zMI#?}c3d$gk-Y1Ux1+M+J>o&|Eu9Pl4F=wxg|)wbbpJ;Kwe8I__XC{c!Gz9l5k$cs
zOG`;R>v?4O=9)yuUi;VPqw_cEUY*rQD&}se!@?)_YHv3_Rx!jvQV0NSA-?VaV?<7V
z&dEH{Ak9UE>)*8PLY?XGFx*k#4)h@11x)l(gJ#8-tRa#E_`Siq(7X@y;=8Jas)yDG
zru8XmPbkX-B<&=DroRoAXsT@rI+s(TBS&*9zuFEaBy>;p!bFCeWp&WeWh-?$<-gw6
z=>Zreig*XMW=&z|;z0^2kEq>%)?-pu$MVdYe>Hgu1@P$g_BC&F9Vy>X(`~3Boq;An
zcxg;*SkGqf=K6-TTJcbxkLyo(yi(P_q6(S^*b3sM1av}@U`=_mOg|ILb{>r<X!yBf
zBxdbeaL4-!n84xJemCJwk!cffr__R-6WoZMBx+6~#eP%)u9Xp|>Avb8;y~R>V{LiG
zeQcxEI&oK9IZKElpsv4(=qS)A=coQ!hqL-XG}dCX(v^wS<z+;V!X1p5++dY1ufqNz
zp_W?W(NDcs`nvrRp)Zws2;cWTF1uG1DUKAPCH2_9m``Q$cf9l9qEO~+!3cC;1~g7k
z?+8L*G^_11qAw-`p)oD=G|HW}HP_$f&os4xys-w}&wkEp$Hs}-!k+Yh-p<j2yh}Y4
zP8?t}6cb0{`b53(sagF;_#n6sNwOdIIyK#6hVjVz$cEq)trjZNv<e@JI+qwtBX2Jq
z^`@b+U_-^6igQ84(3zy1<CU>X*kZ|x(|g;yL(!)(Bfj?&{Hd+Q^O5d_Kldh38Dv~y
zy)4{_kW6bO2aMyfand#9^!v$q)Z=Kse~pJycLe~B9nD2!GR_B;eO1TSc!dv%Ab*u*
zW!Ti4;%TGzP9@18TivsjCfjzW@&ddr*g6N<uoo(toq6SDgfCTJDPl;3&pCKHy=d@D
z>oR#;qqrqwR36&Dwt4+-$?s@kE{Cjh7R5w5^OUW%oF?5x<y{(lXBcYACXao8b4|Qs
zR)2mB-~AC$1e2YyqHf^(mz{hb$y6P5bu-;98zH?wQ{1D^i6|q>M{n2?FmGS~Yqzxk
zawTm>$)F{9@kA&r_s}D|`-q6wE<!327<`N1Ir-9x01<f7>y2`>{?*|d|J$>Sw&DHp
z-_O&WMGa~>bz@2Uj=h~A18FCuJ}slWj^24?QQ^tex1|m|oH<K=Xc+_X!HDF%Vx_H-
zP~|?<O;w2g9`oIW4G<;z)7R_TFGix%0fr>+X}b5yE`A$4M-*KewR_W|b)WA^`QQFE
zAV>~yLtk(;x{d$J7J&FWRUkqI&&-qd0#A$NUYiGlJ_>pJV`m9~V?pfx<}BXqAh9Ja
zJ2ON_XttS$ZGSL6Xi62R<!`frg$o_|H98$w!P`ubkjCSCnErs=EHal<XAm`;SrEXx
z;WqE^wtL{YCSL*stw{ftjt0}Z<P1m4ByHmyVW|CXCWLc6Xs-!p(iE9)?9W9(_%pgy
zG2ee;mEyB1JAV+u3`T#)&~r1^GlG#(=$96w&IYEHv5uXaJFT|GIiM-W5OEm8^T>SY
zBQ?v^2spNxOg|6zg9BL9%6?!9KzG`wlc*0}e6s5lHJnSDAIARC6P0gK^>s#%_1ARN
znInr@p_QW-w2mVy#rh*AoeNtRnUNtgqjyLbulC-!mde80>CJRr+-K^CiF%@GU?4SD
z9sbv=mkN3uS-(NUP?|!6zDP?=_p>~CVS#>PoNaRB<RTYC)3(VyI7k??=#vY`cTsMH
zmxy*5C#pz@ZXdfHDd25VZfUb{fAG(RFC>mE(=S$C1e>fucCmepmz5p}HH1G1go16O
zZ;%qKg21{87KQLLV{8j$vM@p3oHA&BVF@<o<+|u*ZczEo`Mtx_QLFQ-c{0xKO<Kdh
z!duyrsMAnyQIr>|;0ccNk<U<cO4+a+zp13+nOy*m)zv$C13{oc*3eJAN9D9n22O{M
z0i}jD)s8Ri7hNSBsl*R0n?5Ixb~^qpZ**X{OfPpGT5-ll<b($IH&;Ji`5Z(SOw4V$
zUOW~(@&}@P35WiW=<TpI^_UcmM%Nsl+^xLpl?=*2mtC>k;|P<4K?+Y(Ua9dR$j1^)
zo_M|=)C#tnU5c3l&pWi*@aLs!O&*GyFT<gPI5P&Bwrd-mjd_?VU(Efplr6La7O=0b
z95;QpMyI6y7I!}cvMY(K#)YLF_5E%z$k=KHKoLY-*6xn)YcQr!?XG7SiB}X8X~Ghp
zdIUoW>Sj^DSC3>L=dNCzJTWQ;h3+J#97L4&PzeZ9zWx6Bubj~*JH(*Pne>b|U1U{{
zJ?TdMDktIUSRVtaG16^Y37p)H^mXj9RAMU<AyhxC{6u3q-S_+zhF~kK-b+m*rXP{n
zbkb7KyM5{T{oelUb9Zq8z}vgu5nU8+K=(sZVhpaVwY(4s``SW@s=%m<RH@?RH~ob$
zJ@5KAeVh+m<JMCh490La|4-VyA%53;h2^HZH?D>s`(s9?sBWkDtV~O<+khI~!<hh%
z4q!rF@Y=1VF8PiZTUA=}QwlRbj(MD9QBbcm-FW@}jBznQq+%_8MPi7!?a!pw8t_`+
z!(cq6Qtw1?g<!HzFYAAa`<)}3klSXAIVM&m*9gO!Fpk!lunf=0fD+Ce=VB06g)Hy6
zkOkSY1IBj(>kY086%w7y;PbyCk|}|aaU38GU?5Fct9w|%xiO_T(uP+DDFPMRfrB$#
z=Qf3MgF?bbYk!ddkG5}~4-hLAGDW;Skc!4<S7+welH<;UF<3(es=npEZUeyC4JhR@
zhOn$>lIsp-IgdaNS;6bulxYLjSMt4HLk-BIV)$}4%H@BCQAx}JV+EK;Kw!1>^Xku4
zm+45G$DP318Opdp_!#jc(^YiNQE3$(h1?>lRW<N^ut;;;s>un@8GH01ce47v>CMEy
z>zi10F&s3)^;=Kp+*?&{&Nx1w9caq9^<O%_e@dm(9-4c}^}irQ>hV%g?6`X86)f5;
z?MMSp_A8q}mP~uOg4@ZXBR^z>HxNvZFYH;L0Kby-hoCeJVok5y^P>>)U@wU|K*oLG
zBsqK`Th)4CTEsY_`Z^j!=7dek(j3hhMWllaqt_$gK2gEhWV47-^|b|Nj*AZ7M1{Aa
z;2iGR3o>j#ip11fAdL#TO}XTr^shE4SlahPB>p{*&+9PkksMKc;L3;pnW<Ji-j>o7
z@rbPKSrG$CmGVUxJu73WZitGNW?YR@v%^j9$P?`AhrV<d8Z>|-=xUq1p`+yTP}|c1
zLQ-HPo2tuN0?FLd<~JmI14zdE`&IkcCM;1B*nP$?eVzJ(RrEN0TpdAK2u!O&wW4z-
zY0OHw1K~<&GK-HxE`~~`Do?({+Edxiy3yqvhn60VXG?X87H2)S8hL6oX|ylqp_d&9
zE<q&|-xewf^jhrn2_z#4pb>?R7rwz~DbYwOOwl0_HqE;9W?KdGLkV)Kt(06W!CM>K
z@MV(eHd?8=Oi)h+y1Einb#Fw=ttq~TJ@Ph3*J#%f3;q5~D(HF|XHHL4^JQ{UYgJRg
z<2I}niJ#M7y{7zQ@6;#8-vhPq8rq|ZAHsCO6v~XC#iEz&Cfc<Z-Af7du3Kr)=>dn{
z6|4kr-F<sSm(y>4tJ521uL=>^<Z`}bU^gc%4840y53VfYV-H+LvQ{-o#vA#mk(BMd
z9<Y0^#;j4UD`?SyCApB0E%)t9O_1PnWWMe1AKH8*&A8n9WTHL_X2T};2m|j}xo!&x
zR%!}7g=~*cK$I}9fqgS_#d7g$Z1F){2Ykrp7x-zgvc930oWS7x0JVThgS2MZsJR|h
zy(Y9QDps$CF@g&(L+t1BWGL7!a^WOK<ybNRQw=xw6T2~cZ;BF#pwPleu`m_vdIT28
z^pmTO9#@SddO~<Wj@`{w^V|46b*c4xG^5}?K^vU3`ySqfo$hVp^vzd34W_hxR;)K*
zZL>btjAKxz?O#R2?l!yF=**zn>0_JyK3|=!EQ^+QO4~j*QD8<_GDy$NSVh&DNE+0h
zneLT9mP_Y=Emq$l#<vE4wh`E6nro0#Jm!%)>~bcEm@e-b_@>>z-u{m>K-f`mfwO4+
z1l;an=KiS4P<0NlJG#Hk<o4>JZ}>4ZdWm}=pJNA}pNMLsq<a1CuHR$P<w3A(zkxP+
zK#(j-x_(&a$WIGsb3Vzqchh_l$`N)oIHq{lt6x&(Sm=_Fxq7`JL4o4#^tsS#8(+7k
z#BJ@Z>AYWIC+}Q^2D9N$HrB}c5;@9O17n{tC0{L*;9kB-gV8E#YuOdd)0%!|Q$syL
zTPgdVmb%JcT(lQh{OZByk=jzQgS*vxd2b(eX;E+oS^)`l0^zSN?Q#F1u0u57+#WFR
zOFgLUH#!y-qa|<pv<iL0dW5iMWbD6*YB<kh&KTnJ@BFmxSI<*3_pK0NARELodPHqI
zcK^9)hV|Yd$m*7ShO&PFgvuZA2Wz@tZNsYmDyCzoH=~jF(e^=dYgZwp%I*E@drHai
z<@w&-kFtobFZP?*L~;4Y@t?9?ZMx#E$Pu-B2;K0_Q-Me*S5dryUr~_~s(AB4UJxsn
zdR<PVr3J?#)s|{QzJ0w8fvOZjn`qHcPo8!g9V}m}^jN1mnxTY6u_zUF{VA1;O16dT
z`?)NqGDFCf^Wu62`r{#Gy!1*!Mt-7m*CLjd+8FQNs5E>jJoE%8YW*rAvH+D}Sxa77
z^{<Oh-J_b~+pJN9XzCcf^eW0E#G;@T*gKd+usL#0B~aAAN60^8v4&ropy3`|*bQer
z`R?6bM>0)(l+u%$4i7%T;NQj!OALsLt3B*NJ8d!a<*Cor#F;7QkscDFn$OC;-a_mX
zKn<)Jntr5rkvJ!dP09&Vj;EpFLp%)22SFy9X=9fJr1ilh<E=MLCy|n@0W;Yfh6^!1
zA7^+HFJqumyy=`o9*%_{N{dMsoBm=8P^tK$=Q4alkF8|BQj(!RJvKbv<x;IKABbbf
z&Afa~yGc<(Gle}k)VJuGRO=1Ei(QF*P}|?Ox^TAd7!^W|S0^#i<p`gCT4qp<UxidR
z2Aq`JlO9V)-Xr+Nk=C#A#OD}GdPb?1_N%(}-(2Eo`#w}>rCMBw-ow2qk^S3UX<{;9
zp{lwF>ebc>wIr#$_!K~w0?;g)`l_?y3H8XYRMrfQS#}*dAKo4|bHH6W;9an^%sfR4
zE(<|1!r%W!U|)i7!&qyH(Y6G5A57fL1(zBuc_Cw~uUe%@S@SGl%J8(iywakw9$T-k
zZS-OVMY~bn5tVXpW<1hxmLz*o!@`b*7fZ$Z&X7N`sLlXe>TSle-6yK`33EZ)7iX0`
z;xstjDnD7_S8<QqlK?a`gV$QI+fWU|QjwAV+Vw8Se)W3E<JlU+ZuZVf`G!|iw@<?7
zvPE$pjzU~K02OKc4;6QowP`=!Czl?umJ7HU>f$%KWZd%M>ozo<ky<{viS(sbxKl!1
zGB#f@WK?U;=j6!IWy8Xf$8g%5ej|uQRMak!2gSl+jfMDTA{Q{5Z&xdrKyOf5a68Uc
zsCsyzyLn0YOB%1mL@Im9KRc~(9v(NX>8%YBZKdoWtDjB!{0EM{MlcxXf$uv>_W2^N
zbaURCcfhv;=*qu5A<z!ztf+c+#?f^8Z1wnCz^XCT5)yU~r>%&_0EJe8NGprBhNyd4
z2Im5P2T%Ry{LPlnyCiR6ul&cP=$mn|x>Y>RTtV=b1=!`;v6kn-M%YDXinbC8aoM;Y
z_Qr&t*zQQAi7AeeL*;+BW7$u$V{2rIR*&4Z`ow)>|12Q(aK65{vmreY<HTq(2AAB8
zQj*6y;#Fz~ChAr!I#VEW3P&}&q|wwNn=Z4?Dae(L7iVOcF3D?E%VjIoG;o^Y5chC;
z1kD?<7{X%Z1@8u~g#^!jFX^q;Z+NaNx(Dnnvb*fku|FYO@9ug!9ZFsnUTeDF+fc91
zzg|xtUZh?{I?<O74$HhP-g>GQQB>F$uc>mGk1_XqojBi{va!S5R-r-<U;`AnhNbsQ
zb22!ILbPF?s0)E)OE*i_7*ehBXTIo2yEvseJP||kW9Ov`6=Lziha}e8IM}$6$$-;L
zu0R~SgXx^jk#?`Agm?=|t@Dl{?zmP=*04u8$DplR8&!7_I2lIbbwIRmEt*NA!ch#>
zS>e<oey)iNZ}g7?7TH3m(Sfb^Z$+uPDMm+kCTAV!oxs0PWZ^set%u&9IjG1N8exck
zbUoyC3rk!c)`yz1df3Sy2uIb=-onujyI;G!+&%XQY@=O1vX#tT&zD#cabo^p&FX1G
zY+3^&aiZX*E;Nnod3T`DKs&yU45Wx8OSEwO&w~&-cS!ZH-H&eiQpgaXSxIHFlTBNX
z=Tm-io}#*C!%8vRuFpW!FMS6p&#JEm?4)B=z~rVIvaIs}I{xxcSqYltyS++bh!Ba)
z`<I%pF_xId0^(OnN|&hjmR0bKU3$rCknmD&Mz|_S^{?i~UHimpjaIYm&jE?WgHgYK
zljK`?%)nrl23LLQ46!pHt~%g2fnSPp-%6E{Zv5)1)fNG#3)>Z)fiFseR=1*S-`R8-
zh$a#?yy^fQ_G&BUP0ss{DEkqi?i&Rmk+{DX=C~W%I$74~`&r~I()!Hpa7L^~6rnO2
z3EsXE^6Hv57qZNU{o?ylZ64G;qE8i&ag{Ru;9NrLYshi<mikK+y@jsX&*iqQ!7cX%
zfx0NgG=sxbnnP&BAnw!&0EMbNb~=gp3p-KZBc1*A0W*{~E;7g$?0ZuG{>{cK@m>SP
zz~t_hT>y!mSwmrVSe62{!wbRjOoDw0Q%JXKz#hO>1caH!bviQ@1>i5Px_(fOrE#S=
z(f;#+iZUEP>*GV;rlhAH@Q!w>Rp7EKYe(j7R`Kt$eGYeA7(zMuFQKw#wQv3T2rA}w
zLDe)q1HmHC-O(VzQ=mH)o_R`B#q%4^>WPs1HHD46$g1Z@@Wd*79RNj_&q2?ghT^bh
z6z}TVxV8-dx&-&<fEGkVvg@L_mL9p#m7(xrsVs6NiJuAbVkl*Mm7qH@e&rB98{`<}
zb|CE%Wxa<DIlx)%r!NxdkZAMELHrq9&kNk)X7c*wNO^ee0|xow3LoUgo5@~M=X3^H
zaXS@PNp(`{j+Vl)hPP`77@|MJgdRqPMGfgsLm~K|M`DaGQ2x2k3Y%e2jZXd*1AbiR
z*(ZhE-fSNIP&OYFnDg{Z&%LE`$k7<4BPTlvV5scIChMq}iO$!sOhRi=3~55rC~N{h
zNJ*A7|J4fmXCKHJe$U4H=fdj;kElO*<Y<!R*%8L(le(72qgwLF=iwjc?Rx<%3L0>`
z`YRM2$B`qA?l;BstKsEj8xKV_>+P=3Yj~?Sc-v3y=*6a#N&-w}KIe&C**%*Pw}&5b
z)wh>-(JCHwE@w8q-fF+=>RJN*iz>m><Ro@IV>h@aRX?FjNfkT+l+mumKsoBXv2o~~
z1x8|5^HDk;v7qRuzai^s-)E1LT+ZKB-2M{m&2woyk1pRJyjGo}gzO@spm>x0>&=$9
z$=)rVA*w@immfWsJWqR8S?fCcWe3oR&`hRBQZFU@>P)+FfB!g$BVuc@T9$wPZ5DrO
zwL5f2yJ=u25J&TwK8Z+!INkqSBrxQMA2WB*eqQmPqT>%O43%^YuD7QQqMBV#Q7nfU
zJhACotD|{(%nI_gJQ}U{8HN4x6&xagW#VVi6-Pz^>m9xlU7vk*(#=vwEP@SX%|a}>
z`JreOgs3sJ!!)$#3n5yC)Hqntu&>SdBu2@4VXgbKux`#&_Cu$?tH)Dn@Q0HweAv(V
z@6edUwVtkVq6)O@cB%pRqi2;?iIQ*u+F!Cy6VfE#ybXT7vJY^L@kP^>doi214i3FY
zwsVkX%rE)BRs(gmc6K{=b`-%({0F!rl+_y`&zaHLdoYq^)%giFl<LtWrYDuz1q0-C
zzs0GsR#Nx3Lx8i#PKYsAlY%#)HB?`co~IB(Lqmg)Ad^Rf?6`88Z{fM);L$t2Tc&Ai
zD0EY_eDk(-y(COEHU!KSM9?7gW)8)D-c54!B(W9pNC+$?%vZ&C2ITUQ$x5_<@F&v!
zz%h-4%*oSYjUmpOoGwXJTD9NE?b)N;&a^p`<oK8Gn$1Fntq!Oici%^+4#N<RZU2-R
zbQY_IA`<-#6$m9k;5z3LTcwPt1LjVOy-JYMO;eb4R^o?Cmf@HgWA6@UP4m==I7Ve2
zWB78@-$@-+LuI^(!~YXVK*_K$&&l)}d|rkjm_`4C|Jj(=ZKzWf{GjotBBK8v$5I-3
zZRarLk+G~3(U4M6YkM%sOml%`ctXCxTL|Y^wLU?zj0naljF($Qgvc9gsjd6Ld&R%0
zY+jObZ~!!d6sDJ6$A?o^8>4Qv^`Ak4ew($w`Q}6gO7D;`(E`Bgm;0`l=dMb`x@E5U
zyC?sU$C4ulW2xS6#%5d(gBhH8R4bVV)8QBw_>iQV-~X~bjkFHz#|ogs;f5t)5DMT`
z>T8jq3()dusR=(>&A91(-kRbN=y<j<+)Y@0*^;=@Ga{hzQWnCMCF5Aja<gX1luS)B
z!)Dab?)U@Ml`#V!fY$t$T)2c+OCuDEUAsE#kEG|UoFzwrkV`%!{Hwvvc0xF@GDI^R
zi;m~`kP8fy^`gA~0_KDjtTL|?{JS4(={_T#Wbi)tfWQXtOQL}$?#j8ecE?=Abq;ND
zN9>4sO{pvR211w+vLN$s<z3@*T2$mkBISJPR-9XAT((3eEZVEf7^Dgrmy|aiYbKtx
zS_w8ky3^PgUPb+0`zTpOU}Zey^(&)c*53`SMk-Zzp`YXUBtWidJ+A!c-7!u<YxeXD
zKx7pVuSK`S(VWhp`a}g02T!e(DLawFyJ%&oY~<oa^wKf4c=K+21c!LUe_o-*M<5Al
z=?24YIhs4i!7pkjJ6%QS>+!JeD!BAkdNl77swiV(jN+W9Ys`t<Do&qmZIipTG|TQD
zn<0G~`0JM?-rg%TQ~riHsJzr~>b#sy_{&7mXFT(l)4+!^vpIi@-tvvvTK2bJ48pz}
z!~`$Ca9*-i4ai74fsaTHyTiruA03gzUiV75p`cz{V(Zomjo#4Lk>pIYV5*3j8!3PJ
zn@Y0RRJX|n0XN0%Pc?U3^TeT!A+ZM#dSucgam0K?J$T(PE9w<3=sM8*k6xr03)NQH
z!UDml66ob+iF7OV2z$#~HF^+o(W?rFD@_&B-AdukDsjvH&cjY2f`9yfJo7m|{xoLt
zYecP;3=X27vvit2=thQO>?B4PAy&d~inC;fy?cq}n{=%RY&%E`_4ubDD-;}Ppqb|Q
z+TGa@8C@Q>^N3Ry5-^7s-K9-dIfy1AZryb0hhGpbjfDeGIV+=Z95`Twp-zT~5+SFE
z9rS3Vpn`?HMxI`7)FhXe{0AJxLJeIPjerI_udP9z{P;0>zc#hu;<|oj=bCa)-EiY>
zc`%jjX>l--_LJ1c#>T^O@4a!}Bw91UjQnWgF_(tvQgnWvveRtOH_@VOxg1UAA00~S
z%6D+(tgCCscd>sB*w@Q$<SepqnBN+bYM;!g2-l;Ylk4ndVI7ob-VPhUiQkzEoE?_-
z`ezH)^Vb5at4oL2i#^DWba}cDM34I>Z0Dr7Bv$CBqDPtIgABR*?{06YQ@8ahCcOzq
z!i7}77UK177Jl=yepYL>Egss~*r<gPQL7KS>{S9WnY#>aJ%xloPel~Tc>5L*PDT!8
zwAiBjT38Gnm1%1e*OjMUk+SN0uMgwXi*V|x<S_~2)1OTkwd`-JyV~b?Gq>Q4d&=3x
z%?``KJ)%={&&&R6ZD6(eE4GgnuVJF6BNA<Yf1=qxvC-@J$hmjjbx<eP%7JVB(8nE#
zD(y+l)KrC|h4PRLUzQyOq3>n>b}iyWqELB(x5BmjDQcH0R^(T1)zVN;+IrMkL+R9~
zUk8#MlvIT|Z0!a36s*ua?gYwtvw`&>)SmO>WJ+!Np}ast;Ew;+K=JnP#Z=76Jt&{r
zudTg3HfS1yy>OVdT8B!M)jK|O?nn5t7LE7yK=`GO2qYOQ+4*(BR8%3&Y2+E2xl{gy
ziTNdy*<g)@+;@j2J5n6T(@two;1>)+dVz0kw~;uM8KW6dx?jG*X+Q01ub$IRSAV}U
zjam1LsPum5hn=9yIbs2`b47W%G_Rns(t&?e9BELF>u^?DOF{u1xKRSGTW%)#=mD;f
z7rKR3u<K(g;Jn`tZNi%D@*S=n3pxV~mM|l8v`-xMcsKKlMJjwqMvp(&z3L~g6)iyL
z-E!~FB5RXj<CWSR%=RY)P6`td@YtF?TMpvvc0#b8{(Cw2b7VLL{cfDBWY1e}jryAw
zIhcY-$0Y-*fKIDg$&>LL95HgHH}p`=huL(A@yW&63PA|M?cHD*_k8*ORVIayxpp>a
z0@>>mtdHPGg4gQCcKxdeU_+i&&XNbP)@!cawl@oS*xOZ`iThmdCySzZnAG3TL(PA`
zXX!N=s>x1&4)kNvs&f41urox!kc0A*0aY}*)bo93oaZwlE^}DL-qT|NU%vQvF+E!b
zF*$Fyx9IQNYBt;XkCjGGEgBm(Vpa3J{K72c&0^ozg;`s@JzqtyUyP0~D$%g_D7nC*
z$T1`@s&HzHFn|jI;ebugY*f83)QG~%LNX|21IW_uUb7z9faFn++#UC(^L%Ps6>zf@
z%T<4te)`k*FG^$G;B08(7arMp43(&Kzcvp9K1zsq_wVl&k?J|#%&cOfwXAtvAm`3n
z<3QF}<W@e}@2+ln_pkoVjmCy5`ob%4q(<FhB%n9;(u#K8o@0ZgZu=*#{Aq0pKP}w`
zK8S5yUEK%S_93m`UjL#NZYxhBFcex$%*~5dC&YX6aK8;kbMP^}3(H0!13MDl1B@rB
z0f?Tl^@<DwM`O1SV*i{4^LTna^)I-7TY3@$0@>cSNd+DIO}5quA7BkHqJY2|=I9A(
zq3MqbF26)hD`R$p_Fr1?n~Pt(qyy}IWt*)jiF7>S;8E@^zS}Zq-J~2G96)_t5GrU~
z8^flsN*=R@;;5AVJZHVEmh{HD;Da;%QHjL#@A>(e6xToihr8^OE2ATdzSBFnXh-5I
z5+kC?5Qey7Tp;Znd@kR1wMrwnS<|IArR6(E*=e`%ui~s@fhpQ%r`=UhjFWIKYJcV1
zw{Ji5QJ4)2m&c17sbl6C+<H^fuLcSA{6C2bu_1u3=9nO@&0LBE1qCJc3)is7r&o%>
z&EJcT<VEVmM2HjIQ-nSe9?$TktgqOj9(~7U)X-cFjwCSG`Pj}Z!*butI>a*PV2i$4
zsSvV+eA@6mLIpYhb3rITOcdiGoI)ojM9V)K-SKG)R)6v__@t0I*?K{h6to-28aZgv
zu(G=P5B|u0LAu_cUJ~$93t;t|syUWW_Cl0V4vbt(tH}pj=TY$U!CVGCH4MLSRSK{C
z{$dw%55p@j;FK-NL#pDHwP$Hj??_@DYQA8(l0=cWz*aTc{h1Y>Kf!m8b!3@yV&#)$
z!S|ntv_UK}Xi<yP8b{}OBg*vxK-5mCoQ-Wi{T*?lTTH`6JL!?7lSpg%`s$ra!=5Fj
z%$eW4p>N=3cFHMBC+Z}L_!GqrmUy4eleA>hP2~#xw5#C!ou#x&z0O9`;~LNUTbT$X
zjXNLr-;c(lhnyw&S2&Gf!&%p9&(Z&kr2n^Y`O`Xar5YXx^xyIS5iaxnuWy;1k6oJM
z6E_d1gaj7{AFqU@m^7<{on^R+k_-wWAtLZDC~~rrYQUr4f5-n5F87NVkApyX1plkW
zJky8K(A2>rmHNtV^%xq5+8$Zk-cAP`&eAY~!{>G|f(*u|x#Osr*w`|BAFkRj)pvy(
zSep{(yV*@$;Sbfl>zm7-Ir{(FO&aAvH2!LSw7D==SdAdX09aur7H*6-ScETl^e9PC
z3ZS1o2}Tg9kkWn>xo}o;X6W5pO%PB$_>Wy*n{1K+b0gOlP<=;2B^7Et8wkge0S0c|
z5kI<pfw~A&3ah?A2VgpBx~fDmk~W*6s8Xf0uS$TT>B4X<l!Bb0?9CA5<7>TG1_;5x
zKCvHoX~O&K)6ZX-nXebXfZ5a!2}w!G10YFX&}_GUyjiMR@byu+(vMS;7KPx4b$l_s
zB0G7~RIwPMqul2}jn2BPtSl~<N4D_raQojg=Kj-aa$8S30KDBAa06}{0B%6SLJVYC
zD*Ty`)vwyxtvq&Xtrj^V-W~kL={(=Za+(S*?&LgWE6_E37*@Q00WiRGOcD|jCisqA
zXmoT;%!HkP|9GX*D`R3})&T;tI3U3j-OH1DZ+E*gfq%klOW=QG?1gk+)rLqntEmEp
zyM#4W?%XMWzq8Nq;1MB*tsXmJ;m-d+F{HU8HBZ~2WQ6fgaSCD(F*aWtJ#T;3)ji*4
z@#IRdEz`2IJ4BP46=C@~063Lgn$N#%)%KQwPeM5tE0k7+l2;}fT==WQg$2{WU7%P8
z>OMO=ThsUb$<qFmo(;HD@V*mxTT0n1K-~K<AZR;7lLv)__^9mhTNPB@y8fA>H9{dU
z?2Ci1l9Hr%`OH^Mkg%)KySdqoW_x-7{Bvu;!|$#x5VSNjZzKc+1i_XrTg%2v@#;WI
z=U%P|njWN-CEy$_7~#Z7FE@j&L=Q+FZ6Zt$R{#)x8^%#nBpSkq%X|#4v$OME&$u=*
z9^OL`G=QDJg{ap1oe-2Wi9#>a_m@U&_4`VrHAUtiv*M4t<G)J_Rl18*KgFo&NiFZ{
z{m!Pc1cxQ)?V%yckRTl7AFb@{&LwEaiEGONBwdxCpC8k54h#b3SD@nM7x2YKF(AS0
zBZ|pnyV6??J*o}EFDA~H3cab~`)c#q_V8`H%h^gpM>Y(?j<=VWjk;|5E9@Os7mv|g
zg%;a%YHBJUX2c367?wbfYQz)uDiH4c{5*No)~Y;tl5U#_*gY0d*uJS_hK<1IdSnWF
z@{}s1ak_9$6?|n@%+&)ttxPgfQd0jYh{Hk9LAky(WO5SvF&@u;RVF-!lsy2}UpkH;
zSE2Axv-{}z?j&>!FHRCPfL49&22T>t{m1x$=o&uTtDOyloSy#B9QY`RE>Q|t=^$8o
zh<U!_B7iBuB94Lo2^vQtwf+o3Fv~S>lIE>ig@c};aO9XStM&Zq^IP5;<stTIl`@ya
zx{RnHAD^F5i`V?S1pZL{LjNN=*H}RVIWn9l5vp`EQLGX`d#~Y$An&sTI1-pNDE+*G
zf`dC{uxCOW{SYwnJ_S#4ha=}Ve8gN`U9m-CLc}Q*d-=>laprH+%jyq*o&i!Kf5v)x
zdJrxyeZlUO;&L1qJv|c>m6Sj3(xk#cK(3rcKs?1T^_kRq-&2-;vXDByxOD2HG@;7S
z!B`Hsl!%F6lge`?)y>Kwl8zRtGGZnDYT(9Z-f7@e$><pfQH)GY)fFlI)QAUMv8m`;
zP$A>cK&|--FP*^i?qTL0+Y4R4s%eyf3VjnJ=pd*e4<Van9iU~QRU**H86n}VjUoX?
z8EYK;<=>`Y-yMAcBoV*V9}xSqKhDBa-c>1kv@o`~|H2<eGU7`{HOZ9UluP<S7KMrC
zCGa6gQNooqX4*gxB%^amJWP=@;N_}tjUpk}@I@xn($G^~n3|bsM8^1j@$-MI55h(R
zWdaQ_0!j>WL*);N$#ibPZGCqY@exS&;=;IU?QhV~mNQ<5GkIC)Sda7=<kJ>&1#Zgc
zNeIk}7mDg6bA5!jP|IhlE%tSiervNp<K%tskRZ&tW&8$a41!hGHZu`E4r}C*WT#lo
zqEr&W`4pLx0Z<gt5PxHpg&y%&Ku%7TN6leXQPU@qP~=BIr$A1EkK@`~1zIV;_Fk>a
zz6F-D@(ZvYCgwanUhTSKLcoJy4Tac0eVX|7tf{Q1f?Db~%XYSnr<XrQQO1o7)>%T%
z<5pOw3&NjqZ`p|zedj}`GFHp^3~iJu+Z=HWvhGRpn0}b2!TbY$(Uy0l>jCVV=a&#k
z*x-43*1-HR$n#QipMn@@zn>3e6Kmbq+5M?2lC!t4<+&asQtR-3OYb*8n8CIZ&;Wbp
z-T>hk(*3(rzzl2HZ1cAqCb|pD**;eiv~mZSENm1K`zj#>k)zAQ&8A274xogAnO{Yw
zV+fVd1@>^z(rnEomnMXQIc;`2M77mxYPk5chT4mxVy*0B(O+t0W(-h+&$${-EJUst
zdQ3MDi*EDn3V@?$vx2J-SE}tIL;$YL*#a3hi<+HL9`XhuBL&pj>hv=2a1cJTclPQV
zF)E3<ta*q@ikd{IGG))z?(npE22SQroCXp$4DeS>h(enG^Whd<pd1UrA#qv9xH{Gg
zQWkm!%9bK?v78pvmdJ@12r5y|LCvL(ZI%SVWXSry-Dw&A>0bv^z^LP>{J1j)E`EjN
zR8imeGUNUbXKd+qISRu;3xp&Hy%_>eWGJk(a)-yu?N4iL6B^;b*;Hd&ynk;07`H%N
z{%=CMb_rpo+xMeLV=Is9?46CuuS(Ky=l7>W`a{5BJXT<11o_2*lWAj}iiM@e4ahD+
zsmfu+cnB0TZrOF+I-e|XXqwFCOF;mDfkWn>Pl1it_$(jZCMG7v#86yFyZHEicjiC6
z3&C*`#%mPF37u?(vlo{9W&5%2DM2-g|Mum{!SWR7xwVx3{|aSuO%{hUX3U~!(a6?(
z5g>}jCDhb*LfOQAsLj1li#uujF~nE7GDz+*oBqU?;s5EsVLw{%%H6)RQ&$E1(6GgE
z4aqv?1M;_YM+*;27h4lg7b`to7l+Dg2lES77eRJ*B;FV@WvSY51np*90wQ)J(9QL=
z8X*up8ek{qDgYYc2*4R-iBre@ny>|7v9<p|(Q<L>YN<0s!L6(1ZSQPlL;5J<Mbe*1
zgqgk=4LG<{L9CuQnM{z7SOVaT4VOZclsGqTseZtBmBZ~6`Qd>H#p>DU@W#~Y!K76n
zdwVCUqE&bh`>~onPvwI>jbCgit30*ky((ih1EsUPHY3ub;pH8W19ZQiRvU`CxQ740
zX!H_#d6=cTXP}@!x}c;|k1sceHt3!P)*&M>gD}NHahEV)BE9@pFo(WVU~5H@K@*Dp
zdIA{aVka-i>Xp1Rdn9q%{pdE7kk}B1OOo|Vm@kNFwUvO}xC|Azh{zNj{Y{9Do389H
zyez&cqcxW)b0;H-n(ag1F9yO<zjh$>a6`~K0j2hpvLp~Y+Evms>#z3BR$r9y>{SmB
zGrRNcse9ymwX#d9S1%p48O`eZeN6BSWb3}h{?}ZfpTpYYDg_aI6WVi+b@Kg}vqM*N
zRSMiL^wPblJ}%#H7NoRAeVV>lp`Qsw!-Mf#`&giVE+OqG_|hxol2|<q3g0(6_;WyN
z?QSGUN3eC}UtpbE?ynz55NdIjKx9Vdba)4wy=g3GUxQ(k)M7-@o1O3@1;|E328I%5
zaH#yikUpIFf-aSFvY=irWdDr_SCwSWps$>DaS3}^R+yjuXuf4cJv3(x2D5?5`*0tj
zzO}d3>#&?I$Cr7N4?w_RzLIp4X^#vUF3s1n8~^j=fPls{0_Lt7ypX>wSD5!gE7KwR
zP@n#-!0UevHDq8cWutQV9)Xrrz;kuo_i&7RH4jmV+w3SL8!#;v5WT*hX6R|@V)U+!
zTW3#&bVF8NyHzuJGFp6pX*}6URJ#cU37uic4v7vMf?~Fyx^U{7_hHJ)q?f8?$QBGU
z%`Fp4Dy%)7Evy5yZwUa_4<__1wFB1}I^ircIh?Zcw1Jxoo(=reXiS)DOMtRq=}X2F
zh7p5;*w)+;GdE)d+_$AS^-!I|W^-n%yHB`{Cd5bvJn1kmD5jpnt`<yQy0xS0-rBm;
z>6HfSZKr_d@YPOu0gnwp04R^hDwz3hbWis;zP?VodZKPm|K<r@rd|PoJ5U-t&4y!W
zh)pePvdvlW#Ho<2#vLeVPXKrYZX2NchRJe{A{O@e)W45!3plE6fjdzp@MC{klH+3n
z1&3-zBH*-CTvDPHIE`Em=u9$L_1kP=`3){F;Pt*KlpyD)V<*JD!Rcu^yM!mn_;HOF
zBL$49?S7E^-3)hnp59gIp5i!ojpKePQ=<vN8!6W)>jQMfW5r5YW1L)E1h~`v4fBF7
zdyHPy1ms@0ksf|9NVx0@7dz@gKhS$l;_)y*ppI;hx~M4RU)kAHE<&5VjKN<_1TQU(
zIwC==m&}_GFjcP)djmUWaWo*fj|)+Dg5;oVtVfZ-xw-oEwm%r~#)grwIAcvuRqd;r
z5t!s`w)YQ~m-*(s{nbLl(?Gy$(DIz?W4Yny`V)X14+vO#A>w@;KiD?3JNb#;BhvfM
z1-V4CQs@0~ZW@0SU%7tcqLV`c&qv;JO)m(64fClV*N#)F3dXFz3&nQaqvqn^ISKk*
z6MCuc2MvOVeP!SI)ceWC@IdX}w?+JR?~G0)lu3_Si4f%NcHU3|hX_~7?SH7NlDaOB
zx5mjBAXk_-iLZVkpTqf1PmJ@lOiB8>s84HXd-@~s_A$w!n}uJ_m4E*X?VOSZp<?GA
zutR-6ZyHSjv18m;+Q5Uq_9##E=LbV7w-=pdO(o`bXM=(qB|;Avyf%H_v@O);ET?@X
zNy#z#rh_gUu#A9YKXM?EDAwBXO@&Ty5aREPcWB+_y=%;1cy^P4uz$dMYl;~J!5Jri
z&bAAeguYuhZSn(ab(z|%2$P&!KtKx<dC-x`b1f&(_x|?Ud?*a`5fTK?mJa9Ddh@Fv
znYp#z@AqJvH?5Z)p@m*fp2Ho7&xa-|Dr$i$#jCdJ_RI6Lk7T0*V{$@xO@1oA?!usU
z&2#bjxo>#@sQ$nRPlN9P$u5UKvE<(ew4jJEC8ZW5GN}+>2^pBr;Te?S?oCTX%9E*x
zmOgb4ds=jX4K>0|c9G9>>aKhJy1)FcF#s)n70Gk7SIDriZqMCP^ahJrI|iQ%@1{Tz
z?&1qXRNdIfo*?80_eK*fRmw7u%7cpc=)BOWVPsZCK55lf^3_CAtlAeA?YEVMz8G$%
zgVylep#1xv##2BI7L%B-pd!etaO=Xcs!!b9->&h&q&6Q|CPZ%y7hbc)UT}*qKJW++
z8JK=}{z4(OTz2bYDIn9KsQ5dmq!3`ygTU*T20G`%SeuLnJqkr&O40UB;W<xyEH=l4
zMnXcM-&lqhzTZ%Ro*>F;{fMBwMR_56<h+6|n8pn-sLoS;EmPVzGeLWAqFqi5zL4lD
zBnm!$a|oBhM*hTL=TtvecRt^vsi~>6aAps`kkrpzndB4Q5s(n{j|J!u7E_sJPNGI*
zNeuI&)q-1Ayjn3>kNAUJRc1p&-@=+Y$IU;Z#Wv=H{Ze@C>qP?taVSCgF7gjhL$PF{
zDXT7ccqxGQ&X>Uf`4wrnhm1i{ff}6xg6H8<mIV=dYq>w^Wbr4uAEiJ4D`@R+i3TM3
zVlDCm^rToiP^W?pn2TRaryokHHG(8wbanPr!-nr^@Qr0NNKyttmIovs!$lEtALj(@
zL4pGmQlq;1njB5qF&A)ya~8Y#A?V?;owp%hpw-DkK`@t48rjHS#Y-T^V8ZC$zHwKT
ztw-1^fe@i?#1ldxAauAvkPvG9eLuRKBH(gG{3d!@s6d~<>7AY4-iV0Fn7ZU6rFjxh
z2Oam_^g#jcnivl-q?v*#QbCUmmO8fJ9y)_+8YHuGH)U`<IcRL6InueWG=%-oSO+d8
zE*}hvfWP+XVg7yz-7b1PSM<<<r-GZoYky#_AApw23E4y8<=>;sjP`M$ig}MaTHv8U
z!#rjdhikNvm!R_nPDPd6FAi^u)_)Q9_3qM`5YNd)CBC#AK5iKZFe<jn)>Cv-Ee{P9
zI|B~(mYvrR`ClL_@+{e2s+G4L7T7w&nU!rLRSIzPb?wI<lFDyrFwPZDN1}}%cXEiX
zN?a-8)O)`Qj}PqM!3?Wbv$WHx9Q-D~__}P1CT@K_(@0_n6&`~nXt3#sQ2hz4A5UK6
z3>mn6BQr=Dfr7gfw%S_1cvN5jMnlZ+BX>@;XY_MytQLM5`g_hLoSPxYKjlYB-h`k#
zuyDUx_Mf}b{(~ZI>SBz14dZx7;-!lYnM-O!f956DN=(Q}0%XIcto~If3$|+N>-Ha1
z2)0WDQ~Hh$hcU$beHR;(Hi*B&Z$yTHWcQE3@5B%n<f1(}clY;S;L(W#BP@W0vuTsf
z-?1e?Fm)4v-ZMK}XT2en{fA0+K&9kYt(qj{=hVPsq_6zMG{Y*^v|G61o!i^n%(#Lt
zNAo48Kw;&-ZOADwH>D#hC-;PGzuC1f4E+@2Du&I9L_e`tp7Hef=s@Wegd4^fhTvE5
z5K|H;g|(~>f$%@<{Z&v~@B7A$($bdVR-mOwafjj##T|+}loodg4uKYTin|t<;O_43
z?k>SS<XzwY>E7?zKG`!rW-==$z$DLFk6icXy6$TP)s7-Ls%dX??B;(TUjKFV0nm+h
zfXx+btn_fcgej!P{JcAhP~fru!gn~4T}UGp=@n>3qbLy0>$rn0;Fv(%5=P+QrubTW
z)2xHv2Z8;fDN6`}-p|goU9_$t`kUX0-lrk==Gt=exiBmLo7EKq+HT}$T!~EV!qeuj
z-U7`+7C5MxToJ31=657b{v=t~Pn#=^C)k_RvK<W-G8?@9k;sNE-3OmUyX&zCy;Z-^
z{2l7zcRlkWXosUMA@HU(Zxy0D4dUw{VEmS{`P{7`JX4c0RUX*;7+c~U@l20N+UkG7
zGYrRI(@SRc(<kDN)E7bhNF#B+GsyU+!5_ZwOKk-5^6kisBI3P_Y;T9B!=CQizxUB0
z_)*{Yoa<B(w@=wi69)e+<6aAol;#`<fMDHZskSI{WI2(`{ZBEX$X_G{d<B)I?@P67
zkFZ;w&HcSIjf5to)QJ$WbuuK1*S|M$Qrb;_`P+$5fh_Fs)310N!6G_300*gK;XWi3
z&qKC^^7QXzyJE@=4$}%NedL?`Vx9Z%#`P1&hMF(|pV@ibq~w$o4HP~vH;NQKVPMVZ
z^2bvDor<gHRcjz8H|*yECx{G9l=sc}D&VnqFbR(C4Euoks^a+9SHeKeOP<$#Q*r0z
z!ff7Aktst@^QFl!X8I!qWhw-=kRnt9X1$0hXmQ*L9mOhMVGC^z>krLV$K7}KSgz#h
zsXA)!5uD-3nk#A66ImjtLnp}yk3&)Wa!Vb*U(;c5GH6`4cppsUUoR}Uu7@HNe!9P2
zwrkfH|5C(W?wg+!NCwmAq}(it1d9J`&V_*IsGFVN_3_^&cU#4K1og~7#jRh#A6+)Y
z%4v(WZ<mcPC?kGIiX?=-Ocy+@@q6CBfA*i36?_+?*$zZ_RRA~oc!8(_O-Ia|at7p=
zWt?n|ctzdleSP;%e`LfT<Xn_N{ww!bxK~QHZ#wp&m)IWEjxQlz1xhI#7WqLzLENV<
zx@=;BU6F}tEjc1@6qZ8XvCVSgNt?$%IUi1$0^PK`5$o*?aa>Lo@bx}{Hr5(J{SNi(
z7T#iXkg&xl(38%4PriKT+seASz2+6a_a;p2i>jm(G1gwnl&_=zyvY^oq8Ic3N`Y=9
z)?@!=6Qu&_M0x>#XE2dM^l%cYEsN7KFz{`H^3_qy*PB7>kMFbK^99h_YUGyOCR7+a
zGLGB?t)l)JP|W{dMEcM(YN3rn1cd)y|L-C_n;855sr0~==PNra2L}%;k2tsFR|yI3
z|L-FG>uv;u*WLdo(w~Q;ivs^1*<M;3gn)oz^WW<gO>-|G<rl{MpK_meviep{ZF%|K
zIhgv#!QYtg$|B!BD63U`!<G>Fu2#{^4*{QA)f?zm#$$cxML?^-!|N5T`1&1<FDRLJ
zo#?s6r{ep^p{wV)pR30`yq>|yX16U*K-6?T@_!#2;q%3i=l{Jy*nMmC@xOOksQ<hE
z?|b;)eel2M;D7VL|K@@J%>)0N2mUt?{C~~^S?>W{A=SvjqES~{`@zON>Mert|81PI
z-UB-Ak&(5v7opL|jd8!PX#f3kX~6$4uHWCJ<QH9%AR@$J_#6HAXMZsL|MT@nYuX9g
zO%!Ryyw3|qA3g7(el3u7J})aLr;djru~K>>zYCPv+1C+En1@hzs(0=k8*#`Jvkhkt
zv~_6;zT&D5FV|Y?u3^1@!@CRPLD;y1xf>-Z?%23O+U&H<ZKJCAsKzbVx^?UKxXQ<=
z=uDi)94Xwp*N?25?2NS%2=pZjcDS|d;kToUOiYXCFcZ{Cg@ELnQ_%zgoZ7g-i-y^&
zzRajAz2z7mHR^spVIA42E9(96cbF}XyT!j;Ts-12Nn_MOj^YpHLGI*-Aihi`)Hj!L
zkqP9{+cLjc3`I+iEpVf06Ejm%{>7yv$ZQ$X{0&Cs9({g}a#7RN{6Z>ZI)#HAt;Rkj
zW4AwZnV+1zORRbKQUV08Jl5%vP`>mbcrRuW1P=c>_+x0(-dvqBV>f`x1g(tY8a)1|
z4rVc3PE^Nwhd^6&U1Pl3x)ufy`)f7;4Wm0-4^@#qnZ^`n%n!+k#8Fnq!+P7fpV%EY
zLllz=P{=+bl%Xh&xf%-kA<@y%;>x{$3$pX&i|4nn{uK*MWkHCFawKE#HH&sm0?a6R
zI1)m`WjFHk@`}r~eX`2x5>%EiaLwR(*^o3Vv-vM|pnY2*h;1u(QAtTb9MlyNp)K$$
zBWjKoug|)!{yvwrM<B~+*sfsO6h-zHB6!(gFwc3&lM(?z_-b#r+tg})Wbx_xFqV+p
zPIzB7cYGw`^HFR<on%i<9aUv<iPVhRu8*6K#TRPmnpw<1A$QspK_)1Yq*2lGlhwX6
z$gX1?PlLw0GntY<h}v1<gS2LSpz%&t-$N(Q*L&>6ZBXK#BQFlIjmeS23etoBywZ`)
za#hP(kIXcFN-`nMHR)G-GwyK_E9~%B^zZzQlCh!-g23qz7VF|!(a07S=wuw>g{t@O
z^&4i<6#F4hS_Fi35aW-Vx()=m&_1((+K(5(tOCwtu0B=5-zCp;4m-Q<xlPeJFPhxk
zVbAtn8|Q*ALq6l!HcWVv7l;`G(c+Qf{X5upaQPhl05L*s`oAF*HiLyCTyfWRD>uuw
z6SEODj>p;ugPHFmsOlonct&k*(3FUlg<QLGldJh_?A)z7vL+ey^!T0<hqw_Dypg*q
z!h^RF(ZI|swzE048}{x|c{Rb?uPyIaN2<j_-XN&a)=1mKE<1UL698hJeCN;B`75rS
zg+B%lA{rV=_5y|VoQJDrB%k=VIp&AF8NffRG>1Cp{?=4PQz&ElQ$Fip@Pg=4dH89)
z8<{x0O@s9|E`pr6T}wum`sjzOxC|*GZ~Jx*43x$qmhA|mNZA)$yBa2!fyRXV<yLpz
zx|Q!Svrfp+hC}Z;;f3P?5C)xk{+ur`O?OPG+n$+!-QK6roynA4K^%nNUQ<|J*XJoW
z)qACcNvRY&3Lh<`xR_jrFd=yXytj3;kQr~dC(gKtcif$a>l8$RX=*_>Lu)>s;*MlL
zI(ENGdVvb#5SlGsSL&GE)s-1jIju-nR6-ZRoJlm0$_Ga~T$xW~Og@z+AIC6(Xs)-q
z?j9Yon=%0$*U=@JSU<BA?K@ij_uXt1WOh*x3z@pJV;vI7EsW5~fwY6RXCt_${^k4Z
z|89W}N4PMq0BBAacgxUQEr}2E_VCPB`5HzGIakPe{^uD5GFWeW3IyG)v7ZvK;MByZ
zs;Ey*O{x2fW~WtEshFw@rYkiy9q~q#q8&uqIH3{hS~2*53x!sX9h_?7dJy}FHc8fY
zB~mz9DFsO4NrOpyP(q~T2lBy(xow{^ovig^{fW-xoDcVh9Znp-xw*M=H_A+HtbzZM
zHo9~FVN9J);NhLw>JfU#t#N`u8jt57$s9m9kvsSi-B1^0T@c|OrK<u>W)121K265z
zcuIS=xuu`nDyP{y{{>SbV#t#Sp~E&42g)Bo%>LzkYL>@@`pw<h-o^AXD%FwFnBkZk
z)<>eUk2r*rY6b=d>tkcgYjbnAj__Bf1^^=`Ff%>vS&*F_Ju=dlpPO3<kO?bE4^0l+
zlCegyV2{g2cX#-RHDnFqJSrOdYRU&h6KTzS#!mkG>g4wR`FLwRcp!}X=jHr&&X{;6
zvI6p|0Uam@+kk3-o}ggxH2C{(4lHQ=3Lkekh{BpS`Rg%<#pGlv(b{Re;rvPKS_JN=
z8%dkPCX<pq7A+1iRA`-f>cW7j*NzV17`P3A!tY(KQm|C0=N;_m19rlly)jKx)2{0R
zr-r!Nf3s4DVhyDf7*>4I31?hgZ~4WK>qzD{5!Ed6U2n6t8HL7$xFMT}#G&j@ZEdY6
z90*=2*KM!$Q3m@YV_;4#OR*Y~kdXYj%6*N9C`kRn=}>RgJl|yk(xJm^fi+}vtyEko
ziLbu9zrcXrQudFV#wtdlh<_nY`IaH((aaEQrQB$|3gI~14eeQPW*DzcG_;kQUu_wv
z=v*0P&=0x$Q~3PN>qjb*g^6Z5M;+IfSIvUFQ^SCa?-FLdnh(3cV}KKfpW!0pAsT7r
zQ&K+EM6C|y+V-^;e~%jW<Y1#{$=)D1pHc9~K}MiOV#zc-6|(;Z7aXMfgc5Y;7W0VT
zwBDNjz4VfemV?Q0mrt1Ca5{b$KsC8pblYqjDl0FpwlY$ana+S#E1lQZ*PoCu&+u*t
zT}sC~ZER5tA>-v_2FH>qd^QyO%mp~1TUZRBM$!I?+5{TT2sh*TO|+OadMRH_k0EZG
zeJ0yki>MusgC7{x3u6P{;;%oENV`B>f5}o`Lhs;V=l8g#0Zw(rc6$w0cOp?hE9x|c
zvtO@%L&ZKOu<|hhxY4~>PzKETXWrmNlzGcv&)ItK4b(~#_b5b!(Eanx?tXN1^zwy;
zh0@Inw|Fxnd?uWeMc(a$2AR)GQKYu1>vbodJOUB-t*<g65S{u}2tX&&%Ox_W_Kh43
zInsIwWv<mjCxV4qn{9Nf_I|=X;lk@Hb<ru*Gphf&pM_j4I?6hdsz@n4eT)0BOG$(w
zG0&xuXtlm19e~^%8&nu$BQ*6bjham4skNbO^-kK9MMw#M%sQR)_nqC%mwyFmlwoH4
zF^Z=OS5c$>r@+wi7;P%e2BIIjw}?r(!tog9qYAB2PXKmu?qVdF-73$H@gzPze%MS?
z=r`%Nj|rT7exR{^twbOk*1AkK`s9*Cad7v0qE}Q?D-Ld6jvXojo-)t`r@)}e$s(h^
z-qk4#pJ`89ON)pR%8DmJE?drLnPhc6IKi*u$?ZDGLVEwM7f*8KJ6h6L8xTlee>Eit
zgZM~0<)-%X@>0~W{mcI2%~6ZJg&n=7ePENmF8{-E{d#P8+M658cSDq%oI$zyyMI@a
zNMp58m16j)`P|D==5fYSr}QjbzfmK%cTx@S@lN8JW#l}$Yb#UNa$J#8sM1fCwHtaP
zOLz8<_?sL)e2`KQT&#Dm?sEx3jO0x;?rSdfdb}QdK3S}`QdLn22bfx#FYm=9{J%1S
zI0i${E!?hezEnp`rWIb2D1?|u6yCpUb$}sy_P(l+jHg#8X>4xxq@tu;NC(n>j)4+Q
zf4$whw?D@>je&hy)95s_JLb-xA<}13wVlYM9L$Po#G*i351VSBt4T;z2J#Db{+?Tx
z|Ku{4Cn;(7%oAIT3gym&6|*+SXj~y}Di}m++8wz~R{7kqA=To+#5GBrb`)$mZ!t7K
zSK4Va+u~xn?=2LH$s9GrBKGU`Z66--;9rM+>GN!Z04~(YS!L?A<5k|&7P~peiu&eO
ztGiAJUad7bH@7AX;4X%L{ro9#dU|T6rK@Yl3}t=w{JzVcE(^rW@bIRu8I#n`D@b)v
zj*4yUX^F^_hLsNLfbebb@c7v96fi=@dfuI(qoJT&mH~ls4e9BtIGmidDD2&C(A&vD
zlGUJ6^XZ&-wNAFnc8~%d-x;vf)oTJ~gWaK-H$j18nYweohy+cStYeqpk<tpoyR0HG
zX>)uFTM8ERuJ!e_SUTq)E|sy~%9EJ5$r;@()!5@b#QZ!UPtQ6Pl=dA3=v5dsSnzm%
zJtO&T24^Fc!|h6DyL)h6<E>Bs&oS;_q9BL@qM)-YcjB~e-Py+lz#oEWa@pbYN177n
zYr7%9ey7;|{OPFn$X-mw!jh@7w*C74lmF(_w|$j)FGM~;;;VUjTxJ;-=;jAQzWq`q
z`+ZCta$0CK!f)%ZoZTag`mG)}F6q1=)7JX>JAKnVh&Sw!f4Dj0{xJ^`l+K5i(LXc7
z#@`BNQZ010nrMjCE-FfPrXVLj866!Zjqm<?#jnU=WBu~jHG5CEXWF;(D~89%FT${M
z<T;S!Oss6hEx!8KIyRr?fh77VG>O&6y`hQ&4PGzZ=o9sBXD3;+s5Ovu|4eV*Ao=jC
zG8S%<AK2p@DJr$*wD-!a)(i$j@>`ScLc^k>>_A5|bav|Mvu=l}kbJyD1^kZjFKCG<
zDLbpzwLC=pm7QpyvtHoNuFMN8eoA}ZVf=5De~++s&Mz*yYXPAF^Zr3WEGDuvL_|dS
zsVTtWqOo(H+22NczP5kIp#;BfI8y?)w91o?h!|LIx4F0HVhww|*&Z?q4mdcpC}{DD
z7tLrJq)uO^+p}vR`@qm1>6s9n5|h%as<})5@hIAIo#En#X{eckrHr=rQAm&y-_Ysi
zZhj0yF4fa>P7zCWclhoV(TB2A?u(~zo@g!;Yur2_?b{xeBnWvf$km;;=}wzlP&0|4
z{YR%TyBs{)hk=uGHc6Z4ZnGPy1eng{>C4y2es76>WTtXj)BlqR?`BrrpK0zXi_62|
zh<6$)csMkciMS*|Mu;QH&uFlkhn!VbR+0b+kuEVF9%l^lpb2jY0rt?FO_^;MTYI=m
zHc>C$874WB>A3EO!}&(10WrUefVRf=V{&nm4qfI{Oh_HGF#jb9xA{WPkCOgMhuUJz
z@{G|LJQ^Ars}`>ZHU(Wdrs2GFI>8*n^kVr@I}ymKe8ccwUHpiFSLpOocCy=SA48h2
zQA1NUO1lF^*!>HlR2fh@zFHWbUq7<bKFn3IZ$3Pdw4^lmas9Kuk-nYmlW6kARF)iI
znreQ#Q}i;97<)$z9jzc#`G3{3yc_@vw_~`P%{>*6MN!7znR|bRg@C5GYvkw^?so-0
zAkczGtPKD>Sc&Z>19+-i$7Vd)^l4?A*J9}+4(33Y4GIkUZOC2n;PVr_a>ao3)|C?=
zJ=kSe9sfd5dofw(QzKtY^~=6$?)DatqJ2f0PwLRQytA|O-gdoh)qb_fdHZwyjf){$
z0oWF5>#T;l7PvU~u+|;rzRxVUO_R4XS!B_u*12e$=;B<xwY^;ebO@>LtS}OD^+0>?
zxLDItMu_X%{^JF{@B#_71-nEhCdQ64g~cH6DNF-(@q*bxWeO(%V>YD?`8|YY)bJsM
z<Z1r8Rj|L#2-iCxY4D!-`soMpdi7ysyuIvagwR7dK~`LU;Au>-S#J}}2SQb=lRUPj
zc-B`_U)YzOi3IF+eO=%-92ak^|MVGx&eq(q;dAFeKb<-}o4Z;wmVm*cqVXx9c`e_L
zRQ0Sp%ZBM_ioQ`BiJ*tEkk|c2s~LHQj<xopV&%rkneQRf!yl%)m|}JGLZ)W&!I}%E
zm*%lC$ui4K>}DiJ!#1xYfC)fiF?b$Nvqh|rG8>{mdH2(FZqd%ntk>3$OL4NK817;3
zQ=(##c?TSIOo9At{qE=X)Kpz1Q)N?&G^8v>GPFeMN!&(+%+LA+To&Fsk&79SsjMQ`
zez0!(couqS8xz8_MUp`UGcz-+?K(I<aMD6PY5{P_44y>5`g=T2`J71}$8*|=+l#Qr
zV$FMQiHRRI3=E<{fd4x|m`A)3C*)wJqvPAQA^PD+sf+nRV*&(nI<Am}XIkxU5(F1=
z{^eVFjV`ig2pYTc>t;g<*nHfxJeo?3%8iTr;Jl|N|H<F?8`*N}c$0-U|7tu+ox!iJ
zi!o>7xX19M%D#rB=QoRjI-(q$>U1~#ovM+-(j0%=L{hXrd8i{k)BA6#P*JnI1{0Mt
z+CsL!e1Q&ma<t1|2D;AB<XGV=G)Sy}M0in?7pyEOFnbEZB)vsJMO}6R_RF6ELTg&~
zF`B13J5ckEnTC&NF2C)Juyf=+yNH(3_{Q#9tLIbv!K=6&@YC%LY<1DnG@pluCpSVJ
zT)qDyf_c-_42LTG27UhZvSLDTa4m0}Z39itDlPe!JQk<xbx0@hYp*n5Z_kv~7W@v1
zegUPU<q;cUEY_{9h!8CoVh0PT9rjas{H26Xzc!u5pURPtGsyTEKQAW0&zs;nkBy)$
z_L13SOH&HXi<#Ng-d^RL4qEw4KUhNX*p>*=$rgW&@NtCki>fMPtjA9s${#KX!-II2
zZD$nn4m;CHQ}0bB8_1E2BprsilD?g6gBm~uiZ(2@R{CLgc|u9Zt?B$psEA5JiAr9X
zA}Gvt)i&0T(R9_c4V{wv%=)m{SXGXdCwbj|#w>=9!RaSf=Y8l_xizNFZeW$yb#-;(
zk9$EqeSI;`@W-&nck;siU(kHWfd!J<eHitUcilN&wZB`|KX}NKM<Vt+FgnWy!+Et~
zz@1jno9OY=^j{<}kB$OCP2=bmS~|DQH$76%_>Zi*jO_fwc%lvgsxR&ydlJvO=|C<S
zjdr9yK5b~s;`483vDD)^4d?C1OmFM8f^T=huUZ-1mv1Fw&KWLxN<gb{=K8PGxH9X(
zUej*w8(E#pzz`NJ+iWyxo4xiNCeU-^cFaP*vz@Wx+i+sU4)d`)0343FVnG<<5)uJK
zypH|?-p@%`w$39_9i*s64Kp$WPuoE{88XM_I}lm=7fam>T<_m@xj}!a*Vko{5ws%c
z(tjL<;Ns$ziHV9{*1G^dBrgo8MFv9cOW=+Plk{g-XSiwDZg+wE6OfK(_ko1utYai2
zVF|JD%OmE;hH1~Is`$6v_UgnE%nEV?W&BXo03%L3Az@x#nQhO0BU$PU!LZtoJX{T+
zjSNTtm$XiOS3H3?7}XuldX?DM<8Mg)MpsMg@5aUta@ZpNapfyDuJ_$0-!2bx=dve0
z(A3)=Ef=AzfwYJ`7Z&d7Ch9~naS(>mArM<Npc9o2YaZ^@MomFsS-OQx<YUJR7!v~u
ze0Qy>OX*q)@b-L`BNt$qdxuwMC2nD{mILk>h~C!3ZwaT1FU%<tCF#q@Zz@ZnSBljB
zcK7d>&Asb!hl^qv;~sNZA-_)w%*RSFY1<ustSIpKh+~v-AN0%U$k)c&Iyg2K*Zq9s
zl{P@W4+1Cl+h2%<)>whVzLd$Hj}vrJxe&oSwQOlycg+3%o*6M8pZx=Y%hgZs5q|rk
z*q)A9w^e}l#}0rwl_}v}38&$F0>qG0=pNSZv=$z+ibCwS__I+i%4Z312v}uRRyqX0
zt{DXd^<`*36z}Zq6%TK@rKmfpR8{p-a%+mC)M=|?oy#cNZtjT{4-vgJ#f>5*4ojA~
zyFqodovj*N#aGC*B(PSUFRjG>#5)jZy#ja`bL>(HlarI90gqQKCaKWhh|k<Hxw%90
z_@r66z~^|QFx7>@DR_}BRp!k%(|t)YiW!o#3xh#j2PypNAN$VbE@K|XNmsbTLLy3V
z2?)$$;5R4gqnLDugomF#(N7U*#fOi`=Mk|+6=dbc73JnK!c>OTG^Q2VIUqMV0ROIJ
znVQs-oTS~$VXMV28>{qH|EfQ`=;Y2pokS?SHaH@TGbAj6JtF=kqec4O_-{%^c1m<K
zWaK#`*KCg-yUkZxM1)LNM444iTc5wSxXs8nJG;|LjAC0eKjDT{M_YTfOjm9{ggj^`
zewX5hZ@Hge_Y54f_o}6}^<OgaU|Y@l<2mz?%~+S<s2JuQlasKiYJ|wPqUnF$nAD&k
zsesikZhn4U7~oIoqoboEqo=3ug{|!gmrrrP3}Fu2)Dd}|ntHToS8jUbI0P7FQ<<(@
z)qncOF~&|j>YYnm+cN~4-v->@#V|Bv**@Om?|kooiSFX?@$u!V7AT5~iEaBhclxk7
z@IlqDIm5yd?Ks*=pGwEB2v{ryd@hRnns>tKwY9ZF7pKaJuoG#@bK~+#OVgs^d5~0{
z*1AJgRn_SQKIbC=$npf&P@nh}YkP}sUg(q?%h^grxW`AUPj@>qHha#y$X87<DcOK3
zot;JpRu~)@QN{u7nE$zM6jgpq%PuU8$;-AnUz->>Q0F{MRE}7>aQ?ioQfu+ULrOC`
zRs#}M@cP?FW(uc1-deH#^~P&ry&Gi-rg$ughvbL;;L>4FqIewx9N{xb@$RclYz*wp
zO$=;JD7W0ehZ1}k;yA@&m-Wr{PSlYhbE7B4%AU`>s(-=HxXCP&)RM?ZoAEl3v!Ib(
z@og55E_j-pj73QvB=;yM?cm0dIX+ra*glSz$no6PS^%OVZ&7!1^9Q@#zYQ8#P}*zc
z(0592qxGX18N<q@#zw#7TiY0fr3QSyW^1PzQfD6}tZ!NEo4g>J24}@9lu1XhdEoZW
z;5GxtSk}+%{{H^fMn@rl=}Y)$*FpBv<DL08l-nMYlk-u5gqRqkK5JTK{A~sZ(5h$*
zNZ5(nn@o#hHytVL-oKL5n;xl2Oy#gp@lCP35>4FS2@MXF-Fyh1QB#iOs4>NJ9^r~q
zEC@pX+~}~y2(SF(*$lsXe96<x0g;kgEF@3>`)EpFKSu+Ykf{H2=pKp{HTZ{I)+-S?
zEj5o9C`~jL)?F02t9!o~$4iM9@fIf+Wvby`!C}8wTD>6`KANfmI-?C2C0wWJV*Cvr
zZ#-+N(aO3Q!rGZqhCG}V;Kmb0ibiJRJQ)!U7H~#hrRD<~1MI=!(HJ=;>Z6hN3}JVz
zV=gk6w{{{I>Jou_=)Y`EmksTmLHu)-@e=+CM0A&~r%HZbpHXS?V$oD<&FG>G!_dRP
zSbSljJWe%NsedTA2_5OTSaeA64hc4JXvm8t)^GcHEb|ZZWtFCX;`E#>R``u=wX~5~
zgAY1h){ve>1^=z@6AlOwPl?C9s66Zqt}2eqU(yYQS=AhQ+e}Ot@xSv}AmPILdu_<C
zNaE}sy2uz*JH8KV@I9YDA2I7Oh%m4=Q~gx`nFYx`lf*Iuoo53``O97tNi?XDO`OQ9
zm~Fhiqofcyd~sh-7@7AF9o^Nel(ya8bS^cEA`v>frQV-y%rh)D`SHU(57>1p0Q+FX
z=KVB&Pcq3H$%P5g`iHoD+)A%mmHp%Sa&D&6i@2WtDAEXEapCJ&S$TGMbad2lbGtXE
zp(#+O5<E+;`27msxy@!NHYrJzkel}TIyr?I=f#rgrnG&3)Y|>XZ6D@6+4q)UpLG`}
zvdl6z_j;VY&%}U$v8m{5b({V`j8qPeZB7?eA8wbcpuzOdfhbe+!|RXn|E%^R_0FM_
z4z9xQP42wp!wP52G)ssVy_^T4nXZE5OE=Gp$CHqC`!J6hruEWOX-lS`rQ&*g>^*#r
zPnYY^mtBvttzv=`SRNJIgT~~xTSGDGf3!Vwj}UdLmdDSnltBlL{sq~b&51)*c9*`E
z-eU#&yrP=tSf2Ldt1||lNGn&$y*G~mEzZ-Q@18epTiTPG@QZ%JGElun_1e>@`rShY
zWb*3Uey$Z4r2g}KVU#o$tSZzBR&Q5N#fZT0Nik*4ABME}Cm7pj1VJsi_`O`K1DX^P
zZ&F)-_WBwzajEad8tQUkm{10JI2)CpE^+Eo6Y)6rQ?Vv$&@W$2Phq`$qcDC-dm&ri
zzt#L&<9W>MwKC?=El|ffv)N8R%FdpLi(Wc{8Sx3b$#$t>FQ8cpP>~CZI@6*lq--Gr
z&RyYv2gcgL$w}|(Y_*vLFvDmy0!KY2CY_pvqO7dHDlyv`Xc!0ULlBSbVHI{aXn?yr
zANr96ev<$b1&flH7{!BT<nRop-Evz&fuGp$aC+LYJ*xM5;+Tb)_44VL=x97Bl{7VF
zrW<$N_z9=c+S%LrHDtMZ0wN}|<ni%OHtB##_x5eVv<K5di_>o5-m#NAThd9+bYs-(
z1m`rqU#B^-O6*KjCbvuEVD|J&an7I66%y>H1UH4+Q*Y0nokOcWcdh#(6%$<#^*La4
zkTdHpu6dL_r>BHisgii}K;`t0?*u@k?2Weyif^CHdH1UfVI6LjCLtJIli1B3yd=tv
z)wxmOf$C%-u{oTP)_Pn{gYV!D%A}XFM)>!x6XHp33ZDI1PrKf!O&G~_KM&V&`Q`+2
zwCFr^;GL8fD@nMz%Mh(5m!m%=$QX@yIqGBzRfdK|O=h?8?RU&vk0laN<REwkucHkA
zuK*R@eyp8#%ju^mi)WEmR87Nl9wmL?=-+w1Q29wt_IRZV3m12qnw7P349E>w0RjNl
z#dLL_8Y3bil)ioIxD*0EqA{E~RI{z65MT2f23fFbe*bZ<N_~x!`pzSO8GcU3BBrDS
zO>|{7dHjg^d25f|##;-@RH6rOPAj6gJ+T(KeUKn<J-|yiIOT24^FxBb_pgT`CQo;g
zxH3nAvoPEff=nTvny0E!xjxJqjdrz`OIFsK!#$FchgdU~MGw|&{l+?;JWwIG<{f9s
z>Z<GdUP5>ObG7AJjW?G%GkyU_Ior37FA~r1GFVrSO2Z%b{|vM(AZ1?_O0RcADsl5!
zxVK|a)G9I*^sfbvUL@r|$T@z9G$;@+pOf7ufB(SVZNJ9f7?zrk@sS_8;d}6*(l)?D
zGK-4xG`sz<RIvc;g=Bp$*w6-VXp-Ie<&GH!zAW?)j&PZ#Vb*gvP>e}0L=$GZCw97J
z=<Fqqed2){&X?U(EI#3np0p2WB$BdBgQOj2%trO0yies_O364nfB8)2@SgyCzTw#D
zXc;}$d-{`+^G-h`ZUD}=QtKo%a&^7q1r98cwe|Ju*2cyk)YG=d(zw2i<crKcm&Ky;
zeZb0NVqsA#J;HB$?kg)G6!b)Y+<n7<6Y_?buc`HL_Lw8YJ4x$60M)c+&`|#FhP-ts
zEI$S)mYyuytYw3s;+(^$?#cMEQS<d$m=@UHk6m+FMY@kkw%F3sr!4D+&l#kZ)*Xdy
zS4!|JS!o6Wa1fg)YLP$cXKSQoV!meZi3SuFCYV3>;qOciRIBj|8l2v{HSKKmm_+|^
z!?q+QPIhPYqHG&(F5A7Buwt)`Q7+EbtqzW&YKSWp_m#U|73kKbi>b$EBh=_6%ULsA
zoip!CTC}<qr{ZK8b_`ypmf08g#5`I&*^?+i51K<iGRt;qZ3*hZ@8aH6ho^JdzW9m(
z0Y(Y3f)yu|yex0`=P*And972Azl3qYtG%?QeQF!TsXrSKp{~?OC(&%VSla0vT>i$|
zq{GEk71PwzT*t9H)e8m8TI|Z|>YS5PQ<uh_!^xMyKt*I!AFxME)>_SLz$alo#>auI
zn`@pFX#ZFu8J*m_JRhX)Nc&PX*{A4c^nD$;`RbM)(Oo2LExUq4LkZmhz0rcRm@eHa
zXVjD5Z1AC2>h9(q>XC1q<7pQ5{7vs6q;S5U2G|m|I;^KV=@hg`b!S!o{BVb1Udi<m
zl3BS<6x3eJD*+b_SvQ<85ULmtbT2S)E-(CSFqsq8QexGNY2{^Ny={Y(fN`QDXJ6ma
zPbv4lyFFa$$mQ6jX)UK2lp{M8#0_oh80T&}Mw2^6Z9!2<%5WH)-*e09$rVT1B;0Yn
zwRRByvr>)~C1dKCiTt|YE}7G-yB0{wt}<--&PPef<WbQ3t(iaD6{d)$J83Xqo)f?O
ztbFj{tgLMN2`#P7=K-b`qPY7cIV~PTlviivG`w4Y5ph=MG2B%t$QWmrP$M_+c#|3w
z{_%(E0UL%Uufv$Hk1o=?cOHPaZ)oIe4=mG{fSJF)#&Xtj4r+U<r<0^%2`uKB+~7y2
zWvKposdlwKf1O=yTf|2v2UwtjVtdUmlK-k%LcG>PBg9ORq(={<7+&2pk27pvzkYGH
z#P`-#9M|wjNlG$TQ?qdv74=Q$=qNXNSqGl4f;PpjbWrScmy6H{#ADM^fKDq@z}Xsg
z%k{d`&Td+-GFZB0{F`h4E2LY2(LA}DbKN=f3nYVk-^kb{O5#a@dI(JVH1mYz@0FYD
z=_}$uq<cYvx$<*ibRE$cNO}EjO@vVM`F*qyyY;N-OPsAJFdl!b=1v>U{NBz(#rJp#
z-~}w?tS@b+cH@<E)?MZANq-eMba^Q{J<yU-p?IuV>aRK3Q8&<*D67Bey5E+p_CQ~1
z+dJxa!Smp{N20W-SDSaMSxp8X)co*E?OYSCohuQT9E>J}V?bLSmo^(-7CAQY!BHsT
zWB=Cl^_FYuPZvRETtq3AZ9c0^vc08(?XFJ?4W3bJL&OV51_zgdujmNMN=w!9j4n~G
z>`Y8{>md*bSQz|h><u(xs{N1f+B-Pl$p&gEH0_=nY+W;NmKPUKivZvJKdAnAoWgg?
z2OF12Q&j%tKqYRQrMY2<b{Np=1s{Ao5O>J_lHmj2w0cYZ-bbGVn=qQl^>|DUH{ZZ*
z0U=0qUO#fg&C<&1X-}$OQ9*$-p)FhM@%D5%e~SA9d;7Hub<Uf&BodT0*W=!+bH@Q)
zUsd^6a<gAG5<WZ<w0*{l_V;@KG`wbW{)ZTk={-DXEdR{zWO7}M<+{5lIl_$2XWx$Q
zsT03CW9(NHktY*diGb4B6!$pkxMuQdc6WB^zkVdfnsUbzrT0C+Ao*F5pDeXbMmKVo
z#}`)UU+>tXuYX2O;k00Ol~3qqz~G}2pT2WaX^v6YcMPcv+W(~Mekt;}Zy;l;<RdBH
z$_sNn&VXsS89shtUd0>C3m<DLujws0-CF?{?AE!Iw8h>b30SD30m435zdO6t%#GAN
zMfJkW$r~}<TWQhrd$lt+i%rdy{=8Xf@)opyY`MYVbmouX=MRq!naOx-mCN%#kLPT}
z+S&xCGZ%me9oS}fP-}Nr7gujjkDmEtPVWk-&8c2WZuZnOpvGp%B`_9UR4*Tz7xnG$
z$cFRr%+B9ko;WEg8vLDIE7~o~S0G$f{{DSP`tiES#ahoAX!m$F-{^Fc+y$U9J)Wx*
zcCueo*zvX>F$_(nswCJa;~6yFMpM-ooWS?H+}eU3*F29m56MkG@+r5b^5m|LXG`im
z2mX?o8bTlYr4<Ls>dz>>RQUx!Dhyj|Pgv2?^viZE3RO88GsjK)J8cJyO|p~qEK)Ha
z#&&trX>Ml2+@Rcrw<*458*I?h>XS92%jjunPc6f;(r+@E#^Sby*kK`qg-_+~3h_$u
zcW$yMM)&phhdLyy;~W`a*z~U6<MO-ccG+iN(hbkN<E=dmnjN2l4uid1mV*MXlyt>}
z8QMuBw_1Oa)z73b_D5`#A{wN3o=!wwKg{%)%QUV}8HD&~B#kuN6|H7Dx??qKm62(o
z7i!+_GhyBT^!d>jDv!NQ-}<mJGs_Utc$mQrn6@(rk=~3PP8OrwTqZ*4Wy=ZOP69jU
zn@7`|6I>O(e4nVVe)2wLz}-n=Lq<gnLzEx5y1i{1_7^ZUYla52Om)?$90SqI;W;`5
zlQrM96<E`AP3FnXqA<4fBD^5a8_K@0=nl_YpaSt=f+hKA*;7*eiMM5VySZO_@VlEv
z`Qp~nRKJWto0mwVD+hy<;MKdXdEthembVO&crDL>1_Jnb$rFx%qUdK1^S|oKc7z<9
z9|lC=p1Ch8@PN%dh4A3Orq>T~YOj{p;Bo$xl5ds=+KTKBvwD$RvK+wsOm=QBW2NtW
zt49DSSSV0z70#!o?RQS#^oSlWVL(x@W3V{gmMXO0oSCDB4?I92zfLZOrd{Up7_fQu
zL*a6a)a6n4HH{S`BI7cDp3k?-Riu1&($0~ur2ol;;6I(qH?<wC1;gdS`048y$6A?M
zADhDY>n_v{wD0_w^qp=6d!1V!Z8(}Yo`!M`QoAut9CNtu4wo&wCfZr9=qEy<Q{UtU
z`hy=_h>6$yPlR5|&FTpq@4R<yUxbbcQfFo;-_|3VTCcf_SOM|!&7n=gxL!bGua<m3
zzbk03uLW7e1lmW{)NttMtBNbvgD<x7{(!8&IS{%p`w*0nf-t%VkIIel7IzkSMbY-p
zD@#eqxMsO&|A4Ui!ysZ3%>yo)?rK{=v?}_l%ft?UQBjPEiTQc5v%_(uIV@w)B2U(g
zAsPJ%R~Nrn{cNQYW3jPa3!Qa?dm?#09{#DpzHB>BLb2{TVniaNyY8XogSN)rm*-Ck
z;ulB}f!C!_8$!O`yf&}h)!)cQ_pT1bAx%zpF2;`mAX};;><=_=)NjxYXP1inro6Q=
zpso|psN?&LVRO|gVQCW9<2k|HS5dhGrfR!XVYs#VS6KUWW^=6s)4o7C)#5K@#>}U6
z=c5b@bSljuPsVth^pVz@4zTF{TLJ=~7_3Hsq*%<7*@F?Awk{dJK^;GHfSQc7tIi14
zo$^fdcF(p<n2=6$l&>~kbzCo0=5(JE7}mL%;s^d8XOLKy4&+zKQMK;w?jk?KV48Qw
z^LF2r>rG7C%cc4(Ml)uTKB~pjFx2Hm(_Facy4)BhX=XKa-7G`FdKDZCU2P`dsbY1|
z#oVdT67#8io3>iL$$kL6pvUc6YHDhUH-L8Tva+&fOl1jmFD*3<RJ?F*9}!aW?64lL
z!hD*iB0f#Uxse8wJMAi&;1MY}o<U0a&6^f4kuy#A8Cx<8e4VB6BK&g=($<}NmM~Pi
z3be<HOEa-3(BNDcHWQ0iUSUQ1xZPFeu%D!oml>WX6UmT6;uWykkcr<L<QuMmc`||O
zH&K5&%TuRYJz*4hdF+xG!9|HeVk=GZg4K^o=v|pInSY^nkm_@6lgoVp?8JD+v2^v-
zz$%9KJ|eL#`$DttoWBc{+Phd4Fuz+N^(Gqf?~&8|IqL$kF+8~ZSAb*Sda?inNIC1@
zhqkr7%(Ce6BfWk5KuBnASgt<&^{Y~n1eK46-QQRSazIXAE3`UjD^ihw1~dg~R0@eC
zzB~IA7#Qd}Ix;eb=e*q7tWi2Ksgct*;>};H_JxeVQTnt^7`b~2>jZS&yX-C(`H8B)
z_;5V=OtMNsJ;YbfW8^7{&N*@HQ2StS{*3;ea3pvt7s%9k1_Hr)+0wZsBZ;*CH833j
z_$+zQYbXIq_sG4obKGEaPxuxQjyDohE(vV89D069B4v@qUSt*47rr#}Fmi$H>=y4>
z_1382BhRBPR6th&Lm0$Yt$869;P1t^IZaO4+v>sXe5n@L{nR_%zDa!3dZ0XocmC|L
zy4|F0Z#QhIWfGOI!u+yYGmMpKbCDxl!m;&aPL4f|R~2Q_8!sieI^CYS9Dc>HNZ{X|
zC3E%*ssrXLCJ}P6jSu^Uchq}l>->Ch+ip{O)1JI}joG5*d02%P>vLC{d{|ES2I-X8
zhvHJhFDZ#;mPJ2ec3==YxsZ1FMp+XVOI`hyGS<1YtR;rgkyA2!Z#U$yFG5~Ohr95z
zW_#OcyrhB-sog^1VL)a&4ZxXLii`IQ0G3g1CQJDdQ}SiklVbyW&DM8&UO4XDi5NWb
zF{@pY--=2GK_C!sa{2nMv0n2{3g71!X~B~f3X@Q=;ydW%?`!Dkw`V0|oN+~us1tt1
zLjK%xXKz|2X~Gn%dh5j)Qc_YVAVy5o<c1-us#Fj9CEe}F30@JL>dupUdc71TRDQ=e
zxDG2ur9OQqIKJqFND_UrmeKFS3Jmj`!gam01dG#AF0lJCzubL~@zR;zSBnA7XQZSK
zHF1XQ>|!IXGw?FWIjMvy>3X{GD;J2K=HGdWE44&CxihbO@>jn>CEvu9R1Kl&<7>je
zTzCw{vrF&}q}HB1X7sq>UUxVgn1E0}+qq`*;XBoYg{f{P>}F1Jl(%}_^xezx*XDeE
zb>ETUe5DkWW&tAKX>$ZETjokk0}C9;hRxafpWRXnSb^}iuo-jBLfGxv;ORLTany7~
z=RUD1P&VI_X8)@7DN^sE^@rE<{l$ZPdPPElM)V)hLr(T4Z)2llYxC?Al#L{c+zvOR
zK*+5$Tj;D@kdmJ!==+E0?F$~l5pqsBcH%0ZFeHoleEddtr6f}SpgTy+;iRivL~+xQ
z@!&~aKtG6!opsM4Z4k2R+58_h28)L-mwzoRmVNdk`AY`={NlQJK&CKYux>8;Pvf<$
zxM+-6BDbMyt?P39=-b^jx?@)|Gy+tK;|4baCpF#+KH3O~@=5nZQQG&+4Q5i$>*b5;
z{FN%2?2NbfeEJMBQfOVqMyV%fB(+hROE0xuNGQkelyvZ(A^x8uJ4ofOjZ-f=UM<)6
z?o1u+3MPb#h^}R(P4r#aRa0%s=_-Ez7hJJXOJ)W=B3{sF0Cg3CpoT!6DS<XQ_R~hs
z{lgW(3$YWqY>9fcWo}p)F90r_a+eK+c8z$j2|A<R&PISQW#~5U#pcJ(PW5+o<5l)Y
zb$Lo$*F{p3jsXDA)b;L6zaEH<NrIhc!C6l3w@$+}?{y`JNVN_eF*Fam6Vl0+V*73=
zm*K>ce03W4XD}9ty}#$jjmBCmH!WqJwqUnQj>^7KP=GMc_`udwm_}eQaIoN4OAtxw
z97)UMd&>R(5n@v+^8xRkl3ngT*7NoAYvr_+F_X4!YNQ*?lK<oT#-Ko1gIcy^TWY+n
z*evR8J_fTlPOeO!c4l8c&Ql7;+&^!NygK>d?VZ=p<jp(r=F3u{1DuC19slsTbzBe`
z<alRJP5c5!Ta)IB9I4%Doq1h9B;KV~y<AI$IJjfxiDp+9HkWu{ezNksn#*A3TQd}z
z^?+SQ#(q_j2UlnJH1a<Z>o>jFXMe3G>z&FAgJZl8RWb3nSQFsCPL25!!&atG)gIfG
ztL!opP;zlJtTFoHy4JE7wl|i}4qtt`W(E#cS3YyH5k&!QKF2@Oi9K0{Nck78QWZb_
zDoEd8|Kq4-2d=U(<f|;Ak#eee(fmV=Gr9Badp^g(l(8Bq-WCw{1M{g5)bW98eZKP+
z(D@fwIaThocCU{Nof-^M(q4~~O`4mcRK8mqe01vI<B$<-Eq>VJZ`Eb2*bDfNu0iUu
zcTi4=!7w<DDkQx)PSo?AGj`JO4;`Q6h9F9PTw^I=0`;;6MZj_{t>rYx$&`S6t2gr-
zf916!N*GNHbSLc3w+0rIcWbOZ_F_wOgj>?g6#aT!sByWWX*!~p0qSjsp<WIKE|P&N
z9v-1X{qy73+dsGEe{E-^Qkn*<VJ{71r4L0U&EA#2ouA^5gWaW*d&L)j;yh031Cj=M
z2#>8=l~t8xRF${PLaV3WS`=9nTUf|gLNf%59iT5_!)77L>Jla`V&qKTy}~>$UA~Gg
zNX)MD|9&P7L-f!<W;(^-Q(GtN+MCa5N<LtBjXvG#x1hjutt)6ziu`+TuU{wJwS856
z00753^RulGa8ew7c0JWD%l%2IteT)#2Y~5`vUF~q`NqHCXR~tnOv|%t0GRvJ)W030
zJStN)3gdqDt8haZ!=&2&-#xBN$`eP7!_$|>;yn}J;QRCeO3soC88{@g=gw`Yww-{e
zCY=w$YcaP_I8pg?s}_;lZgqu=nmT_#`)F$_wrw)lCtam*rDsS58im>YK}lV$)!R=h
z|8c3j*xUj<GgW+98JhA%JuN!tZ(3SubXrX5#l@_cpKkqjsqpSpX#Cbg!WNE+*l_)v
zsU)UzZWJBdL0$QYl0|l(l7`BHl8VZLx~)M|@Dhj}qa=gDq8N<B$2@6yDxf-1+H*`}
z@lYX@b|j;Q1zMedt^4X`qut|};FxC*&|vxG;tW+L#TiRbguWqHr;51X`Q0&Ay3`Dy
zl*&#BOjlPc+iSmdOU7AK*Wxt2iD~9FX*7B*;YMg$6sg~g)L3f=YN`cKzh}4UTsADm
zBgnhVSZ_1O^M0{Dj{Wm;Mq^98U?O)g)OuqVAgO9$X2$io<)t%j1qT4*KhwS{o3H2=
z96z%STCTSM=Sy@S)vGn`5D3*LeAkBlswE$P$4`X({+tKLvHL+iP`s7#g|^qu>!v^I
zxTdO6Y5eSwC<Y9BG<oWqdlz8aU89DJ640j-VCle;wpjV|x}lxM(u&TpJO~{|{R1E1
zJ&>Whzih=@@dVxO_4Ws+-;Bo1$Tx<E6WL}+%bS>@AP0#}7Sp2urA=H5%i{MXnk8K}
zE8lb>&LFX~sMjunsE8`dYROex!&~o&mN|d*jXX@hLAfMn$Aw*|>5;MU@~ZC+Rx71N
zp2`mhS1)<h2Ys!!2>iGFvwDo#^x>u>JRxFtu$b6l$4HOF{gOOt#rq4T;A)(7y3Xs(
zz;uW4Jtm<vQvU*(c9fw3<#u7mErV$w$OQvFrP;t?UWh!f7`z|QWlwN;?@HRFs#Czo
z9j7wN=ow|(zsl#rGdWr0u9Z&zOpYs@er14#>t3`OP|;DxU-yXKcq24kDB3!pEL-DH
z!aU#9==|Q%#f5KmMfAyAIa@U*KFbY$6wqh%XSvyW!P)zVmy3n15fk-A5GJ3#&Wz~1
z@*m2$HFv=5*FZV5l;`GLh_lrU_p`Wo3Z109D^_a#ZT9b22{K9ti(n9+y!3v-<PVdU
zF^!?knV4c9TK$bn(flVK5BbIsigw4T+=yXv`9|u(B3;s8ayvg<S8$;0BD(l>%*%5B
zMo~z3YQx&kws(rUjr5$idJ36LR)M7}By1-Zf#TJog355@DvJ07g|*6!<icz2*{nB`
zyk+m?Z<F~T>yIvbgswjA5@bOdGptWP)~83-+x87#tfqdcE81$a{n$M6i?wUPO}Nz9
z!nx$yD8HSK<hxlr&aS;ubShQ$DeuBfF=J^Ntf;DbG%R_oL#fqly>Z$Y1{>X%ucUd)
z&-Q^Fy`z%l19?<hLmmN~JX_L*S>KQxpMBa>Tw6lv=a0g!$$3>W6cm58$qgI{5t8`y
zcoC|$@xPw8<l1Mp*X)iRcZABScvuu-=nnjzv1yx#M+|tS!a}Z8sWTi~*ok%Od4^{I
zE7B9<6HiY7=gUI@@#pLIj^iKanbP-aFTqrsO*x${`}ykO%x3u0v&DTBNWN^+|2!^@
zAEljh3Ue<UCl(MMvT*B1G?<*o5k2s|SKM(Tw8lIC@RsQ;8lF!63mS($fAA(y{p@w6
zxY?SK!ol(7g9MB>?11MeCJ>R}38MSe%>@<QxPCMzj_l+(qU)h&)E20aUj5jUFX6Xe
zE^t3zhDqM-2s`_(r;>N^mp^QNB%Liwdlu9_J)ZclFjIZKQtHhWr>SJmWxAZH(u>(s
z9=6?;dGFN6;`>o-7~+0Hy|a_@nl52K3;O$RsvL5MYe(K<u>IYHI5M4!j}9M;O6Q$@
z>68DV>Ab8btInE@@KtwZ&O0i;_j%IGo=wERO#O`6i>t(FGN;nozc@*T<{CGj;YE-S
znd)bbXjQt+@essP41E}k9d&4|NhzA1-YiKsMaysi&HkZMr5;`R$jU4-aI1(^6(c3M
z^0jh&$+IiQS%>a*uQGw|O*(0X>1M?uhNQ1nGO=ba$EwK?1f5uF^irtJdZuA=cx=Rr
ziLv)Pi~I0Za-;E*{l0o<)UWlzx%vtgryIY1QVE4ru85KLBHGrYtd~>hYN&@!z#;$#
zY{PC}*#{)r$=Q;i^R4gPq$-V;uLRTZ>4ZLT_V6vq%KxBZjWTe^5O|_Q?{e&!%JDGZ
zq!5!`??_6_D3UJzbbyQLDwNC`t+aEGLylf=JbaeA60xQkmur|?*6RMa)vj9@Oy%YH
z)b=-=wD5AhC>dcS{IGfZQT8Ap*9;a|#!<;JPi7W*{RF+_#|)s{5#>@=*})QIVxFAa
z`0F}YoS3e|STj5@viXMi;6lOTO)qw?Vg`tzZ=xc_{y&DgO(?N6FLyWQ011k!-zVTg
zB_T98Q2HEpK%3{0EY^xh1Gy?aWugTFq~oeA0*_||kJCJF&NEl5*CTfmg<NP810RXd
zD_3`5%U<w9o>6JYM_l^11D}^@!k666%9+#miH|3(2G>wYsb-BiN8r+HAThu4`f+Cm
zf$!R~R9Jy>(v7wIOq#2$N-k~jTKG?2oJgGe=ht^9;}+$Z8uJ=sQ~!ouquRTZlT$qg
z`>WW-9?i<!8Ee=3F*FL$Tb`D_JQ;?C!K)wN#-%CSHXo+Gta5Za8!2?wpB5Mg6xdu<
z!jC}JD^I7qJiiup(3fqg7v+W;T&|TULe_0K+y`q9wevLO6tP7V>hBwuxg%3o`o1I?
z%BIeKm#t-A#ZNP^ocBImj7EG}!@s9oE_Qm+vLFv#Rk7-=V@6$TQTW$ZR1g6!;{0hm
z&o6&!Q_p-_o|~J`KqS0y++5oUJT(kKh+Wo7{sQK6T@XSChhmAk(xdxszO4nC%z=;!
zo|lWi%{#^eCQGei`pT+_d(To1qK<szL4_p_(x{*Ds=N&NtBmU?8tpkVtk;}X^FpRw
zraBwbb8Q&Fk)fAR^-g0{Je(jUfl?>(9q&<x?v$8DRpLv6e*Lf^szke89LTjjv(1N)
zJi5%Dc2&1li#rBC@KYUEJ;yv{KW6xSKKr|%k~ALExz*IDU)v=H4fffycIf#@LR2O)
ze&u>EpTm5&i*mBRA9jDGsu&^JCFS!1BenWfF>Y>ua*@_@yi~(Pzr$!YOM@@u$s@8#
z$*q`P44O#gb7d6JSIgj$=+9bg25iL2rt>@BKbiN?Xe0eZmT9qXn?#KMe`q=jwl<e`
z3-7(D0);{;6ff@X-s0{Kfl^$8yH;=t!Ci_Iw78Q3#U;4AyF-A4aNd5`b^gMenas?3
z*1A`|p_Iw?TpqDmQ$ZrxMB7qn_FVmSw50<2!^H_Q?N$bE<6w}^!s%AU1Weq$IOZ35
zBTEE*Wm{~tEMXe*FUOe}cxQo-uC%_L$4`Rw{rbR1#8-^&N5_03ZGN_0M#J{bFUSlI
z-qSr!Xdi0b$Vp9}?b_f}LWgj-tF%z6OOtjwssqfW?!PeR(|IT5SBztq+Y`Z&<VMhy
zTc4rUvhLL!*lNoT!maE`+tFv{*l;JjMy+vI8S?RVG&6H?85qbJ#ksoKl0(afH?yve
zA4b3zf0(Og96QQuR!?1PXV{_@^gqFJW?w(TIBJ{T$SuVGIxC)9jT*gF1*$+++9pC4
zp%qjSK?!n|s{<prz1JhR1uC_u5Vx&AX^mS)I_W&%QSl8TbroLMPf`(}%~FXK<&X``
zQ*i=u(`IzR0Q8q!OTC>Pe$eTPw2l-5j9}wj3lFLnruNKJYxMLzRbq*RLAB8R<iRys
z1q=ocY@LG!w#-6T#T^Y<THs>|P~MRw+*hx_dYQ|2kx@S1&u{mOB`x2FJ}ad~dqCU0
zI0DG{6v~2dDh#JT!i%+MYD(q`RL-v{&YPfe(IB|YjHQ+pgIosA{N^T4{rP|MPuCxD
zRLgj?1N*EOyW>>EaBpD*Lk$*^SF~-0f0QB=y3;ccYeXGwKfYt<dfHN0jO6-Gp3&QZ
zpRn=B9r1bV;la^wxWUo2q0TDGl^tnF?nBqWIR255FCxLZ?<ezA73&F9o_1>J`=cke
zzv;K07zr7?k6CCnubhR2=^_2fqeeIUR0}_FWU5JDTc3GK1cLx=_>k51S&sC@PAoc7
z3=Ra0t$h>!1B=__!1vieVLF>}+{?)1{K=b#i`Y+Ubcj(uA`?Ydrf3EtnE|o4Y&6$S
z><}L^J-6)%+g5Gu+cpsC608}0?$*hd(_NhIdkRxH)}LjPC?|aG2GjMNhRT$2xZMAE
z@pD(Dw)ozM513tE3?Lz&@dL%eSdDX(GYy&J=e+4AhO*RH?HA%<L|L0M#y+DCu^+KZ
zOO=L|J%a5@G4nDrMTLcg5|FIu{H3TA1y^JC;+SSAUK%&_c^pwmLhWqNpDu0rgY^Em
z%F)5#ZY>|56UE*Kn!Zyk)l6)AItICEPdl(O8Z?twzM7RL5&ErSM!d*&X;1u9&gX}F
zU5=ZR<;7D5+zM^Z`YGj?3b~x+@V0+_bY`UD@FE%cGTht_pA5Y%ysH*1Jia%ZF8Y`N
zZ*~+xODZci^F~vngw3;$^p{-}_m8DMjQfISLLBzqbc~q84_|UW^lmTX1)Hi?XQ^vl
z%39tM5S!^gdom)HFG30qs9O(d(m01uQ@eycEXa&HX%?oD-Mw!GFmo!PGr+k~MEf<1
z^ALZ5&c|cy1r!^$6tX4rvH=|VPE)vIiZSmK7w^rd{-V*WSIrQMAe3n#t1aivFN8sl
z`24Zl6Gy*+dvc($EViZHR;6mpeW7G;5lwIVx>BUe$#n18Y~20Q#e7lXghLvyfb;3^
zU@MU7iFdp;&7p(|9UV?#na=Gjo0!s>EF%F)oA2dE_D_wo0*K}}`R=}mj{MQa(++x~
zZ!oZd?k#Z6+wN26ikg<A@>K*=hlqxqe;O_j$92%e#MWU`5%V-D1irX-*PzBxdHQEp
znqEN>?+t}oEX*4+KVP}~i$+>X3qh0nBwhrO;PFC%Dl#&1m<UwiOFl8Is`c5-@i(+|
zgeIMYEVne$zx3OeNA{DDTj0e}wKd}qz(Ish;;7f|%a@xJ5);|b@E?3~gc?@G)!nI^
zO(v3|66(#gD-pAH>DrM{T;-ZA=(3Sc%wxsMg!XE`)lS@&-#~Vq4y0zCF|%byIM2o7
zDJcdCXh-Tg2_PpNtRH{pGQ=a3?V6v=s!w@suRhkPQx`5?#!L{jj^@<QocEVh=Gt=m
zqx0QLo_l>hh`8s^zfF42@g95VTN|jzI_02`zrtsxg!Z)j4;<r%e<i!!{IH3*x|KPS
z`m(L`wAza<^X<m#XdDy0MW~kL8D5oxWiYsA`C5LefH!6YdXRj3S{>a!DDWbP>gUL_
z(`%uN_4cC8@~ASUpxm{bud0|6hV{qepXL#V+pooDudQRs-N^M!KHg#}E^c=(NY#d|
z*z+K!>fH_1lKTjwXr<*^ol`Nzh%A4*`+ovFj2^I$xx}-MD=l08+r3!$gkz_z9-VOf
z(o7uem?5FSi_(1n-OHAkloWz3B-Byz@xd^{B<ql|MVNRmFu>F*+56NA_xuZ&T+^$=
z{RAr&@f60AQfCFA>8weZd56Qbm6C;)oSe5mNee?hB`}PSr>3VF@G<64i}ln3i9kcH
z_Q3qSymIqRlNUI5SreA3BfFPOz+8p;0skE-=_NTC*(k2f{PsC8KTJNI=Ngi@ol@!f
z_A%AWo=vTCd4SH#{A~`a2|1dd|Hhy!Ha7NVW@bjC<{tgXUSuonE4z-1I7qcgnzT`j
zr2elp&P!H6OH_-#c=O%Pb?ThkA!;(CrGs^SYXYJny<#=o&NNCQH}rWULaQBK_A>kN
zHhcbjhhzS!|4W~THM1;>mb6S9nZfcWB~7nGEhS?d7nV1rN3L0l|3oO9ubM=eo<nYp
zk6MO1z_H(cNE|3g98TWe`Y9aalLu?bER9d@hm*v49BbMRtz{yxJUJ8q=SS|7>sos9
z1u@r8Y%5>`%GO%~x>v<_;Q5CpgAqr+Y&FKiSH#Se>AsY8ed4zX1w{@JB|M?a>gwk=
zI250|INC!JVN&B(y~_bg?8=SAepY^VFZr?VNhXt(-ZP?HU1@Le_BZTqRK{M3rvz+o
zB#Df~WQ9`$@$W#lfFkw7nYOoH8xJUfdP>euUl4%)Nko7h1CUKC27{->{5)|Dn_R0V
zk6?zo*C&QePo-OD_?j<^MRu+!2!HzpTKl6<B_<UsI-1FB7d~Y3)+Ey861nwz=D1JP
zf2S6zX(YA&o%$v-ji+ez(SGm>33R}a<d&5gF_xb!)E_$b#gIQIXcPVa7%ajehhK30
zST3eAMl<*Q@Y=bLBnTX>w0P4in3`q~N+IG|qkQ;1Xlpv73l@K$<YASn8COR-ai~7R
zz4VV__4LohfRTn}<Esza!ci1V9uY%LA6Gn@=nl!w4-@IYVOQcdHGX%$`sj>5JxcK6
ziFG*rAyW&3a1N88db4p`)63gyd1a^aZsqV2g5Ohyoh5;<MHmNayjhao?6}noF}!3N
zzfmOv&*GZIFk4&lm2xK#SK@mg<R=VEOym*lg-&`p8hxq?EbmGJx@xH#`4-W{E`{c`
z(bYaGEHi7&?-c$!-OIgP=C+*|r_{Vio`2Ku$Ws_Ce65+>$3{#6@|&|;wMC};j<jU6
z)h=HL`+UwT*B3OBlckH5sU^b#d2*;an_coh>hiJ;o8I1dP_7a=c|bh&+eZgGJE>0o
zRv{&aPS6bw4u<gm{KQ}IsiUCtiuO$;!w<^ZZRvig9uTQ8GXZPv-mdKcLd?~43jBrA
zX>zb~t9N+`l?}UF1>7fqoc+GO^s;|Emi05;tAW->kGNBzBkv+u4z2(LLti5hR$B+c
zH%e1eQ<&g)U9Tggzx|CLx4G|6_`A%goM$u=XJQ044qTSJ3~`hL@==6fdC`v3-{TE5
zaxrc51qunXZ>e5fHfaY6M10%YX4w@NPyAeV#ZF!)HFPDE>Xfv3Vt6=J^BiK7TyFh{
zaN*5N@NKq9vhAY}>}H3E5Lfx03933Ul$l4a_S%T47I_#RsGml4c-%?8OMaW}p^B*V
zh^a8X`st&97Nm{n^9UF%67h7_nrAD^9Umy>3s7aK=dg_kc4UBKRV1;%W4KK%LZ9=C
zUTfUc27U{jJOO7o*2>S+-quJ$8&wSJJhlqdi(eI+%hV~3BR(+<41M@6MO16q`Vy-r
zf27x8MWV6!LcxGSm;UzJwYQ2`WcSNMq!sSPUfv=<>Ob}{=BXkURuq$2gB82}^UTaj
z7yE<qR~6}t(}j?%Hic-isirY5{P@yrhhy&9Kp^+|<~a^o)8R%>6joPvcS>^$puT@4
z<}oM3_nql5Y8++o#lf;8Y$`qs%0Y8(8eFUSZ7hK~&Lz@Rk1{aB*UI+)vHF_TP#k%6
zuY4h{Ac+G$ESRdy$k`9W9nqUAH_%#KTtu?J2?wG<Gycu+$znB;(2x+YrjAauK$$|$
zJ8@z6FKH1ZX%8t60<}vb{vjP^)>V9FitIJDwPiq}^~x8ZlzS>+ctVdk5iG7DpW`2N
z-px#u|4_m%fO(A=pEgeBb@+5^ws_Yi)oL}N2m9u0IFi<0zuI-w%bFVW=A(g`H7JQZ
zxY=)*%nuwrRY4^q?z8k$_Rda*4q^+Rn(144yFZ*Ps~WQUaq<{yf2)Y0qikmImlV@n
zZlQ=(5&BOhKzM&qlsAOkfbwHyNB_tqI-I(8qDpgM!}x{h{>8@`I{YOPAB+@L!zJ|(
z;)7RB+(mX0hxc8T;?I5WJ18~SM>beQUtY8R?%TIxuV5R>cXe-pnQ~Ul4@TZ2@@yK9
zb^_M9Jq*aJ)NsQXCLU3<m>W}R41anCwqS>8(R9g`;-9Iiek!n=2FR-rYk9MLE?PbL
zt%1BsW;Njc{<3S>a^iK1H$d2~K0iMP17YL96S-Y0D?=c=bTBarwcJV{nPp8Q-sLD~
zt@EicnkJG6jPHFV?qbLr6cMYb8=oR?W2gzM)Cjd@d%OLy{a^_9Mw`ABgL|MOUubKM
zUm$5FOHb8ukQiu(YBV6}PmxuMkf!bdtg@8~N=jwpMJgEzq4&(Vr25l-oE9JYGV4h(
zo@VH}GxAopx(Gkltu#34ePRZ*Z4vC00a;rk09cZuKxv-l70VdjedlR)d&r$K_*HJ$
zkheA02!{{qI^*dQO~4=Mo%V64;Vli_&x{5zai!)CoZQv@yA}WJTmE)@%l-o`?g77*
zR_O@k93v$qOVn}IFYn~#Z1=LpTPt^Mlf?~68OeB6a=Sq0f$pX-dYy|b=pJt7n+|Ky
z2}OO%em-ZlGY9Bvjg9lf`ZkeoJnNK3gZwWvrQ09Mm3S6Q$Wr#rlrRcuPK1L7?H0|o
z#40T&g#oY>rd<4QEHRg|fNWMjH6_#GbmjEJWtoh~gn2F&!LJ{v%GRFKnyth8!~f-f
zd_bN>1mDthA`aBjrf96U4NbphxUJ)aE#lB+&5o7i0fg=T5mWZfb8jKQg`Y}_hgU64
zqL_h3p}vus!px7Am4BFCAJ`38dX^*eOxk6QUu~-uXl3+@S~Uprv84<>>0}Ww88}@+
zq_P_MeFbK9seEpqc?vUd2?n58!NXY#lAQi?u^<6zCq8Gu+l&dI8vO3BY#Ac+XaRab
zjkO{J{SU{-!Sa}Y8PMBG%?%YlutqR>w(%x+$ha5lY$qA%p9D3x0qxFF04k00;b5A@
zo`xph)#yXtZV>Vi?IBo6AV{(ytD@|fq@sqXVl=Ym<=^ZfYffWW<Qy(bIUJL`H1tVa
zf%4j2%w>AfvT;Lf2DiSrWA1`KH(Yt__JP}2FoVquHqx<LJsO2;I1h@<O<pR}?M-oB
zOEHLho*k5t>rF_!xL<Yw<+u@p6>s!<=w!3R-~vRkn5KwJzVk_}P$JU^r3U9S`z1S{
zc6!8;LqF5%$v?12d*QwLKchpqrXp8n1Xf{K`C47mQZymamUpF6P%n8Bp5N}K&21l2
z-hBPSF*@?FgqdVJ-!t_(XnsbJ3ADM>%jV}Gi{q%0EfF+e{>{8I9@9$KdwL;g@yWAi
zo_F_6K)GfZkfIQHFD&f)SE=(tJ76o5p9fcef8h67JrW9PkwRPUR_(l2c_mJ~GPISk
z=;el7auvH7V6dC4lrM}iL53HmnV29P+5MkdnrEvf?HU541uUDnUuMfdM^G?ODlE>=
z#r1LtxTSiiBo(Bz-pIUTM_O~vSF?nt3pY5YZBH|vgd80$9RLuZ5Mc}^M#h4s=H?MG
zpv5m4@I^fGuBFh6LzJd;u!8h&*0s_qBofH8EgidkU2%uDmzEBEJnXQtH3Tj#?!!i>
z>+e2keK%syFmx$PgYoDT#8Ye85{H;^U9T@cCx5AtuV_g_Kn$F8Ozhx=X`b@+Hlv(M
zto;oHG<Q<S8khVqe$M(#w;ewKMU#skb0=)vpI1is_>LAv`@4IR|5wcsmx=oQi2V+(
zj5NJRT#iPtlMtt;cNw?cCJmM{<$y*z;vKT$7*R*Ntcw27l|eLIX+7ZDo2i5?CKu{C
zZU!$u15~V{xA~OxJF{3p)%K4vV)SIQoRtbE5}3sq0^=O+aF)i4lY_lIZSYL_d{Px;
za2N;ZZd6WrwoT)4F!eGvB}MISp3xUU-rS}$R3uhlmZ}JkjSW8(ve3@SNg3kF4LGLW
zMRjxokg-iRP;<)7(M;OG@pR2#i9%~8gG&0AgOwFwuX{o)dKLyG2uNF+7u(YLD}|bg
zXz0grS2T+1F(sBMg<MQel$!fyNdz4I_W+pA8{lyvT3%6Mxhi`}6i(-k?j?O1pghP9
z$xVDASL<0C!C&l-JVVElf%22b-PnEPhg|W<;pHnVZYDw=IqRfYDt6AM@vYRvD(}Z>
zX~eW-y8QLOaSpRDEl`{<gV7zHn~`Jnw-P?-7BaW|*oyCL_?N!870-pmwe4_KEYv79
zjX$YMzT)DGL+*r>ZVct0EVtQb(F{fNGm0-4n67?MqELtfUNv8SH#oWD)&@DH7_$6S
zR8a0QX&wJn0Mf-=KZp|cX($b@zoyGC)8kv;Z2g0Jgt>0=**bt@A0N}2?I0N6Dre0W
zqCrukbO;Livrt4Mv-@g>*PGOfuaxY(Q?s)$I|m1{LDmv`py{wFC%Sv7>msJ@gDSxz
zb5hVDRSs`;JV)K-BAhde%@gcg?0M9x0ym}jfG;5&XOew005n&t4yAD5B3)abdwmOC
zjtLye;w=)3TT)11eBqs0C4e2#LR!3<KO25}B0aEs>2`m$&*Q(?0PdJ@4v0x(Ll^!#
z82cexsbi&$mL@+Q3?x;{3>b3htI8K30ntiVWyEdq;CDOtVpx|=u8ZqQ_OW^+Uy!;a
zp_ZQgOPOS8jl68Yyria=YcxkD%i~(IZwY^jYGR%!Dd0cT=2zrK4~{OY8VV*)NbXHW
zz#27;=Axe`rg?@#)#4T1Q!hRQt*yWwXC#Xz=S2^V1!fPZ-add%1iY`^mPMw;>yJJv
zL+k!4&76R?Hg1yiUm!cj4^!vnRXgxITv&<8$(R4gA;eE@2$5Gb`x~FLA0Lg{s+hT>
z>I=-0+tfzrsN+)a?>FyKsuH%?SlRG{JpKLrkhVb4VSWAe4zo@v%H55W=S_FwB0{r{
zQe2B6=#>sl)tfuWsRUuKgwIV}2Fq}gp6=QU))9g-!x;_E+Z8KHseAr{(gSF0=VnZt
ziP%!v(R{o89I%p!f|>(6zZE8=`tI%Zea<UYwzkpJKoxP=`=ji|+}tiHV}L7Kx*l-6
z6TT%R<R2Ir0gu8d)NEfz*zRWpcd5Ll=+W7$|GoMVFS}!1PE6J3`d6V%J#+eiXyjNk
zw;$hHyd7UzJ7Xh0i=siEj?7ua{DT2M#?L}CLA?&{HhpUBA+oT_m7Yt7+I^zc95_=a
zyP7+@$F#uD$;<Hs-Pw)UA9<%|d|cPOW3&6R3WI#_+Ju`ytpb8w=DIgJ{CNznTrSjU
z4ceQtZqaVgo{BT@=Z>Cy(k4$qEwIe+D*R6Y_l<hIm_|9OT~1PKUQ9zvy3n#!#1nI?
zxbsA<pvvhAwHyZLD~_0W)a5~mYWeQ?CsJtzzD9^brYt=v6o&4K9`qe!Vyj9^?<c|T
zX(ru3WZb0t>e>T1cTw};G-9|M{Oz7y=pX_KfyLqDximv-YcI{|Gnp9~EnrHjGcSxi
z3g@GU-~{Oc6-j(%O(E;E4>4(~@B9Qj@NhHS;}?5#g~;E%+v{{-jZeR5=uJD5D<w^V
z(6KaFCRokzW+fnx7s2U8X(l}qS$LOMSD9yz6*Hc;wzf&O_P@$msknF<MKc~m#hY2f
z-eZvE>F5Y(RFauyG?Aq518h303F(jY&kMF}0;HA&wgu+9sL~B}#9ib|f7nr9cK`av
zEVWQD^u$TbNV)lSApK%3Z6SUaX@>`HU$hfv1rB1uX%$4q;x&gzmQ&ChxMXb+J2ruM
z)zbDca=0&OB{4*7#7`>`by2l6jO42fI_SNh-!Q88UXb=VZncKGSL8X3{Fmku2{Da`
zw($BOUR`5P0M&nKf2gFm`fF6hYMqScJb-?DT9;nWDauJ!23CJQKOXI{kRz3DIP}Ix
zh~iFIbZ|(kt*)+)+N=Gu@5A30KF;KBBM_yKU@dzc`6M!e^1>BCK37}|82CMMb9Xz8
zNUkonhl(zDMiy7?=ORSqkal_7Zbw+)h0deTv&~XjZDox)(A^#KljU|lFIQpj+0>ne
zX?ZIgNJ*Kdv{Az2gW6l0YC8*yt$)nTH=89$7~XsVI9dYFpFClu6!-T=<Way_fzh2}
zkZj26o1jv6zHYL-isA(Q?3@XWNJSycMC`{EAzx~#0286<4?K){CFQAik5~xHi-<J!
zRK0T}h1URUqm%1(vtK<X>d--cb{K!EY{EwavjYtge!Onn-d=r}lSb`1t30;)s3_jB
zb~0SIdP(Rs#!vSJQu!bac|KC-dmUjbeh{dukKEF0z>nY{Ahnz`I6u8Jeoc+76tUVi
z7RZ)oDWEjUH(Xmi4k>k~<K_NYWh!>EeF(P?1O{j{zQT$YhaK`X^n$K}{?y4^uLH>0
zHFWUg@g*z>N~<e$q-6Gi;z^H4;perfl|Gj{Sbv@HXh!T^z?1A=HlsN_^ak`JBEp4Z
zZssWJ$B!SSKpTnv#nC*^Zp0ggQGMVN8t1qy{2W0>IJGy%@Aa|sLz{!6eIP~{`Bo2>
z$zgeUd6?XH)kW^w-j}D+1ug$Vrl53H_h@sgK%<&(h+12ldmuMeP<3St%FN0N<MDv6
zl2%={&|v{>^T{#wue2nLrw|_qQw5mMIkducmb+@#2W)xACnsr6SCY&Lk!%DST6!vM
z@N|wy4u<%A3qhWd@z?gY&YBjUZL6|)LPA2hM;*nyP*%0D7u|*5@~(w_K+fuzDuQtz
zQ$Fo5L6$Br551jQw)38eUXbRPMF3^@X!4Woq)(T)U8r1v{*#pv){>fraC}$*Xgf<k
z)GXCV$wo)*`eVqV@134YX(TIKJ*6vq+rIIgor#4SYA0!i)Zm1ohleoz-Q|X*XPaU{
zX~#HL=WdAoT@{lu=MP9waT+DrYE(qS&Mt1r4{ScSJW5(-ep{Qf)c~VKrVLL?f5`{E
zQFAjhmoxMO^1*4TiK|&5fxfJxBM{)>lofPdt^mva7}im_MmR`MPcH|+_v~&8MP!`M
z_8a~peWG)S?P@J``W}62cp&BnP02z-GpnxwXo~#ZMSXE(8Bqfj;xk<V^P3Z$r_!cs
zIv2P5462=)QM#Tjk;S8ZViW)hpmS|)O-y28A<aN}7OGY31C$AZG<7RxN{LJHF#?jD
z2*&~vLwz+0@0GtxCF&$j4tZGVtD5{t*&qH@st-!KoQ%(%pl5(r`Li%t{$tjZs4iT2
zDz?a&BjUr_9;ATQl!2h^?_@`+!DFdj2eYT{a%;PfC2j+R&oqKpOZ=4e-kfA@Q0Dtb
z#7jU6lAUYgB%5S?dS#acxJ69THskDir%lfKNe#ng+_@hg)=FmjOEg06-<NIb@ataN
zwL=0^Q&$C|_sLOLJ#x$E-J}Tx1TV+6kz}D@l6R4#roN-Bn#j|@qI%w2VME2KfdmE-
zba~kyqMMtWNn9XQy)rmxXWgl54~0T?C`G-;9{h4Ih6o3ht3Fv_K&qseYHj75o#jc(
z?madjVSf(X?H*w&AANnM@P-ZFDV|6#kLhT=*>d6v*s*)Y#f3IT8rOz;s{XE)iv%Dt
zaQ6DTS%(Fd;^Ja2cc8E5&Pa)9X#qevqg{=P+82Pb+fXH``!zx~LsVT#4XaHFODr=<
z$nFdAz`^*y!q-LYEfYU)@h#te<eHi6e;q~>x9ljUnOG{VlEmD{Evk4Q+q9v0W%Qm0
zSnMGa@lD=BPfICqk96{gi~*0R*(xc;C8+?`-E_!*J^~NJ7#q^BA_G*P(a8zi9FZ7D
z8D;kPz5Q3Ekggc2WJBzUIaV5{2?{B7C{xB<8@uN#ZBNXvj0~w+aIBrkgC?pCq;o$!
zj6u`OwH#R%hjIW$+HAxr&qcTM@MI=}V?)b54YC0TjU+t#1)u)h-ZG=H+=9fc#WKzf
zao-FzI8e^vxAe&12aj@fURm#sPfthJ)YUEd{Y@<ZU2)wV#wWYGjiJy^wx)N-fZnw8
z7n+sv|G5$C`rcum6gDF<tKq$m;uD-G(_S+xb)!b^x8grk5*uyLd|pbrMyA@71a>GO
z`Rn^nzQ=71$x>qPRKGfyloxf_iv{(4R}*Y>T=up5`}kA9I2E;Jj7bh%@fl_na5J*<
z1cGDc_dq-h!fQ9h__NNa!bOO{cIu~d)$SWJwea|Od<C^C=^-jcAH(-QU5EVM)kqI8
z?J!*oK`Tgxs!>m?c{S>+p2Jy=ryy-tYU~5w=(v0+)(+jl8a&6k7qA*dkUR*1<s86F
zEpf_g`b2Ssf2dX|dNZjJ9Y;S8fKlpL7p-jV3hiCx3j;5<q4pLf>e8Nma6Lobfq_xH
z{tLu+P3=LQyt!%9rk^*Xj)5zSDST$=$F6OL$a;Ibo#z7uQ)Hhtke4JRG#EOX`G#-T
z17WSM`C+_wryW@f(>vst;nUf|mKQD8r2IG>2gX2qab_)$T+lC?CV3N+12~z9NJ$UJ
z0E`FT@O5)@^MSH{Ohm+a;<GK{;p4z<F87m(>BpRqNrBK1iD^&Q+to==BV@WyV}8|8
z+RQx}b%GY1wAO>$yOZ&GZI_Xqs4KwdtIg8-cswj(rVl9Xpn!CE+9hJ+DHb|ypf1?F
z!BbUU{+CF={nZT6T=#c|@bJP4rCi2mD~R(76Vq@kUk;LUqsjiV$mI5<Te`;Eb5Sy7
zHC(aW-%S6Wpm!H-7Nz6k&s8<iv7_tA8uXDBlo;w3ujdy%_D@bh936C=04Dr-&CM1X
zz#{h)M(vd8Co{moxl&;Pe@%eLd->x;Gy3wUbQqH!Z*6KQ$0XSEZKCU2O9M(>oYdb%
z{Tsh;BqmmIbJbOgV3ZT570P<adfX#Mb-3?@Tv3>8Dl!KTecC>tEO-WaWY6%??&FHv
z5Aum%9ybmBK&W(Q%QWb4(YE2B4t9D3d+SDouH7j98p{OvRbLOnr=aLq8X6iJfWw{G
zCQE;$Sw;hS=(|F8@2&ngzQ~386Z@=XkR%7Fb*A;xyOTA2kmHO*uC&sno6lGMF4jFH
zDmArbUG@0T3JxNv^cF7(`pR|DZ+1F5c--ogCa>h01QVsV;sU_}AJRFmhbGPrk%ifR
z7xzL}2-Ycg?IIxOJ=k(=Z<LyAhKNQ!$ak#JZf#7b1m{`kY3TBM*Iikk$%&<Ch-RlU
z3_bNZ8v;B<N$GzE$~HArU=QELlPywM&Pi7^a>6TF$g(h!BIo9rk$FzvX{vg5dc=vo
zYyLFyZlUB^iyfS?FMeIE-@9#$i76SPNI}c=^_%+djo-Sl!^Nh5KF6f?)Xxo53ro8E
z5!NB_wzW;eG#z|j<7Pw6cy=_~Go9GDu{uO;>%GO6g@h3+(u<l1uE^yce(COpXNhd0
zPGy}q?ClRrD6=4G$Cm$DIy;|f?yNq0_Uv55^C(<HTU!}r0y?XzskisAIv{|pJmr|2
z)Ywv@{T!d5qyQ^0Phvrtqy6G5@<3s7@#IKHH_RC+9;X-IZoG(oWczx1_wOe-y6tkL
zZ){A==Rk?AdQAa-3W$n|YBAOKvz%OC1c0(KT0cB&4eSbjsoF#Ar;+$}TOPum9Kw!F
zOq9W2p~nM*k0%5z_j8+g5s(bx9W$$@On~CaJ>8HkU|feIzIbV(`RxlcRYV`oe2&qv
z!<a${%A($vkfBSUUo1D6Ws9jtcR$<lo`KmZ;*YhzxLQM}4(-NPT>Led-KmZ<g&}eK
zW-2MU+~|b@tkHn@!hrR0WudXg=Zf}5qa8PAV(Y3-0*-BMq1fNv=d;yw__&=6>-9Us
zA&V($B$xkbH#5fS{-c^kctA!%nKzB!qs!y#H@mu4zul4Hu9i}rvJN(H5qkB7g$4Gd
zHlIsz_7oNaAnz{(Xu{TjEGY!ghE_pKeX&_tP|cwNrg`6A&I2F%V%WC=N~zCplxTdY
z?=udOH~XsW%jgf>G6NH5re}poQUIF1zx^>)XJpZ@3TP{Sj<B<}4dCVF^&dgua5wf3
z4f**4cuq^nTy-WM9xZ3!3KWx^oGimmk0Mu&klxCAQnTmOCz--w6htTSA_%2F@A)$U
z{Z=ap$#+0XAX9s@>@EZl`oM$W2~m)T>hWcuwMjf&oR(6}h8$DL<6tYdVKYo%P_X#G
zPqf;6K-@exT+_bFDC?@E37@=ZNh6r!@>c>=f9Y0zgS#jFA;zLLfrdJP#ZXPNXjWY1
z?;FD-3Nhqy>cwn<N0%{PN}7zNa}z<FKVMMaHdDax@ZjWqOZ)7u$P3Npi+i|h$f@%5
z)Kdd89J#I|GQ{;rs;+HBL<IlD`@Z^Lzs`6B1SA+=_0XC4C&p!$R$DhB)}i@WPA1LP
zLA=1DCeiiRBu&^i?r`(VF4Ey+1O%?E5(wRxD7q2o^S@Wz9~@tsynEW?=;+u7T&2}m
zSXhE;1%>G8dk+DbQ;LR$#`+yGu^98o(G8-`Q6q~saQMDRdSl|+OWK!$`oU!IK>MF0
zoU)vzq0sn(`jkbD_T@#{WE+eZ3iybrTrE&S%hg=5LO>9n-U4wBeJ3R?-J<$e%{W2d
zmM8nDHL|4VGTPcY6BfjtwENIVV*LG8WxAO7jYNxWUW0~=vN}e?ibyN`lr)3*@um1%
zuz%95WZqJuocO>_c#_&B;V8Ol72Ckx7!;Kfe<SoS3nt@d%T9*+vd7ce(TWsEQNSCF
z30Q_|F47v)qpJC4uA;oG3}H5u%+{X9mI(8rC}O__CL5D>Qzdx9fhcb+gHYMtNox+Q
z=#;puBuUM9iP&^m|E_iQkjkKoZ;{LGk3VexoPVA8Wv~`Vpyz$d>-1<kIqSIyz$-rB
z;zEAsWC;MWaC$<*q_OSoW0TkE%AxWy&t${~kX(lq6*0dT$iwfCpAWGPp%nF1`<&B8
z2awMsni&2O0e1AiA-dUKORqe89RleZ*wGp`@gxV6SAXQH(gW(Dr)?h!oFxO)JXDz#
zz}#jFWWt5s%{E!3b)-tDu)L(H>50_kudYf>bk{`jjpykcA<{j`YRs#<5qGpxt+#rz
z&8ftrePww`MIZ41OnFAM!Ct0!XRW|zjL%(`+r6aNMTxn&_4};_1q5OjkE^;skB9Ig
z2P%e6GzfK-U;S9=7;=)qG}SWQa7m~lAb|J@^pdJQtemH*Vq1@98VvmpN(!euKGM}R
z)JdcT?sI~sg#U5_ap?W6Er&>G(CAyjKwsllp@IcqJhD36!u`>Eyhbbrh$z)QX#9HI
zn6I@a2k32Oe!jj9*65KZ>*3+ymcV}l#CE!Lx*Yh8h+3b!Jnu8yI-jJ~bk=xpzI>B0
z{7w7<U>Q&@z4=1^mofNLCRES5dksvwQK6)HtX7<(gAmG|tA@XCPp#@^&T=n}gzs<N
z(6Pm-JDvKB7<~8D$m`aAO~$sY&4x3eLNv64$RzB=%7!I}W(gaojY=kwbNSpIS-#@u
zxL^*q*MIo_Z;C~G+;sBt27@cEc}RUkMAzFiva0xttAl#4fq2Ww3v`eO&r_dB3+u<z
zG+Wqd$bqsmt3LHdmnYEgy;*}c(}U<6#J69(v?M@jB}Y<dL(#-1!Am8`$^<nBoCsj1
zVYNrhl;$bJ0+G$CsRkcXvZ<(;2QyIy>pv54l}}A6boSoCR}UyM_`DQ~|9Vbjo|?(p
z*zD045nZGN0XrAw;o`E7DAcRrRabL!ch5YlH5pjd8c~lnZb3()THDNXhtfja`qaee
zLuF;9S<$sKx&NZrgV(u%9FmWxkV(Mgf&%=HG;}U3mj~*c^K<kiMyM12T5S1$dg?i<
z_x!j@g=I-LsbnhEwbsb|VF!bV7_E=a*RLe@mAXeS<Ne`S_&vZmFbI`8U<AbvoDZhc
zeg%?kt-jv#$RA}+sOogGBo`V;C3OOZqGpporMMlnt8G&bB8qei74Zz0xYd1U_^H;!
zgqvV<Gj(41A1Y#loYmGoh41FdN6)o_PP=NmsEC?7Pgep;C`o)h^#O!T%NlU+Q*8r~
z>OY>nB5{Zd?M6TKa$;fg1$fMH8cuasqgVXDcoQ8~{g@uL-oE0)QAiP|e`_g;`sQfc
zB$Pq8ARWvENfo5|VBPzJSSfG@ZxhRQEUWV<2GRa==!(J0Dhd#F=A!0hP66I%obvvk
zs^n1Kx>Dv>r^cGUo^zX@)L<1vCKLVz(NvK=TZ4ph8q02_`--2HG*kInX3kaK%H=BD
z$mBeeGkL{Fsg>n+7(@iyr9cQB#+h{Wh-5O8i~H7VVX+KwG2_RWT&u}mXba;_)a(;W
z7rRhbE!n5f&U+HUxI?p!7z+=_eUfEXW9goF)UesP<|O##9muTS>V*$XvgnbvC-4%y
zBlN8uWIs4KU>eDo4nl7YOd3LR0;w0$54P^g;L#u)%GQd%j^{hy^`*SGfinQ8mDK2r
zy9m4h?B`wX0Pp9oNG#|MTh?-_9Y3K(&jVz0ccVQk%3SooDC5&ypi5>Yh~Nz%1vR_V
z$+~U5&yYkwd<&d!Mwk6YXxNPnwWgZ6xw%WZYdZkq7|M}&`EnN?U6{>NyIxdO^i{c?
zcQSHhX=$k#cra`R-t2sFvNm|Us1|gkaj*earXf(MKoJL^J$VWlWM1K|LBcqVb#M9S
zm&NQTO<RwuD@vYFYE3rlCHenn+5}10zr0DAvA$X~Z|T_OSxhYNPm!tvwXqA8#!6VH
ze;B20jNuZ<mX5L`4A?ZKqCZdJ5b$TJ)+z6S`Y&o@IfZ4IC={0^BLtbTO~7UkEs>BC
zKU<s{rr6?$GudA~`+qd*L$wP}2DW08rlxGM=v9#R&STL=PVz%L>9kDOmwtV7O;75R
z8$u+0w|L5lUp*jkb%%9_hhah1Slbg5rAYyQaxsk336|*K6UyJaSu<Pl?;=Z>?6*%P
z`@HYyLyT4>8^<2hf_pUqmkO#7bej4~5>UMw9vF{I+g+j4oft^u$i3f<Km9Gg<C3?^
zUqpA%{6aIJwOs<G3w~>d$dEAd#hQJa@`ZJ=>=5gULVCDZ-;`GZ@b*FvzWx{O4bWl%
zUd+{zXP5hQ-aasas|WUVh;~60%zmlKmgUe{fuxr4z$4b_5Np29BqFqL{B5gmgLtX&
zpCXDROt`*{8MC*fjCEb|wB7GEqmNd7n+%4^oI6Xg<5WZP6duSqg<`!LX5u><#<7`b
zHmA#g$}vfUdcC2R5`5>4tjjejol`xuOi9n~Qs?$uN!-SgmUT|QpNH-HS3h!cbhAbM
zI0Sy_t>ZE{uBg0MF00;f%rz!qWz7hcS;^)pT(cZ@Xi!keT6$&V)DKTTkab*z(>Y1V
zuUK2W@aQlRB=SK<%(VGnNJa_c*1kUj)EGyA^~;AG2RndCR}Gr&Mox%0viaxFPLnJD
z`}%(Oup-N8xrOg!XlC?p^~&-^uHFv&jlgPaGuEAOiPKGoLSEjRa9(wuMcv00foE&D
zA)Lmc-q)>to;;?Wew|`*Qs)rKH|t;tx5rdi`D5i!^!xafHkytUF;~SosxMm8$5|=g
zC+_0O@;5XJ4h6U&8{{zsmlkh5g9QjMVmh431*)wq3KtTky_KlW<}PDOh}grWNaq)p
zxi(A&{F&(oWmeHdV+PuP#2+i+&!ZQOYw-hp-zz;l$6jf(8fkfnuRt+g*+uvAv<Haq
z_TSYI_YrZJ2562=ltSx(?KB5`Jyv@UHZc1{a01Z-XPhagvahFYY^`gzQ1ijP@qtZv
z>K}0xJX^gxPe^`hY7+^p#wNyqpnv!XeRO_6I^{i#(qkRmQ*Sq%E`V99&aI5t&uJF9
z$#qs_NvV>H-d`9HwEL~Tq|wpw8QtY~3X!_65P4~_J{a|9w34aWIoFjv;2%a{U}hO%
zod!S=w&Um!Cvz!`ncFg0DAb9ca*mTn+@<JP|EZy4RD2;fJC`#8+X?z%C25cIElx`1
ze95{Po2tc$(Mvpn0Ho;$EU5iTYs)Hetut6kTp@mdYv{v$+OZ0*C|=Uf`qi8Wr|s9X
zl5Qhq#gvLQQWhV12RdrzeeJhiAT3q4Rr_~RlP2r-FRjQ#f4O}N8pF_B{{7<*j4%!m
zik!r2AdsNxf}+gPgm?$wn++e?6M6MzFi344VTP_#WZ6U6jPWF?^EV=DG~ZtAfQlv%
z{5Sy1Sod~Cmg;FwZ?7*W)|068f317*$;nlO>zow9hVvk*_j_keuw7Q-vb?<a6O$V7
zT-)@7^z_QJ0~O}J@s(6%($!3Nx7ynsLA7kUxX}mH#bGd|SmfRI>C=Bmfy*B-USFy3
zlYa>Dig((^8_9Eeq@lj(U!A=hbr^bD`fs3WTo-<2=q|~&$GHOq<NKgF@zY?YX~*k1
zT^FN`IBY}Nr~(^m-=;~6hke+Rr<dj;TZVZu_dVO`+0K`*PL|V>M{0Rf)XVcGcM~h!
zwmaMzJ48K$$0h+5Tc+YB)^#ioJA6HTfOXc2-?|-l$$hCFO7RkwEVZ@OM9a{4Hu<B{
zF=-co<t-X(d^;l&^TjdXaXfn8y8p%y<wZQ{)zl0={?R<tl~nu#L47K5_EvMU;{ngU
zq|A~Q=sn<!dI|G#pnsAh;^pW8$j;B+^2L<@XtXlMp^6zHkpFW{R^t+aWsn6_#<jz@
z7y|p({^Da>($_Lv!@p68qdzS9QBwQ*`WDFYsklCNcAMT2{`2cumoxEZx~JdCyfeCf
zaW;fp>0*N=Qq1AVZ)Ec0@@YfZuiy+tXM1;_V_Swtxj-vfD4&{(O+Q4~_oF_@%1rJe
z=CIM`vI&-1{M_I|p{5+i$gqaJ!lv%Z-EenMYf>Y5%0>>s&!B@5gCn0bKkAQvLFHUI
z3B&|4_3G8J<43qyirbMm9%XuszOKWYyIb81puD2e_i@hzRXZW4_Ot4Rn;RR-gD$D7
z(`}ZEn^mh;{#wk{&ay0bo*=JDQAh5iv#;<V0QH@LG@P!wMh_;jjHI%^UKQb=R8#?Q
zkdDCDh65i;iAdGgz;N&NVT<e54F*-SH%(Zb19d;g*V`8C4L^1h<Og4zc{yOf63>2e
z+&}SlF{%yspG9Cr@i`ugLQeSQtXG>hjPqWz1ok4bkh9v`tv(XQ-se#m)O=#1aNfAG
z^48L~U(Fd0))vmD5~F696z_}HgKXjfy9Bzfy*-SK(xI+Kauz4*^L8V;9qgMKuFG_q
ztF25>vAwYS`T2-BhrhUj1!2F9M)^`Ql++3rJIAwAvvQ-|EKjSl^i)5<f2vm0;L$`K
zkh9?V#My+%w43k4!zD7yz3W3WAoo<khUd-ZKL;WLW95Nx<n1X1&WN@>ZkD^GBOr~u
zu@Fg)H?wN!izaS){Q0>3^?Dc0fj!$ewjodtO{;cYCZ-cWuqS@h(J>@Rg?{@w-&-1a
z0dRyffItN@gB@3yg|A4AM2ql(WmC}OLcfuICI@CpPDaq*@O{6aI_b-c$T@p$#&|z5
zAHxsR-{mM>7X_zi_@grt0ND^d$n>v1klr44*-QTm!2(PGn?1%YPe{9>2Fl#5GYA4&
zsn3*yL9L5q(8K_@pqD9?`zJ0d_os&nvmtfK!#FGoJK1Qzt}TpXl+-<mOP-~taT>mc
zi;)~c-<fH$aHHt@LJr!fc5+zhwgg8m)6PHOjnN)1bcIUk*5%-Fm33m@MQVSO25yTP
zb8aX7V&|JZbw9jlwzTp5?v#l~Sk9ig+(qiJ_#uv#P{)hj9i^oWTd2a_%>S`7QiSWL
z?wXs^>;THU{bgahp$wPLAWDJ0zU(?%a6-3oZDx4*=$BigSb@~2(PxVinr4?nmE0S<
zljG|jMjjUwZJ#>737MuS%2V!=SYgDOGGUo1(&F4^*I%tpi#@I?n{I}BY|HP3ux{*J
z9e0UY)k5~<n$L%3L$qIsA;;A9<RTnQSEH7qb*P+7R~fimPQyb&p8DLrw#5JEDNtI0
zq3Qvd&GzJB2Vug`8Bb%o$|kQ3yzE!5T`6Rt8#AsD#4j|mHyS^=$Y15+q~zqbGedw^
zOsFM+31aJ}SG^^^q;7p%?)F$9Z*hJ8n4@SgQKUB89qPv)<IP0Bs_?Ey+FDb9@D-WZ
ztoX)6JYi`ci)<O+%cM1dQOl{0+jVZ-u3&?}wQH-?GFh}aTT{pd>gf<+^gAvKtH+KL
z6j+2>!R~8_`|y8t03R;0!C{^|FE7N5zCY%j_;0U~9hQKUQ803Kd-&*Vk7}d_z3gka
zcChhV$oJx3rgvv)7a=Cg4im+y5BAdyV3B7*&7$Js9V395g*=tt2Ih)Rn|zj4W2;`T
zF6P{-8)<=Vf#Abv^g<TW+Z@cYQx#PQwj}(}A5VJ9Xob>?R1T&lsO1m{TH%(KKfC&b
z`#ZxlI9cp?IAKypM@RC2on67%nKL4yQ&RXJ;7`$K?Omj>U;T?r5|>`F)?l`A#ZWoc
z)TaTW@tT3=j2KIXK3T1Xlo<h=z5|L{9aK~U)<q3R=#>3~TKh~{d!3&>npb_VD+ZRW
zyu*qWv4;S7)z_arYa$p2j;$S>!fIAxP-6ERP*0M{Lu0zhnIBIH;iK+2f)ONyi>}~t
z{_(i*#Ko4iXbbPMLn?-EGfERM@$x_RMw2F_zM}4M$n`&72(fcAmBR%LLIvNY%%LmG
z2M=EGf5nuq$_>F@0atr*cU5(?EJ_K*tnaKfThnLzKSpn3&g`N2TB<*PI{V(%2gz|U
zZC5SIqogOqthg+i+iP$an-k;YJOj##<leg(0C*sLKv{hWn-D%hL3N(DA+oDnXdL8o
zhY~cmDM0NcwvIY*?X#=>XcW89V5Dn7VHObN8jW%HcvyP3eL_PuA4HpgeOM@IDEO#k
zv(Lc~v^M~C01Drqy^;qu(?FSCRX;G?l-JZOwEcmh&J0KoPs8|~FR`8Y?v7exSr>lp
zEvDfA56{X9xj@eW<M$@_<LvKh4JO{3D)Pc$+DWNN1MRD4RsT{L7RP_H=F2Knj1x_x
zfC)+|Mrj-E%=<0w$TfSu{lr}3x+c(1%-3Vt4SRs_tHr+-nkP@C-w1x+KAt5@If1=A
z)m%$ewIrUC+?EuRf0_7TMoHIO=;E(9&1C6KDhx)%kmK6_)waCP*6yDw{Y!|hb**bQ
zV1u*})=%Fc<r2P`rKZtki&UtrG*z4PhhzyYw($1q83XJ32Qd#3B(=@ugbB9tI8wyJ
zvk=zcvEFz+CpXK>pQi_IQ#_uZOCx9te6%7;a>NKbR#Lq$m@I&T*)NN}%*!^HxKS+d
zZ2oCdI255+S<WJ0g@3|+SKpTk$9uC$vS2aw#j!wj#7W||nIKK7i+wwGy<Mk2nD{F#
zUHw_i2v8$Q1#poW`1$!QuJ*>a095Z?uAm6AczNv~wEm0k?cmY{rtwL$iMz1`;($Sh
zU+Te5(_#%}LIS16s;0eyp<*jPj>X{;!y+F;J#rt_;)mM>XMJ2-c}=(Tl@?WIHe+4=
zWOB7CZBUyh4c03mYFX$rFF|hE@s{P{5F7&nvSw=8DdUEq1l|Fky6%Ev^OI^&af8>P
zhSo`pGVUV_jeN^bp}zdplV!EwXvNLDB3}>l36Eb<@^{k@o&eJJ8i1rWU0j1xpV~gh
zz4xTxbpAb`SfG6Z46_Q70LmZ5%>}2<wfNfVC&2nS;m_}D&V*e%CmWsp%K>>a!sB(+
z%BJ^=tgFuRZH;+*tM^!H{!;K0AACY|B2c->?EbJ00ui+0rZ<?at;N}9340LV)L#1g
zQcl_}rT+V`+3u-5*CJ!kGCSLm=3s)6m&r`W8?JbZZRXfb>l*orkEOwV$jos!*Ox-C
z6R93JRC;l>>B4YLMup#?k6H^QsN=%-?cykd(`q7sS5-o6>}z~tVgr;D!3R3vO=Q9d
za$%^NkxNt~KaEpO>4ty(+z@u++m&c^ZU<5di!4}9?QA_fL0XTsiyDG<!cq#HE31w~
z^QNP=L!URqkj(3Uzm(nCWt80M7W3%!j-GGd4Gd+o3Xb~Np)k_~TL8}qUs=4FuQxzS
zl7yQhrVkcTI{o<p&t*p)jp~QR<M7(WtvEaD5xFW}Jcfh!2uUrign7j@?J`Hj!+KYJ
zf!`e`5)!TLpjtw_2jsOuAnLZ7_%c~0)=dui;6=`p(Bk4ldaWu}T#*=Bn;>DQq)U<d
zezkG+Y!~R5C}Dfmy7X-u|CsED4^So;Va*}lM=ZYo!~>X)<tAGzzwf}~4;KJ;z8t|B
zJ@n7uZ}2}kI&vQ!ZbP%Z@~FQmAJ(o2p5;;rc)$Qj!Ns)?53JbRAI6;c8597V<V?_9
z>4FrJk6QLw>0Js)b2nZ|AmmS{t~iW!!(E!6tEvZXYE0z3as8dRtZItwpt`WQ_>HNl
zX<mN56u>W*J~}?uP{S_&&S~t(XgJh!sA)94rYEPluX#6jQEa^{FnV)U67a)_itsw|
zRmb#LDi?Srn*=X@rB<7QH%q1G4stkkV3j(Z2`24Rv$OYZQ*L=7AMf4RR($jBezr16
z0~$~1wGu|{Z1a8P@_XNd-_3@Em+N9b+AEko&uiC%(9^+n@1RbFv~l>T?q`vt?aZN4
z2}EyJfMmvRp)wyHl3e32DoO#FTUdynsW3_a+{<wZlE??WqeJ$GB&2G(Xh7%o5Rr(4
zKcW}qEzi0?wQ>bJOidf>aWlLGG#@uEZtlSgxeVRJFkoo3qnaVSx%zR_69;!`Qb(P$
z{N}`J;Oz_V4K6J;=Vjz=EKo*_8Dc=cR|VQqP9DK?DTFlN++oSt`}v*HHaF*?4zJu3
z<#%ItEY62_Rug47gQ=5lWpAQ>L}O3)PY694_0K}1|GV>Y681rfs*%|B6xctP(QFO<
z&~*6eC=BZM-vKuk@xJNOF`(-pEPw&ipM{0=rj{0bKxD-yBn<Wa{OM`%x~sIUCu(cE
zz;kDBJu%lZL!OD+dhsEU$b9sHTMX>8`EL6<L&A6a-fc)&ygxtcMAwuR_(KUSUl_jG
z#klcI^R(-UKj#4{C!Qv$GJF+fKELk>jVc~Cth<{KDHcs*$FX4gs<JcXk#BWZ4<fw~
zgy^zGYmNC-ZFiwva%?=BjEd9B2;uK$b8j^0BEv0w<1>jcJ0G#r1V8sQr#S`J#k1mq
z0ILFu_)l=~lNz8JH=cSg)!DoFL6Yvm9`ZHKa=F?KX08WOh0~8><MCF{a1i|C=T$M}
zcP%W{o?svL>le?i5qD$C_N~(AxidUJfP`8k;_TpTP5+vxt+K3)SWhQSO;$xnAzjEX
zA)%waW1isq%Z_2)fz?I!J2_3Bq>b`)j`9j<?gtR=!|G>Y0A#x(MinQYV^Df{8D87Y
zjTf1;%4+N)>oKwuj;dz_VK+e_ZFrBa9KJ>F-<T2r!Z$TwFreM+gD?QClMK1Jxzc~q
zZQp#N30}XDwhdqO6QUe{akbB}C?g`1rT0PL^2oJKILyD*V}eq3%wll4r~T&iV(!vc
z5~@0{I3dLKZ%}K~(+XQtcz{j+?f7@}wT&%)<tPnZkQp3Fi+F$Z^C6kfzV}!d*(PPx
z>`8lf$=H}l-dyw;SCQq}ma6Fsqv0J0Kd%y-ye?T4&dB!aQzM7j#Ts?fw7AltGKPKV
z!spuab|r>9RmG6hL(0i_+e3YOBqStv83J2DKUAR#3r;3YouDY+3z5E30PnnbP1+!c
zO)9*0@Jpc+X!L_f)~39X<JF9$@T+lbbj(tF@;t{galM<d`qiT&`QE{Xw*8iAF^Pl8
ze6G6CD=iNH4RsD~htHh0s{s<k0&PrUc0X0l4d*nB&20V@rv!wSb3*NlR7NRDV}s8B
zX5PsY<k)3*UbA2caohf4{)^aR(eTm0N^z(Ue24tH<J!FO^fHuVSg>g%u8j)T&h_R^
zBs@nV$5d^p0c^x=*7d}7XNkORK2(CR%UMXvY1gOyd(rA81|^-x;6Y~MPoGe0VE%&H
z?q+D4%iB|VX<Y^Oa}So2X9iW&smVo&pXXsDw_xMw?{G`DTN!ThAJhDuIEsig;@Dag
z{2zN?85Bp<wMigB0t5*bG(dph7TkinTX1)Ghu{QFaCg_>&L9DTySqDs>oBvO_uKE+
z{@tqGt=g%YnxUtg>b`yZ-gC}<1ai9IkN73&nOx#}pdS^G%F1>{Lqoo7$w;;N+eM}i
z@VTYkpcehsH3<T`@2DdJ{NC1ZAM(?&Iy(fXt=*qxRG6jBuGbI#8Xu3P(P_4Itu5vS
z_c4=*JSan_LJiv~0|WKoV?*3qubCF4l0ihk+VekiutLDRbNA+G<}s>TupmMv3W&qe
z%WI3cC#ZnfV_`5hi^c7HRf|5kvQ^4l&h~M`Z4~Vo5U9azL+7{Vb07V^Mg(2s{3?M_
z@+URzc=Nqc72xyj>ao3XaJvARX;aceP^BbxZsEEV#1zM?jL3cWv{7=P*jz%Q^8u!v
zni#g(juEPe7`LQ+uvf9W91vqAK^<c)aXz^Jt3A$nsDK;G%9ttz^feZxXJWlH$DnrW
zTLJ>K8Gv~w_QMCt$PC8DT9_-4wfIuM50m{)o5k&U@v#i>XF1y58Y;u~a}>`nbLptA
zW}?T_NALk^0$l1PI5n}_B^YOZ1|_x{FjcXsb^2kwoa+`j1<hAZ<rto=#sk@ADHgg~
zDaz(i_*U^LS8BI1o5g@N4Y5qD#zIZDWogN^hNLEqvZUleXZ4M&jw<aBZ1YPtcJ`#{
zgmvpbLVhaOLkTU*iUuVFdoq@za4A?a%{JRlS)zktZFT~LnlgLXq0#|Dg6lJAfDF6i
zMX^>eZFb$an&c&ydccfup-k`PM{JvOJfIX8#y?cV&OV(qGozv|)a8{AyIA)dL8`5h
zQw?qSI`0sh3TR{BCIfbMP_(T&vyr!r>-n>%s(7|ULS;;#2e%0XBy_FEt38`*#*Bq`
zbq$k@YC@y0xBJ?8>F<c~cIN=y^>pA4+iEJyP^UWSg8WB@=jI-xC1GDrL|0aE(k}gb
zATS{P_+e6!ZaTCaHM{8~oLC+E)=H^H+n%ert(SUUUG42W4yyRuA1MwUWAC_0i%4;N
zB^fn8*I63rL{;if2X}bO{+%AP64UxY@vaGedoN$i(>MF#oYH<b2)BeV6WMEWxl0^9
z-#}eGo)YI1FZZI}-R0$xuo#!wyezMvU^b+k_Ujk3oP*Zf+>aa9bLF9cGCbpBlHLs*
z9Re@`l`vTC>=72$Z}>d${ikw@ou6olG@&5uoroq_UDL38=$+v14SR3AVm|#iTfH|O
z6pg1s>#%*3T64uMfD@Wu!Ce!*D0Dp!;Y6iKNpYin%Q(E*<>y<^dF|H4pa_8-&z6a{
zxgLoC=9WJV@F8Oqbg^xPV?sKbajZKA&rmG?wN<ZcL?PdsN#ln<1x;<wol*&5Fq=+j
zYf4SK;U9w%qV~3i&JMr9E_>Xf5iuy5696|IWpc4=d$?O}T-VA<!)1ziysr-6OZca~
zGku%#7r?h)d4M|;CvYQ&GMbM<M)rPo@MGm!X={p$r>WIwBsJJtNk+$<V4`y<_+wVv
zP)N4%j$kn<K8`h(7J5W2tg*HEfYa{wY?w3d53Qw(qwN$lpgy71_O{ps1-bFN2L}gQ
zgmIdmuoD;rDpZ5pz7PZeW|waOb@pg`fI?(^L{!Wn2iu+IrunKROi&G%2$+JpO|OtN
z3ka*!9O|T?6|GXw&8Q!!^)C`O5nqlu51f8urD`}rK1m>>;u!JaR>Go{P9I$cSv@wI
z#|(z~9`}TGjTsyV0bcIcD>i`9mT&MjHbPv0qF3A(J;sVVM*ySier{i_*miSU)!#r(
zPe7OUwZp8a-tcz+MC09^yK=ib*-h!^6;Ad*&zGkFNr!dadw-p{A)DmUv(%~f6U`r~
zzVG@0x9972$&fH1N=XHNiVtb6A$@sLG1lI$Zj@QX?^0-{r`3j%x@ItGhpBc8sSf^9
zQJaor@ugHhKt;<T^$(wd6?5v)c$?VC1q2v|rk7$(huUO!H?p|I<!v(z6l6#CNrn77
zRIP-}sUMpD8~>>HzgT~txgaFsg=|HBtyOO;$$+AO8Ea0G?8%rSOL@K49H;WLla8(E
zQ0&Kgn479GGFBVFTfr#CZ8%LOp)zp}>Fmy6=w%$SKs4w2MDnFMF)orSc8_hxBtS`o
zWc^KL^Z~_Dz>lEB-8q0c>IgNPP#uF~-z=QZ&75er+askvfsbVfb?~#vvsv?a7K#J2
zmw%HB#Ccp^EQ5^qp0?`v1Eiw?E6DobV9|$&Em3zQL?OH?{YjDg69sIveJ7TpkE8hS
zqc=JyJ^@R|r7IpAbi2FzKM$A%%XfDpuWM$eG$@YC;f;+eMR>V2CNO5@PI&fti%FMi
zNA%fzfBG4F$LceLQ|9<z8e5hjZ3UI9m0kT^TU$E;Sa~G>j0D!&JsffY_6JL%!dElE
zo|pXdBx46J8T%>}yy(gL%ZjK_<g=SJ-^4pf4q6I^Mi(_Y;^p6i<2$e7494x7H=m}R
zmmsg{_+<tkU(z@AI#rf$(0MNyYI<_;BGUYOrawv=o0tp%;j{m;W^%zAbcYVqA51b^
zrdh<A931Xz7moG;`*hu+W+Xf2Jk;IAgayV~RaC@n<$i&guq?Uu0tw~?3_~;{`gH-8
zW1NV{#4;F&%njSm>+xF~YI6AfrLxjDQ2WuS3D_4{4M5Y@F(^G5os>h#Yg|9%5fGeL
z?`!^|)Cb`nFEo4C0^k>aanjtx*>d$0Q=phVmde6FGU)dHeL}(LXl+M_uZ&j=%BIIw
zKPU+EKR`;m>%PW`{utR4V&a%PY5j3R@=E4kpCeSTR>o0uK?g;h!f|Vg1E^CK_+7!8
zYbSfL?`gBk>?DwoK)66Z3-~G*4rlK2W*|>A{0d+C1x<2{$?Z-#=N0AHu8b}XgdM>1
zIqo@fOG?ULx{=LqL}s%UYvs+G%6am)%muq_UI?t6>#Z1Atrfpq;?i@WRUi|&vY5Re
zWw`7PMDVE6sy8=oKd*qshixZjXW1NbHqFz{iy^5xbl9J8IG?&QIJt0ALD#cC$r^8O
zm~<a&%oNM(a5`=O;i&T`21U_k{p_M$8vS2kEwDpM#P4qb)$aVC^<&59M!vRv<uoy}
zC2B#UU--QB+*K%x*a}q3oNlh$Y<ZvVk3C}Bb`)vuaArVFCaPwCrmP=_#@O!GYcIr*
zIA^<u<2#lvT7pZi+V0N341pgi_^*cvBVa2ct=f$c4J)9mLVG2cn6JM74V1g(l2Mk$
z5XChEQ07infd|Y<wOCFYA4VtIVl7P6TGP&fc5ElFn<@ADI$6@S%EbD#&2kFz==bza
zM-z)zfyE@1)novhx|A)?a}*6M-0(?psK~Fgfr-S`X1;myY0G^B@KxCDo%3{tZo4?&
z^|Dh89>iB?G5j5?7yVIPoqo~HI)45JpbsnoIxleME5~)dy5h<j8vZ8$RucT*$Za2B
z5x^=oHuin$(#{nr(LV!oO#<Jx+LFN^%O}Z-UJMj<4tsy5u-iQw1t<g@vq$4zXfS8T
z2>l*Lf5U9R3Y(3Y*8_1I_e;kOq>M7Clyky#vN)kQ)JxM$vgT6h;*kXH3@=0Rss+>m
zq}gdhfFwC4M*>^4q%xh%$|qT|BEJQ%akBw-(mu)=X9d3v@WP3+eaW-#OKj}Sf$lx{
zzMXBtrhV_KM5x8kp(8^_V%>?}!S{G5N?T~^rqqI_NE`3o^G<A!5Vn0bl~9p$7scK#
z1fAqN$vBf1&KyNmu+Le|7mu2yujz;f$iK5GT$&GpA8^wv&jqg1vORLN-Db~y)sMEL
zm`Q!ty$%Ex3kIoRPLL0AjedrPCy@p@l9^KHx?HE(Gwl0}-?CR==LQ%pC*yoIoqNeT
z_UDsFy<1eYkqIV%@lrS%5oe`limZg&(p`UYCgiCxh08(1LN%1l=1S<r*3NwDSNi4n
z^lT8QN@}i3^=Jf6p&CA*G1c*`czCAmhPc^&uG}pg1bsS@mmRJq+@MZVTy1qZAOn))
z_7$Q1_lg2XA#_}L_br?45nI@wp8t-!@Xmr92EH%p#KE8zFqRL`*^gE!3BySdxQkR8
zX?^p0oL5C7bh^{-WBs6<`}!CkWz3QhlGdh)_lox|tzP{H`hFB{YEE$$ipeg9gZ+Ip
z>H-B4;qT(s@2;-c??UKL4RY{xm6R?5#!;aqu5|U<ClmGo);Dh!zKjqV5YJS^r$W}i
z{u_3qsjO!K{_-2-b~<EA=gaGonh#Iv+hW+!lwr*iscdHj0K)>@3f2U**?&!8BFSm1
z+ZfZN@@QXK+ktWpWo`r2M}ur)hY9c7n~Iua_TB2|0n&8MTG!)?usPL|CjQTJ*EI57
zx}WYrh3s64+1mR<^ws{GE%oEPCv&?yQ3vb~Tk#~+#|t$=`y-EkD5+nl?iby4>i2~j
z^@Kut&Oe38##atx@VasD9tGB0G%ltur!mi26qe`Ac{z{Nl~M75GkwZ3gE`%OOpP}>
ztVvSz95+rDssJ7GXZwWCC{s0lZ}psC6F0<*ZNmvx%xI@LM|3nypuNzAHe&CwN3I)h
z!{a2Xmy<%@$Ez~HwWI`(Nw+17?3Y3k-)X)_c&z_sFY3GTtTtJsW|C#V{F7Siv&WK|
z02x0tTIfsb!TkFx1@61=0bcrbl1|wD*LV!fE(e=K09n0qp=gOU9JEq&q8OGHu+@)&
z(>Dn#bF?{1o5_CJD~J=kn%NK%yxiQEw<#edcHM`ydfG1?zn!TeV{scwq@9T);&nZo
zkXdesIJ=zl-F~sD_P0B1NXZ!)AIIxU<Th>*8=|vaEZb@6JI{1`(a}+PK5dvWpI`NM
zKX^Z|U#!yZe$dn@Za&6n2hMgqnKjo0d7T%5pkuSRE7s@I%;7Lq-Xy(~8!8VWj%~<D
zTsg}TndaTy^5bN?o_*(S781zU4`7hO_JT<7F#_zC@c97u3BH*S6hI_r=!h-!Q4dMr
z<-x&Q*WEMpW?GM{oQygR?_xV@N73uFcChWX{c+&cSO(M3>Dtbu_C}LV-@@JP81dzw
zO2pvvb}OlzE<eOZp2o*$vSuEW(+?I|T&~RwE%a|U7Ys<e#{T}IY!_s`+k<4DM!T-4
z9+wOVISC)PyQfLnLh~Wd1=%{VgB8Tp00{shY2bCgCgjS1G9&0NwkKnDVDI@7hstHU
zs9n%92)_aJpVU!NKBm*f!@Dwv&epxzEcbEkGeG|%|7L{m#FsUZu5u=CGcJLsnY+uN
zIU57RZ|6FB<*qc;?MSUPEM?s5Cap)07xLLc!zs=jFy3{WKF@YyCRsXeSz&t7>Jiw%
zZ(eaJStwNf;1#2x=XucAjNW!rO72DFiaKDw)+UgwOWSo+oMA5jjm`rdI%*W4H{aN3
zADuLFL5DR_&mv=QwlOr!goKRr6JVZ)>(nVPmEbd>Wzh05S&nz_ECkZGZtWzJF%{0q
z?K}Jqz4EiK5M=Xg$6_LV`l|nuxxw$GYRPRQ6{_D_o-_i$?Hx*Hxxh;I@<-7s6#-oC
zeb@JR5SYpJ^|ej%O>58ZX3Rb+d2{G~Y*sA6O2Berg2y;T_2}%Y1J`U%+p^gbKL2V@
znT4|k%fA(4E3O37;BABTrw2xG<#LmQbm!B(5F4GXjqg<MFBs1ujUQo3F1?RWedf!G
zzvoIzGhf#I?)RCRL$1T>OR(K)y?cgK3KReDv&I0@r*4jvW}e*H%x%)~d+F-<cf{Nm
z$EK+DuMo~#SV2b!S>Afi(=_;Q)z?*;k?)6|eO_)3nd9U$nu-l_?v(qv0PE#lr-@E4
z=c(4}r_F-7vgJlPhrcxjC)YC1YTC*m|Ezl#XBoTUk&2dbxwI>K{IQ(&4OK;k7V@ld
z-A4bH<6!{TT+wiKt&S@MHMN?%$78PI4%nJr1$vm8e<xj80pWs_8`#_Ocq?c|WdrYM
zqrpsPJ?Pg&wdc-y5RAVX5L$A(o2AA2U4q?5rC@Hf_AZP1ORLp!<N_zY#?s}?+|qQH
z%M2?I-%(Q;x!J<vY8^Pj$iW?YG;?q8IKpQiU_9<+(^S;uVpF)CpkSsU;QqKLN_OTU
zIp_`IU^M5FO<8ew9DFs=<*0rC!vwmauBoef;kyxP)2vQ6rJOk~rOv&Z>7}{uBncC=
zIEZ5ch0D_^;uTS$o>sS?KdnH!YQTrFLt{+KSxp;InlBYESpgs_&FBQ4L4zER%+*=r
zOQZ_t118<<_M4eT4#6kSeWRggjjHw3Wu+TVFMb<yjpx<;IC;S?<Iw4{<0Kc=n0M9L
z<xODWvH|pR2h9inwUV3z2Ev!YBvn%H-Ai*oT6nAl-1YqQNwX970;A{#iK3-^O><iY
zZ9JwD>A%!ya%OcF1pG3evxDiEP%pK+CO|$rTQ}-E-~Rm|bSAimA^P^5c+p{zy?&(z
zl5fh8DPsX{-%CZUA@f_P>a^#rmAJdBjyKl)oB^tSIh$B_n#Y~-XZQZwosAGK_;~$c
zq-p-Mva&8t&)#un$HTV4E$Dvve2la@IZNAMRdg9k8b|11GdSfAyaC%cg{`eGpo19r
zPNG)ny|Y@H+^#zi5*Qb|6tP=|zJ!4@hJP1uI*jPB*l$OA<iKViH#3St0W$aJYnpLH
zT;~nDE{jDV){Cq^j?#&j1yu*G_MCUinlw4BCf68IU9BFc{LsIrvv;Qjf82+dD&0pz
zXAq-#Kr3@#e${}*wfh?q&Zov|vg!?uJZ@u}EM<S47j_@Tmb2Ij`_skTZK89gZ_cLb
zJkF1;FJxqsjT?|2W_~rto}b~Q;LDPw5hDB(()pv+-etz|tgCB5O`IF<imgSNv@!v2
z<#{ful~O;q`X~_ewq_8WOt8ZO)-ItjTBCV=?OsBrvY0R3+SbnN4jO~Kz6b#vMshB$
zSRWrB>Ae9@jf<6y^GDPjLx+!HvW3yT%V%vJvyk+Z6sVWzmOt#ys_xy=Y^`cRtyZzr
zDg1{}FZAWH&bujhftn8;o8?0$WPC1vA_m8auBSWZa~v2UMm0%L!y`3?If;>#?0})a
zvP?&J7jYO>H_1Xf@$`Dt>&r9M54XQ(s$1^4WJ^Gfi+`~|V9srf3Ad~^)4n+O5k;n>
z(_WcJM*M6S`{rK<?gAF3BTu*+<EtY9mNM}50IBMIf(fuFSVW_cxd_k_l(WF35Zh2w
z$#9d{aoBF*exoeOT1&70?QtSKNHyTvb$@?Ckh$?<Op6G{X*WQ#qMyl9bPm*HFsx^a
z$4-IOcR}xk?x1YEer4mLnX>50%&MZgdeGnT@#XletWGLEdLNrBPI@m$<GtVY2JDuH
zN9QVi!P`&qn{vl}zhm3-JSnq1f3qZ=o4pf;nWX9L`7JbO{(kwoDR;=a&Zzs8kp}Ja
zxznk{2i)Uop0a28II6)Kp|n=80d?1`^VRMUje`FpGmS!4JLIQ)Xeb}F^JA9kw^k@?
z0N-VyMuK*h_x{73T?RkMplo)T%s>CM7cUq(A8?YZ22(RK;-$^+&2JWm$>HPq-|v8g
z?gNCF2xpq6wP5>6{of5}hQ{B|#d7=1?@4C*o$Yy4wO+n7>)WwdO&2C7M8!(i$l26d
z?j_Ul6)DYpD4SM4W^{1&tpEYli>HYyMf=B+;#>NOA8qy@QFcsOwVgj1K`sZ$!1ukV
z%nj1+)}ILkp)LJU_$liFFv1*8`)>#J66n@d%$l49uD9i8Y!w>gbegpy=1bE>b*Qpt
z4rM>nv{EzDw7kdC-B#xD-++rT1eaU9cakgBbNri}X5tm+3sd}?&ZCal_ZKpS0+g#V
zGc)N1NqtTsfPlu!!pob3jU2H@d)Ob@Wta(-9Y3G2c`(s>R?}mcOus;E7EQrLZdVO|
zL!QHN-ZtsbdDDGA3r@lG9Fd>5OtVCR!qL2s8g@KU@^}^7^_d4ohERZiCx{I7nDNO`
z>rCBdA=#ka-L7@_TeH7QT5skmquEHJo<Xr~nw!~(#y8Effmb=iu1ag6ZYT44O3n6A
zh=hDb*VJ!`rF(YwecVo0-m<lPuA|N;I-?(nTK*?c$;LD%BWK+-Iw`+ePMe`sk9X+;
z4*F1l<8@3k2ze8A;$LU%w#NZ`&<1j6yT{uMRi33HS%=}Vv9+HWI_{$V<<E>2TJ`&q
z95(Y$rFVh1>o$|WFDoTth{i{2w4ewzc#w)u(FqlGfK~uuGV#!J{8#-3%c(#hGZZr3
zA5Du%?r3InxUwNTPZ7HY&~wdHpsu{X=^QrB^}y?H$s%Vr7AtM8LUTjy##5AygObN$
zhq9dEWcjR)N0QWQw_&X=ob~rigwdkebZG0`J7}d<W3YksGN6s<6c>igP`^4)7|xlM
zK}>^x|1C%wo=2+#I1AE&joS|3a8n5&ZDuals9L^R;}JAmc;5#H7eW>G3JzHo4FL`_
znE(;)BLgcM+}Cf$1aRMf|6zfHGx}i!2iJ@Jf8UN91;DW5cXf4zhkMWcJxdV{q5GbD
z^E(1H-aWy0J<<Q?uIK-SHvj+U_<!ru@c-}3|LHsP<nUr-X8CQqF98mCNsB9pRf`w~
zDaj(d#({%FhJ&MW)KQW<|05%`@e1zWn*-QO$;!ml&DqR_nUw{2v9bK;gN2QQ``@4c
zKDocJaj<c-akBGpaIkTH;bL;MxA>u?Ac_8#@GWpWy0ny-3LG5#w|{SBL|{vodFm?g
zf#N8o<pKxy?$5vXt0ek&L~yUxFQvtV)jTs#vrxDb&sGM&tiiPoL(>#?GPJZJ@$nHV
zbvXH!1%8S?4G|j44S8zAgxZx_@lw)7)7fg%<`$LLV;nCBFCCqXmiuXW&mP1siwFK_
z>=Tc=3tl<+p$a9GXo$g97@l5UQwx<^qT6>)hAaf5;9SRNI2HonryfII!f%E~|MmU%
z2ZrDObL%1+-nakyoy8UrmEk{ovJh|vzrp)=46sv14?OCBeG3~i3=I9xHpD*j-`&0c
zenkv6V*lUsZx`RjNE9R|CQ5bsUW!%ip7`uxfH!Wc^XA?Ha^8Pu=QW~|*t!NDNb};S
z*`}uJWVW;k<$o78h(tWrH{R}QYYTiJ2Sir~(S4&QE^7ttt@A1G8Ho;iMIaG5InfV)
zKmAcO>M-+F|N1?ekT4xnXooRN!J0z#HGN2^So!0d*A=E_f2@F|mY0uIR4?Lca+N9(
zbSl(Tl+VI4Dos+gHWT51k8BYD01#KBOBxs(d>7o~O8lQjV9al5P>Ux|N9+u^x4js_
zSA53r@|tTeys0=n3A)dcksS_=5=xHng{UzpX>LeaLtWs}$UiYrN4$PRE2ScWDIKAj
z29}LL%^z2}(0DB^^%rv82@mmwK^S~<Fq3*Q<>YGneRI4R%)Y2;Zv1KC$git&NJs9{
zhm^%%Heq$rGVJ*ns4*!kKWYTI8Q{F#_)1PEv_nuDG2F5-e9Wt+uOC%T;Gh)|fy_BP
zB0Z<{=FLf>k1K6*Vmt#lZ}vsr!mEfzz~{DoqrOCj6qyy%G}EV$l|W7s?q6r<drhYp
zN4h@aeaY|fCjr8L8?;d4(?#b=58LXq80u}#2_2!ggncH%GI}-J+>EAL`FA8TH_(r-
zKw(;DG>(s55D|-thCXtaFN#GRyZN&Ta_M$lQfWhG*m?(}$=mvr8rjJg$^OzKllOE_
zN<9!ka&rG-WK(2jXE(Q`!>AOp$&(-os}EM>iL0rC9p&Y*USten;$`SpSw-bfWuHMQ
znm=KS&2hsf{q}SoU%oWhe+KBRy-6%Uw*>m{b;{-O-nBo*HCxOT*~WtB%kfb+gr)}9
z0KX%}|MK`fZr6A@ci?xGW4b`s@H-LX{FgMc5q7Zz6)u$O$l`f8b+(pQ+Jt)0Yd1{8
zds6?eWJ2nBfRsn+rX6h??1J*zrqK<3G`a9QToG2eF+98}n_5?!8<u1p8wJkWP{p7)
zsQ7k&eLi$(Azrf65Si=y<--);h|D~IO)dJS=eId?F4IYNds^hJsqQv;2IwydQJ*&t
z8nUbw`gO<{v!rSu;Fhg4#}}Kf%W(`(1e9jy!17mu!{4Y>%Bay;85LU|ugD@Ey;BwM
z^pRojpZTcX8nC7)ia^5g<>YA!cF*&6&mgPY9VLR<kA!OfS!2H(=G&F~8_jIPFPzOD
zSEMltQoc!leLb09S#4$Ot)nKIfLVep=<}F_rvCfY3ts`xJHk?S(eH2H#!H(D#<T3$
z4D&SC(B}vROg&sLSnp4W?#cQo<#@b2m+@;7@!tTHA?+amw#3u27t!O&|L@V@g)5@U
z*{d$mPtQ(Iw@lB0H5{BQfO!vu=<)DyaKzqTWhv#XJ4@MpXCo})LUuc609+3~rdu{{
z>g5-tr&A~1!{@EixZ;p%4&x}r$TR9>jD|z0no5H{ePR$Z_E(S#2?-$}LsfqK8NssS
zVv0%oNzBX_%^)G!umgARxxdo|2{YZ%<VW@LGGb!V^}DqpMiFT%=0{R~Iz0cE;#Wf~
zV&%>lt#nHY+orFC*>3kvY7X&sp5JaHv5PM_#xVVLAO2d%(Li6GH&;M2(WP|0&aBdw
zlTzeL{$=2IN4`5k#deW^t^mj&U@m;Q&BRzDnnkKRA2rx&<KHmZz@E!?d(neFV<TOg
zQ17tu;W4jNthOOv`Ky#v1bMNkQpxymsZN}*Wr*NoPEJ`xh3H)4TxoGjb=l!gIJLGs
zuBaHtWJWq+8dpgAA)wIsY2bMj>|h<V!WBxz#54<6#WpbbN%)ojCkBS^V&ZQeAEZ7-
zW>$WFBX_LVE<=t*{%ZezVKQCGPJoyu>(L)wwA+u-#_(<HF(L1@ogK+bjtN2_BD|bT
zJce{+@F4}Iau~sT+%3`R=!qe>d=@dHK#U8F@5!Il+BTa;)iY>YwpI1>7ynp%W<5*#
zn_vM}p0^X8m6oWqzsS`$%g#tL1BU4!v~t6fCOwlTy|L)0j~sL3mSflg=C^1NBSn2*
za@H=zhsP1)m`xWR!WDO7$L}2N?ni2`@?`@OjfmCST;1H*e>Ve-C-krJF1Q=gWrluU
z(=_ewu9Cvqa$9V)#Dg766taE-&fxL!N5NwK)=G9`n!IT>O|=cD@4XGaeTCh$X6owe
z%Rgyr%hNGFFYtUA7WXw&LFzgyrDT8e+GcS5zJvMcCa&Yvgo+jqy1K^P%fa)e1>aBv
zr?fN*S45Nw(Vl5Pp{ZG^S}@ky!(hzOZ4Ef|trj|Zh~|4bqgA?!bR{buk|aPMG9?tf
zv?CuSNgWb^BCnQ;F*JOU$K;IjiSqW$kLLs1Lb<`kH~BB;BOQT@@H4(D$MmkW(6X;$
zH+D;fiAYj__K?w^3qdm%k~y<Gdv-+fen>Vwn)3d6*6=EtVd=(ubfWx-%(HOF4z9^#
zFG0TSsr$Lj7&=jtrGJI1@}V_?4;~Rgw9J{1p=Ddq-Yk2|FwkO5|7Kx+330C<tF85e
z9amSRAN(L{<TMNv!sg$PE!Cxzas!#V??a(iOQ?ye+M#bZQhptuq^Z-y!wIFqBigo(
z=a&YMNzZobV1yB1Jy}?gbtIkKoH6pr9e;fNwIfM=GBt_dg0YjneDnFCOeJ^I?!&O(
z1!Cak3Ns5T1@_N|Ld;GZ{IWLEHM8TV+h3U3yk2lxKb$&bV7J-qudp=qQ79_0{2mq~
z1pVwpz>!3gXGk%lbOhbl`hH1|%3R`X$8-~lo{gxavSZ|Wsa(xP-lK!$+tVhlOs9fW
z{7<oRkVgJbRJ7VV-0GcE>(;rSE8qvLc}USaVl-?cOrEx=Gwwts5Idn|$+ZtTG|`DJ
zHB!+1n8h-mJCYpU4YxdpgK?E4RXb{fqmpu`zF})^OgvozH1Ky|p6E0Cssxy%+bTkL
zBnxCmj`toPX?@)q4V1N{v7WAqLdf-pCr4mul^-Y~|F9Kge7H4@0CXkYlGd}JW#2LT
zVc^MxuZMgl{HU1NAK&HnUbDd7mu=dWZFV9#yrwjk`PuBiE9!|ng><J`c~t&!VB*0K
zs(u8Ik<#$##}f5v)gM^Rb5*IWNWVcBN)5%p*?6!vPRjfrTP_*ti#+{kFu3@u@Y;v`
z3KyEI`|y6{O$P)D>#l2-eK3h96TY5;Cw0RN%?A>`Eb){R2Gu6VJ40oc9l^wX#=(Y+
zH;3DMz6~dah}ihJUyCLDeieBI>=y^;c=k#SEf_@AzFr7=i~=-*ZT?PT{V+FA=>5If
zYuJMHFCxU3lI=Xje(z${6OLi<tn&93o?|X&^4WuIa_!jxY6Wsr#*_?3bd@lXEMxU}
zutHZh)hJnhue4@#u4cMgISPYaD_z20{&G5Dq<uc;+bXSaP*Re5r?zl-9NacF5PeG5
z;FvtG2*%eAcC=yY`0Cne5mA-mKscFkkAAqm!)sn7D-w-yd(t15*se_A@CLcUk)y`;
z%nUhyvQ+ZW*OZiYM<Z}|I7ZxZZGM-xLfX1f_TU{>Fo<5QdUK%MK5((l{q2jSZCcF9
zwc@Opiz2}VWe-)iB2RG<$3^ImAJUa&X)&;$<f7-;*BK@(1pk7aFt}9pa#f_b{e3~U
z(rO5ULIo|Az%aAe<3wbdLHOU-^626Xqv}ZL>Y87Jk^a8d|3!gaocoYd3YXqEDz(KL
z7s7ew8P?%vpIfb0czhe?v30+0e6#ZWx~B-fIeSA4zkxu=-%do)fHRkd`9w*>o{{2O
zJ?~uabE&3>|Ey$MP+}YAH8ygPW!u=teRMi+NeE!)Dwf?nG?NB@K<RvFB6(Y(+h~|d
zfIPLoJ>*hAKGW_-1^uAiMIO79oW+(06H2PuzlU{hMk;zqN6P!ouM8e^_o5SdFr6+J
zsqT3uOnoSj$Ozp&20FagzuB2v?CI7tqavkm0k^|z3RJ$G&<#Wvhy4{3qaPJZr9MO}
ziHscBu+kGxLLW08{ZmLIe$t~T<~0rkP<%!T6&K2{xcOC)bH?(mJD!|H8@_=6moFiW
z3&Bp<{8RsRkoV1l7RhjzK@_&bEQ^3{@Y5w_l0F26%&veCaFUfVNa4YSup4m4bcNa>
z8rkM-aOyq4?tO3XY!<bTmi+pfA1)3RnYJYm6lGRyq281{I%6I&n++?o<>cBzP|OJk
z98~#2%jmLtnUJ@W+s2_QdzLn)_N<z$;r@yR8vfIOH25*98%SJ?C?}ty(1hyuftsw0
zL6<L;nQ5n?f0rf(t$CyQEd|LJd)JzGdRfLuA4PPtIMSM7X#>&+z2~T-TG%lfc9A73
za)gTw_DjfhE!>U$_b638fqsu^T$?sl@7r<=CMxaCc4ygMbjqV^&<`oQA*2dOWkJY6
z8yN1GBF`)zxl>%9&t->_h=g)E&WFBWH2<32-ztHVwG9NJ()r_4T>TuZRx`hKS;lD$
zcs+Ojd%0nZf;zWt&SS0Zc15$&ab>=_M&(y%=&e^2EvJPeJyx(0#=l`cK<YH<C$2>h
zL^Ii!F@B^ImVN^j<*DC8N(xPTre+Jp#Z$8jHzN!uDy$$wX_0@6JWg)Vk}63i*r2n+
zbYDBVmQeL(^jc{th$x~;a^iTh&*JvbR}NRzR#;tDUi`b$PUWKYx?sqL1IU27E&U<0
z&DsTi%}*22ZV=Hg4;-p`9Z7~<TyKQ&b7D$vcPlICv=Wh=ZzNFY_JpIx{%q}Tti2!8
zI?~@CDcNqV$;At-uh*rJZAxmw<rj;Ar$ZpO@-L;dLikuN!u(L<eYstvJ5ZH^oR6I=
z!?C7~o)&v@o#Vt#aM#TiBdSi%4S6-he8DMha-;l3Oup71tU(D4EYDhT1$}I~`BFBj
z<5KIkrGgtNzbA_DbU}GW9z?wH3mLSsRFFKXk=yP;cl0#IHQR5m`RhLLH1h1^_D{Mb
z*KfF<*Xk@S!t|IS^HTM2`>?#MqGb#V7Eaibxk${7kV~hl<Hgd4_IuK_9vq#7k`SH=
z=e4+l&&DiO2*6NL9NOUtHT~IqaFq&yl&smCgD8aM`y3P5cz5k0{nTC~#Bq4W=a#<_
zET(+b{3xj?7>ai5!$G`aBV#3ha^cg3uQMsp;g>UDOX;p!n2RO)hG$*mbs#CJCBhVX
zp_@*^p<;F?ewH9J{LwqG-d3$did7g4>*7(geKghl!Nur)Dzj)xswn|Eoy&xvF1zrl
zFURPzQ<+q3y>$`^ppZUJ00gP-RU^Xk8r^;7bsKAI(pUi<pc?S6-5=k8H#(1Yx~zKU
zAT*D|Y0dhqCVg7@Z=0bliY{dDkr^jmjuHbYUk(!n?hD8kt*!=H!Ihl(>nyKsw$Vc}
z=kq5=)T4<+`sUv7=+D8|Cg2=N!N<*42Y<M+v3fL4TVg&k-$7KX(J!REVpqn1rHsAk
zDa{3~vJy-oRP`jk9%Fma&)DmZR(#6Yko9`3qe9wmXS$hMSn%a`DIU?UN7=`}v=>9$
zAN&^wLcRxgtw4H3Cq~D8AjyzNSzJN^l@BC;@*^#bP#7avxK9HzcJY78M|PzvZnUqZ
z&Q9xvgW${6e~)0=SK=A(uW6gBSH!Ui5%Ma*l~ug`y~Xv&%n+A+`$-+!v+C~IEU%Ov
zBSfU&obzmrv&*XOwmYXQmh0X_SbTVdCX1)oVyI&)`k81lAGWujRMokGcIEpkg{(r}
zBNgl8$FDqF+-pyD*QerqZmzEOb+`C~hRZzv9#0r0)Ot}DmhkMMJK_29x~nwvsLa`o
zaDd-x=g#06E_w|!z|f&6Y_*A+B4saS5=yBRa}X;}-rSE2qfBqc%;~7K&}i%?$Vt@?
zMr$au%#Hjg*(;}|Pd@;b0OSUeahxy7on7K+&IA*s`TRU7Zaun$9(W(xyGt5pxU$j+
zz-%syp#6_cy9D15AIB=tKFS0W<0TmT_X;g`c+}YU+uJNS^s!^JraAyk{CJ{uXnc7n
zte-8j9CP5isaeZ%HpqVj89fNv^4oO4ce18KSq^)SUHwFqiZqQsKL1JhCq18$dZS>h
zrPz^&^;D4!$7sg<ro)*irpYOySnNhNiY3pEhm$^WXm-~Fg{7@m@sRg)cUaX4+G~HB
z<jva4`>dO|$!Rv;SPjNm@pqiT+8hOSUWo&+(Oc(HylqIRVC+m4^Hw?Dz5@~}!>GYf
zd#}Z@jmB84y!1$tkEU9zYhzoU$uo66*d?6hj0kf$`Mvs79eQmc$@8@G-+sxP7A2qQ
zoYc*L*AKso2~a6rM9IxhE)Yd+%~<S%pROr`x71=E8oquG6hd7NvuUQzE3J6k-M#5O
zmalLP4Y07Zc=2_~+jIGXTBXGww4`7=Qv1EtAKd&GxvSm?W-zB+=lXblG-Hw7t<E^Q
zfr$4l6%^Tl#5Kz4@XhNJ1#dl3h4vfG&6YQdPJxl{kWq>;FQq=A&+>@~1@xvDR?H=x
z*#v5$YKJRzw!Lg-D2~wN5~FM2ZbnQRH=+YE0}ZPf_M^%wd!D$x=48=><{YWLcQ4~3
z$eyWT-d@(2aJvU>BRMLDOibc$mBB%iO@E}ie(bxM-jtee%^wB@454_y%<k%G$&nOK
z-h<Qx<huKw2j@1d7aCjEa~ntxbzkOi)8;Cr?+$*(^ncyAS5klzK^2>4;dqsJ-#}Vq
zI-M#a+gJlfSS4x}3pS!*_=Q7w8`0o)e><>ya}Y$$>0l*!pRN>;m~~tK{M|AlBoSYZ
zvcq80uE8V2DT95jtHzq-5@hW5bmKLm{G^ScyI*sW%4Q}bmT^uHY()d~x1-;QzKj~Y
zPOj|}fua_pkwVF;A3dFJMJfUi(M+I%(1S4%AB+vt^p2cPh)f(t#(3>ldQ9!#?U>H>
zS3u-6%RtEM+XjCN?u)w#L#gvy{L+Bf_@(V9er1;kDCt^b(pkcCrt(Pi@Z3h?m(Fob
z&;e2eTj|4?HcqI7rHAB*uIsYyo}K-8xNc4N=4ub1?zq+I<M!NOdgSb|D)`4$?O*e8
zf3xeB)vRyt8DzJcb0WgL#&GO4Xt({Oax{a|TG=9YT;ozodsE0^prg8}1CPu&Pb{|R
zmFgKB7Mof2)%xZ2<b$$^Ek|D;%*!*EV`dZ7&xf0Z>hm?O^DbYI&XO)bHV0u$3=1B-
zEX5wsU^Q2&L9_(|DPlS}2H$OMeYahLHDY*-XYII}KSnm511@Pb%dQ6mXc$3n@QV8;
zR}J3SbqlOS|C;*)wG$*a<mJQ!O|_SNsmpjjZei>aM!N0Lhh;E-|J$8Z<ODOH<c^qG
zR1^t?O+fn;Tf0)1Mf4^6lg)urSB*i%ul>cHn@*j<U)m<d;m=0>`Ym7?VMzps0umy0
zSj$_qq(3h!@;?`fYcVlp?@-a4_}%%tU-@dE%==XKh@j43bz6|iwI7UEd9IMGaGl3S
zbQMLssHe`uLGwor&VF6ze>OcM7Qwj45+mdaOT}YTtADyJWEs1d<n3?);l<3o7op^M
zv&0#O6f#;BvQ$`fVlsrq`gmhTv^|;hXMy7tl3b{^%hs!Vgb&(3--7IIu-h^(PUDut
z7}BXO`|PE#XG(Bg*QW=D`TZY<(N8XZTgmwV1#G!?Dqcu#^F&~uOHGkr@+3j!cLkCr
zL&T53)cs1VHwo3fu&loCkR4xNjE{?mVzBHuq;hQ)4MT*UvoWmo+VK>bZkl*ByFmq$
zRnlGYU(zI9pCUHnu+H=mgX_*A`fa+5ebra^xRh3DgN6Z0teE<@B1D>p&9w7dl7oM*
ztor{5P(8j`|1vc>$->G;{Hxyeu`Q;!xL6bFiG>zs2=uQ8K80r=(woI5kMk(aoJX3B
zThZFQnV!Xwv%cO2lg-xwTOqirri>eyicd<qp&HDj!i!G~c^tVILT$sCTE8ym4wvN#
z>xh}7z3DIO&CpvOTKtE808K5yL|<V;z(bCib(tY&f5aq;ckxZw$DwNm-+a>Qp=fY4
zZfVOY<T>n^ebtc5#L%%iEG=zmFA(7gr^V+~H`asHc=<greJ!I;{Tk%-@w9bmPtcKS
z%wogLy3L55nP;^PrmEX#0*T!VItG7Y=#9f0pQgAW_#^h1TI_LQfr9)Ihd?{@%k1mL
z{fVFhS>IFvulaa_E*+0`ii)&6`3%jYYsS>Ir;Y0X;gV7E6~my7+Mb_`a}0P4qWq&u
ztKgKf*L)Zp;bj6V+g&cS)s{xf2*BBRW)oTAAJ{H8*yA_A=NY>hgHYG8BDRn}*2SJ>
zb>nF1@T*F_bvBM5>C4v<byeZO#;3{?kKLBb!%flXyRncbr5R0bA|JI0(F@DyR3ZAX
z9nmnw{z1S;eR{WX=x0qMkw|*l5ilZ-peRm_%S+h$`3EV!W9wSQI|-cX!cc4Y5{~YD
zymP|!K5o0`g6-c4CG%-%T2yM)TPvy@i>6IcCMoMKx)$=hZieTPwzEUXpW}ocT&oFR
z8PpRcP}Sw?wHVHs#i#y;qZodGcI1)@{H>8xn9qj|Pey_iMDcej(#$>Ehw=l6)!u@3
z#^u9yyE+SvM&AiA(1EsYGa{*TNF-*PA}BRDP_OzW<k7yi3k=ly6`+h*V&F1*fM>hf
z+S)z<N%;EJ)tyt1xhER)l}CrM@iMO0y=qCNR_EztQcL@lp+3kFJ3P24wC+m#=0@C1
z%ZsDvLEcDwXJNW+dHSj?41;XsHLytWc5a??TFCc-LAqe>DkVuXVs>s0HhoI@vD<+8
z^JgVya&irMTpY_>mB)<4wjqrXH#~ATFvZj-3b~Zi8C5Bnq7s}p<)6+zXtX;{-&`B|
z(uBTI5Em2U)|Dw29$x!AN`Qp-u|ZA}l{Myqb-{WvPjzqf8&ayzLrFV&&$soeC~m9%
z;!o3^;bafgi`g|G9R8|)FRd}7y(nRpqeyh8&jKgt>|udxy~K3dKe==K?n#!9TtsDk
zTISDwypO2?k_{VH(!Ss=D&Q%*Kx59{nA_;^A1bRSU+^g{|7&bC2OlXkH!BpdcEJgj
zwz^%pSLaa7#{JRZf2|A|%kap8(WGw5(UQ~CKT8V>=K)$Bb=vy+(7o@0bW|6$rKOfs
zNisz}@-i~zA-B-`lS#`jbgMElGKDg-vQz-YTO5e9L-aeniy)9&q{kC3vd=g;I8s0h
zvKpxV5fisY#5lecR?rA3WS7%7O>GOY)sd`rM8!l@wkZDPDhD~@949|CU$w;+jdrvZ
zSQLNQQl-=uJQ=j<ChpVX%>VqX&o~1I+5nNtb3$F-^Yah(LZ}|Avib<iZ4MhvN-~9k
z7;@jirjbDI`baZ#YWlWTYGRfwkb6%|mMj(=P~i74@1V%3rb(7~aA=5MXaADy#x053
zhYC!}Tf8jvjwg5vrEAYYw|l%%o5U4la8>QkkLqMDq=^CEmu>mSLo@gJ_t)8Oz=h(Q
z_-bj%$yLHvulw8_UK)-r4z)TvJNHN58w5vCT$Pjl(Ns`~9RLW}&q6+Tl@q|KTDa$_
zj0!U|Gt!heQDw23acPYlVHFMi2I*`3h|0e+s?r1V!mbF{UvIX@jbkfCE5t`55dEq)
zFhUT?G(h^0Lm3(Lx5#CtvK*+(4pSB-%A;o!1=G&neIZsoyX=yT56j+xeUV{s2>cNY
z6EUY8-CPI21xvAnJ1z8-mX!pLFSS%@b^4sO#bgAy)_(87d;^rY&V?OvNf$v(h6~v{
z^JaS-rcx1M$^9GeBFebLW5}wD0w7l`Fj>3vmjx9sjGWKxU9)NAg(2Mz`K)r_eKeW{
zq>tHZ>gr^d!wg*9u>h?_H<;+eMd^`_j!s2NL4h<YIk^}FmMRQw*W@`~E^<jra|&3-
znXz~7IIRjkMisqDV6X_ut;H)*HZG)GS!hXC?(^l7&@2_-z-UJ=QNT26!tQxJ5o?VH
z$-XqYL;Hm*0(%G*%MfIaf1;s4{eDotesPYu9cjPeGw~~#9PS<ke%w2rj{Wzn$-=t&
z!T6goN1b-B7hs@LsPhv>D}M9uKEK6m{q6W`1(Beaf6V!#vjIDybVNPPx7yC0N(F&D
z++tH-ubk{lwe9ub1HIvqk-aysUl#%dME0{&i;%L?QvO#)bEE(rLj3zqSO$QX3NSR>
zlq+@A>+p1Pc69uGrVLYST^GO|K4o}T%{oOyx!Q)kY5>^uEW)z$`r^R&O8~1uv~361
z6v-bB*b%04YY-^wJXQeoe@&0K?0iwUM;A163>V`?dd|DenIB|^0`#@n*FwqbAW%6|
zKiPzwzRP6t?zapa?8l<Z+gTJ`8*b~DS=pp3zP@pzy;JW9@___b^z%f{8mDs_J3E0p
zqDb=Gaet;y?Vj0H_Iy{X_nD}&yF#Gj@+}`7VB5R~xPOTTXDPF1;THy`9{=Sl$h|^r
z26UOdgBAf~lXgAKvanwv=fqTJguJ2X`U_w{1cTqdEHcNL#K>t8XCqz9uq*aJ#!ZUf
zH9?GNdQ)n?l=>rAP~cbzaw}A09w-$^5N_o{QOZ?Ujwx!&L2|>k7mRb?G~Ho_oTlYt
zr0^NZ4(=n4QKuObZ(&x~(G}*Ip}D#5S$801{mPE`+hRW;<O{>>w%F?eBqQ{5SmasW
z8t}8DH*yNM2_Tr?BxcNEBvga)s6Ls!0~S8P<CtoVA4}ok@y<i|b3nJDWFdHJjSvV#
z7akrylfZa{ksI<U2|slHmE!y9Dn5s!JC{D`8s`+q<%=*wU%lq7<z0i&h8vIRcQ{cs
zWu?DK*5({GvyQ^1U+T;l2f?p|U7-&+U1_KV>G9M0d7%|GU!-M_p~_UK-;bw%lSf+4
z=YPIA?Z@A*7FB?sWB)tpoW_F&L@`2b2B5BqgRv~1UY~_*s>PhptuMel%B^t7;{d{~
z@E8y3_zoJfxUI}B`*?i3;xVP^jMFVj_3>k_wXrdFyLpVx&F)YF^ETri3{k<ey1H5t
zKtRGPWb^X?LbQ4nX(Bd}+B4(w1#djb!%<_mZm>|}w{~YNuWqhKQA34Z)m5oIU)0+X
zzf-F>m%}nTmx`9Ilz0Osn!+*J;w<X!0~2~WVsA9?V99%&<1Q%V;L{QiT8`b9;7j~&
zeYG5ds$n337mH6IG9JJ4!G=YKo_2aG0LlPc(yY;E^SHmzHL|eqh%G=hfm*k~B7yYg
zivtp`0#Wol)0F6$0NIfTi@3V2vasc!7}AMskjgOtL|g+naN7&jD~X6Mvlr^u;J`u4
zo}f43-I<W8{JmCvhhD88^7L+EUPh^0$RSx71DsV(ikqlt<KjRzvf?UqwDd(yWjQ3X
zs(;bjx3V=%pj}z%>o+Q1|E~Noc66;IhLN<bM5H*OIqeCwB7M-Q*wYM_x>8a|MCcfw
zD);$_@ziKee{(;dIN+5BJ#BR<vDj)N4^st(2P3{p_s#J&{4eAa<pmff=0D2o4^+MJ
zJG@44)DsvhnE;g*L=RIk+!7=8hTP?5?^|o|hwBMBE|LX|GbgUyHl-Z<ssViBUkeTX
zI@ks}ukrq{eOk}Wo8lF*O=Eqa{CIBEZ|j7Ebzfyx%JJ>{hi}W;2oNsCWGWCeWahAs
zM$LwkF;$3lIuKG46p=;^@?u!_`1C$)B}Y`)UlkK;ii9BmFQUrq1k{Lb!Oe^KNXoq%
z#QdG*^fgeB(`n82^>6L$^JTU~>TQXRU4HjkQC&^sF^e6a&FuQ>$|tb2F3s8pFN*FC
zK}%m)Soj^wsmDA+iImC7HAfd;Oi0Vo7J`%G;!2`JqSr?tmx>)HX||o45M@9>CJ~UQ
z3y-}Z`i)4i*-k(2Z}Xwc=IdR8xDMm-=6#HyO`p*CF>zU4d7gXFnOC4}&&=o3QeH-v
zISGX4k$jYy@w|kt{g6;p(Jy~t&FB+6pGrP`AQ3nQPx2eT4t{(Oget#7<7@h5Mp72_
zQTY>AUE-~T8q6An!&gZ>_q2}+qBISX!o~mCpduq%e$TzSTCOK>cy++9H01qoK@Q*o
ze5VE;gT~@pwM`W=3IpCW3~4YCPc@i05E=|rH8ZZOKU}&{%Cw7%HtkbX#hO{tS0-;A
z{cUPS%e#8-=T5h4%8`^fMaW<g)@v`?6v2S0ZV{_s6uU_KnL)Ik<O}pcPzS!k&a!kP
zVZu){a{J+O0Ocnl$fh}tzQ%OKXqg#!lA)=&-%0#WxV$HXBgPl723K(KrZ)7V8U2sQ
zT&paAK&l*|sxJdt?Ps;Z$)2Ba01OSUNl69Y_S1BctZz=&=c4Dc4-*rN2#{W_z6XUj
z2h$deKPUvcT64vP5NgrZaA++Z175u&TLT3qZ>f|xFp5fj=b9{T@=hU-C{u#b!q1Om
zHG+lIINPc_f+!SqR2MHFM8&bgcvdD*C36HdoqWTMTsH56*20XY;vSmLW1C{*6j`oT
zTYXslV@;s10VtH+zTVc(7CUhzbG_Ut2_wVJ*37_x;2=04%sMGElNiu%r8ZrvGkg9`
zp8WisOIBLC3@+#sP}Zd+@*T~WM~H;sVB#Tl4kj2%ZuKNI69mbgq-^8>1(i-Z+ppIo
zi#E0nw3W$u#ujXCu2qPBkmZo#bd=`dls8H32>Ls(tFn62ozDX-L*SGzzSJVLfMt8!
z{~Gy!^1iN)w!2?Z`Iupo?_|KX;}QSry|1ZhL}&ATSLg#zoE0k2`pbU;{VIaFZ11v$
zG1UrV)f&sI3KqosHBG@hm<zW{*D0NIv$NI!m6M%B-?r7yHZ=gjZmFX7(j>3SWDkcL
zAJ4Eq*<IZxa5yT~{9dBw<!ILcr7{eWx6QYT5dE0udmFv;eGz_#K^>c^x!fOrnDeeJ
z<vg7M9%S67Ic7(vi=0$1!Z!l(?j#y-6x!HgOFJ1E&0`Z)JcdHU0C*5qD$UZqe=11I
zz#gc;(C}&T$eEzvcSf4g{+9?xf-5vK(-|ecOd@t*zCinjR4-p-Wn?&dbZ~L~hEOfk
zFF7ynTfNw2T{?a^<+r|s3Ieg8b5Z<Ws}<Ukq46g3;9;TZd_Ex|iToE^od=rsK%Ov{
z;vadF^y-%2AI`fhdn>km$?!vW7^HrM&pDkdyS4P_W#~VjccK~aHnzzb(pcYptowR_
z`Qi~8HK2ncQ^-O3L!{nfLJ*6Xc-Ix;`5mF!+(=vIS%}>j8KFZ170+ihDG~Eif2h1<
z2Y+sJ(bqq{)xr0Xx#*>Zg|jRU*&|r^`1nGLtpjH!eGO<2I%ei;guKgNg|f)&5QDKY
z4ii}aphkaKs<>P%<J%=esf-+^PV~<RlRz(F>-*~Urc`^Z4om!iSv_xNE6Fk_k7atw
z(ko-bZ|t-4`p$%#*JBP5u`Wd!%GNvIfb?JeLAX1ctzh1|toLC-aXMH`b(;it4qQeW
z^>|gS<u)wVVs~9HNCzUtBzZ_dRw=*$|H#NOSLA$spwLF*$ysG1d8sYnt1x_hHCEp0
z%A@t30`Ip~rys(j_z<m?_vCo3^V^g0827F0Dv8}ZlURxaapk|T?!o{+#w|p26lH14
zLTa#pLw5j&T@bQNm$Ya~e7Uljx@y!I_~X}c(kup+ak`evnS*recCY`z(^&;%*+tu0
zx=Xsdq@`OL6i~XmrMtTuL>fdwknZkAx<OL9yL&JGv(NV0i<fWJjAx9AAu1CeW9-r<
zR55(K^j71I^0p22FpWPq(z>YWn1g`tzkdp}8R@}y*kD8ZATZ2DsA@^=!Rr<eGz`kN
z`w_1H{o4ptTT^2b92%;%UOW*4@yXc2(sIRF$Gy>U(}M7A{E;Qk8UH-81rKK0L%GCi
zi|vPc2g~?`TJvHtp>W6;BysGp53KET++?P77N6d*VLQ3y#Kmv@4O#z;as^63R8l{F
z49;$Bz{FqK+Nwq+rfC)ljgE9ZB7(a?7<zI(nWa(=3}2emzc_n0VAg-@qE&l8+E9kl
z4B_pCIu-&kv?RoZ?CI}fU}e>1PHbJe_-U>m5wjJ^x-b%FYx*w3*S)eVf0}H|=DX@$
zdIQYRBkECCtRBJm<sT-@;Bg#*7EgiRPU-*$%Hj%()p%JUcytrm7P6{04FgeV3At8h
z@`<4+IAHkX#l`hXE2LUA>nh;ewuJ?J9l9sGy6%_K>-At3JPAApwg#2Q1SeV}BO+4!
zt{QH|U9A+4=Kao|v`=9y+1aay#NdDvnI=MqjBlQNY=}~4BNn>)4appv5k3xoIHn7-
zFCx5%)F%Zjk6#2ZA!=+As-GYgUTL0wi+#Clg}W>Mn*yX=3s=g@#ezR?HCQ!i?@Ng1
z#Aoa6`Axmj#IWM~%MzF?)yieVB0s<HC}&F9e%*Dr{b=P#x|OCUHA1a<3SXm?n&pgQ
zBgz}wOw5cwhg3|ag5;_2HR@i+ZEuGQvzxE<Ud%_);%YuPpnE#ATc54)YD2Y%*l@>k
zdnWOCXoQ<o#5LZQuciH9Jd#N>NQC3PDa)H?@VDxWPd6R;4s_!ReD5^X*nGFJCwio%
zgk03x+$D@5?9K|gTliPcqtBM_uaw-u^NE2=wBu*s4}xqNN6H87{_Npp{-b!yRJpl1
z8`P8M!@Hq)vJx)al_&;PU;3e>^7+J!Z{}9QETXhe5tyV3K8#1%5ymFeg?&8-oSQ4&
zyXKo;gubU-hg@&EyI&Otl;@oz5|Bo#j?K-__oxB%v#8jX3{+T7XJ$C#Ztwm$LHK-3
z@Ou+1PjfNxi#nJP8v1Sk(IH1VyZWd3s&3|Zhfii)1CN;*9%S4jDjO=R=8m$PNu)TA
zK%YqHNZ~yuB+S=?+k+*6x4$#Yr_R3(K%RjPqTGV#Ee*^%QPq2P$@R{O|Hy`>1ZU@v
z(&ea)-mJm9#p3uUO<1P>A@0Pq%*-Jy)duV^f6S#qrJa(8n}Y|)swn+tK@7hEyA-~t
z%WFsO@2T#DcO(tn0z?hr@JOt^Z@gjwmFmUtPF7N9tDU+zImwrwcIxYag0nM}hu$R&
zwr`2J-p8-cjlPJ%Xn&*;rkd$K&i-*tGT$wt8x)o-Pw!}8JM>)%`1!ST0J5{vtXXF2
z{HpR1UGysmGE(D4Z9W()6h01o-G;%!;Ylo}Kzfd`6X*`1%SlY9IGUL*i;j+M=X%=?
z`?Rd@f0gX0e=<0pX!B4CTjU~1{(MwUefx;Aw|8$n$AJ0G#@x?6(_XZ;Ywaf<j=slg
zz3q$Q0GDGOsc1mUJBqmYqY*W2&ES&Zya_~HhI})rU&*rRV(ylfgkLQ1QLuf>L~kx4
z6xN#GPgbkx!H^1gv81FZ#>8X}imn?5{4UN>)@g6cB%GNs4)WoyEBI9*p5$u|bB<PM
zuCU+Sy7gvotHG>R!&OMRd>)S_hc^$2lvY=(L;7>>4CP#6a!Q}8jct#A<kW6;CLPE!
z6b|P;Z~a~CmfBuRT3bcJQTL@Ef1B~%eL8SH=%K0@Xa6mqdLr?M^ZVJ>#$a@GM0+HB
zeEcRiHL`7~`Gvn(sHmuEjaJ?n@``zs{d1nWUt-UHaFNkk;^$2&{b0I5=t34JSZc!!
zH`%Iv<ySv`^bY>f{zws*at$fbvm~`5#QkNCS@B9!tm!8<Qpknt!K6#BAbgQ~o#C#z
z9ZYo^Ou&IFh2?5pWxz(s7<Xdg#au&K3!~Ro0I}5jcmHaO-Mkso8c!+KjGTR-;s3nU
zBL5kG-{Qf!a6X)hq+~aAdIE)1(jM31IcHTMo9a?j(~|bGo@x=Mv%wVhv+ReW3)#=z
zzA|sKzIXKWDjR-ZhEM!3(_>HKHHwOgV&$Q??7Y<0e&rDWOeU*B9rpKv-|koD7DU9M
z@x-74z$9Y(+Vu!JF$>^2E5w--{VHCXR;`3VxGcrcAcJ*nj>SpiV?bUWEw$itTE_|3
zxj<}(lXUU#2q09hY8YwP3XzcvoL0{IrxW5!s;>WJk|DUYb<kvYK`~E_=j}psAyFat
zMne_X@ME>$jrO6ElGxN@yYGvln%W%Yk`S}(!<&UZB-~-%Eyv4%z^gn6tJS}K6c;v3
z_osyzyz*<u7l=i4Wus}sgf+MufTA22iv1Ixd@-=o<)E-ClzA{5?TJ*PE0CjdGxSzN
z1h-g|s_Lf+*Nh=66Z4((^6avOA!d|{bcQ*0z)u7Lo>X44g%QDcGp;=jOZ@k)_>z*k
z8PNRNjo#XLh8>Uxw*D(0bm~n#igwD7G>@#4|1C>-)o0-T*n`wi1@8y{{@Pll45({<
zU+fRI(6d_JZoPCGZ?t$eJ3*}ChsOLlLxGj98F*Ryn<;{W3=y3aGy37ZEm_@Yh~Ni|
zWD=yqOBt!qr|P|sdvAjJ5_}m83l${sq;6vjQ);BBld`E^-_(R!$0_sunLHz}E(!`2
z8xn+^j3U-bSn<y_Xr`kqo7js`#U>5zW{ACAhKiR!c<0(-iB}(s^ok_iBi-KLl}6Mi
zo{d~a(JI2V$i}xO64av=N_bspEHl7IhD~vDbH~cdue4(&&$C&>h~Itdjr8{Rx-Nt6
z=5H=mpL_o`rEtf{NsG%cgwPM(|B$9Z(EAyt2WM~kPWz+NA?1Gn$xxcYW0R(iuct6s
zRYqz15i>G!@rUXHFu8`9Wao&m@03Z8lmW~22<D@-duL_l;Hn`7<2X+-85P+F5eA%H
zJLAmRE&}akfV;adtBzga<69U71O$|xeYuN4!BHnB3e&Hss1f%6LP;&uwI&R!p$om>
zPoDfviQAgLxR;0CrO^uv;$SW|n(sUZ<&WFjdq#w454sL{mf5*U8mA2|6geV>rJQL;
z-8bu4OUuaPO(q@#FNZo#RR6eMHupMzw?}9P?)0&JUqxX0J;|%#jYJvT<BF~!-2F8G
zk@|eHde9S1cn%a^SW<m@Q;n=OD+E7q;q-7joxJlep{*3A$SL)!P*FM>=Jx!vwRV5s
z^p|Ha+b9r56^@2Z|KLyXr#k+dWBTYWr~(IXB*#zYv#3N{+uL<h%gf&E^|1(3_I~e@
zas$09#wL*1=jkgbHj3kO1Yj)C)}D6eZ$3D~v}oF$hhBpTpt6HhA>)cB@TFq9G+1GF
zclhX%UwL)$GQ&$m$&-uYqEiPx&&^l*<o$jQ>gdxH@oyT@{i7_u{Y^yc_)y^!N9Q$>
zm|ghkv?K{0DHf@zRBA01Y!1<n`v<t;n)-U-p`(qi3R1=jJ~|RYVs<WDq)7`FpW=vj
zgZ<cAHo~DU{~GK!)`82P&S@fX2<EU}#qhzu><#w$nW6yo5VP|Ai9-tzqz{bg*P?Zb
zcD&WhrOgsu=x&-EyVr>GNg`R*3Mc)W7Rd@H9*KBCJ~bh16EE6p^<#?FiGnT}i|9Gd
z#;j0sa#H`Kr0Zmkzh($)M1!CkodZ=M@eB@32EK2uz8F^e{6j#Yv#lfs0F}hZnsUGL
zsy7-!*A(ip79&^R@f98~Y#()cqf@N8kcDh?#B{||h6n*1E_V>s-<hqApzwOl3^6*U
z<3`l7REk1o`5)b~$u{fcm<w?gtT<edDg`})P+soY#>bVWUz7utGB7iVGtr5FX!v8t
zmyG<}7PTQc8p)g!HZ|o2hL}Y-=!Y@ovm9I<sI|rr^9v#Em^cId%Kitx)a4#G<Iw~&
zi7s-8SpgNC7Yuzvy~aC9d(p{gHplH@-s7XAR)Q1M9`w#h6H5UrYwIyF>7A?$rv%%{
zFESRGQ>V)l`Up&T&KqqE!O+d9EVM1Rg~H%o_(NylL|;e%;OM6>c3s|Ont9YUpc$5(
zlLL!|dGo!oIX<ByMgiV1IO??pz}uv%<=5Y!g=^m?VVPq^BTJ{u=K~tfYA5`#>iW*;
zWCGLE!|$cP#Kj_S+0n&byf5hfWMj4BBN9#in*eBYko%+X9itcfgYG<8In(i|rLljb
zMSBdas<MDORG#U?xH&QTj|dZe?s3hFo6I1q0%UOpu0AFGj&tQm|J}IyJ>Ryu4_fE|
zlNaAHDw=rQ6CNE%<0<3bns(o+Di~|$a=**_WUr|YfiC`)mmS)ACAEv=`hsBfyeeO@
zB(pn|FqU1mGdqtM3hc=@6BwZ`e8bw6O|G9U-j=8TO;ssoN<C4WdY_uA`lYsu+8%kL
z<0Ydq-sgHIub{~qTU|}DD0KqbBTe|4#+l;-v@z`{sG0ZX{5yrCJ2~44NvY=ge$uM3
z9U{6rl`Ofv)D_H5^;}*2O`}(nN7)e6I)CSVmqm;85nu0N-94ET*fSdCXccSX!^kPC
z?T|Qo89o{QGFhx<6nz$K_5h1i;xc;HeGst2e3}7Xnm2q^o{;ruJINU_bf5mVFu6&u
zwt35>rlu~4g&;Q$9T{~!w$3k%oP$oljP<AV(~TWTCx-eYi(?y>O60>gK@ouY8E`Q4
zt+DbZlCaJr^`0@*QM>@oa(qX4u|sR@*t^5MgQR`je%=Pdzn@J&GXB->Mn3o*4rzfI
zd_d*nroYU<S4sHlcm0v^oQxL_lUMd$8~ud+C-aq#BN5mP*LDvLtkxiaa2Z}m<Z^X6
zMwppzaKKs@f6v)`dz*Of60bGbKYj4G=}YbT)s@aL_+Wh}r>n{ReL{tWkpNXS4zeVX
zMnV{rW0sEW+zsoWY0h^of|_;YIE|jaent(8IvqD`3G0QDDTdj?!xxIHeY5mwsJ5FL
zTzd<P2^Aj~r~efGlSoK@gx(4@tmuhfHZFVy9|Wh^wN%Q9<{!*S{#y6VwMO!2Hact_
zS5>`7Xz8v1rF&J+pp_4`>0fVIAJ?OQw6rO)^2NJ&|Jm>81iLkwo}L~S%yHyy^p?d#
zenY<irR?d|<bBg>WeKec^j4Qe6%b4=U!OWQW1yA&17bBqr{63%vqJ6RW##n;FT7yx
zyrFSL!o<MB*9vZO%?6sQ7i$l=O7<1=4>OsbSw;B5s}@Zo`gH{dFYrpaLdXWcrdi$Z
z-OtyS^NDOf*I~~a%(tdfY1Wt?^i58dzi(@U!?k-zd8HdmTqNb33p1XkE76$yw+3PF
zH0-Q4d$JVOKGSQRTwQMe@%w_=B8J{wyt{9{BKPqV{+!~5Baj{Gw5djipkjT9$o!Kb
z*x>Sp;p-bOxoRA#gb>0kE51GU@K_amf_xgk6_A`~Cl}+zCg1wXp777cV&U63efvn0
zKoEOtrnHo_kKwT7Sw{c_DYx0dmWG6r)rfa3T=)(x5`S_2tv5Q-8f^Y^nBF?uc=Tao
zOCGK;t9|P5d{IcrQarC!|1&TBfYHNxdOn}d?=II^jhmJ9Yhpj-pEd(B3;WmaGSh`q
z7#o`RPxPs^ze6OYXmZ_LSID^ikXn1-r8rFbV1z7p&^>;)ql8mebzDB5%L%gYE%!dJ
z+T(nIVP{t@m1(}KJC^RSrdKnQ6D?A&DBI(?`pjLWi;!pPRW`}a&qR!)FSGTFRT1ZO
zJ_K6*jL9K#E}gZLijDDb9onmML8t?=IP>&+1nTK*LvDR&@EwdhSBSrO8NYqo`u@H%
z9F2yCMli9kj~A*BdB^GdBB;<MXi^+xq331CqMRy(U#t1q3f+aWu^8K{9UHDY3)<)!
zR70t_adW0(n>;F+79OD(d{SeoKht?@Ul7QbYZRrhieyAZAyKjw(C80|3@#Z=WtHMT
z%DPWGZ4F{i)mkpMgv9b^S1&Gy2`rnUlONQ>&SRl_I7GbZ;n|HIZ^U-oi(ref|L0xN
z@fB`!`E#b>S3dgh_9p#s>xeFCrv%tD(_MduzC|ca*+j1b^Y(L-p`@dYYc>Pcb}&9`
z?I;1a9ao)AhEqE1BY=Hga;yVOp%<($3i5Ma8Jr>Ro`gY$1N1}I!!l`+4V0i1^1Rk2
zr4)8#4X<Jvl>2Xv?G1l+%##=uAV29fGf0FD>JbtWTE4}_wXHGgk8zHivsredK64&v
zvo;EHJ95T(7A9vH>f>$cH-~z<-2BcV$XMk@$XMZ)!C${_-5<p%y!c5Y4Vp!}CB@#E
zTW>e*!pj%WnKE(%m-PtYwA$&2Lh0&pYmW3Y{WIx5O2BuAW|T;zV&e~wLBu-)D92(Y
z;?pG)zmoKf$`!oiVF%eEZ8^bs<L<kfafL&@*bQwdmDE2|C+w@V6w8^;8O)<iD*pcd
z>;}msOEsX0x-;g=%QecUzTGiuudJIM0%6E;^o_E8YxoPyYsrYLN*xygZw27RBsBc&
zre)djwX1$UReAq5R9k4vq&J%crB(~9ZV-vgfPTy4aK5s!fjZ2>_Hvh5PxH3yFd6dT
z>qiv!B#6FFeIK;2<XlghxH>TL)04EJQ(2L$%1SnP;s@py9bX}=92?H_&V$H6)VS*1
z{o{<96US*Chl0pYoQ=f1)@xen)fRUpI2WEkJr3a)ixXhimr-NireAHmVmG<)i_+~Y
zH<UnKTq38ne9$KNp$U=WIUyq%S3nzvWQ$8oJDS++r~rVDSZ;Rj*K3KH<E%N&+$Z}>
zN{FDA-uBd(dC)PmGBJ7n-7?c_ziEiUAFA-0T_qkG*Zjw6`Q#u7q*>AQRhwJlDL+aO
zLb`ShwK)mKLtpd)oR6dY*Q;@*ve(yPO}X$fW+=^@MU<tCjq_j_L}8243O>XAJ=opN
zXVGcu;eI%VTL8Pleeexh?9ttZ(k&jvCs7^m)2Hv>mA#4lyFE{5H3+*mJ<c0BF===`
z_sv~QRLk6=`Q5K#O<7QJ#KNcowE|MEWAgHh{|xP@2tN`G6GERPmWBLl_YzA<f)MTS
z98y<2EBJUnD2G7huEEA(Bg>L+9$Z9rTd7{!WuNQu1#9yc0|9};GRBJ)e$Ikp66QT3
z5dwS$g2MX|;gkJ+kDiVWGLuKQ4d{zK^7kTA!-Xw1j?Jk9qOh>Jlc(my|7`@y=b{(M
zgTf2JzSyIYgj`$wrIAS$A6T&Pdvww=ACo|><#BDU%w+oKy$2sb0n1}|c|8o?$i<nX
zwe#7|ebISD-`87h3wM-MpbsZ6dZY8jk6GOIEBfwA;ydO!nIKy3+8S7N$O2S3n!m${
zx%|ViR1!aagfRBeQ>=D4I0-i6M9*eFUwB`bBEMZ}VV9u0o5J-FF~AQGD~b=c_>6#d
z;^qXrHrZB@u*_SxwpU1bEWWu9^9->I)DOi`S81#2ifr_!_eg*wHOR=`4Gx^eu<?J(
zaHeC672`c|H$5uW#H}`gH$&425C)R3f0lGuM7YZ2SHhQzyZ@yG-V@L-<+}%-W;A-2
zpX)eCD*WyLJR{e5qbGyg_C%(ns)}mxrR$~Hn;%v|A-}7*xERw<>*4_e{h#gbid>s<
zMVg{T){nQ4txZTSvxH?Gj?GIxF!26y393}Yn7&QXj_^(R-09HvxZ!)8!}ek&Zxqd%
zJB?XZhY9#v3nxI{)tLm_@r*#W9)h~}0O5l9{2LM)H-5wwe|yXK>r&&NIJ3dj;k&qI
zxm1dwE<*<_9E}zz9CZQ6Fb2YA6(o0ib4LS=r_Aohp+p!M+gdw2y8K)bQLiiE`^R6F
zGtv?E>)hiujZGe^<I3o7uePnV*O!?AZE~&e^-)7r^&0cmXqZNw3V6-$;9Hf3vI*Kf
zXuvc8y?NE|-_qH6dE)zEZkgZ@0r#A5Sy`(r0^7%NW@A6tl;nZ9Qk%=B=40*k7a17%
z+|5Qg)>Q~mvhz#jZ<WsI-ou+8E^oIfoM_8&BxqH$Q&kOLyvCr7YR|tDmMir9>UR)_
zXY3gM9XcMn5X9J#+`C{hfX;>sdUd5c)Ot9djF0Ah17jp`UgdLWZ>&XrYoFybG(Dtv
zSVufP8wdjJj~DO=Bj<62nVN|Ej$Y2l^l)<-zXNl%J5lYy;kj^9EKXJw1Gj}st37n2
z_~py*9&`m~qrRwct!5iXf{e|DNy*SGgQtwLG8@T@@(FW}uac4>HebK))1{p3`O-*2
z6lqgBKY0J(D-0DVADxBz5J$Ag9dFD_37x7ANB$z_vTOGR#^b!|nY6ok#MmU&F`GMe
zhbCwExcw_87u@rY#>N}iSW;UeTOq+bOcn`VzX8n~>wY6juy_zS>e{f#N2**Gg0j(W
z<xICDwp*OA52dWcsgqR>3Ni@$?Lw~fg|M&L87kv5#`tqHx>B0=uDWQw*_a-i#7v8O
zSt!ltA71fOTHD!akQ9E@&_5@gftT@_f`UTAHghD`&3vYcsp)k3n8`L7n{HtR2ORXD
zXJQ)jKMTdXPIj=9csy7VJ*v4T)l?~^^J`*QbgiE6lE%Lhl2wUBz(YXAVjj{wYNS{2
zp5Ba%`7W5P_aG!&XLL)RePfBFt^&e(OUU@(=#wQFBt~XPUbPCXxSbyCaP9ie1Br#T
zT-?5Z6Mb-Ie=G@6A%`f9D@?U3D+8g#<=!Vshm7;peQfw*B?G;xn2fL!4Q1sL&}Sj^
zBBxpkP3O1Bp4kP{!_evh`#=wL;64k$7gPsw)C5UGR++^yEuSLy*Vz;nV%Zz9DBERs
zDPcRtNGz`w+9o}wh_clp5lPD66pGH#uVh&#m0Fj1(`v(V5aKn$v{46QLj7)sKC?6+
zzShQT89q081vGctOtC)SR;77Xb=<~K61~b2wb$imXYk`3VHA*CsLH^^ViQy(rL151
z%agC5S!-tIGOrCOCTzFN{?}rO!hqG$X!Id;P|yN0iWj_c2-DtuMfZ@MWB8eG-zL{y
z>tTq5f^MZIsQpm5;&xW2kHLf0jZZM3#sO8dgoBds?-zbP`f8lR2IsPc0^Z)Vg4%bx
zR)Xm1w}z^f>P-9w2Av_F>_5|8&t{aPM{^%`Arr$eh<}2<aBVC34TmPo1x;H2^HkK7
z{F8Ad1(Ac}2}+kiUQhSaOHe!d_AMc0<Qv_g#(QOo+pY!Pmh6UGNA3*U;5#ikrl$ps
zbzdgYFcUv*8lH)29%5Ywqt)zU!H9?m=VV5W^=e?CN!+r+9GdX*%6E04C=Tw7q<hNx
zuG3@uAF7n?3{OEeFcx6UbH~AFM@4`#K@_?^RTSSC&suH5E!w=g6HssB^y1i91<rb+
z?t5ub?Hbre>r(e4s4UEy^^8nYXpLd`WZtSF@i;XSJym%eOBZq+jUK=xb$0wSO=0?7
zMDgi-kv)Df^a70+jgaK;7{V?UOZgXQmVp)*lbBAsi1qc)iVjs2yC7lw?h+Y76Z?QO
zboyU;{s{jULbwGbaO83%dM9>t<_>X`tyN#enVnM$ti<HhFazlclMWQ!JGr4dGqq;%
zIIPcQx2I<4MKu~7hP4^l6ofdO9a#Qg16F*o9%c7A*RW?V?(;UPB<9uF#Kgol5)LEJ
zbXpcn7AAbk>n4S}@Vvw))Wy{JW@p81Yid!~|FU+Ch@%dD4uWxSr74+gV4`p_ZPnRu
z+4tQ&GRAWE;Gh5o28Q?aeufveTOR!Ko6YoLIVqN$ztbsTEG*&YGU1u!)LWk`Qj?Nq
znSPtsxS}By=a|^q`nrI#z7jb{qK;*MhyOXsFICVRel;;@Ct4`f=nv91fA(fNhbi{Z
zLJO%$cg!?_gAOrbtdA@?g~YO3P0sKkH7*JnO>S*@Aepv)Om^j2L(rNet&<pJ$*r3~
zDA-CGqsX{W@c>KUdmG6JYQB+VAKP#kqDgJvj-jh~t@$gtOKJye7s)znI1F@jc9QRc
z$0KG*hy*#r{5-2IktDw?@<(ftR6>6^F8=4%^R1OuDdP8EaD$S{%TEkxX$#&UAw@>^
z&30y@9dhJ|#^BVyfvB)u<T;0*N}zj~byn78gWR(SfQt#Zbh=Lx@Y0r*|L7?rO_P-0
zRANUgHZG#w{heNkLi6F`^j4H^uiju{r{H`Lwc8ddhY9AAHse^pKEOizK000VRy6HG
z-(TX*YfrjQav^pQq(d9sL~fGW!~!}bwSS%ls9KcJFSsv`y~E#>Dxm)PqbRgE%Ez3O
zlcNZq{e$@K9jSn1)T)BX@ls<yk@nakb1HX6&9zp@TeUYAt&56J`NW=6xA&L$L2oBv
z#-|Y|%;)tj!ly626cu!s$eR(!iG6<-olBkmtdr1(06aM;iWN(tZQ(L-dzLYHsY&Vr
z$wxC<?F{SG<rCB0NI|GmeO*;lRHKu-01-odY%wM1!4_n5e>p0^U-mpNk><J2V6q*?
zri?#O^$=*<BXzU?*52OEu07)L5XXvV6Xzp1TcuPW|2scPoWG5wBH`CB6ZFHD2SRy)
zQ-0AI0@($2Qyy58)u#_gLR{g4r8;&<W+)r{*cqQ<o3NxPF0?2qTWO3fvnkfsG6$CA
z@CdHr-Y<#-ZuDn!)<|(~8q`vit(jH0-~~vB-bMw~Z^`+14&VB`BxJxWbY{~Qz`qwy
zV%~J4rlKNncu3&`D7!sgb72S?OaDq@WUSr42AOK=4wsAI14kP$uQWffe?|Y<1<>lO
z507{3d@hGnwUl+xT3x{MeH57VKSgIAO^;6`j19n&R{z@xVL=L7mRSv_GAd@@U0$4{
zyC_3^Ps}uk{KndxY(_`UV<i~gpYx+y(?Kc{ciO^w_dQ92TVg^2LkM2z`ezkc7OZ+B
zqMw>>R#}C9(Ml<u>!7TkZ8AIqwcnxd-zzd(TGfb2ls0?OCByIoU2QAzx7YqsPXHL|
zh}Ol1jE5}BdlQjjJNC-BApg@AA}WK}aMQ<Ka!are-@e9elE}&&#E$<3I&hN{hbt**
zNg}HI6Hw6;*rG|84;REj?veNVD)i*mqD;>2gITu~ZK2p39q1JXb&eFhZsZI|!#5&6
z33vIUd=>EGRLYAD9v_IY7%O;sUQ1|#uAyIvPTxx`am0a;EXRw(wLx7``>~Ndj3Fa5
zpp)!-%J&jqV9klKI`;5D=<k9PRzeTNcz6_+==I`BJNazJf#LqUf2NXmkGmnvqkd#W
zh0ft_&#fouksZinWY!K`8ldc6J%9F6Uxi{rRWsT^VWLUbtIH&$#<tUkOkC8}=3(i)
zvzSOLCCnb2T`)&{6?sNN_2}`oIUhrgSuD=Q8pH(s<9f~1!>787z-x}4ht+M4^4~jY
zt#9sNZvLCIZ1Y+8bm0xfklWI{amWBcAG!usjs%YKgH-I{U$={Gx$`eqy5<v6wh%wR
zeaoqdR3rJX5~@kCeDE53c8xv+y|ANeY{>Od{~c|m8$t5Vv-9z|sB5vmJ2!a{(Ki}`
z_XM9c^5J9i%(TQofhO_?&=Fe_A~NM`Zd~RS$9|hnO-mcqzm6Dq2a6Y9*>KM?{M-Mw
zXJS8ahD4J$*clC}f<oK)XqhiYpr-@P#8g-Uv%iRPNG7c}d4n{<c&CNd`03d@h~J&G
zp|Jb<;b`@RO{^ovPvG5RV|-@gma8S|Aqms7GD3GY%l7sPVN^5WAxN~j&aW<tJ8_h(
zMlbiMM=&p7R&kI7>VDuecA%>zz82_sZlD7@YoO6JhK(Hp<MGQF%AKMGtmS^&!i$H7
z8?4@^*V|qc7+;Gmh?(RCjwZv;%*|nb1D2-Zs+R!t%wfv>G*19xxXtPK;c3?gB!{Kn
zZ+&9tXvErfSUwT<#d6F0)wp_*kCIe$7-Ggb11tZ5^nd_k(>S_%_vet4KRp&wCi<5s
zIBIyv`L!J~T<3;Sg)!Hshd?StFRsVY#5A)7$1)pT0=ZfDL58R&F$});c{bDaF#|{a
zCH<57@<L+}6O1?xeCh<OZ2U~7mJc`1FmZ;EDda{;AphTabqOjes_19JoR2)9ab;yV
zi#(OV9h?>HMlSsdz!j*nL*;${?$Htx8Oh!UmZq}?#vC^jNyyg7)YQd&S05-lWFe8z
z6#`-DI96IclOOMOSf&dTjDNLg7ffzms_F206Or)%K*Ai@{U3A}a(?L8UTGFahh<Cu
zjD`<?r;MK6!PK#Y*3UY6f5-~|vo}HTnTWAszN2Yos;Vp3h8~pAC~bs9-u%{<OW7{?
znV;_>OhaQz@%npge}1!Z5p%T2Wj$Z@S4U4OTzu1V>9td4V}tjxNjE42?Lg=J+}YjQ
zWmHRac6RPa3pMbBw-L4&8!0;rTnd*PU5AYe%t7r(XWph*aC7?2B!V6-eP<}XK+@?e
z{iOp{cuWVkM!%V%9?mmh2XP?)aQ%1c+Q2}~rPAsyLgx>Cc;9GbZfybu@qqYUrR1Iq
zt?M_O?43;^Y7h!CC&pjpfc%UA8!L%i9tnfBslR7C+|CK(QqH)yNBjN5>gY)Jk`1n?
zSND(7jR6L(W9@>nvL8cbza!c)7%QIrUPVTX+Usn#WgB10`q?^cL|AJAcM$7g*zl0~
zAu#Orr+E*2-g)bm0eR`ks*UJC6WM0QVd(79%@9_G1-EQXULN$B(tzAw*VQw7%^-8s
zcwFe*2QY>9JFj5!w^~O`E^JouB!c?r6FVW#`*nt@+DsR6?wb{|mg)*?eg7HB*Puc}
zec}GK7wBR`GBji4pHciG!S-)C01r8Y($CEN#U~3m5i$EjVX`79&V}ozN%)GeWGR2o
z&>i6T5ebjPCFFLgFg%!1?XLb&r}uV^>5z)b@RU2OBy7N({nXf=fh3prASs4y_0Q86
z?mu2#iCTYML;hWSJm`chW*R5_t*RusYShwwMI0D6j!K>r=NR0J4I8*dRp)YD5EvL}
z+T>2PM<wxg!yh(2JHKfByW<VUDqf(09*K~T9EeHiw~tLbCY%kb6;E`Rg(~^&F4Zam
zbVZE+jz%B$jbxOV@*`oFl$Lg#>F>^h?k8c2@E8TV;6@=dvfcJ}Oy~JWkKjfzV+(6*
z$^di)#xme_N9+GC@|8*0-w!+oOu{KfZLwW1q;(TeI#O|n%9T{TVr#_|#>+n5%|6tM
zuR%pwUtcUt{8rODRhrv*V-cH7Gkvo)|I7{O*MzN9w{;=C^J^KAG(QYdiK@f(_vDlK
zjbzxs!pwB2j02F}D1m7fO4^UV*hzeW1z#BCBah<_56m4=>%V{c>|wF+-OXpaKa72R
z-g`V(spmAMsj6yfMn?#%zK3~3ySJhe^>W?X|HRugfTlkZ%)yH1K4oE0gUk&l-o0IF
zn}72(^jemz+-uze3y!FdJo+e+j_a^IEl)8wqUZS_;`5ADySceJ@!zhe(5PSWJ_5pL
z>(9_z@Qf*?y=PY+w2@U#7H*Hb%^c+9qN%)4-!4b<FjjcH3s(?hSy9>Er4WV?SAAvT
z;5{-MStD3(8>mUSW1##lbgq|gyz1(vMmOyFm_pBYCn)(<RAwBPgwS>2WRKX*Mv)JH
zG0Lsi6?(5VEiEQ9(^_`cxC(qi3G75i(Vk|~6?plb^->uO2xVz;Wi`n?C)@M$R(Vxr
zW$`T&y?rFap<CWoQ*McmJD;<J6khdNjRu`>$T2b8C%hir5_q_8#D#2rc&2PP=_by}
zrx}wt9;jZkTFKlAe!slD1iHEvXHGV@R0c}QK$X4Ec0UY~R2~bp|EYEnm67y!PHidd
zjOwLgk&xJg|F<P^Myt0^E>>!NMbs}TzqMYG#gy;xIFq&SJS&46HV7If?;VNY9o5Jl
zC*0LZk8%w9Oh@V5;;UpRGOC3KVe+ywvexCVv<*=o_teAlnP}haPV;ao`;Ob|+pLC~
zNBl)wTY!p_)0wvS?_c-vKsdAvQBl!#;EQN<b$Q7JXutI&C3Y8g<~FypN#e$aial-4
z+E9=KEN}W4{}+TF2Lh8D8%U-S3neCIQUvK#>7WkCb`=&A4L(v*(s0pyRblV5;0?%6
ziUEUO54UF<&r2;ogE_q2mR;>rJ+*<=MCw4i#E5^p|A{>1{^s6JDJn5vjbA5u84-M}
zqLvmz>i6$8FJNL-f>bm?ZBmzC-)%o{PEip-MqHfTzn*Z+So{e0-k&0Y@(vIB?hx>p
z%N2L0dC?3~<T(y{KH}OQMiE2b#9+a=CH0-nO{|VuDBv@h@>1#acVUEpARDv#q>Xa(
z%6@p@2Z{mP=Q|1U-_x<ZzlikEinw%|2Yu;*=IY<AVLOEGjb5wAgju&sIp@b^s#`Mq
zOhUgs?~QkXeOp7xN1^)!*GA;i<KrKKMO8dJnmn_FyqST3@){iri}9(z9+gx!g|%}H
z%v^sG@i#FwEo0;0&|UzSCc~0|oy|Fu?DTWbtI{R4m}@R(W6e=<rA4BjgNTSIV75%>
z;Lrd2XwwfWX7l4dwk*AZ2Oonv2-vja4}EC}!^6W7eCZ2C0Dwhw@@`;AMg<!O$7N%e
zf~lw5Xt8N>QV{_zIk)T#V@hUe;g8U&1>K$G?8Dc?e$id<>G@}8XQ97-{mSCu<3ml3
zi@T-$el0vIeroV{ejX19HphW;;+mbV?g|qWR3PVw@2;&ur$A&>)%n+t3%~HS`9tbS
z2Utc*(B9z_685j}ZG$U(uA(A^U~{Y1@#y@Hj|i8)n-lAfAUzE|Qyw=YHcQ|os)mDy
z;qZIY$GHnpn8@Jzn`3Miy|!JW4J<AiW-Go_LXo^LfB82}s00QDejmI>>@R(en8kR#
z=q-bil9Cs`%2D@wv#}6Ruo)@}3J9T9xEq~A0abIm6S-<)zan#`MktAdTbOxx4)fQ8
z6I8V?bQ0Ba&iBd`u7Kp7C6<_<E13b#A8dp6jz8`z{#S%cbNS1R9{`c$;KX$LhW?%O
z1pdjle;ezcGth_<4;W{^XFfzQD4+;KcIkF^QH;#M6$?7(xc|~RJ)_66$;eeF&r>pk
z;YB7D5;(9uGx8sM$IJVdUs!k*)=O2t^8WA5vx6<uP!`PkJ8J6Q*CTLue}8|#-z1E5
zUZ&b~lv(#Rn|WO|i?FH;r@>?s7pq0ZpKPMN5jwI{-wij+%8zU9sQIMX0RRF7U_9Wq
z5Ti*L;#vr>yCfP5-OV8rjS2Ur8{2c%gbFJG_<aa0tVb$4uB3B>fOU6b6eEvtnQjT3
zPl>m0ASu#YT$`na%0_SvO#m4E_@x=epXq)lh~MC@dVPKUu_MdG%IYvDFV87jFm!}}
zS~+=8WCa`9etXtMT|aOxvL+}G*?XXg!f>1pc(~SJBOx99^Y*+cS-<r9@ZndztdZfq
zV?;xWzPE%4aX(B_5S~UJs3@mQ9n|3Pus}mY{}q*--Oi-<5*N4@HcTC|bMTmbXev~)
z?y^}PBtcw{Wq|7v0r6e|Att7yyt;bBd}pUf!LOu3)hEZQM~!hV=<FFVoePVYn0PE^
zb4;_cM`&+ku^h6HO&)B-xFOE)&{$nOq(uiXxdOcB&VA{c(B-QY&e(ayjtg#r7467+
zIy%G~UU}+zw`H<nxshzUjAA(Dzkj3WOqeU{VxoQF1f#8M0!vG+?dqA=!wAn%Rv*<j
zf-Y%)>_c53dV720V)~#H<&>1j@={Zqm?<bs*m-+DIhUfC*w)^g)uI4F1mxt@lpxTM
zx$CK^x%O8WbYFMQX?ps$h(FGB)Jn-~<J)!h6WLn^xQ~hrq9pgW8G&+kGf_VqxRkEn
zXv0TDBF!x~UC8@QL4NZ54e6_-gqd@S^esYI1?<hA)g@#~J^mA!xXlP)pd0_o{#K+A
zVV%|ANq~%z_RyiDWU#ne;f=H#=8^^_^^4lzuEBLmlDVvHkE9<|RaYllSXdl!va_d8
z;CN4MpTA=?)z`1M_Z78_Y;S+@78Gn{I&wZl6@NecquObaYRboa5W36E^SwWDpi(|5
zo-ybSHd+0x^48{s2R5h{Q1>3)B-91%iaSo&FkQlh$`InYGiSKIMcccYe%iDc+giHV
z>K#>E3@#?d#!)HFmy_x?M~p%4!Qq84D9p?kF{|w_`X4;6Py)x^F)&!l#gYiFn~kJ#
z?tbQT@?B~VsawmFNyrzCeY+4+Z@a1s`OL`6+vqa0kjCjKic?zWZ~NkcSyrM4=z;WO
zg1>&Q$iUh3I;^QlvMy`Y+F8CFiizHy?e$I;XLeH>+}px4JYF0SGskf7s^o$!9U8AV
z{Zo<|9A8jMFFqXl_~U6Y`gbl3tW0hHF6=lfdUJ<cvJLoG{QI}t#pja*YhQmby}}sW
zl3)FW8Q#6y7xg?hgMm3bjf`q!>K~B~!9Kn@24|Nr=zl*X<~W66(d95pO#If&OrtWN
zg_`3zVvsMU464E>8I4rvbXvaa1R@^Woozu@O6%Yn$g00nHq)Z}AfKuqIgm0zPoN~w
zer}s5k!*S@9NSl`P+8}?F{7rTxepK?>geb|F(h`I$+{{#Jv$BlB(Oc|Of*<44a-`a
zh0?}xeZDnh+M*fI2X>Vno4AoWP75`~W3?1_A<!j|LciiGz))b_sa8@}HZLuiL7kC|
zX6=>a$3qr$s-RGlJ+UKk&d6Wk@NFAXASTXCN8b>+6{&f1sv*LEdVh65f*k#p)${t$
z=Wv#u=&n2{kORat#f629Xy3_eP(;kHjuw-5rb}`IXJ$sLD5z{C-fs$6x%IrSt#>sd
zgAKg%^v5iGBm8Ucx!X`k9*Ggy@bVo}L7Ue`6XB}AeQT&fO--#xq!T39;cnay#&K|2
z{as%HTRfaF-?dyW#EZLnENnQF|3+O_c38X%?H{**&!d|rXyV9ANc0X1Uuirc#yqQm
zpJ{T^VG^Xv1=?WL1j}y;blsLoE`bVHlik{BDMet7(Kty^@;e`AVT^b34=55Mr!N41
zV$T9k?!SXzsqE#;r&JVL3hU~U?t}nre>P`Z^z#Fy*f;`6x40nlZwT@CD0i4!dlK#W
z$lTC8@DcE}GE?n#$FpHtzMZdpJL5VGLdPXiF7voPbPrDMJN{s4*PRrYRE!(_&yDvX
zG;Y9oYNy}(Te2D%=_{FW2ImJJr9%l_-TabM9sGV6)g5`!&24N(d9h!J95uB5y#xj9
zZl`_)WehB?tqz?r;+Je4rzaAQwS-_C`3{0EqfH&67W+y_CVJh7-(27Euw6wPa%rbY
z*}{@K$<eiE);AE>b+|DiR}>NhlWAxVI%g(kCg0`gsRQXSBrXvgoDGW1z0R&jTy%|{
zu~50mS&|>EfT&F+lsS3Lr}}AHX&j4H;Ds3I4)Y2Mngg%xoSlzEj159hy)#Dok3STm
z_8sF95HN2!6_)W<ShCVzWe@kVPw}iYzhJnMo-Hq|5%ZvaTj+$AzJ+-8_=fX~>`i9j
z5%$wi4mux0;x3K3fc*4Pv81Whts)HyqQXZiX4uu<p4X7)W9lioB2W9V12_5)fv3ly
zu&^+C@#A-3gxoI+FRw=f3yVEkFqg5r(LjzuSLYFJc0Mx{jdX#Qii&7-XsFo)Ty!B*
zXkBw-wkqn)u#E=KP^&ZF_Z}WZQt0Hr0&8Sqgm)@{+xZ|7{&B0ITMJRlEHTO6Cy+05
zrKi?$D{FmI;9x$nIGJ`>$KwwNrzxyPSv6huLASe0A4hc4-G$DRehpdyKbQDJi4V-&
ziv=t)o}H?M1a$_T@2u!tVffqi0PRIi9#0Jij1AHfgwSwsSH*<H#eH$chX{~T4jLXi
zli))a5!ta)R`zIj(Qwyb1`XA&xz$FCnhy^5^ceE6aiaX_hf<A=jTe&91Y5B5uo>zF
zoOU|;5J0>dl+g8<1uDSHle4qehV{ZorYNwXCQe(bKX=0~u#=Uh-baIp*tL}>h=CRW
zLEnORp>}-WVHK7H&Y3~GoaFOZ7nW^zm7+|@$d~0O{NH3~7CezlyGjov5yvz<R&Y#d
ztN6dczeW7N-~nXkf*lb(qYt(W0^}9y9~RLcHF|q{#Xt}dBkGeB9{xwbMSRvbowLE}
zKsgdZ8v$#?U3yFhG&S%ybwu<sPN6!0r5TutWF+MK9Q7?BLCqD6c1~IB54>YRiI!7T
zez)_P0R<(`qmR%OJ5p<kdx7xZ&GKHOV`+N&;%N3hV$ee+4Z)2>zT`WUPsz+@Gcz+I
z`cm-_eT#l$5wbLMnp#@1JGB_z0@M}i9f8JXW(8>0-QYiF8urf<$BvX?09S_1%=D;v
z_uou8EpHRYG@W$&mX-tvc61C_ttqLfjN4OE@C>#65XREEZQs_%!d>XSpJM65thE2#
z)Rc{|(j_nY4&oqQ+Kbq*IOpII2Cl46mrbjZ+{YMrE|5;FPdj$g?b~hm*`#w>pPvGD
zaB22oZPSg=r7Hmv$y~^VR#0#ms_&Rp`6R}mJLJgHI>URV)w1pZP4esEHC}&WaVGY0
zqdSMDbvanp5i&1(<b0^Ow6y(qjEvfli|2*PUll|}yAUZUa|MA?V7Q&0i6J2ledkd;
zwJ6Oa|4$};1^n+6XRMzpZu`^tTF%b3{Q#JMD?Y{m9r$#OVsxu&b?RvE>?{bG>#ccl
z@vj<^P{GCJ`aKg<X{)KJDZ869GHJ)fOX}%Ad_268=dAIC^^+4{z0aR*KUrciSSic^
z^CRFRY<K>}R~n>PAKk<=AcpaK+8B`YucoJ`r9qhPQKnvLcnKIEhkV)8^*R6#8224?
z$dHp~E838fZoh!c>R7x-!b--1NlBkgzJW*&=_h6tBHM?5JMonL8B9z}-379{pBqg2
z0DZpYCGG=bY^2lf)7slS(qWdEm{^-H6-#oKL1f!4@20C?`Nntlzi?rUlbLxG?NOtz
zuaCL?pb-|vO3<D1B31n3uxvog<;xwQI%iEPv--f8Q`CRFfxt4d!C`B#2`oae)4^=?
zopxyb!oos9ZcdIszFhk3HWyULlNa4H<FA65)QtnL=Z{8TfAsZ9Qjz!FMc_xPO8M`j
z_2W{&59Fq?FWyb(aFS1j$JqGcoaZMl81|`}U21-dzIuN0%<SnAC;hFP3bt=mcY++&
zk)(d*E>J0l<mTq$+*aeURN(q-jX@ec49@7v$4tTIiWE5nksjpK7Lrm?Qxggb2ykJv
z@xV?&(1FlntYI+oU~lhl?%fVPu2wpi&C;z?PZ$OS<67{VP;W0a#kwI8nuF9y#JfFk
zAcu8+DT}=CpEH7ItO7R<3iw>~Rj5#H#VN%;Mjg^crrQSWY|C!EOn3I$;?C3OYAeQ5
zjn2^yZrc?+)*m~^<GmD@WPd+2W2%2}^aVASL(tw~2RFeTP|%pA-xzhyk2VaGH<she
z-LjGJ-`shK8r}~?MIq}f5%lOU^Z|MHQ&e<xYnv@hS3eC6&5yOUwH0s_seN`3w}pY#
z&HmyIH6&29J9w3rQ*%-czH}`WDvwGTCMK#Nf&zr9gBLlZf5Z~l6lTB#o+cB1Py|$G
z;B{85!|Uwqde{bULT*m_7kPMj3mqM8&a%dtVQ`SpmCz4<=H^y!JXG?#H_Esyy{~I$
z!f`un<hMe9-1w)!^Sbb!H^<-4&m9`iHu^oEcMozUqxrriC2;{anK7q-9sUh4V<t9c
z1u312ZLNIvUZvc&pKf8G+eUP0aspH|RmmBtsa3kpg5hC{q`)bkuQX`h(WDI2rTS&_
zHmDS3XX^yzq=gl{#x<7yz3Wm&t}TLUX?8>NZTik$r4bQ>n69ojBS9=NolfYYVq!P%
zb&WH9ubq8-d<Zt&+aJ4vksk2J>Mc*%;`>AIxEpy>ji7J;goPzs0u`^Zh=@N;pNE%t
zkLdL5ETR(?nyMox6tsi>@TUYFHC;sz9sC%t)d+DlGuvSYa~L0nkv6R7WkS)_8P$zk
zV@MY4cqtDW)vb1&x?;)cawyh3Jd!{+J60J%k0@}Dtf#N943HcLtv*lpIuA29B3nQ`
zWg%l|xL%c|(!|<hccMF5VIYQupm8v@;~?Y?)4O1!6K3%lSQ1^hD*MB<&rRe$PXVgC
z3Y7HX!mY3acvc!jwT64{qa+Os)+(_XRPiwDcp#kU{9(Qfz`Gyu<=gU`kWEhRita8{
zSlUh1Rd;7|&M$bOA;Vro1MnFpq(ieBoKc*_ENd&PB+!>-|D>kI{Y6wXfL7A@F<QVU
zqa1SEL|#d2(QlBUNMTGj0L4pGIR>d@J$AK34Op&_^0eaA`|VMDN@6@)uG<-Z3s%ZY
zybf_qz}hHV*ZcDKY6=Vz&KLe~aYuHLmIvGJ$-uQriL11V(#v|DbHMGbYN<{$j-HGW
zt2Gr3O`rGXKzu()7N;p*f&&7&j6iPK4hCVc(9+VzAb$h4>xcX-)Z2Who40(f$G%Kv
zEf}^|<{t#VgETlocq+xnoi7Kjn3sfPaaKY?LbK7G3can^?&z(x0o29MvQSiF%?iWb
z2vkh6rEKWg*PzAaM3~>BFp`Vn{Tx)7d{J{!T#674J^h~wN_sow5NX{Ow`|Xo6+uTd
zv{;|gJ6=aeM^h^?@Kd7`Eq)L<QyVJ*HrZ5EsI)siZ0j2vV$QXkUguRAV@vn9Fy4kO
z3PFDIF)V!&X(#WHBYlEOhQl2jKlECy3>)N?YSr5SG1cs!n5v65F@%!R<H#`tL`7-P
zWeY0PQjoZ7Fiu=$g~tlk!4F~vdzp-^(z`1N;kZ=J94?Sw%-A|a9gds3evODvVE8k9
zqn&AfnJTv^^6|~N5WMuKPht$IjEgehW>rz<dVf*QHz@O>)^UdfDa~z#X78s;9?yT8
z+=z^cjNCSNTi}T39*#;`p)1f{?0aio(-#vR64d{`<iabi-|hUW%RdJk>OZ5SKVb2B
z(A&q8vgW3zkzuR(d-##@-)|=GjpJRvO^^G#`WKk}*E$@xVjIKTU1skx_<~%YNbjVZ
zmO$<mjO)i;#~}0LV16$8OK=k;@8cPkt^yx&GZR@0Gi!b2r~&eAArq4=7vhOGPI&&c
zroAml%lK-a#rxkIFIlvBbMbf}|KJSktjWB;_xLI;J@5<$&ei@EKu{?GRm?F^h@6L+
z_YT{^dJ9zpx7x}=*{#h_K}Yu}yT9DbU1V!cfnm?~^ee9|pEBc63$X@KP|%g763CJ)
zdE@6bg0GXH=pc4Tl3pwP{2Uz9X%)e|;^0`HLZiiwCbiprQ#T@^0Gxmod@>hMwDncP
zvZd4kuM6*oYq>ie#_p5dztuY<pyaR`{BagkPwi2OA%e8w9YTghC>8=!|B^DKr=^MS
zUD|FWhr@F+(LGYov9P?%0cLM>^mys+-&FN->lE^(^LJ@+<7kN0Z7kGeJG<yKuUA&{
zXxU+k96Bj9^ucuZ1yc~)t9~_o7_B!8mbT!w5xt2OcFNyRJ!E=Xc`lle8`ZS`snU?p
z$;k;)s|gch%0-k?@xfM;Ga{~b^8M<Zm}f;>TV2#yc954DMojr#{wb1*YtO&-<ClT{
zn}HJY{jafT534xZ+eLEoO?D)6Q+qlvBFg|hNZlPUO1Cu@!u=GUDzn=Z=kB~~J`4ch
zSvTj)W$M>f3zf^MP9;M(qBu4~odLK>xDFdW0|&#cMvj`6oFrr3_!MF@1o}HeMMcFh
zQJW&t@y|FI3L1B(Yt=y+8QN@Md$9dvYBC*JIMS-Ka;dK-lBRGld)^Ngqn0fh+tq7y
z=&b?0`-Rqy^V9h@kH`6yAS*PRQOWX*WN-~R==V`N8Gv9eJ}XOj8@!FVpvb#jdEwI^
zOWNMu-Mt~S^paIa%qF}uy%&c7e0dNS)h}7w!+^wwRJ{0ZaJ3*AncNb`_mKi7cMM)5
zs$ad%tGBG91C!ZCD*+1%RhGg^2cDFZxIh(Bg^{tMLEQY*=Y+q}HYmJI*S}Jb;}F;n
zv~=k|BeT|teTrQUabj)xoWWy{wDba^9oWi?Hnvs2V+gU+FK9;;rcE;14)z$)ss(SJ
zi_7(f#J@Mav-cV)VEMRzu)lxH?-21&?su`+_7u9ElA5X`UqK}O8^sKCCl!IXrFOv)
zyI2Q_(G~4PLR_tUH>}*>#LD*M$pASd-S6ZhDDH_XDP0KA9+Tz}OioU2|0*aL1En+m
zKjECurY)_mEQErJsTFgp?Ai6y9lk1>ni209EU;K-9n-qdc9}M!t3pB~QTuT>6h17;
zX6R?g)~pdfm&-=OCN(!U9`!&*>i_h(I@-6O$v&{T_WAO>zGb=P*D>W5`WALd^6S^H
zRFo7HE@j${lYUB;AFwS!^6?2=;pL$Bz(Lf{RS~-zM!9HXER;Z2<r(+wSzBF010TSr
z*2Be!5KLVKEJcHzzE}0G?^H{)2{}54d;W=kLDgi{imY%}V<DljVP*RgeWuA4EYdtw
zXIT$9wA}5<hU`RB<pC3ZB(hVkv;*k0Gf?PU6!LjAw*k4SBxt&nFB$}NJ|d`<X=@Y|
z7P|XS8Cm~(R#8#e`2Vpe`DC`czw<$T8ThC#kCoYZMG-W=evUUDcZX6e%$5II2jM`=
z%NLE8`ulP}P*K19{PE+0o~CAzz|<dJr@79A*(qyS%x}W56-DY=cmR+>#~nT9yJc;c
zK8+%^&*#^F2~S4DS9@Os?kGDPZ0uixZl@i40P@oCzQ1hb@wnWb0dmw|K_uv~Q>b^3
zch%=3>D*?37_4Q%IAGIFnPZ)8g5$?FVCBHDbTLLf)WJtw4oncLM$nqFwuFRP2oy}*
zj6~FJM^8%LqBVwFOV}ZWNlbhY+PoDNkhHcgHFj{Qa`o|PL)mbzb{U8xmon!d;H27o
zbQ|-Y>jj<SPxF;ldgZi2|HIWcaOV}R>o&F<t5IXyY~0vJW81c!CTYyZwrw`HZ98{m
zpMA%<<Nky1TWhX4=lig)t5RE~dbyxWqjTDWK&djc$zT8K9_(q4sPhu#<>5kiMA9<E
zhYML15L&DQ-__*8!h$Zp>D0H=yDmL%kTEzG7M4{prBTFfLTPDf9(t{&%~r=F1rp-<
z)4y%ho`oIyqk^Mz5u({0?O{v(P<`5?m?vwk^zN6J>iFe_qAH4iZr-UkhZFoK3XSI<
zfR7N$S6*3;L;UB@yHfy&2`w$PKvLQIvYgM&+pgNuG<Nfu3qX8)fpp-eNgY*kuhwtw
z0t(lrO0VNpsKv#eH088#HuRcbR;D%i81k}^&H~`dxiDzoIRq#_hZ%ZiW{0Ti>gtI2
zcvQA7LqKg^4Fk;DR5u5c<aMv`bJPrN2YY*|K)-jDHjc5IUvsV1Hd!Bp#ODcJ?#6g;
z#TcbRZep4p9E}I3YHn`1Nm#;{xO0-6w2<4=c(DhGMDVH#T?SABM+1F*>1Y@jbk6qn
zIM*a65#<?gN9`W%^KQ@i)F{|1Rqi>-;vQuN_1u0C+)$tCvLeBmYfXwSA2WLvy+p}d
zCL1IqBsYt|=!G@Q4_*F=mmVJ-Sq;3?!0&%>x}2}-b91*o=?ReAYpcavy=oy2xYJZE
zi^g`o98q62*D%CKQXnDP9&071w6*aZm(yGoR8&N(voX$I3|~3jWX^Z~YCBq*K0r=R
zN}?>v&p)N1qQa@Dtn8FgR=!)E?7%Eh(^-Ex(3H+}q&zbQk<bmfk;nd`R88}}<ad1|
zl}anBn#e&#)g_;8t>0D5@B3CYNZ25ufQFp3G>xuLwflcydnqZ4%7%spa?hy0JN<gD
zC@Dx3baXmnw0>YGOmy+d0PR}Fz{IrN8)ax($>Wp8slTN#dE|f}f|?ctzJFgAiK##$
z8Yz&)_q!7l6AcC9tB8=uqVP4rZy!LFhIaH96mHoMFhE+^0G|!sgyQG0tzn<(KNKjR
z=LnpwiuLit_+cDM-=+3TqyXpcePYC11#qSgMk|XP==2xPuQhq|I*0%%n4(fXkna-R
zw|u5k*}k9L^85Sy13=m~ydIBy2{;-Opb-Y(Q4Dr=_U+)bw=V;8l`EON9`Qt&aD!}h
zk!i;YoN#cZu{t9&q{QRnzJupq`9MHGSk_IyNXm>Ch)aaCILd#cV0|AJ>xga%xCCwt
z6@Z1z0@wsl_$}tk1k2CrT-`2Q{4A?dnu<(w8HqfUJI*NZ*nw`f-wQZ^)<*huj+y#=
z7bCPU=qI_O_Cp3EEVJ<#2kWn)SQQ)ckpDsVJA6KL$l2KL56@N_fBW)B*eUl-mmgul
zSE3LQoR{b2IfSpYK7MNu)YN=o!JGUvE7;$tEyL9sr|h>;zS1P(?1(%r>&rKzng>AU
z5rGB9KCBOFOZ?U8vorS*nxF8|AT{7{_5>x0KmkvWKt)4)=zZA-Ea!memVL#Z-<Geg
zA=7hdlzc4`7(~XLl#)_;-rC-Qz?gx$kn9U*k}6;wE}WP<38x9SAU7Bf6<p)WX7Ul*
zv9i6#(5-A{Ely9%!@a5l@_Wn{my66EjwM$EA0S>n`|sbs{5#t{1ONWjLN&%f=xN<r
zE(5l4MTQOsu8`99oq8*04cA%P{@5=TLM~QdFR$l5Wj3a#JW7UNgl<dXYijH%A7AC1
z44jeIePS!yoY(d>18D~IHFj#vDRp!_Fz-&6{?X7pqtq~w8!xiEc8Hoj(E3qf09vc<
z&(v&-;+TB8%v90CmP`+NN?@11px}1D9Dh?sKKb%q7Dpmx?LVpSgHcEV+zc@=Ff7~(
z$e;!p?Y8^IG3m4xI{`pM9?<pb>^*KF6s@sk;<<H=enl}dwx00rw5WM|x%;t<6My)=
zbA7PAoeMTHN*xqpVf#+}BI?{<+S0<c*WgI!3iHVoFaRi5hTS<#I<JQ_zjKDoW*dh`
z@{XI!MT8<YXhdK1izQ4c1_D~G9V~uETwKoRw}8J+D?+WvYTOMr_x{a_B7DQLA-}cg
zsi+7#+-{6roY(1J9RLE?nGu@0Dc9G>8w?DrvBT@7;ZFt%mb8@qtB))tJ^k+hbCkxI
z0?tTG<EE)pq(LZVxMnY&Hc`{db1(-?OBdfZY7c7Go&|oi_hYXgKgtb!=KM?_kp*{K
zuKiNd%UsvGycK#xz$5p0C@ABAkJfq;@&PzTWTk%oTm!O7Q;tqgc~a2u6M&<*j2qu^
zVjnpC%^HLwtVVqLE{R~j)`P5dp0708U;}zDXz-OEA|}q<TZS^Lxuo_P2bmFX+3p3|
z*>ZhhWB}c2X2y906v!09z`%qEnx>|tjP+XyON-@nbYucxN6P{rIZs^~yyit-VE|rF
z6fhZbx$F+1nB^LhxMCx#{xfN!O*d!!(o8$IGs0N5j+L`m)QCDWtt7yN>X?|6v7jjD
zE0W4-1x|Fr?|K`zu5(kF7SqVc#FVyCs!AV?-6QA=<iUU41p-F$0>-}yK??Tb0G6z;
zx=mc}3i9%CphXkYr@jXe^Y`VWU`E_w*_3FZjBKET6Bs5*iHV3ng?Bl5(SpB^HyK%h
zx9cflVV)g;K{#o*I=2HSA%Etrq^YT?R#{n@X$sfe{#CO>_uI$4U&og^h#dPp4l9P`
z&b2`5!K#bH0HnHQ$fvDkl4)BfK}XuWeI0G>wapf;K<TJZMkSNA2~|fYZDg4t1Iul(
z9jj0^m(K)yAbxilGH4a^TS+*potDi=@L7+tT>tg`z0S{}Tr1xq2#oSVh3nI&KtT%(
zG>19R**V3Ld;G|w17HhCpfDP{HrcA?PKg#$S5Fnv&`5*Zabrmb9yax_0tg$`X%SJ`
zG!~+>o}enbGDbBYl2Hu6_WPliKTs0XVtQ5+r^Ok(%w^wvu&(yxSHdfAqAt%;MbFQL
ze_hiig}GGIvTP1R9C=UJImM5T(V>XN=jn<uh-nB`cEz??>+c|bbHyg|MVUqn>P0Ur
z4->D99AT4$I1r;mjgC1a-YXjaPvd{Q7|(5cW`0hqlRMB+^8z)sI3kN_2ZkN1<;6K>
zG{F2ps2}kjvv25<-3Mpr0*`?3+rFkRqTALVK(AdcwE=u0tVnYmGB0ZKeAz*-F0g5l
zf%a#VhuxI~<k^zTKa6h&u(?=zjo+}Ao41+`s$H#U%q{at)==_dyDx3XkEcQ{0)m3X
zm8ASzuoh-I+YH;{_MCi>x@uB@(VgGU(GhQgHez_*YF$b;gU<pN5RO+-B`0Ly%pI6w
z;13*daC5())tFLm0sr83F?HBElAJrv5SzzE4BmH@+M3GXzbs8}0y#bXMY5k?H_qu~
zPaPB%{c{UIi!(o5ULFpf89w2+xEofiHe~o|X&c8MMrF0$ofKWqZt&|Bwzt2jTNC1<
z@c6i|3<0?>V}E++{TaI(0tYrdC-Y3|TyiiSS|aBO$C?(uiu6Ltry2qhkP)b)B%)tT
z4eUgNaW|V%5Yp$Hd&!J(e5J`>4o0z~$EcD?g!NEr@{k?<K9iM!{><M7eshvdj2Ps*
z_R5lWS7KnqZK|~TUA`bD%1TN-)%<Y(GD9OHZ_^p{{kbdqm|kHiDT`52Q2d@J;*DN2
z?i|HOw1*Rc=|4+CLIw}Wq>Ec>^NfE}?6Rq!v1$~)$ee)|5(%4VekLfzeus_hgiydO
zixP!L7f~8;a+;m{t=#VJ^rEJ7U(bwk1uvl0Q{LfxkLVXjGcTEqpOTVtINEfW$!I=H
z!T$5-&mL}Cey}#R!DuLsbcA-<n#S*iCoBtgzKPv^0+c!k1bga!dnY@srnlloLWA3Q
zJjwY(!x;fqetVPtwle_NQNax?8d@tWD|+BnToNxWE&bah?Xswb=LZ8<YNX4crW)ZF
zmvT9eEL1-s>6ITb-7EZCY;HcB_nB8`MsLWeF|sgO3He8sMWQ3_NeR{%4wd(PU+fWY
zlKNdvi>UEe2R5;yxVTur$g8K;_8GzLfO%N;^GIkYzPa?r+{%MJAZd>{cr+*ncTU@A
zvNLqJSZ~kM*3xqKEeKp0oW(OOm;GaI_arVbB9aS^aR{b^NU$g2cenkd{gyu)!o*OY
zK~YhtWOA^_J0BU{F_uxz+zGNAyg5llM@InoyAPlYU4Tpfe!bHy2xPCd-n!m@5t=2t
z7d4FlfB)0pCiMJLHVqg;2e~CvHR|nho+)@n5ia4m{ksy3(b3LCu@C=H+SH-$%Mo=t
zhh0kY1HZxO=!W5~zB2Q9=KI`Uw$KzYHo=*1pM;Ad<S~`1HeM{WQP6lUL}c}Z1eaK#
z+S621>go;+53^pyf4~l`XmxmU3dqS-jm^(Hv!uf{c}es4T9v=x0J6m}kqHVd9+%LR
z0IA)>PjB4KvO^*{#5}>p&yKa0P_*aWjSCm;A%M6_TX+}P0CRvpJ3SQ@T)708g`&$v
zeE3S+y^$oRPw;1JPAxbqXEpETCB$vXE3rjR4%3ZEa<VX|+CBGh=o|(auB%bsV|MnR
z;6WLH{MUIsT`OmvRa-$P!y(03StAj26v@=$g|@Lpk>wN5qDGcS4|i2_aHeIe+DM3d
z46#q1^)I?y6cqIB4eyGg<VHShO*iL8!Y!!jJmNYSv>_B70dkL>Fto@SuV~|A6tb$@
z`c?%}vcS@4JkISAi#UX~EBF`0+&t_Gqbd8ES_f8p`&WDz&08dZEIas=9DH7H1%4sm
zvRM)mv<7TJ0yaSv;8L(Z_6a8K-&faRNJt#X_7hU4UdUpRL?S{de~a=171xN5aYN^u
z$R-~K9Je(K6Zp6>czkuHQGZsVKf87|=gPOnLG<@_YJHaKX9rOe#-DT0UJh*6EauYd
zSC~4!c2FmA9$G~c@R8(QL2k6Ee%aw+P?Js^<5%e<*Ee7|nSbkOaGnT(Q9mUYh~NcA
zHLFh^?NSZ6<ByxlR-T*_=tQuxu-MO7V<0nm1z|63vcNy#?X?d<W}>NyA=z-M=*UZ%
zvII;{!^7ULuB@z5y3Y6=c}-;tf*c(kX<`YTbYy0(C*Ru^1RSY}h=`ni4zJ`yMBR!V
zvB}?vh}1<(t$uYN<(fCOd}&G32skAVW8jCP-vp*VWM^rvQy)$9H4XNQa)NVBJbaV%
zv`)QYYn@VeVQ)RT%?e(fRz&VL*Sl070H&e<w0Ej5(C?wROJo-@kXouN_$yFXimfD+
z!;tw!Pvag=tj*gx>grE=i@c^5W}-t^TBCnQ09!OJhuigTL?F#0*#Aq+;n?(=ZSrs_
z$li1`UPK9sL^amd%b_ea^Ve^UBvBVSJ3I3@yzg-OIla1O<7=6rppRc(n(f@294!R^
z<kFVpkU!oR_v?i3Kht2_pBEPw^EM}$*w~!?oQWG_5dK{aPfilv0PA8)Mn;CY$&1EH
zu%cEPsLAN%CybfT$>k*<nNIk9Ctg7AQ+t8-<J=n3bd8A@S%cWyk6g>k3#s|=#DdS!
zUZ*Kxh5pnH$vWi;f4QEFg-0T<t}J*Gh@5epw_!S7(G30*awj}Ob(oYKO^#kr5IB|W
zgf<;^lQcA}ahp{M1-W5yI<MT|FItL0B8fGi<Dm(91;4tu3tqVf$TDBHyZ|76<^H^U
z4T$(n1864Q;f|MRk-iP2%s*(6P)T^a?v4bFSs~+Flzw*%^#2ZJto?=tlKw$!-Y5;-
z5VNw@<LEH4HlVvI0D&(5)g6J}o9Ksri97@D?bc_`nS^0lvKHT~D88cNuq!}o|15s`
z-DLoRUJi&pOo1*>1<w(wnWs=F^VmPEHs@sm0rI_s(lsd<rbeu^q5sNZaiT=qy{OGb
z`a`pyh_<dYf&h-o<1SW+*$Rq8Q;Idy9O4}gwOMBJHdaoN1fNW7Tm-X1DUWaD^@C@=
zDuMpa{a&Et8{tP<e@h@f26&qFdYciPK3wkoQLQ<QA$*j<-0U+(uo(ZjOrn5udLgmV
z&esx$PXl+`Ow=}|pVN@b3tbAgxRN?b=1|e34mP5oQ6P=@7hqDcv$GrgoX35DJPIjn
z+11*!;+PmS!u-O*7FamA-=^l~nFqi}kM6Fx<D)bi3j#`UppV~@su<zO;;r=)DhGmq
zwh6FE<WR%NKB4{7F)LH+P%`X({lS;PEv2j>%_MWOBFo!rTV_V8B>FDm*zW$+wo%^~
zffz%05IHo~R+{E@kZP&zMFJ|%>gK8Y%WOSsO6^aB0V{La``QbW-wxmY;S(;1l7dD6
zkeB}c^xWShI~f#IY+g{X2P!h2Z3K~qI!Ey8-4>OQkl-#h%3jx)<uo;J6~!K@O`J=@
z>KO`J;Gwz{56JB`X{x-xOz+?S)4w4641i{MZw7<bO#CJw4eTMD<`xzYA=IQ;t%g7)
z!aN{^g9h$9g@#|M;WyiXSfB!s#+W@>3QFpvc;q6W9tOxdnW}a`hp)c-7&yrSnIpb5
z>qc0PQs=z*PcN&{h72nl55Bodwd<ZUh&K~(u;y2U#P=)^NQM)V7352z@9y!3hQt07
zCw<4EQm(29Rv}SPmC8#_@;=hi(4e|2*(`qzLCPY_;-yE0V1)3^_Q#)(W-Anz%7eR5
zDe?XSZ{Lx8ujD<wx@B6I344t|BW8FPn6l1}VM4c>h>nRSB0QUzT24qD+VWfizZ@X)
zc;spX91eCFotwU`FZ<;{Hz~wg^0A#KZ_{RVtpYj+D)Qkj5G@#n>Fj?U*#!%Gxem4O
zoLiyhn^3g<GWqAgJ`nRAIUV#>9cbK20Gu|zTmUMfJ%*4!GkEY^ZxN)A30NvRhx6sQ
zvRbqa*zP+>x==u!=ydiwC<R|RPAV=;<Ky{e5JAahnIsQ%1rlNDXK#Fd<HZO#+(r_$
z=c7{oCB+42ORAtSiv}2If)^0rDIw{J=AL2nBjsY0c^wgV7R)IlCwLZehzKw{^Pp8u
zY0!~-dDhOoNV+i8w^lL=kPB1A{e=!Yax=7h5q#TeYxCTf(7Q?}3dGkOON#Wim~XOk
z^oOd9YTRP6)d4y$-sL|M#4yo_s=hF^dbpB@2Lj>5*F8<tnQn#8cpOY{&aKE!{ixWg
zsp?v<@+$xq7!wQ841ar{;~w<+p9KLt;^SnYauPs;PP>8ovmzCh<S(E39tIr2AABI_
z;vV88$E#thg)dNo;L3&fN@fP^3$+~`F6o$4?P4wxj{ApS_aXiNC(7=_yPe;et5RBC
zurRkH^Sh|hJ$m0Q!vq9Qx;fJP{Ji9Ma&nJ@gM*bw99DB$H4ctyMEdRB(-t3~uREeQ
zmyn3sK{>h->RCVhX-akwm}(**=099jAEn<W))ovfCy`C8AK;pZ5W92RSTI8VRlTZz
zt58r>Y>x(BU?l+U5yY%@*I_U;0P#E?^&xHnojbiDF&W;@`sCk7Lg4El<Q)|d(s+|n
zB08f7GG3A{XbQ6cNi==1ef$BD2CdL%3zE8Fd(!*HJ7nf!Rj8{K5s~-v2t-Su^07fB
zx{_Tk?_>Mq$lP50;D)mxTugCNfte&wU<HB#3YWsw+?W_3m5;bXEa$g!;F5`~CWd%+
zNj$TPXauAcXw5}N_SV9v#}4{pt87jhB$ah%8JU_k)#d#zV>~4SGz5uPop~&PGBFb?
z{JrQaI=ahq5)5X1KeL0y2il776K_oB^g6aC!8s^FW83Z1*yIl~rJQHTz_G#b*Aovf
z*^VJhG&B^F9LSPdUdFTTn(${X8B0eh3JNTTyJKY^JG(3Y=u=>ut+-LOG)mWnuK}D4
zq!9@5YsLPF8vOkHn4kIrJl#vo%fK#J_!f@kc!3LL@!8Qy4GoP(fOlJVnjgvnRJFjP
z-2qVZNzi{rfcPK{xNYorKJ|aO@c^74_e}3L$$(UBu^&*=8Qlhte%zh_P{gzxRzImq
zp3cPfSPWw)6qV|?3XwnvImuh;{eyGf3Sk$*c}C{SG#fnM<GH1qumFh1xGs^M_rSex
z1BJ7z6{V%0+5iNA0Tet1-Th=2%r1fIisYT2KcKsj_w|KeI*F)iK&Y~k_XA9;{#;gK
zs)gAdV0L)ujv(Dshh_tUEtfjeV15XVK;)e-lsyd2Vn2V<PIYzZu|_*}c_QtUc+&2a
zw7CKr4*bI9r%nBw$1$_cj;??a<rdOZ>=g!ulTL0##*go;wY&8Ny;lTGGeQ)M29W+s
zHM&xN<bG+f&dedd%90^FJCe+@+>S0#@e#YkXTi17!m7makJAJ=e~YATbvT$nO(_Jy
zjaYOH#Rui)HXy;>=R{0|=I{{O1_ak!t2Ft5Jnu(fRz^9anqSpxa)ce(LttPaWc5jS
zLEaYw*nJ%U#$(0+R`@IQz+AJCrDYi|n3XjlT<e!CQQ+t))?C=Yog$A$5gPQTj%z9T
z@(&0yXFMQ=Tc_7>>Im^q#~Nv6{K%RN(J2;EK=mAQtef)jhIDp>gS&z`G)HZmhAA;-
z=-&afz!o37-T>~C%4{OTzY6k5FEddaZDY4lcc!q42I65c5z`%T1o4>@7akc|_gD&{
z;`%FmIo?epu-s+aF>U+Pntd}PAg%-Y`CB7Du?0Z(o(I$|#58-+oDyH?grm3NS6sc!
zL!1)h&BhRtt!C#?4$#I}J^oqTO1Lp=wDBiC#Q+!Pj<~hN0m=tJXj85>Ff4}lN)orX
zV<0cRyZpie@k=kl4kocHEq(%}c2*?=&UII8>EIKM3FAM}V!-p$P=Wn$6vm4P&7!ce
z@xfdO;}t{;U5(-BZRbFeFSn-Bo`8)9s1{P?bspRBi-lNW{KTU;0Um4?@H=EShlGgn
z1J9OwxGmKH9@kQ%#n39fgJIdF2EP4cacFF~$1|@XTE}GX>%1$;O~Gl?bo<m3n#zYK
z0zs)1&?pwjD8%nMhKS!<IQ2uYM5Xx8-)t4QK)P1w7|DzFU&AwA<!{Z=T<gLA#%%4^
z9G<09DCLb^09*i-VErm~!DLwl<*mq8Rqsd8%AvUvNg1gp-*rExrL_$wpqusW`~vKI
zHNgnD4M;Dw?{xo_P~a0K=WyCx6)zj!C279C>5T>JNnfJU+9JQaA-zH*D#v!1<KoBD
zyem;|Hi#gVTkq%ii$i|IO6IRd`QNg9oM;Ce&jqxJL0-P+Xb%M9-^?W*p8}6N?b8Hj
zc{J%eN%eonl`2Jmz#Z?Z44^&uv(&z^0>CcXVaRH++(kus8sK2rA6$L_151VNNGIVm
zC@L&8PhFX>8YoJNbbov6Nb;*25xgx_fZ_;nVS!fhpIqz!Y=PqDE|dA}UqsB<6t9Ek
zx*)R?oq*tCnC!9EdWs7(UYx~;i)gE+IPL58nXP;SMKt_w%kB%8fUKwzk=MxDG5FDs
zaQVOPR_g>z0)jfZGR>_`U*s8i1vZ=Uu0QivHPaGiS55W+Bo<5cdL_93EB8l6<_dd-
zHe0+%;F4FHK0Bq$g&Nuv?rIf;-A}!s^qV!r+IkvtR5U(k#`BZjv@{$9;OTP%;@Mwq
zef|AU-4W4%YE|oz2beB;v5!wqigR*uJOHOj#^)0M{(hW_u4l_Wd$ClK1%@>J6;0pq
z-T?i$ob+miGYB6Qwb?q#L!<vn@hCj}+ThT9$Z=n$dtZcHDepJLo%F_B3_;$`0bh}-
zQew>Cib5D5zUA9t7mB;i)GZa!QShgQY~1^y{Zm2vjXG8|Pa=wte_b7zXK_#l7v)p=
zeWv;7D>JMat7X9pS8UfKj7*lYj?cZyff^xTjtayCZ~9)9Ye<(GO;9YYwl3j%%d3y9
zy14p&&=mo{LuHNpSo?oneMJ0lpwd8D2Ox#P#cgc>ijE$DA!=buhK2}pVhlV&NK<st
zQ8hoC?)q1un@8FD2KvfnN!596@txh#wrmm;gDSG<h9}alHc(GaOsyD4_+0Ug&Lqa>
zkpV>?)+o{1rpGxB%nwrs6JS7Q-%6~M)YXe)lau$KuJ@$Sux!BCV0sX%z`zbR>_qcw
zCdBrmNQLzLI<SiK6zsQpf{J~Tx+KL%js%rFV(al;B3>qdao`cN>)NEaqy&;2@IGX6
z*lk|{XNAgUH8(y~s1ZQAIypHw;7*(wZh=?Bq`sAZZ}18j4`l553~Iuucz@_)bHyKe
z+C5947?s@;E<#ezhWYOGal@-;ZnCE>$bBb<$F1r3N5*FA>9#q%&9GNZhVY)ht9esI
zAn|<C9=Vgy2CN#+XT=p)W@mS|Wud3X;Mdilq|obvp{O&;j>?}{YEWvH$1XO5l>l9W
zUS}<aC6t;?UGTQY&tI4j8yoAj*$T)D6hm(Qc*1eek!VVrz7&d^N$~AsWt0}P4h=}}
zKJZUPyWN&GOqmZ1(-DSK|9ZKN7lhIO7uWRYL+zqxjuifAY|hU9Y?lZTnl3Ds7tG2!
zuXw<PNahHAA9T3w380M~z!>~dEZ**V)${ec#wR-av@*D28_yUlTCGIX-Qw%e3~DWP
z$I-F=wRU~>Ze@GwljV|5WeS@5<y8S)*3=}0A(uv8!t1)<gYZM<r{th#0ITx>pb2!o
zBu@JM+Xb+k=plH=nP&;m^a7R&ghJV@^PbO#eh>hrwS-~|ACT>WPc1eHcl^QH)Rgx{
z)bV#xb=}|5hgKN4o4lLB@~I}qcJIe_1O!LNTP+CU1e7$ct%D?(jf6@9Hn!QLcq|$R
zGPYXh7@NT7Ha9wNC91ouHJ`GGUckR-1jwA99=Bs_yA1iQO6K}6Q?PJ}!7-GEZyh1q
zKJm)PP9eP@(fs?3I`gkY7ObNk_N2eMJMk9Pp>G<q$Gm|uHX4fBUPKWsV;f!I1U@x^
z-Y>wXP4<ImgRC|rg~M8p5{1oaV!=5+o3aDPfG&L#yGTCccKq4Ukt6@523Gbl<>T6f
zPOCzc%;=|SMaH6R)W@Z}=cDOg5an1QT^<(>eH7lVqs#b{y*+f2-?W+oV;v>s<w?>q
zGWQdclZ_x*=xPMe+$o*usWNmgG5Gve!b;!gQ{rIb`NR~%Q1HirK%O7EJk1TC`Xl4n
zkk~t7y3TiEa&pzk+RD%XKo@M61ZcmVULUVKfrIyMF>8)*XlTgRzcDQ>?Eu)H()E5H
z%*eSS7^rqtyZd-M9thHobf`wKKsA2Q25r_Z`*5f?G*tL4A@VeD;2|iTy^dzVG;0MB
z@Rl2%W4$VWDg7g+kWiOs+8)Y4$Ui+-Dm;kV`pFvpEi1ExIrTMuD$~-|_Sl3IFz~y%
z5}3;*r0eHRAQ#eG()b(d>Pn7Ez%>Hlht8BSWIKHsvG7t)R*rdd&{ZLn%nxUP-<1Vn
z=yIuIvR+VFD9XgdG?QRALu9?d)1A(R&!k^i&b6WwkR8stE&!bo{Z|NRIbJcc1S>U|
z(^5NIG4=;Kx!><iDoGczJz|by^9l~>`{%A4bQ2sLZf<dLaE9KY3hOy|v+xC~4r>qS
zS!JQdrGYI%q@$|JmhoQQ4pWo+CHvE&Xz#+j`KWQJMOZl9NCEgTvxVWxrb6r9Eig_{
zYg7g@T3-7538A`A1%)vBUSo~lX*`fMv|Aj9l@t|MdM778s_S+mw0{0favfek(l%pB
z(?clNfS<-qZBGVFMvPn;GN`Dz^9sfO^`!9v=qG%8=q;UJG2$M<TZOWV=mDYd%&MxN
z8EzzXn-dr$eCQdV{0b?1>~XCKdHSK`Tof#9DXeP*+mbAQ)2lzw1`Az^|6;9-2Pgg8
zth@^Jn=R`ZMilm7_RP%z?M#d=rA^}nS0yEl$QCZY3Iqx^6|Ch38hL3!!5tqvy9*M5
zO)u`^GAF)zr~XMv-5-d+SN@dfGdh`DOCcc$4DgpE)hY2p(T}y|Q5ZTMFXaJOrUFW8
z>YdWBpnA}x=EDoJ*D(a^|2#j=Q{4r-OLh7Q*IlTe<!CguUX|+(dojamuBrScb*Xar
zUsv2>iF-C0To)GDi5H!oxkY{yM=1%ui#AWpB*9*1NRpEFQ+rTRcb*o`o`mK4&)j6T
zD?4oZfSBaGrA%h=Qv-RR4*LU9xKIu+Y8-$OxB@-4b1-bR;3_XLR#pIlIqeIi@C_3u
z(g<JWA~LNv{RJ=2@Gllf%5O3Ch8i?wzAH$_Q~i(TEN<zSvO8F6H1<+Y;@|&qv$9P|
zaI<5-ZA~{uPf7J(5c0Y&_ik)_qyz-?qVlW<v->U>U}YpEK9^7vfsR%|)xrG0s<h)0
zQ4fYjSChviq1CUVl3%e0IH$u-K<9@aNOO-Vf7?+tn6Xlfc0;(aK;in<wy{HA+0x<t
zrnBE)8uOvm0(Y5!a$>Wlt^$5{F8Cu)>{i$y7gSs*J$#od;#<i#2nnY35EZ|C@cRB%
z$<M5u@&=To<Y_r|h$x~{965E)owsWZ`>j@cd$%9uEIWq4X&ZESz1P+q+jw1&zn_(5
z0$m+UAbDNz_I&T2SHZVip%Am~Cd_(A#Bevap#{MW#MEWw<ZSW5z=R=UW8vc4{aT3{
zJ20SRWahO0hz)|cxkt60ihUzpkFaumZ99(0`k=Kx?8lSPuo5Qs_U2<*5d^bR<GT)t
zgX;u!{u!)YEcC3QWUSO*DL#>3L`J$c74qQX5lLeCzyU{}WswVXu*y2x+oy>g_M~hW
z=<DN4EB&dmvB74MQ+_f8qEml_d{t9#w1@QOFAY~*)oXy_N9ehNw}PTlpwB#r9&5^E
zI9hM#?sd4}l?Q}X^^R^3QEqPQ5*jH_vZb@ipht*jG42m|e!Ex(uzdUZgNWeRs~zof
zjnZWS6x2Y293h`Fpk6Xc40+1p@_M|jP!te|h7?X@r2Yl^`qllxI%9NpPC2U>Nu{%r
z*+460KyG}jGiN&q5M35FHK`fBzdj`ZpmDmv+H*PeK+K+{dDA)rNFBd#aAsTChtX&x
z1p#mAyX)?+!p(vvsO`uIL~Phpq`Q-UFji_gAOD(yHm)w!d12eNf><D7UmNgYne~2G
z!ktr+(9UGfXr^sj^5_4wXh{0|I5P+gAV-84&T&-@$c1~zYu{&Q4wtcjuwfykKd}sc
zfPXXfIb(If09O^Y)`9f+c$8|Dz!G0BRZ=!0H7+UDAU@TpbCR7=S<2u1>nZUJ&J4s)
zChXy_$^lSAXx?Pc<i6hmc7j(Pd>@}Lt6_~cyu=Kk>4*IrZCJrT&rPit+dMFKT#8)I
zX_Sk3wRm-X67^T7^q*CMic;pLOKRJ%p+;4;wSOijCpU<wT{}E}YlC0RNn|bIX+yzZ
z7>YsXlv1*4p{PAgQd3#~LZ1^E<U=0qxX}nzS((D7Qszy{kKL*39`cInCS2nWrG`d@
zu$zmwox9^E-1DY*&Xy`-k9)8-s=O#CJLPrEuo;NNE((Unw*P(E&)5kuF<JEoa0n*x
zpn#6LM&_QT#?oNtDy+evsr@$e$LI}nZ-P8%`~_+k*67jHLdPL6WN?-^7;`;qW1^jk
zLYT#HZ#>`52WaR}13Tpb3U#bB%q(H>TRn(<-~`ML<hPFOBpCKmV|o554bSUsxFZ?s
zxW%*8g*1Rbn*IenfiPu&$JF#8WtecK>gb4Ixcn0M1uKLEuvanJZgwGJS3Q0@Yoj!y
zQz~^>wnISwto<#8&E^K=#Lu)iIK};`oI$qoa<|nDT+~HP`xEUho{bK$frLC%sFs$N
zs6dagw3aloU~Eak8**Pog`h>hvLo@?^U|gi$=2K1$sqFeqEDmuGBBP!%TNCvKx<(r
zRPM6w=?(FOHbXnMa4CS6hbRHUjVwC#y8VUIbz&I&(DBi@-2<Ingc|mRJgTZL@z;4D
z@u#k(WFzb%+fk1l8M%z0rQ{HBb3;#Ql&9sKAbNlnQKqT=K+T&$@a0GeGkQuF`;CXY
ztE;0{{hjE7Z%y#G_1E8JtGUh0%?T>9v!|?iq|4NT0dqzqz^B=UH`ksSaE*o|r{U0%
zD?V^CRg@(B^Ym#+%ooUOOLsM_B*-}SppyD$R1i3XiYgRE+(RljumJuSG|{J>E?H%k
zb#|78ZGH*|mzwHGc~aLiw~gje=;^UJ{^G0^wfli^q{~Fyz>|6`7v+1xQ*2}%GEPBh
zpk?{&;`hI4y{M`h$Nr|_S21FnEJanJ@77mTA4Ivi{y%{(uqUky)+KN0&Rn40r@>g!
z_Txtc27Z?|{Q7`FxYd_Bm@sJkpo1mojE({z+hT_+v8%;<$8V-k`8lx6iM2W#w&%wc
zS_DyvITcxe%-L0VI}SJB*78~fdQyG94sSm4=`IVNQ7D8mwI3Dcqqv$5DzcU;YNo<W
z?fPGO-G<$+(<M46_Xj1KR30~l+pp9id2Ix?aMkd=!3c0i^W~Z$mN}=_TAo*uo)xG4
z%zgWG89Yfet0M8jh6rM@1pF;hZui?HdlPFy-GEhnR;1|Te30_+L-$XR1gR<SH4zaN
zzoIyTqN)hc*EOV<&m`72`|zKPrryi_tZ~fO%pmLHEQ(((mSFf-PcNu8CpUNWO=5X-
zi1(M5iz1KPDJs)Ih0vf#a5N$=4XqvNW+9-G76ON%QQ-;5@s=e{7G_kfbsqx~?P6p5
zU1Rrisff91ag~bU#VGT5H3u0hkwft+mZ$v&Q7b04Ag%tCrMpnDT{X`pjp{QyU+^;J
zSzs=On<*BF#IV<19n`BB{C{Bc7PyOb|BCeu4;zd|fQXLxS076XiS{e4kr6Fur?Zk^
zwsNe;tS>T)YTfRd>go|xB`5DsX+kE9`zzMkeW~o$GZ=RDFQ(J=e^MI}00q<&U3wky
zYUz_zieuz6;6rhKN5EC$0{v%c)f0`!*A^SfmJ?)VW2^-R@3Vhv!9)Z~&31pCPY1gl
zn7#<NvEV~T<5|Q2@QJQ~y+zpfFDwjS6)hFjaynUw^x&P~;Qdb#QONe?B%=0qP;^v|
zxLTQg*(@Ky-)Na(L4zWT7waCg1by?n5@_@*KeNt8;gV=WjTivE;&JE=q!f^2)%`<-
z-pEX(Phe@^a^<(^_6|wT+PUG>8~H~3go*6iLxo1N?RJCjGdfTUK*3g@hTT6kbE%ZV
z+SL1Ui<QE9Xvv=Vv@FcRAe|;zaBnh>*LTTR7zsCpfa^ln_VG7mCsTKd2uvx7zsI@<
zk*Ep~1ThZ{`KBDt%_YX00LAE0Z7Q^zUty}dBVMB)D_R^`TX8+%b4L~&cxp29B~5|A
zSY5SNjP4h(^1e{17;FP-<K^z&_kZpWr`Jw3L32+}aLK3pqSP;+c+F=k_dpEcg~aW$
zh#qhMrOZ{4y`LtG1GMgoP#?a8>5gDS;yp4~Eo>ikH3BUeaRtuWNV(DXx(_;$L<k@=
zLgOnj5hc;;l(KxHkO=Fx2LT`XUN^%LKya;ea{jAm2eA^ev)gLXbXkW%t}ZrzoH}<B
z>0`Bhg@<1us=a7SOaU6_Bu-Da?X@yP!@?wJh$8I5Feh(<v*5U@t{#Wwc6waMzFsPw
zEg44+98;rlWf1(c-z<R%#8}O)*>hk~e4Z^vtLW$m(Yn23CFJ6yUo|r^5nFtWo|>9!
z2b|#(BIRPF6%GUZ9hq_TXoOn=u6y^=ixEf&2tTh|*9IB+jmIfJ3!K~2`%?*Tm_EnU
zeFHN0`w|dN^@s+^uM_ItJ4=Jx+k#P1QHcTTY+B7-nvJZ@Alq)2kVW?pp<5DYQA`!z
z*Vuh8HD#D38xvlEKuT^0t_r`MNncHN`f-0`v2vpDbe-_#a=w%KcJBsf8E-t@NVqP%
zdPP5wS~Xe$EH$`w!qZ}NT><5jDLUp$%Q!$Z5bIBJJ$rg~Hd&$GJ{x0a0G-*Xw<IH@
zQeUCd-txcrO-WlvD`wwIM(CMK*JvX36)|puc6`7vL@e$gsEA|>DYo`x#g9BE4z!gn
zMALepd05p?awKiaAA7qKP_FRewq@zc%8cWIbWmIK-cL(7EmRblL=6uQZ@psU^g4gn
zTzpwt)?uQcuH1VJic4<c0hHN@en=K0iIgbm8X-HNaIdOh&%>w+>VDS@JA$~Tzzuio
zsvjD(O?mK*C;D{Rp$E1^xkY0wrGpA!gscg1_L2OkJum-uS=~^98N)F$Jl^8zZjjWH
z|74QTX|X)}?i`Z#Df0%Px$>ndeX#1dWpLZq%iw=fD)?;vb~N`Y=7E(y+o!d;*RW|l
z&4%|MPs@FbLWgowjhsOY3Ly)R8q0yN!qjqxBtkbu5%uQD#Jk$~d^mgxp^}1|t=j{J
zx;kMazss%(8_efQv^kXOymIqOe?#_Ti92PPjx7O^Qet|RGRDS*&aD_~o1Mf4CuGPT
zXI3zYA>2I^ahQ`A$As5+t8Q$M$CooTI2~rmVAG!DQa!!T41HbZL=!Fq17+rCx6S$-
z27S=I>+LN*i#0|k8dB7MZcZ-~`}+EtV(>Vx)rw>?xRe56LQ9+B8o0|e{ziln4E7lG
z&Qm}bkqr|fN<(%tX=x*C|139?7blNvbKCHJ1-QgSa6*kkis--P6a-yA&KldOL7t(@
zt@AVf4BDRy`1n0+Ei__HB7No^Z!OiHeH}sy+?s5>=(rd$^Mf!&+3el^+eN(WgZ?{Z
zt+l<V@qo8Uzrn3{gk%ab5MT6@_$TLfIxT;eGS!&_t(=$HaC9><G4Ww<oby;{YCcQh
z^V$z<&=F|!d{Q_7JS_VJ1O#u3o{L(0i#e?NHyG}kLU>@)+>q*)_ao0eP0z`kPE*@O
z8_d?E=x1Ci6JJ@@(A^BdB;DB%v|CgHW}jicNukB5gq4Pyo9DdY`4m4tYi#N8l1g}c
zeE<A6f)m2-=bz!?J;)o;wsvpq%x>3-Rc|l%^kfDB;3#}F(R`y}x4K3L-fys1@PLI^
za_`XqFT1%4^dFZsm_fD%3{ezBkP+!etxLgtrNc`7T(4I|-cF?AsA}2L{BqwTkR*|T
z_FdZcf}tAz7V@~JUqu~o;UoArd~2jqt#|TF3Xv@wHicJs{QYq3(Y0yKq5$1bI+qQB
zXaG*I<paXZefo85xKtQz0Gfz*eBQ0s{N&I{WkTMlfGkUS$dj}qn?$h*6#^{m3{FJ{
zIYcdUIDuT3^z{paW&iBhF^lxzH{uFEXhIAz2#m){CFRg7U0!cNA1WX&d37D~${S5(
zH0FoMhC<*VEFAUNgTM=N#o;{dKjDx!n}|n<OxrtNThsMb&RQ9(wFZYDQWYIQ%uf-Z
zH<H7~{3Zs?@he(UQJac=TIqra;9nG3***DbjA^4q0ihtp=H~8(cO?K98PEL>BLADa
z8Ua0Nv$5n?+LC6gVr)O`L)!`x0nbeC^f3kU_mT1_w)GI*eZUQ$AD13KkTF9RTrQv$
zkb=c%hamD;#i7~V;$#wwA=sONrkDv0MBMO1#P%-=+=PDyzlYFrSfBRR*<^bSU7KYf
zcnI8I^X@pFJ`Q68qQhk%1tQmrA5G)#?rs)<Oy6pa$7@I)V>x@G>LMJ{)AtFeXe;+a
zC?Ks7NqhjH^ir~?*Lwdu6)h}65Y_zug7MQO$#~qp_q#`-RHWa9gd$ABNz8`lanBo{
zI${uDB5<L&A#?19q8Q}Ayy|**1&Cd&wYs=@q<w@vac(l>v)V7_0pX&@z_DbCa3()4
z@!z*%EX}&Ni~3=E(Ji$Epr$vTJYXpcs+B1|!E>-YEiS~&U%v*JQGTn-#y7SpfGigV
zRAy&?JU#DeH>%exlHMFcx-P~qBQay^KXrIV(ADttnfc!UPplzM0J_}mQmWR&ca3q5
zr5_?Ggb)O2tJ_&1AIg9@uQr}lC8lXHnEy(%8oEUdw|;><lv8WUZdtFQ-Y5qM6Pbq4
zUz`m@Tj9pwYRRiSUul)f2(1^5iA~^h*a{|&63w$GPDwTdrDo(a`2JWKx+wT~syvQ)
zsS9Y>dA1%6tiZQ1fMh?IjfR_9tmX+~psn@EP{33W5vWOUK9$1E;NQ5roXA*V12hN~
zdO^uTG{S%ZoCygD3Ei6TBJ1*X$tusy0Z;fJb7n3u(J=VfSl4=OWXOI3*pq~f=691a
z|Et5ZDj}|i9BSmkRSwg^m~9-k=_lS*FglJ$5BUxwPw5D>ALqZV{9N?RryVrZeSiCO
zjcP|l9ZWR*fFH!N;i7bWgM6q57FjStG71#oJb*sDI1sM~0RN78XBm7+hB)wc-{JZ=
zOI%zWesk`M<5Qj)j90oHvzIttDt6U34D!$J%cm&luj$!MD<x7+!OMf2)%x~%^C_?f
zqJh$%wLw?!x={>RtrS<wG!LT~+0Y5!_Y9OqO@A64bT-dL2L^c^v07>z_QE?_CS>Jh
z;f{W`McHjFORzfdfV|R_i$*q{I?h<9y_(%Aih&OtuS)^9nYcByMYojl?Q@b2&Dd6m
z9or^GW7uBxP`p22=(aF+(`i6X!kRN#mA!+*929VdMdLWzALz*MY<34+pwy^QHv#>+
z1MvkBNWV7R$RIgYEPfx_wHNpuHFZ@8b6n9nObc2xlHCE*eDg1!i6-x-aCD7Tz6KRx
zn{0x`PC8$5dTH@pE|LhajAA8NSU%&W{Z_^)43U?&(diq1_gT%bw_q16rVQtZdofzU
zO=CJvr+uC*d1O-9ZK@^&bZ%#m8^jFEOy#PE2E_gyTdwa@CI1$1pGi62l5l{Xmsfi(
zx2}%m4e-t589aD7Nb4CH@gExl2HFbnUEQUnpZq_E3}~}=Evje23+}H#1SPz>spFFv
zpkivfks+bWF9mSx-Zn93&Q@F=p^#KY?Hp4uIz0PZ#%-O3&URkV<*H#}SL;nq?!ltJ
zm2LKbgOkwn`s|m7mOp7I(1Mf;VjZrkbY1eP$U<vNmIz8^ERk1zOX9tiL<bn=tr!je
zuHJ*))naB(mSX>}vr_6feofn=cwiBGn&)eI)8;RD+|HJC3y7e-fQ}u(;NfgdcxZl8
zKfovm>4iLIzt77-L=PPuowChKmzcr*7n02CTj%3r&^yelYHUEyRli2pbihdfTl32z
z9BjPAVpsGQMyiX2Jh>T&<NG0&f@vbp@WCN^DPZ~5jK(Q&Sg|@wu5X){fzo%<`v~5F
zLd?j7?-}{*wsXHy%0yKW&@dienHoy3C^USjD`tJ<MV^aI(u}CNm?IwV_My|V=KpJm
zm>i6;i%Nc_64mxZfUH`W%;!ZUUMDMS_SIn`x^(+^v3YWVgm_2vI~f`Fw!n1sxT|8s
z<{fTB1#wTvTrE^Rz}sX|q(kHFg?5chv@oHqBa(m1-O_me?GnjevpUh~zvky)BHNjg
zc_ji{(XzG>xqlpivVQ>~JzibR3h*9S2GCwCK${n|*FH2sXBW3daB#51XN8D#LlvTP
zChNsF_EL?b;%VlGv%A}-|4bue5$MzyMoF*zD$FvD%88i5AA{>oU93*+X9<GP9`xwo
zc<_R@L>$O=^m413Wvxz{swd~2(ev6a=<KlJ94H_VKSbnHYars<*?%3h+E_lzkBE!g
zqnT!I&_fb6AAq0pK5$;Vv`u=vrH80R!^oFOkR-X4n_JSNucQxv*-&SZJ5kUkgyEf{
z$E`q<tyiyvhsLZ9sb>zJnzE!R_`Jv{#Ax}E^}cUh+^z#rH9G1mctb?qo;SS;2JJ7g
zQUkrVUo*+{IjB(l(Q)yQK-XoybtJLy4g6LSF0LSzq=5i6{Sj^5-e7i8ZMIgeomm!Y
zyTW|vh#`u)=<|^k9tX}dQ4sBafO7Y@5q*!)e}911)p|8-p~Zf0GO3f0uLE`{x%DOA
z_X^EK>vW~@LQFyw>YKuz!^x>E62YpA4?2ONj*@~fXlpz_V${J?*YNQMcKYa9$a{tC
zcQkq5NuFu~+;<t?@u9<|QLbG!N%g}A;n`z(aeReb)Twy&65^9)U#)R1$C=D-JvlLs
zKSZW}BtPvTT1v@EFQ|l*9sxg~vxF6~{U&5n782eRH8W#DQ%L^cHg@#=aWYiPm9t<K
zXjafe^$Ae74Gr&Z!D({tFVzG;4}C;gSu~N(d0;MNP;s4HFYNj~*8UYON!bx_L;R(s
zF;d;#om<%7UszC9VpI$Ip$r@JBPskTsNmQUM>r?9MzWx#rJ=tS2zRmP_4^Vi6(^yr
z@XOTv@4Vs0cPt#!d5gc4s6QiFo4GW;{s7|*ugOG|=#^7Vg^xp4Z#R<y&F=KOC;yYo
zN(cfPHLp8y8Q4hZF#T`SvD}y3+X0b~mpvp`V4n-V>irYRb5WVUw}C<+c>hXOzg*)t
zJUPntmWa&B^_^>klI?qokE3P$Qc=E^&M=;3S2F!^$oI(OX*!$~+4P<9@{&T7bDd1e
z*qpyrSnSd;_zxwb(O!$7MR$Gp^`HXvo4I>~A*f;CnQek;bN-&Mj^8+`I<x=!?5_Ov
zp2>{Bd(4UPx(EcEW0L85Ab8KI^MeBe%V94~sLeN?Pid9BMz27&`ZJ;L9~Wnt4g!%X
zQa&}3be@`F%v_ZzkJC;%gOE@~4P$LLXFl=|VJ!)5bN9II-(|#efwGjwmk!G4;o-r-
zx#7vdRKnUnQ$Y&W=jt5|v}rSx6t$&{8PvcL|IC$O%UM}vpz;7g7?hM0u}ynMMq02z
zW91a|dve9UWR^{Sutf}ipPyS$)R$47gICfV6euYfxii*|8u4&mFj>^VwH^QY72YGw
zf}%bIx3#M2p$rk|x>PHH2`#EsR9y#)P0|j_&2@l5xu_Wj&3ycm@wzi34VmB-=>JwR
z2Pi#*AvNkngWZjA(#)MCm8i4<Wnb`vC|yV(%CCC&(+3?nxiUpLwZgOvMalm4(bkm{
zQ%a%;f)>*ram6~fdN7-|`$WEtdnu8lkVDIi^2P5XMxn(b19FOF*CnuofwOsJ%$k)f
z7%sE0w&Rstre`rlV%-a|D#?YD=!8D&C7#Z`FWrZq*1g!1ig!&c4%6FqfVGkKduhvG
zh&V4aA3>UIb4Goz>zAn#*v$N+D&g;#njaTCGS-zjb~PKzGOO{1nWqv<1>>U{_pmQ)
zCLv5*P+0PJZb@8NTUNC_Q=HWPs16oZ)E_xvSd_IMem$=yUWRchPyQR}O20US)0si2
zV||h<yZc{-ZC=G;A6@C$&i6^NA7p12w?t6`#Cp1Dri&j^qbCwci<7Y77IN}-wD&lm
zRJ5gHdX8{kgpxDk%7=c<&!F)cA!A8H)>r+7WK`F3Rz>S&;{H>i%$A%+<z+bsf98(e
zQ2NJ5SfJTQ0vnh1*7Q#$swL`XH+xsmhLfN?ZMYN-sa_|&q_sC|K}~p}vRZn;aS6)E
zqx8p1`z3ckXI6Oul|8<JFA5|qJ=0vKPnIvgP5xfijk^(e?)|t0q?9AgWq){NPF^Cs
zaqSxjkq`{2M!Gz8*JKEjkZjh?UR>#%6x20w`i!U}@zdRY)<kr$3I}jS^C3Qa8uFuu
zM6gE;X62zS656i8wSY6?MQ#D}K`~h&t41peT$Ia{fF%HZh_N$5hlGR-a!nmyYqG!W
z8zFRl%P!6lf2=euudy#l4LizD!Q9eqin~y_^OeSSnPxaME-?`|v0a4MK)8^R(-s!P
z)|Hf)V`Z6JZ@--`qf`->6~j)|W49FMRVIy6!aw!&6@UBD7D{M%lcd1+JGXKPUP*N_
z@OSL>b+{vTB-dS_EbJ=tZ*w^}2z+tXpqp%hIWNmucu_7~>UzuzCZE#*ZnwG`HS4A?
zj~-VN3qB}(NcJ7p>qjOAONy$Nx%bIkXl*faq98eUAH-@j7??q#GxC=w?!Q*UB2~s!
zcj{MB(5LJN9L`2>yRsL0H$SE{<uuN0aEOb16So*IkTfq_;~RUPY(PV!E26p1)_{=h
z{EK>weT}w=BY=vR*`C!8dy9SmiY2NhM30+RrK>YoQIG=Uk@v0Dn3-S4vSi%_Kgt8R
z#hlf&kwpH!W+jsaw~g(Jc!@Itl2L}^rJs$J9UWZSeoB+A4kiam#E5^SAc$FKmSC}6
z2!<k5hH$n5hhTUfi@So$!+brvCn#9k6E7*7)lf$KZeXc^1r9n>fQ}=h>UI?`tkGWZ
z)ro1Q)E?JFacx1Ro;kG7h>`ea8v&uX82L|>=MWKI5AkSc*{W^t?5qgd4{*<rm8Q!F
zI3HQD%Ju0fxe%LoW#nnlYc1KGYiJgcmOhYgj1I|9s0s@F56TL}XmlC22^u^5!Cz+B
zZT5JRi;K+)S1*n`5eEI7&0MjfuWP6>5Js4pnaBIww5n?ZQx+H3UClJtMai5pxm^Ua
zNe9JcqtZEyMrOHnYo*X_bko11!NoSkCHD`z<HW0C;iZ+~-0{sXFAHq|A&mvmlKK?W
z*ffdpI?@IXizC??>eWL8oVRDI=Xp2+@xI7ChH1dze5Gix6{p@8>asNJLg?VOK~G1i
z*!pnUew|kYUUxkB<z7#0blWUpjP(~;3q%9FzKxmb91p9RY=Q8mm*vm<*(XftpDm`j
zG4#nheD55XWRCB~tjE@pg0ey%{P-N^3`s?Es8HYD_W54abRh!@XNScR);bt|8iylv
zXnt^!QByAvb8)rAXt~^N1n2$RtjZIM-Z9`XH?h#bAta=qukMqnQcz&xj<RLLc+mfV
zXu{s#-96#t;Al&j#ad|d=6!ifYajJ+{3oi9#Jj><ycs|)Iceb2{=vfk(!Jv{pxfzv
zcD$=+EI^FBh=+(tMv5LE$z57Ho;r`aq{e9&STedHk1MXMG-oTXgMvFZ=itijg40kd
z8XA#OX2X9V9QJ%>EKuMrrB115f*TeXTZ4)sPYE8z-i(g%k%f8^wJ&oq{z8zCwejNs
zg>PU#LAPUAh|^6ue<4l+GK;yUnfrm6lefi*l7PD>@tCVFA-Im%)fVl1C4xA<I3I5V
z`Ld0{W4(rYpoL44g6pe~J;c<)cVgaCyK71GnR(=_&<v!G6m36gk!Y~U>A8Q3zrItw
z+~m-A3;rLH&VjqGb_=618{27Y+ji2}wr!h@lcs5WVmobYH?|ww_TAsOzu=6qb=JGq
zv*!GYHkq89oNyx)=6ZL`PE*wM)`Q{=x8dhGM+M#eMzg4#xeTvq>l-qbSV_6{!a!F8
z(}$QtIg^jpQLV|ChwgLGN8WCM_)-Ab&L`FH8Lj@j{`t#oShz2(r<#lPw4yZX52ra_
zSUlOLrRs3vMTin%cJP^lB3hWF)L^l_y2_xaS1y~14>Xd-lIz!qr`laQ)hDRf9&%;>
z>7y;fwRt}<iXCqBk`g(Q3Ob3RnwxVSjm+ThUu2d)V^pb;PzxY}sJy|R(mk0CEzpSt
z<;7>}^X|L-Ck_b(Cq!0P@j0`)yeJe29csdtkSfc<<9AYUtxx3?^@mPJ{#-m#dQBw$
zj{nL?6F-7wuawV+3QE3jaw16KP1RUi&u?WVegC}eZQ{mZ-r9{>5j?z0E^j`sFtRv0
zcKa=D*ye6iFR|#syGrzOcm9c;YbK2KW^m3xtNo}x!|U-?vTDbr9=!_XvL8Sok|gH%
zJA$(U8L?o73j-w`*@VHn@<LGGR#AD501xp*PNclMs%fy~{X>64Vvr%ylHxb{OQGfZ
zcH|Jf!n=Jt=$7Erw8$?f5!lSQ5ozfQD!x*j+!UZ#RP4;~laq>8du&LJrFqv(1#AIj
zMaCQviXK)S++;FWS_BH@%S^EY8d?<|m^NF5Sh8gE{7Qv}v-0x2>C#(afiUYJtQ^)%
zLUn`TeGQ3_43s1uQnQ6-LUr{av4}zY0pmb&i`XE^Hurj>04qr7q5`R&Tv=6eLnQk1
zgttDie+d_#Ja}u*=Ae!a)pVo4px*c646CycWI_2u#q*LWYReP|^|W}Rl6gy5XWp*u
zr|0lKL0A&6iy1}O&VUxE$7?fmJen&D!HSB5{J>7E8E+hmGe393wXA(NiEr<ghi-0G
z%(rHxMdmzVIwv!q@#(-F@S))M-$=AF2z<X^I?v6`HJr^&By0fhnid4U$aFTL3;p^U
zIlacDGKz6=|Kc)$NU>s%W80siS)qZ0q}~;+s$qYEI_I%@UL3TYq*b?c(ju@t>G|PJ
zzZAny2AU41sS905cg}Ph*=6KsJ0`V-#l;`|_B81Ry1H_5ui1%)k`$(U6;PXFh?2cq
z%8Kb?EUb$Xzwp&VyK2Z(RiXHytGmxJyH+UcWUlm8B*SV|#8kPMi#2r(KOgny7ci4^
zYv{)3C8EG*NXLos$1cnmeFiFvb9j^L`_QrJYWMQr$hhb#%?lr0IMh`qx8Dh)wWz;a
z;}ImQ{H`&dZ*GLRpeQWh=L@gf3i$ig`;`*F{mP3o_o3gJnhF<^cttG!%{Cp+<Zmu*
z`@_iuU#>t*i<NQo+#S155Jng9E{uP7?hqb&$=Ks@R_nuHxL|C_6<6BmiYN2V@3Fb{
zqwka!KFI1wXIb+}pay=e?jA&*qog&zq_*AMnOxkA<V(zC=u`6e_Iz9Gu-4+x-E>GE
zW#2o~OU2H|v?VvYt8JV`k02Rx53KTavB}mobO*LTbfObS$A4B_@R^<=x)7l-;A&QH
zHn*X)j2M2HHT<<k5AXeLtsyx-qXwP?(bU**r0-x}B(AAC^OcScT^$DHEE268;_m9&
z3PK7bVl{}-g8X<C(dMoyjV<V&6jFnLuJLDr+#sE!>}FtyUfc!`2;NQ=?@51aoK`gA
zTlJ&)LcXnARWro*g`Xhc2Bg!HHgvHp@}tcYW+yx;AS`etNh)MyX-R;~Q_U1Kzyag?
zoG>KME#^B@#15ZHK%ehOWv*YS@7#4YitYa)&kch2BB3lutbeZHzVtUXY9o&EUHhqC
zt8HFMl~9KLMocVRE3P&Szojdg;FQlUqajY6tu@4jgP-5Z?_*5pXeMsUedHk+`^}P!
z-HdJZYNMNgJ<Oqh08MV>(S@jiLknj$u&@F~BjERkh2_XCw*X>frkZa7B)|0N{OXU7
z^q*`lL$tSmzXZy#(-+IglU}+#I5X2nN=7Ds03O@^r{4n$?aRx3Wz3%hTFp=_qT6!*
z@a1a}dwtd49;e*HF}vDPfjSTV;|YlUy`iGm>v0j#;h#>zG&0Y-RiD8ZmbMAl8y<KZ
zZP=>Hq~#0hTA;LfdqZ{G0T%YVjSiu*yv}5a+ZAUJge(DcqLfBPkj+o!fp+_w_Qck`
zLuR#^(Oa~##$*^jV_}TN&`hq_Fv2ztKl?wUJ@IhF?|y3DTVd8(O5hk4W<~VmS%dP;
zB4aAz@zK8b$~`hTcsibi|FE}1r@CFQ!8RdZK5`yn$)KT13(FESD{PK^tY5p7hZ0Dl
zl-Gw_Iv<I>$?%R-2j~Jnn7^`TX|VXux<JbK8Sz|1mMEn?y-bLUn_84fi{;K~=rt_{
zcRN{$qx)h>O84iKK_uQ@V{lt;$Bt7;4i<N&r(-59kzBB8fg^FD&EXhmT>#O;*!2X_
zgahNHVcNZQ=u3F-?-33!Ho&y+#|~evHoT^$X6`23;ek`aj+noyB%sDo#^U@A`=J?!
zlMr|PfOJVm598MdCUM&Rj+XU#bnP}=5aw(9#pSF<Ur$f+yLVQRx>~=;w1n5BIsu1?
z!naIWcn(j*sCj(#LqQ}ZazSJ{s^_O+G9m{HM-(@M#R3Cz%zP{rJFp!nZZhvLUN6`i
zqm1EjI0VJ!EXo7Yd}L^LJ`#wkv7NqjS0FQQFtTuwRg??!uUoG%;p4weNh>5*S^>J$
z=_bw@FELlqg8VC5cnp51Ba*7LF&Ayr)t|i_%{re$L2=UGD2{(c8PR-Q3RvrZaZ76a
zYub{~vT$FojLl%PpC|zbEqCXP1_tbfKRO>#TgMp)XMFx7bHkcmXx;-o(_hX3`?wW(
zf__}Oj>DwVZbxfVw3tmBbvo%y=`vG}eBu8xWKGu`V(ytzf92M;S!V9Z%6SUC#0u)f
zkvZ4aR<iu$nWQ}ra4*sIyZs%jMA60X%awvk_+}ei8CTtVgx2|o1jMf4c3X-1v%^u3
zA1a<?LG1v0p#<z0AuxRtjSo@uc6%)lepxoR{2$*w0&_Z#X&Ii$?qdRlph2&0k4W07
zo^SHs(@PjMCTsH4w4o>d;*mthl}AwYAX+<T&jjI1doLv1e(U%pJb3T%-f0(Wwmi2G
z>Erd{dbM3nbm-dzMBj-|8@*0rYmx`p^UwD6yyrKIimwu@VHbbJPfkLmBUT~m*nO@`
z90p=hp7>FkwD#UNtQ4$2@SmPy(*JB9N{_)`m-ow3kgawFmMOH{K)7<+<OcEPOp-}S
zb-5;|((~#<H1!qIB=OSb$;YHnX>YXAoqRm+$JP8vpl;zu<jEIv(@JGZ=`IiYP?bCd
z!sqzua>dR2@5;11_CL+sO;jRg!?GGJsM_Z6XS>l=A3r{7-tJFFLJIXAj^ED|r&D{Z
z=_D%h$*dpL*E~fleu?)V^yiyFknNmj0Q05<DI6z%i2!?kRxc;K5>opCa58;owcV}d
ze<c~edUrHzMBNcbe&k?5uV~Z!6Ki?OL-RC;RSL%-5tbJR@1;H3-2JAXD9d$bkOh;P
z6=xkn!^fE#!NusH*WLR`XDFS1IB|E!R#D1IJKdx+8vtEE$HIgMCz!glTEaL`@l^_?
z7_>F1b<KqkKiBuqzw6am^=$<)P#g{lqBeN%B$Jk{wI+n=ufs<t0v{21F0<j6jQ=he
z<ocoF_xlPAbVN=HgLDV8V)5#l8ckHKZ({WuibAEGhd!0s?l=U`cG$pQLs|6<y|X2W
zu;Z*C(@s*}M&=e1oUAAK^>|l52?9iJByWOqy``8%ZsL~S;3x*eOe=Znw7b{oBFgOK
zbe$NAyIx>oO48DVb;RgxM{;olxY=mOW*Rj6`I@_ZnPE7r#BWlMTljYPA*z5ldz*?>
zWhZ%P{SoZ5A>h1r7$9`nejUzkc-i_bOikvIm@;2c_>0B+m4T6~Sv<CSc08d%`WhP?
zT(oZW3bFpB-=!HfmId_P)q#FYF%-dzw&;B&qbG55Nj*9yYB~|8Iy`h&QNhLS=chOG
zCVFmA_qP5P2sHcE96fod2(KxqA=+v0#6;A@q#WkXAHzz`fR~Spfw67B$l{00o25g(
z{Jw#{tgNgin`9lj@ZgtV0%2k-I$9ea+ZysASoqg2l*`-+V&UH1$gW(3?d=I4HVwr&
z%!<>p6+h%*%k>9%+yl1xK5aE|G(n_TwV#{|Fx5t^jRr~LE?`2`MSPl!7btvG?$4TE
zEH)lQ?$$_>&o=ZTlO@n-ZlP~UNe@!1QLf#IS7sN;OeqxL$@NmOM*0ue+8p6-vdz9N
zd$3?`_+@`r%8nz=YrFc<Zk2`T_3=f|kO@_WG%kLx<qHHEL&MuC!<0OgJ51b8NDg@r
zu~+H{kMhC`Ye)#0*-=^7M^>VScssO9@1|Ucm!p`wg0%csuZ<~_eP*$(w!W!IJ`YLi
zhs4ws&VsM4p(E+*#RkYG#uf|gK;@EVm_iK828(}E;UQ87<ofgCd<E*!s+#68PaQ3v
zv^gkB%{_1Q*E!{XK6WJf|M}}Nf7jT_a1Zwnl6-s*!E*!0@kjWl>(xt=3wbp^cs+ve
zM@*A-i=dMiU1eNZ(Tw)6`<Xq3%l?q`(PL_IRsXA0vShph2Zdgels}QAcw+8SfnP}T
z$mFlkmsMp7-DX&v$CZAJnaFgdBtD6c#8i0xK%}p4mm~C(7mPInclzWUb}8#W3OLOz
z+2ydS+lq<vemc#LDkJ3xpHL;2VHMdKnH<6$RW@-%kIWdNAvHM}L~m+}VA>5BQy%Q|
zFJzxCIpG5}uE*k>iqz+;&wwy~<~Y8H+dkJ;cSl3R4}?7g4$j%!RKjyaY|V#ct4V{r
z&|z&sU)+o$AWx4vTt6UHmy$B4$mn8?ji6z*u)s;z_Y<I4@7eAh9b45){*bOQ$3r7g
z8F<X<XxH`BBC)ju)u5tcCU!|yWq&jdRM5T^n~|;iBt;_=B2u?c-AXND!&Irk4yQnu
z3)mwiiDe6kLMuMgpF<`JJ1ty+bQc9_tdGDXV>V=-%loVCBClewuS<ehTWIqOiipQ>
zM^mei3pzm!zw~bVe^4K}7>6<yjZ+jfhgxe8N|kL6`O8E0J+s)QAT<0gi3S`l&i9Vb
zr$)%n%WG?oTE{DM=sI3jAVIyz@jJ`<kbI)ixlq?8EC73aX={roKyIfJfUg&pqlklV
zJvQjV06Z4VI?%t~&j)}oxWoyLCD(&FgLU+?PERq>oK?;0DMvnHiiN9&y42+JbI<VK
zqeK;Pzn{m>km5pUktm$vzdy36s5KeEJTFN7J6x!Vi3F~H30Mw!aQJjk@_ATyXeXek
zK+25vLaIg^Cth7+Kz0Ux+bs@_yi-g2SwNd-&G?fOOwd<U%*+2WKmVVv`KAVJjv$*M
zmE_-9FbV%4-nW*Qzr`7R5)j}q{6ui8bk1s@X+!@cD|@C}en&uDX7}{}eei)g-%aGd
z#51?BxLr0i2}E$k6GE=OpYIt-KhsP(z*J2sVQ!NYg(CYl%|xvQTnx*D4Il9Iw5eir
zYHeRW_1ST_Yi-Wxcw>vhG#U@~bpO=Dsmx{#OoWK9aJ|0wI|taLTDwx7(pG_aG}o=o
z@KETxCpjr)2A}N?`~&r;`8z4L1I8?H=M#Klzk=t#djAxq+;7Xv4K*ed3`!qu^<K}R
znVd&mSJ;rEExhjUmTc}Tv_29iBqA3;=wS0zsTj}|GpvWf-~FD{d`#MOsEo_qT^IY0
z?U?OkYxrlouT4;B5xt!`RuaP7d!iOX*9QrwHbcTBDXf|MZFbah6;3dqXn4{@f)j+O
zuJ6A58$(z2jd@hM5-e{P9^Nk~t_%?&@HoGuB3ed*Y_-z@_Zt-|q0;UO*I$o}30u{l
zuT9X0cSuO_H{#;r`<h=|qoGI-Pfq0i&flp*%RW+^*~@4!($JvBVT&_BRf0fb7!3IN
zQ|U#?dLp&h6oPOzz3`54DBnpa+xJe~TEyNeNJ!9@|FTI}65|);ALe-<_W&KsmX+<-
z?k`U{y<7OR<++uY7#oKh5~)Ml`SR2ogM7%s70^S8dEE`uYq)%EftPwO&U>ho#53qE
z)v|8E4R2@u*uPjsiISrpL@}i9Nza5ZV;#3%!-axqsTuS=Q1q{6rn0hIQ-|*<-f$+f
z2AbMH8U&ZNLjhyE#Sla<9tZCm1i$rc5%E*#0uk!+;>o@RMP*!S`(jg{PLsH_dc8rw
z+Sml>sTDxuwU|8d|3bp5i~6h*qs3FGSEr4|KqF~QcFV|aCT212;WskcI(BuXjN&m~
zm+WTSm2VwzKv3XQTd1h4Odm8^ApNnxv+E}3<bAO!sYV!OhgN^RVha@8dAhzxMsE8j
z_EcGWu_C5#F0B+tOJNyQ3b=N|zSycFp><Y%jx3Dw!SkzbpU~4NsG=IV>2tL8(v4su
zpnnH2C|zp5FL!k@Q4toR)aOexKqCuLiDD-+%O-L`7+gHx{$)pUESKbnuAkVFRg{Z|
zlW+-B*{=|Nr%I?dXUtxR6UhH&#p*A%0$v0@WuVB=?Z4aHn^C*}f`A~=WFBbbZv9A;
zoVY<)4$+P*@Twz5cXd<E^H4a<40Cj1jjMAvEuLvKHvJjs`krwQk&R-Oo$lR2)F4qu
z3^ixSs2k{i1gwu=fVHMP`0pL@9GPvMx@juWAw$VW;B@}inNEWbz2_B-EJb3O&+vyj
z9bY0#hsS{B&LV!h;xhi4L|+PS0B2~LpdSr6&3zT+Foj4z-T*8Tm_%G`eu_jAN8gmC
zd-q<#^7O3`D&F3Goiy}}dVSvkhmyrp=!^HRX{Y-Jg~V4~YI09Q5gG~es3xHluy&va
zJ*)yk_oga~2S48R5;cG?W$u)QO^k9wLb|ucjAi2_-9vmn$g!RuRfY`Uu4T5HR6n&;
zl(!%v{hkn8N%QVw6s)^mD)2;!`_p4VBJS`(vis73zaBzS!xbj(@C>DszF4**m}fIc
zlgQ)A+&H7@?t7Pb6!QBX-`_}ryd>H3%H5Vf#}FohsQug|$IHA_0R^ulT4N-a>wbZK
zCkvI|fIU~!c%b_rJsg^BQhJt10)mnAB@{{oFK912e;RO=p86~EdwM~0D1y{HU}EkR
zIMmsy2}5G2EUBn<v}M_in>YUpLmj$h6gD~+w*3>a_$r3|JXontv7{@DjXDvFU>LjT
z7$o;}o(OkGcSHZUJ+ZPgy2S}DLmp33GvKxv3DarJ_xu8BU=4yk4+t(|%$oD>7X7o?
zL-J)dl0L{^;XN&FB6IH`7XaYR1MADon5gfUukX-o(`vg)gl41JtSg~pr^$?@gkHpf
zwC&#K&6;ne0+L)&m5?(P5sl|Q4_FS0kfG;NrgRtqA7kNCQ_&Jotn~0mO{HX~7v}o1
zSYSej>HNh`Q*Y0I1%$hud(vpta;JWB=?Zf5_rBc3LqQx#ef#99UqI+}VUjy~o3O2y
zkY7W1V#s=+ihA7);5z{rXmNso)UJpfgO`u(d;70q9IPcde?o1od-vuFQc0SV`hmV^
zU|(BN!MV&mjEGU218`SibA0IN$d(ZCG-bKZkgj(MsO`9+!Ay^t?&dzB6cjM)Q-5zU
zdwJ<r3pTU{I_dj>+5(IT_bLN|edu0TkWysqYQJAnLe!6-1v;q@T$r)W&03}@@~-se
zPOp073($xw+|<O(HIT3aLx0{|B<!n|?w6%zUgykX-FT00Y-~IRKpOyUTt~{CFUNmP
zIL7tb7jt%AS*p_yuU@Ln-HeCdL-mKJ9KPdZEg53vg+O#^M?hYAcDey_GMzXJBQe)9
zrh_)8j5P{<v@%w@i?S3phJ~nI!58fB{c)<IL2>|~+kC;G;h=tETQBV42*e-Q3rT}H
z))Rq<^YU=9u|`4vzCZo6yhMiru`_e95au(~7z#Ft!t*V+vuYR1_#aYPpy89ah>xnO
z?`Lpuu*(jMRhoE0iSg#di<ztrQ6j7i-%m5+e1p`S90!IImjSkMU;zpr?;ol2)L6Nt
z={JP<ThP8mgh3P%!3)gl*2ph$eh%Yz$9u(iV#_fl<aa-3W&;#0XA-BF$qymXT=W4v
zWsBv;EUufkZK3+aao(D#Vmv6>X2tD7))|EOD(US@8|%Nyboj<gcRmQe^1bTan>>n3
zdUktSp&V2rdGHGr`Nd)U-*DBQb`Q=2IXOAqc6WE#>!U0k92lphDd~UbzKvfNm;*Y?
zN`+I$n(>zNg_zCu4Db_&>SFt)ab>b4Wl<F(_OGoKHygwDuI~Cw`vLAhR4uTO;L@2S
z%7I2*R1=kMqkX<|GM&u0SU4R4xtj3@JQ`ha1shtXJJt1_^Yk*oB@GsdjnPk^Z$@c>
zUGAJkdW%chH2_fF`0e>HZyezCz?4u)PoW@p^fEAwX$6wxgw<r{hK5%o5M6@42MQa-
zpm}lC<XwwHu)B=nJ8_1?o%}b{aD`OirGR&Hi-YoxTr^E_d|6-6u0`h11`$gOKmh|I
z<LI!XgM{jWvhT{_f*v1Hl8_maIb4I3#Q5CePNF(wS~wl_dFQK-hexuzzFHaSOEepP
zPxZ3B6@*XVs^*DK6OziE$6Sw8tMSPxBweW;oigH}`!g)0XW`0S$>#i%x_a6D{=<9g
z<(`(~7SfHkvjlLTg#&7-O0A&JeqdRHNimBn{sa&`mjP<PM<DoW0PuQC-B0FaJN38$
zw@R)Q9epiDL^q>y*XJIFDO+a8u5vkojJRTQVQJ+U*R+<E-aSXY8AUXlFB7FCbV3C}
zW;h&_eS$etRNS)1J%gjH4bf#MZ)^I%><yooVPLVCp=gAdq@-YdM?>z&zN=__HKL(L
zMFplk+MERBt4`s9JT$rb0w<xm_SjG~K7oe1i;odxIcTOesPwJv(;^dGLOkgxuLvxe
z_p>K<IVmGEn?Fz#vfcB1%-t=|)eB%LS^>GCae%G#cwjMH0z`(g)Kv^Y%9<)m2V^)r
z-|{Q2L}dhZ*)T{tH^L6jdMvg+S=U!qo{KwFm5~K{P^!%L)n&4c@s27{X9tbB=&(aI
zw6$wMHB_z~)f$)?(>DJ?7OqSUJDly;Uyl@;VY#iw721%nm*V|WjD`n0-J0vUEYs7}
z%R2+JVrp{k!8*S;l|JUdW>W`hS%Ox^FI>Gy;3(%8*ak12HVA{QL!=NHi1Sab7W;J#
zPn^eaEr`DcH@x1+ap4OUo^#8QigHi+p!WKEymn#8g9?Qu&bB_+B8!TOh?bF5Y?f*a
z9MRCw4E+85ErFf+w)-O!-E$!mu(>~tEuKDD1jSZqg(<TL>UwJ8MRTVyw0V_SAkb}@
zJ0B#uF+(^S<z^u(T)usOm*T)OvPSZq;&^`H_cI41)S|bSRf4aN^*<C-Xk|_p=Khpb
zrSy|4pr%(;AKu7lph*?ou&P3D!P2P0m8F8idvKAGyP2`ET}Y%@Ba(}PFTJN8YQTek
z#rtm6o7~AlX2I=qWBwoQDlePg>mt6RL!cB0d~B(yt5+4JAokT7wqL5~sK}L7mKH{F
zTgJK11vjzZiKR6;h+A-`Uaw`YXOvED5Z~@53V(P4=Eezh0tIAVe6WjGpvtYPI+Kej
z4OHN(L<3|&Nl2j@>iWf`$SA)SlXA3-qRyc{FGRh!?>wDq?Y;_<Rxvp+!jt67{=DAk
zY*X^Jr>06(P}SN;1;#R?jJW1soNph6gwwCO$+y?HKD-r!*SmP+KA@qyPwK2$vT*A8
z0-EvfTU14i8gxbinvQhwyPi*yLa4%z<1Uf2`K=C)sllhDw6wHPP!JH>j7?3^eg7jZ
zTUc0}0&78>r$7>4ZPLKMOtFBbPO9~R=>gXYWHHl-(%g~|O;^Dqu%o6wCd%oN-97xz
zb!A!D-dRXWoer(M5*;-r9Ce>r9-i`qd#lWM_4gwS3;O*IqnLswQlc_=un2fP1ls~C
zCN#vQ_jCeWw7Qc#0v9rx2djG0ub=I-MHY+cozL2N_=LZteC{Z!m|MV`0CXR`AfUNf
ztv4GMiZJl9uqa-6e|>ZUFkvW!2Lj$pqlJ1w3bIpqv1m*zywa#XIL)&d(XT~lV@D>=
zL?<oU2KGYsNZ?r0w_1YLib_geL(x0oz{Euu?UmGZWCr5SgVV0k4i`PK=*XIuMoV2i
zx&t*%p$@PgU@1sl%S-^HR@>&LrjzYct*P2`?T7adog~*(ENZ)Hy$OSpVt#88>gJ;-
zu?i3b;vltVLDXjB{+=8RIEDEo7fvX8dU!&%PuMJ*+)QU>qjL@<YW1aM8R(}3OxtG_
z@(ixNJ$bLxhQf$xtE`y%-bxPd-sPgu*=%Ko$6Kf0$3+|t^Tj(*z;$LY8N_<Hx~_f#
zPZse;i^EzVjr_yoW8Rm^H9zEtKhxIt=23wg@*Be*YQ#d*%18;&3-KBY_UhjbZ_bdO
z_M#&N*;!}Rqms*Cy2%tZn(c{`L#GOYt2sov(lA+Piy%HfrH0C4p*A5an9Doz&|KK>
z>=8wb2{OdS10O&v%vV04N@8NJUf<R4BV-o-L!?3;|C3(UVZi1T5b*y76m2hnKbw$f
zZ$4<a3a@bUYiNViVg^G|k%SbA(<E9}6*!sJ_AiQDhkj+)>pv^E;2)ZHfp-nRo0|Rt
zcccZgNh6ccH5#J?NQ%v}%TX%TeYwLdU$#_7dP0KH)k`F2>)qj&9O$>BrsUKDG9Vnp
zXSh^KhHbC|I}IQ!2*tiwl7vJTB1;v5ROKRwJ-XU_1n7+%=4=0YLXgSYO98Hnap7FX
zX2D?PW!%QI0V-GlgznCX#D2^_GxTHYSs9D^BENsD9ezH1CQH36eQC58D1esf;lH<l
z8^BAhA(Df&vx2a=0olL?K&j&fVB|rV#C3H7z{lbZu-vZ)@}3E|HZ-7n9NQ}k)ph$6
zkCQ^4gFm#LJS-A@c0@KA$$0B%y8BD6w4-F&)*1%Y4RtxJ7fPexOI2K)uiSRa05SOP
zq06|01jFZt^EJk0-}^7*O`a<{tN}3m_p&T3Y+o}lE#h+YuUSVm;By{pwvS&1X1)^&
zeRi4YB%u@1KK@P-UuEIs9DUCwrvD-Jmr>Lpek9H?L?etQ3qBcM(?-_O%bP37c$A+c
zVsOFSP7uLw%sjFEp9gfhw<>JNz|*s_?f@`*H)HTUVi%@NuW;uAfx?Sad0TCzgAoJ}
zA_fF~50Jpuw;t_XdOhCqmpJx}OQWTbG{oNRu~bB~iEeJHMO%Jgayb4>8BrmMUL;!P
z4TaK3TYEhJqy<!ZOAD1t2W{=`Q&0}mKyG-dGw3t${6FvxE-tP_e+^PJq(HDe;OW&d
zsl`KFFctoMF~vn?;?%(Ul~ZkF(=C+K$|b1bVPD;pzIywNJX1dZy)8Bo-or?^IBkY(
ztN4V{UoK>ja92%mmXxpAbRqJSmzTHG#&ITM%fi|DiuGxAV#2`_SdZEixZ?LP{s6^i
zMe#mLmzS4^xAF0%sEZ;?Nc1vbO;RVaf-HDQ$-1u(Mfx(T&cJWd@(CNj6cwv)#wxgA
z)1V?lYS^5t=siL;l0G9c^5*7Ion+cZ>k;HQ3O9}NkbG-160zks4!}IUwwyk%n8+Ce
z;WFg^C5_0L+aV(OzH>o_9CZn9*?+`6+4L*tDiFy0h)scT?DML_mQgSRDav<Cc7-T}
z2+?ok#$3S67xd%M`9!9WnqzZ1z_l@)y?k|C#oOU>kDlWvF%tH&2lr_-?uCeYdh-4@
zjSwP)s2T<AxOPN9k6`oQ-x|b+IE(J#tHwBObrC&L(3nnN&)LXbu}?c^;u55-t+-b=
z)X$Q8vQpq156I&oAQlC5-hfNcF*eo+oFmf1lB?d$-;oXO%@YE12!*ownIdJHF<|pC
znOM!raIJBP3A-alw=xAX2kYUL2aJy%Py?Q$B86WX@id<9G-&wYOl9qlO^o~{-NR9j
zk#t)?m*S@{EX1MrS;TUvC>r335AxN5a`-sDgMx*P@&d#J0eiHfyyoC9FOjVgk}2E-
z`?q*UjSOQh5{B1f<FVg?aE3ni6u?U|z(uUME^-)F)(ESxWI~)Ia~^xKGEYx=xj$AS
zP357XU}zSHTivEoSCJJrayw4fXdbu$rTD_c4^hnGMo;>IXOtHeC{ZfY>Qi!Rv^XwJ
z+IIY4nEhyvj#b>^M~jWMYmHLsprWay`DeNf_P!^D{PCL+QhmrlAC#~;%<jEoVV%Qn
z20~yvrdVx;(M0ab;23pubJ9WaazPG4dvS$Z7h#3)7y>>M^gKLIP)CjbaoDN>9}do_
z`HgVPcac9mw{XP9{9s$VsZ4+Hh6e}lBWs;D<1bQw{1`$kG#-d6FR0OVvd&j?Fs+Ic
ztYrVrZ-c6?@#h4l&74z^sG%(+m#+3D$qMc3o)6R^eUVSS8zy<xUF->81gNT3<7_<?
z-&2D#3x=_!E{FMeJcICkCxuP%j8PXiSv6$n`id8unHZ=4Qx{j5dRj-650KBe5<GP2
z0m+aDz+-}S)rcXz_*%Q+{rCOVVprKx6Zz{`R+5Z(oNQ@hcvt2+<N)FBXC*Mjkgc)P
z^R>i6fVbTMK0Ap1tAx-M4vCTIolt;GyY8dMQbnDaAz4So#3bY^F;@67UU77<Ia=Tr
zzwXK2zFu*Dkb_k~jgPmvkVl#wb5TuAZ>Rq|wCE2yd}wHioz3CJy{>2)h6qh4R+mh^
zpkgU7RLvPMKfp*3KNcA({HNTM-wO#Q?E29MiV=pv*R$qqqY`nVf`0+5iSL{?1(qN}
zyj>do2BCuY6*&U!b=4DnRaPIDqKFMG?!EeN7p=$u0)RGzQg-mZkm8&=gs&o&h_US5
zqBz?Yn+?@Kxr=Q767P-nVvCx@K&l38^BBN@?4w6SR;LFCE$je}!e=qNZFFRj9gte*
ze%^AD=>XQ9n|p}xJR`0;%Z@Pn-`@P?fVw3W5iW^MQW7DxqHILHDA2E_x|)?Nm3EK=
z-ylS)RPD$;5+bbEo<V&sJPMEoHJ6tk;{a@`hRGq#JQnOs08*w4nWv^rwt&fU!^2BK
zvG)^*@0^7~Bf{K}2L^WvPx<{m4dRA5TM@$B-&@G14!Q1V(e|!JGKPc*C!A!?%7r+3
zf}<E(XtzLX54^qzLz`F!V2ggOE@gxbFojAb<v_+*e|`P_-h<9$0(~EsY^n|fQZO<w
zxH%Txijoy5wUTj>!5G|+&D%KiEj0Xb!WW1lRQC7RDr{z!huQl}JF^aO!}K7V&aPTN
zIjLEAO6H8r$EpC4F2g30>xGywK$jx>gLX~ANQCJ4GpRB%%Ti7*7Fqy3C8f&osbdDV
z8VILaHs?4jos90b*~YtbX{OvC^gC}G3iC%CaXgTDZN|3KP`UGpq95|8FAD}5MwKMk
z8PNCFa_w=aC{38h5>AA6_lFU%V_Gua&w07JKRHi*_CihL^iBap(v%XVoReIDbaf2`
zaL9q%kqhi|>dqxez=cK*RJJaG!G}eB@r(nO1m&)RcuJp)Zb^UxeTCCz$4dOfE-7Kg
zr?RSQh0{||om7&!TxC<!JVG=Umo&RQQ)QdS=>v+x><%=!TCdQ-?|@Vl6ZlNGZC4hw
zMHm6U1c>Jc+{*8cPfMT+15VwhmJvqP1cPSY;P;2~VNpP{!TSgJ9_0K{R7d6w7b#UT
znA>j6FVo!V%8-It<y=1a_ASjU`fI30)!?NNqilFYkZ8LLHZeC$68&%9%@I(0ESFSG
z6ZYgqRNJprmc(}#`TyRVEXX|djq5~~iLtSR=ChwbX_Dixc5a6MBLfl9n?&Fr)v7Yw
zc%tE3HxHll-ytFo1jrXp`aI6!(vyLi1G$D@s!%B&r+plK(X?7gaj#f+*MqM0iD>w;
z(o!#dndV{~m8F>wZI4w-3^P?ud2?aW$qYz1879n-5V;99%ioa6v;Y&*H<3IK;280H
znRi#%|LJPtjpHXz54B{xo-t<xP$pe$0<1+7mw3i6NA7J0Ky8amNliT!d`DZP{&@|-
z6vt<EaJAR|;nbGPdzLWURnhR-u_q6Ng1@FWgO7LtnG}S?&;;<$O;VA)mtRJT(+7FT
zH%*#A$Cj`GIgn(hZwEgHg8>Q2B640We1Bh~A_aK?3wt5|Z!MOphv*b-5ryKf0G;OA
z>Xw&IX;%E{B#qisqSKTmBIr~m{G;X1Avp&}MsVzzHI#9oTt1RnT1LTC=?ZM7yAB>e
zQKbjuc?qPMgPjF~KGyF6<~(9|ay1w<%5Nd8+(zFMF+>6#$fB8^29pCXuK~v`FqkaV
zcwNdODHt%ar=gjuV+?ig`0r~FLZiC%$ME>vj`pP97J!~Oi3^Gid=Kz&pZx=RW+^#2
zIYAHsnprURR$w_;s0vq2p<BJck0}yhDCh>nADkUe=H&^*%{_GS5DgaF7Sv5gQD_q+
zeDW#Du}fQnD%tn~kfNW29SA@eF_+k%&Yf<7fd%?@l+x`XKYnQP3hWm2v&}CRiDMc7
zkC-EeT&c?a7s@QMJHNC6a;@14v5J~P%Wp>RsXNQxq+eT%nh=h9-0v9yhIQ>o>vKBI
zSwZRFn0C?dpbKB6zlwPo2g_uuUJqw0n;EtG!hjPmAI@e19u5Zp?t`13{>@~k@9gZf
zO3d^$@Tx1cxDLe=yenzflehC#gqY<Mb|4&jz8{g_X*|rEvDUgS@*$3#zXhp)mYF%e
zTjq4@OxW3e;X-i$*VnTOBKh`qzifArMw?3F?YH%7W_e3iLxVF2P{SfV(KZ0|Iz~W~
zroF@?xtM(Qe0z8;Dk@qEK!MfpPph7+Woq(!D0$VeD5<4fb}??@uYzo9kema1eb9r^
zuJLf;VbNZ@3a|0JE?~ao2nT&M3;I2rrD(y8%@~3`qGDl5dYY(I4-muy0lOH<XVn_A
zs<JZ8mSbAgUkw`BU3bI=e8*HXtiK>pv3@^$oxH48c-?fpitg|AUXPSyK;Hx;C0q!`
zZo_L?6vL8%k!k)n@Fo#*`Ay=<rpsW|^|l_1ML&s<64;C3TyUkxC<+z;fQGBbxu5>>
zxO{E1J*1NM5V)tS-j2F_!7vK9a>cG~{U-BWo3eqJUNA0(4LIMMRUMVzN6u79<Jydm
zncco6u8OS(n>!eB|CG?6XarR09_=m^aVXPP6F|kS0Bqe7l9B+1s7rl){T8^&sT7MV
zS#v;I6j51u8fhu{p^xox9XgYj+pVydOb?@nI2iB}>-gG98GIp!jbNCMc30q*zRu2V
zyGg|7zX8y-=OiwG2h1<xM<fCUT_~j>atkuLbrXIvwqG(lcFrWJT6szwL#Kag1g-*C
ziWEXjFNIdyM7P$mEQ!Z<YNZRgUxAudEYA{f?95<1imG&O=G5=h`|$lV`OF0Xh~l1R
zU^is36T*gILB)UuYij)+$1?Dcz28E{Yjws*O4TBy1LFFRw>^4&?Wqrk?W)J!!wPzG
z0?t!PBvrgJy4^Ryz~X|X9DMf|U(R1bT@Fluc#*q`PzE%kb4II1wdGVbY72Me3$X)!
z%wFdKmK6#J&1!7yPp5Oij(Y&yhd3)M>p0L~Zo!H+m#;mvsk!Jrh1!$T(!$XrkedmE
z6}5g+X3v~4A1bcHC={YNIX*h#tuko$B$22t5~Swcv!*XomxKu$P4>3PiEJaQ2a!pu
z{r~%3SXRN%dT|b<6lU7?At^oI4#1N0p)30_JUEWtb76u?&Xzg8Ok~@KDH&8sIgyFM
z8?;+r=~j(EG$2MBah)SDBltagf)zp36M(u33(e&GNVSl_bs0%@0m-r;V0^y0g_Jfr
zYqYy%Y4T1Wl3k@rS9bAwxRTg=4in~c-|@&&l<A#AFt(CJJG}D_mJ`34xIwJyAMr#w
zS<*vmjYl;En@R-6LFIeFRP-Die>05?mT~<9uz#j<IkuDkK#3s7Z~3j$=3Z`LhsIlm
z4JFEdhkw2@0R}9#Nl5zCSDoPVJ<r0wtub;A{pRA%L@S+oZu^eMPKEo*U*7)bkAM0@
z$6k^+rnPOwY(>Q}`eUT33Kd;iMn>E`vZ#BghDIr=ERNT-Q4BsSDn1mt+1zHhGqA_=
zwzFV07OLZE{VpecM_PuwZ(iy`zGa2>Ry&mfzp<dvJvKcdY=Cd><YWYu?u&{9u>n`a
zo&QoPD24HlJv^e5@MM2~ztwSLbvMItfbG&-G2NE~k%4C@;i#9_pDvWguYwVM@e>K3
zGK?l5Bx<k15jc-6!hp1lIWm(6CE~2g;B(ma>>7ZALtKrjT@ZqO_D3uksl&4V8d0)v
zTKJ5*U)JJgqt|dKT%9RTkUKha+r{l4?3t4>9xoDq3h^SnRXfP0*5|;v09#QLm%Mhb
zOC@MQ11YJ<Ie@2q0l;%FYf@5FBh;yBq6i(JG?M!U#P<@e@gb}uBzYr8pyEWWWCzIM
zu2@*G?i(+|<;jmDpG^GzzW$wp?-!!PNwHKq9;`(Du4tP7=)yU2ctPKHQVf|4Y}e@@
z&f^+;w)yI5i!P6Qg^^YRO{A9hx4aNwyO?lU(Xq3zaQEX!0(oWd5y78uGyaQdr<p3@
zoWL#iSPmyCr}D|ut4)=Gu6}l(<f?yuh~d7Mx6!`lCQ{fdF$Sn2;eTZk2QYfXD|4XL
zG$NGnZYmLhD7qFAx2HSH)^%s`BN(qu`FR3ELF)ro^>*KJUhT!p{x1yFavR6Rj^=GM
z2uR5e1oAJgEK+WzD{{Ukj1c%!%&#AN&h~Ry7*}^IG9O!C)|@+gg?1aMzvbHJ0j_k*
zawSz{-c>ljlZwyRsk^i5%&TB=jKM&a1$NFz5i-8X`bUrb&8Ph$Q2(#rV{L1?e#Y05
zqraCJDmu_nI7l+`f&Gi~$`lUT`{AeA_~d-asGL@#5jE-+Da69I3s0Q?x{$ggxwyD8
z3SQ*#Z!uv>ZP9U`?B{E{KiUE&S_1fUqpap8-?$>_s?)wEy@$0+yDT~)l5Pg1g_kHb
zp&tb}BljwLSC?M3d~tx@%Dx+o^EDi+W7LSe@_P^x&fMWz(z1HGGO0D}fFoGNAKfWM
zDmb64)T(_56+)EJ{QP)N921kka@U+*rJ|#=735j`_LIe=Aph3)`R%0zm;^Wp$-o55
zglxc6AxUWJ28gK^sG5^b&OAguRbIaxyLFibzFiM*0fN6fX7qhPd10~D6;K}rgLDHh
zQ&ap5M`teb%ga>^boCjoT{z~kWEK_{$QYN&Hj1C(Q7K&-AulVJl8t62+=xwuJ>9%f
z^$C1#<~6+Vb0*H`)}o!C6GuBPUxmsg^)<iJU-_`%RlpSEeLVW;lXRF)#3TbPo=2cg
zdTTiNEBe(U?A&<Dl>aUagIWobX`ak1*c$tfyg1~h27QJRuF!K^?&C8p!mJ#gl2;>{
z@0Oym8ATigO>d~o?7xrL&nvP%$Rsv*g5tmAdec*=6<=@^HPGZTpqCyO=29^?4xWz~
zwOKALm6b=FMehPcbbHd8fa2P)0W@V>)~MUzU7y2}+<Z4b5`(dk@rI%hA<708++7KR
zNZsAXD1h4Zp0!1U_N^po8SV&t;_+q?rd*yst((dcHXVpA1fV19jrJ=Ic-~WL$h;EJ
z>$hw|bCf~}ZFI?{-4MBRni!7BKhe6sB~ox`ix%Kn*A>D$ZffPJu9OR3c5cW^>LeEz
zD3RWdVnwI0H|o&rED)%E3gr~(az2g6bd*Xb7!kAshs%J_rbb*o_oGQf9Ht^m3yW4y
zz&SE1SN8x#Lm$Pl0MtD1!wTId_y1lLpl#Nt|7EW?uViv~zIZg98q=)K$wh(JS<uj$
z6-J=X8#cp~vCYqtk_CN7C2UuxY+^zr^IB4BS7S+8z-edA>-N2`=qbvnoeI5WVPUyq
zIBKL)_*n<nwN-*L2ZM=?{QzzNkUr*s@^szQq&DiM4Izv+Rq(>JD7S|jOKH>?i2PGk
z(8kr4s*cjlR^W%*9^#FQ2@MZY-a9aXHc-i>69n3TcGFK_!gCG0I<A#4ysKDc>IjXw
zLn&`Ov0I)6J#Ix}brdm)F3*38VS7()H)Gevus1j`3qg&e{=3R>pTY>`;&ceS&G51j
zbOk6l+iZCybv8zF%f;g#X3Pd{P0Mq0bMi@#B2XrP)49E`ukRsD7F2W?4NEGBg^$l=
z57-~Pa;ObGeU1d<Xpj(5qPlWsfC=I9AyYSXvs7JAp6!jbMe;B9ILQ27T|W7EoMeYM
zCd84mQOH8tTP@$I5UR1hhbl<bM(^vL&HSmG>udOdk00N*-_pzx+Dl4?j(~W=D?1z8
zkeDBVj9$w=kDFC|?E5b@sqI=M<vK9)=63kF>o~9MvDN(q)fjuoR#zk3D^A{Lx8FEG
z2-hiI9~=`C(;9dc)=v))y+oAi_N<+Nb7r+Ei!-UVI&?zWaFR|a^g@{4sx|^MCUAV8
zjjt8H|2=o+_b4h*T;M_z{+V6|wdeL4e`AkAP@W0%ai!)zK-6tq`k$jE3z%9VnQYow
zSnS7dOk<1AZCXyCui+VUUtet(!UOs%e*v2ZMjVn_8wndsqPGqgn&Zvg0qnIS5fUDr
zsMQ@=O8BdI*-N2n@ufH0nYxfzvEv5P(AU$1<n{AcWP3<754ZBNgPtWT9X&liSXkIR
z9-vmv0HW2k=w53%L+1`Xo(0wK7zL(R*K^j8S8Y4BNK=N3U#VJ#q&s3vY3WjEE3qGO
z4)35Lw&Y;QwH5(M@GjI>Eq@*!o^}7*gNeTU{QP*}n4Ti%B+a{*WZ~TUC0Pxb42_|y
zFINtY`5Pj_`*-`QJC}0ex95L{8Fy{=hwZ(1X^}*i&)Y$is+N)mORkFDmF$#486{xJ
z^rTv-t>{1W!T&|V@IS%=6ogQ?P@b$iIgEU8h!p7LD!g2;p-%s%=wPolRL7QEs|S<K
zyLgq6$?BI32S^FtP@}o&2Hq$5HE3{&SxY5#QJA*r@hbwA;K-R!(`!P0*Y#3}$+MM4
z$H9St)#l<-%Iv6VPuL3m!3|I8qzA6honK3}R?k>rZ%B(v0@$%nGSdA-@SM^KLzR6~
z&dhB+T#>?Wn71$I?MH!t9)PJYiC&1swd4M3yPx?#u&IjU8mY8jNJRx(HAwXapTXq{
zzaEvrg_#Km-2W+p6=fmDBot_<D~m+*{Nj%UE&R5%6d4-0`L2sWxK{kN>|@t<;axuC
zePd0o=ILm?)h)cME09B7QB+PU+bxYM*!=lrGZP`1;dkrr9LUSRl)LX<tDP%4+bu?f
zs}1~c8yzh7B*Kt-kwC&^Ue;*GfM^xUy1=yP+nxq4c6!5f$7lsaDJ#kap{T-CnQ?2o
zqW=xkiFjU%E#|<AXVlha2?*3@KVPO&DM4vRvI)cRW^%r{@BGf)1eBGP#Fhw0B~G}a
z-?Sv@TE5h=enCL?vZil^08qBlW>AkO07VA{*i&}O{BsD@K`CG%`O1mIJpP9L%m;Re
z5~fo6$l_!Gh*Z?(XeH-4h39SyOy#u;auX6QWANCqMiGi1M(E#=w$_y7bE^@8{MgBt
zCoFOA9Z{C^g-JoH^@th$=J5Z@e8@EzJ-xN@h9lW|%`0*pGpR(ltOK7?r@Acxwp?9Y
zT)Wm%$lXLlCmIb6j)BK;dODNB|3^Zo9NlaXNj>0o8J3mxyY%8Lm6Wl|W|NnMj-H^#
zj*d5_P$j=0AP|2Y6TolT2)V_a^;Hg`kr_x=Dz)nZJ}k<vt~Xzz7sU`%(^|nq=DS92
z+i#awgOShhpC2E;?&}%$icY@AX!w0*lyrG8BC|zG1;=myw?`?~Y^*nmMRIX*!S8jp
zoE-bUISICnzC^g6B#w+XZ!CJ*OS}xC8kK>96AxOx`MEKnp8hLMSE9r3`ExGlpVr+C
zQ9QNW=G`2Brwe)euA}=4ZBA01=k5L`P<aT^BD+F^sSf^j=)qn<*2qPoI9)vFPbDIP
zm0*6^?%M3EWOu$7)8?q;-rsxXJ}UhblulxT2o7{w7OBvFMUq1hX%Hwazj?vUZP#IR
zj`&*JaP>WF=cs%s>Ku6ZYU@CcL;p@2gY_dKB8WPix5WUq*zLE8<3`|&u34jRLsx_O
z6xrM;{tWUIB5fdg`H>LGPg_9$+t955_H?H;V1PBd2Q137&W6`@Zv@8V-boQ$HS9mq
z5{gO{z^02wAO7zuqy!s=ySMF0UhD+RKvi}D$#xj|?^1=|a*Jg<>Tfp-k5vr5X!jGt
zTF`MkG>2+ZwXI5|eeg1Kvlf@#0vnS*j`Z;h+kWVCIIVET7l=o7@d2J>d>7)i(b3~2
z;m<er*1}~jj_~AUm9Fm3ewTiOY$K-)jH-E-6H=QVOXFE>`h%P(Sp<<fbk)q|t>mzc
zXv)n*b$hTphBB58&srFRKN=I{`d6KcU~Lp#M*-`9T)-#p88Bg#HQ-(t0>^4;1F*CE
zfsbNFT6#L7<bn?85M;L+?BvJu{LQLPVvzkEsqdhv%S;ludXsGcDDsfdPrq49`TT9e
zmc-+`dsn#B#SR~nL@gN^nZSMvl4}zzjR_PYNmiuODanvqxSN$D*bImEUAM%A`n86P
zsPEMdJa;`&Evun~YhRu)3SOp`@&vSlq_`11YV8mu`+w9I>-Uz@m;R_<ve{>xLn-$K
zyl`mlH3sce4}`Q5aQT#Q>rMIkhU>!_T%-oBCwD8wae_DoM67?mN0(Zyyrd%|Jmyh=
zgqga;n-vf_JhEj3#fl-KbpwQrkPPn1MTa{pym#Jea`cSI4wTL%18*2|>YcYk?JhSZ
z@0}`%D_KSIfZBCC_vcR@oXHg+`lEC84xE@anVFbc+&nxsNH4~g8&VY7pX0b3VH7RJ
ziD<N2!n;eaK`FyigP7@Q3&*=eoiE2CJHxTD6+*16kAthS`1S-MSAnk&=VpNOaBBN=
zN1zLsJ!478F@nPm6A0C!6&oZd6vOp)=JcB13Pe(bobcH`RNM#MEiP#odvGsNaVNM!
zg)fo=8;Pc~Hv6?(fis~;*tvh48_y(_M^3kw9bJ?DII6~j>*5@#Jpn<3OW?Qs<j~Dz
zFqFTbV!!y$pD+sD_7O8tY^QHV$S7SJN}c6r+!xK%5KgX@P2K-~x3zA4#@b7n#s3f9
zE~bc-BSVG;KW!L0YL0etk{La|O@<H=E<=HilTcVy)T2^F=iJ1h0ffsd80gX!Sf(||
zQ0kVnT+g=fWGgPINl0B`31FwqfQDN9k0}kiW-l@c7bPNmaXj{S%~DRg#cb4}@TU9c
zB%36%f#`VyVc~Art4_eXzCkJfLt74XK6z(@VPsuKkB)ryX4P^wNPvIo#qJ(Vw(3W!
z1nYF%6DM;qPOyn$Kr9?6Ac}4WDN)0M-p<9t<NXeFdsi(!Re3)M{<&&n+DwTmM@JaX
zSS!^3JPYxAm9b)H{aa?kphKc+ZCCAZb<wZoD((OcHp};Kxob#`h)9@VG~|R-pflYS
zK?aZi!2s`z;Nw8Dr44+N<MsVL(h)FHj!!UMn?|Kp%GE`CIy?Tu=ofbXobcvtJclxQ
z^sGneepJR?-`1uZ0TNLSxrLim5S-xjkqD0!<lrcSd&PTrDseMq;qA!H<-kXrIc6Y>
zpA^&KO;0;oW-e=pO^_Qq@vbFLjggU-&s=LwrRpCM3A0$2O>b~@F^U*^Km|cWLp9BT
zr+8dM8dD&S3_1Bl(oeiytiJshRLNntN?2aq=CF4HqKks+1_pxC=nh_iuO1fvZtEl%
zSuh>{<c2WaI(#8g#4rCo%Vs-fhH=x}QakK)3tirewC0q_XwY^C;m)2k&%<u{SKA9{
z3jPL;Z=qs8J=eO`6OfUaU~$w$|8ateu7+~LCd2*sQKAX$MCRT?69t$gzuH)bH@0dg
zEa3hZ%G3B^@jdX7HIZ7vkpYB)Tr0gOi0MsvkCHoJE$$2UEnslSfO#CC!pZ|Z0jleb
z!jKSAcOdsbB0|0i{7c4a98w|%BleA-uG)W>i3~2qH!Sb-{Xr~i)Q<aX=qe3#rJ@=8
zz(Xg2d=qAdcJwU!7+g7CaqM;84JL^&y|fi`cZ8;fK05|cWPCcf%dtN{G=W_}^6*}2
z)#(SPK*~O^IF`rd>P;I=_u;}g;Yx0998*74L37D;^?%+wT40Qd>wkW5z}2o+s^ny9
zW|kqgM)b7uUyML>EeF`{tqOM2O{?!o**@IBkrKx^9E$7%H}P23mELP6(0!dFfGWb9
zy1R{uGZIeA(7Lm$@M+`$pU4AR?Ncw$&qQ~3clJx~^7}`B%F3!#i+7xz4sP)Q0X^56
zSTu(`L<oiE@7hP!=cA>(L1v}Mqv@DAuN=7OUJn8*QR_23$afgT*cI!LD7v<TtYjl?
zeX}O(1mLtWLr5IXk_!tR)h=d>TFcstGCn>|k6qDnbp{`W^WU1(R2KK?WMp2Rcet>Q
zLRymt<k6!lo3{0ws#?7kGQ<ol#=?+Pg-FL{;Qz>a%cv^buxpnF>6Y#e2?+t|1`$M3
zIz(y_(%mgx(kb2D-AH#MAzjk_T|Do8_x{G%{@|};t##j5oO8}&{+1*+{P&8I?Je#J
zqPy6fyAYKQDPCD^0Og92q0_!^(iMd4wG6(q(Tb;bP>Z`coOx-r$BMpkPxJdbU-<L#
zc2~SrIt;&|A-QTW%!IwYy@eHhJFgOlJTMECM3T(VQ_x6Wukhi67>9Cwd#T~|HnUnP
zg5lzP41Biw+298*>mlAMl8cSlgiN%yUTBTxh}2UubVt^h7&I<8DPxy9G(tkck3jsv
z4$mE?l-BCl=8U)Dy@F6nq|o~GU{1Xs7dVuHj`A0Tl?bvdb>R039;73Ac35urM347-
zv}AZ6ZLL2*AKvCD)ll0DJsiv`&|=vcBRW~w8R#v?YBLe&NDCUq4x_dgz~D!7aVGaX
z_ibV}ZhaXs)kLL8JMVY)HgJF(5FsKa6G6T4AAYvwq-5aoYqGlkR&%dUFxNK}+-OtB
z`ir&4d*@C_lyGI^yGyCVU$=r9nJWE{LD!8;k?F1;>wmg~cnvWd&`{>zNJvRp!HO@x
z7@E@94Z6A#?A6@05O>*-CNzHd_rL&bTKn@Sg9}aih?48b=eXjBf6+Vbo(S=NN~)Gq
zpP?ls6V-5WXH7pQnKJHXN%pnnOz_R`6yqi8$Xh`92uM{q-rn4hEHyb;1nufE1(8hp
z%D{zXq~He8_XhoZAF^BCQBhq$;bCei2JKsQ&=-w5t~)dReSF?vjfrE;^Cr6mTH0vh
zocEvbxaoywwkuLCyp0`9r$7xpmUI}lChXx&z17N7J1pYWk!GVal&JEjl6e{g!%8f+
z02&1@8f|ZowJ8{)U2egV)@-_hUTov_f9vQE?>2=28!!oh9!%!`1i#XtH*Du&tq=>J
z63c24lzFsNe}q_0C#oEP<^W>bY;`zv*zm^4A7tIGkB{)k$lA0BJk+clCp$=+#~Mnt
z{@j!!QL3Q-t5t`}K$NwV!PrpMe4zBf*>t1t05Y}&4UW2jPqfxaBAZ@W#}ggdJkbQ@
zUE<J$t<vYu(lgUh4_~x2A0d%++-Ue-`pE?RT7H7v|0FjcKan@aSp`~Ixu)M8ilX=B
z<}IH1xBjBkl7~-s<IY8tAKw4b7rD<k>r%tj-c5ger3bjLw(q;1!=ZWeu&AXhz3owN
z3}v&K<QFyC4K}U&Bgj|Xw=Rfh1hsT}Jl#(vT?v#UO%!4TwGceNU=d-78z0o^!JK(^
z&~J=1a}4wiMKwZ>C;}$Re9c0<jYk}w!;EidvcFb;xf=Yky%4!|%^u$d>J^I1bz6xR
zmk)XtRuPm}GRHQq0Zo+B6je*khfRxfhf)QN2egDkP+=Jvu|9b%Sxd^F2%DJ7RUzeb
zL}Yl4!HqG?IBoJU+~N1ablw9k%UbKp7oo&!#yIi14obVmn{YaAU)ql?k)z_TBb~4h
zI55&iZ|0Z27%6EuBkWyeJeS@11dcAauyB3-UBB{hp2%4AP{j7$rnjB~|9<mwxx%0u
zOB=xw=0CZX0ksYd9UUDe-)<3QeM6((aWe~8D~}c`hGY*vm5j^qbMn&FGeITN5lPiW
zjBD;rhMU@-xz=>G#CsORMk83vY<L=<`dgs6$G{6|uHS**WQ4En{BwX&z8?AavyI*p
z_J{6p9qc2>4OC1Zgn-3If2GCcEvojas2!5oSzx&vzKzRL>^BbAr@3#B#hLKIZ`ZDo
zg|73rluZofqPx;dyL-4t@T1elMm#QVdZ8-5c6{xSf_jVxM0c)vo)5`fh20ly@j0;G
z!<_;3m`HJ74rL|dj0WI3eXriNmR$7iGr!Oa{yzETznS4i)osdVoWy-fAGKH<vhGWX
z`k51&?|pd@05!ZltezSzbx}lFLA<PHZGG|@^x(Y~$ObcjN_4X2=h%i?jVLidL=aC&
z2%V!7je(+qRv77|!6|F5P85!+KYk_Eo))~$qBEY@;G!_xWZ$MZ%Tdl`KbTMSSfP}o
zxk7lez^b*|akH0y)D9Tkmv2&cVl1uC$6TJOk4C{jDTf%`5_SFL6Ux?jzxt}iI<hF;
zz}W2Hk2oFvU5O*2i!J3=5+m~nw>@6mK}A6cBa&U@tU+jl_{GLfebv!fL7xIgf~)Ym
zJN~Z<;a3y1;w+3^p>h+P@?h(TZg^ehutd&8ObDn@Ob56Wl9L23l9q7^gIkSturbQT
z!@^#SQ~d9-GiKj;Di*JSQ!$!$rD3locuJs^Hmr<{?C_|NUraD`N4LSmHt7Hr|F324
z*ST<s-kuDmIy`bNLJ)c;@-&I&EL1ye1(7$RY3<bmzTA78_arMWKYuSa+A_Fo%>SL*
z5~)fUQxnfGSI-%CDw>E%Dr!054uBjWe0s>pErP7J+>R%(YCTXo<d>GFQ5|3LjAS*|
z33!p*+v<H)72F$OGfH+Rmq9!%VepFWpB|G0z>FWZl~&Mu9T~b9h-3i3n%0A80WDIL
z8IFFzsNLp%Yi~9xiOzQem4fiTtb2$FVGK!LUcR`cv>($f!QBh#ljJejS9^-u`Ms*Q
z;_JRVW+qyHmr)3KhAz)B9Z-tAa5CR%vVMO;SWddXApa+M9(@AQb@vaaKJ$O`+Vh>U
z{H`)R6-7$To}v@p!{=?U_Hs{xpP_k;nqlrO7c6u`114F7IL3-@v@9a|4x7s=xOiz{
zkPk3}VROsUY9P7$D4;#~g8jH9qlk~9@^1^!mqAX~RETDg89ctRMf&>aSWY|d!fi5<
zEy?`rlM*yP%b_cAEVvHsOgvg7e#~&wKRt-RQXrxc|0C~08>EgmB(3X7=x|}<-ctSm
zE00r|-v$KWtG=%t_)y`Q;7muHn3{Ts?8;&`CXLQFG|W8HyYSq=H%>rf<2)Oej1ZQw
z2vcwN3F;0YwtI}ipz09w$Al}lDl9^(1uc_NpT*7Tc|t<yB5$8lsM7_evz4vR?lElf
z5iv-0XwN#~;Bw7G^05gBobj_!0B5KHTEcMyZmxdS^A&8bXa!lobdD@_TypqwjkJiv
zGDsgH$?UGKbqxUjTz1lD%L)rS_t<j8N4yK|i#ENm2bcr)s)ZVDgGC9HNwl?|JFs7P
zF4S9Rs1&PaRoU!Zb->c~5fwD*`YQ1uO+tGba|+ZW)BeK8akB1|_HyW^m%|x|ulWTF
zh1sH*%w@(q&vUrkSlxXI7K}$9sT^i=xrVO<-kn?js5F%E8jFjR7wq|qN9?glin1Jn
z8~nHF-+b*&PGUd<{NLb;^ZvZo5)8%p%C81i_n!j>osX5qbe@xc9R1~UR!6KwIK}b(
zemgy_f?>-$5f5LY-FW;GF*_C=lmB$#89ia2>z^hZCAM$sjfQ|ZE^FkPt%E2Q4cG{{
zHxF-j_V*Zj^0GBCq0>1&!MohfQW#Nle&4@83C1L`yZ$RG2bNPO&!>mRVy-b@e9vHM
zauc3xXcWq+xP{sC-nn=d78awHqZqQBu1+cI*+EPxF93lEM0B!S-3`B2NEPNC184tU
zJj=Y!r|V&*?c(TsG>AlLQrtXo?>mc%OeSWgr;Gkm7v(?eBx!z<wRqc!9Qj*}M=iVl
z3QA=zCag>w<8U~0F1lkbuQ7#TnZoT-=|<qr`x^Z+Vr@7bY_m-P!}?-S{+%z&1p4T_
zlFs~uC9$^j57#0YRpa-lAAYeUt<@{^XHK*ePQ6LVq5Hcqi0_Rn`qn=9U&-?=<Ag^#
z@AuuMSAuQa*Lvmfn-i7YaT7UF{JHt!mQ~r<a3^J>_}t^j``{p=92QlkReww%QIulg
z0Gq<5ibu6?^6y!Ga|uH)t|`g<kFw4oxkf5_O1Y>Xf~1T)J2dpC5+JRX34k6y5g>w{
z3_*yuqJXGY6p!b&FYBKA519y?JCud9Gux1t1tE6Igg+@=^9|43g^`zuJ0Kl;3<UjT
zf>Dv<=F`Q;iI1}zPaS-2pF($0Rq_?w+o%;E86A9UV`t|^an`vAWh$CoUQYf9&eWId
z7jM9ViG#VHcF4m-ML{$As}%0QMM7{NB6-{VuO<ifLh~hPL+rFMG27ZXFtmrevtfJf
zC0PyfeVJ^0sP+d2q+htp&F%x!g!v1bJ~SP!gUkaoLawt1f>1iV_Sy|Urvj{f(#RiG
zT+#(2ueHF!wcjO%zxwEMW4bmw;P6ZnSmnNmVS|R5h`PEu&p=4qm0?OZ`rON20n48z
znx{<5wr#-KX!)sJe1cjdxu~Yd+%@H3T2y1{i&+B&0~7Vma?_)+41`p{;OKilU2iee
zF0;vU$U`Kt@%Jwr&}`4lPw1+%lYVF%U?k@-?%31U_xHQeN#<3=;OD>TX@d9BD7y#&
zmp#61_T)GOrc<2m?vuvwm?OS2vmlFNnw*a@Vf2TU%OU1cxJL5<EPiY2=M8m(Lt^tX
z3Q49~^~8Q$NV9=xDPDxURc^6OAD}GTn2Pxd%8!IUw{LIPBBOiIu#tP){Zn;TIVoLo
zw2r;ehd^ENE>!^yN~3_qzi<2ncJ{0Q@(Bz@O!BKvQG;Ukz-6At(2ptT`%A_^O|3R<
z%crB&;<du3d>{0*yNkxe_%=^VF*5U^1Zb!|QW@yerH#|*Sgo@8Zf&hCJ|y3M#Z9gX
zcqY`u&P61KjQaX|VbB}tYO~Q3f|4spZrf!x9+iknm$Cy5&rfY&bD~K~w5*3U=jm4k
z7rY?>&n9``=^EN{(wF0(OJz0RE$LOwK%o+r?^SKxa9@Kyl6qr3aX+fy7mpaxX6gZo
zUQakuyDW~|R{POC<VN$;?;xM5%Y8-?lQ?emCI-j!<U(3mXxD_8DZ?>?1TPbQUFeJJ
zABYL5;H|cK-1h*RBEK;hz!;O`sX8DNy$fDuE;6Q&1o=5#@%(xPM7lRVZXlX|zEHi>
z4UEqdWh33mrEni)vVZ~`c3ArC67+lM%_pMqewkc8q|o|LXMzzUkH;9=2sqICOE#ck
zce<p6Mcp)q8a(GHN(!b%5H)`+HxC0Oe70KcJ}DGI3C=6XwYS9qP~9hbIPeF~5xsol
zHyO)Le(k{#A6WCt$)J5CFaM3xD&F4Jm+jOr3$TIZ!p^51JT^}K%y@NY{jCRCMGbs>
zFqYsec=TEm74p?Ju1flVKA0P}m6JfeIXvuku^UZ?GUGP_ovlvctSBQxU~ObH^#@!i
zDDMjjvv9a=*ojI@O6cV?^v%pv<M8q7_gX1zPORDZEBU-wS^Kk_J-@+Z1y814A)oRj
z_}nchJ>mH<FqYE(!RibRWn?yDCs@p^jJnaMf`L2MU&6%4uWQd);CaV)8TrbEkpIii
zRsW~4{qe1dA=04)QCtzdvD5yr=>D!Hf7`d#Hh>oTas8l5<U(jdHH6+3vC?@nJ>VeW
zTJ`cO?6Wt+EU2rbT}^+Lt-jE>y_F_BYIenaHfZ1T7Z{}5l-sA(^cDFXTYGYFAg{`)
zlxx0nyY}|$c_8!NfWbu+4h!F@6ewGaWGC2_^~}-wq$#beHkD9?ATQp^Pu&U;(#VJj
zi!SK;ju|fO`LC<8rbOzG&D*lyPz>#XZGO~<&(&2GMWKPnVHQe>qcLk)d0qxyGvnhF
zNl8hyVRblwC9n!A&%!n~Hrh7p3HFc(-uA8R45_wH=tnUJpDcv&a^>cUZDAquJ&{Lo
zqBhn;vFh4oK&5M@sAD{7DelcnWBoF&8XrNd-3@{_f2PP&T4^?%5V->*(YZgO73d`V
zb;vd9teST24?XKHdfcn-c(^Lmp)jvrd$q*Hu_0{Ie~65~5ut(!R+W(%Sp0vK!F?Mr
ztBKOV-P%d+cuOXv!NngmRhn-qwN6z|gb*mzxXwI{-$RR^T{|p^5~1B1n>d}*d_|##
zjG~Y-?M~jQX!hGHUJrKF<2NF)D<>cY_e?7%fKkwIwoG>s++pDFW}fHK(9l>uV(>sN
zh1^Mbqcd;YnHA%eMDhF9F)9(#_qRjm!WW^cTe}Sj+W+H@l!P9H5#u&$;pBh#hUbc@
z9QnTQ;q4{QQcnI|Wp#Pni)KyGO)EQs!GtK>XIu!knl!g@(Dt|LDV_{2E@3VvTtL2U
zjwb5yFxB1TkY7IfM&HmoD5!sS&Ffjv9%$UJUk3T>0gK6Ey0szi?(unpe7lrqC`TdI
zv9Op)`h-M|x5^sYOL^D62=Z}A_-UPAy-!pf9PnIF>I&*>hT&|R0|;;R7}HDM6Cn-M
z^ibAVquIV%DEhks5tenQ;DE6t{s4wQ)KpY;!0zB)4JZNVB5=`wd2YBvp2h8ZNmGN)
zH_!OQJVM+53|rP5d*6?Zda2Ub{&<!g75{m#m>rJ(!faDD>iUr={Y1MPiNew}uW?CT
zyj@Thy98jHEn(J}Z3?Z?$BFU_FDNpLLZ!NlI3neXN;=ZHz<aqU=|DCQ-X=aBAE5xC
z03ZDK`zmbh?3~JZ2b4ltqadTmbK5&O$V<HVpX6m_s|)fHC@=2y`x8?1Xk$7auew9)
zP3VUFHicBP_@<IiHlX%I=d;jjo}E^C*q*hJp(2In6H8!989(pTrXb;yXZALMu;UU~
zAk#Z@M9XubyY|Ue1QNaEm?o`ccXd^|q$)#DYasD-p0O7BP%*VmDJY^La$?e>Eut>)
zGrOxZNdtNLFfSgtTcJX6i`RvZIUHA2@U1o4bUL#!an1KT7p6P(J`;iJ9~I5c9M+f7
zXZ#dYgYa?Hlt28SRjde=Ux=TN%`3T}!-M-@ArHCBi9-8jvmzzGb!qHtTD-aNDlI8e
z!}>MxR>au%tH~-XQ7o0gQlyA$Ug9rPtCIXt#1!C_!!%K-G>fMAW$eC`)n&Lwa2ud1
z@m?7Uik$#>NG$N*_=RAB>(DE3S=JBRM+Jv|5_Zn%!r!B%mX%e|mV|wc43FO+gp0nA
zgCIjVHRwmz3)(L&cS23}lcbH|N@9e1NxN5@{OQ8@<d}l?q$WCTz)h+XL!l9bar7Q~
z&e38fTS2q_R5a(UY@llly+%Oq4}QQ%Fw}fY0C^Qfl*(l`Sq40t<V!VXI6@HitsBLh
z+=hx+A#@lgBq$Do5AcQRSVRu{UDT-hG4!aNz89Gczs8`m96k{h)j*r=)tWvIB?y`u
z#wNXow)l*v&w`IwxJmI-UV&{}5bV16;B@y2N_*w`;e2ch6aYt_fWpM)ax%{U$-!C7
zE{{<{RCI>_gw$?hqT2}0&b)2xA8n(wTqX5KKO*b3fb+Qf!tF}lFY@U2+#bD?{HwLr
zgr)7^;_nDCJ*ssNchK@7*L_$b>|saUFIw+M1daL&E{i7bth|Je9pdY{I>Uyw{j~<;
znWDM|1_mJAlp~n=E$ctbhLoph8x|R(+d4heC+Z=pa*_wkFQT?+*m-FZu2M-dcg05E
zbc<%D_)35b8>@96@J&C=^fQbaRGoKByiLVQd5I|Ae5{FEA%!I>W{ZG;fOS9q6fCKa
zKIqnrS6AU7Wznx}*gZSv=W-ws%G!+x&fq}}SV6tsP2z<^+VeYIS?~!ZGiX;Q4tuVb
zgI2#>ZT(O*mdaPHoC<gFyHF3qR~`M`cs*QOqv_{T4=4#L=syz)ISn-t;ibP+vB_nA
z-wf9otb9dP(m{Goyh`2LZ5SA1o9-1K?QYi#Yudx|n<y}Wm-OjjWhufNqF@lr!3AE#
z={%0kWFIwk{aeOD%ryR*g5J4*Q+^ax5M+CPltfZ<5Rm@X$Y%agJsA|hv?WDFRh$Bq
zpO}<{WYNK;F1^k3)2Fw+gjvz{#<_~-Rc5wYN*dZ@56Pd^)wLr+QNs3<er<E1hmUSd
z?peMOBdN;HhDj-sQBeY((cJ^3xJ&z2O@U2A#w~YiKz^-Se=FvYRTT>JrP2l}RM8+4
zv9q=%7@vF?f3e`X;`Zt{NF!KbB_izot97FWc0KbMUCP_HI15^zlOJ6mtbR~L3Vg{y
zzkY4o;o!vXf(ohsIm{1C*nR>X1A@kxTY`I`!|&cJ<W6&IKsh*kHBFp)V48u;oHWe~
zQb_3&aC)?;$_tE{1>mIb7OMIoW^0ZGXuY*)orcw~iiTqJL<m19lfJK~510H*z+*Z8
z|IVD2sv)q@SSg1b@bFmR)>vcixnxN=$$2nDwW_}DF2|Sy%9{)OXmgWQ)YQa-RsF=W
z7z&Gv)z4(%o;OO%%hj_dOtlY1e-8~!ny?eJ9K?uy(*OU`e$y&@M#UzkbHkX4zNof;
z^3lYR2F+-fJ=$AoE^3eb=^BVmi;(XZm7eG-Vx^qutrtb}0H4wkez#JB^ew~sUEgwx
z++;~1YdPC#ec-B};O}HT1i}wIQWeR%0zI#68>HlMFnfK40zQ8Hn3(k|;=dO`Ld~(V
zsNdftp43p>0IL;UtDI2T`U;hOe6DP8q#S<;ne=-qq*m&*^}a>j;1i?Ea|BjtTU{-w
zxdV52ZVs(WBsEdEtiSNj9>f@SR8-V#h^1v&o9m_d$v`yqoQ#_g1U@Py&(##ce<sK0
zD$eAyRQM;&5##r0r6Fi8NrNu<Bn!nLMn!xtP|VNIFLiY!yfyNBA>B;L6$1mTTA-09
z8Ju=ZLPA1j!BMB~^irXHSI7-Lj}T_>`|ezh^Qnl@WCNDeT`7b;7cH1VN8oMJ`u`P7
z>Lj67dtoDCptLRIby%1v9(<0(x?b3z(5Sc8(?Xp^Eq%12XhK_c&P&t!g3#FT^T&6r
ze4U^{u${eq(Vu)F-5b4OJMwNq-|aud#mz>YvBQ@aZcc-dFI|``No5I%NnRRCSZFaE
zokr$3+nYj2tYr5&(xS8xwcJ{&HcvADU{miLa+P>5$|aXc&|W2s2QpX)Gmzs0z{fr6
zs?X<WAh~M)=cRY9!SFwL$=epV=i2+Rq8u`KIwnC^?Ah1UDvsk%yK{QidVXs3^CyzI
zF%H4T9UMgDh{5>5oiBvayQ=G{O2kO`>^Etb%z|`Zu-|{vD&90mSi*-AZFF+LH)y#3
z%4NDtd-3lK*?!|Y-v6*;+wgumk5)~--?{wqS!Ec3BEQYkKuy5QvbBJfHa6s<CWN(4
z7^a;o3aiFJ$k(?><}ZHY1dSeqTC}0D@ywDqCN@@w62bsFA0{fJ;(qF5j5(LsnPr4A
zf|?)~z$9V$-91q7c{Shv@GoSV7@CEsslM`hZE8oe7H<ai3V7p`Eef&cLDG9MtEfn6
zLF9%8O~C;>zEdA5UMgNy#2m8-+0V~U5p>tu#ntRg;g9dyBiDX1rlP1xS1(&jWflJd
zpj}%TvV1~L>7w1k(6RK2SM8pUchQBP^H+PRFHzvJPk#bwO5w&!Sve-Yz5UtPl+SMV
zApGCBXaX&Yi9IiFUI@3Yx8&Ks!a>vht|il{h#=F><w}NkEo2Lt9%1;tt0i7*WC5ox
z5|kQ3ypbe@MR_=1mfWE^s~1eS))V;95{DrND*nDy0UvTF%on*kVg8ekz^ZxD0hC%2
zaNp$P$Nz4peDsG9<MXL+Hj!98nIqNf+>ii$2X1afH|*1rOZOE$%-OeLk=fX4co(F<
z*-B`R*8VK+A5@<&ynj@c7f?aBhCX8Nq+N!ZDE|5L=l0P|T~=G0RF1(uVoTIdg0W-k
zdu#Lu#`rYP2QlqI()Mo=FQ6H3HB(U5d7WFD^e3O}zc@UVuzH!cW`j-q7;1Hy>jhxI
zGEA+M8t?Z6hIRs&rJdukmuTv-l^++kz01ejb2=|Al)gyziFck)`(3R-N3uLPx!SMQ
zA{%$As2x#%DFvAR9wi&LC+Z&;&$tX8bm<JU%bCBx*m&d#%cI``bpomuC4o6)O_Z1v
z9Bd*Y{C@wSaa;b-+5Xo8&6bS0DnW?_Zg_f{icHzl7v@4e5W<e)Mx;i%)U9oS88))P
zI$N5>{fH+b8PZi)Vy;z8Zjf0fw>9%1&U<>bHM>mGQP(*$;~);M9+klFA{6v2@Ak3F
zyEF6i?Q5nBV)y^FqPu)nScwwPdukr?;P}!~$Rj`_{QZ|B4KDlX;pD<kvfzRFcYl3i
zeSC1Rv>C(-oh$Cuk^|8c6mdw_I+!47sW8?hHx!ZK|F+k3?~k}T{K_eV(^*%A!udMY
zNM6wMn6)32spqgB*>&9SI~XSiK3{5<w&9m(iFnP(wgb1jiVTWCWL-ygkZ#h+<Il2j
z4g(O03R|?;C(YIv&p!ph$NI|iv$7V&ERqc|15wY!I+Hg4-nnuY*Lf3uh3U;;X}_<l
z)L6+o$V5p+Wd;<FJPp)(?WBdz+wvT?bx<=wzWe2;vQQL&gFn#h<|ma)jmZKfQ6}Vm
zQ*i~(_G|ULOMye7oE{3{)`Ur*nQGwo%`=3M;KTRrtH)Qb63dp!QL&0&G7h~~M4T4c
z07YeXb$5B712khJ4$J$qe)3idj|SrIs!O4_qq-r*f>qWHp)5!nl;+N7^E8HfbLXbp
zQr0!j6CZH@CHLL0!2SW=qHKIBTL`5FZ+XUYX?`))_+Mt)*xmz$MWSE{m}?8ifQrvp
zM2laL!MP(X9P4&iNJz-X#Kc4~OESKw$h=vL`S-}knttQ}xKN^H4*v&|Bao3*I0y_H
zWcZoq7uNjlhgYveMbkNdhu@_yMZ5RmvYau5Qagp@v@Lt?^%t;C*O`+cK|SKBMvuz{
zV2aHvB&6N`QYvVyfqz&-k*HXd7grZ$2L^HnUh7p<*vOJA`?muR|7MV^cE940Tmb0m
ztgB}+&83SrPTljVxE)dW>Ld74&i{_4xrq;bhTyZ{hk+K36GEV@B2xQ4$tS+4-O~Ej
z!RH8^L`naJdmIiD#B=gjZIX@*h8J3Ulc*pmhz<B42Z&!fe}lBWO+&#y7vt0__I5Yv
zbCbo0p6ysAYxL@p5Qa|Yy&R^o=hv(d>SU|PDNKHT^AcBn`3+T0SAH6_ik<Q4Y4^}a
z(pDH)*fFs5Uk&e0<fvaBuQadxTC6}DOn^m1Z-LKuDqxQT06x>_f#1J5>uTd#c-QBa
z?}!d%RY~&J4K?3oZjp-ZX)eUW1+|ShmG0zJG$5dnGo>c>0zd88zWG{9Ib0zX_yT`Q
z*5$Ut6cjUKqoi=8;?l3@A<$l7YDP({ahpLa6V8u3;9oGNzO&tc0dKexFi!6QC-gR7
z7zUw;WUvThaw7{DJ;T-|`yqnUpYbg5lwYNl=C3k6P>_-NOM!+|1>{(t5$->May|Fg
z<RAWlfA5`bo)xJDt<1?+cZz6a;-q7|YqlZJ5~D8VNE>ZwY795r;nEeUq|H%<p~ze^
zIG)ds*ZFXQWVwjKJ?@{DDhs#kG@(p4Mhxv-4#X{#@|54{*)hSVNu?MVl=W(b`Dk=?
z34wPIUP%Uq@#ZC$SP^Ze_(hsRbsP>D&l1@5gmf0qqjMfNhv&pD&#1rbyw0W)$av*(
zq|zI0hK<q*gBIMDZsPIDHe94t5;@d7+9!&rq#467{%w_<?0Nn*{_dskZaGvMno0;r
zZ>Kx>=RR7w0*rlECfkH)E>s1i!G2F!8(c@oPY1!H4JRu1r7ZAZ{FtFVIK0How8b{v
zz7(ae%D#el5lNG-<JYfWYBp1)1qJNH+~(6vqE<~d9%b5%|4>x~%QUO+rhoK0(X;AJ
zM^=0rW-oMQd$iSOsT@1C+f6vZnf6+5XwT7z?OTWkhKApmf%>;AjSX0nez5TK>prB2
znbo2P<a&yV0i-EWth-!`sKNVY1;w+H($d$^#TYkambxate{#@qaM+?p?Sa66)0;PM
zw34Z(st{}()@m)(IeAXb#-*hH`?g?mxf@;Zkey8{s=n`=_slr!SpMjmo-VjJPyFtK
zgdas{aOdVz$IQpL(9}?q%x<W05Y2|k>i0CXoO{Xf;fJcT9l|8NnHO5vao{D0^Ic(+
zN+5gJ;O<JkJmz9tl8fhNXf~C;20E-$n1u|L!r|!;#jz<VOR(cl1Lo7A|Cej`he3BB
z#E<EtK_s*Qr{0<X+4!~fN>eTU29CU`v=^ale1aE#RH(<2HeZSpB32N3p@`@oW3o;n
z!DSh*y~UuWQzz_;6WgVJ>q+2$^Wl+&?<Fx_F5KQX6tb_04_2MA7tNypbirNqJirS!
zeejTJzdl@;!kFx&@C~v*1<r8ZVOM&1%od|u&*qGbHE6!h7;#*h9_fGD$P#;cEDS<Y
zUOeFFZ;0g<60WbQdG%XHF^mU)t9BfAR7Cw0X*P_vHsiMfw<{$KBHHfM9XfaZddhQr
zy5oU>3d*@PpN@={+?~|a$_Lev6Wf>$PlKZue*fyHPoEAxfBr1EZbET%TjPIy;%lPM
z%X(<7tM0WK=u{4JAC^$Xux4Y$j9jytrP_^?D$~Tw64fAJD%KxPjKeiDrFh?`$xCZ?
zDVWN;lCbOWHqh?&j(X#F(z!EUz-UCDF)h=tV}NwqgfCo#qr$(W6gL`j?o2iOj-n}}
zr^TNC)W&lc+J$=>3=`z3vxnJfzW+_>7fLSCs82;jh2QHp+A=_~f0CWO)C6`0-nAB&
zYIX(&)6IfUIg6^4KS-+lwiG#9mW9buI=5<IxLH|QD^+^Kz!#)(>FG80Y<6%pNT4r0
zP`-{0N508CRAf$Y_$tR0DQ<FL)aYEU0^ZEYa8i;~t0kD>_%kK8gfJa)39CwNWcuhN
zuF1DmT_|2};Q4#g?)CfxsenXnuUw`C&rw$fkOu??R*?f=Bs2?pu3&y%RDAq45hkXM
zEU*I>)269vfowR?a*3Us>Vrmc*f9Q`B}>Hxg3QiGX-`505`jm4Cgwp218cYJ7iiSe
zV^gA!j2@;h9<B`pCyGM!w<NTlo#w!(T&BLjzCqcb7B#3tqLd|WKqt4%^mwe(%TJg^
zWT1iez!z3sCcDtoUpl=%X%F&cOIWTGji{p#ezvnVK-pXj_3e`LO>!Aiwk45wXY49l
ziS>S0oA-62IS(br2^kRj75^qu`GEgz;np`^A9i}Ca6m~f{Il{G`m=~K^s7LCJM`(m
zRZbXwS_%d3hSrI>xyV2n{9M#uf*F57>6gBUfdS<WD__{+tQ0oXQo#E9x>0X$uj4v5
zU12cAat|zQM);RH%e`L0Fzb;fM-xulIC)-K)EO#$qfO49)W@wo`Iz)J!ZA4eQz)I%
zx4PD;a4uf@>p6_$Zc0)6GMEk3d<Ck0pM)$+E~Ar+sMvgI%`WPvJ_TJuyDI&2&=`Tf
z(3~gQh-h_ugIW6GA+{MA%oZA+pMU4t;SF71IWo7ZS#46g^z`ey42D7Zs@BqFSHDSK
zb``?$SH6vR3G+w^wF+xU^O9o3sR<8`OiX4nItr(pXLIBPwt-E^trq5RI2AD8QRV??
zyR)DDIC~^mktxnO1zCn;{$f8N=!l<GfT|Pb2MOPI(p?E)vm6`BhKPH5w&C%xZGsRc
z-@?MeAa0|tJq6bUf;GpXNuwJOevV_vaQstu#`JDR$Hy~mo`yCp*ho?&;-rexU<I^g
zBaEIT_!jndJuKO{zPdZbw+8vD!tE*CoZ9;L{^j<ABMM@(dCet>v}<0{`{4uQllqCA
ztzW&6Mhc#2bLK1(K2&yJ6jcov#GJiIl`nX)fCKc<kH#Z6uLTl$#WTbTShzSj_t|;4
zzpwkn#j!k!+QBi~;J^>=eYNCC5#I-sHs5y<^gO=3*FT^VuM&{(!$<L%TrWA=T3V`-
z2Z{D9rSP{r-2Fa@L(5g%j;rK<-w@hHesKM?KAw+5$-?p>Q^nj3?l4o7nX0%B4bTAv
zfXnr#I6<Q;{ZS*AguVU6P`&k<6$dxB2ZE=XvlNxLF^DqWBM^n>HP|0D;!VoD_C>Hv
zkhV^Ej-4~k8U1ToQ;oj=74qfbVsEOF6|3Y_y)!mc&Rm8%bp)OW5$?FOcFY{rftyzC
zFkcK{B09X=(vVJ*I_V_Fuc4A)<Ppce1q2111cvHT>{3J|ZfOTV=OSbkodOycJ@~A1
zZ|;GfL@F}$p1wTQ(1`XH*Fa2}&+>x`kJWO6B1u0Eai_0jll-@p<cl9w`0<(XGhDfa
zl+N~yH<G>|zev4uInx&K(Z$$<7qLLdK{J44Nh7_I@9ixz_+dfcdLVRd&!3GRhM{rD
zrri*QOhh$qB<m*RF4E|%pb-8Ce4u)Hw>R!v+uMAi{FrTyc6KRfW@=_5@YI^b=jSLt
zOq^Gf9{x>G!K`*&vsxfTKazQfnH3f?+<n%A+Z&o4kh-{EC)6LKD7dMuhzqab_WulP
zzn3fJ`hc2&_Vd1>?2GQ4_5N2AF+J-)KhP;5yT`{uIHQb**N(@)3}#U|(u1s7`O#;0
z25@=7jg)u`6X9e{FaveWSp~B#WN1fU8^Pgt`L-B54r)9GYt7PDu2O}P7Uej3q8@VJ
zLuo;orSGwls8Lpy6s~#DzEEAt<e$%MS_;;ou==@3c*>BY`dKn40rPP`|A2s_MA{_;
za`Fsn@Hos<9JxS=d;_sQR|;WauS}2^anuav>7d(NtUa*n`$2YVc(>8~n6Z*1-j~A-
zPc9Ne_oK=<pe2;9-P1b!Zr<EH?dd#TN<JmJqQZurn7OlbTi=777k_lnbK2%}Xrvbj
zsImn0H|!OWSeiNt0gii<zk0zDdubxU2uilUOaQS!C?FdLi~yDB>GK~aXTSMCV70x#
zb17tEU~oqA#5Mwk6GEqqLf>=QQy4y-(l)0SWoJ{>p}QK=YDlFu8Mj6vTSx2rAjpp+
zcg=m8Ny?+!H_`6Fx=Ga19KkDat)LVcC@PW@JrUZHbB7K<T0nYTTvT_ZWx)ougkb5T
zhx_{VbsA_AM1+I0>~_4-oLuGe8)bSSHsQjc60ooD`oF@#ABxdMkeMxAY9ot?fX!C7
zbj@};*+&g|?ZwrT!2NN{EmAnEATncuJ?OX;KR`l?_Gj6@L;CSbO_n!`LgTVfeiMNN
z+m?ZG1;)#>L4{Uz_63=i%$+c&5K>DBq*Y`N@s5Q;6FdjPOe5!LW$j=VT08%D!>tkG
zN8(E%Bvhw}k(&HIKkqdYh;F?OIdBG_ysq^~c(wW3xuzik@s61XF-c!Q#YerTE*A=l
zF0Gc3t?MnL{NHQ5yVfqlzs7bex6H?8^}p7>xIwdQyqp0aA0CbknrE6PYaj(BC0xj;
zsLQ^hnMGW(Sy`jV)N_uL5e!_2@8~mx(1?z=c25ls()EAAHcM^r@Z{14@h4Sn7#a=q
zZmYFqN6pV`H0L4V*YppLfa?}EJ0NcM{Sidjh@8VzGFx8J#;CtEn2kFo(&eS%29X(r
zS5%JHuWU$t85!#a&tmXAW&y5XmQ=|79V&>~S!9Zrd3_JY@DcsAlK0V^n}ZG?7dOG^
zy@^OV=$ldV<u)ELeU7QhsH-y`qW>|vH<N<;tHqZoyWbxgW-N=95z1TkHJa75^k97t
zl)F3*(>UNrH5-CIoEG0Gm?%^YOiZp&9mm00D(;KRRd*1^H7Z!~T55_CGXs<~H0GfV
z7MEm**JB+n=0i@@S@f=Uf(=X>7I`fnR-@m$tg>#AM+K1FC9@|Vc%E)mo=`dC*EGE=
zU)O@qs=%`H)>J1|>sk6S>t-DSt)I7Ct{B+`E|MeI@%m?-bKgWU<SQJ!FDSKRPd#i&
z^awf}=D}e`YyR&+W`2JDZ@jJnN&#;QiI2LC8>d-$*yPL{wW)n3b_MfyEOi!QC2+&z
zyD97?w4a3vsB)Q*>->HX4ss8%70@9yiNlK^izrIp;9GoNVZqG^%w5l}hVpH+aTG?V
zVc8piLt(d^uVB^H)vb&wi|R8>kB<I>OH6!F=X9bg-_nmS?M7?{(|qe9=<?5IXrEQF
zKS)qprb|8&9`8pU-C}CZ1>5}JqGq4+=juNSt;dipX7$r{Z2N9C9cB%`oji84lE#02
z-f-Hph~EAFWle7AX<89!^#Z+`sIXgP$co<j;N}8nNSv9Unb@<W3{UMQP+80NMnIq$
z<Hq<8UmeL2;u!~}-MZ$uLL7thb>&YV!B6#I$5z$u$1O(~9$+A6dev^C9^8VR|8+L;
z`}}1KC!LQ|ftM;K@}_M!;x0?UyFC`D^y<=?kEw2j2!_`Y`yue&0mL;@n7zq>&}84z
zA0+f&7T7P}uZ9Nvz9@5LE2-f2mfm`=RB)WMM!&&xY>A<D75z54he%!P*Z#h_O!<|W
zB{DI=MO{97p<fFX{-n8|J5<M<L2JZA=<r<yKz;0uhwzr<NJo~vzNRa&T}lHBxAf+U
zBVt*<?PlLmJNUCus#QPq;pJouZ;8X*l2Vw^Q+y9ynGxCu2!e*i6mY>FvsbOG)!3gy
z-D)q0f(>f}uPfu>i<odBmO*lu7l~SGX9`9W3Aj+ZES4<cyHAQScxU69-lkqdH1|U*
z1pJ(xFy0ljAoGAQiQ}BtUy)LU7)8o}(QonL=EwiSd3sh>rHG&=?vvhny-5X5d!xt@
zHKcNtKcEW@`93lr>*tMjE@0tdxaJ1J9k5xG^opYEzzLbyG6v0kXkzug>>RB_IkHtE
za@aQPq(y<im$+CY3Vg>Pc~^mVXDrt>DY*!7LO>(h3czZKw@EYfT0(C{7@FW&_QK@S
zm}EV?33g7*itu3^H404wS0zn4K~MK~Nncu-Q1(p=9S0r3u(#8N#T^`v8_GPBGuWfq
zS(FF@j+7Z~H|VNr6Y%EEluWa4s^@Hy>=*Ep7l+J+-`hetz9>tpDEu@n_||l>vVbin
z=o_8d>-?j?UAC4!Ek4uR&TcZdvUBNL(8<AZU#`c9_toA2C9Hy`?4a2eRySgTq@?7d
z-waJpD;dUEm-A+v`u8YZ;_M}N)WdJNAi=QC*Pq~es7<4T{i!6-d-@TqP<=FXbfZ2a
zqGDoQ0<T{uvc{~Ecq??bxSS_s0Gd(Vi;CrvA;w2U{WPT>zCh;7ZTlMU7Czn|8kVGI
zk}3$JvOEr!R41KGc#pf3k3%4eS(HlSrAs2CJucc+lOOrLBZTy|nOU8J5wynp{&f3?
zL*k3W-fvthIu(7D*-*-8o6-v^kd>xO5otONsDdwD_{RY!tF24B>+2L}{|@sNGpr5(
zJ)ebTIff*tyxMmRq51hLuNoV7XH@5lzS+d%aK@aFa+}_U_wY}7{0mAJT@P|bw7udp
zU=;E4kH-=2eJ3)^Dte^Vk?k|OPQ^V_hf{JnOe(X()-H{ak(cT6mS(LER)%C=?U2t#
zKP5L?0}XnP;iA?5f~Th07ne$fLXNW)VrBKz*V98oMD0ktyu9ovXHLSmNbZ|)`^JcU
z0ZvqqT~bsOt2jF^Pi<;ofI&R9A5Wmuyp*0Y>WydjPC`_|Q!f&#ltL4d)f+XnL8*Nv
zNSH1(XtecfNZ5X+3HgE833Ir-RdD?7uc8(k8=E2~-X>>3+{@Zl`Z5Eot*&ln7?dQo
zB&4{cFoPh@ziIJ&bX9-JSe0m0cB$aIv4x^!mTQCPM&()r>67g$ssIcbRw_sLh%D&M
zxS(y;cxgq*L-WEXe=V5VjJf*G{nncS4rS8+Zyx^-t!r!sXE2yGtsK>f$ST*Y{tGAN
zN~3GrKlja`XNS=g>E&3-V&;KA&qMOgW}P+n-;1Z@6pIjxhltJZ(;8xiv$pB&zisJW
zP=JiXVtSHUR@UQwO{tz$YN(`pA@4J&B^a=m323ifuFG5?#YM((>cVej26g(V*)~vV
zwNzJ%nD-&+dwEXX7_`VRI>=NrW1bNTI39A!h66yp9d0vYDgcbc%Y?#yiGC0KU0Rx&
zjW$mYw;zvmzR@zwTHn|{gB$d0dfUxMTLA3ECdc40dOU2Z06A&>G-balj)x3d+WcfK
zdz_YdMVA@9yANm+vxwJcg0k&t?%`jmva#sbohq#Fm9~E!SdFBESR-o-)r!qWKOqzr
zDT+%ph!cevbI7c^O&UyN%o5MQ1g0Xac&apiO6`*v$GXP{XlMZpEXOrxmeEbH82B*E
zHiU^vI$Eiw2)q@8&#J2O{rHXAA*%>+s8XjW`Rfw3hWGR1mK^G<VUb9f&*RH`H;2mg
zWezHB*Y83aT+aWB?~G+65}ZZBgDu>i{)+IkK_W{C*-Iy48DP%70X7#c%44HpLpS30
z&|6-^v!#d_htF#fs%w1f*u8*w*SXNfhIDzj5UVab@a!pP9#L2PEhAy|4nqXT85@fR
zIeX;W!h=vQbv_m7S0ku#Sizh?r=#fjXVO!VegVSJ>E3;F6@43=?00pHFdq21Xn>SI
zCRcQX&gHvWX(Y|0-5&GtV0c0Z^O91*X~^0ALcQ`;qg+u@QK?0uzrVzEkzXo;L{JMV
zY3sM*VUTTtd}k{DqD#IJYa!RDT^3O>Vq&rXZvISiDN8JQJUd9Jdx_1*_jRW)@eHV(
zjNyH9U$A?j+Y=?`IMD#5Em_n^VtX9$;G{$DZ=Rl>?kTq^K6aLr)Yo_76swgAxt^|f
zvd(!Jf-S_bG4kl+LK8hEk5w>v=UuUH6xD}N%<Lsdt*I%J49?Yw(eDOZ`gHK0!H_H*
zWN)zF#k|TzK3nzwGvSB`cVcB_)x3Te4}Re@mi0TSmJ4<7@`c_WN^zDRCL2T<e|<hw
z5`5?FBE48vJFe-1g6x>pjr()tq_12=K`TpNPV)@BELbGQ_0Kp)R$?yB*(e*5kpK0i
znu@kvGt^rB{Y}{R5=}lCC=}BuF_2D;j^<chUe>l`j0_G&Qq(x*z_ypy?zdz+f}Fyn
zCJraOY5RWlFa9fdH)XmB_lxb4KF~o6e6xJ9J*kLleCow2gvz7zyeT99Iy)(_yPd+4
z&d5aOz1B^R*w4hG<FsJ+Z)@;rk|8wOeu?z3>9VivkK}x1dv^r$<$uG9>&Fv?UU@IP
zhpGw!x5;iE)aVVNIte7T_9s7G@9|bfUl>*YQpt);Uv}!^AJZc>?HxvHbN{&Uvrm+F
z6ly7tg#U#Cst7hTn=gFf_-90EMhv^=RYEq=;u<IvZlqNpk475gZa2Pj>;xNG@(T&O
z-LMxK!}d3py&Ajl4bhV3SYVy-#yczNj-rz}@|(xg!LOoO8MbG=M8b<Pf1YV{I4CJQ
zp^?;-4S)D07p>#@LurspFnXH>Pn4}FeWOOZI<vEub;e?W%0>R>azXXxO56TYVQUFG
z)2SD7im+b4;$yM3H<iC5lEDq819;ha50s(X0A_Rvo~3IbnK-FiEuF6QE;*4yfQzH+
zYsq?rz2u>`I0`<?JH}%pd4GLT^6J0-$5B+q>|Z`Q<mK&{g4dayQA`FJN}>>Z19lS1
z57F_f-c<ypHQ+#n&67ekPp@4yC?}RRb0azyk}i1Tx@W(rUHDq5bK*lv)0^NVYU~Cg
zUg?JYc!f?&USRz~TJICGw`rF+ysPN*)8`X#pwnx-B?G4VQ)Pd>c9Sdiz3eyB97X05
zY~YiFwwiHk`Yzk>@382Ao$)}hQ@VeAd<C#F>VCfn_W~6V9Y25fHoX8>F6%Jy4EQ><
zdG2e}vK^p0TjB4xZ<~^P(;br=wiO)B(=<rNG9V!<sP>J19VltRy{@Dcs}S+ud*7hw
zYOnp&&cGmHPSG@@JoOEpQye9|8QEY$Nf%lWy|-E%K2?}A-Ez+v`O)Qwdhw<;c0OW>
zNI$U&Nvq|B7brkSSH~Nrx{T0Is1$DxUS+2j5SC=+I|fEZ4mYrTWs?dx&evWNWLAT*
zRb1ZE;-ao@m2t?nmn!%=)JnA72BxOYImu?~VDBBND)~ry{@4_Z^W;}#%BbrpHXsWT
zg;UR7LiZfcS@l<1-}S}1o^(a(cP6_W)ud$Kzt=klKl%z9GIF0Z{4y%hezh+U>b-?f
z?yP)E#kI=GEsYxg!&w1`eJR2bnA$~>>uSM{IbV>&8GEo&0=@MMeTb3#@0do#HJ|e1
z)y7rhAByT)gsLi&$*guJpcw>D>nEovKTe2b&rp9oLjq&>ut2geJ=nw-IDf=NsdN$W
zT74J~du<^8D;_zDi(&>U?CpiPU(9J88RA`1I0@fBQ!PRJn3xz7pW*j)VIgq`C2)TI
z(|h&mCEA{U{!HP*%eskm@{bS7goQ=xi+Okm4n4%I$o?F84MnxQL8H+!%g2KN$96&h
zmw@Li*$5p)BxtLT>kzm@`Z@|nU&C){eFSO%SEF163rWHoOk_4Ts_=fu2MFS8_k%mx
z?#tzn1#n~oY5p<?9d_-Ec7FndhCh>D?3_gf2ulrxU$nIHWj1cG@8PaIQq#%b+Z$?r
z7SO&Cc5i2dfq&vO#-{R-^kdiOY=l@vPm#=)lgK2!A0yVe4(aY~Ou~3qX_cDt!8YBw
zSHJUtPY8n?{>OenwiD2n0JX#1%IY|CG)({{ZPl;pxT{MnOto085#@e0VtG|+(wpJ3
zA`ATt<j+0M8h9*AP&H-ExRG0s)C>xn6cqnB)~|29LBACde|Qm+=GNaXKT7Li0qhCm
ztWiC}xTlVQK+?PO=GbBb$b7R?`G<zg?mV-XVJO%&$$+s%82k0>oe&)@3;&gxjzBYz
z=HLJz%S~Vk+M3(;LMrdtY<_5h&FHYypMQ<NTP_tz<{^&VpGeU8orr6THWwyq5@Avo
z4Z5c&vmsA5T-BB^KUI#_!T=+yuefkK_?K@5WoC3qe1OnFM~F>&wE)?VWDJTdQ1eUE
zJaS%{CIs1U4T>a-?4Ei?VCxuldI3<eXWQW>Q={B_f|-?(-QVAu@GzR9Yu(n?e$my0
zQKP#BM-Upce9<>P(vc5zx1+lRcT2>TdQuV$z`&L5+x2~WR4M_c{q+D|3hX58+32fm
zjZNvxE!UMFbRb<99Cl_Z?)`K$wrOQLxac8Z%0+YuWKPZ;P2T}L6{PywBXsSt{|hDc
zB;agw^6+LI4M*y-<7<ms<c3OkcsQ10nQX4Ps^JglFBbNDC0gf<g)+4qos)B)MJ0P{
z723)x{B<<d`=>b%iWsMzFYVtbV;doRM?MNjMdiD!{xz#S-S6x}%!P4hb7lDWJUV9f
zdl$>VXG|>6K_UhehHR6P0=d|+wJR4Fyry%^%*=@>O;CQL$oTH#nw`Gw-?!yH%hnz4
z?fw+}_9r02bF~@`Bg<*biU^q?L_}3pwIH`9kOegf+DAZS8H=UEx>*|2Ph8l}i5!_W
z_0}VMK5~udJ>8cqS0a?s)qhKo6+8oSG$?>T)me+c31zT!{QpBoIfKMQZY1LM$tb~=
z{*NUST7mo@@AXA^>i}arfF^=%BI<WTWjA%U;p+1+hCI&FEnXs*LPgu(>Dkypi87z`
zA|=bh^gg^sG$~-vSF^SdzdAd&mOVF_|5H>8B@%bCNXXj@W>(jP+~04Ci|4FHcTJO7
zG=ilgNE*?ZqBHS=C~^@k3CRRqYb-YV!n@%KH$hNvvohcgjN2WNC5E>6nJ1ukvdSX(
zS!q~enaq6Q#hjc2k?=d9mU3Sq6KxWAQiWycon>oGt+?5~S$UB80&?7CcmeLe(@cho
zN1v=NpEBCq2M-;e9s*8`&8QLJSu!iP^0%m|sq002!YCMBDj@Fwei`Mo7aVo%-EZz%
zYZh;F-o7z{Z)5nq^Sx0jFE6h#hDbacF3kGfVuPU)tX7=qMP4b9`To1hS_hUlefj}Z
zz*ztKQ{hIWKJ*(PI}p9whvBzlM6SOgK!Xmu0?2K=<-e<S<UE$U2Nf0SegZ^;zA@H-
z_q_|~ED$IiHH-2fPAh5Y{^GvAK33P00SC1h__~l#ck=T=$;r)*hy=M`nN?NFtIq*g
zjebHnnPqfOXaxHAcb&P2K8&d#92at3HX1iTPztTglsTB(-sR?~tLr$2^19{k@FEfP
z9gAu6OAHc`N8o=+wly^iJ_p2Q=fG`3mdtCd8)QX&rPmMp9JW+cWY*AF@3!(|dVFe1
z{Oan;u>RXR`1BTC5*R1HhCSb*GWtV%Jn6+Pj;Nrth74K#6O^Ro?g2b$v2WtsS$#!i
zf2btkqw|(nGCf9R60K6j>Gg2FDc1J(>eO-Qe;7CRXul1~YE3)JcYDI16Vu~drl%4W
z!9}?sTE|_P%udP3um)7@;;+C6#0xp*jzaf$eE$NK?VQFfN}=K0dwxfPfbLoO%_$0n
z%&4%?H;Bydnp?sW4t|X~@`LZUGwUvj&{~&EijBYw*oid65Yyz8+WCG=xXeM<+ksei
zkFyn@H*dt(mYcQ(dItw(|Dt~H)I!gNiYi0YLS$wx)|#(v&*RfVbaJ{*8_&lCCb7D#
zn4HHApZ2l$Ae-;t<w2TMIGvM^chT8GQOH3fS8>B%5>@eGCJ=5|L=PU1E2oo*xmdNJ
z*a(x$Uqb}?k}E=j3*TL&S4pGi_3>=0DBKCk6b;Wud2gJP<Ly0v2Vr=o2;hTS01k9T
zk{8jY@PiZ#lrnrW8fK<q`g<2wyK-19gv0E2^V&mD4<)+oo~^~e0fwPgqG7-k+Mhte
zYIM5($A|W7%C*R4d9DKvolcEr04)orq|bDoFOID`A#YFi!qx5&D2}}HpafnQXZcq*
zP_muF(kL&<+BrL0ThH3B!wKSU*H2YCOtEIr|6yyzG89dlH+OfPD*$Fmdk4_)7UBP6
zM}@R{6_Qjz>$S5NrwOBXe=X^vQgeZj>I`>ucvHUu$|8*}{#+b-F^Gv>a5rZU&KZ#>
zzwUqS=;O;oDf=d~LVl%wB%s2|jlz}S=Uw@bObZlm!rOL53iREnSCBO)%a#7f6H;Ri
z(s4EKVgZ&qFl#Ey>^Fa~`|;jIMOBqhAMQZ!_+-3^8Xy@_LnN}@oSi>J*VjkCM-Auq
z3iuYR92vvj$;qj-xwZA0(t-QWY~Y<Mx^k|J6=Z$$sg{stDeId{3cDH7>aBO}`CmSa
zjc|dpc_Lf=gYzBHP2gSIrVO)y%S98-0QF$=J7B7!-XV<AT$jk(=GbY^#lm9wYq>7V
zsB7+iiwzhMV035v)ZI50KpO-m+#S`REzQRY1pcP?kdkiSG%JI*SS5FN)^K5=Isb>K
zZw~7;>ekM-G1<1Qsj11fZDZ<}-K5D)wvEYdCc7rvw)>uW&wI}If7eyJy`R1ITDPcz
za<y1ziL=@s13T><S!-a^8$HSb23=orfq53(jmA2mnYDF-$MbFa-iF_Ue!F8l;HuZ}
zFeT4q(D7&pBiGf{C5^+VRolAtuzO}-2pgeta$GvwP|rXGVmq{Aa6Udhj_-<fl0c`N
ztnvzwUs^qChAQO^I~EpPhU0?OvVF20C?8imWn}tR41@x{p5{q(J0?+q3zAF?$8UHX
z0H%bR1TAY@4|E-VFZXPKYW|>ass1<F3$N$aj5sUqV1>_Rxo07cM{J%!r%&h?mrs!m
zX;+xVt0t`7A~Q<i&;ua>RX*}X*vH5C9enUR!O+4yV9qbAoS^~+v;V<g+flkihu?WL
zt|6PjWMDgd8Y3=Grk!TWlSf&83c0%MTw#`^8np{0JYRhw%$)=~Q`6I1^+Z;M**sk>
zl1tSBr051_h;AD320(124k`hI9ZiSQ`Z|oi8`pHr$au}dk6T`xHTTx9)R+{geScun
z7~$nh;a{I`;M^{h**!<Ije;aLm{rz7z>U6poeE_-?I;KuUpV4wu0A|u{`%;-u-zX^
zr*O@T53~0KR@j7lt1Vjp{BYrq1%gRnu-j?EIn@T_XEZMV6oQc6zYG~KIdP%a0TUZ}
zg4Ir*M%#AAKXsG}Ux3?Sb1KIFuvU~eJ6ZKFR_``^St%A79L~!MPBLXWd7eMmzR-9T
z?!j>t9(f2y(JwjZ9tHPF4P4rJYP+SYF_(Wfw>@uuFN*Cgqb9PVXgwwf=BvQ&gD*MU
zF)wigFCl{7?dO|Gk%z#=fQf%1U)`_r@;QH2R%CE>GLE^V2DyOnWPTkraxY^#I>dD-
zVlYBh=jK1w$X%($m_y?oz4~=md2_cJ$h~nE#wXa$i@i!&zg!R2mp)F;Ay=9&*6AxG
z5x;)PTcQHes(55zNXwBEj_^4wDg~T2dvxtEy?<3z)$PVJt={o<5<<`$@dS-}#dRk+
z|I)Ju(7$HNJ54aXYp2|PACebEq7;1=$fWyUSbUr|hceWlOw8=+qrUCO8q<ipt@NMj
zBEn=aFHG^W>c*x$3fNGWT@RS>-EYqR`}4LuB{kY_Z@-WUTV5e3HJ5KNapKu~;I=uI
z{)mU7OV+T?xc>wOE8<0D(Ss^30LaU<sQrbcxS0A^&aCM;r4Wk0yb|f?`7&5--Ga34
z0y6dK>mBrDuGb%5y|Hs$XgiBZ;_L|SN;h#>g%Co>>E$NZl`WxfpuhZ}zQULKg;>N}
zZ9s0sA*TBTAj+<}lLP?7iU7p+G=M-LSRmSTWwl!k<!^6th42s3qS!?tkwYm2Y=M?s
zukGl<;l4f0??gOrGp7}x0>XQ$xkXheDXI?#qj8f4FAK!JBx8>BPwNf!iM!=+ggf&E
zQj)p{4NJ^-=wv;X%nm!vP`qM!EURvwwleVXu{rG>*8_i48F0pO+&%k;&e|)1d5F5@
z^FM0U)%A7MAafWGP#;xmL%9x#!+L{ZF9JD(8V_iOc>;=IIa3nD%12u8xGIn(w#Z1V
zB1pPiMOh5}_v}8XLaZ!JFHtiItRcBgQx#eZfV^|CY4(AL5pzk>+EnIrPsj5Pb7`~j
zWpHj~pdx&(JkLx^gX;8q@u0jV+Z%=6waW2&yWZ+UWz(kbeiy`QVe8*8qeXRd3kfR!
zmPm}4YF<*-6|y$os5H>-|IN7W@7KJw%F8*eOYootitZS)O05sHGk&xYx!FGmk96QN
zghBV)V?{KxfMW)id#=RA9CUO_b~d;D0+;qm6*qLPrjwJ?;~DS`;vTy3H~u=Zw6emx
z0-T79FXQiDcOPMx#Rf-8qmi%uR^7IuT9wqw#oe5p#WFHR#J?wN4t#F9(~F#}VOw4M
zjES8z`^#UCnLK7fMH&nGl{+9PFly*Ke&pxYw*0Y57nRQ%y^X+krKk#Y9hsS)a{UqV
z*_Be=Z0saBL_|WB)zuSdy12~ez)x%^r~>W)HF71~fY;rSJ>)h?{Ex|frx<`VI}J=-
zK4^}voXE7C67DZ7({F_NYY=mc{@$~TT6U~|oHX5W^2Zr9Nqu_0CPFUT#v4>oW0yk2
zZFMgAAqz*-d7Y3RN$p^Yh~Ot7cYBkP9kTjrBR+C~F$!QNKOf&;=B4%Z!n)J=TvHwZ
zqMPCGat*}gl@1^&4Eb|8!av>&107wm%r^y>SHhg_4V~m<98YeJ=J-QiGmO-<oSe7_
zC?+!t##VWRTe_-#xRi9Z^)e}TpQ;h#0sj%zxwJWK{9~TQbyyKUE!U|zR$3}FY&k<I
z-(xi;rCc3tZF5QLAFhp!jr0KSy`$>`P#r?^shAC1&j59FG;l(<tgWqo03xa%!alc$
zT-PYbXQ)%TtBWj+iz!^e&V)Bn54y-mm*z!<&#2r`4h$2!e~3LNe!iO$iOfJ6XdU63
zn-CSWhJ2@|`&38Vz*Smi&C%G%8-=Y7m844>s+196RGVylOc3T~UnTD0<CEfHwyO&(
zAn;-pVfKfh*Jf!QM$maTy2Nfrs<y_~#-?22V?D77VrDi!Hz^5Aa`QO<y%QSMXkkt)
z9FF^**q7n?74o`k{Ti8#&)Z2bgI9%cu?~8$vnS*Cw>S*ixa^R-GoV2J1<Y&X#xl50
zQYuH`F)%TC09P_c>MVuDkY)iu52H*PlZxBkNTSEvFpJnxv;Xxal`w7q?Vex%@ANc!
zdS)i<78|hxl<jMXwWk02)d_#CZNRz@THeg8x>(s!k)V9f1}3?3+U2TJ4Ha#1tfpAj
zturmvE2458_TVha`dlXaG{%`0L)JZB71=iA%iEr=bEN=i@>3l&C!wxr=VZ3P#YTxD
zNxCf`cr;aOD-Dnq^G_|sP5U<mP^DQBVM$5pRk5YT6u+c#!(t>vx5tonr|GtORK!KT
zc*(7n7eK)T4qSSxJz0Eg!LBvb*ArQerER(X>&oi2l$Wr2G61x#D8Bn@8<;e1<Jx_{
zfz79q>G$F*jCMV!Q4B+Y^U_ZL*_H%`kERb)YfkU$-5*{tkpS0+D50&5eP=CP521U<
z_rl<rcJD?69w$&Hag9|860KIsrvLsMzmiz1<*1Xj;(?(T@gMJ|ZyyxFAt8nD6B83G
zb<l3rmCU)Dme7c1US5yHTBLw_!kXTYbOjYIVqn1Z6KG3LNd7(*Zt|kjos$cz=sbB5
zua?<v6*LRPS5H|3+Ivkv0@7@_K)%ET&TWj>yUgzY?o0Fj@c6D>>j4mH{$sJq-n{=d
zr?x@_)OXbLtc^Q5z8s(97Pi*!-dD?n@&FAIFeV(2Zxn(gX+>u&<#fs6{EtyZsA2PJ
zL*{w+Oo*P$p=oJpA^e!#(|oY|T|DssO;FS33+z}8;FFl!epBQ?y@ZxC0}ubrKe`kV
z0mL^qK7JM$H@Wtw{?mDQ3hzHF)4BQi2H>5?szkh<TEHdR8^aoaqhq(VPL2V3zLU59
zs+T>%A@Wz7@PAS*eAF?pJ_%z*%mWYC`$ig*L0HMwf1<CTP>G!!F=eF2wJkZMfQZ1H
zY&{dwZ@ix8rwC3C2e7)7$cI9Yd$#EdJ%Nx3K+$w~kkC`l`B5?^B=GH?0vGgLQ<H_>
zw)dd;R+yMbPBh8a1ig4+wl9n%bBMGY6*kRdoe%iFHa^JAltib#g$eNTc6<X^`9|6v
zZsGUby}iA|QPI(7fO8*@Xqw@&Yhr;tSi$rN{U1yCC$ms7+*qbSDaaq8aWF4_dg||Y
zD+!-<7f^c7_NOrpk(hT1HI)x*!kOcS7DCCj4RLiK&}iaOMMK()7QvscFE5=GzkdCR
zD2e!OvXV?9>@?AF-3;>AU+a5ChyvsqAh~%Z4cBp~KJOdS=ZS>&_7}2_p}}M$u4Y@O
zfBnTP-z7<naz6d__DAx3t&!YDPXk-It<rp80eDuR-)L0x_VL>FqJaOed0jcV(bs=M
zgC0?(Wmg-Ncoe9cDM0jH3GKNLjF;O0fs0E7P;~NQqg9ddBPFr;gF<OQ?|TUbnx^uN
zprV4tk|1GAh5;7s9mUx1a(I5vw@2!DY}ShzLp?n`4Y}i3lEPrt5;Ew(_;JGvh%oT6
zYBzOs^#7NHE3kLgSQxD@pkWC4#<igghU&HERRAa!<A63}3ZUsat&Hu+*7j5z|IS@c
zZ+YDw-%Lf!K+s|&L|EqHQp3CaiYaa>_Qrsq*iUxf<Zj4XUS^&<8$Kils?|`^mmW8$
zXKv*^Ri6Wcdm-U>vua>`(dDvpYyi0Ma!;}KrlQ)~RWXs6M`S;~;C;abF$%(M*4@B+
zUkICdB6M&lUI#Y?Re+N7GX2{)e@{#>b5l_CcL)_j5|VRq%@;H`FNiMn;gYHX>4z_3
zIrFV&v4#8e(l-Hz^G%t(-0j>umZp#V<&C9{l^Xstl$w%xN{N?t9<kphBb|3jR{4E)
zTkJ2n@JvvMtzJ<fRm{!V6(yzmd+~L&LZng-);mdN@fA=y+CV(v5mqy!7hNKzUyA6D
z02f035fgP%lBr{enZV1Yj!yaE;NoHhI=iHvas8Py<^ZGVqdx27GPMYwFDb@**tN28
z*$C&2c48uBZOsz0PP6N~P8;ot;ip4j<Q`@6pT7o_J^+KLxEMkn2WQ>5X&|t~>JQb#
zuaRkXg`8D)S&85gj=mv8n#pbrWtDvK09Ziv@uIj2^I3&dD?2(h=k@47XeCHo1Te?s
zx$mEuRo<!!>1$pm{Q=ieT%9<u9vl~wJGnG62uaDWVEcIEvGz8;qSyuuZ9kSHF=-Y6
z9zBAa24Hgzdwp{Q%MVDJQ!fYvs7pua)i04k=@QqyXjQP3?3s{($SycRoNjrPN>oy>
zR4DE<pL`@_+m@=~nmuV#tmFh&3t!Kg^U>6w@Bhr>fe%tZk}w?r+3gl*XQKhtd&TdZ
z662LDVA!(3&Bg}*FEy7Xu2_!vUrhW5@5w=<$1jTN&ahyKAL`Hdb*4Z{MS92?Uxzax
z-j_h5EB&>8iiUQuUKbbE_wcE;RkbW}YD{J2IwyN3ARkvv@yDm$=QA}sF*m(z<HLR_
z48j5~*0kM`i-m3lc!Wqin$Zk|CFdZ`f0i@<iNyWqASwRqJZ~powWQh_IL0cz>o``{
z<@xp3Hc82<bgaEWP2fuE{Zh*r+ca9n=!2n(!9S4R1<$FQ%6o5X29l1VtLcDxKR-M$
zu+;L9L`uTN#r1jVKpPx;Xq%sUV*&g*J%||Ve_K1XE`={B-6X4S*k3=cVhjQwu*3W3
zn;PrMl9Q4Kw$`4%(AyuCd`<U8o(b7JUe`LT&KsGYSx~d7M|YD0Bf|O4j31<~KW?Vi
z`a0v(%P3H$4kMPlS?K*h5125t1H#L;-#QW+!UV^aI4lNsG#mIHzL#9cp@Up-zFU;=
zkbYdZd>kb3s!gTE*W*J{D(L4MA70h=_IcsJ1ozACW7U=_y@2~NISZ47M1ijsp&3{H
z8cqNYaXi_VN(#~9|3-JX_@$VEPgndX@e8lknnPWb|2;j+(kS3QBPB_maI(MefzuNB
z5u^sUaLR|sBAS8Ls5zma@4Y47)!*)HX-<W04xN;xOE<@soD_jUp|#@gr#@^{PdCGk
z1<m$S=<Rt-&tO}|V$gxd9Nnb>c#-=784@Txv9ABD>UY;UK8UQWt&{sXh&7N!Yq79o
zRsmPrKndknEMs*h*rSuEMVgCp$ItI4Eru~b<PgS*Gc<I31w6+jp)n=dJ@9t_!H@B4
zWPF?`DLeZd2Ab_3<z+Hxy~OAQEOX$WNWgZ)RxY-AtL5#a6CO%Z>n;n@!4wox!OX}|
z!;!Ylo(N1eWmW+}r0Ocn2cim@7Ft&rr?HHd1um&pf!^43JL)gNAoJXcO3_|8&CvL0
zu0n7do5786w1Eo1&iAPD_LL?0Qbe-)vts+7Tzb0Mb--^?Z=r1^xPhHf7C=#cNXOvS
z5%-<XWdHc|2;p#y1<l@4+N!awA6<6`{*u~LRc#C>n1XS)B1dJ+?epZ*`VL6g*FU2>
zit3<|Yl>F?%Wrq1bb;>SwtE2r6*^#Rs!?j`pt5ie8)`Q!Nj-9W5Z<+ojG~4giLjOU
zypDh7P*~Mmc7(rQzi@D2o72zCa!_h$EJ(^y*fV1XL8q~sw>?Z#g!_kZl7%c5>~v-I
zPdR7z@8{O=^-0yvsl!E(1!DD72a{o;)yPUL8L0PHd1PJ~#==Qb+UEIte<S205I0mT
z=*mwlW;}8p`#O&v-j7Y+hur6Zfi8GD&<-AasQy*FD}fVW-joaZC8V+!LJR2ZBE%;p
zaUw3@b-W~8-)RF`t?NL6r+Ei_Bq%jC7r$RO3)l}|gg5J{sZnBTFrCM(q;0Me1J7RD
z)@TZP+TWI6fAUVlw)7H;`aq4EHZLlQT)ZUYPz$<kb6vc|GgJP+#tW5d!ZMC6k)+D6
z7r)XGpe)iz75SE3*yMg@v|6C4<Z#CQp)6bo4JcK1DCH1oLuT@VI{|ngs-yG!Col<#
zvy8-gpGeF~1(=bDaSO~F#EMX#oN@%^Qz_Q2hkUnQCp<@87%f8T@w+NmvGz*)jsb9x
zn(s{E7uP~A*d@l1mGg+$)ziYjl1ZUM#D&jZ8Yt&NpFTs$;odlOP65n7+TmEDhhYF?
zk0<DbAX4t`+L#GJ8-%!Y*Rn%N(AFdW)JvW)&@J({vn@a_2|WBym=<;rg5<wpZdjP_
z-NTG0R~AA)MaxS`g{JFSQb|i#*_6)XU@yw}e%hI!?>P7=xCMuESi8KbxXiddtZ~(-
z*}|fLxgiD(<!>Jm8+$%G{Tmz14!=iO>{ByRK7^YVFp9wYpLu@rfBOzcdg%TP5}aqk
z!-~yp@awye(&^y|j2-Az8(@-WWvxCh``rj!P_RoK(*Z#4sbi0xT2Lx}BsfUf_;f|F
z8t{~lKn-9u@K{gXNFvkH4GQ?UZ(00}CR~pT69K(?1u^19^u=OiREm?ZTB!$mE*YTw
z4KGVSTAZ|=wn!u%7EM*GEf4X@$)HD9SBrFn^f>*R_Sw_bK0B2p`w~bwim5`TFt$IW
z)j&c9U-!m~)ZRThvi_%BfKtN|?^cVK((ClOWBN@VVD-lweSAl|=k7ZQH6ID!sl0;t
zn<ECd4|VU3qt`oMWDJ0$aV9;QDKHf(Eo6CVvN;rx7Ql{{@@XsY(CPvf5>Jj*^4sqq
zuw{_S+}$VJ^>onVtJo!Ar`upY9J&RdPJdZ}1(iuh<mST+6sM%52+O4~)+Hhe?^z*)
z!Gw9UWNQN3VpUU=D{7&sF)f3vYu5y0k4#=(5NYWLb|k7~6}9kAL^0qZD3+iq^JV$<
z20uIth>=MSZ4$!(Gc{T2`LoU6zi0{mt8Zc8|4Xf^Cv6A_x$WMe5kxQ7Lw*WAh)>Ss
zGpJ~)8k>Y@S^wj$v?}C+7s}R>-f`Is<Su=S`*9k3N*J6{?bmZ6x75-S3xKJT{~4s+
zVt?JpEfW*9n`q%AJJpaHoQ?NdlWI6~wvSW=LY`A9e-#M;J+~zga3d16(jyP1Bm2J`
zGPD)>`-Jd;Ju7(qaUWlLteH=(OkhOP4-WdWiHY5KW_xOIr*g1_wfTZqA+4Qn7}}z@
zPWJZ-q-<TfFY({)-4X$HT?1lw;FW}iMhb(QAFy8Q$s#JSr=63ATyU<#hFl=DtdP?j
znkLrn`Yq|F;&&vypp#afa|<lB#VKT1KIEXG2`V6aG9tBj;Bz??V(o9&LFH2zP`a$T
z=v3JL+VH2{xeZY%MQLdB1B7gtsfEXVM^*jdLAVqv*R~s40TH2sxx=|U=X@d=nO8T`
zBcbm@hwlGmzO5*$VAuEDE{)I@`zcpbQ2J?&Al>Q3^-6XoA>9k0^UTkMl9P^(Fu@qa
z>_vc!n$2P@hpo<E+nC%BDJe9&g-!KXg&D-pz4!!l%nSG1#S;L{dl@YvrQ>XZCn<SX
z>$T$~uB;*zMN+8!WRw41@r9VcjeSOnzWi8kqdm?Ig;?+~?gWZJ>=?M>j&D~OG^=<&
zXjwzqjnx#fh||AoFmWp><tHlps^s+yD{H>(yZ2+ZokUwuA3m_^Kvq&*R-!~b_JI8R
zUjk2na#k!O(Ms>=ND)rU%G0uW*G|t^mdxAB&YfS57767r1jslyfGNqHi46L>-_NXv
zCpqns+3q;pC#@jzl7OVEmpa{!{c$2?PiQbYh-6u&miqd{41;2(_?ERN9*`E_&adJy
za`47^ukG`lpR46IItTEWLlo-f4$KKMYB#sHN#!gBbMQEgfANGysQOk|*7p{PD5lEg
z<IvTxG2kdIY<$Xsa)-fd2-VHW=_}Cu&;d*=5Ag5s0w1aF{<v!XH~MmvqcCLrw}jHo
z@U4F^#kxXyYG@ci^dOl92>U1CE{Eog0ii|G$hE>u=7ok9{<44a!X(B80FG=cK(ijV
zlFJJbWhHvR_wC;9sBr`hGQ*}FlDZ7IDcZ=+er-j<K1`h6blntV!mV5}qpUQqYyc+9
zC^K_&QpPpHGqvBW;kv)4Hj=srL0{hLIr{<z4E>z*Wl&bvNc@!(Sx6(~1&PRqZYe!^
zUh3FEzt3D0UY{aU`v)6pmcG;kU0z?0yaUn9`oN!Ym^nfJf3Et3{Np=(U7v_xYvbK{
zc*?&{(*CgH5JwUkQ=8}egyQo;rn&hL@S8|UpMjv)=Zan3e5H-d9@Je62UivCgH6mu
zN=gc5*a;B}rVB%x&&J9c?=#p~`j5KRboY<C^^ZISbE{3X)zAcU$n)5LY`<cua1`2J
z`!-Q<x|&$OJTY7HU9veP>6ycF!*k<dw0EynAs-&_aCRYLJElu6|J~{(q~jd%1K#J6
z6Z+`5ydH=Vm3`8qzl_BjIHNMpPhVSYdx^Cqj!13oEKSmV9oGJM|EG};NX4tko3H_T
zPm#Ap4{aA2m=v61=p+0h085xs%J@p%U~7X1p^0(5vL^~vVM`dSxVdVeI?75QQf|3|
zG6i!gLQolK4<e2s62N&7w($ZB+5QLG=3<649*`^aSh)8FL8IhOwgIBgvyUKQ+n0Ul
zUQYgKFQWt6)#3Hq21A+%18Zx-+_}jjXS_TvcX#(>pXtD_XpBp5fVBGfpM!FR=Q}Ub
zlgJnGiC`ZqK`(JE`aOVuRxdlP5|YCq_eXC3Z?qedvD3E6J`EKW6@y?ojF=_#k*JlU
zsjcld?>~uDDIe-t0iU+R)3sY}FE7y$zr;bJpAoNxR!~C02Zm)>8E8$4W6YBZ!9k&-
zJ_?rmWW~pGKK2F=n>ynwA%GdT1DTJ#v4=GCN;%N>o}xL>!a+tSQ_~A;gqkSXyx*?0
zJ*^92YMv}E8#RelSEoe3Nj3V#bpu3U2D82jWokGaqbtvf*!S!14NV4GH08Nr!P_?s
zSoKm$Uy`hF>hI`w!==UIl7Dj2?X&yS8UBQRrCtG}54jZe5axNf<uk+uoVNcaPGCzo
z)&MGA$fXH-mFk8>35-KyV{HGY@(U=zA%K$t4BkFQ{2s_sNe^MZ8m3ZW^!kw8NSWV%
zG<i~ADpebP^0(++YC((gC=A6=`I3oKMW3hEsMI3W-niDNye8|;z$6ojRzypdSRZDF
zNClr)&oOkL!?AW$lf{mh?U?g4g?A&I=Do4uI&tyS^mo?+QVC1QA4cu^T^CEPW(nP}
z>uVROww~jpb#`jfVu0mbj}aA4>WW4}(ruuqI0-|L>f&R6);oGCxi)Y6PziYM^RB1{
zPj#7%G8;a1`I(`!NFkxaf47#B8iWLRpA&VSWE<hOP&hv&hhi3Fer+cUS`D!BCA}0Q
z!C&5Rn;-aEH5o(5)_oNIJuIL}@0-H=u74y}!oXrkM^DcUXsjA4U0~u`dTXP%`iG&^
zHRk`;7O3~bap8Bxv#O{rM<;5eB1wd_KlWc}!{z?6a{kiv*vi%kI(b<c38t9~NlJ<_
z1_)fA?f6JxTY;0C4xqt~ySMyH(2os({e%Dm2gmFsfVd0;?mOd02fOY>ehuwr)32hT
z#Q9MBzXd$%hu^<YRdp$=_|HfdvL&JZdZARxi=%9bN!=j`gkD-YUFWi#_#`qcp_;H*
zrAA3cW<ZdtG<E!$fL*0fq#R4uC!40W&(15e`@$3KVqPkBMF+SZxhuUug6lB-4n7Y@
z4-mpb&1A=~?J<OF`YtsRLcp^=Q^P+l2@1W);@u$RWxJ`+qRb&EruX)==MNWgZ)gzV
zXY)D;D|iZ8TCF*39$&Oy$3QlSktJSxgU?<}VQa`@(1YLj(lRazZH-;|`@^=x7kT98
zUtv9Qb1>I_TFuW_wZKSZ%=|<g1fdDf$l88$qk7EFF87#Sf|GZo8iuirQ7?iT_>Mhh
zQ2;&o-5y6PFAjlz9a}vTNhRUAs;MP;bluS)GCKM}r^!aW9f9OhyO$8xSL1RB`o>Dy
zcgKXExYqWRY@_N}-T;48qDR(m(97%h?$FQGdJV$0BFZnN<;C#ICusSN)6|I>_Zn95
zQMZoO&GtR}47|5jtZ6*IQy}Zp%ggDt4?zwV7DMZwzvxK<t8*RP+x*pldyXWu$NGJ*
zO1mq($zDm-l|!6>;xk#+7M2?Y=|^Zx%vVDP0*XO(2t;2Q1`RE}d#COWjF}L@T^}|p
z-jPobZ=)9n5-|o^F%|{(yI<_U)g{vuL-hG}E3)ITNV%4>*DC<qZH3^-3k(bl7NF~|
zoS&AMOp6U)M%!C$#HA{)6h<*MQxN%8e;dP-h_3vrDk|;I+hV|@srSyor0!_uYg~tI
zs_pxN&I*EE*CB2cwL_ayBTelSA&_|KEtBr-!}POwZ;7bZCEya!00nWiNZ)4<t?JiX
zbY@XKRxk0hAB(tL6RfWxd_5QT-gau!+LPLGf1EBRB7=<iE??u^_Mk4;Dr*FeGpdor
z`#f2e932yud-&KQdFc`&wa*$R+5$uOh1^GT#v^Aix>CIPOo>FKi0WW(54Enb(ak3A
zpkJ5)sU<f*|L6J1x8OYpM7***nbAMqi)cAoq7L7Cf;5n^gds-!R;H)}q2DV!rPQ~}
z?f6CX?jn@TidcU95cMxTJv~il(5O_}ztw4l-(SjVY~)m3q7?Ce7etu}TW$UF{wQpD
z`12R_#M`qB>5C91Uws&##l%_&)Kh$76bwOyl$c_+3T9N4Y*>|HH;}l4_zbQ`Q>&(?
zHZvSUoFI;?8LToJosg77%f*}*FtdD-nnL-eQ4#i7s0Z>;hg)mQRIRS4AOsgV$q_^?
zgzWF{M+M4-b{`T;sfu+C7eHqSPMMJOA68|)(aCIn!5oTBOmT5{Bwa`KkJK@(4b?z4
zA-87<xw@1y_YKxyfSvq+PhcA?@^(aQ>sNzKA&G$$#U^s&9c~W2fNU`AEf}nNXSAZ`
z_c%?X6&A+03S+SRyl>E%pn6GNqc&l3g*8-cJq9OiR>xM2E*QP4;XLXNfmqwTUcWH_
z02@ILj(smP#m~36p;(9E^BM0PMrQKfVz#qaDjdRdxT$J4wH4yOPd=AsbawVPi+H0P
zTHXO6T0+1m{swsT9Yg2s-|LXT+_WDa9)^hqZ!X-IJY#asxBbW~cp23sQ9kk0l2lt7
zf_td=`QUpjVfNQ#TmGx<S6GrifMJ}#ni_Ozc11-6<{&hWNchoY(0-v3k`qwSv<|U{
zto=3Y<<rM@zbsoz4Vu3`_>C>CUm%ngB+zqTw302BX!1xF)8^8dK1~n1sJYOP+ClN8
zucSK_^<-GE?xdu(%5VkBpp}=EVPI??h&e|-RbgnE<Wml{{%pq6rpS*TIV34us*?!4
zHIkCri{CgKLn6Bm2mr%<jxF{DlrXC8eQ+>ehrwgc*C?e*>lAP3Dsi-oNR*V%)uE83
zbx-;eQ@6wtob4N|uyB%<lU|zI(w^er;1zMV2Lx3#Ag4X7<XPR1)eseG_AG%U*AW-F
zNRdM1-W+u`wL)SnEH{*A%jp`zlu!893#+2qtw!R<z}Eoo?}^#WwepscOz41lOh}OM
zw=X?HlDZ&|zQgKZ>lEpd5s(AA=o_+CV`&+w=yrqp*<fEF+kaD%i>Zj`^087zvpVkg
z7=mi@SN*F9mVvDt_Zp^PVdzUCvN5_GeFiFth@&knCQz{4uo|1fEJCIBksPWVuNCq5
z#Ou0pb3=SsD5GZx0_Wv}miA@)Ui;W*I`A1CmEv;!mkNHjk}VM0-PgYw*};&rsi>$-
zVqs(R33u&U0*bftf7XP_Sy^ii3N@kdcKP!1^26fGmp~0m{VU`VuA@t3VN;lj|IDh6
zF@Q}&4-?pGnGD@>A(T2x!h?pL5<l%?icnrEj=d--5q1thypFMq$GE^|LTJ<&d|U19
zT`%@GbY2h2Uw-~w%F|KxB%CI_q(NZ|GN#)A<33Z`!7u<Eg}KixY)McBM0oiI2M6uJ
z;;{Xs8wwk~YxlS@H%iC)cx^v^X~rWMK6X0+{mqhXCAqIxj|)e}i_g-HgF)VW+S_5E
zFD-2?%m52B(D;!xocZ;GHH6Tjw25Xa1)LFC>F?N4(<{Q`+GIM%3y$xEJbA_5QWo%r
z|J%Dngr*H_&9Jt&P(b5m;S~W(PDv;BZeeRs?AZ;DVInsAz660zn~Yvk$TQtFX$xV|
z<e?#v2~hg`(nH@qRby+Jn3$M1SdPOXA;bUFHxSz?E3Y;!gqJS;;QziT9T;P<H(!v@
zuhSyML{EQ^DVTkChTlVj@xiHWU9*-Ku^>pSAPc;PR{$ejcas0?Zn1pkH}?bP7p|&1
z`FHruej7VGNfKFG^g?+5c{nU?qqTv^Lw#q{3aEuFv}e@7_``s%wPou;k^SC+4jp;<
zaV_45I$)!B|2;m$KDmY5;F>97`N(RX0{*d@pFg*iXRaiN>Z#u=;;I_?kg%IY$eEe#
zZn)(oBS}G4{<hjZD6;)dSn^O?*^v=fupKo~J}%behTLP@y@=JxY$c9!6N>*}=oTFx
z8l~&tH|bQ>15wFi*WlXj;^)Bv%?1%FF76pruR~SqGm@z6W};sacXNFwZL(oN;9ozd
zk&rl_B=(W}T5&$M*?<5K&j+3ZFac&mDEK^)_IZ@?c@NVg;QalZ9_5HNO5l6LxqNnW
zTaH++DaA?l;Tnr)eGH!`T5?<S)B!t>>Wt~<ETZfmk0F}*^z^}|S|Czxh=Y0n!8nx9
z7W^AEYirH4bL+M(0zz7t9PwrQ_Iyi6hRfWV=B(>Z@CalrWHf<+x&bkcs}F#`@jnu^
zq|!V%4~%0|7t2jXMqQ%!PEF8FVqbFpqW@^SP<^7qOi}_xvS#pR^jT4^qYr&?Zt8&`
zgSdge+35NNOw=<Vf;l3q=!Pxa?5Z8ICdpa4A?6o($f3DA0x+_Z=WZ`HL{6lsM^c0t
zmXbwz)ApkKjF$12u1;cACKbLis~Hbp4aFs3DtrY=<>rv+%vXc!a5Z|EDL5F=;lHMz
zZn~cfT=BW$3Ym`fE<xF0<vCNgG~!z!XXuy)o0!brHA&lG_V=G#$ITLAx=$Q!&ulP#
zHKD3~G60ghsUI60*4o@Vg<iEwV(stO?OaWW)#h_vEMcU}q0{H4Gpt>44HJXsHr;~1
z(ALxjPN#q$!tE5c>KK84jMLoiZIPizMKS1dafe&GIewoc7rr90Gyk(zq$RS+$5$19
z@J%4EW_TqnGqb|I5EBFDhHII>EsrKP$1J)hgIi2&?%WC4M_Yfk{3ck%5V%5>N7Ej`
z==yV%we_Ww5^(G$_dvL{sJop^@%RAbSc0x~baXUysSGd*B)H^>g!N9GZI*q^Sk+<E
zGsj7VyqpYe7Ao<<rv_#w9J-l!ijV?R-YWqQx*JxHaArY`mZqxy;Rna$n0<L~BntpC
zohYNuXVSLvZs@9y8u`{cjWt+2HRWPT_F1I8qi_E;mQ^9@1R7_I=5$`JYj-F7VdlHM
zd=)`v|E+eCZvco#1Xl~1it|!Srk(=onfiia;}Kr9TWQ6s1G$)^@7CDd!e6wKnKbY~
zQ(f6N=dNB<@YWdRNb>;JI#My8UZ4fMtm3`Hqxe!EKPLw31X^RiqMZF1md!y<>W!Jz
zj<{G3kAPre>sDu3)>He5XY=HQ$uMwRRcb1Bd^YmO?M(bx7v=&8#1qre;cMw+ItLYk
z)9606upm6QP$#f{9zJQm?BfJ2K0c5MNRqkdUQ2A-vQj@t$yGsniCc&2fp7#%A3y4d
zc-`r4k`ohEuv_AOZ2JU4w?i{jxJ$P<tQ?cB$;Uf!uokGBx|*5G9I6{Y5<EmZ=PMD6
zk4l)xMTgzSqza8OVYzO(0*%FNIygy6Evvtuq#84-0KMD6_$Qgi12=dkQr;i_{q$!!
z!Z;p1Yeh1pwXF%vwV?M7P932ypJh9UG@t!sg}Hk_E5_*hu)fg&<mI|hH+AXTxV{Zh
zt+W}LDmohEQ<g|^;zcrBM0ZXdxxiXK|I*6lW{X!74po*FBL5Ya0#b+3rL4K6!!IX`
zj1K{&^CmlaRu|3ApXA}$|NJTFG;Erd0L9mHX7GYIqhd<P<uJjA7LD-QR+>bsTn{Fk
zJ8R;AeXg~+Gb}kJLOBI}<cXK=O2}8VaRWT=%@<Vl-R$ei2d%kzu3W(05d0bb;0>6!
zO<0<l;e7{GS_0=bF-I{yLspg59x7U96L224{TciQ20&|tEbFB)TW(`2<;^}aRwg|=
zboFuTTx8x9<6T-=T-sXwSyr|@WMxLN8`A5Gs)|ZVMrJ1J-mMM@SJ}9??HZvx;Ey1<
z+e{OLP*hPqTSnqxSOxm@un6**fRAn93iiVj5DhL|>%5a9vHIxw@^^^{&%41iQ>v$E
zRIJ?TtsP`doKZOZEc>h>MmkMB?wq)}N0rB*fEXW*n#|@HpFSbtePkZi+WH8VcHg&^
z{GNzHR=YW9+X<RAULg`VBb{-(l7(2lU7VCqg?vev?hKbN&3!yTmaee1l2o47h~s~?
zciGSgsz?d%YH-c({_Uqxr8AHCQpuW??!0pg+3dK%7ewR=PbSN)=hxG|_)Cf$C;(6(
zs@i8Da_8!gyS)wXh^%nR^l_W##e3}Ri4|(@3GeOc$?u)^HqX>jpN~2Xu=4rO$OjU6
ziltTqN(ehm5Xd!_Ux`JXx>96ZYDHR4PSgDt9UAKRTCJvMqE{D~1CAykoPl_6iSP!?
zPaKAp(y9FI&?sn_dlImo@}fA1^L(9SENQ0uYf3sA{U^>K;x^prhykfctJU9%i-#jN
zE^G~Tv^-JEHAiR=h)cE3v*_Pmf(76PsD%|b4!W_lX4Yh?Y<QQIHe?EG$%G!O3uDQ;
znHU+1>FMa)%T?@<_P?d2G4pj>-`sbbVy@Sld)l$ql`L(k{(|z%*)`O_q<<i5DMu?V
z4*QIT@#x-NDN<A!6m{5st&&0#F}S<GAN%omRgjpMx5Ws&G8J<#uNG1@ecM3&gF^fG
z$k1Vnr2T(#X4Gn@4b9mg@D()4KDoqTwX8X~nhnQhy=Yczfvk6m?O%Q|&A;#;{AG<}
zkap|vqbQP;qElJWShi{kh0(2Kv)_819}5bPYuLq^APIsB*;7`~W74sF|3LaNJHLw5
zR;#kTFqCiDuiw3v(-UE$tt+s6CeYf{@pHMHQ}koqEa~nUI0Ot8#}TK$`BGEnHK#-(
z80hIeGU&;W_APs)ET(#dFUSjS+8QJPYixSe*qrEM5N*}xmSA>&{!BDqEup>Nhw`9)
zMQEI=u7sZ0XtbtkboUUVry4LrIxks)=SFyC<=(coHiDspOP#>HKF~vXLNoscE}@4E
zNe(Y7G~a1<#02l~O_pnC>+$X%|0*|k>B0=%$~qn{F871ENiYfr=ASG6Ge@t<zsm5T
zA^g5Y7R-j1u&v{+Qdb5%S|&ene|yF2s_5kYfnWAFvfxqVqs#hk_u4<pp#ta+-=SKh
z5d5JY-ctPg!oKUG5D9>MgX6&>55oMPS)es?vIP$nti}~dBp$t!J=%Nw<&5DfC!8<_
zjdY^xBI^$Ra+Fl*&gL8|21c(HIzx{3ksHAM@}Y!(v*FHDaU@Pk(s)oM!MXiyDjfpQ
zax=ok(a)w1VA2G|M7onbVuOfGR7XF`$}V$DCjT6I$RO8qV!!WClWOI*ngH9k1$tx%
zG8BE@3`N8>;NUTIk@DXzE!1|6(LWgH=<2gEj?ciTIXT&BV+L$T&5V?SK4CeHXXOQ<
zoX+h<jr5Qt{8+qn80l!ZcB${9CGYvf_e+yqC3s3LDe~Y9Rq0n*7r+qS`KfEYa;OA>
zXz)`bWmJD6%T?!SD>JCs5${ITF<ga&*o^`2Z7y70`wP{VDF2r*YsXUeJE#;AsNgO3
zV*D}Jm0u^h?zY2vZ*+(j4@dhXX%XZF75>^tvlTS(p@Q$;65IRx7LrE&0;xHDvw9yl
zourzO_V~oYzFxlv2FyN{EY1)sog8~fLA`(YTVS1>&dVkxKJ7HJ!!e=VJFPTGp^CYl
z#z*`#_OCLK=&o{4O2Mhg;P<vW-OTGRP=mD&Lnh>A-13ytoT#ufFNOH3_<iwvWaK;?
zD1NCS2qa`0Rem#U>15wnPQ^)3=khw{Z{9NpdUz)P>`b8V<d;AIg+g?vt`9tpbfqH=
zz*pZgKTs+@mW}-T0G|DGdK?_2!NDZKWB+iFn6g@0#LS^%1PMGNaNBc;5E=wDHQh-X
z8*j;`kiZ3Rk>?ts6~bRYnY&wt_sq<ni{YScRurgMLtW^W73Qe3-Y3#<_-0IU98X2$
zZD?xU-awWYH9J&J<V?k6$f(gL-_3I~LM*e>GBA8=S}etJ5LMe96@gXD7T@5EFrj-u
zH;$;z0q?}_ErI4KC6D{^n<hlahv`!)9>-SO!x=nwvb(^Rb6?*pGJ;Scy}5bOhG*)L
z1~WCiS~T1)KSF36n?rz(E|Vm#uWx856$YR)%)f{dM%e3o6AirO^3_-QNn(wXDt*G#
zG!;_U$;Z!8JB}v9xrUER>t-y|de(&okAN`EBV<?%0}eDl|5#?jb{k!9Xt0_q7W_YZ
zg1RW=QW<aC{9eN9N(@JUk3Dxa6?PBj^%3gNsDuN3g^{0`!PgMUvdT&`zfz=sXXk7B
zr`>~-Um--+;$crqdKKpz(bMt@)mN_~m|9;+G@eJFNe~!`+3V6l&Su_7axoybNruwn
zcnCzFXTV3-j!Nybs}Iu|w0_>KA=(CaT2}FJT&zK<Xx#R(ux4`;jF-N6RJC~qiVtg-
z*AqDKJR?28)rd;fR2qzytyg|u`5Z>dz)-^86_+D!;TvLgYGh8v32H=2OvEx$o1nit
z8N&9f0O7v<(#&iyNV&`wVZ%JKx_@-ALF0YDSX&2RVTDx<!Ak~U?GU-WD|aXBH{=B_
ze|~xIi4aM`?=5A&&x?G8yu6IhD08pMl)I<7yt?A-mtHC|A;BqTFy@^cJ36dukkjE9
zDi%uPsEUgS-hot8*AEWrH+*jls#8>C_ra5R+j;_@!D)OhcI=*-xV*;jl9iLw-k45;
z7S)BZx3>?UnDZ!ZtW3;_yI46vxHTc*NhE<5DHkIM_V(wqIkF6}L~~d@{cb{~imO*L
zMAMb`lb08NJgYjWui&IBlfdnU36+JBapo_OXlQ`Kbk}kO{B!fQsHs1%8yGCgPw)@F
zxmjQ|G=YZX2vi6k&$N)(BbW5_`=7DESWv$^Ux)m#l2+Zq8_NN+77xv4H|Kes9b6)-
zHL?@|o%YNW9zat{m*6Gjz%#bW^y&4HG})3S$c&GvAu%LeD4=^ioD-cKxHoaI9#;T~
z;xI!EPQY${QFcxb=s10lwvJucl)9QMJ3Q~#F*ECVW|PfI2-WZ`H`z8s6btdbg5U~M
zB#=BYTVqiTW<AC4&?I8>fp(JtCgye<KqTQcmnm)>W#8o3c`d_PmFVX`_#3!dU;=_T
zQP<=#8(eRc%bgTmN~~!c(B#bky6@rIwc8jA97LnFD6;Ja+@d_1I&%^GBM9_}oF-ee
z%>!$C`f3yJs=BW{#CZUIAuAp2)K80JHQICJ-pGTE-Bd{8ei=T;?iJDjSw3AW){(<=
zm9|hfets3+-dmP9b#i>U@dIz#^g&l$MlAbPe)+C`G8~V-$w5Z?#(?dp_TRsqL9@Em
z4WJ?Kp$*p85x?~hzcV6}l8-GW-REZvR!GU5b~{`F?5g@zURtbRV=C(6{R1F<p`MwX
zK9z|Moi{AZXCto0p!+~*=M&4W%kePGOW>Q=)Xw8Yi*0;7nhkA5ZvCs^UsZ$noX-VU
zfNSTihO+V(%e$-PU|{lh##-3r+GzeLa>)}=x;Gi-+i&q^jera-rKBvv!C0#ky;r>H
za*+v-<m^5IqTdnzh__KwUyE5_e4oij@~er>>8ff340wiP36c(h)hxAKY^ID>PmD6_
z%ae*04aMbajd6-PfP@O%CFBMMpWyfGSby~|7q&%e7M7G$IK4nQAr*ImPv^4fJ=t%*
zRT7_G|E$zwmodBB2NO4P(r{IF#@>=fkIbY0P{afgeMif^<nHv=ow#nIzelt9gg1do
zBxVFipa0B2FL1lMx}Ik=%%F6P$$mm4!T$CtXeyu{N0Q}M_GrBVGxm{QH`RXce9JJM
zvVE-0k4!ZcTK?pl=NLpnljWMDT;?tzpt4a>b2J5k_-u@apRVWb*=^%Na|j(Ivie|D
z3~sQ`?MqSHCU<qCp+1YJPFQ)4o1aUnnvj~h_@fB6*Qhm#&lN|{*{QbWZ<jGrAW^a+
z$L&jkXB6VRn!4&A%bz>m{z=&(9?U>{M0=y&&jTU%`Ex57Mf6>!<)hzid@5b&A^a%n
z0t&!aJqOHg4!xC?r#~sw6m|abPA?}T9}5R@?Gko~^Y=gE*%Lm~MY#-qm8%XB%@=Dj
z^4%u<tj<yh9T;aW|C^;W>`LJExlK<wls?z?1&FTu^nVKj=K5Fe>+8f8G!s%EN=D!!
zvXDqBDQ0*LxdiBAb(Lm^q)+@ydG)uXcu1)x4#wU#7weEKhnZx3lj{{{&~|BzspVHh
zeAsK7+u3s+&Ue2_5Cob6eQDXVpU0oX)Y8IRc7;xupn9fyJB0-S7Coyj$~`P#HXbuJ
zF_HZXa6B;wMvT~$G$N`OE4umWar2AVqVQ$rG5cwTEjT@-Y6gGxifo<2L|D3Gpyq>&
ztY8TUGN!S+=_#qch;z`u``-8+)a=nriy*DFI`6PGGq+|PT|ywvoyDZzR8MO^HawY@
zzj?pQVREw)46!LICz|+<`RNY11kTr_)&@+D!!9!l!NK$w1;m-`e|>{P-8k?$MbqlB
zx!D3Ptfer18^76fxjIVPh$rIzHbNVP@LXXYG&$}LlHE42v&2X$IGFHA@{i6t%*<qh
zf~z2a>-bGTRW~e!lA5XlMcrP%i9xc8IyOJIeX9wnUqDiVEk|ZFfB$5Xk3zbD3xk<=
z!mQE62m?<eT6Q#Zs;!88!`JXCd_Qsa;B_7#=cBmq9%4^zLE|_96DclFhYePDw<zjY
z8KW<r6nVt;X19#r??Zcz=~#jupS<yClr#!B#OrmXq@eqMBT)OLke~teRimojBaPqv
zcxkth96~^cn>Alcj&sVpr7**_S}|0EW%ktpE7}_*Gw~>EROV^<lQB0Ow*q=Wl!`2J
z$I>7oIXOAf`6QGIz%Og_@&fa#t3fHVw#L}biiVNQ+N@RcapB-oSCiH;&B%zBTg}Kl
zdnfqcGd-S1RcXy`ImZ&6v&<p7fG42)Z?ob}Pw1mRa(rd4udnn(f4>bDs=_hy;xlm>
zKGhWL{Nd`3G7;k<3vt)oA1$JU&NS>~HutU}Eb1~5%qJJ;0?hk%YJ2+Jq})D#hX-uX
zbottSOu#Fc!mhGhze~%H4?If@lU%)*Iuaw@hRO_Zc7EiLZ1#~d4{f|s*Tn1{z{)qB
zn-P2u1Ah5FFq&$wefF}44w(n+U?u^(^!}uOi}HM}sV<u5X|{HtZnOvMZ;$rG_F+qV
zAQVwf4HC_-szoVWzf{CHnw9%B7+(FlJvwy}b<`fTomlf{!hVErXSeELYs+{hVLACV
zLV>In?Ay0+rc`|vo#h;_fg6fI==l)R+AatFWw|^;t_S<SEnLfINT<aw4?h^<zJH%@
z1k6+|?ygwz93T}kQc^T5&(6;5LHm(5iko-~8X3C<B?W|fLWvnXl{4=SQh7sY2ngO^
zrRZ3W4|6{J^@YAgES7ZAK7lYhJ)jl}`D-=dTb?=dn1U-S?PButw;_Q~O<gb&DVu3t
zzIJ?C7EPU%3ku3d6I+YVyYXRm-!Pt*z6>LsyH2F-*z9p|F;9L5dxPYqI)DhaK-kL0
zCIx`Vztx+LR~F9#o92A6+&O7+vcUAA*O3^|#S@HF4*&8%U65AT#sa0`iN940i)vVF
zo;6E-x99GRYUlTgAADpM@ON$NGC|%m$l$VmHhOP2LruEkpiF2NkIrekC&`f*Qkfyb
zMZ&)z1wu|mua=CPEC+xM(*z_!54X>)0po?Os#9JA+rVZdAXcd2A7nas)KrV{u|l@Y
z)G2OnJmdx1JyZ$I$2gw)ZLD8WcnLJT5G$QLd!$r{-p0f;Bp+wDA+{~$cqFO#e*Tmf
zJ0*>~oAEN=r>3Uh8TA<nk2oO^1EPZaQC{weL~xl{{Zo!TUrel#_9Yy6%9YI3XAk&P
z>e;bIUgEe)JMv@qf;oocQW6?nTN%EHXqWAT6{J<erL9>`vcvJ8U<e261J!)^go*3%
zekq(Hj*xD=Vq6-nOLHz?I09Gyw$h}KJ&i&j>BW;mI2JURqQN|N(+}wNhGw@iWYGPD
zhI>8d@mJVc|4fdm$c@vY@z$z7v~-d9`WA4~(%!;jmsMQ5M>Zp)HR&|Y=yM7+$T$F_
zt|&OxkMkYhU>hX^F-RS2`q%!AQIGa^2p~=8_Mmw2EoY_-3diWe>6L|{0-Jea5o0<`
zeFNw8PMwqj1R^&j;BTP(RvpOx=SmMNh<R2-mZceYQy?KFr8MLd2aZ-+b<|zh*|#v{
zo9y1|iSvNaBc;R&X`8{}dY!&r%(xJJ#mV=5w$9x@rJ20wR7Ep~5GS)wy=JlOdzG$O
zK3CU}qv7fdcgd17Dkk&5m_4(P2{!|<47_q&@0iXM^sdJ)S?rVj$wIt_dekf8Ep!~0
zmkaf5djOIgN1Zjwf`EwJcVe%8tu>9nij)!MK9Me{I{EDPkf#KOmZ=twGmidjGGQe5
zDp86~M~B~LV9>>({maf{_6TYLFiF(6w{LlKeYHyp85F;BBv&z#nbX*jaQ^dws}&3*
zTR`lRFMkyYEvbRXXw=qagZ)$V7ZY+oZ!O}IUJQO!!uBB+N5sGVRMcItL3nNA3vl9T
zt*7ICrMfy1n{oo-38%$Pb2xUOh?uq@AHV|S46GN<e}{L$%DnpT=60`;bsuobFfpmW
z)}B||<EQcJ-)6kFABj<4KBu#%kUXtbSg7HOt5r0h<7?`)4jjuq%+%}95shd6Ui*U<
z8R6RvyObFOvx}+qy*TdR!?@)oW7%SPA?rMNp<4f2ImK5tE5s}XBe9~<>4M=bU?9}|
zw3H4wHJ*=8)llwUr53PZ`N+%_nPD}o9-@r>Tvi=<I;PP6Nj>0ZZfECl!JZ~Oi>gCf
zTak~})-Hg2u6;#alka@71;^Ib^IXi27G>O5(9PLCJBiv@`}@=Sg}1;;Cg1FH#4=GA
z%LuY{A7ILtsY;uq@*G;DnilIXdAU}Rd5t*od&m{`?aEb*%f{>z{8RWs{vIM|9l47l
zAw^xa!)F$`Zg&ns8yuY2ZP=7-X8QE1e^?^pZRU=C=+5Idf`rF7t8S{Mx+7oQ_x|+n
z#pbg-^$!8xJJKHtRJAj+v)_SCO)J!7W+1xduYF71-zKN^O~($Lsc!|IitGq}U*8x3
zc3d)L+e@wViB;KXA{lbPY)D%5*dzRpb7Yk>-A!L6<@0aFt{PzI`H;;8lEq`)QL>{l
z@*f5<RIg2XH_^iZJeVFUr1fbK6`G25`+#R^b0s?c(r0T_T6ZU>rJ*l@>YAD~pG9(r
zGXO?{nnG2e{!al<n;n1^v?6sVfi>zB1;+1Mgwg4BclNpx3-ef6$-RyiCFeyk-Y+3(
zt7((hxpE7778<-Doc4Z@eRfX?i9rIb5}qc$jCKrIY6~4L_9o5Ds4xLaax*|ho(T>K
z^Vob7*Ne^{+Vgz56^sy4H##!nb8>Q0a}MxwNRwrYT3hvWTF03SYjReC9J?(0Xc1hl
z%1uI8v3Gx4t$(Ew){OHSKvDc%!Wn?0Sp?3C=K-1A4N!D8Y|YKR9bTTNMLrF!u3Mq}
zkRA%Nnfr$7V)YXH8BQ^$Qu48l(Z7!t<hE4ydPBM~_&N9y0JoI%OhB1FlyA%@8s&(Y
z+E1}NW=StV)<pBI>yZ#Xe!4;@{Me-2;`Loza=WjELc0)+o+`}!f$<pKsV!L_nm*BY
z9P|nYGYs^mpA?TAxdCH?2dV-vJNO$lcxLr}H94OmC2hXS$QZ>$_yA0TMj+jQL#dA6
zd?YEEsIxR*0+Dga7-)ou6ciN=!OC0AJ&k$2b3`ueiVF&EcE62F_m0soW{t5n^kssJ
zXQ`|~WlE6jqb+U0r*l-bl&)=&P6OIHYc~jOkSJ0ZA{(3jp+$q=$@Gq8L8$*6*#D#H
z90Tj>!X@0;w%ORW)i{l98;xzFu^U^BZ98eK#<qQTzkBcB{5i?VUTd#4?=v$=7(ilK
zBr5jLZ|LZ#<-hCTFdtf&E~9Ehlkgbg<95s70|4%LqbMZv0^Ag3g{0P{(JLN!k-s{e
zE!V{WmQ!ZqXOQmvj*bpDY3Z@=&d#@aX967U+_m-<XlzNg_Q0Fy8uX~}w4@2an2mQT
ztFL5K^%*!deVYxzATw&TnPqY@xdhI}UplL^IxCPv;(9EGuj-}8EQdIwfP&5<g)A<^
z$&MPJjynKQV8-Gzfb9CH<E`$`Ng#vR_Pq3?8<Dz}SOL!OOWF~lpZ`LII<4;|5);rS
zUMe0H?PK!@fjcLTR#&u5;EFDqEXW>e?CN^Cp!^dP_d4>@tE=iEG#%2x#YHC$0<*XR
z6ptj+w&~Tzrit5Tiz$>oMiL}Eg<zRGr^RuY|Kk_bJ{7PLzN}tVvu4H3{th@^IHP9N
zo36eE6KkE6QxUU$^q}{r;%sO#cox=128ao}fpC=Jkl^5DPaRjV*$SCzw=lx>g^#LK
zp~AS28r%NxJoIWHevqf8cxVua(JP{j`)Xx%x-TC5tVK{~1PYdwy-s^fT7grgcjxSQ
zPgUGP$8!<F)=>@ArCl!HSpV$}G=R}r1NMibe^uJ>y1E+#qM`7ucWZ*gVMh+2Q8*$=
z@$v2;a+kgsB7ELY%RCtSYx8m05&7OeM!_^lN9z+=!2*^#j5i6&aVv93aKL5n%0@(1
z-E85cTYiNXe_h-!4z^yjgDIU;H{#5Vvf@PZ#A|gZ`*DyIjJ|6*IG_}?hC&6s@30>J
zCDH8y$#m`6a9c<9_x%1|<iA>q8MoUgP2ZkR|0Z~#!$gIJjV)`i+Sn=5Hj|zo<0w<N
zl*=5#bJhFEQkno3zD77Sv9-chl%Oj8U?)N8z=Mo%&cBu`;KS$ZtU#vYmM!`VtB{WF
zO}P=g1Ek~N8S^ulthzf>w5H<7b-}QI3nvqk#zeyxpdH9QlglxmUBiF1feUfY5Pb2`
zTMeKu6i31kxozs3^!#?LfeT8VK^O=<o{&Kmn=&PVAX-R=eUWc7nzvWKEEv9^uXjJN
zyqD_U{ITJ&=2#*dS4Dzs_2|M;&o^1VOKn|Qk;U}MtnDI8Jg?f+l*k#fQA|zR3q>6u
zlAa5`AnV?HhIVlb)m!;!FGeG4)Gy3qLvH;ZkAk>`+{Rx^FK_LV+!O6iUg{vcw^F!V
zSn6Rn`^_MDgZT8PX<O3g*YaTdPKM{@8n-E@-PiCraSU0?_>@!(J7+-Bm336rSRb(<
zf2mkR$8#0%Ro9g}w=*)@$*Zi)x~@1(O-hpGWMRq3N=Y$;t(gQ$w}ypRYssGKTl5Ts
zd6>w__e_9Qih4A7!>hbLNuQD}=zNfL&(R*gsgJjrPLGGG3^bD@2fo}NOSI!<Or|*5
za0O)GK47hREsxGkP1$k6SD8HvGh;IZ;|v-#W5JaV(M__?4AOoBkHagIgG_w!o5h2}
zMGMm8Wa&br&-xk;yqStUo{F!2iyDB;sO|hNG1>?2<?=uPf(3j<92OQ<v#_FKZ7G>J
zj4u{mW|d@K99o4JQD7J&MZ^TQ(_8AwwA|J?0(5zp(&gBN;K&XffGbs3mIwWmpthtI
zHmP&K*0L`f#J2co_iy33)Eq3u1$Vrs1$oXx?{vHMUe^^8`Zct%(J3d|4~2+-gt!nw
zFq%8K018I~Ln!FmQKH}N`vJ5Qb^0zL^)PklJ7_-f_w(+JLebs=*k47(P5yOTr<6Iv
z;BR__FB?S!@)GR+=@?>|<4EDX4kYvi8iKe(6Erqek_i_f2Qy=|nF7@tt_pk<?%Wa2
zn_<uc1G8@<yO=8Yw|O4*N$ze$@W$HgBn4Fiv9o=itU8kVZ7!BL1S!vozbv4qnt_5j
zGR+_GcH4jICO6{>>O%^GQtIC{u5dHTho>#pfTLd!+k!?Sjd!;CY<!lQQbv}RRBW{G
zXl{b$fV$E*Q)n7@0)!*lh=$PdPuIc|>s6ZSFWJ=QA(@$(vzNsk=^u0u5FrlO0>1xX
zH9$*+vb#5TEb5`5qQb^OM*b_JUW`FOL9t6L_Ea(r6Z(iTPS0S!a&G$2xb3qp<?Aw6
z6liF+VNmvs=Mp#U0=!e`EG-d|(R=)B|Lnh|(oZLjKiKD@N*oFC9*)Q@;cBj~Pxoar
zsN{_DdRpgbl$MH0#kleK0ZTOmIY2R<k`>lSjSe?-N+;SJ_)fkkH8s*U0x#%w2hbOz
zy0ID<TbzHn>x+bk+IEo9=e(Z+{BEbKN=II|RGJ_v<;vF5xa)RTiH8}wVjUf&ntEyt
zd8vUWqD0~mo;Wz$W~dQDN$6M>6sQ>ys5>1UcT1+M@7gfzjgu-gjRA_fYcp3LqU?2*
zS*uy8`VurA`f_9ApCj5TD&NXW^HGo5AgT|)lcOe};Lj)~nl_L#r}I9=<*RIgl|%H-
z=xJ`OTRAqGd5Ia0zQV2m5g3vHG4?o=i%+Ci@OPSqhUR-%VD!_|(>>GJH$A<N(Of=z
zuYLfYl@0>9%5yk4xW=JqoO)4J)q5>3fzNHSPYo!Djchw(EIN;eqr2(H{-^>!dqRm_
zC7G8f@v?4sGK8LL;fDXN|J`rs0a(_6B;d8|qzE56?oYLNvEjM~3~00HG0V}G7d8m|
z;bwEHJdf<d90GnpnI7#V2Qzx7O+XKvzL^zrXf)044mp$ZB0PVJuSi8<F}fOymm~94
zfBW_=MKNJxb9&O2jw2JVa7Hw#cFYJ|JI-rfFpbat!rSDx0jadKx3s^@M&hzMpD@zg
zGahb+qVp|McXH}8On^}L?C14uA`TuH^*0bU4OLv~2W0X7g}oW@4S{op;;w_lmhva^
z>gW(Hc0{VL^%sp{ZYqrKaX|W}mxNapgl9u~Mn-H%gQ1X+Kdo4kL@d5Xxb~Z-4oPi~
zImC9?^73+wBCf1@v5bacZSc_ykcy?Afz5cukyU*YvSc)80lNzht5gZBv2R`keM)8z
zP)%nJ2F-O-PT)Yw$Sm$eC0As~ars2H`QGuKi)TOK>lMkCHS&Zsu`Utrb@74b$!l9S
z6k+&rtje1XdcO@mj8Y~0xa5^A=ct&#ho!~lM1YMZo{lVIR@zvN;N!`NXc(exiE}A`
zE>ZrMJGexC&R5OVATlU*2yuZ?^v+A`Axt=Ev|%{vK@1GlIV~%(q$GwYI~~2Je(Cl|
zSQ?s|LO@biNEK32f*luEwgz$hv09aNUDvn+TaIC#o}>N+1ZG}l_4Q>)77y@HEr)bH
z*R}&W1ixcrr-Ts@Vs^6_{`_s}0nJsFm7Qn;a=AA20S6$m8m)q;sOVODJ^aPWg%^{!
zvqs!>nFv<^%kZI4<4m4$Tt>|^A7!m|YTK$e*XS&DERt6plP=EkHV?jQ18Dc&qo;Bm
zDl+pYk1Q%S?=6jztj<osAdg?2q97~kI+8yYTqQWE5lg9`epx8mVgBeDs>T<wJ8Y$<
z?#E>y*JiL`2|IgYLbf01m%y>LJ$J>hU6&XLs#t5j;41Mm7<O-(>@vBze7>@S<rkaH
zqW($MTnoD4qw(60!otLbW4BIPp5{$wEi$#496g<f0R|M@^v|(_{F$4>O#t>6sL34u
zSBi>7C?i<eOW=&-7!e))hBtH(jmvIj?`7V%+CU*sfbFeDLPA1$l#2>PJsXZqtsjpj
znx|G!A-T5>lSFqHErAUk3K{qAe21M|R4je$Oa$cm00_!!+f#|3k33w<m0FD_bnSR>
zMojCVPhZVtm;73Gh0-n_Lz(MQnU;uFcyoT6G!hm4{u$RaERZ!&X$4LjP>f4t{5E>f
zE%B3{^QGRjK~08u4D<HRHnA+CPF=-iB3$s^Soq=ZKPItQKHF+m&w5YdH)}!3bXw<I
zPo?Ep_(oapNXuN`BT<E^f=$i@Q^#}~agW722*%ljX3IJvyj|!@prX=i1>!lq<Gp7h
z0eZ%2TwGku)cpK>T4Ti<`2X>IY(oIDla(Xj1N%WIBOmQ;)ZSxtTtBz4&=@i&<5~kU
zFn+yDS^3XC!jQ%JRIi!5qJa#IU?%>!$EZKm-h;zZDyUEY!FA=t9584>2<xX*D=S0r
z__!R@KyB9|WeT9#9UQWf+iYgZ(Bb=;!S-iAd_pQY2NQx{rXbI5t}~&d(xRY189pK#
z6pq74{u3LSa`F}#m(%X7ps;XH*zczkh;?XE(jQhJE+-Zt*^Ir2C<^^>f};bZi`ErW
zfoY}fHKox13zAlcP|UR-_Q!gdZxu}BuY6y#b;jBr4(Ej$-20Pj%O(TsK~;GH=J5yn
z%a5yPV2-C=xAsCxNr~0yer+UoWe&i8r#zHznl@+}`f<(7oSf>rCS63H#vbl^x*dkY
zKH0$249beo6Ky1iUDWe{c2qJHnDJ)a<e5RI+xDli^ZOTUSxHeKn9K*j#VO;mK9({V
z?3P!XKpd9&1F$ht6$;rEVV7(=X*qx8lJ~nHS)wp?h@x8u<ne4LDT7PP(;8Wi!AzlT
zrXE}!Pd~<IF!%qpb8tA~lB#OD_W;uIP4ZqMeHqN;@SGWbH5JR6-H@L*<o|@-d=)sm
z*9EcE{NaI<F3!JH{pV%J*BwE)jr&5A0GBz*%lwE>ri29P(@LV@T#|b7QVE!GVA6O0
zN!42Nzq`BZJFa2I!eqD&Yq&FqfPlz`^22lqA_9sU*j=CMmq}|^c{W3JxwyGA%Mb{%
zAdOv`?4MN9=7DqVfC&|k6U$FqGdF`xc+=k{`ev;_-mj014V_o>1#tE?G;iK|c=_R0
z-;EUJX03TYjwm#s!_6Ayc0kHVO>KGXCUGDzCoB*p#U!d?%*43cr>xEEPsKpE<??33
zHoK4RRWj!P_pZxi#JXWZ!FDM67zF6PVz#Il37o73!XU_+v*OmW4<IAUW}h0OCqx3)
z2q~hUYtDvT22C~7PMh5_H?bZ?+ceFWOO$MblAl|g<PBYn2--ZlA&;%T&onr`*}iNx
zu7Qpmrw@t=3-?-?o14d$<O<6QYeNB>(6q7JQQtp<)$hBOO7EL30{ec3o^FSo;9XBC
z4EaB&x7?~D(MIVL*dlE%U-L$vwMY}PH;UZs7f}~7w|PK$Hs%byU@?NWA%&Rmd0bpN
zpXa`+%N`(7{AR^~>M1^XySD5gt_~Itrd78^M89#)RDir@H_rd^^5_JS!EFmZd%r5$
z<W-k;%4;bYVbpYzauIzD>1MwLleVgr0P&IZ|E>?Sdme5Ov1%cm5CPf5FOGwD%Dl+v
zYAR2F8)9+Fb=|GIx`x&t_51it5M`q+CQ~IiZukr2!mnU-+>9#59_;IROq&Nutj(@e
zQn=hp0CvXWoLsTxc7^H)yNjc!#Bc9M4S*mB=m$b7fGQ@&FUe25ySB?A5yv8&QW({n
z_*^Ul_RIz4@i>E#@>U{bp`&ELBpDoq!8Igx+oaYhf&u{-PCk=^9=X}J$3@j3X#2#|
zu<^VLO26=C1tPpSsGX9-z8MZhUcQJ!<FZ9E)B;zGSi(|K@vI(1s$5%SemgO4h2cy3
zY5RGXzm3@s>pyqL$|BV|*J)cBpg32(A|a~gHsfD%Xr<t~MqbcccY<3$InG*0fD1GG
zcvo&Xz&j?@<<3nK8)<1L4@>|0eigY@k~ev98-ndy*Yx+`mSg^2i`-Zxva9RE$AWj@
zXUGT18E*T0wRuI2kJ?N_?AlgO?QXmGiceR@>aS>iL_<<pH1dwCX}v13#R>|PJe@Z{
zLL8VH3iN7@+3v)762Uf$H|*yvrrkYqHye~XM}YxmnACV`mi6yXn8l)_qh*&FeBR$j
zmfpY50th;CrKle~M3L$IOapb>fJ}9>l8^%?OWL2@^HVU8Z9iL(>4}h~#-WqgSlBiq
zmJ4$wu$Q4F?5TzIj_Y^b-}O6`lj;1Yu1b#FMDEqgrsq$%SaB2iZsN%-Sor22caHIP
zp(^+dw*H!_S$lHAU``L^B0KqF4R&QxnGpISR=N)X{hUxU7BNy{Vud?EG}D=_$&y6c
z2i*(}kjv!qFK<1xy80sa0l$6T4wROY)9nptf6qSdUe>X@(QJfVzRu?N>cz*6X9?@1
z8S}HE!$w&Om$0Onvs;(n-DvS7U(461Ro=3%kkPE4oF4#=VrZnAHrz~*{igog?=vJ}
zwu_6W3Nu@|;PN_by>~h9<<Tk0%9_W2pEL^fiC{=o@I+wu^GoPXHe`yAdjwGiBHB7p
z+6!#HJVhOmM!hX93PAwq&IAy-Ecc<801r)DYb#`p-^BQHkPr5Doy%u&u0W9<dM6Ss
zhxS*jM0ssvJN>+<JUGB~+{_QN9HO_mtLI_4)GaKAD|w;dNQ%1={>kqh>#zt2_+qSU
zOVXW|R6q72z4a4mA^NjEKaZ-yA7}XQw2@XuPcDSS(?c!W`*r%4RR$r!3LuL=?~e0M
zLM?Mh1A>j1U5jbj?YxOMl(}~tr>yUI7h*;bYi#zX_^t>2Qv0t8y=i1#nV~$k_4!MP
z$sw~f6fVsV`66V<c^v<8eXOOZl!_*Bc=&r`KOro!`LB{-dhgGKlSvmW;<SrfDc4Tv
z!%}b}_LZxv*J6x}_AW!*gpQ<Rkp90~ws~?5I?2MhfC}gt-F8>}K#_oyIA9V45J29`
zWveV~oQjA<8U!u2OCgS|B{U?%LCPz7^vgegtX-05`GCP*=`5EI2bCJh!x%L8fOan|
zWU5lpmIU~A?n)L&Dz3iaCok;nsN$`AnRLGND4GJdPIVq5A%H8DmY3Ia1tPat?;gJm
z0G-{BZ{KQ<njtXHg8KkJSpOT%3+YD=uN#BcxP?Yf2pof%w6xD~b#o`}zNaS#nOM2F
zpohSCsbqiXL#5y;>U8~x1(o(z$LDek)=aiz>lRRfiImId;Y6^87~SiDQrqg_<fK<v
z#!b3?${ldF(>=!Dl^)eWJ~%Ka6EopMPI^K2bs~#6K(7-;+*rbrZ7tVb%%6><<hwF4
z_%vV{k5x<+ZF)Vk&Ebpq6LO1N2ye)W52y)-gOM20_?q}|{=Jh-+Q>s&LSe41oG9-Z
z4RlsrkCWifmT0fdWoW$4te;dVkwX?ux_fVk@u+vOrDoBc%$%q%RmCL@o=&ZUtEWZ^
zM*6qN5d&szR37uQHOld%!5oN8rjV;VLgw!L{GC<Z^NZWf;A-R79Eu@x33CC0VDdow
zpnA07<Dm~N!elP{m2=VXT^X6j*;!}&W0gu%&bpzxr^6EXPI303T6$WVyHKii69GN|
z(g6W?Xv4?HdB81%tvL&AL_RG!Buae)6(cpCD!uipO)P#|<o7WhiOP*|a{Lorl}G0}
zf1hs6qBx^Q$e_r7*f`TxpSGl?CiUq=dVLCT44Mzqtcge6KH6E0P#$jfJX?2m0`cjW
z@m~qdVySO7*+ezh6b2>|3!}AiTTq!ER2k4dBI0DB-!(RyK)m%0s#8zpB`|Lx{KgHC
zSRpyj;K{=TCJr!=|5}%pm63_cgvS2FeZwIx{@XbR)N^@F)bS!qSy>z3alp{Y$2J>c
z#Ye9FHl4q2T$9(ZMogsi?@8y147>>CED#?19sO)<CLy|fQm?_Ko_ywZ2=Qa|=b*Zg
z@h%%rKOA<@Gr`bFjHu~8(RX!w1Qi6}m3oRzKoO7G;n4T*{ZXHpl%&F}Yw`o^b3SXd
zue4As&f&ILa7QJn>MJp%aZoCn!TR)xY6{kn!i<;W-be(Zpgq&q=e+Hg9~D_7R;GMz
z$WF`r31nT(H7jOV&)2$2MFTa_=YpV-6sX@Vk9@@tGPu9}%2t1b30Ko?R}InIUt~42
zj>UV<oMi!xF!TCr7;+dhVCUVj2gnS~uHz{`4tcbl&uWG*28M^Vn@!K;EA*1rnKnbS
z{q2F8T9>(-`)1V(ckIMp!4KE-JcTuap>J^oSi5_p7uN)zJV(kyQynx&Wqm-hT8+tR
zFCeZ3bk&QcGPdIhtLD8&NJYlnTf|m^!5UU)Wy<N)PL#A47K$D7ITINYrF!gL8++!z
zHJ?}ve<+3`@2Zr?!$2b)ZJXCAX4g6{`4nyUFXS?Cu-^aPxNfHByr;B6V5~>`(QK#X
zv#=!CR`P<ZiS9U@wcD*vp^#W{!>Hp+C+I7CsgJwn2aY|S=lO0n0|@s36n@?&Aq69%
z?)ukFIZ$?SnUCtnV`K^n>Yi=N&y>m3pFgSp)deg*Xwf!bw;Q|p()_!)7mxhAxFa*L
z0>W%x?88kK<o6IeI|tMy@3u*XU}j{`|3ps<5wbsCoCE^*!6SBzm`{QNsu*n<{bDz<
z7Ni3Pt3jXY7+OS2vnQhoAId$H38vu_mEMDRxMDQwwyncn`)71r9iRv*8fkGU)vXbI
zcJ$kkN3hT+Og&y((qvpb8=8Mz2RBA6KC*b5cpp}KE)(ZZUva3XiSU+*mbcx{U-|(B
zB7&^Mm=*g0!49Mx5@C{IOxS8>c;P56M@B9Lir+_G<Rh=q;yLgE4{5Lx6~AyG=s*tR
zr2xI~JYd<ot>tHG0;&jb_3}vnAXTSfV~eH_%HsYuUdJ0p$p0J6FXjL5?1FRRg5HPC
zcbfD->xz{5wPqtG*D+VSjvjaw9>vjvVUmfUTpkH^gd>0mFC74Y2g>papyrhKjimAA
zhYZe*D=9H&5ZFRR_BLQCsvfz`FFDLt|D7f2G9#B)jS0vjm{{;5ibWn75o0&2u**|M
zWPQGY8zR-;%Cv~{;WB#k*pc*~(KcZNAAs4;n0D^dJe<L?5`8a@BdEwW=rnvKv|DS~
z=sIp2T^O|F7poM~$aYE##hk*MI5zbOTA|VZuKI&uyXiIe^&-s{Z%U_3j8Sjl(@~X#
z4e=haQo{bmuUq<x6&!VPh~Xsrv=KVw!-qURtz{tWXn79^hxT=Dn`?v~Kxg|3amzcO
z3nAwPuxm9wx63t`RR07sJ!BOcRd1lC1v9%mt2svKH1w-XY6~Ey+8)OTungerhQt@h
z@Xz6~Vz;(XvP2i2Au9Rdig>9yTpQI_#1V?e8vVC$wv~haR#2?2;(p_B?VUTzQC&tY
z)d85-pYmLTuqGyX8I5aivkwT$Pq45q@%67{Y|`2wy^t~5U-BRh8QL^R#KiVdr&<LT
zn3$NLk4P9*Ep2Sh4BKYj@X^s7jBFKlMG)-WTQ&6Wq4CpG^`!|*$wQ`ya(kC`oXD_h
zOff=(%}1(rSnvUA)*|&#CI0nK5Q^-P553sxdSc`^8M0ST=LA7%?!Y{s)c3@lsMLN8
zwy@EHn@C8&M{Bg%XuXsZ7(He$=m-@G*op~%0Ueizz?r1-zrctKbAf~Up1{!)6cm&&
zK=NTX1;%e{B=AG&rp{QD3OOINJBCkBs+nNu@9WXfipRp_<!E9%EEz~Sz-!YL@eEu(
z7E4}se<{~X74A(VoBJ}R_YK|x`E18&5WL(s3@LfHv<zRuQi+PM&_|L8w!}Pt%+~J}
z<#Bo9psbWibbN6`Bmo3dXBW!|^bl3bxeozy6$;!OCfE6gp2uCTGOe%;JyQk&mu=hi
zGeFpXtu3z&1^ly^&qvj>okI4`jJe1N$g0RyEX?@fzy<0+qkd-bOIL-hm-jvtHSo=B
zoZ}S*Hz82!(khzpAskya)AOvcSlvrXJbe1A!Q;7x{PB1hxSLr}68kp21%&Otb{%hI
zmSF1pAqNsCg@g<uUzvM&ctHHin<TuO4z$v}S=zPzbq?Ab*K9~xtNhUJ;f4ED2jD5U
zms`vr{C>isiIg$qK!9jZ0!fWx?A!DQ^<<`N&hjr{qFPvSLCl0*s>S1O@OhE#ceyfN
zwum76tCtEoaR2oEpPXLNba5k+S#@~Dl|wBaDpSphtKd{&;J<~puBL7AD=pajj+{c_
zN&fF7#3z1tt$%9RdgY9An@v`ZeBXZzziODE8esU;v^FDbDy+Qgl=apb_)|D=R9EB7
z0u>_3rz$V!2c*a_i!ZRff9TBGZL24#U!%*h@=!8T^+b_^POQB@=h^mIyqF2lm180h
z4FI**T1ygn`~_-4;uz)29lY^>ooSU;mmQEj(eEMUW{I+~(NVW3nVFRcI05^|d@j4g
zU!gdlh&d5(4t8CyNp%70Noa8JKvXQpzxNi==~G0aAJ8$;!6mI7V8PVIdDF5G_CYFd
zvucMW?d`o3cy1lIh|p`eB3E0SCmJSjD$Nb>tY7gs?0B3m_5R+4sQLDD9}k1VmsHF!
zhIWihj48zDl3rggQ~UMq%OFt2er}4S;Mo^wtH-qV-F=W5*wz{b<EdC+VyNc<^j=@$
za`TR31T&iVJ1B)WRh21UN^002IyyR`(;_Nm5(bLz;(1rI0|R2^C{`2zm>vQ6DMn3;
z_C>@8ivsQ8qy;~fgp%M1$b*I~en_6Gm$Q;uWW8lJVo0Ty#c<OgM6?gPrPiHsA-8&F
z+*r!zCG<`oqO%mJc|gQi%wY#`NOpEXxmaxdK8y{Yt};)ex0WQKTyi(DWd6DvzDxh(
z$StIXdkeIe8oRxqs%jFuU3772Nq>Wo)s2Vu;NXBkNhwaUM&r_o5O}lBNG2d1pDGZy
z={yJnz=f&T8f4Eg5m^2OJm>ac6jmz~R9I|(JB+M4xZY#Vl8>3Sb)1w=+d*-3E}psh
zgl{=RmMBww8#Mzd>383&TFOhE{%>NJc#pGz`vOM?$+5}~5DVjpe<eQC)BKOde6(Yo
zZpUCQ1yyeM_tmA8PH_uQPH1MsexeQ;4~S7oNoPevBE(B<kfSFwBq6`Ig3l^0To6dh
z`hW$9W%5m9sH%L2ss5a@RBnD~0^O`oSU6pPcW%qNYo4XT{(*)mF1|ghBJsy+<NLO&
z<>l1_!SRA8-gJ&(oZb!ohZic(<pX+^KKu2?w-N{LE8X7vt2m^&2*cP75@W{&&z`vC
zgai(gyrN5{+;Ou3&gUJAyODrNS4l$DVg)rLuO}kcO!cXWorPRKIb)zM?r>v$eHn-!
z2-*e}c&=NQEs@XmCc?G8Xq??W@)U~isq9N$1QB6j*#I8LOE)}LtxR-G!U#3nt{^VU
zu}@_omtKU4DP4qrZiYl<xTjy~RJ^cQKw3+FS|QIKmP*hE3);tywW6u}tuKP^89Or#
z(r2kiErjE=;=~1*9T{pOT*N0KvygfAE-=IRVEgoHEs~a&Ch$c^<lWxXV8;UG-9KHj
zpD<BjIPWBTUm80O*D4Wre|R&!-3sf6VJKM^j79NA!-~a=$D(UDDlRI*xLwlsdmn!g
zH(=8F@>DmK&ELE_Hg-}O+J>JnpX?QHcI%WrZfy2L=DUhmAt~KkT}$x+^xiH}SYbO1
ziF}lh>{=RtadQY<BXm!`%yw_c-ZjVaDt!SUZz1aRdyAPbgc3Yg7yY<*d<8ko7CH)1
zH`)buUBe5Rm%G^vPu9Q#A%u?Ex+Nv7IQrZr!uRmQZs;$-5j<L@g8e|L?Xe=882h?R
z9jE9gaYD_BESJL<>##wK3^7e`Cr*{E+r#W;J8Qk(;@A&!74@UZ5dvG*I^aV?X;w*V
zLPem2_OYiH!Pw<v6_@IvuA!2dm9^e%xpup+gkgXfmMB8WCw$vCI%T8W6aQTrnnty`
z+SuL=UkV{GzK!5}%-Gno(#WnBIk}J!AnJUyC}5&pB@^(Z=j`udRST1%%=i$ox(t1d
zO+e&e%W}3p+>%!YCTaIqX-!Q55R3L-K!-l!-(B(W@LrvViy}hA`QzvO2`BMf!BKkd
zMquK40nE8@;_OlGj<bKVwA6y$?s6)+w-#1vzk6f^yJhC2c!=N;!bHm45w#Xk2<wOS
z%X9Cee5iq|tJ)w?A|M`{<r`S~BZlke;J(lv?7%|bvncXY0+;Y*j>+Af2LLWq7&hpp
zv4wVT<ls%5E%ILE&0L|YhO2q#q=g|8_ywcpVB~{&(UY3ttV{!uC(A<#WRen%Yr^f&
z8V2taimgdG3Dq{8@2hi(k}1e#KhR*7_%{+_beSaIF#ZnnI2y1xR<|-vSEkQ{5lM)h
zG&Dxz1|7qDvvhjl1s-pBS9P=9)$F?L6XJiKDS_?82h3Rv2SAa29TX1%<mTUiay1im
z_Be98!xvkPbV~qDj_Y1cOb?wvD<57FxFg}h*@0=g-{8lCEHz0{i0^oZ_m?PbsNLz>
zVdxJ?n!pt~0}?kk!)O-AXJtlu`bsk3J;S$e4sr!1b1z^9CHQD){3oTmRUZ<!hsc!j
z_%YS5{02!@&ZMf)l-Dwp#Y%UFUL!a-ledG(A!*gHHVhXVaD*jQML6A?4>>)pel7hf
zh`L*^_X$GQ%@E(NmE1QUj%Mp6#Z(A08b|6^&L{9i!m4Xe#e~Le)+c0wqbo`Ec-I^)
zCRrZTB7n2>eG*y0f>~cQ;^p}$#?~CA`UaSUfQ*MEmsQF1(FIcI0|4>4?EcmqeA^G0
z1VZx0xPh$ZF;{*EEKs;g!7l^jlbOvWC&w|dzUa@TnUN<{J3{+s2i;BJs5>I+PUNc4
z$H<p5q0wU^%O37tUeo5Uq)gZhU*`4*bCwQ)M2&I%x-hB;?Kk<_XHfk`Z#etb7YV13
z%1V5Dr&Xvicx5D){WJV(TZvUwclC80KBt>+)E0wZ76Q-M8kA3w{}C^B-+uf<Na-`k
z2AG<fDdSPs8%{yk1(<aYjV<Zh&J6=4O2=6TlEds_+s^GG7ncPlM<#tLf-@sNaDa!0
zWX9$^@z_UN@v{qdK*^W_g^$0QV{I7%jY~ChvXYKX`^P+T+<dQ#se%7BP-dg9p`pPg
z^8;<~h$}m#$BT`_o!b%65m37QvE%^!4x{FlMy!~jC3NcDxaZ**IZc5tmX?-@t(^)=
zPK<wQTJ&XiB{9O^R}Ju+VZT>`KfzdRvI!S5r!{ZHC8kOEdLI$x8j@@?7KR}ti~HIQ
z!3!hpj17{(Y;>6g#%9sN!yx+P;}H;4#r*GY-w0;l+3meDX)~KIPH3&3nNO`ufn5Cx
zo<F-9iJ$o~W#Q`X%Hi1in@rmP%E;WjIg<>o*MJM2P25{uW5)P!v->k80dvRw6_O%;
zF6>Xy0h34mMglYm2uR*dv030zN0Hvqa@VLu!Yr~pW1WoShqPJmL#MBkQT`j%x*xSn
zW;jbg_yQoPAC1oQh!yL{49DyNMg@02ub$gD|D?mZTgKe5U;&)u483T?Gwf+8bufS;
z7L2M0b1aN!m0zM1DRGrYc)O4_2w0H+M~okIc&>Z`vY8)V<^*Lq)uY7PxyXzKJw$BC
zo3M$n-G=KYi8g==lCG1%&8x21wHxbOYL-1k-p8KSWao-z{aOo~mwADA*FQRh*%{J(
z6yHIG!~OcTXr}Gl?He=9^Q7dX{7#E-cRkonzfH2AkCb~TKD?dTpiOTLNF2rlf;YZ`
zIBB04n-8cUnbE>#AFO}%nQK^(SdfTvXjH^a-fNdx?jgV4tw-!s>k#XJYOiD&l-lV>
zPK(#09q)Qsr%%u2y6c{@sbT0%&<s<eQo%6Vo4p68wr!hei-#%5@IhSfXnScPq;MP^
z(+7|n^WtPef(;*5SHEVTnUj;(;83)cv_?22c9rb_7ta!`hB!PWmhj65fbvzUJ~wPW
z!YS?Jn{W9Bj(zpAlN&1AI?8UR9!krrcS9iaD=!=&`e^t<BXcO0n1eCcP)w6+LAQ@Q
z+IQ+|w)i(Bm1@4h9h8#3ZX^nL1(7)IAE8ekd8mHF@G!LS)G-E<k2Znsw~hIWsN;O#
zzY!}$bMf{JH%@V?aHM|6pkTcIG&+#U>4RfhqxdmK-J~5y3Y?5^<z%C4UY|FzAiB_F
z=^=x*k*_}P9v;$pjfd{O)T=fRJ?ZQA^vm@@a2Og4ECFI;rW@4l_3iCqiYnW83A`3$
zpn7+j{iANGPk1=^X8~o97cA`6ueA%fgjh4A6oQH;A2L{9o$*pwbgZxW+{zlebw)qq
zSL0pBsAX9$EEikKt#I3XEjO`}&mH92@G?T)YSKx4LGmJ3WI8;Ol9E`iS{ff9;3{21
zx!u(yC21`uEC`P4+Ezza_+jO+*D}ef@Y0s&#4+DRceA+b?F|zEzM<#!_TiitlC>Cb
zJ-hYl<%l>p#Kf**HRx8%rj``@?{lYJalYM8qx-eTkQ<$A&)D^;i6PZcKPh>=_x2UI
z?4p~S@xr0F;}~z97!B9TLN;9Ksb6^wm7Wr+zpmkhhrET=gexdhi5z4{BVuFKqhux|
z>x-!ix|>gYt}_BO)5>tZQaueBy}SmbHo4on&@@)-G4N1XuvBB)=-2ibfy76`!NbqZ
z=dv*yj{Tud`gp&YJ)sYv8gOGCmXEFFg-p0Vu=PL-ulzR(7$W<@q>B<d(uT(LBP+*_
zT-OBQy1U6gY)uSq{!6##3Uq^~GjVH2)(pV!1WCwt2x(Zcpr5Y^#2PmR#ljX&RJsK(
z>OK0b66C8@TJ?Ux2mpLLM~3hi$tj$9y<>cImd#h}dLXJuKHj1d0|VV^U^NR%N`Na9
z(xj35OLDR@P8Bw>YKyD6mWqwePc5MHj*Abn<h}P&5fg;pouOTqx%T((4neaCuAgyn
zl*8{D(TNYUmSW>_AkeGQKyymm!tAU^U&5dP6F#_@nuhy;Md*mu9{b4aPZA=|BDi#a
z9PU5U(O=9=)_n3N`$UpL$8$#a+DU3=a;l7HI?}<oI|mSZC)@4e)NMN$v?Z<oX8*5S
zW%***pY88FI_|ET_F8Z#lI7>r=@uDnGxg(M>rwGxS-LSR%NE&gYfyauMTEYN`55iV
zj5i$PpXOAq8)xmF7W>;SETm3*@R(qnpcbQec7uRH5n>S+U>+(9Ttxgw6A_@B?KZ@i
zZX=Z6>%O?pbH5u40k;uMTu%8*l2{YNHX7Lkh#b1M5!`dXh4557am)_$&k8p3<=kj;
zsP$<pI}5Q%TF!Nf94@SJWUZ_QA_vxgvSMnLbE-$8I?Y;l4LMJjpLDxt6|q)wl3v{0
z?~h!_fA$0|s}3oR@Wwuxnp*D9y}>(RNL*+Q!9OA~vqZBK`^*V}!c^<g6~eiDN{J|I
zxbAlCIZ1E6lvxinyfh(CW1A3Y7}Q~3@nB$LYQ4O^=FZRK$+TQxMTY*<H4HK2m#a(6
zeSqIz0bqP@RuaXrG~4EN@833JA~O10O4@3_I&8ZLaKk-6m7qKj#0c@3e0Ns*W_ufG
zDj@dm_?~IY8B5AEe%a1rsmVTA!SNE#uRxoGh5T2T5>Z|v3ahkn?N+qm1kiSqq_F^z
z1DDI6-%{vTKCCJ}e`a>p4WIDgaXsizR5JI;fi+9LAQP#&jNBi<kg^*6+Hs-6zi#z<
zNq6+a)XM5)>ITBi5Lhf=<0<sKxrw(<Gp9?f)(Z=eWNYtv(TQIv+u2#kG}q2VP&m4b
z+gRwu7iE<dI%yBh&|0}k!7Y1n5}}ypLSyBbOS2dnc7AT=!PIZe06`uZOO@F2e^boL
z&kih|OlOO;IR}ATQK5%>cqzX&qmc4Uk}R(0O9$fq9y?RMYC-5Nb2*46K^16^=)u7|
z2?Z0CEbpo5=+PsQRs8;U1e12dJ2zWO1E<{PKX?S|?Ay-$r@tf{DAi6s38K7o>!9dr
zmj^!Hp_Xh{8<c{j$mu=QRf1EhZVyY33H&*W`Y&L_lu)Eubxoe<fj@xmH?Y);M^@W@
z+zOgiWYImY#gaKXYlEAu#`|uQ3ki~iB`Rb9Nc5@xzS_^!$_LRKCnJl)V&=*E62zms
z7-?a5uGXStLID(VU1e=XFhRz*bHq>n<G5TrQq^?s`)DbQa2l2f|IqTQUrM-V5o#b;
zx4PZBm_Q^8+5KKpv$2pyz_b;wE?*zuz1a4mB(Pn_31;A#ddd=zpQQMzS>>h{g45Wt
zgyD6xe#ytM+Y=C^W@Z)z2~5O|gG&zCO}ZY;ZZ}ThxIIBl)UZe;;KDRNppaJW*BUJ6
z1@X0!A^S;$OtSerUKp8~BanEJ2!GRi=ufhP<@<qm_!;g+9Cwh+6ebOivUh1pXmvDI
zBPuQ0AP}D|6NMJbpKZ0c2hc=h;#M?4#Y6J>9-!<`b)qNmXa&jIi!-}e91aNP5JBg|
zf-ls&-~s`a;ZkA)7FEBBhE_4*^uY*er?sCM3-XO5IzAPdX})%1({m6;a%jZ79S^OW
z*+Y9Gr}tYBkKGyb`{<?e+egR{0qwiQ>!*=Ez`h{y7u<J$Om$;0YVtcgyx9Xni*r=1
zL94>;B<;}o)=)D-&o|G@raE$1MwFG+Rj#De)To`6e`oxT2g4D1_;7}rLiW|m9HE`N
z3}1+(^~=UtW3dJxDP`xeJ#m(ffkJF|cUQ9c!t7e_R$k2McfQ3gO}1yyHy?N4DE`+~
z&m?tWv*We=<nB3aqukmenvED*at)!a+g1;%;N|oUGAVi9U$3LwJe&rW2&C-cP}p-7
zy(yB0m>1X!kGiL&HxG)eJA9QX^slN>Cpi=))TeMiR5XN(ehs#1mo_!!%<e|6)bYO}
zTo01UxLpHu7NxP{pdPUDSc!kHuUEtWu4S5@CE)GyQk>xjby)~WBr6HnXcJLjo?Eqj
zbyX^37YRcm+88-zH)P8C@<z?njrJCi&NyDmP*SX%hDB!wNs6ghWK-`84_qaA7^6kX
zfJ~w9xHA>`4V4lTu71$dO`S3EA~rc}P4+=6psIv+oI|38Cuc<#UA)56;$yU>Z+Goa
zBwCHGgIo=N#Lk;@64PJC=`DngH4#el>e9E%aF=tj<nSk_o9^^wzSqN0f9iQ_eO438
z@PF;psLTHyn*jT!IshvrPb*@k)@5-L{Gl(4;GsQ`DbT<C?YEcPN*}<9O!vfyt-xVw
z;D6EElb1hKt*oST{_$ftGOG=FDs6oVAqR;`RN4*gSGOj?QvW&!Hhth$65#xMLMbRP
zW;>in|KXLtt%?Iop>&q+-z9r^@~mut2p9OfuRJ`1;efA`llorWU0+T3bTJxQ>=BQe
zFSUAz#F1H;&E4QJ6vp^<(HbfB;LwByCBv}TOsyLUeu_Lq(hRoHv}3nmk)4TD)dzhL
zhx#|*9$J0tkQD~V_i(*^b|zeZkrSly&jWc3p~xGPl*ft}Lh-MS_sxM71@D)9YF1X2
zxOaD&B>6(COFCfbndR>@#tW!d+QM2_x$lWe<2#{0zjvkHrg~llwgl>_w<J)#_JT%<
zLc_tOX7e5vLX%pjwPir7VD^1Wz$;HRKv4YF=;2oSQ5dmH*sANu8JGl9vJ}!=i)Yb;
zjrrgZT~-!xxc7Wvbr`3xyKi!DuWe}=`q-5$;czee)AzLrnVM!KY1}o{%EE?J>gT9Q
zQlcao(Gz8sY{4vYL^U6}XE<jWjavx<4*5Kvh+L?8Yc6<M=X~U4r1gn13(c4@+RaGB
z=yL~7`sEYsrfNJ8pw*574gKv0nix+8e*%op{8CEnY5dK&`-1-sEUqGmu41pGl`gBO
z;=R(IaE9n}JP<rb4j?8#D%2uae>qy9Nc~8S^LO?mx0qPD5lSJn8Dp0OHv3TNiVUS7
zY||<9yH=ZEEeTRuYbp;`xeb&M{a>(Av{L~Pm{5k1bmPgiTfpSznqK1|D9{^|#Ez*T
zaOB1nlWe-VC9k-IlY)ltZC2{P9o>DS{|^{zz4(O$rU0v(Ew1Q`bt^?l>H@{zz|Ij1
z=v~NTa>`WqS>DI`qrQT?Z>mMp?Wu#N`2d_!a`!#S*2a$FDkVh~HJ8G#FqqFfqV$gf
zhz)6izgRH!<WE%47?$sSF~GJFvr!~|Lb5|jH6jWy?Bc-fE=I+QKd-nruQgPfOhtXE
zAX1v9uC(x{##41xNlRg*j+UBeWqC2mkqGRK!$!CZ`&aS-nJt4zl1?R9DSO#VH5eL;
zOvSq#hWtoeB~5WOQQ71a_WZ{px#$|vF(guD$la%e4!U&Xz(^SPiuDe?eMx}`qJin9
z!h61|aG?VBe9M=282MqdU(fYgTgif)HTdaOH{w1=`E)z65LW43)s+-j(;9oqqFCxG
zbk$t{Rv)C;;+EH=)#v-;RvkuiG9Lx4-7lf(kS&+peel}QWdpdI^`gzWu`%iN7WIDz
z82y0AV_?U!bpz@+f#FsIj8>M*046l@@zY~C2v1XYK!U(sXCi~Tre*~AQ^cRgOOMTx
zqVBW2nR>71=rYl=cTbs-8C)u=V-J)U4GHnP7-C(%g?Km_n$Z<*d!-+8^i~!YLI4GL
zr;U~$MKQ!o3@YyL=b|J*frdiF2m>=Oo)p~j<zz`an&HpW3=_L1n{^~hKjAeyaSja)
zo|5<vwDNMh;;oFMzPxml2%3+X5oFaL4GP0MyI+Zq?a0X~M1=aGZb_)Wp`MhC1X1Z2
zqz5r`=rwQdL9NGJP?Bs`K5=x5Y)`JSNHkcr-&>eSVg0m?foD+;j0X*col6lyn@cz2
zlp$#Y4tsnUz@s^LJ%yMZ4|oR2&(~X>;S+$W5>$LK79A%7h#7HA&L{rApicci1Pn8E
zsZdtAY}T6IiL03gT*QS;dad=fwRt`7X~yAp&GeIRxCFyaA;p_9&0di0X0CaOxuTq=
z*!6ON(Sz(Z8T;Tsw++uFez3cT2ky`jJY5cZQEH2m-`9^&3IT}$XtC*Gr?#syD<k&|
z+{`X-Up+$5ojiTR9zh7BFxij0&y;m&&;*rUWECO$#)yO+>t~(#)!h>0gfyyzj|Bfc
z(-8{;K|*p`Q4#(&=dgGq(Bp2Xxbb=)Fg-R3iq52z6dSd|Q-$Z~iDr|ROAOi5;Dv)*
zUu!Ugd>Dx;{)ov}im%W@dsfBi`kEdd>|beUtO@};yrI{-PTCe2936w<-<|;GOb%OI
zg{|k1%~t13zO@OojSiy;cGA;<fKjocE>sIBpU0e>oP5{)$aWNtZsRsm<iSp_%MUR$
zG~?+y)(w@|i|n5H*)WEF2qL=*dNybvs{6=HDAZkQfKt-GB~3^ap|Q@fUDv@`RMe;6
zKy`4Ad6j?Ev%qBF5YPLjAb_g8h=UazODz2a4>|w)wlS-&3$a8p;Tw_vtNW2rlo;ss
zeVHi2mY=v6ai5SF3=C>~I5A2DbYhFNkWXBtI(rdJ*^iYxlp4ImpQvo)gVbPxDN1<y
z`yG^>J~Dym#2$k?O+{b2DL6=os%jr3cZcpifbYax8ct-d90hPs#`Nz*^7ep6MJcMQ
z$1QhlxU$7aM0I#^#&@j0xYoywdxJJ7g^6;t0nl25huhH~k|5Rjpo_5R;VwE^buoYl
z=I7y&um<oVtVNr4JA9l($+J@G{*<1VUOyPl@HGD=C{kdUoX!t4tsMo1|54H361r)*
zj&|8Olaz3gQ5G$8cv9r<yCN|{HE!4k7u#>$^&W)%>-IBw?djl~w}-E{5h3@RVU|@*
zPT-CUNSTt(_ZVQqM;;>wKkDulD5STR$QQ)elqGA|H-O|hXS#0}S5&08Fxi$V5KIXl
z#BiIfn}*Cr4mSZd1wZh2a!kAj;xzMXt8TLzncEh#b%>7M_nIGMpN;H_D6hbYJ6)lx
zlGe=mVB)&ImdVWr|2CzYtkLNS!(qx$qN(Q+%!rnWD-jztf$W;6IpZ3eM0oQcGLokE
z?-f=|thqCUki$2b2=!A1>^ENnKa>RD&ga6=a@S9aojH^*j)~9Z#b@X3#eu<lNXfH~
zjN+SJK1HMyB1*)Gqc<Vq$-$3AG~su-L>xK6rcr-pf%L8JZyP`;s0@HKyq4PA!=U4J
z?6h}_BCE5?@&D3_$0T@%##?QLzi6>C?)t)~c{r7gC$vRSBFX11#H@ADuSyEXK>T<7
z_oibUJbxe^J^gfVIEs7?T+lW+z!-NS&;I`Xo3EzGPwDVz^P5=d;;Bu~D`Eb!1K9QT
z&OQ|S3sV^7>jG3ncqwP}FdHXlf)F$iy-rVvtH%)kdceQyTV}U|Aq}=S9#;DB>p|@=
z*6Fl(UldC6SQ+&stqqNL##<K!YkL~w;g5u?_P*v$lR}6=AemjPqWlzZ3o|Jp@7cUj
zj31X-HkQryyC9p69A=~28lu^sv3W)af|ZKT{y(HH7P;MjRE1<^-^i*l_vBl4BV(Q+
zEiI3i)NAyT**Q2E+;6x7bJxT$E5Udq;uKRUS1)**X_&XmC@xX~<;TAV7Pd_grW}6B
zcB^@ulQ_!L`%_HXJi^Qeq2rU}`#g&l7)o`^fHyE#<(rjldwO}QySZJ$#XSKR@TU4Y
zK&gm#u};75cl!Xg>uYG(i;H793JaXmGDH+cdD{MxJ|v-0jE&#iMn%Lw6}2abQ+JpQ
zT~m3Ji{)K03HV;}LH7k~Erpl<@f;fF(NgvyK$wl(<V;alVOQ^<FRf;LR-AvTZutpx
z*Y_%G+$nK!a_Vb+&x$L_EcEAMWYnx|O;`NfHfDeRx8*O*j+OIBxI{AKkCcz~&lsqt
zyGAMcAcbqu>t9YEecsa<Eg(Tqg;(GVr4BfvDP4r}RxhSqg3{yj@$>Iv(rH|AoQ#qQ
z+o5TGQ6Y|5{7yX4d_`DY%|X7fvVTLmJnQVKiw)mysD^WLd>o>!q0u6nb4k+aT!2`_
zDpB7B75=TI@s1$i-y}8k`+U@>W{m)B&=n1B&CA;ln&h$1?S8MW;-S@-mls@IBF0wk
zuSF5SU#9Y_I7I>otCqOGk0~wBc$mBfB%t!slN0P9P|Jpw>3Z8>a1RuhC}h;VZ4~6c
z+uJ2q&~t;zZiFmlWlhy(2_N3UH#fMb(Dd$a?K_@#bq$yZxKwhAXViVXy4^(m*5!ZH
zf7+fq8N~hqLg~<PZXpR8=RYm`kAwe&Hnf^ydG*)`WBUaSVm$Wot6NRDfh7C@ybFZH
zzw--7A+YEkg_jtotW`_&U9ZdZ7oDVVZZgy8u0oTxxBDeIw`oLW)lJ@>u8~++Sd!GL
zbv%4G9%#*wNVgUNSGe@AdWm{pNM#qFYzbPL>U_8wCl!_Na=-lK#~3TglhqZe9rPW)
zVU(BU<vkKv`@XCvC#wc-wdYa~m0Jt=fcJhS`zi&*9Fsnr(hH}gpo(meKcRR7KM>nE
zCgNUkn*n(H--0MG3!z(8$Tp*i!3Ren<BW*-%tm6B&CQSAbk!|*7p>C9zR=1hlj*FK
zugCKm-|V7In3Y5CvauZR&9YbqTx<mpez<Ad0H97QkR)EO^@8Q)qGrE%`DKz_d)@$z
zlvhZT`(7C~UZPux1Y`N?*;-bZltNlqzXYwdclVy`*F9*o6xfA(+Q;|3=P*Sg`bHOg
zV>2^X2tDmH4YGsjzd5vQ2POU^K;!6XvrYQo?(1U^<dp8ohWF%XytNh=Q^3?fP*M@h
zKiF4YO>K<F`Ji(Dx9K>8<G&}3(jQhk+{|{P?f$CmykzkO(qsvLOE6Cc_*S6~o@3Ug
zoc%xx<sJ!PBoz{2XR0TSwHL;=BkfJEUg*s!gtg=ULjwC*n9sjpY7jspYwGE3mfvx%
zpxIxZk{zad6+}^*If%2)rS!<t&CDk`oXMhF0_IMv_qPr?g>0U7e93x1S_wA;)CZ@H
za@C3{1`UI~q9VU<D+3M=^IK~!9=wSTJ#YBoJp_VyF+k!d$$V=NP8F6`V#u=JjqMfl
zuytZA0dJFIe<;H6O09}4ZvccE)Lvf*9M9a`T&hB@K<n~IAD##I^dV0I&~J8*H}p$s
z71rXsseSiuC^nMUcjr#p#(&sF_17E|2Zvp7R8&-JP(R7qH|LrtJKYMB_1X3wV_!t*
z3TuJsg#OWCi<1H0BPD<F)2StJRNENa?;UaWBN~9G0}hBd!&<DtoX-ISeqnBhzdfiV
zBzchql1MeoOs<k3ImJ4ZzrQdwf0+BH0@)N7G5h0~UWD8yEwGua%>TXuVe;{R-4Q^!
zYl)g&OWVlt&Fzif!*Rs#-)}_yI6@i(0yq&b_X%R^Q&Ykj{d?N?J`JAV2lbo2DFAj2
zoc+T?PAE?2i!|WV16I0xUbTFEKb)YTUJ1|+T1evHLT6GV=f__li$MtAG&9|{a<D$G
z@~R7V(=nb30{~$j60EIfZFQBf0WhC`_q$-{?>`PYZK|3_-y4cSEw**vk~W5><$8QC
zKkr*Y_apCS*E&$YeYs!T2HcCQCnqNnbUHMlA;5?C)-^S4mX()h)S8SM<sJ_a23N>C
zuilxNQPx(6^YV`X*qhS~h;Lnb8CI;BVH?W?WYNXNMX^iW4=I^X)U9=#pcAAE{PDPV
zO#-CiTF|B{qKyO1;IftAByrlB@b6S_lYkY}YPor}t{1cdjmdJ3d<%$A)&u^VW{eGY
zyWC9*M2^<nTsmyT8SJ)mUv{RzJ^-Q$DaU2x<A_IDS=mj#1|T-juU?@1b}0Q)f?|Fy
zT6$CzWgr0Vi5tVb!43c6u|roLQ4JWl>-Use&_Kf391TEWBLLPs{)OWLcMoVqA~7T5
zCk5S`VK-3vTWGibL!XMVJIj#eP|Zx1(EslKCB7%K5y(5R_Vv|+13V60keAC$x){ZR
za1#^e(>c10ZkL<<Ilh(%YBFJo6LL_>wKF>mX$L<fODz7#eMdguVh(WBdnI7-OxfCM
z+szWN>z`=_J{Apxl$M`g)Ex*ms{uy-bFcSnPA)fp(W_5hHc^W?$4xE_O4+i?D=U*c
z4kk2d*E!+l|A)A*45}+=+Pr9R_uvxTA-KB+cXvo|cbA~S-Q6unaCg_>?he6i5AXMV
zRa>=x_Sfz$QukEu+_`6_`^<FrbU#lbST5Aw194+Ckw6E){<%J|^y;2@q=Pv^<LHb(
zz0EW=2-i~Wx#|}E<>*#ueL}o*4YnhCL3U;97w+DvhcZ!<;h~q^K_d2z1h3Ca^W;b(
zt!+!Iex|Cz;jGuPA&q}}RQ;HAFW=pk$zl55uG8|<wW%xFWwD)yH4Z{CD7V4;`A$S8
znZdcRehyHSr@lXwar;GNRuxG|sQdf(PUes=s;(mS3Y)KVCP30N+@0==MB>Uv`v2Z%
zGJXEYFg&2{+rTfvhnq;lz*%V`TR=ctNN5YldAQRqqPLUqU;I-a1%V!Bwses?ghSX4
z<P)p1H;_=vU@>+$JPZje{EhHC8W|cH!3vlPID{@h60-QyJb3k4o=EAtbt%KxFqcOr
zL73X(x|Bo};m@$-(7sFcOg^K_K~4W}W-c7|L17NfN;NkDP->KBfJvv_(9qC}O|NrU
z&2<I-Go2P8wX1(S<ix9oJ^KJsf^tI)uuPQimX~b%zPQP%7n>fVj9m`K5UrH(?6AD!
z5bWK<o82Bqe@<#70)Uuf0Sw^-i}~yVu+9O2pgV)LBpJMskr7-VsWScwy6!(eYQEj~
z)BhVf+SB2og*gMD-YW)${qy^-AeT^-;WQp&;^6@X4QScRi3$1d3_5nYVRDx#RY<c4
z$W0%3DgdXEUY$c=a_ri4iPh6{(UQpoD0cxtX~0VgC_u(Q$(TQ%E}KM={GExU`E7#J
zJtp)^JrjSacNR`>CGaFefo?o)YzR$(lp4#y3Gou%pQE;S_Nfw^YBxOSW-_6wSY%Vj
z<NiR35Ja8*GD_g1z~+ko%7#-HitqO7Ez})l&*!3Vik_VYNk*<VF&d6|D5`*Ogfs8A
zRL$S$`8!++zB6$m>N5ubrD3QGao*8mw47K|Q{xXXV7fZn|M@KntOqU5^C{)tnz9B#
zk|o)=WY%sEySM#KFSdAuyat`lOV^kOob6u`LO%Nipio_emJ9(Ys#q<5{?O|IN$8%)
z?ne&2M<bBRy<nt&%Wq+eN?PnG2?`4^^Z&4_{Ax(Nv%RgdLWC_vv>aV%i7@C?U4($I
zU<d*D;${Gbdh*kn2EMOG+fZm692C~Dtk%tT>jpjDJFz|G>ebxFww=C{daWYqH3IN~
zkB|k(x#O^_02GocFE6j`VbADwfpSn-S-5cN9vb^dK`q~7s}|gqXWocaDfFl)CVI8s
z@-OG~$)lN{UE?CHgn)7j9a3(@D;LTB;Q}DIcupEO2=L!4YK9H(AxWEx5x_Kd^gi>2
zOw|eCE)l$FQbzNf+H+r6MY@LIjJ^ApBz;iCq_{rp4x<x<S)Fk^Io|EBvGb<&K6^7|
z<&Oy%MrKHwV`xu7{?oKVZTTD*1t8k8%=n(7se&rAbl#HBW)C>LF634LvmmxN6xr4k
zK+w?nbg!?-Ob6zrsi>$Z(nbE=uy*due#}(yBd0(57Yiiu+Lo6CR-GmXp7jP1x1hER
z>-vzz1VO7e(!yVunC=&%Fsmpcfj6+#5)~S#^_#c1H&$2tW-d=-YdMIpN@{eEo2Z32
ztUxC(38*}kSY}(Crm0Xa$(D2w#z;<J>lY@Evs!pb*tdp9=)#J&I)QWB`37LgkASd!
ztEmY!1|q?e-;ea?xLRD%YRL)^QoXEB41&B~X2U2a_%d=Ucn!D_VjDkd3b3?r#*+R1
zf(Np%3jW}8yEJG^PEMXKg}*O4UDXfjsyAiQY><`^ktGy`<#3G(rJ8@eRHr&sMDoB$
zi~zE#oJb1&isVjXqA#+0VjEf?lR|CRwkq<AijshIK4v_Rlv;08oGLJQIs~#r6bvWd
znUBENhnG`MR)~-)_}6z}7Yu-#wuF=@=7C=Y3`WD;;O-Y36zwq@Q55aXB>;JUJt3XL
zcEZI0DITEgvYf)_&#`DuqqAQvv8fYLZFN+!V<rPg+2L@G1SFp=OGa~HTfC<VmFrO`
z^KCIzON{ylhE6x920iQug9mExwGl$TA9AWIAjtT~(?78PZfM9?udZujTJDnT88l@m
z%r8IyLkU9hP8ax2EMh^x<qZ!{k5Gi!^-RPYX$N7iprJtpKV1m`JW2VJd~?E|3?UBL
zoKc{`=U0hll9ZAZ7Ln8PQ$6@(=0vllN%B!n97gkBhzih0k%vD4uoX_460Pe}>8Xgf
z2x4i#yOsA-p(|bt+Cl;lBfY@LOmPUAJ&tB5Yyd-8f^d!J=Ul8(h@edFZ7CTqASzjH
zzd0<7UtNfA+41qSJV2PpL{v1$W^Pv0d9eQ8v+H$@yq{(;8X&CRkceDWkNsv<6CNa}
zy)5MSE5M$OQP0O9taL2-0{7iqyja}wP82xD#PN}-l2J#K{2f7P+O6%H!JNYH{geq{
z`=)Hs2+7KP+!h23iX^V^PS3dK-QP!O6L!D`t`!lh_e-iI(1N4Sf2_Y)KCf8`2$eEs
zs)U$;wKHxM^-myG`7+SgXVLC<C44lHNy)9LsR@3`P9g+WR#(^K*-yBQ7^q^Bwr3i~
z0`c?{=5lr;26u@FXPX-E<i*n%&%|Kkk}-uuR0?B5(s<L1b9ydS9b}x2C3Z2t9#k*A
z<xqY3VmJe^sekQ(A(O9$?FG)ff*%=vvG}QU1AM-=@|oPX>wi;i>Ykfo_Kqy3>2eCE
z0_L{37Q-y9L_%c=c+@C;sx#Yf0ZOoZ&USHxBC_c^mRNV9*}=q=l#;BB3|`1QJ<5rY
zXhz0r6BtIcpJ8**!#SwO*A~0Jmi&bsac3OiA##4P-jhDa&On;aOF;oSdz)hKOIY;n
z$UqGNr@M)X300+b)A?@88MYd)+?#@_HJ5BjzF0lT?D&@t8DwZ@0eod~8aFrhH*o}_
ze=`Fv7izp6;DL|cDf|qWdv9D(&VTaH9|TgRvDJAY5({v4st!Nn%QIfZP`yd|v@U#U
z!-+g~OCl};vH*e~DS)DAW_*-!t@h;+>eFe&p4fI{D4y#KRt=ujE<w+29j6T-gKYh9
zvB`Yc<0L8+n_kNU)svbjrBSG|5{<{XXW@3PQymc?%Nd&bd$as!>5P9d2K@o>s46#(
zxf6W!EQ02!qCJeYAOLhlH2~i&GIHz<P!e9-#*x`RlPd1pi%M=`9dmwbh|ODruXF(V
zYtpjecSn=iBKkX8^%VWJX3J;2A7O(AKJp_sgV1-MTsS?R#aUc*45UNDR3#!Ed=Y=^
z|8?D-kC$OsS5~Xgum|I=+Zo3$Y5<03iH<TJ5c?Tre7Sjg*?wmAWW4q3clgN^UcXtH
zXEKB2*9%k#r-~{tE`1sDOvhU-ueY{{B@Nw5@{_2>Ryz(egngN;fprcpH-nhKYG0?x
zj`qH3foIBmcUBedjN)U7htL_qQ!cxF0bxkY)mVZX9;awm@Q^b<eOQF5O)-tSr(;s%
zUc>p71xq-Wf4a0f_y+gZK!p|xY9c&;r6DvlG}!CY9bMg0hw=OBANZ<m0=lB|xa{P@
zeV^O8jbG4Xql^@Roj|!c?vK=qL53V*yPK>*vF_ZM!JQJ!{cm01@HZ=6QlC6JQ-GSn
z3cdEHQ$Tau2pVQCzYAJ0duvSzEl*QxnFZcHDFeH!JzE;bO~+$hXY^)BKuT3W)8NnE
ztgOW-60LrK_@)3Xm!*mIp<HX*CI8=57R2JG*-2}}W=pF5Z{5J}40>IgnNt1l9<3se
z(MAQ)6_<B&Cz$SyyS!5;D!XY9<Oa1tc+>CS+^u%8k6gTt2(wF)azC?nefBm0)JCX7
z!Qavn_2$J9YRto)5?<}@lRMj?sMBOX>@Jho3d#irh~CWtJ_!6QL)S3ONRoP`ma|JY
zI2j}TYXpsF<1q>RY;M8C_OQX-Y`|yHhKc4rsk0UHCeOiWJ|5@)Cd&w&qvmHe=B81A
zJ>0Xmdau-eV<pj=SJs0Z&noJ18+T1YRF*lm7-##i7U&!0(dXyp!t?X<8*=9%fdjrH
ze5YtyqLA-?9h$YZ_GCIbI%AcUi#*(|0>y-@%taziP7j1A^FVqo98gS%`nWMl?(tNJ
z5K>DDaPNJO!XEp>YF@R(m7&+=gh40($HwJzI<+nlE9E^h@?C27-?Qto1!g?ux6eE8
z%MQAYH8mF78%~#gX0o1v01n-nKMay+-3P40R$qfbYO<m^bGI*|Xv6*_-cWNlLPOW4
z?AvG8fc<R#9q!K1HkHEK+SsO}9@FBhDx6+xK~JbfnP{GNFJU%fD40aQB$-gM-Xoe!
z7Oj3r+0*A}0pC5xopT%@MVs~`Z7y)7)<6RcO9LkfY`Oxl4jDD-OomOFx`FM#z^U=K
zq0D9;BxaahAcm2kT~bZ?AZA4V`^)#-Ddi#nhin~@u8}EYH@<|sVQuuF14~&Y6$eT5
zi{mF(D@7=#S^w7iKT&Z>N$1hpj0PHV2dyK9%}7PC9reYC+Thfp&6SN)1_%we|Kw2H
zy_OP58UYWS7AQwg>fGXGrCdeD>$MV8ao6GNylQdXOiAXta8JpDBUR0;gu9d=FG4k@
zU(iV$JQ76U0TiVdt0Vbq2D`Q0_=dIwtkZrbtLQOMUd3t?>LO<lxex1|Lgv%E=r}xW
zY@RHLXYU`ob#{eruGiaYDeDOmzg=lsUHAkAHP%6d&mM+bn)cNal*Z%8ZR{bWPV$jo
zHPlIMOH9D&xG(!&Q-i+1Nf2g;tzlsJ7mn2$rf>>nd}gMz0D;W)$3hfJ9FUg!?^**c
ztP)u6Bh#a94<{}AJ~w&Gy>p$L(2)1(R~Pe;Ixpa(n?nR@@;Bc?6g3nSezD|_zN~Kp
zl2QtITz5QXjz6Qaf$3VYKmy5rtujApa_Z7_+U~Ox=nh7k#BVP)vO{M5ape7=utLZL
zg9+-FrvU$RU?&9qz411G8c2B0oXNiBOR?-jEdQMf?VdH1!eN#ERV(}D`>oa>*ehoE
z2Nwm~yg}CID#^azLDGdvO4$Ng`}Su&1D-;ty~?a`)KeggvUho+tO1K(E3xK5Zw#CD
zEk4ED!&$F{y+A0%gOi6x`vYCt&O<k)N@}q=&afHHY#Bw~@4tQU4NpFsHbLzL3m6eq
zJ@vdop^mC5uzvDgbQ@?Br~7BdL@IJo%c%tw&s+{0uS>~H*rwXeV=X2q)lCA%h{F`O
z+ab!*I)LK?((KswK1s2J)e}z}!pTqo;G)nA4i@A7`t|GGW_=Ie5mN>vU>*+o$8Q46
zDAB#3BcM|Lv|-h)|8zIFuWT*7A-H8*41(0Hg$xsy1C*x?xJg5Ry{AGzK%nY+&TRqE
zec8;+;s3J&*wF9Ak7ciW1Iiu20%-WZ&RyE%Ova_86pI+`u$t18AH!VNk$!M3|8|UL
z5K(Y8dpG(H2GJU|#`k7EsU#uT&jLexTHj*_0cb`uG$-|kuM~n#ekzDfcazGc)9(5R
zwxXD4fOb*VC6=%xL<s7}#LblPLQ7wq+>4t{%WOSeoPtuX--k)$0D?YJBJ<9|PEJlD
z-4_E}g~nP^R?=-Y%Qr(u$V4GA@G)*>8EJ1xhLS-rm~D4JP-pV;+&QtVbKzH-oMbJ}
zOBfdZlZLXs{=1L3_y8SU1=A`d@QhbM1a$*Og&76Fei=BG#`0eF_E1Z+*UItzrwe=i
z`8}w+@UJ6`7U%n{f;EaxE$m}Z->z_fvAtn<RdV%YSw)!$u)G~7Bzhctx3nCH!e=Kj
z*z6*?(r~iR%1~b#xw6l7G|DHEla-Yw#QB^}p{prI5fCb^Dux#|9Vc<3R>B&D8Li+g
zV`XOC2*j_EUBL-0EUl~t_}#BXKQ-}m+mU_D9G1lpE(Qi07hs)|!_dF}S#&BoDp%9i
zE;G!X5BL@!gTd_meRJyrW*I0a31OsYZ=RGB$maj3wF7lP>oGKtyxz>uK^G${;Ne$u
zOS1m>TVn|OK~|aZg3C=d#X!P;zV-XCBs89dMQNUeMeoilD~(o9QHr8xF?G6BH+_(J
zeCt}bYNoo9NsA#ve&YTLaV8hOJf@iirS}Z5Cbm2bTme|x-dcZu|Je_$(5c|0&5WbK
z?;ILP=mXU8wqVHEIu+V_HSeqw`5f+hyFtJl20ciG+o;>fmX=hk0Q@jkSg5E4)U>xW
z3d)}oq_FkuAyntLcXu)B?fOm@1x1fdUGi*{j8=zM7neqkaH}!&4zMKK#;9|<7K0((
zr%~p=`Nn7}4>0i)Nq0IYS}h6e#n*VK9qxGQdtPpKV*)sODexiy7Z?M=zWSysXHhSx
zRh7x{8929CULjhp;@PRI^MA{M8>J{i(_PA+$4eP-XG6;s6Bps%KtAeUZ88limJ0TA
zf81+7>M3t3J{TXq5LjU9Kw4)A&Qih@38m=_>Cl0LYp>ti#i;YVC&2jRlUy}bUS307
zy*Qf82#t-^hM$lg&(6eg@0^{nXuEqzDow-Ar~m7**#-?fTg&!eq9`{W#56G`bpcm}
zMDma1DMCS-sVm`YPZYJOQ8;*7Sqb3SS~e7%1__{LUE30U1|YPqm`a>SUdq$Z2asqq
z+j2VRB8MS3fmB&2*7l(a4HG3j#ZNu(X}M@htkR+pGSVSm`pl7UZ(0Md;c58=kRVfj
zCs<fl>(vqUiHgx42ApID7)>_i8Lh$XnRxDwjNDG3Bp<3lQcK#P83SZNM!`_Fo|wCx
z=laU8dL)zwsvGwgG6gaMNkdp2v`KFFRiZ5Sa<M}z0W*`wFuY1V!fleJz8vKA6k!O6
zPbB3OA_~4OIZDTii14K@+ui6^0p$lb9+w)3guKmn%MIV*xA-QHoDG?*p+1HQkQ<8r
z-h?Kk_w@8krzn3lD=Yg)r{Ae0=d?anH7`-#4p!SG%Q}(%xVK2WrlBTZ2w&syZ{M1W
zgt1dNXV<$y@O*_7gXmrQwi|**B!@ZQK$aMDcyw@<{0pfdIwoeG5>*@Gwh^i7WfKNE
zdMVcPKX>}z9`$d;mvcS$FtD%+sQz<;f_)wjzAk3a+(x#ZjkxSrIs4))QEHRT>>P_X
zy^E!D+=N!vQ3{&w!FHCGsgmyQn6GbUMwXfszCgl(zNQ%cpR#c2r>BEpwk!l)wr(~s
zly8BF!BY>@EG5NlFgx$kPN?%sl!$g|+V|gy2wo1Nh1KrL4aLR9^}xWuT>csd9}NM|
z*3qS(1bi710B)vgFtIg)s3(q8yj`|XjW3@npqv`n&Tt0*!Y}lr>&(1Vvj_#E_O_}3
z4l`K={qR2a@cv4Der^^D8S|s?afF6H51FF>aDJ3qMaJ5|iwON;J*n$P@!?z(D00re
z_>RjJ&~T+Z6#4vLm66GBT)_-O6tTZR$U7%Sc^DxU#|#vGZunU884%pn`ghdwoSw|T
z%?%A>lK@QqLHc(dq`%LhM+lp=$VIbV8IBM4zCYHz9VfPw?e{`vKmAgtC!h&qEI2JJ
zMCt8^NlE(fJN54w-Q16^y%T3<>I|EOsESwv0Bdiy8$*kWi>n<#zK#O+q{_)ZeV4cs
zDvYcggj0xkUyYb>?q=&q6%-X~yJu#OD-sjuxooZv44KZL09Q&L{xrl;9l_YGi^>xy
zgh-4(&^-(B*1|z}1`@?9pA+qi8H0uk3QYb5h711C8FYgBAeQjx5^evnR3~E>cz$UR
z_9;7QZ5k(ozt2Dek_^#}mhnDKy}-!Oa2n=P{m-92pM@X{Kcf1EpMbTw1;frE^dCuB
zMbc3(Gg+cE_SiXna6S+Mx`2R!12b%3z89`fCqbklBNGV;7Yrjc_QfnJ2Xe=XWM){r
zVF<Pv^*h>3_MqQWv-7k@ARXiVN!^g}p=Y_fw4G1%49^=*ke`7HTFY^O8JDOSj9Hg}
zu7*h$Pm)M@R;gJiJ@g}x^M)}GpjGGRzpPuBRiBUH`r;t$zxy?f+}j-0*9@%=yvv?g
z45Qu1d<4e(r)dzN0pnnwRlysEBg{%D*)7aU)8-$`^8Gj2)NYeR?p{kiQ#&ZqqH>7o
zvfkpXByoPJSVnsK&)k3wk-k`^%M+Zh3Iw<S&FuCP8)dkXt;P~<%*d!70eEW|I5L=P
zhMnXE>{nM{XH_3)ph^I9`(#m@hy$=q`hefwfByL53uKWxyv;9R$lAT#T@&YP9Zn@x
zMXCm!Jn>YvMoNJy;XbFY;nG$owovN4?H+tBpX=KLVq<GtfyswI{~g`^f(Oh(iW)dJ
zCJqCl(FuTt$Zca|6X8nG!sU5$jz>7Y^~#SkskoobBrXpbK`$#oaiXefs-dDPE;!}5
zB@u(30My2Z3VA|N7R$&021S;ghc|$72M$b3QIsH@{m1d|rg)(ewL<XW#f5<5pnrNj
z$HD>|f|@E7YgT>_hj@7_lRTMGGlAs$n&)Lz*9v2!r}S~ex|1S1hG^nmS=2K&gN|F&
z>`AWyHw~aAOumAnAK^EH==<wy7Vf8u_EK#ZY}oq~GIee_Ul0r1AqBrl4nlEqL^qS<
zaD}HM$8W0lyLM4($@iaOVPQaJ-Josj*?H#Qis<g&$R8b^iOM+ghS8hhUA1hqQ*SPT
z2ex&a%$IG6h?;zfI+Me~+}imU$E*u!QF^&)ullq$l^hjASnM+CeWRA^`~Kz(@O|Am
zI<z>U7r!&5+<gK@9s=c+DGnL<0zh{Zb&U@{Ch;;deuH>uG?P1-<PnwwmuO--Ln6Dy
z)>8OK^@QmwX)$M@r>BPrgle#p)XKkoOJ&(3B-9M-uE7F?gM$TO1OOu0K?Hgk8s`2`
zQJIsxv?k#5wv|>?L?vq}6wqr>@%~jaCaSBG7-q@y$CmbFwoXdQFt$29Pz2p`x5K@h
zih_aygbKiyzdL-OPoSWq)9(D^W=^RB2h28v^w`8i`X5ItR=8`|e=r$pU9_PDuyj)N
z!2*sgrDtz0hww4blb7gec_hFPj+d90r#YpAyX^=+ZVl<$*(u^^E&S)tY4C36-uK*x
zW$QhJZg!UhrK1`k8!2CWC~Wh%uS#N}JZ&Z@VR`je*bk-a8=dKQ$a!KEm3=H)uiw9a
z8xd2CA2}N_rF{F)XggH;cI^#x9oGQTzR}Uq*qUF&&WD?NL?PwF9OXzTaVZ7G#C~!&
znV&4KQ-3KXC;ocLz1Fnq5Y+K1Gjewi=G0YyeWNVlt;y*zX#V_hlMMTw0ko8q#T;(U
zq@<)y5F%NJoLS>&euH-aJ=FZnp)&uE5}jFM3jcG6r!bh!InsLwBbq%Z_V>N?0gfx!
z>R>`Xc{Ms3hS-9LQXe29)Y<;?=-R}r0DyY|if}3cQv#s~0xTecD`B~(rw8}^JMJD(
z&8_5kE2%O$@<iV9!OKO3_=}M!Z#l4RMqi_#7+=b)#L6`&U-z^a@LNpVt7yYzXc#Bl
zm6ab)-J?Yvq}5`sucZ~b+db}1rNF@&);%D|);IuD6Y_`jpaC~<(r(B^kddUwu<!k0
zOu)jz_Ga;Ue*Fg&{Yz6H9nmbd<rR>$!_bprc(}ah%;`63)fS5y+d}!&zIi|NWA2F!
zh4YDVJ?1;X5tAmqwrp9CMAW4<LCrTX*1<t-U?wW($Z)@ovH-aI+g4UqQe+a*uv!L2
zu~0_15!47pH^7<;Jqzm}al4oYPpUhHg^G)dI|7`2C`!7=&OQrl^>bna3C{~dk`e02
z1gqs0zS%Z%YvhtWGjY7a5Kl17W^~&_*us05&H$0Aob%NumFs<LXKNqS25#09g7*^+
zihxv2u4{ng82Qz(9muYu72>@;o<Dhf_-Q5e>)cqJi0hTrfC*;-2xmagiup;Z1E9r@
zn|HU1#M_BUNnbB-PZrzb;^Ra8CTWQ|b%CANZKKndvBztb66}lOl8jIpU>N-F@U^uM
z_(d$FAReBrE*(cj^JQ!lg0zCnqf?L*GjVPXJ8{a&A}S$|!#y$T@uCcmwk*vGFqC0C
zeU$00_vJeN`GQNM*a!;?s}iS}n40RRF|dUt#l})Asi{riaM~H*MN1ko>HbFn5y-Zo
zc9eh{q~k8CCCt+YZubNU903w{6&o;?Y@ZHzf#-8g%Lf@)CECMk6e?3v6s%owukaL6
z{l%G?{XO7_{%DG(#8A=5TJCRIZlj}qxe1TBjCFHQhkS5@<^5Mp#?Mcx+r<_TCiHL6
z`;WXLoHyTXnAYOMW5=~L4JnFSxj<z@7RcBTCAPXHudXAvEf2^QZbMRCWLr=^!Am=_
zkV7Oc7#S&ZAE7CGT*pj=OGs3M>v+G6P5m6a6V8G}Pp7j4EM~4wLRwQzogUi{Kg0h3
z&l2W4Y?&}h8L`&NYm9%l0XNi#Vy0xz%xECLzppbHpcobw7H$)_r3fRuWq&ZbrKVL>
z<SI$?&j@^Tqldqrw&ndd7y)3U!!`A?Kxum+LHja4K#HPO5J8f!K0H2t-^wre{iC!E
zJeYfYGu{FX8=Db|8L9`i1BqzGP!0#72>wF_0w0Y9`~0Z<S1#Nl1yi~QmzTACQ1taT
zCU=2gJ1nqO6F>?7bk`qM!LNYmfF`ncf(`7pL;F}65C#py3-lk8p6<>fh@*z1fr1Nw
ze-Q|LKnHdM3MR|*pYH!ZU)~6?IFs0ykem5}fR~h*yl9oML4bk`1SAFs1_lO1VW+L|
z@yY+Z*ntZLOJgTz2UABzW?;Q%;bi&>yfJ;{;9&oscQFxmHWtpW%wM@U*x6V)zA`wv
znD=X0I_?ahzIJpP_0T7~(&C^vZsIT$su(33tM}`p9Xuojz(@+yOVtP-F6(Fe@HM+x
zsJm3+x2S;^nR|FVxmAY(z|%454b6<{-m12YW;Bszd8<{&dCTiMV{eb6$SmnUz0++Y
zymW0xBbFMoUXQNFuaT9)FVa|SM}>J+&MF@)pY1zGTnpV?R~lRUz1}V_QPkE9G&neJ
z?uAE2Ic$@jpVK*nVU}H6^)bpLG@A@u7c1P2YSWTW9F%QVUUh=4_&*m{4;;~+>a8W0
zd(@XUdFuUH>&%q32|qFXTH(&bE5&uNADi`^-ZErWz<T9Hk&uDn^CbPeBF4DX*9ots
zivFE6ovR9Fy3BL=^Ns0FLm>f_^OIIHRlV5}mer)QmuLMBq97Kyh{lwXqjuk#3n9tI
z$D-AXYt=v5_d9KGjTJUF+R~r6VUc-N#5{T2FYa|PZsDXE%+kHu%NBtH=X>%(3}lu5
z{>Y#ar|LDI2ty+bZUU_<28L^LN7{T@VyA+P$OM(U*VDKp`p~G_@AmqM$O`)n`g@+X
z9Vo3YA!x?B9N6_ui!Voz>dwjua*Wasj>Kid1gg)wGP$#B>2Q^Syxfc%8~b9fcFePb
zJ>Q($bGMjgQ|C*$v8o9f%}Nyw@dkf#q0abx8SSBxs{f}UNzyD*JJf1DuOxg<_$_IJ
z9q~)WO>tcGc&7)%UDIu^9K^lu!AZ9-FTim|ar8aC^;%;`q@hrGgr7cxo6Cm7c#PcJ
zVb=zZfY(zz$XKA*JzhX9{a9Hl>D%OXzT3LhP%(2_mRm~SV3NA}t#R>g9A#uGQ2kAs
z?aF(pZ$dP0Uu~ObpQ)etJv-|Yy31{c71ynGL67L5zZ84F#$azkODUDzpKMI1<H&1|
z+gkiQ%6-P)UpJ~p=(&zHzkmA@xsav;RqJ9HSJ)X?_}k^ZBJoqtw6H0{^UZzz^)%&E
zeF)(w<@#@xf3d9g2Bkgd2P#ib`$~qsByYv6;_(e?Borqndq>TxMg-QTav1#esc?Bq
z!;jn8cr_W>*RV0zd$&I1SZzx_!$m)CNNsNvS7QqJR1~ypAD-_8bX>mDsh9V6p6naj
z#-XJA(w}#QjI19ubknTB5<N?AYp?hUseDNCCaKbq5fczNd^TH!pXkvbcjOsVZ>?Ip
ztfIm8E}>nyC}0>*f)O}VrklL8>9DT3k!j7(wd$}=l(}Ieo{X<B22&~L-Lx_%wj{@y
z<XU>qF%)#%zLXSWZA;>A+>Ho7ji34Z$GHUOTGO}hc%4;0j~?7>gC`e=+;;s>E(|Qb
zoz~V&pI<>3{K+p1hI2mMTYN0i5}?0(bYZkCKYr?M`LR+LTjTe%1C_*&vVo7F6K{@f
zOZIjdajF#({8VF`{zP_~Rs))jbhgA9v@Zx1BJB`0|MU})g9<(Si_2qkdAb@u7LOH<
z?)7O<u}{xl9YtW1@jims)ZFDJn3Qw6F<9=gNy=$-{=?8Y`e-Lc(sNtswY4XMiu!HK
zA^7}P)7BO~#4NQhZ2zWHqdPGMY<;QU$=;sk61FG%`L-n1yq<;b_~Y~rs&rHr=fiXN
z#=x(zS&mka!-B>Z=f_=yP^4h(Gq7n$j9)6wjvH;T(#xn8=A>R^<?2vQ#vLY*+6y+=
z%13X~A#m!A3syo{P;O&Ff(RF#PCO`gre@YiRF|H?gvBwlf4<!)%d?cQik<Ar^2Y8<
z?(&yzn7th7d4F#XE6H|#!EKqzM@KDTpWkVvDp(&xnMfz@@!k2JQ8Gn+91ih$&=8|s
zv^_gupTX9)m>4FWxyYF<J$m+XQh0!YE$JcX2?BLCLOy^E_N;rX*0!o?#X-zJc}{5K
z;7nKKQw$R7&Ewha(cRx^r`CGv>c&5OYdV99#HGl{4G+nZ7_V<ppBWE0dUw`3yrMG5
z8lFI6@~k0Mt@eTfb>y%w-w1!^vqjd0p-JFM92M(c`-E#XTQS<CU#C_1K9XdJg))8h
zCb;O_kQJv~+_f!wa~CU4IUJS8ZDZyXTjDHSX|VT?Mjv^cdpYNK$Fvyf1TWGskbYs2
zWHz^2wvc#>>WiVO(N|TR{nJUHst*mb4~g;>0VV`TB_fg7A`EIz8ZImcwe-ke9K$f-
zx8aw9?s#}*@G2&<+(NDr!OwUIibbX*^u&@BxdUEkcnF14X$FNe3PQs0rXDG_R|P*n
z^C-dsb2KawX5}fqM^jL-zo=Y2MlT1XMWA$Xztn`|r1SjEpZIH`KR<wj)f1R$ZJ+aM
zk|lEvkHA<bR6LO4cTe1_gl7!VBMJ2bJk<>13p|V5C+a@(DgT)_6Rbg!(HAGJXq|tG
z^|`%)`IY%^Bt@LF0xjsD@b`QY(kKSu5eQLs^%4U#)99FTM~3*t;=(vtcXjI`O+wE4
zo)EtLQ?kuE8ds*=H)Z_FXvo-&oYs;>R}*B|69?fe7@R@kVULY%ifZbDyaz>iBv0Rg
zj$6SrF*B{i9Stul{f`z+gxVNw4m53_0QE&2;ZQ<&2kX;M%W$~JZd9WgDb#`$i!Tbi
zTF%JEn1(!A6quS6Znfm~nZ!Npzdkz{g1ZYV>mE`mH&E>D(xruqAw_TJ!-y64K$<8A
zh!zupw<?m-K*jtL%~i7u{XOa2Pmva9KNT5=g=+<|`ppcNygisT)0Z@#+SZV1uk;RF
zAo{d`-GqjcvYgD?5?jZmsh8gm=_|NeU95?2mru7{7p0)omLD}7_*LHaR{iW3FlqEH
zKmV65z2|?b#JAR(SYl~U&l-*r$-m;Xo?57&Gj6dPMcCT8LS{Z&*9G#)OG&UUqUhoL
z*5>|MH0A)ETMUpkAW=lld?9tlbqKzRsE5W80vl)|O*q7N+2MSgMG7hH7hP5SGlS$V
z)Gbey1Lqd^fCkxE=m$4f?hiv^N?t%CLcjt~PHr3|_xgjl*hmhh4eALL%K8<F3tTXo
zQ-T!ER2_4TY01Xh{S)qB%dDwnB6^Kv?)4!j_f*<!4->#YO6pI({hL+d?TLNq3U}nz
z7n8GS^?`|FfbhZb_xEq-#GefjGcJV8gFy=AX-ul!BI5QBc23`y(xKm&#)eCj<%}W(
zKSxs~^<Zj1@NJrNs?`%FK2oJ8^dewEvR%est0HSIpz5w}K^IVWbu-=tRi_%|XnXA8
zDvhz2Qf$hSqq3G65$1<;B<UYwKxShZ#532kILXAU8HaY;F@ECyHTJ2F43di_;1pK|
zDS_hCL>!;xuz$m@pti#<Jr`OseyR-89L1;eI5PL)tad$%8g6#Z&j|A3fuV@Tda&ds
zX`f>4k-OxiM}&j^Ho>eGA?S`w75w8HnaX=W>gS+3{1$Q-)EeKxb>tae#a^3hE6cK4
z>Lzo}j6fzNoS5Rk)6*Z`+_y>rN-|=wO!#WIc7-T<DMpT&>iexTj^L`6z<YMONpwg@
z9%jQ1G<gYOfBmaZAwJS+=O>K6Bt*z^R<6gfL&Y?!<DeD9j(y=>0X{+kFVnT)5CIXg
z6K~BGD(<L%l<BuYhfQNHl)6(KO{4_6Px46+)T921dy=Ca^$+A<13K}D-3n2_l8lHb
zZEP_G?D%gH8Dlu9BvY_CYb;tb7&(@fCS`^tB?<7@XR&j){zd+gxuyRll9>B^mjmPH
z&_T4AYF;v@{y94p@jfOf6)thGlKrsgWcM|Sq8CTj9Ht*S2W9w~=bMg{t3L?r5gt+m
z?81_}B#dua6CZpqBodx(YpJO93r@Af)$3<`JlA_jj#Zp4Gt{PkLc7)2Yqwo?e3vxY
z_!V_zdcVz9PswB?gH{5t@Qwafc}>&iNE~P8eljP|b`EimWv%PRy_>^*D`K|~MOssL
z4CA>#8IyW#nAjxQ+xJ5x@tY^?K>Pzc3d^93yadZ;Z=#D&?j?Ir{mn%G)EnL$QO|L8
z7-wU+Zx!#+FjRiPVODevo*cx#0KIwfm8JPlKSJscNTz`rcRNzAp%8eYEsY#V1wGuI
z&)KZkFMY1V!%WXlmk-%oZJ&{{Gx7Dj_b<;cFMl3-8wttMK#gs32ah5Z>iO}YWzOG#
z{5esuW#&NgtA`SAaDrWF;3x!Pw1z2PC`oT?RPpT@(*%QBJ8QkU>VjCcsV7)+Q$>~S
zL^hs}-%rlA9*Zt_waJgKAIBDQ5cRff%3qF@Z0guNJYpu%K(Du*X2)-O&T}_2)(627
z+&A9!O3i`~<ySGJ?!gxWE$`k3FC4R>jXv!c_^<A>!&IM`?C0V&%}c*a4ciY`(c6^L
zSmXQ=r8J^15hYEhmfj4~plv)7a(NqB37hymnx~Rk{|>Le=_<diFY^-hcs>3OQjqxs
zBL=fb+>8JMK~n+F&;Pw^#LOWMFuO4^v5GMPK*Im^&c!au^;JZOja{4**dK*NK3t<h
zjTM^}Ni^?Cb+&|LSeJAo*Bh(9xCW>QHPt+tr#pTmmQtUk*d!n0yk4`E*W`xlPUXz-
zr%+p4&Q*)0JKk<Bn^cisIjuup$9u?+gm0f+4!=Ink8f{e`_9e_%Y~Y4u&)?yY|!2H
zZZF1MR27HL^AuvF+|Q~muG1}q_O8u4xVsA2#2f0+x4JCZKI?W0$jZd0>}|WX^Xb_R
zc5wY5d~*4F7V=7-@qF|;yjR<rX)D0b|0PDAA+@C{xl~uH++O6{#$D*Xlz@3~RI-M3
zT9M3DG>7l$!u+gD{rgiHvoPO$G|u`~D(<!r3*x=;%0@u_x4T!v$D^C#)RNf(9w$m8
zVkfKg*0<Dkx5J(J)2E{<%V$g6$zb0#TeXwk@jOXoci&Z~(A%q9!&!khW49Jfjq)F*
zb#0qFQiBdm4mC$MSYg4Vd-Tg5^N93`8+80J=||r?Uw1Cgs@`{QYTlP!UumR_9`ZER
z>o?g-t>a4dudArbTAT-7b(iMmxY?IYh_HydUD{8O<reYr!Y{w}#g7dkt_odOzug{j
zyocO3wm(fW`5;z5Yz6O++QkUc@lOmc>Usu4o~HE<j#p{kj{Vy}xjfm6y*y>%<AJ+1
z8eBKOHo9^>vk@uUy9gb3dHzPDS+e)zfCUF{RU_-czCF@rM0;^Veh}tzd|qhgHUqXO
z*I4{@oX6sO=o!;G-TKDJWDj}=g7IQZtjf?N>x`dpz?!5tCt=4+lPz+n;Y!SSR!16}
zf*Kjz@yz3E(Fr5!K1+^!eO|<z<(gA3nbl3kL-SH#jtG7Fa+?d8TBnq?Q}9(f#NLP<
zcV(zVi$i_0b)&K`!}&AQ>0cQ4qX$QMn`uE!-7lri&Tj!Q_c~b=?lz;?eFl^d<?52V
zKI84WH@}yxJMPz*l_eVPcVJfMSN6391_lr@>*3^y2DWG&ZaT{HTzoOe(i8gElyg?|
z{9s?6-^hQ_it=Mz=sIc)t{cQ3x5?`iu^hw+V-`unon5p1ta9^V!E}^p`xUDkf}Oj8
zrr6HVvtKHHhyJXPMmMZilLsU#B+))z_`uOKDEKrGdPZj5%Ng+IWKar2h;oG5-~5Y^
zcPNZ6qf!ED0K14c)b^ZTx5zbq{irKBn=JWxZO-nVNtwtZW?xmrIm$MfE|c1#0B(!v
zA5&W2z@pi*V9J->Nfi^1(ixYf>6%t#?y!EZ`-f8|zsF1RNBS}TPOYdCdU@s7#{%7L
zrzkQ=2uFx_%ob?}eE%QXzZ~7Ab*P6drP6|;8~@R5%8F$`hss$c9t$gq^-u0fBTUfp
zw#olwx8NNm>4&P+oO+s-?kB3IQg73yX)$F9{!Y)%DW<BRxE%%_KSvcFm?kR~L0+h;
z5~f_9gNgtr_AS@}-D?crOGv%j2WXJZ_LBY0Qt6T)Bq)A?e2BeDn4f>Dj2ME$AWY1*
zwNHhU-E9W^n7X4((BXIFYGRhuIw>|Ci#e96fPo@OEOE(S-eH<VOky*bIH(ap;h)5h
z!h)hW5adWiFoY#UWe#I_Ucz&lUyv%pQLeb@>PbODea_*f@h$t-U+@-bu4sCFlm@;r
z<!9v->}po+*JB|>Bf!Xl8G*%{TOtJH(hU5@GRD01564T<II5YOl4<+AtkhJ<$o>aL
zuP?<VRYes|vyTd=e`@Z9>8F%rUdB{o67;a{a^PhIN{}1cXDjJo@nb<F3y}3ywQ!Ce
zSxr0~?OFjC1_N}7Mc2K#T;<?1eOkNk;l0RWI|w$NP{;`LC!-+>eSoi;AqoiGI@ZVS
zi=}D3d#7gzJEeuAjthf<u8%NUiA-*#aETvJB+g3J41?Ggy4fwOE@XJPgOcoDBt}Rq
zp~lc$@hnE>3rg>86B^jyh)H{hDD`OCW{9v5-(?aYswu9isP*?@k5NHtLg7s6W0PKy
zlsB1qG{b?(LCA$hH`4yZQf(%c1!Kd?e)+@{iD-6|Ld||Blv4GB1&>#c*u?yf2uZXs
z*J+MKS6^p31mC8LrI+W_3&`Ho10YWIHYxG~ewdi_F&W@=Wj0y(4Exhk!1`Gw*-|IV
z2>sKEo>CghFhtvJ$qA$QfoC=W^Tgu(!wfvIQPfR@P5gUvBvEbNoKy&#8l*>09F_(P
zxCh~;6Nr-lBtHo%hS)uZ`NJ(-h4ibO?7uIg|8oiY!!1|^T=MO9SjKWSm4stq){6;!
zMXlPlFp9N*sl8*N-iu2J@au7>@D?=wks_G^;e#QM9~_>q(63m+38#t^JQ5?U;=)j4
zDp^|@ZzsuW|L>8;oXHVa{xm|TEQ8PRGTJsd2XjU@v5ln5qSRcvm`E`#n>w>61rrHc
zf;f(q7BPwjQDY3m^;1&KyGzM`gA*Qn{mCdMo_Mp4ag)Z#b#!VFj449h9(2eFa>4;|
zBY_A$`5{3F4ua(zeEbpDA3e+8S%RSR7AHn=oD%Sj4?k;KJq%z`|22qY#U@^;xWl??
zNhByR+jt~(p&MK!iW_nsws(PV4U3hMO?(0AFoDb%qy<Gf&4(E@wg{3?NG?Ikzi)`g
zOluQfqsA4RW?0o0I9yx?M090yxX)b6!wqai^+<C6T_bJ<K7K2#{Ph+2xq@Up!AtTF
z4>I%V`rm~#zOyDiEGo~qPTFwv@^+4X+V$qcC^HWe;!I9esO-7}{@~k0{N2)gPk}RC
z?`|Hw9H@%3xTl20(9CJLF-|uG{vQ>E9HjATeZ6{4tKi?ST1O}Z#f#z~1=C0qZA3M^
zW*?0i_A!fbo|k|1Y-1}zGFAst{*V$5D#4E59X3TC-HlX;h5y0Cia!w4suS8ha%e;^
zkcDfRh3>0=(-^(3X1<=b*j8D*X^#3*u^dU;LA{h}C%GVtB{Q+50U5UAC&_j7F#S&R
zVwCihh&YjiAS)*Uui1>s$ndESt_Us9$bm3BGouDhn~hdFm==P=xO}_E*w?1lb0?w$
zot0&<opQ8yU1emER=64z{biGGeU)w^iA();Xi@q3y(24&A(CwY$Hw~F+Nttpd-np>
z*24b4*POGgCFii8<I;|yb|ghG^r4mAuWo&Tou{eKb8N7`b3P1HzM^?wpIe~gndrk3
zd-=PGM+pl8-DCfcB?f{4{U=CW;B@~>VjBed`1gMVshL=qK4R5OOzff}|9NL)<rEQP
z66X*W11>nk#J&o#Fxc6c|5T8dK!n4C1A^R$Qj(%dAQ03l2n5Lq0}cESdNQFX@P_Lo
zrs1S)Yv$x?=wJ#GGO;x>C6=-_G&fZ;H8gRzA2#I$fwqpMM1@q`mQUAoBXvyEC?A^a
z(quCLtj(Re6(}%h*3CSo5|91_k8p!Rr6`pdqo#zk4wj#6*q#l0Ez6_i)%QL976(Sh
zM%GGXaxx1eDi_gaGHb2!E}jaBEoL+GD(TczcGrpnL=R-v#lwAHPu+JQ(Be}kV$e}9
zxDM{)g$>J2$HERWI8m<zCf(OjfV=*G_$o=Ur3M34OdL*Wcu)8)Xf*}nPue8!zugbT
zz9y@n0(TPrZ4(J3!^92b5VS@#X}NeZv|9gob=5OE^l7_2SUh;S-v!#nH-6l7!AIL0
z3#ilEDTKwH*8xI-f~(W7scSyiX}VWCjc6ZD#DFIBmA_v5Pa8St__4lV0%RtCQHewz
zb{a_);&$w<C+r{Mc0PkZVkCB-a%RLs2aFD${HG9>zeD+Q+arv-SwLUzfYam{4DPrg
z5W<efXWi(k&hZaFjGjK+rG<lmev$g~fD+j#|Kc)S%|?QGArvlyy%f+RC+xbd@^`db
z^<jZP)Tqr63e=de%h+f<B7-8VIWw<F1$MIhQ`}#w%`zk1cs(h2stD8+K_CygO(a2z
zF<b)HJUqm+bA^0dKRtqY<ly~>ls4G`B6_z^pqymLb5O!MFok?<fthJmV=@m&PB$rS
z#m=(pv$^`r!1(vwph1F+Fsooxm1>_%Pb~y;@MOMted2c4i6(ijt!Y7JkzprH>uyEW
z0)d>Ox(NJ~tj4Vb@VFO+G@*K2i6?g)IC}5?_z<S$n=vc_8t;?_w3)Gt`t{TBS$uvd
z>XJZX+@6at=G)z6GcRsrDi|mS{^O=b4yXRwSxi6|IWBKK(~7f$WH=cHfAP6A7TfhJ
z^18GatPp_w<Ub|@ujei+1z{X?qPoRX(^bnwm>i1kA<6v1SE`8z1j-}^WPuTMCY3T~
zQ*F|;C?0*9t%5{+Wn6FL3IaJ$0-s(2pN6lUSDQ8U_Ry7_*8WLalMDL2I16+-<-Ljp
z0U|~QcLl*&J6X_8KxQfYENH;i=BvO^DBW?)SkYq~=^c+&WL&WVfhv-KvGveM-jnNF
zGB!Sy*(g!HUb%B(T#V$q=`0_V;e$YGB7jf~qmZKdYrJEmF=k9GLN2OP?vV<4z7EFc
zP>L{r3mK^K&W;ZNdP@L$6UHOJ<4IW~Q243DbU`rU?B&DN`kDG^mdOYj<d=v744*S!
z#Q65~JViP|$#Zw?yEIrZFaM%&eQP_yKp-kB2t*hE(T!ykO<2B(Rhgm{^CmZbWQKnp
zLH^F_-4+^Oq1(&P+-G}jY>;2!M}Jh}!zxM$EqcQ?)kkc>1u>Hi3R&lOf41!p%$KeX
zYAO*xU1uNa5Q!GbMYpy!h0n!Wh4E{Zx#h>&S<{od%jsh(zy;l91PBph0MIO8iqv6+
z9mhmGbLXY@{IZC$cbcmsFx|>_x^(~vVA+SFffOJsgOyHbgk<PjqfDCOmpbg(TF+F`
z4ok}-pTaLh2J4I`2-ERFevgNMxKNy$>LKHW7J2?1;}Ep2aHt(p4<g-r4`_pd>}Y`p
zX!yHx6Ol4((pJM%#_e00lHg#>bnntyZaDvIGF=fIs7nWsW?XS=rfLd8%X&9+Oa1oM
z9)%}32owv<Q~@BH`MTD48X+X7_CRAN$`}BFLlzSRiYNmA)q+YvOlfa8-`r)TV{t3!
zvQk1`W7R8txp%dfvI8hL_bQmA8f|k}W;{3o_nw`FOM470RK+1DLCiFJ;sYRTh9VCg
zY7nSQDwGFA9YGM-<HBvp$=0ewsRb_pE|bu1b_Z$rTxnHlJVICq0+oCLhC}VC2zwZZ
z6HNeULTk#Jp3Qh6G=9E1X%>|W8Zsy+FERm)SPE;K3@kLzp0(z${W53jN(6i<p&Fnd
z$ACb86*QNay0|J(ND5~3zl2XAbht!Ds|U-L^u^&%L=!Pmi<I8IyJ7a)oe1cUHeM8z
zfk4*41S!3;c+$0&mqWt-Nmv7vL4b&>?mf;y;mY{m=+au4G+pXcJMXiPj{d&F!xJ8B
zwP}++H#0m)^y8~9ET233^i*KcTsY6mTJTCQ?YUi=v~ir=2kKY&DNo_rHwJUO-C{c(
zN^jpT!|y+VN*F!{>XRF_W-Or^0FHw^zUi$)T{6Yof>lvlt7I=ae<OS^e16{qzjEN|
z>!!NM15$|rgvH`j8myO&FuwU(qom+(?8M7Yr1TRLy#?DgJLdZczDECZZ+SN-3#bI)
zKmFH6WyZ57=J<UHGzh*X%Fo2mZFlnu1C+l|(#Lo5rmVI1qcIg9(74pQwh}5Ij*8#W
zi~7c%yQ;QUk-~vX9%gO!U6y6q|Mj(D;kmb&214+0H5U>@K0xY~AcSDP{oo&8`?(o&
zS#Znr`8tdE$K(yCeTAy>j8loo^Yi*bV@y*E3xwbwK#hs1%QNEPsAs4DrWy~}x!em|
zWL1<0?`vecMd<c+j@s;0u?#h=Up;s!P&i=ntofQDhV9<n+AwSad)J!*5y%hiL$=G<
ztHw*Zx)fBkS5p~VJXILw+-iM(d@k7xg**>#<>%FS8@0zRgCK`$X{SCJ@Wq0=TfGWO
zR$RI+L{KoW_7OKQHtUywV=@y$UeNN%_n{)&S2<Wiy?e2=w#Tg@Y5#Q*YiKHQHiuoC
z{W}>daucLiE!%hpb%6|05d4tzQ^02)RZ5kB@KgkDykyUcq3{1xDjv&)D=8M+vFNPU
z5QXp8FHTA`H1Lq+$G`=*fQ3Wy2;PR{pitQAOW>wA_2AFHYd*{eL_CCPH}U$)TVme@
z@I6*;wJGe2o+lH#efSS>DBM2z1vHDmf+U9sDRO$Omd+GTD}F%nk5!}J^qwr8l`L;8
zC`(VVf2#MM9*$bak-B8=H=e6){`R|y4Ge_#1sEko4?arU#ss|82CICy%VNz`d#jfE
z^1RYIWt}!JKfw>(GYAm5B(O3|d$|Wy&jnn%=C(MM-__>-uG-aCia1Aaab1jna?h|w
zjCfeL>-qxW_b+7&Nsy(EF&daXIt!MRtM&4oJ~s;n6E4lI7VWu~CM5Ic4VjUtY40|y
z@IO?SCMOSUHniY^cuvg_APf=u!<O?zjf=7vdnWm!CZ`tH_4NS$^M`em4eaQ&3nY-`
zhj1amNa-}aD)G_V?nM&^IW>&)?}N@WZ)XDp-r6g7W=Hp1Ap~t<SHVExrGy=D>$KC}
z8It#A2z5rq&!Vcw>v_F=!1PbxYj3~l(hkq!4%?ttLK%Sh5q|U?o`%*HJ}1Je!=-X(
z5B_spVPm$;Q*~erW_6atX>uci!ju21eY1p_6*TqvKZ16EsaUmRGH=6PHa3%9ky~EQ
zK2`qNz8-x3XIXpufL(E#Spzi13N-a|u>91;NGrD3$JDYWr!`=p<?5Lhbk0S!#F-i#
z{Y@1=5DLUc1_%WcYd7$v&(G8Z*jJ%1dPk<&&&1$I7vyLPWESmcC7q#qM%p!E50(f6
zZ|mfcK$#RD-{}D#(x-1Fu%fTfVjOnl*7Gx7>Q)>7PEq<8s3$EIA#}`~`y4(`d*>yg
zMQM5bl@H_;(nSEuc{$F-9ZEC=YnOp4bJsMZJh5XO_=?uTsC?qqT-@^<!7c#GfdF<a
z(EK!^`?Z6=NYW0JN5z@Vecq%?wfhl<FoI$XO>f;C?c2)^Y`3u)F!LQi^Mbr0$SHQR
zT--Kf?91A3n3v2=-<(dJy^4B|v6OU^uoJp|xPpe#ft5;SE&<d+<D%1a(28B!YTwp%
z8=ZL`8a{Vcb<^-GB=}rLO+A3I!MxRT9HNWnL#AbwglTJ0Vz2>}@Ol?pYV9Xb?rr-#
z*iHiIEsRx|bSs^mReUS2eoCOOk&otKAtH{aQZquM9~NycCwwtO0ajY>!YGtmg)?K+
zc1Kb0dBk!#<c(D|pCPIqNP`4e<3QGqfk_F2aQKW;?GjoIRZF*rD7nu)S;_%o^CCCo
zKXj=<2JRn|vRX!%X8aB5%ktKP2kiGutENhYx`&{1_|7{G9p1OW_<&D|;GiUVz&!2}
z-gZmH=-u3*D0lP}nhzA`oFWmv=b}SsdASc*2q<GO1o^F?1CKyWik3x4w*)$z_JEAm
ziCX|!gFU}9qyG#_%SyF68DX+g2i_-89AHO-45*EUSYmtf%E%<{2E~*qWwZ`(too<C
z|1wB?f>}$Cl-5dRtR7H=18JlHlJ+Z1Yb~*=9E>q-+jZv02%Of7PGNS*{~dHbj;>vy
z<JlL9ssUm`{uuqJ>i^>DyW^?;{`lVr8IfeW#;0TxGOrb(RLE9VX4yBFYhNl98D*AT
zN%qQ~nb|AbHM6-l^V)vr_Wk{S|9L!|d&cX$&hzzpJzuYL-n4Z%Pjnrz2M0}$3;uCb
zK*P=amSaN$Rs6_$wjGmknb+XFjbUFkknt!%#>Q_wD~|6($z`+)>Moo2K4h#+m~^AO
z_St9m(|--tEyZD24XB8V&~@%Ws_gV|qwSwxXB|4zve=5X;VGM+HixjhSs$YP_1+DQ
z(07SMfdumo<qqeLV+#%PddVM4GCI7^Qe~jR2q#XkAUHLj`qM%yvV=z7*`e58FxStL
zisPALinJ4%f?qT<YH0AiBc4q!yCD4(f{w8p5%UFuISz;*t)h%7+vv?M-gWd`*5vnJ
znO>{+48AKHsSQO7fey1Pzh2N0K)ml8duxXKEy^rgqQoKHCTO~#x^!bG$lsx|rLWMA
z9_3*n_njKj2YwOowcp<UTTBxw(vasB5vsbpbYpa*DGvF)<=X8vDOV%d%HXgT6n&L2
z*%U_Agts)oO@;if?Vwp~c}Zm4EhM`0+h%oL{^`9H8f9Bx2cVS@Prh2|K2Et8Hs>~;
z(%H33H)4*@^xOLD?1uI?4$y;EIgoxZVO_Na7j%5YTHq5wbQ0B54TFj61=N3beT1K^
zi2U6=J<~U$ggOb@r(Ch9V6|kxbNXq{(BDYD={BGGefaf!hSRqz1zHYhRzuM40im7f
z4~_2MM#rx}FrdWoF3#k8y^6YFuD`A3fW6zOQ>RUfAcBUE1hV}HIWd}0+z{5&Pc}5o
zHm_TH_@#^Pb}{c&^xS>kw80ns2ZB(iCNLcWH{u`xM*wC{Ww0M@o!z1%yE<CDlHbce
zhhnwIUw5!DR+H$c1Av5di=^|c41W}hSBO5ME{~^+ABlbEeM<%ZQql7m`6<L*W{wiN
z2O^v3uzNg#oliEW5Z1Pg((Lim8K!z7j6NxhKLp3`enf6wYUMP!09jlCEnmOCcFb!)
zbg_qyk6tht?vmHNY4RXW{;I>(Uz&x<8SCvgGT=}q2!$XnHN;8B&&3lGYuord#!o*-
z%rh++!md`2Iu)o~1~a52puKp(g+_LA!^<lyf~B{_`sJ#d1S!&;E4iq)t3Q8{c?~@K
zRDw#xwko??vCM@Ri+8zyPv5D$*M65sYwDtFcqXhG{)kwa8=RWE9S9z1srXN1`-m}1
z`-jEn@5lxobqcU+$|KReHv~2i7C;~V`2`)ZS0F0mUaPd~sRUOUztgX6RGLlVuo4kS
zc9NMeW;D=+*arecMQ<J(KR&REJnn3%PVHXv6;Jf;>15Zu#hyQTE0_mKp6*6~W*c3K
zz{yJI1MwF&X!-beg2Q3!PxQ#-_Ksc~Y#2p8gs#5)f8AZUPqFtdE(mFnW)`CmS^ZG=
z)9KpxvKtT|G0^6YXC9fvLam!BbuxxaAH;9>nWr(%^SItOS7w8J?ty)G0Q+wInN$@I
zw!nJKB_6)3B{264^R38&NLiX7fS#{cpsph0teRr+{wGb3HjE(sNHFwoa9S-tE?vTC
zL~d}>YR%s+Y#m+v$#Hg;<@9n8Yor2Vl<UCaN$P1rdCG85X}8_b@cCB1d-J&Cjt*_q
zrC7Z}?IozOmatYkQ;I-_u%8nHPvkgy5TUnP`s<kHo;_T>-(UgLC4+STBXpDy3mFHu
zB?j%I-?5J?vAo7chmnBTvDxe_MbcJO0Vv2nrHcjY=y4-AbnFwJ3vboqhK2fEuGR}^
z-WP;)0UmRysh}*&tPZwcoHPSlQ{3#Ydyk7n3|WXeN|>sS7LOY%42dHOGzTCb{rMgb
z^x~#CAYdx??9H&z@n6g?wg@LaRtQagMwC8EnE47y6Z-QNR?luoc~_IVIf_DK6*^{s
z6bL6zO}!KHew$&Qyv)I5qnO7YJ-zOZe3qw|vf{y0uo2+#;}vKrl%owi!+s!R*|3yI
za#i=d?xGjUFADp{-k+QhsG!(a$-g&@1cz8#N9t89<!j739lo=WS+ao9uk!|c?^E0m
zybzr=x3S;VFP~wgM+2sTkF={;j(eGm&-E(V<H<DsWH=Up#I|pboO9sXRCfe^k1qJ{
zd;9CQLQD2vsiEw_dnA8^Bjby`1ioe~%H8thTTVMnE-{>TE4P5@hwwbfGu+$o<hn(2
z7-M3_YvsHwq(!3~P5`!t0z}cJGJVoyZf#V`pF-f5tDA$I8dwcOTFV^tpR_5xHM)F@
z_+Vqk{9U2h99)?Y$?KnLQ3TR_7bLpwY%HTm-g46`N?gdnhT&W)wLh|O((`}=KI5oK
zsUJsZ8zD&4&&?JGeemSV>aY72+fB#x$m1kUBUeJ9aP)p2V#6=W+CEY?h>QU7f%+fk
zXrSRZ4UHEMSw3DP``I4*)LhhaWqIUD;UaTAr&|-r_b>wImK~Pxl`Q2uq+@`n3tk55
zYcX)|V8gwIN%NOHaC?8>@BF*Cem!8MeynwLS8#lDd0eU}l~U(1Av*pjf`YymsB4rI
z7{9Pf34F3PusDiLX5fTRTkKDe{R7fYb0cEt`>hOkiY47}VeQzLQ4hEmXE{Y+2>}zu
zVOU6+T0KG1_eo;s75%e2TKgxC`QRDQmZSC<PWthDmxK$QD&Smpf(=&wVUK*a(Jy{h
zAL$ie62+eHb!q?G_7P1FJ(q@A4{>Y|ShY<A;WT^-7bJqHMJ14-liBSi^9%uJqBr)v
z<|zVY?3Mz}==sC}6l4!A(m+2<{(h*9usQxcoujaNp{+ycx@RS4H^)rzi1h_Nc0#LC
zHv#D8D0c=NHkReU;M<#>X7k;?f}+qP{S86mT}&yUz$ffKZVJdc2u+(5FP~UFDi0sW
zDi08Xqm=jJP-DK;f#-u2tw;fhK7~1iIMrLs0lhg+`4OSP1kh>3!0&r;5adFqib^T`
zb2K0^nYPB@m8#|!S!UTnt#cVbc$g(&81LUIr9);bTIM-!SC)f`mG)(<mZC9N?|ua9
z{_h|Ku$okFtZ!U!`;+;5XX*(r{XXN#b87oO>!!C-Tn7KY7qyMyJ<Z<Zp`Z_n6+ZV;
zHRK082Tf62YM{XfX@IV#GJ7910YSoC(D^w5xqR)JBVwS$JL67YW}Vjy43_fi9k3mb
z0Ng>dQtCoEcePl<x8whMZwk+O$}M@&{_o$w#zT!)S_Z`J;4z^Jw$%=wB?B_^3L{ii
zP+SazsaO#f#3SC9Qu{9UnbtwLEgD0G3Azeo!q+C9a_zX?0C;Hs!LWa_g?Qc848{x@
zb;$lvpzq%a5;d-wrKMa-^V_}cb>5O>F|Ad1tX1jht%-o@v;TgveN5Ge&HlB|3QTkz
z0NwPv-3W5yObJ{A)0xZ`?c9_G=Ply>edo2QkD|?ZaL11CYU3z_|BnZCR+EAuSn`eX
z|1qQ=7BrzEaj`o}hf8-V|88Zgotsn7C;_Y5o%PFXNL1g=7j|n1wn7TDL=Bi&NN{I>
zbDC0O2z=M7W(((kf`x~X{q<1e5Y{VPkt&TA==T5%r?duM<o(+T@WzsdDe#(&!wn;m
zWa%N8Wopz{H8$ZGh3UGC2`UOshhZpP5GdHyp2{nbkaqIubPt+b=LKl8ll*YxA_mV#
z(tn8{$hM|zsOzS?vz%#KipfAj1PnWBZ_hwCyS{(b>9!UI(?fG^J?@#yPul;SFg(GD
z9n~kYTrDt{X~;nrcEK#qqB7Mkx;}|2wsV(k=|6pD7!#pMg#18IDpn)nz|2FZIM|wz
zXezC=>$J|@z{2p1&7Z{bT9{1>ruI&DU9$8T!aUy>i$nK+3?jsxrCp~kGASu$Mnf|{
zDxh%0ry0d_PxyCg<t)PPeg+PN@h3@t|J*Z{gx(Z`yMc$W2Yz?n(%=tazse_z#Q(?f
zx&dd7(}*-Mlf_uNaxIOn=1<mZEVPqtTXCI9M_3u}U)UPM;~Pu#FC6<^;w7NWWG07F
zr-POf)`)XN$8Lp(8Qownc_R=lP1qmXNO<Fwyc&B|5vApc#cUw2$G3@=66RHsJ(3p7
ztwL+OvC0L6WegL<Jx7A3k(inkF_ver<lc)_ul%8&`P(U;hefIn_G@pa0#KZHK>Whl
zhrMAyY>Dvhc5_XVL)`#7V4xp(nE9LEtU@-vV)F`&>cT%a=RY<e$H^x#)(OY4CRm6n
z8?cgf$-k_{8vMOkcc$Wqe!U_{TcRCiNpa-9@uI<P!k8sc?c~R3xLbJu8uQJ#+((7?
zK_D?O!#XyF{6vkLi{o<vJ8cm+J+OJ7iMvHZFm)WlrK5Jn#qUQ>d;=K>4X3o5HTEq!
zv5~nK8t1o@7dXshPI=WxjmO-gR4136UK)r!CNpLrNC$tP2deA|J!6MYefhY$>bAKZ
z+e9psmtcmKn=-PG8W3;HQS=3fN@|}+-RS%WGsj^jZb)V+hT!n3n{4<oY|`-P&`7v<
zzL1}!=n6s0oPn0f=q>>q5pr@qSH>#2gTv<L?`eo2VjKw{xGpN-D<Vbq#Ws)uxVt)J
z)l)=_#pMkR*Oa6~u#nJqDY;uxQ;RbuM*AlY<F7W!V*`PB#Ba94W~Jl?76ayX`GZM~
zr|wn+JaW9y$-&b%{4=jWeHZEij!`;wTO4GGNLhK&;Ju)pC=T>ntV~3t@p<v@6F}16
zVF_FWgo%z9A^c>)E&%tlDCp<U$df6mtn;sxQ26olgzB#rI%|<KmP7`YvOpzbgMns;
z8<&17yrzV*^N};Hk<V;|sKTEf2Wg$XG)%WJT8k_W6ezL*3-4?Kr!jm5rxWUn>;PLh
zxr$7vL5Qa?FzMtAk`!G9O*Eep!pIF5UEoKLX4BxG{a?v|&rOf4il7#3<g^puMb`<P
z-2o^;EH^&K(b^9SRP!k5sw=34F)=m549R9a2{Y@+)r4*~Xn9s@FlnXf+61<GeC_fF
zA&cv}{gC%Hv&Rq<-%YT;i-)_uHs@O#Sg;@6t{4S2x&2bt=}J0K5ldc~qJ^wt;~i2c
z>z^Za3z{b=j#OJGBxL!}!oFroltqxl4GyGPVd;Q6)dw?U1|8b&0EJ1MX{_$;MKpMN
z3v`<%89obaU1S_%<sG6=F$d$yfM%HlXMMv>8mLM=?KuqV7A4~66b}a)#6oDuRy`FI
ztmF>#ipK`%mAo9#D}aggF4MIcV^DaPV3DNOH)&)Q2^B#})C&RbOXqKLu5{w6zIVZ9
zJq=-mUfe-1-oP>Ey9Qi|9plNFnYbDE)hUx!vdTIpqeEOo%xXS!IW1TQA)AmX0j88Z
zCxRqTY;Uw&ZtnzVmcmFR)yOHZbr_`hLX5Tuzo<(SAo|zdc8{>qWva$c^#vy!;aS8&
z9ltcs-Xp|2j5qJmr@uam1%WSkAYVcD<a@`zs4bS~4GbF^OEkMqh8w?JV3xXefP34p
zaJ1nx+BODV)u(pC+sz>2eLa@KH51->4gLX$=RBiJY$-M#+HjP7{x0ZnN+fLA<#63Q
zcr8~<vG3edzUCojdnTd&1c|gcuM{?$IK@A6%NA}N_1hjGpELDb4|zCQ9-2?9n70B|
z9MZ)2^Lhucq#+jY1>v3XvCIC27bcLEs%kwHgOl7xug3F7j%L<K1042v&RpFc#qdhY
zAzSXRj`l-&Vf(FD+B*SCFBzlyLJCd`vfb^Q{ox!J9Y+o(ZWm)}y|0<pxn&e9-bQLz
zSQw*mc1CW|lc>ZEct`4nZ`&5n+38cB`@MG)8xE<ybHT7Wy5r>KkDrmP?2VlN#;O<Q
zYPn2sexLYxVsm^WR(r`K{g`}~QDXF4a|b$kWdb)@?`||!v=|VaRV0$EI9w_IXDNbh
z=HOh)X`HougyV(oTY2{0dezz=Eq#?+T=g0qA9kW~LCV+NLSH(1<cvP9V9v?9ITHMB
zjDH53cy4z27k*9B3TT$_^wHi7Y7+&N=VFxnslQrQG{Iv?ltbAKG)UZ(Vdn6fzn1~`
zu5`AXJUT-?$o}x-Ps|PFs>3@FshIu1zyZ;Ec0ctP>H70Y=KAW-mN?-_iRrTDgVAQA
zx!RkGXmDJn{tKDi9AHjiL~ENWmnD61;-W=dAKYx(e+Cf4&u#u8=$^UPMRaBfXDlRX
z=39#MR_dznGt;H~E|o^cb$jRa`c|K09Dm9_Ma+@#q|$UmXrbJ~<n0p#&y)9~C6nB?
z(1B($9FyOuP>saqHKwS%m6+_SJ)iz?Uf-XRd~!?ZN@YboFO8sH$^8D?2*uDi;+&ql
zEO(V1r+pM|X*6w6$c>s9U-P4Vd9YaD_AZVn@fz7%CPl^J;hDo<Lui+vdz9CDos}dG
zr%TRLw#5I;W^U}9&XFn()w6#JcmMDgU*>eIkWZ}xa!D&ePl)%uEc6%*kAD_;_$uA1
zS%|8M-Eu6fno9@A@;-v-m-~2rQu&4#*Hi)~{o=IJmYwz0LCw6GAF>-`dzJr{%=hi>
zke26T_hT}~)gDfyj$9=jUitw?-d=Bhv{ArNG{o;-_>TGcCJOxj5~qC&r>nnLTHZ5%
z!nD6IEtt(4vjoA_#C)B7TF>`8gLfiw@0Keb6seSa?%Nw*K2X@XP)`1`sE%*`8CQ6g
zO7N;%D9u~W4=NHiXl`aYRk?}qQbUo~edaM@Zk***&})M8lzh_uw%~jk7Nx*3GE*~7
z#^vpLdW74=?GDauNF3dFS8QK%5uHXAgqk9#hclaDFJk>KJCJYerH7~7a(3EG+mk)s
zBqV<kA}3yaIGIltWI=G{=EmxusVCDi(&o@T13%yoKAr8T$v11%q_$5RKuax49NxWL
z&a??nXw}PTLRK~l^iYiBk1pSN`@_CTT5hgO{MAk0I`dsQ(q~5tEw0Ub;~xvo&BL>F
zFXVolQ#4|q*`1}=7T^;+TKVKphL$}(dE9sA_du4?UVbv5Pmn|(#FvKK9U8y1_FAx?
zw))pz_9@CoGVPW*=20u(HxHVB;XF}}adP~?WM9-SD85}(w(mB!ySW+GsoByu<zdU0
z7b;L2!l?i0y?D``{Er)=A$G>RHdzi632JSVclUjsp^3Z{t~yfp<ldg8>A!hXW-O-B
ze{ISn2;LF?C2E^;O6hRrRa>9CExDkM(My%^nUsJ6Y8?f+si$=Lt<M3$9k=x<tnu^w
z*vGAY$~nDDv!$bZ_X_O;?Jj~ZPVP1Br_?ls2;(O&Uf=waME?{Vql7fuAJqDTHv1_n
z+_r&hbd}BWkKMN?FdL1XEs&y!{-@s;KW*&!->iXK?mz}iHIoa*AI;xj_GlFje?%w`
z&JQzZP5Z+u(kd2;+l5)Fhj)-BBhAF|y?0rj4fN1dO%7G}z-|xG%=#W?NJPeg=rj(c
zVSxjm8ZMao=s5J$5|e)EcFDW}Ga~-DhfVs$p||}FZOW+(AFFF=jW7ZAP<WiQ+%3Z{
ztoln*os6XU%8#Qe?kC-j7!IYFIxMfsjt!)oS+}>|fE&k67uh<F)$crF3;MdK;L|~z
zqa)kasZ2^Sm7O;-mN?c^ZzP$%Jh3xlv8j&t-9L(gVaelQ->a3hPNaarTJ6A@4~;T;
zDxRJe*+qoA+#B5+AK&oUrrr0olmygQ*p`U);*Xc$>Xy0DrMv3BC*46Ck`obF{J{<>
zR(Uah6NfXI<!DE?u#8vx-#eAOQrHHt@J7Yy*?fCe6To{N)9*Caw&_;LN<9_=r<B3+
zV^p7n(pLVKeM9?SfAMzfrh!>Xru6x3j)Y=U$7AxQYuf0U5U%ImqBrxpU;^#NEZ>2j
zkjeWjRQGKP_vT-J1GE3~t(&=dNOLxtR`uq(|M)8SQ`0JL*#JXB#`fxKil6)E;xSkA
z?iZn*VuoY_cV@Mov%p9)rCC0Gd1@$+SAc7oQZwEs6A;4nV&aOt1k^6KbEf#<H>Uzp
zbK&VP)Jt(fqCn?gIgato)Fh_Eaz4jn=I65z*yDdS8A9$G4^E_;H7WEBs84-_d)uZT
z`~LE}^r8G|*XdmMF;3F1Xqmep<+AF@fqRgq7k5ov9<|OTxhejLfsA5c!8V(7h~gM)
zFcz2YCmyE4q~}%g={3pp$DcHu9j7XhElBdcWUjP0IM8=d5{=XiyA~JN>BZM4nH`A4
zWL&t40o5;U8~ZPwh1fL<5XUj8?!Fq|v@vBalg#xu&wq5wj-NPA3LK!F_GtSz6e%UE
zlj!*MzVK@)b_EXwh4eMdDAHLkV6RSqZl*y2lC^z}Y<FY+yx6=>@^C7Kro7;F)o^a-
z1$`4rYukCR2xdi<iNd(EqJW_#Q?wm>_62>wy+XrWZduV*&*CwWwrF|QPwvS?jP%;S
zTD@__>!-$!`JqxUta9e1Jhlh(2va%KNE?^8cb{om$&6~;h5_++GKnev<dK8KG&0y`
z<62AlX+p;M^AZi&z?`t4nQYXI)_k%2_HLSV^&4(mbn=1oLe9Hdr<tm*`D`87F^J{R
z4_VTuj$#8pgYVIM@m*{S^xHtl6J5MVI)$ih11eYa=<dWf=gH=e9rzc=-oPVcs#Num
zPrzKj>by|z)Vb)+sKyXU1pRpi+}97@LT#No7ra9kK<xZ4DmDHdQhi1FkYeiI;|+&C
zmrb=tAR!Sb>HpmHfEDPui^biey^?RDPGcpKqiNoIO{BrW4sTdA2y?oCy)NiWA4bLA
z7W~Mgj08gJp#P)FQfGYs^`g`gW)XXbUjH7D|5UdduPitV2(jNXxfsf62r>hZ#|->C
z&H3V%Emjb83#V!h&hvdMJ0+<SPMzQoq_0^H8Vq-z0={Q#0uAcJ;A3XV$Y{E9FvdLx
zZVOX+23;m5?H)Y=-nziZTtTAPq{bARAL_qait4_xLJ%fquqpd}s~-Q$6DDoRc9_6t
zyGVF!()#d<>@^!u4<;DdcK4p|*6%&MOF81MA^5Ad;8*_~O`I+*z>?>yZdqB6ui4Bu
zeQ)xF0y*v>%&Q4~$unt3@O~obm4JS;yC$^A<CbL)9AA)8Eyq2&1O-lqQDuGmTKDGq
z*StC}2XkbVs_pMMsPq1;mi9ZEh)bb%WA%?fsico+S+V$g5mXpgp9m@lt{)<c)v+Q*
zRg3uQ$ufVEm?VPkwgB_@hhr!>N_+g~b<ti#A0SBuT8GbcbU`}@LYjD!T%Q=?5<Y#k
zN{U5%D}z4#Zk4<||LmjuR4t;J9rc~YeJbNCP#PCz7;E?!>uyJK=<e@NlFtJqE0I_y
zm!~(7oo&KT+~KlU(OO|f$xszRiZL`OIju1oD7s!>brU$SLaCbD*y$hq6={n(G~cON
zC}Lw9QzEZ`ZMdod)~e2^&Ev5}`F<}+YI(cV?ps7`P!1R_H<vgzsxd{Y9&r(@h4Omu
zXRUvGv4>xxuWT=)G94z0;}#9Na;0*Jjv(N9mIuhZ2h?1`*YB-uvkOY(cENH$FsP$K
zjC#TAL=N$N)7R*{Q$2OhEY;e!8xh(Wouo`bG1U=Q1oGLHx-fovP`xspc<DpJ=zQ}K
zG3tBRV?hlfO@M<guQws6wOnN2z4!pIJ59q>OitH7#E-J$O|HeJYufPXh=Vb>31fr;
zTBSp=9E7qqB=3KC#r<lWoy|dO$^S%x(ED}<>l)ba|J-;*HC_=${d+We>BjMx-M1{D
zx!c>-y4OV*sr8#ch5|IQCqzRur1myMkS2E&c1r7$9I8$IzvtehSVpbj&hPw0vEhv=
z1}rdEUr@qk2*|t_#*<3Xy9<B_86mXmL7*hb^+TQ$5vFJ81fo)z8n#EE-8Qpvf@i32
zva>Lf*TWlG)lR3WED2O=*np^0b+%V?hI*c5OjUpg(h)g*8x{Muz*OE<_5F{Z?8JDP
z=F_DfwlIoe9X(<`koD~XL_xV&4g4FRJ{L>v9$FX=jVA0`*S?tZt5k$LTEEY$U8?L`
zdl8yb<R%dNrZFY%4JcEzg&@AHGmlkN)f4%+uNJDZX8cxj`roO6vfa6W73u;gd)xH_
z=ut{1uvk2y8^QZ@OY^<Fxdvh3(WT07FHV`10JBgxjv)fPEnfvV@f}KSGBc0yqWtR?
zD3r*ttPTa+lLg-(P}Ng<J)fjOO_vA~uuO-p+5TsS{VEg{tY_ct7Ai2XNW;VJW}j^}
zhIJBzlu37K8LzoD_-y%Adhdi>QqQ)~DEJfjPu8y*Qzk*hSgt+F*MJyGXPrM;CG53Q
zZ<4gj>s%(0G0W@xg@S4YeZ2xV^i>~Hq_cySw7vmy(Z7$r-PUOes2{d)oBS^8yza7G
zN{ZpX$ybzR!9so$3Nt;8jKIb?u<-pd{wTBXnEYmTr!|okkcarYt>6!rE8XFuU_X@i
zsPk%SZblg-z_Y7M8_>f_*88CRQ=sW{whmx@7=M4lfZ9M%re>0)sxu~R1O)fU`(5l?
zM+Red=A5S>*Yk~1#}738QUkQ_^Y%r`n#H4y2bC|jY9rKNY%}xI_pl0*7(4=ds~7~|
z0m}_9ZQjqh04aMcGBA3+5<w06U0QU{{PnI_T!#T*90i#FT?OMJ5-5Ez?3SV3+7yem
z^j%#JqwtnonLy3x=6@}I0ow=ZIKLug6{I&CUevnR!^}@&um#q?MFD<q1`5M-^6y@=
z{Y*GEU*0FnYnk@2@{>Tp+-}Qkk8`a?0Y;@y9Fdb#?Ri-<{oNZkVT=4xkHqigAK6dU
zJ~h3fe+Sry1Hc53dj;NV8E;0gH|;KFx8;pEj-Q$q4<Rkxio~cqPwSGXB%iSGeGBq<
z73|wx+~vRiigwZ~7VB|Ui78KTERh%b4*2fwtZx?}41JB5Hi%HYQ1cbzr;`!E=Ps8f
zlhCd=Osm`!lRx^2o*?Eqn~r&>lkqsBKhM)G&9Fe)SuJTyf!l2Vu<I(YC5OgeNz(5t
z0x#TcyXUR?ullL3R_ieiReaQRK<)sHwx2>RX<=GM)_be=l7{&9nr76o6ci0a5A7;b
z|FSj?z<!}MR7jBYtV=s-U#P|eMe>2j%M2Sk@Ge*{Ltvke=-(*7I;58>{_<vju;CL<
z6tIy<{!5R}Uflw~S)9^!o~VHbgmW|Y{eq4YAhlLX2t2&qH~3JdXMyDBwqzqNQ8hMx
z`c}*B91)c6(R|%ESD;vip>X}ySDFwhdIlsKR#L}?1LhX=V5cy#Zr9#mrQF%Z9N@;%
zIvyQS;wwc{;MNQ8-^rV+$^n&i(1coVxGg&Z{9+#?l3M}(rrDvw*8M}^rIe=&M2DXd
z_adTrWz05J1-2hk{bWZmmIUlrj@3Jct3cP4XM6KO5B;);pdpv@`pWbi(UnGrKVs-=
z-u9{RWoLQKMRzl-kmd20CrwyR#Ve^t1J)V1UPV&=a^Qg!10pK@z7K;>JE?*8*}`j5
zgCGVrV-$*;6P2am^;36m89CT#;3)KG+8KWfi$lBVdF_if;1|&({r<!#7Y~pWk^3@g
z_8f707_VKs+9g-ygoyN|Yo(7Y_{&Y|IPzx*ArE&(FC|%N__Fg4d5&UE=Z=-eVV;UR
zuvUJ)g@BB)3s}D%LZVckC|%XHnnFm9*`BolzV*bKG0@fousThO`~2Zq^AZqGMZiwA
z_c=Z^ZG7P3bVMTm*H2fJgJ$pm(yFbw-m8%>yv*S|oy&JyI>kF(wOnm4dfAIeBY1{i
zZlw{KX14iBIX^l0`ixzeUZcBvGmt#J6mXLLYU|R@T1&+(<88b%$rpiJ<jg!<KC(}H
zbsNzh^R8emL&)x3>{AYZRDsFvdDJz#R1ChZ$bXcvRUlFU>>Q7qz2Z_O3G&xBS66Lp
zxGy!vBapZvrqe)95V6=q$`(D{5JKj`Jj8N;(|qQ%S)&QN%<-tmilAPg5O~Qt60RKD
zBKwQqqe`Rrc;|PGt9=E^G>1mW=R_b!rX8~tk%~Svw~mymt2iAHj&MP_V~FGqQVTD1
ztA@gr$({ZG&K2GG**av!wfFO_baS_4LN3Y7Z;QX!sod(RRq#T4+K>O75n9JDS|Sh7
zTSnSR>#5~gu~69k*<QbIu~54E$UdG|`tdj6$i%l9HFOe<`6GF&_qT24bU!X=^)>k6
zSNU$hiknZ5mAsow@kkba619LnBjP17kUvWCn299+U>4Z_hQ*TmG&pr3VEVs-UH$i?
zx6_lYRydZcaehniFrw&d035|Y+J&kd=XYzh-M)p|E%$R&OaG#lXugDQ$Q^}~?#MQ)
zoTX~s%y0jsQcs|qE1#`>)r62|;dtO?#{|4n?}pqN{3Ctk-(Rc?z=d9IZPj0R!;<0q
z@BDyW;0C08HCJT(J^vdebP~!>a=sMB3#8t;Wf)@qxZ(Lu&RJcs(dx=s6?nqvIANwV
zQGihBX7XztoE>ijU6b?MsQBj+R%Cq5)DC9Y-9Zq_7h<Vu!EcIcuvk}QH5G=)a4R7H
zf)F9KS#1sA(Fn6OA`GUb#`zY}u@%k{#yepoq1Ahrb!lgH*spNvt+nm{SC-8TV1TOy
zl*K5fK8_M{s9(Ez;-HntvBmmtTxO2y-O6Q`uKGnD?~St<t@Z06lBYDyH4tC*SPI0s
z(Go^-5(18RT28uZlDxpil-61T=F-8ZJvV%6b)u>itlH#lzQ+f7pqS2NnFUn~XLc$!
zr^+@Y>7)u?uwTl%LybWx;oqo0LclDyCN9wQt8IyI4V&6cQz2TqJEVD=;s8=8e}8lK
za~?HjUgh>P<ZG5y){*MWWa%ILDY#?;UwArgJ#pA;URDa!Pz4oe3mgSzKwz7d4|a9?
z@<%2fuF$#$1E{noQ6Y_e`W56LzH)h1yAt$sy)W(3BnnH(R_=7#W*;cy;&Oj~d^U(T
zRsSX<a-lQ{b`BFmqSrK{B$sN2Bz<Ec$|H`#3qm$0Edw8yQMhpO12l*)Fo<>->UGV?
z482H-tXXCI+3K+1+*<3-T<UT8tyFRy^HC9PhJfVXOljyxiKMyw=e}s_iG?#S+=z2T
zV4eSDt-r<sr3@}t$Zj*me{K?vTR*_DOnDhqy0*8u9o6m3?IfiM`YoT@fngE0fyDI{
zf<zTtfK6X17*nVQToX5^FT2<dw#Ak0DZ9@6f<6WCQY0y<_};FkdAQOY?<J8p<I&r%
zwNQa-7pJOV*0zw3<xoWhQ~8c~WTH37`_2Jmm%1LS&%&q`(JrvA4cWSFEp(Zk`h(R2
zR2{7(pG^W@kONTu`?ptU`spV<6(<rgkM-?u%usRGof;CntOyDoy^vtNYk=Cf9as(4
zbM*k28li>CfH#72A3{J4`EZGRE4Ln9Xg%9T&H2e3MzsrTUHsp#tZf5J4t5>zqr-2k
zZC_(yd+ApQDp{2eQUSE~s04lD^y7Jz=V~d-)1LmGHvkdbL&(@&qU6y90TbYjZ3i}s
z#hq2~kvaTCS7RDeGC^J~T_a4suTD7RF@dhCsk45ia<7H{rL84kB*Lu652wu@GOOb4
z@&2MtGi9wI&_!ZYyo){s<ip$RZZWB(bFeJtfqfuzxb(UTt3zySEF%f}<a=fAQQ22^
z92#{IL-evSg@;wP1T9{}W<(J<{jA#^y|JYt`guZ1LIF0Na^MVd>760L#DZN-*@QWA
zBgyXqO<(jfAdDiSTe<f$^!}EqRpZ_nz{udCEGJ{Wzhc=!fS>K;3T{-mQcYsO>t^5a
zI6O-$=YlfMY3v2sbMo=0Wp}&nx;9hPHM{i0PVsh(F-tmiZ+%*ChiV2~#}+JOodKvv
z{wAFB63MH@RiOxXjFQZjU1F7#^McAxYGy%_=y#QFYY}~e&#ge6f3JPLb#tC6aCQ^H
zHjmD2c-~`yeAdB15NiD|#~D!oj0dT?j*zX%{}ln%+jnu#eGfjup5oo3#%>Dg0Z$VY
zZFUjTRMe9mRV2H{9~mDxhr_-R?B3rF4bHJfoy(^@)e~+1rdpRa-O;=m<pN+M4n#;i
z0URJXwQCA~b2`D)8l`v<C{;WVdh~*h37Bl`&+(4%dx|1paXesg4-??Za`XS?Jn@v*
zsb2P2Z1Q%;WN>wsxH;^MS%bZGLWCTT<A>zqDKJ4f01k8k0AE1>lK^PYC-?ES-5#M<
z%tDW5T|is1<!NpFpNxLk_m`5IjhgS$WaM^Eu>L4pbY3o*GA@6zi2H%I8MSnQh3N3k
z(fm$d^Wsk0YuDfx9s?>LTeh^fJRZke_cqR2t~5BNTml!KXXKg5q^B9Mk7pWIHlNId
z!3Lxm@@y3AwoSZNvX$=poYy*@Di89K>52u+uY4C!-rD6S%Dr4Oh5m$*5+GG}ZB^6f
z^qTMZOE}K%Z@O;udPFVQmT&s~*fI@562b=kKHkVU6Ob`ti*Ew1)_t#y@y9DQ5^4B$
znGb(D4;?M)ZuDxSSvoBaymIy$%p6Y?27hx1x}U#F8pODAVg@VEvqsOKy&}ro5$3U!
z1iqblFIHWjnCp^QY^1euCv&w%@eXpb*DUk#ce>8mDEfv=!1d7FG9B673pSfUkEmx}
zwi>HH4y|MB+gcqSzv*tf-*wE~YjM7zUU{%(%a%2N+@_o2vpn@d1@9#}ys?V}hhUBE
z+@h9pJ91;ptgSB;q>Q^Z(*u9JDSk}Ynkx;@T15Uvo&7cBPqXkX@b!z7)8Wpr?whrI
zPK@_z5-)(wF{`d|9AL}U?R`Zt9w_vJCr<v{qDD_K<gZwC6kcwjW_jaJYY})>Td8+!
zl>?u#fIbfO#z!y%J|4DAHL*<Jj6X=did*Q3d#@~-IM<u=!>%f=<E+w15*oa0PdhWN
zq%+Z~-s2Iv>$ks}b)QBxZ1xE%k76Al*F7Usr1&BWW&q}heb)VU#_jybZ6-3}>2bj^
zTh!rCoJ-f)@pKzCt_-yw+*gYCaR0M|KkVsalZ@OM)MLWOR7NES;QSU46@X+-A-I4|
zfMe!4&pSXV)%j#@nQWb8M>TDft+ugh_&eg9On>U%va3`D*w?XeY4%{J27ig%3=7IF
zJ(GH+>TO~TsPXeVY*SvYl?#z@C*(>oAZG6Gn7a5$u}QhkJpJ<FD|30pvIWy4_?rgQ
zqyoX7I3m}m=HS<)cw1PRZl71f8yKtGi$H?mqrv%<mx|ZXV5{5QZg$&po2cUXe|fMK
z(QbQ<Ao$f7N5@}X_s2IA#i6g($GsYCcyB+Gd&6;5%WT#{z`*~Pw~4D5$k6EYEW5`p
zNUyzC6&CWfzIJAu$y2F9Vm0`t(aw|=#Odn1DRv9N;aA(LR4R{{`)%AVQ<8bnO8N}g
zq&o)<w4Cd|mPZe&#HL4TXPB_{DEG0F1)?<0pve9?Es-{D_7uMWe7(<p`zHr54NS<T
zr#@>|3%U~}VSUbPF{R@P9ed*m--y^?K7WAC&6FEy86ZKq){choP>4lG-v0B=d03X>
zDjY*DJw3eQ11=7Y6zzP(-AYAoyo|Cd=$#OYH*T-u71w2gW6os||C!4BXIM8}i{yQW
z!4|J8q?$&2Vb(jP&TfWL9?9xb{OST5QkM$u9a01$Te@s<Rj&6}Rq+R{{E?+^h)k%b
zgRsZDYs0z`#bNE;AeTH@v}+1?5^WN~YB@%Ie!DYE`u9Hl`jz(mtF2oN$D$EWDq85?
zZAsW1yW6mLC0-#&y)i|8=Awu~gRccUy^+x+Fiig`HX@1DY*s8$q*UgML;#{>j2k(#
z4BpIiC|>GwoqooCe_qA6U$AMvwdd080{cOwvg1bd*~ZYiU1LRyT+1o1xo~v#xMS&@
z(%Iyfxurd<YmHZT6z*v@DUKLL0PZRuAmfE`j0GvxcjB*mAv2?+#-_WShuWH))$KHs
zG86xK?mv0JP`&bm+f>fIT3<WcyJ^sv#Yc6lzI$~26TF`NHa)!B`XZ+z6THbzsczc%
zO=-?N#T(<O->_pmnoX+#kI?2+b@*A+2;_MBgyPp>kLA)K=6IU62UKLl)>jtRm5RCW
z1O)Nb$WYD?jt@n|P*>|^__im8XKBZ+eVt~q@Z-Q@s(acp*R6DFmo=g&CXKjzMWXhO
z_j`|<RJBh{tWO?Tpe=Z6W<auvxw8G!SMZ2Y_FvTbBwBN6>&Gj+d7l>=tkP)V7E$3d
zK1Q(Uu4(GCBvO5%E2rBZ{Y~Cjuy)?sf66Vk8xA`ayYRr7gEw|~c*HoX<P9%Q%4K|F
z<;824x7>&gC)d6kyqt)W?kOz(p9fxNWV?SH(dY8|m~$$2W8t`GrgmTlyMOq@zP4SE
z4_AGhYF^8E;sV^a1@oUeLc}P!&t-vYZk{{*bX;O$eg*m~sS15wvWL~aQey}GPo?eb
z*)V~&C7zazR^7;la3@^N(7n{i`hwD<HgDYKIPMkOsHCFc18x7u6U!&7aeYlFj+qJO
zx|q-B>rCew+IAJ9!}e(bM~gmp&CVWF*@JP7Y8^6+FJO^(9Epa<1pbN|kZ>u8A)^vH
z1AO*0c~V`eA!~bGb}{P$IMQ&u%@9+2_OVzT8C+B+Z3SUC6iNvv=B)M`E>d0D>{}IX
zt18c=^jq;SCx_`IFW%a{HYFa5X6EwtzSu2)k$`yYVB*IJgj1miiXdiKOda=$oUip*
z(&^S@4pDS!<z>s-2U27M2AAP6-?BvP`g~)yF86bb`5pZELaVu#Ja7CFoE*4`h6cst
z5FL|w#22IaDSSyV4&kT8o*nZ^+Tz^o!-5Utl_WzD%;9j48|v9`wAE7?mSBay!TCJB
zQFF{`K+H8DdXOY#B!G<iX;RBRW|h+~3u^CNYezc2o)>tGyi9k;wKnbB#0mRFg}1hq
z5$Qg8hmSZvJ-;+6!h|b*R;#<aeW+bMuvyRrqg0>O(y(>Cm{lqrB12PHzzV$$7?}A{
z6-zX(GQZfE(3|YiUCfkz`%E$E@Q2?*PKkCY-f7xu;X_Sj^fDT+<YzQy4($ZvjCw5u
zr*<lRp2}5;;H}TkT&Zd-x;H(ejG{dIQ$a-G>j5^4rBMBD8X(rYrZ2Ze#1q|}RKPnw
zfA=I?bA<zhmNkDDFA6M&iz>PzPvSayHpVKwk7?KvOk1N*KcWx4zAPkKJrBjHnYu}O
zR<+ZUZOML})kYuO1e=7TYS3<>?<o#iEZD;%*91Bv#+{{>1kHn@6<=LkjR$4$Al@6<
z4JJ?ZDtQ5$0W}Q_iay8rZaYht;6#6HEHRi&UoB9Q_$>MBtJ;<#g~<2!oPUsa%|uRe
zV*ar=bE0Q!AODV(mZ>-m(FU9sM~o7I8qT>_^sb)Ur}J4L=OY;xLhRRINL>B%8B5@9
zD`{HJ*s6<|!LLIq^?f-93v-Jb{;28IFy<E%39mP8e@IOhuwgAYJ>}~qon}1H>k@5y
z>Kfh-^YhtB<<8IE-C8TFm_Eo-Pw+Kq83^7IC}a*G6edn9DVo!iB7h_<d|GeMr-jA^
zx_|;bE)dN`B{Z3L)bq87QX4!4!;W^Btquyeu}9H^{wfeA3{QO}TmGKb!`RqL2lZ0$
zAd(vw)u!InrJn4%T3KOMBhLVMVW|<#PLt%tv!jEzUt-LkNB_k;@T7O`+g9A~grW-o
zDH*XPZm_-|dF|S~ZDX+nlkp<r>+6MV@XK3T*Bc!+4hO88_QT$mPNTpZ+<#BblxS<x
ze6N4pM1z<sf-OaY5OeHd;VH~!UOFD!&T><$Ia~A^qQD}|IPJHivst0lFth36$r^_g
z>{eA<RT8Y4npt4s32KUt5P()M52Ht`-9|C%&X$JPL-NJ^GCyI#!;aUS(%>)bjs_nb
zoY>(M?KArq%|~eP<z8i@_7Z6!zEZ9oJM96-0F%D~qkCFr#Q62ztk!6&bnr&cQ*AIV
zh;&zT99B5WL`lpmo~l}R(-fU7w6_jrX`(hNy-!QsKs+mTvx~8Lzq0bioz3?Wv<iFn
za|L@Ob8Yt0tnR}#!oen3TiU5FmF7C+ZC&!mz|B4<fFesF-`yzJ=-tly1g-dE;8FYF
zswhe1H9MDhr#X$4cyV(caS4UZ#Kw|MK-)BVGG4_;;LdGO2jLAq---*7@RI<1L%_3Z
z$W`}65JGLAyk{$&eAB7&30XNrza_Ns4-t+Rih%zh?3vT{guP5x67jyJYgy?zvKm;m
z`17NW^~hpmpI~Gh|H3;TIqTyB;kjaaN6Mehtp#}B3e3);O0LD!$$tQHC$?rL*G2Gs
z1wF4T&gU8otl0WY>#j(-oO-4jX}5{sEh5uod?o}h4*mzSf%7>N<4LOQF;9RQ|IzBU
z+ItqH8G=m%=7Bkvep#xp#{m+0$j+<RruGK6vfkw@1o1E|mnj|2;B+s>JG(8I{bK_r
z^6=)pFB&`#AA7Aw%or{C7vp;2JLXh>(jwAij&h7HeO-K_sayyuVISI{e1RwLFD4J)
z!%oKepZ$;Am~zz!<ndV_MO#!aU)6BhJUT0t5(y83b<Ui3&=V-vRxYNjX;~(%I)5qC
zlY<u;0cUzjK6$+1N9Kx33^eC`4d1&x-#rup<sZmtrTt7oNbVcgzu#6k{g!32ZStgS
zLFr)Yi@E~p4GOJWBwF)OXwDK+jw)+j$_c@4f#i1$E1|3?g(#j25XRw`6FNZptz@AQ
zX&ph8h`+y|;@{-?g2}$FeKKwb;05|fCOM^c%-Bg%)b-q_gg59|AxT=_0p3=oJWrhC
zc<c_Fb9V#x7s|jyg0mR5!922UQCo(6F0{ReJ1+v%YuWl-+Dj*KC6kUS2YxGVycFX}
z&C?s$@0#F>@h}{GZQ)-T9HryPMLkO~LiM{$0;bch3q*+i<Ck29X(p{h;Ye`mwd?!~
z=<3lvwo(acRmW8tJ|&GfG_${C^6_6M+j7jvMDtTXq%5CWqZPqry}nxU&h-e3Iz8H+
z)ysWlSV!2Aff%?+5=KKcW27~!B~C~L+Mz(IHk~<#qq_b6OAzUSayg;@JS!T|^F6xt
zXYiX>0<WwL8`I=$ZX7c;wY#P{P8F(yiv*%)!xCoblk?>Uf8ko`EiKz}BU5sl_JVf!
z)|WI6@B~4n(H+?zZB5|nvgOR=mr#UEP2Kh@P9=wi$H2e4C)Ni`Hztg!rjL@}uN=5i
z^hO+Ph3DyEsaEBdWR$`aDq25Ol1je>VrvM0wjP?xDowEZuL+#?aQkUegZH(X)8$U5
zESdsRal&GE%qd!T2^wG>5AK==kN68`gi5Dk)X{$zG}@iBGpkf7?mqByck7^3zTNT>
zi{Ku}saAy3D*_r~)lOeEb)FqBzFlo!uvt@nadNc^I8wAV=!3flOz1u2!UdfTV~YYj
z`W#VEI+tM8ZatIz+tZ<tbdYFoq|%)7zmSb_XPKH-x-KSF_ut!YcLkkXH=c}d8v7;Z
zk8e$dfD(b2y4$zRe+dxju-i|gMNL6HNv7jvZTTNeaisOSBeGb8a429$%7UJEJEA>j
z@K;}6Zxxf^JULq+Fkko2q%qhRX?0R;XPEO{SAjA!xm)cDpQw8V#93MBhu3U4Y3g7M
zrH_?pdm>TC<HX3ynB<L!r}8zWW8}*3>u<>)xLxzhDUo^1o9YGCYlXsXN6fD?=rW96
zJvh_$l-8nb6%>n~$DAKMwU&Qav0J!K`=nkk|64Gq7}q*od0ZrA{$gp>Cd!eS@zCLQ
zWmHOcYLve-k=)e15s+gXc*z+E2`vAv!Mz5dpMV*OS>fM@wkZo|p!$#lkmi$(42-JX
zV{<fWbgy<R8`n0~+gsceBePcH&+&!lX>KRDv-`H?s`4zSpy<tWt-ZZqVQf+Hc@!>R
zI$%$$`-eI8VsH6;!2X9rtc86Xr|!P)v(%KbHv-DHf4o`}2n8kwd|;iG<5&G16CJuw
zBd!zd1*S3pSv(f!549pLq(k%XoSwqf=$C8T5n{A{_{lk-$!y_y0X~aKn2oGyMW%8k
zA9N*%P0hSbK~5%)7(ebflyb6#u<5w_%uWC~&eq_=YiF!<sVCasS|Dm2xG#Sl&jGu8
zUUwBgh0?CHci-u3-Lp8YV*Ip&vFO60_kp6zJr@N5<2*QG^FeFIn&kYDi*}apMUq#q
zp0*e8A{$he{*_DF9IA`7(o?`a6<kP+bSi4l88M(2j^=%t$Zu>QuW`C%fByN4(z(X@
zQ5vob+txFVtsPPMEM^&X+c!U{;TXgeZi_Kp5yxHm$AW3M+Nblc>su7~Vka+Sk9$ue
zV(g;MXKN65ey=nfj-GcpqEF{UBaOV%E?36XjtER@7!ao$zs7Rst*$#Ft7-Fwi0+m3
zm?qKio+CcT7H$#f6|#cFv0;wo^7g|`of~3qN_)NI>L}ky0w9Z#*R!29ujI~6h1v`1
z;k3xH?&W6GiU8?y3HaN-xqA54eY~`WNrg$ht%d6}hPKzP@V$G)=soITs=q!}zbDS;
zH}@(z&-OwazPC_-8`;6&5hzehWqyTJISAYt51J}Zi3%Z<!KmsycRk-9odadVnZD+<
z{<!D7!vbIH?&drak2Oi&;n3)5nLRDo1FIw8(qSFq>x1M)bA}X}DW)+`v5j|MlmZUH
zrW}2$^FMry*(i?jmq9*bRjr+0h@tJ1lKXwW8%oRi)8}MH(@MUkjuqc59tuKHN^5}X
zI_rUC|7KH;n_`f1s+ys>ZR@|g|0FYcq29KgWUhWgU2-D;`@RTh1m$g>7BvH<gVWW1
z)bgjlji?Hb6MU=A)_D@ITZ21Bd2Bl+6CD!vML7Pm!b|JyrO35JT(PM1<xS))2WE*f
z*z@2ltQSA&=uz5Es<WPQaENF-s-ef-!U`fY+vhf<jz&4ptV*1;AIxe!1%(x@5}}CH
z8Z~_)O7)fLAI~TEivWMSd0AiAWVx~sc%EK=-|{-oQr@h98At9rZB{My{+{+a-*;O)
zF$&M>HBCuD5ls#ox3Pm;3;UX$aHpkXBRNdZ*>nqh4zqxEno9Wo%AbcO^aCL*r_5xi
zPNQagM9RmW;X4F~%jW%*s0r@x$?K)1b5Zo?I-ScS5h7|nT~nUvN%O;`AhbB%Zdew1
z<~z5LJu*{uSk@T8t#mYc?kC$&joDK?BAgME;iHDFT+{?r`pC}Nc=4;#7Pbbal0Mur
zc&UNu>?<hKX##a9;V^75xE)8Mb5jNXZH%r4RCzXkl6=XQv-tnmKzyxLsIQ-yo_Qbk
zIJIh1xnzFo^rIol51xF!yY^t=`kZy&h~benZ73xvF5hJzJch)k*LA$y0D_Qa*R!Pv
zH}9b0JAV8jo1&*c7x{KsNx*`igF+^b3$)o6l(&E`l97=&lW5EHBiq*-E_5SAE0_&E
ztOF#KKhuO>A;-C%tflxo3)yG}d-iglK@eF{1Lh729SAivk0=7?>8c4g9G?9<WRmwJ
zO{=^V{dPkuGy(gI5G}OrRwCo8X&&FSxBa*^{rG}pWW?$(xgZ3xdxqmk`{n-d+weoI
z;Jg#4#|j3OF^n}+q2T0ty~aKSd2-eitO_b;7SzwoZK4l6_|uYPv5WK?Vub7+6$*nX
zWQHD!IYn`=th=Ado5W)AvewpC{nPKoS`i}0VD(C&3uwH>hVbF0d*3-&zKr=-a$&cu
zzW};!sD$?3CGIx?a%cWuiV9R!dQxiQ{#UqLjqK}U$8V3HPF;Hn(&kr*EuUL)u{IA>
zJw4gFDmM>TkovYsAU!zGM@O5gX!|DEwi)mlX#^R|n8uO|{cn(Yla9(aIsLHoz}MJw
zC0{)2)lvWD!*gB{hdU&fB3Lh|o4#g!sZ2AbnfJVp?>}3Es8N%s4k3m`iubyDA16A0
zKiK6eE7gwwi@v3IXw=&KTi@CAoW<HRN1fl{T6>w^NB%6U4PoE;2-th$c*9?JFW$U6
zg<~4{b-ts}f2CTbdDY#&K{t!FD{^IL)1CFmy?*()CbzOAtRGe&Ej3oCUe@EBxPTQQ
zwY|O9N<Vy+81lqw@z$1`jh2hp>Kgf#w6{53=RWQW@G``?X$&TNYOa7M4vd~TVxy(C
zDKPHYWRMJP#<AIJPq&)PU~i92{IXevMK=OP%fhpx!OOO*0V(Tx@V|O>fIr_1`=c_W
zcaNRTU8%`aPxe0~uUn`ixRw}LN>@F@aFHQrzVl{qpyQt3fnynKc$G^7m>A8lMwh{J
zGrC|1a&$_jpUEtjiMR7t^vxCbP655#|D}@SI(A5LrLx&z;uHK&#GWK5`02f~5|Hp3
z8@$LMAQ?w<zp~G=k4F+NhOIu$@hS--jfRO7@@c@lGvZaCz`DE8Or~?8#^*U-Mo>1|
zCvy83QJNO}dSerPO5fzUGakSVuAo-ZWWXUAHn32ZfCd2tWFiosgo51Xly!xI$-<^>
z5`oIXM5eI}o7dd~g-Y4`Hivv<&{)Fj{6WkKyi7{!+f*1YH+K!Pyi_?Sv;B7Kc#u)n
z#=#$5FaKGo{1oBM2~{{KU$Fo1NMI0iDKma)+2Fi2YIx1zomHcO&2$x;aQB0qc{yVf
zGrFg6Xe{j=onof5k}hNL=KL$^nQKlJXEI)s1==EUqvS5XJ+`L$*c_AoL{y|YK!H0p
z<U0lqk3W4%`?TvPY$Yh@VCVP1mW)_H*k78Q-1K%YuBroZdf*w;=ZY?PsfMhC52QM!
z9nHUWpd^CEeh=>${jO2+Pf{^<wJ@7qouZQ9JWax+f|RdY{zz~9kb`p@6Vw=FBczJ3
zWeD!i6B1ob!QQ9Zxk^&-J|zLy>F#0sQMN!!-*<yc4T79B)jMkUCPevO`}^VkoZ)J1
zDtN(jh82#wj^U0F#LjnFfD36+!5U6i-E2_u@~~j4Ff&-z+%%M*k7_MElNc&uVc}{1
zFS~qaqT_U?qil%&Key1_GSBiAK_)>J6yzqPg0H!bY}h~EIeHlrIAm*cv^OB`0!lLN
z-v{gFo~0+NK#&xV#AFTnkS@50lVZ}M^j{zA`JvdsRYf&PsPW@P3{LX*r0NQd(XSVC
z#w;cq%)LKVvZ28IqZxa&8r{Y^4?H5C+bxv$hiCb2c9|B6FfgAA-WN>zQpu~^qnq?F
zY%e!eX8g$Jm&;J#Lw`?i<x381PCZgzYzMuBXBohbW1M?nSE{>o2dnfiK*<^^DDI~c
zBWpL6B=W-qo3D~Y{%H%=3(hO!y5?@_N}f7V7!`YayZfDX?szfFDMH=%YML3gVY%Tw
z-6edVD$S;-PJOp8PTuQtwLZFgJn72|ppd?&bWk@}>Eu)24|`<}lPtMuzeLQbydFMr
zZ%34Y8^#d3rd$mL21ogtk^(dLf0+8}xTwA_+Di#YDM)vTG=fTlf*{>Umy}W>H8g_~
zDoCdiA{_#Pbd5o$bPXZWFf=0!@y_`Dz4v+Z_uPBWy=R|&)?Rz<eT-kprjBm?tS>!Q
zMRmNfVhfX1g<)8Omw2z*TqEx5yrO)F(k32q>?}BXB&H&f-6H-`KE+_iD1eo691o$T
z0>fOMEt*_iWTJK?wA`-VC%#tyBM~e}E#41;MG&MynuBQ}LVj!LJ9+(CdSBsl4}VY2
zHEH*wGiq7uOBY$tY%ik)=jh>4uq-_Fk<=p2)=#sFa|H|k9o%sDnB!`^imcjy_pAn4
zV8jWSq2zQb9qzHaV0~XFc8?hwOWQc<udsj#r7%nNMLFwJepO$H`Dx*Q`Eo<{vRIC0
z<>I!8&rReGW%GoLSz!nnWX8?;W%{zW^u~8Tfo%`%{EOX^@~G8Dux`qoty&*q?LhP_
zxMn6b$APDlH^RZ*&!k^lyCkE9Jvkvk;lTotN7=x$Rd*NrcEi;tMR`fI69pTs9y+YN
zuRh14j?f{;<)_QeZ91}-tCuC+j8snE_G7x3N)fRNH*@C4v~wq!jfWRJP7W@n%hUwP
z!eXyz=@7Qv0Ubvq6Su++{#XJT#p>fAPpR2OKVT^HBP_uWxy!hbuAWp>r@upbNj#mN
z1z%)^2<Mpg_;(h_J8q{8d09o&o}grKcZH;oV|Y91`H|!!>*Sqj^|$lfjxD^$<P2q|
z5Z{aMJ%nM#yNl>dxO6%?>J7X7CjvC{VrZEViszm)o3)G|!arY1IRL3-sPxCfAq(Z+
zj8Bv+i675FU;VqX{+^v7Ml!ysA5~jZC>p}{;IM0r^HD?0S{%%a*;$wGN{`=!>u<lA
z+Wv5$Fcd7Gej=0;aPFyHy}$>T=6afnV2-h$5`f{tteJC~PVDf1y6;c}PtSdX$t%cz
z)+T{D+U4aGQ$IO;BsBnub9ja9o@*<><_;F{C*<TV5zKB{Gy;5&!|e%uZCt}p$DN7k
zTU8<-1tK;KDQhR>VGm^wo`m7y!Z$9KA8jD3+df?*zuXJ)Ss3FTk&o1cS!+(Td&)mA
zbLE?8Eh}W`=E<3KG!iNud_J#ricZ*J&-9G)toHAc_dbYVVB9hyIsN<I@91Q;&QMLQ
zghd0#z4osLI(+Jx{+!j8mXnCIT)|m`-#;%(v=!7Ge9-_rtXKcVmYS+=Lym%_F{6zS
zCRerVqWThD#&Ga=5<gv2nE67qT9QZp(K7Y2r#r-Q3_2dFTjAlx_#Axid(?Ih^8pl$
zGG1%^p!j{~Tb6oCq|M&7VBoH^nfYmPQfOAjw#N)*19{+t8LA2};xz83H@$egB0anI
zc;#b}3c=Z3!a|GTHN?czrLigcuOs77{jiYJ+9etV&714TJ16~@hPimTC1vFb0U^IV
zaTeOqp|B7&SQAO$B6xg7+PNn2Y$)bhBhP&Q=EUL0nPApvTmQ}`uW$3Lh(gD|25M?o
zg;^G^QO<(xT4{}(CyoT^IX$>A+4I(UK$@Qa#}37@&N(49pLF(~DLV1GC@^#8aNjUs
z{-!~VhVE8zZZL%Hsj&HoaPzl4k4;?d%QNs?agFnqltw%X4liw?bvM|{cQ|K%hd#34
zmX((kC4Iev%a6bT>z$eciMF%fBvHewmC>@e_xPrI0LAaX>MXCi2^MJ;b`(Hp`Dh`X
z*P1G;m!@mA>d6K>g>3Lghi5BQa!;<7S9;m3<c5eHFoF*pdw(q}57rRw7ZlM*rP`U<
z7nHgx?`NwbC@i$0u8ldi+y9PxPiZY!xHxpSh0_yde@JfK={c@xYcG0ca;hX`Tv}Fc
zY$ZYsyI#wq^|CH~kKS<VS^*uL@GM(=eq_+E{<~atXAdaWj(xD^)@&9P<v+RPMQN&v
zZt4q3B``i}H+mj2uttxFAVRWo!BC*tO3duN#~pQ!v2)Ah&STj{k9mvFf@xsu=Oi0o
zcQ3p)!xq(J3EWu8sRtR5{iP<JY?rw%G8DunFV>M;Q-R&2uqM)n&nCJr1I~|j_IYAX
zc63~nHGgKxn$Af}{n*I1c>%6zXLoA2p7TQ>qB*qLv0)MS)-2C8KCk{(f&RgRm!@U)
ze0jq@2Xn0AQX-$`PCKo1UNevHT3uW)g+t~VG#bfd<@<tSZJ>U!k{}G#;Suo2UM6ry
z_A=+#S80cf!1@)MMFCBSeV3|(*=muTSsX%V>PV7X-><ZBxrqN<SjGtwpnzZrO(qLc
zo&9GH_$UO;^+raX`W<5JtyL$1f`UiSo!a88^ki8tOp(pOhS@e02&pg>FpEfJ9wxB7
zfm17(7Vd5L#lWF%e(bzA_7LSlr|7Vtu8C7W*!TC2l6&@PBBm|Td0ZTH^`pGM<`#Xw
z2;u4ZY8emxb2qLLK!T0w&ebD=MLJ15<5xrH55iEDAIxdrCC3v?*t{E_=6GAFrOX+)
zyAp8YyY)`iIW_HVi1t0b?H7YoQP&{QF^dgc(Q&I->d#cA`bxvxR#VAfKx({L;5EX&
zM{5^s3b0Al$091%D{XT;Vsa(ce>$+d@HpE6Zion4AnoiwRR-^T?^@$d#;lN~0sV0x
zv)!M*qbSx=?ZFV032AFl@cmTRgm#qRV|w}{20lZ~)w2ziZtq@JeVk5Q&b_wT2o4}q
zQlU&=4F;A0fcn->ltU0FaHb!KkT5M8CI0fVPuJcjFXsm|&ZQrbr(xf5-;!%b5k6*z
z&s=HYRX5LVBZA!SKKk}yN8c8zZ1bpYy$&W654=}k8hQOwt<vjxn-&f&>Z{UA%<w;)
zULk)m*K(xGZqlwG-7N=37Tw;wtde<KS&lv{yuse>&{1G=pBmbVrANW_!Hb!{uumI0
zXa7UvMZd$g<j`>iLobfUbv+03iU?^#=+$5=ZI_`j?KU^KRGzikGD|928wuL*RM!2Q
zwhlDt>O^{ft<^IO6?=2ZL75O^xN|~rwCil2ZuKYBj?F6sI~1B(bl4I)lpeKWo6%>H
zZNc)9=qBJMz&gpj24@V8*`m<JM~mk7f<|;AL_lhFy-|J+SXZPKc6(yjYWPX$%SH?q
z-orI={%(#<`e6C+`wDbCo)c`LO~rO)eSH#bxp-Quy?q~vCa>ed5ck7S(mXi<l|^X^
zE>FP9%H9)V{3dM;a3&#uduncL9;>K32Y;xSMYJ4V{lXc?6E#Ddf%XI$s5cwuH*lmu
z3m`fdS+D20lru)gKKH4O9_zjqjH|RzfTbS{;FiK)aCud@NGLdNUjgQ*_E==?FNw7%
z3;9ai$#%W7Pjm-qH2^WV)w4LX5<}Mth$im=J0v!hHVghJn^8bH!xNR4Y%noo^BzHX
z@)x%he+PaW7|$WVr06E_(Z?Fnl2f(WE4hakW1807#k0e<MNO~3tMAI7?<gT^L8++f
z@buJhIWQnDGmN{SjZtIl$ul#hU2?jp|5nJ$k<R|xdL2vwRYAb7qn(W_FsZD1_=rWj
zG7aKf``Mzw=;z=av9mnTZ5;WQXVcI@3;u-b@LSdbv&hx|=DvLgPwT=09xuA`v5DD-
z-2(M*5G}jNo7B@*_u0+=Y#~a63IZeYM(=xgTgXfxjc2?pF#Gj^mU$d+)K&j&sNMm0
z3usmycvW!o9I6wS{MUq*{D??Hx7#R|x5$c5)>Wy^Omf)#(?lv@+YW^EM>w8a!xudA
zBN<)UR3H5i`1#)LUiHs+r<QRPtVsG}`ip*aZt~&-&C~j`l8xTGJ*>N>W65dn>9ccg
z4U7kY-6A_}?;YqUKvforx-1Ct)4SgI-0ZPi77N{=wstW94Fzn(Y`%m(G2lB<HtrnT
z?`GlZcfGhN-}%S!{m8ZY54oolJ%*=l<Ckv^>>Y|?gZFU4E4#k;HMg#P!uN(U)D_S{
zgl`S|tGzeUX|u-$H}@N_CL1MHsFkQ6p-m+RJ&&E_S7F;ve%S>`2mIT-mKe7`jl=x_
zs?KX)bam~`XPDt(P8Joiw{dv?#3iw>ogz7DBWeU!rEkMY<H+jFSg?OkKia!J*|0eq
zal`i2xs$<6hH~%<YV01D_B86w*yKL<)fd^Ums1qHFT=S$O20VuyNctRCSV!ltVkq$
z$waX%-!yxP$Yw8Q7$9$+cI^-ceM&Tx*9Icpq~jM_Dw`FoKGGn@!4i8t#O#n6(6TCT
zP<q?ZyMa(4d|Hxng+SvIa9;mH$rr4+Fy|A|ppDV_vxW;I=tKNMkdKRL0MpnH-<Q6M
z-kHq4HNVQ9cc{=Kw#3eUH!!}d(UdoI7DJ+S<F^yds_lJt&qk9tp9|OF70>kjO$)Ar
zM~BBjEQl34;R7~$vvyzlv==Ds4!#tf@vx(z+y9PAR#0+)$(<v1Ip2ezx7Imh$%fPd
zSF6@I;DYhL?l|W<9dE+AnEWp2gTgd*Fx8`nckcSxzT|KnOsWmS!ZC3T3^MjT-pXd9
zubY#s*QKq}S}W(X^(MoQAMXcUoVd~$AaUqNI6Yr*`ws3pu6q;g0>TQrUD5wp9sT)^
z{gJF=!$-}9Ec0aTZKHsyb&l3-fs7uGkjFFmC9P)!J&?5-S6C|j{=S^v<?Quyj;!dS
z#g?F6E*E)E09ixs9$>*B%{qAcn;|3}rGNL!k}9^T?|r05lr-Bn%xFL3X)Zp)a6I9{
z-i~}23eDm5XjmTcRQ|)C)uhD6S>oA5Z5j<tRn44h==JT3q!^Vb)pKsH#Bf?1Yo0$r
z4^e6HDA-gAZR*(8-><>q?~J;i)aWHf3YhXgz?isVRsciM)E8{o=T7MI@pHq{-R;F2
z$&-@l+kDkXo`}d>5jb}7b<LliB){(=#J8?SXF0d+Jm&9JzhTQPhK$$ncr*^SHtCg<
z9=hf##Yn%!1nT>h)*GDND(Mt+fw2n4TR-cvjqb)vUByATQ;PIr0@1?q`+ah~?GZhv
zuQuLn3}Ys`o}TSxpX<ClZUyn5mdOdzI(96ZzZ<f}$L}ROTaD|#%X|ZC>UBZqH<(Ci
z!BlYH6~{Af9L&@mRYHi|`2bNooVx&~XA2u|dZkLo8Z+W{vvnq)MJH&%3T3RMW)pdI
z;_}~?)+5j&!!}sBb>sV$3Va}(=6dDTk~(I%#(p@7cwPFaze_H7Ti8-BlEeG741+;2
zZA3l%;b^DTRBJLv&@KyuYXT-9W1MBWDD1YV=y}O+_g8Z{{l-a|Chyuu*R0!456>d~
z;a3)Z?MQ>5>>#W98{ngA{#3RLE;8+l&GFXnCYev2L|6JJwFrzqBQYAZnvz(7Akx%C
zRvoL$3svu}KSnz{r#=_0+hj%ZW5?S+*H@3u1H+8A4l_XA4&$?Jmy^(A_xEaaf7ul=
zB0}Gqyqawt?F>2=meo%M&xQ?&765cXCxBY6>3}Oa(g_bx%^p2SqoyE%m2{2uCcnX;
z8^jie4YifCV<`R`IQNIg<k4SG9X9I@8&=%dFnj%%$ATa@zv#ah5#Ks&2E`wf8X%TJ
zf<-z}BOL3@xUHky{3}1dIO8m?6+ZuamMN+P6*t=|FDv!^dkKOwFMsFp#jH$6Z&@OP
zieTPNJw}8|)%}VyjVkH3S3=|xy36{Qu`CxMCz+l##A`VRXnY^I%$^95aLBp`qdAu9
ze5mvxv)R2iY<sw-Ej;F2oa5K7_SWGn)*^~(s`D)Zo*Fop^8H|&@;fQ{-R=Jf`O?jC
zBv*W_CU$T$YP8(rI$k|tCJOx))+lX1cQ1o8k&SUONkD*b6Er)5M54k*tuQF{(^*d*
zH8vO8ika;b&`#*y7}y#=k1L?%N^CMlNACpn^?i#FzU|Nf?VX?|g6FqilPe-Lz?yHh
zB0V<$gUd{6WNu=QSxx(nxvyux>Zlji>HF!u1C?|fJt}wh8HBJCMbAFVX$spS4%@CW
z-eB~ZAp{7cV_Xq^#dWiQp+gOQVxVgHj!)VvExeDE?Eo3+A8>er>T|k+;_zyl7(Q#B
zTi046&kZR64z@N#`2K$0?H}h~xGE(Ox2VkiZtX)#khN4{ILZp+rq4mr*6P+71bVHy
zl-E=%b@Zqd2GEX)WX(ndS1!Kh6Og~p<^Y*!98K>GmVTJ1pe(}K1YwraT8!N-fr<sD
zgInK^KNq`Lmqjy^0zXvQ_2qfs*maWPo=+8K#%$iXKGG<{Q0WDTveDTr*J55}maV?R
z7{liAkRa+UZv@WGh)4r~-sr{f$~e8+02lkCrLQXdg`Hi-nLr)?N*@o!l3ne}eOYFd
z57?4}--4cd#4*plJRF#V`>(V+Qk}GQJt+?InWY6E=mCH`TFw-%1{{8@<0QT0YX`^^
z>t;{UiuBuJ2n%4??=$Hp<~RY|VKT{WkFotNv1&s|St;SYC?g&(i4t2Hxq%C}mnX4n
zj<x_L{kETI@h$5%Tep6@E1H{mJ}N)fX=}f14hR}0F7x}W^^BrI_syS#y<4ITN>aDK
zczU4WVeB3@c)OwvP=2hzo7;LyU0d6~)ue=NW(VCGhMajku3L>qKkxt;u!vK5RPVK5
zz5m7AQ>&26E8&%s6Rj9Zu_GMgjn5OoIYKS4Z;uCy^ZeW9LbD+gftv5-cW)k5ssKuE
zFY@e57_x!l<UrJwfBsK}jN3Okx+A0RmmfcbqxW}0>fW{GRsc&MbnT3-)!sHew{IJe
z{hb#2fHjVvTzt(|7vSZi@CRRlL>(M_o+xBjf5=SLez0J&hlPT7!BQ}cn18<cg3Wz=
z5Vd998cY~&@wdU5{2n`d#ca8}m~v!IvNEAE@FvD;D-FF$#toYtLX=G0oR)Q-@7CSt
zLu*%JJiNt;=Kt25J#P7;FB3oTA}x2bH6+;hV@SyB=S}6o+jL1w8yVAQFG+n=XwV;+
zSoEmGBZ#_4*=$}%@2H{yAugjXw9-AvUB+8prWdM%6AovWueN8t-gMS1R9wEO;3+yU
zU7}EOOh@w4ZH(}FYlZ8ME|K~?6(#C7KJ)|2<@s;2hAjR;w_j}<cutFtimlASlfC$>
zR6~<Nm8Gb%JJ+(9y}apLsxp6C5R$n?jycl3|J>93J(@k(rP69=yknqC!;Jp6q7i>{
z^w9Z*RW0#No9L<T7k7P65(Kl<$5LZNwFKYrWlvX-%NQ!K*Qzwq&s?7J)NVK(GBorq
zjLru}DnOOy7^^m?sHUuoLk!Ot)fnbKTh;U_|6GWNKGJCk42mM$=#*TJ<JyZkd51jQ
zlb_KQX=7>Z)j+4-s+N45l6rK4@@ce37XLZE1et@=G%`dKSb7O0FGSrU(Rg$ZXqJ=X
zl^$P4+Xe@CT(9RDh^Y=}SrNW$+tJ5|QmPeGG53TO?kRn;F%wq%osI~SHBTj95H6P=
zCL@)83mfQEJozjCoHuSF=79AX#e8n`N__j2U2Buf6GsK^eE&}A1*I?)3<NK?JdCDm
z=3!=ySE9^yR<z3haJXyF_Wk|pbSYe+M??}-ePqV>HT$*`ROaZNih1)~zQT#a`^}k^
zON+5nhBJ8Ala1kR4A0wg@A^oV*3udg%T`pY{OgIBbA6}JGt4&=5EfGF#>U=`c8fnh
z_3*vC=SvClC+n@GhI@9hwi1=LAWe`Wq!U=Vs9t82V26*IQA};Bsl6?S10{Ul5JJme
z?pg6!IViO8*C>5jWSwj&FTXlF(dnepbz$_D+{afvwYDX9T;Xr|(UKL7et-U*l>~%_
z)Ew~~EW!=udm<Y)6!gv<o`~h=C61Z_&20$cQ(CreqS-nScRDjmpBMr~KGr!1p8XLH
zap|6BxjQ&sOjVezeR!Ed`zE4r%W~vK9TO8^U`3Ue-kWZ2al1rLFiq4xuA!;YcKQ&V
z;`gd5P52t$P?IRPNXi$YNtTAEFSeHs{2e(KYS3}k*Oz#H0<X=0YEfWcm^|PU|5;BY
zCNS{pPbIVD363mi^kMv!2A;_!G2AYad_+if-u6|R-G#QCXm;kkG?!f}Jl@UH`klF#
zloEXzJ2GuJ(_+f~A;sJmS;|@q%(>s)dz0F?7kB|5dN^QwE68Sp9lYsob3(hGz2d&$
z0HwLxgqX1MEnMjSShmPz3?n_K=STKMX&ft<nx=kcuufUzcA<nUG^wek_V&U?+6V)0
zYiuk@Ss$OHNskr&AkUN9bY+2l>RVt<RdXLELeHP<&+L3+a(^h!qYR_d?`>8^OO7e3
z$95Ql7t}B+mq=kT#s28QqA#J>-`a?#Z}&1^fwm407B)__YX*@kLB~a>9`8yt1l&{G
z^#&#K3t~|2puxlfewFe2KKJDCku{$g7UEg^pV57b1kDO_;%i=3p4B^itMW{qmfaR^
z0!dd3L7y&&t*@1+{vBx7sZ~;Fi-!h|N&jsnGyGLo<PJcZNADJ7UzC1HYh6QPK~^I}
zF550XF=0MGt(yF$$pnsarcw7*<nj&~%9i<xL}Z^w2-t3T@gd*Y(1=$B!EHPxR19tW
zo-@ofS~;B9yOXDnU2tj<LRwrlO<^byOz|O8A3UJs63Yx23@L)O;92Sz&_BlV2t$Wf
zXCN;a5jSKJOwK5Itn}UIB*12WhhT~1hE3!~c7SPiJ_)od)Bt^`p2+AxBy60&xtM*?
z_oVoR*0#H2r~wp1OGI7titLer%?Zv*^G%gTWCge-f#D)?)iqDR-G!kxS1;V3Q@|P!
zmDxY?uOPi|M&(h}nsNF>p<iVt3@uG|gOv;I*5e(mcr`q?{W5Bl@mRf+00k^~`K_)f
zWd6`i7SIi!LX3HQwfg`xm7B4k`Gz+O++lhCi63x;l!OGN@$u{PzbqUn$BksBJ`TDP
zW|ZC3D^$Rk1kymw8d8J(yAPkt7xGh*p(Q`3Xl=P)@@wHhZk#sn1C1*rW)U23h!b`-
z70|%3zQvhn(^gp<xK&aUo)qa{;jV)a*=rh5D{(&brecBNm|tX`mBm!_a^%RC-IX3F
z;^iCyt&QhW7R--a)pv1s__fONsmyq-e&2u=9#>VC%qFk^{$CtZE?O8EW!D$x)vSiR
z+Doo;tv)3TMM=~n;3<h}aq&Ma*k8pz{CGn|&BwB}mDogh;W%hD-F!D8d#o~b^0VPv
zYiM1f%&%4pn_p^&Ac}<RwxXRu4g!9X4_{gw2E{-9OU5%ktjmo3Zb#FKl7$dd7d8Le
zQd!(t0U#T?+j!c|@+yVWoJC0t8{3QDxf1-#ySvifG1@fA3J&af&fn^6-7}=ox%&;J
z5!^;-t*y=FSEd1OT_I5uqs7SUnW4xEPwk2fXlS=^=%p-oCF68h0JJKM?AUx*Iv&UO
zuj8daXp=6N%RlRUm~dN|6>c=2t$<N9JJ&A!`Wad5?Pa=P*^xtmh_bU&2(&SD5t4hd
zvT{@k@~+%D(ws@-1L(y$7GVENA0Zj17jADj=!z~H3N_6nC?IR$Zt_`lirdLf2qz_(
zwj>x6$?T@&A&#$Mpv~ATGOJ-)uOBORKl{AXy)~~9rY1za@F0wy=*|@Mh$n-K3l1;3
z)yqG@8O!_q@(R>6{oyCVBKvwa>*Pkr+{z!R0{2@u@anF!$%GPypw@thdF==H*blI)
zrK^h=J5k}wUX8sC0~UgC@%|WL9sF0Sk({~q36A2P`#6(HVZXagdpSc<C*>-4W>^16
z0q_Y|><&b~{XynG)WNjcnHWzs5gcNv85^TRTCeAB^#yo#Su4VZ((nVO-K@#aX|3Ok
z2b<|^#(fiXj3CRvSgE0Fa~mP2Z%3TL(K--0&w~$rFbW!K{b)_nqvNMD)K_tg_{vGC
z8lCfcGo?+Tot$1-Nz1=csR`rjYlfhQ&6ZHWb3|pE`rLt5Aja=#RsKRf=v|!P8VCZP
zOSD9MeTWMu=?a9I$mo8r{Sahy^y{i`{rayDPJT98$t+T36J+jG#K`5pDd{Vg)K+&I
zKzK6n0-@;8xoT*sOCBzg);BHdvtPRLIpmC>U8IYu?>XTD9DTujeu=(fpqZyNCS%r=
z*;d+5cGqjVFiws<0P_7Bt$|&+%6uxRh4|XO;MfHaj(o;0tM@o=9JGn2!ogeXLqYa_
zsualO^J{SNJ}q}g^(vL8!vPoi-bXSpVunxxeVj>)ry;i%FJouPxH)a}qJjuv`x?(?
z7~P6;MsU%aOvg~Aq{+kE{B#C@J37^{l~KW!B<7Cd`@ttIoc$7UH?OoQZvznPdw$wh
zUWw8{e`MXCtMU>OEZ{^{_ugQCqm>bCdG6w3`i{I(t3yjxw||fuI!@_Qp(mcAP;#P5
zAH0y*j(_Ug176H@VXohX0y3jw72~w2k{j{O8mPduKho~{UM)((>K^5ly`xpwl&XmS
z^(}b$0Mk%(#TW5smsClGW8FLuH8WV6eZE^}YPs;c!$*~^T_X_ksWXXeJj0w)X_w+1
zMYI*R{7zvgkXrA)H-1kLfTE=#LilHOw0%+Yca9o$jK80aWl%8Yo>If$*=U}riRI&|
z2MUt)k4#V9Y61pX?uyB+Y##*pt1bVDG;jiak8$ewZ;?2$p275AbL|nHo%$RBKHT<0
z%vq$P@f~V7XCO%UW0+o`pVao*SA?Kmw?Z57s}pm*!^33f=cbJ_RxtH*ChB^ag^c)^
z@eEgJz?Dcji0h^p&&NnD0E+zUqXW9ziRd4&=LCS98$l@l-($NHWGm@iX-U)+Lzhwq
zNJE}~=Y(Jft0>*jmo8W1A3EFY3CX^G@LMb6f<l?l033lLs^GHU5e9Nb?^vqjF@>Fn
zcW(uzt47%kp8b$Nx5zfzNZt6#Giy9^NU)ugrN|1^?iFOG6nH3x`$If9H;`Dq;QGNx
zA|JoFinxF|=Z~F<Sl5Q4KZakDsj*ya=8PZHHF(sC=*W=}j4KsiX!uB?Lk1l-3i9h%
zehUyg*G2JyvD}5By`phj6K{7T$1nE}A2wEh(zL=Pws5Q+?R3X_A~>UU{D{)Mg`+fu
z1Vs*5P`Uz9cmZdDsRVf~v+ESTIG(fpoKZz;yD^^wR@#Y_par^{v2FfH*CWp-3l~=+
zWudJMff7?a!`vX_lAI41xvH)_fqT514p7~#64Fg1%JSZ9KzO_<JW6mtsI*;j;6-&a
zAf8v^pT~REt^Ogrg%8OT2~(2QHMtft(bm`b)N1eoL5GNjkEI+EMZunf!RBbzb=^`U
zq{}Sqr2njwxOiAnfPmi`GLII59sC8X=H|S->RKy-R~;ULv*mY3rpHE!yZovzKD6|+
z2}#mRF|-|=oioRx0IOGS94u6$U_SODvvV2k-!zh>gHqo!t)T9R0e-n0c<6OELU?3i
z!G@1G%D99o+v|Tk%lt@d-@+ug;Z}FgxZJg{!;|G`i+c4Hxt(DaG0(r1_^ayb^Phz?
zwwC=?KpOkhmw7%*gPaIq|D^8mKmC-*(W=^etTk-3xoZmcRbClTmJGn#h;2JyJz~It
zSa#<*e^v5-DA8v+o1Kvq!a?{B<CyuZRbEX_(u*bo(dC%V4%Su1g(tpJYR@VU?eny<
zc=tjC5(4TP=b`lrci})ZcgsBp9_ioySvqB7lxGgm_$C2=Svqe*T#;U$m>O3b2W8~V
zq+!7d*oD{*i(6dsheFnoIvQHphRf{v*3YoU)rhOuFVa1L-el~f-tkHmLVv;O*vtHT
zd;s#+FY)jomU3B2vNqIsrl-ro9FRI0*t+UB9NWuw-h#LuH3};dT)jH_IbUfo!UN6e
z75U+>=fUXNVcy%%WxgJl%jPNG{B{{M5IXL*JBAMpq8ybq%c*PQ!B(b^#mmV9YRRz?
zfTLw#3LY-RvVACjHZqTN-yF!7I_U<a<GB`Sd<Cfj1<0pC?^GS9V5fwax4@)so(=Sn
zm8^fc-m)|k^(RPkz&_oT0>Ld`NNZ%!PMiJl8co80Te{T+NIujwR&5jqrB<E;4o?y!
z27iG?u{+;*>Y0+59q8<+p8X_68cO2;WJ>n7&^PI%_be^l8nF78WivW@hD+-Vr08RJ
zHb{uFiCRDLhuDqpPXLD+RNjQYW2p;b8L(SbHr%V*u`U^b!9i|KBsMy&TX1%D{rU~Y
zU+d)JnKPEHQA%@zcKG3C7B~pz;lO83&sBxOE7Rl`CSIXIrv7xrLA3h3>tJyA6CPs8
z8_41=H;yyC0v84Z!0l3_KX&m848L+9&S;4lVs>Nq>}v_M6z<ayGri&-Zx+R0^0oZ6
z!X#q)Nr{zC&N;!xDbIwt_!H&hP3?g*9vT$__~(;~%U$h|iS6S|4euXXSiHBAXzf%d
ztk|y=6VOT%hH{VUyN?)wRrYCXu9GPBhATk>G)*-nS9@Oeq;@OaY3kzdF^X){+bMB_
zna~}@UY^NsWS#+))e#61M=U3Gjqp*M7AOy%-4`(ykcf7~e8rh0&RucI#VG>XB_ibF
z6-%p!N5@VYSPuX56+b3YIOE*NupS-1t=OI$I$=Za$Yc<Hj2WroL@UxLpHEvg=kYOq
zZ!Ur=y&ao}kV1OMDo#Lr?!U|&y%(H|3sH4%Ifl4py=P|S#HukEgC#Z8M>=~oVq<{C
z(XKks3*yxSQh7_AMlYE_dHIEl_2}(y0WweJZxrjd_K{kuK$DHUu9!jWXQ})1X3)TG
zDjrCYQW$^~skCN@8M5XeE-=>ceiw!kXeBB<IOQl&2MgSk8p?S0Mf8~GU~rqI86z5W
zdW(skS#gLQnmMim2-d2ls=8^mRuMqh=lsgO;LHl311P!t-Rbl!tKA@qztn)u0Pz6l
z5#vV7Cy;yh_n24Y&UdP)#c{v4?p`5hs>ROqdl*AI3RD$E-+J-JFPY+^aCovF6K?$Q
zUn7Sm@2$I4yngsY-*Rfvpl(~o)^$XB`UkJ;Qk58#rm-Twx<$5b0VH+X_El+R0(|_Q
zD4fFmeU1_mu@OFTgCf`|p1V*-k3>}1tZ1#$y>+f^=Iq-wn-;BYeQBv~$DD)mxtG;_
znS{_*S4ix`AM)s7@*R&Qt(v>Av-<&0m%(Aco4yTV_q1L%4l70)D&NeJ&QKrct_N5I
z=!yK?=I!qor2CNLx!2}uYL{#U2GdB70cNAo|3bfI^SrwEJmSjkaKptz?_$2<xeD?-
zOa_uC(fIgqt~k`OobdLpP#ww`kaB)tXS8L2$`scC?Fx&NzIR2~YX48G7|T`nZ+_;~
zdNrNodPJ#o%yhc8pasdjT*BQw`2h24!eYNY_dN}2FX+G;V6UnB3Wqa82^GL^Wgky#
zHJ!}e^1D6gX^saEXLaZQahjW|2wT6(g4+J2h#oa?Q;iU_UtQi5>wiRuk*(Viudp&S
z`Np;?ykN~4lnB@{Z+8;<1CE*ZL<Bfcfb+p`t-?m{&PJiEreDT0cRmN5bTZ9A)|r6g
zlS}yCD~7bcIQl(XCP%^G&PQLt;n}|&c$@&TmyfeUg3augS6*C$$h`xOYNr!3zX2*7
z>f=UkR|LH1)Sqqk1i}(wX9^3ZdB|FD-HXCk#wF#Wo|HWf4}WpF?z-I0XLb48GI=R7
zt=H}>c;yCB-N1n$&lc1ev-TcBuIFhwZ_Ep*k|qaZ`cxbw0=_|=319dq8v}mz%L%37
zXx;M&QV<*v)CVV;_x+-N6VcS%cu-C;YbI@WI%*0mtdcGVGcEH}%6`$V3aS*~+PLeH
zdX=^ha%4o&=YxyVa{GIwcf!eG#K`#}mTAdx9E86m1=9Zd*tg!)Q6Qatg%blr#lHJ8
zDN44IFq~C}#_vktAYzS$b(By1@0=jnTvsI10c0&pj1)VYv#56gc$o}sxp*I*OPylm
zi;_w4gn9VBre$?6YM-(X`br9Pj3xIfXc1ze0nUz5eJ>odfEM>5h|9Cck&ZkaV?W7W
zN=u~nc?y@5=@mbFmNorc^7%TD0+e2U7Xji|HowM}IiyhY=%P?glUIHA;v^xoscO7>
zG!*1gneB&izmvX-6^4w;^%~y-1C|&85Er!ff#PH;ba3<aT55k-&<=WoeQ4Rqie-73
z5OU7X%PT6I{rH}RQ5Wo=+YRTbL6+}782W`PF_F3p00i(aYhGhJ#cyZjsTiKMi6We}
z0}daI24ReibMM&i8b=10J3Ep9RExMd93<B=f-L<uHhd<7ta5MuUWJ#{WM-dqK;vGP
zlch`D)c*7qNKB0@6OZTl`pz>_W3QrVmPmP$tE=3LAZYek#D?FdCJq7w3lAx4)xkVM
zq@2j@?IfFbj({>$GGLSh2kfv^9qa=(F4+-%=`e3djw|uLtQWh#6$cgcGP{>wXoCYx
zAPDalvURUIJ{8sql785XFi198{nmk?&2E*e75y(`617a$$>*?)6x68((7eU;()Yfv
zJjXCUn=BI)T(RBlbBXK}J)iWv_H787qzB3&p7u?Gr`s;iCV<7<00Xh3@$wOwPs9jS
z&l(w}^O88unCX>>dg5kHS%F?Ds|*|TIl$Jon2_6O)f{}FIxw<nEW(E-U-fySr*Wg7
z+@-O_F|1cm^?v8r*t&YNvq9&I#OR;h=vEvE?rQ6UQM^_^KbGf;Oaf=b^HhIqsfBE3
zf9_r*x&8g_Y9(z~c$MmQGr@vJOB?e?@EjLb<Tk~Fg;uwq>xS!I*`FAIbqYtKqKn{+
zSos#9g|xRee}dz45XE^vf_wtAfSfr_qH%^b6cO}le1K-%{W&;+%$maA+Q<jtiIJ7{
zPZWaHD}W%GXWTAM2)(ZB@BmM1?6UixJ-+a&lgACk1dS`g9*+}1ABe)P8dMfddSXDw
zpIL=*I~BBjeXx9?^7H*Cc;t6S#Y$*a>xamo`?zavA*8tINbnuw@ghp^K-N^l%cyXn
zsdsB0k!D@Kw@e<6ZPPduj1A-3@<N4;JpejDln>la>j&>AEi3|GwdwSKRhZxfv72Xh
zmH~(>cFy9o)b-OPaV!HREV04YfAU+4mTX>LUOx4J3fu*m>Lrqr`jY$kJ6gGP5F`Tx
zfMU#lUSyNp`j!iH;9cKFl(->;|1h_ifyr{Ql0jh_F&S<Ao=&JvPAM8>gW%Oz2!}`+
zLbej)qWkYYGZVMR8Wcx~D8)2CAm`2JuaiFK6{yewLVstpHjVaj20=y?IQ#~3c{{aj
zc7LJu4bZ*wZs+KNZc1=LyVd1VK;maj%}>1{w)CoxphX!hf-Bwu^aZg*p^gRF+~;2&
z4Ow*bYJe`qm6l*GHXrH#?EfW5k{T~<Xvc0hU;_Do6H_247D#hxuGc@;1>VK0UcFEn
z)ErF0XTZO^U%v&#6_)PxZ~Hs}b<uR3VP8hN;F8^Zzzdf0!UM0m=hs66aPNhIVMcX7
zeVb6Cm}UIX8wf*anaVjWP;M<xK_@80)Xhl8Lo#rX>H}B+F3~L2SC+<X(1O;w#VcDo
z*<cJzHu3D@W9*+LNhGX<f$9jFe2qHBzgGWT5n$6M4lhE;tgDZ>=ywmF(N1o35j3kJ
z^q$%<0+f7!+<){-T&5W8d!s%!$vyylJ`h<!$Lt3mk<G99fIF$)Y7V64<6Ukhu$Inl
z?!{Wg4dga4CrB?H4V~MA!i{nMa%{*3WjH=pE#4fk0)~D<<Cr=&l&lM?5q3ozXX=2Z
zM}malz*7n)U&tB{Xu!)Y!mjUrKly;_b??6r=oizw;{K|%jalc5S+oxx<V!OmTN{c%
zLSQ%Z*sakghAJOBIlbpADf3w7h=$V+SP>(U3M=&$<&?uXT09o0b6PhYA_z|F4e+E;
zPn-lU>=m{~MfQLC$s4%tYbTopN^z;cwVN-VhTGIg)M>CokmZl9V^<D$aiCHI?qNnj
zTIzU_+szc;?-@AW%^i=P7m!>Kv<ps_g~1U>>&=`1aZvK%toqc*I2b{V`Q2+LB-^Y+
z^T6kaKWUvUI8J@`Ns*(0Cix(CG)BN)!NI`YzlyK|c#m&E?d5ApN2~b0w-+V34I`OC
zV4Y`ucZ9hXI9fn!FQ_>bb<7OXIWMuM3Z%MFEn8-l76r2U<w<kgZpMGp4endZ&Wutt
zQU?4tVp~i9WhT43HYEstD=By)Q6NzhbW?Ug2`tBn=m^{e^3=-~?d)}O2(DfO!UDOT
zN-=zt>c1&o937H1(CdjJ)b`weT4Yb7Nnrly`|;d7Ku6$=x!X-h2>eqSYYdBDhb(B`
zCAC}ORPYN_xc}iODHV8swO;Qs+y)T91a~3$<`B{ioE%4m{pLXuyk1~4{Y`*(r?~i8
z$>ESqr|_q%2w9=a##jzu#t*A{#ge|!;iGPXPHzy#U181A+@yWW$NH7;8mefuj{p}@
zV+<6E3!)VdKP~e1Sd)SqW0!3Z2>V<{$UXclqZ4pgxM*|UGJCB?#zr~7OTWPRAOts8
zMPRxpT_gf&2bPpIE2UHFl#2#|jdbOSAEN+Y!8J&L$3_}EpF%^*u%<6Wvx4`ruNM!h
z5~w3V(G$Pwn((4L_<sY~LSu}h*paE<q6q3|bq0&%EU!RNBvwM=RmT{OKyv(h!n#~G
zi%+DQn&7%msv8opA}Ns<@WdM_Mn$A;Estuq#^=nS`gxw6V72QIq&22Y9G$90Ts8s%
zU_Ai6wQGbgjc1N^uS1n7_;Zpc>@{CSDu6T7JPGC=i!^X6(#g+rCu33x%Mg<cP{dXM
zAuVfGN$nfbR%Q~r!NAP7#!II2&xI>)MLvO`j67*dvP;LFxUfOKB!sCK_+l-9$go#`
z+}RNQy~wxf!6gg5KnanH8FnQVmwy?PB4xC<bJ*j+Vflrb!K!Yw!HUrGh@j-^6jHOM
z06|E@^pBb8$J(H<LN0G6=!vgNzh+G7*yM53)9P0zfKjxvCwS$rLWGz+_zHp)X{kr=
zZXV1~++$j7$B}s`H5=QkqmI4h5I~BIyow&z>Su_s3vC8$_^tiUGyC7qIDg0zPv_~+
zWmD<MwOQ>X@z@b2IQx4&1Y+pPm6I+BdXrgdc%1>Opi#cJ641|D!^q;Frafa+RakHn
z1Cy{IGi<>h>MupYg_}~Pzb0gxOGi)Oi&e^bA8u-w$eNsKK~UxAW0gCB??t&N#AaP1
z(y>=jmVnmy<0N471c+vNP!WagY2M81!(Slhx2g~PRwaKo^UN(pk9<8`3|7yjIukr>
zJY!J428<S(tRii*LR!8nZf`K@&HB*_62b@2f~LA>FJBPs{nZ<G`lJvXdFIN+5d2D%
zi<TL6Z+v=+qYm~Jcrs9vlsL5xwl?m0>AQlOR!sEpx}yspo&R7pJQI}V^d_;N5Y4)R
zU>yL^7wyS5>Y#D}W5PubVXgO`*G-TB(2e+Gn-`7eWg&z1?C6CcKt)QYJ>T%9r{}D$
z_{|nh_|X=CUxf0h@vSi#P#}h%3AP#NO=65^HI1HN)wh?Qp{?*=q7d|f%|-lrXcN|7
zf}03k<5Tfpv%E!;?@*<~2M+*EVSvN7h<{oiC7K47mJJZT+yhP@1lE*|smxMk!cI<S
z^A<%fF>iTA;gRo|vUH6?fVLlk9!n|`_bDx)?gJk#uQPiU7oeUvAa*a2nEg0tD*pD&
z0+jmQpheh%m%ra1GYDb|_|!D#FL!Z!5!%ouMF0%GV#~uIco>k9WBmxVz_j0^#<1;u
zSbjl)t}*oC^bgYVEd+^-Bz<Z^QWhs68n7_Mt<1HtJm`dS47~5;`=q2B$$+sU1O%Js
z#<7#YVw+;)GJ0YZwB(<x0^|pukF(*nV0S*iC1ThKyD;jpZna24oL~!~u(}fLjQuPt
z?*ITX?mei>d2DM&GH34)0P@nmaVArMdZeWJ6BDqQo7kALjwXfm@4;4!Bp;9b!ivQX
z@ECovUx`AS)W6<^F-@=xJY(DjebOP~w}d<Txtvb+e(O1xnt%e!p2z~?k8hBR8L-`>
z|B5gXD{@UTALZ42Tbo(3LVOx72ij8Q6GI$tSQTi8AJfjBtRmCtVHbW&ZPk8H=Wo1;
zm|s}?awW7W3OsAnnd13>pU>6IG|dQv@EgYwG3YYu)}F3IeI_X4)-93};jALy7Av)I
z52n66+kRotAFW*x5+rV2SM5uLEf?e4q$t57OPMF0!meP+k}|~wlqeRjK#+CF|10ub
zkfbb9pE!Mb`I>=|PWRO&^OhSs&Y767Tq($(PL~u8T?2ul<S_PPh5udrTvTtRizL#(
zM-Da!x!3t3guXS(3`A=NJZV!eL6_3D&g2p9-gE*iLZReF8L%Qf;Ek4@TnhqZvC|4c
zn0Txld!+%-ospi<bG?PcIdkjEfDw#={_eriPWBysuk7L4w<>pJ+OIzq#D&p1gW6Ye
z*g7D4!19G4#)L1TqQIwTXh}^q&7Z1RY+sCuS!|gB=2+aU&Ay{fit0^-Rl)CZPIs6j
z)(C;Yi<{gxq|qaQct8~xf$USX2M@-<t^fnF^$90}r+_9WNUjCiFbcN+9)U@S7k$)r
zk%z4Vpo5rf{A^6TFZVfJF*=tFu{@miTIc=QJf2@QY`GXvpN5a`FQC}LJ61fSC@ccU
z0RYpD>hqMJKI8&&I%oXt85ow62W442OBKN&0Vu9(gHg%BpZf*;O6iR{tX}~`Or6^E
z^FEmf!pb95>n}jbK<RPY#hc^5EH;>X=CUE&^dX-G;`}2vrb$AZI{&SB2rheMMfaF<
zg69@KWOlN(4?kVKT=jl=%*-&lk%o`mgXKz`h4E1=0C?76R|EDr+H>oMQJ(mwAU;|=
zy*$N;k77#+?~2{ie6UrhJ!4rwdJJY;7rXR_ShW5(x>%6sJ4KqM0_38uYSa`Rt2#_~
zgKkNKiy`aNzyI5S|8IjLXY4avlvWx-_ECl4Rk-bR4c46;1EaqLrps|&Hi9JM*%iZ@
z!aHgUu9S^+cVS(r6#%AV2Nnqe-ejX2I_-<s+9B)rb(Wa$#=|*+PPt2vxIbN*J16K#
zP2Zcm^l=C@?T^viq@@7@s)UQ#tRkVi`xUvN;~hS_xUYdc!GHTdwKn#y)-7L=&o=&<
zYisrsNQI9$^KyA-klWct`-f^>J^myhP5rxCX)1ThUIhxmvwu0WS;Zd3(lPwJTt{m=
z4f?fR4>2?Yt_A1O=b-ELOQ<O|fIGmimIEtKplrpvFRC(mQO%llH@`Q4$K&|QXz1yy
zk}7r=1NWBv=|G<bD~d(?@^c?&13(vV0KEXiUef8;&!JP>$I1&a0souFmK#X~W3<`^
zz>%u5+cafL&p2m&)(866g7B?a&P-57*@^cz{mXji1==HiVN#r7EHt80S33t({vAJB
zh#>?{BgvU!_3LL)fee1|qmtN^(&0u9kQCDK$(#~evf0R%{^XSP*%0VpX2!Lp7CNtt
zD-XJu+xfWu=?@P2^DfjbXH+@H6vOG>sR&p<mB=QqMk?&K0>R0c{Bj<H3OayaBi8;`
z>Q{w4NZ8{aZ2r3y<5<-c9UT|1D;kva{eozAPvw7pf>pHhd~G7zAfSpU2il4TClX@o
z9sRYc{;qq@2hWW&Z__-<F(71j?_3&OsTn%I>l*OpztPtiKct3V=W?m*<tQHR7GmBW
zo{ISg;HZ<nfuktCaD&B0*_iza>x?1m&%aCJN@RWF6rjlzpmnyInX7L1jHh269&_6*
z^Q?Oo{qTncxK8gDPVJ|f>gBJ;Lt5O}3lXM@vbiOIDhh|<D%1C#&4g`ZlMxjmms~cO
zr5dVQX>f2zEvO|4NeAabfbUQPV6gUo@d0r>%11ixx+ss9{NVSZSRRu6tQ^t-#f6wK
zpiJ(16a4;vS2WHymeH)H@ZtjvJnC3|$D;DgF9YOOKnVh8Guwy6aJ|A?uMV!&bN>I!
zM}Qh68`=UktFXHLFN&}xFtB(j%jkX(A=wmYNZbI!vR7OiNWO<1R%O@L-)1bvWpVVg
znc7GBd_N8oQS0~yzLP76d2+EaB>44KzUG7Xn{T&1Sx18u=`)}<P1F@dCVguFf8+#<
zcmE0&QG*{%f)F}>lj;U8LeabJDBga)X=O?Zn^yF@UR$6&L&v@3j*ptW{Xfq-$Fp;|
z0g`{#ob)_mQX)^f(b($f&ejK$S@02oq>Vs)l*mtjN^)Fh_W_Imw~uSrm-nkn1#L!V
zf0VosZPm#3Ulg_+X8pnqveN*nNU(-Vla2u2Xta<wlKG!U5dddIBA;7;4G%@vEMt9&
zP8v7{6P4G~O|gsX^3Ki)Jc$xKDQQFj4FdPOFKksndZRQv{aH<;8V?|PK&}4=rmSC%
z09n&*io-HAR6*&pOX?7_S;sAU+9@UCIMV+xv-9+Ef<^Wc$P|wK+#OQ9v;g@GJ-v}6
zQ1YwhQgED>kWv67=gsxlTQcPw^Aj4rka)-r#bSVTekf^&GuJlDZ_nhP&Q10<7JJ2u
z)<0t4zAst^YZS*WthL}Cw?Xa3DOT#*sQi-?=}Y9f-pKG*R*v9gRIg4`kQ~Uj8v>Zm
z(gPMB!eale2PvirBo$4DC<_|Tc0g57T5;9EGbY^Tjg6B(gU?exwp=uD`VS2>ABU+1
z`@9#eCt*gZNJ&Sa{;NQVzR4a4a-guTPQ|}}vjO^JYdE%ZZi}=>p11HDdp%ct_&B&g
zZ9eGvpl-zR<y4}5?EDy4bgE8pZnD|!yW*|xgV~y-^R8Ffe|9<yf3>}c)w;J93pKBT
z3b2V<bizIiWFFSou{F&fgD?YN%Sq*Z)dZ^1Z}^ZP6RGRvW5RYRTYHTe8h?Xl*D6bS
zj`$RA*qmmSk)99UyRtepJ%RrQ*1d&_3}U8OPhCkF`@JO^zQ5q-^>tkpRL2bMf3G@C
zZIgGL{9Y`Yeg0-c&->#do7glgMpsk_v@#e0t}jE+*%K+qll!FH>THt6`wa|%5%>B*
z^%HzR;d*(ESlEZ&?Ay4UC%;1jo2xAw*O#nD?(WEeprqvVsbn~i>v&l|v;g&<r{F+k
zP>`f6W;+slzLRfjfqS&of|H!cYD_VW)>m2Tx|JRQL^6+fXCo2J1t4U(s8`b8Ubu+)
z8{H?MJOV7DGoF5J_?-}rzl=`Z2pz4AsRqRYEh@T(Jr33i&?ZBp5Dv7O$aXRQeL7Qn
zD!}v5ow>j|DLM)qQRwBf>BS0iLm-M|(wAQko~P>=A)|nxGMem6A+eDq<a)IKi?;R#
z`<gpVfjnWUU+#wO9pA)mLJ*{WTdiZ6Xx8QppmiQir#K&ZnpnIm?p|acacpE%rI<ew
z`db6Z$#Jp(i&A;!U+BN${}DCOG`gPB{^O^jFTGi{L|xwCyLkzHmhl`Q`4ecrMNh%z
z9%&DN^hQl&T{4*h><fr+BLV_OhnuCPJct%?Akc+i!r#YT&^XmSCdQkNeU6%y;<vpW
z8S~x>U-{MIX<I@77K~r%in82aAXlFf^r8j&<k3m%Hq&?Q=0-cdL>005HcVjeH>RbS
zn0V<ekE{^M1Y0VoTJWXU<b2TF7Z<tr=evn*Zz_N{X|do&;QYwmsoP#wKro`%B6}JQ
zt7~FJIIhPE^j(GEP3@iEyPCbFCTtw{l+5xOEpbn#-uMOGA@hj==Q3MMDR=u4g-W}8
zi^*w9%VaY8(PCsiwS935Bo5GCh!Fw`2wts<Zp3%?Q^HARHviB@E-`k_einAD!V~!0
zsm%lM42mF#?emlZ+6Db9&%x(${eRo;oYtT^jbZY2F{&SmSwXH`Ug(O*oxYcZ5Mu5(
zr;Qzn6C-ldU7B8rb1@*0i7cwxt$e@ud;_7+jlJWZG8co}C(=3ac4p81hjlCJW;_%3
zL={_%Mtk-XR;>#E(!Kwy41qy<6HSH^szMd8Z`x(DqHk9$@d07NK+mmz9SCS|g~Pzo
z^Vwo*Bx#vB?}#hx=yOrV{R?<N<sq<DzI?~|<j)Ijn#~GO5GM2&d(YfdP?QLN#sGph
zTKioZT-am+QV}LBSkef#SVzKxe{TUv>+8^r{y5U{i-R+Zz(E1`$qu8UudvN814yL3
z7vwca?RQzgwJG4*#dak_D(<LChh>mdTd02dpkom1QUt^8ET$Aw+%AN1fs~E0=GnUs
z3C~!w0^df#pg40RaFn5<zEog-T)~E`Ib&J1=?T;-KfC^>-!F<oVL47Jii!0ngk^PK
z@a9}`n#(Zmz(H8rK`Jci6GFLmjlALFU=>{l7R%)&Z@;=)|9|cEOh$N;CLbee;3MMe
zcmZf%OOB`yS0*}t-bh;hGRbRgONju(F-ZI|5@QvXe6kJ2c@=`MA#J}agbS01paQKz
zNJ`W?rEMK3saR#HC>C%acTVCllAeRZ7q_F|;$-m4p=ISFI#e0VT7MGAK`L3GTE?Bq
zeixLEO1#xqfYFNqS?znQupp|IENlmY#M$i#XNBc3NYs*}+U8q>qhB7DB9KaqoU1c7
z!<+PdhG=$CLW>yL4#<{9zjHoY2Osz@Gqmt9YzqzpWJBq%R^l1&wqDFIYo-e*@q`iz
zLmRfQ;iKHSc*0RHZ;N%j9t=!XGBR<ehOEWIwjdT|1@x~Ya$kPOHdX-UtTO0<V960E
zA$pU*ArH(k%U`kTHIsMb$6^j0Y=DWsiV9Ew1QBTWA;b)9j>|kXTs!Iq`&*oaFLtwi
zYe%ZGVd9>L8rw$X`z!=d_Xx|I2yOi<Kfw(A%Ajc^>FA^5m-D!3Y@jhA4I%DKodnA^
z1E+913kOk~cGo|m5)4^Qx$BN-9Wx`iW-o*8-!;N>M=V6tI)H##1S)6nd8^hIvIJNO
zaIDin{K3#5S4_C89KPdmyYiSnIl3Mf{wF@JCB9+19zX{3Z^bznP>6}#YU)U%f2BGR
z0GR(Cem;j;QpmcKtBkMY>UC2bk?^n`svlyfv*`F%)$?pBZrD5^s8-3DAeHhFV1${X
z3&G$sk`+dv6gv8V%Fr+Di(TlLj%u+Q`qvvGXi{q3LHM)auw(T|KRH5ePsvD}WWIrf
z5YjmE;9`(dq~8?*ms0~e_X%LavUdj3=$EcH<3Y6wjS5je2>AZ-eU;26PrZGfJP_;`
znm?&7JJXQ0POSl$v|ugf;SaJToLErcJMjYKzHA+CMn)dS!02KZm?3xh^{dHoEnnSO
zmuSIOvnwH5*YZ+HZ%+a|kh>5(5KJJT-b5U3s&e@X3shKlNJGAK)l*>Gjr(|oMz!4m
z>=0@H;v;tSi%U(AU`Ty4*twU}6o&{ZLcawvyx(kM#(^)!TDbFX;6XA9Qj@^QM?(vb
z#g+iY0===0H*g^imG;8M^V5nar}A#31HJdo8cZ(_PPt^l%gL<J&t{I^g|s3+&Itl9
z3m6wrlb*hlg^w*lFsFYEsO`5nkPx*MzM;ccv3r1*g@~Vko6?6i5xNkKEX{OWI|uHo
zP#sD3XL%C^$n;{(<N3QeO?|M`A;4k2#*-$ldUaA#B-)oozrfB_);Fmj?hdHb){l(V
zv{iqffyPy~w&1Rn7XLvn>r$dwizkXj!R9l0nst^)vPopQ_UG`Ooi1DO`tyn#OYes)
zMCN7v?E0d^P@tF%$a#}8cZ{Aj=^LJ+?wmWv$8R?|evQCSQU>s`;h+Y8pR%uF_AQcl
zRs13VK?I@`lAN1MKpp|X9lM&3m1$I!IEZGMS6Z!GTz*W{muk<<4b@J79DAeq=z!t>
zq3*lmv3|dY-*(C<BV<<!h1=dMg@k0JLB?(Gaoe&-%BT>L6(K@0vMH-%m5gM|DDGRx
z%6iV*=kxvjzJENg=l{p+)hq7%TIXD6UFV$ZTqvq{A!!&=LY#E7OY`}k@sC9bn$?8;
zT7LbRG7F1Z3ty*3-rPzt9%$YK?NyO~m)e1B72QKqF3NALH%~K0opgCyy5>?JaCiHD
zjaQ`%YLnj?tn~cp?}eQg%vDo^8<2`e3QwGGUNXD{+4HCRt_qvV(&aDRq#Y<*5nb}f
zU;jeHNjt%lVC_IH@i?>oRk3>F03NFVk`akMY39ddsq`E?n9qx<Pc<<AbiGuSejcxD
z=eYf-vi?V9TKpCvzFFn(RKfXIc5E!ddb$S9AqB4!aCujfi=E$T8d5CWW?YI$;tDYL
zPI)B8!Q+MdFvJ|<31c%a;y};kQ4P@$dp&sNRl+$~372RF^ceffO9tykVr0+0+wN+x
zxAXmTrldUh{z1Zw68A$KUG6yL5al4f2;?u&j;U3swe?n|lHx@qa;4awqjZTG{zn5f
zc^<1uwWtr>t-7^vCyDUOtsunWakznH!}el}R4Y^`fQy*#*G#V|1zNbOO@Cn9{M-;F
z%Plt&oQZlZE)V=8!xl+{{pi3@Z&7R6i843SyK(XO^~5d0%DuExxOQ#E1hOUEYx>uz
zDs4T{pfyzFPlYYfT!Jhh1fl;hl`r!4?tNX;vxi2g2L?u5jf%(?aiz`Ip`_8;HPQ30
zYTPX&X+-<jZ>v(&*0;!xZ!5A`Ek=_ZEk{lL(_wfFRd6lQfb6%%7mj%hN7CNU!gd1t
zhiu^E!}a0XSw1c!&U}K1?x@CV4*nwrnd=`e#IEy<q9LWPIz7CtuP1#j9xNqZ{lge|
z?zVZ!q9K5)weTQ4UDsaOPnt2fPjiG>7d;t>AJ1m~4#%o5KWPq84oSw|4=(%g;pyHH
z$v?l-ioNVVk`;91Y3Kt(wE}2CET<iky4RgFh_a7Xoy{+*R#9z*Ye97VE_l`=Yl7~L
zf6Ps&mE(QY2%_eUBZivXa_Se9f8L=@q%csv$zi-GD1x)pNBvc0)2j^4Kina|5GA~6
ze>fHfJw5HP^qdMq7rcEOj4E~H9Fbq)^VHEJKVsIal01_q?)q7jYg#rROH9#_`awoV
zd^}<9XSR7xDmwv6SNI0XHk~Xylkab*sEktaE0=$4H0GG5UEzVy^(EWyCVW<9ep*Q@
zH|7NojnOml^BMS6P!leGpb6Rd!B>3vr~B}RMJWd=kTlhXVsp4%0>ch2y2N^xEa-Aj
zjkb2IylHs->(9JaY>1Y6l3)L$Y=-xj4t-n3fcH(mr(`>M*$KJ1kO>Eh1(cea`2W?e
zA1_P<Wc=fl5_c@jJE3ErRm*lHy{<WU;;ubpkn2O*Yq*Ql&q^MPb}Ngv?U}%(KBilj
z%+Xsu_|i~c$e;%cIS0*U%B502L%cx^7EVCsK+SM)%#VUOzM09=3#3bNO#jqr;teCY
zT-E(PPdy<F4=D~`nG9QJe~c9Dg}NEA(OiRs8stXQYxZ0&7eg<riYtcOSM*8ZCbmEX
zPVY`a5=Oydui4?rqhBm<-@2Vcfrr=Ov^!&a3O_XxunpVT*IfKCfI|oju<Sq4z){&)
z#LOMq<xyDibT8dRDQRL?SzK-Z;mM&J{(`ln_|BM!&pCa@GGk!>Bt^%(-0e^nv;#rb
zM04o78UJuh@?dOH{Itb=5#Gd<l-%_v3E+!25AhmG2@7a7Ad7yZq?<TUG%CFOQ8vT3
z;d`1iJZ=l+=-zuKclRA!6hVu0wU{A`BY)=aDa?WS@-cq<YGmzQb;;WELHyjjqZOD`
z!`jiAx^sQq)g)IFU5>&4O@cLG+mToX{mh7~tC?QNwz$E?h*9U#&vd4%yBag556*T5
zvfSsX?4DdqzCUj4K$zlgTP@Rvsb+&foo+Hg7-J|Zn#?JO>UBtxTE{cp&M9&#CfYF`
zm!xZ=W%Sd<<8xGsqVEK@xm6`)9n=RXrB>c^-&O7h=jI^c>@=#JO!a(+K-RDvp}OKN
z?XrJdNb#W@XvVv@Z{8VD>+0OyUmU&a%x0Z_cC+1p;8yKm_}TN*sEE<^4iN!|Pc~OB
zup7zUxV*^VogdmtQewHnIOI>J+d!;W(!_UX!SpYNf|vxZ;w}=`VmyY(e5;N`mJShE
z{@`wp5q_n=*Tzb6SiQb@nIZ9G^u6eNbE`zp^^Et__Czv1+;iSr+3??|O-ozdvliO<
zN`I$}*{1E`Zp@JqjtD|;)sa^_9@20b`WTe>v`S+YcK`WTC?<{w$&3oacN#wy9ig!Q
zUcWPW`>NvCx$!-GBWG;tR(s?2_wFvA{Rd;RlNF8reep)2LtT5bQ>-#}wuw@=X7>U&
zQ-7E2|7joC7j(rNS1%VkCm=}g#pazMhDuTAmz8Ae@@qOJoco(w%{nq1`+s&7*&>#V
zStM6G3QPP#3jMSBC9rb)W76E5csaGYJ>5;0wUXxjm8JcS0eD$z;rB|3-?}=2WWJ2J
za_#|ZhterR2HkGGv-dBv0COewI4P%D&i&Q>yUY!5Jw`OyQdg~o4h0t;ol|La-%V<3
z>y0^5ydyp`P)%^v`+81N@Ma`}h$X&Gvl`v!`RlhKw}uH6&fj}*WQmQ#5$_v_ue&B<
z`QX&Kw$*PYdQ>$YpA9-a;)Wpsfq@YTI)1dWug<UWV&GCk9!JWI_n;ru_;<|0Zk|v*
zROyN8v_8wImiltfd1EiGZ7+IRrR2)s_?LbfL@A!~yX|SOYf9NI#T(f-m-g`{dq)E{
zxA(scJrXSy&0rZ13s~{@&ffSnInTWM?efRZ=l|q}6KaNu5Syr?7m2M}mYGrMSMW?6
zuN*g4BTMAhdIjMj_l&(|&Su5AIITnD)4VLf+uzt7!~U*s2fhq_lCz6{H!gVwH;B%D
z#o>I>d78xFTsJkc^7o%VJUx1x7M|PN3Jj2<nwS&zoMoEZyD$`>TIwee8*{9@`3Akr
zsEN<+3zx0t^kPu^!%9Qi)0bs~2BZ&<W9Ql1yQ7;oTo0L4xI5Rg@5w19Yr|WCL&@1L
z$GmOQv$kLO8#lP`3S0%1ptZpj-Mr5JBJ(FHL8)-}kF^jxhbz>IQrYm{;a1$+6bj^Z
z+|gXLi!<|kCfxIb6pwjYqvBPDg8hiOQb?%iJmDOfBV5OqnXy*fZ=GD8Yu(@9-&>BG
zY~1~%7^%27NgFx(TR14=^u7I`SA@cu0@mHU`S!i)cZTgJ+Z8=)o<(G`=Q0g`+6dfG
z+5Eo$XCraXtJ97G$-HF#p@G{WPiw@MDDAlHmucbj{k@#__THA)>1Fig%?{>+KKhsD
zIY`!lV!|Z_>vG}fU9L>^4Qstk@*-0U!1+SDICHdI#i!uVDE0$Kv!^l0w(=H?qC_~p
z{Mvml<Kz5Fmr3zDG0ZiME5lbNo%iw_Dv#7>$Z>)P+B$|9={?g78%u4OS(JWdISDp)
zKQP@l2qssN-&@PrXQtVkTjJPBa^5#H8xCCW+URC4?qf2k{07;WMaSkUXcL1aR_o1?
zGiPifQwB#q357N8agN`<_ilT9H?Og0Z*_mmgmY&yG7vu#__GDs1N_;px3vy3js1ms
z(aK<9C_QM2VkiWbI`twGuZwrtmk6Bq`Ac+$zFpU-X79T9_U`I^qSd6<>Bc=1THpQk
z@qK~q<yA$(?$pR9+P%fRo_70GvKf#amQ%C&rDb<b_~t|OWk;rC?0WiWe@9D3p|I8k
zD%8QP@nMH!DW~o<|JmC~I`VD}beMqT;puKqKfy07d=!wnbkeh|z1Z_W@iPwHx^;6z
zpS<QwKf{ddRr#im4&~tdRSGwk+|KQ~_On2rWaC=E$jToQxj(<QG9u5xOLnO3rIUC*
zTJ1yfptd!X+IU!Hcqfq0Xz#Tba}|82bjkC*x4Zu8@Xzu&-Q89Ya^rKfNA3_S72NTk
z32*)^>@1iLDFg5}wAhVXH|vV1a=2#Feoq-1{)IMfXZQXC36M2vNo8u3rpm`YWZ@%w
zsV?o(2)F8$%%>vqUHvtwMnO4dUdYDKe2;m^&DV3bVczlC;nVLT@}b+;4~JMDC;nAu
z3DSPxK3wAer<nR0G|vw`CUSbIIw5fD-SE2PR<nT+Nv8eOhh&f)hn*V(??4tNlHaTy
z;K0nS@=KR<O7<|ZS0>gRr8#%t6eM4nYH0e<Q-K#q@V4RB^3x=uUNTn)&5@&PiGwD(
zC{(|Ws!0HPvs1Hv8~q|<e&raLp?Kb#4{>CiD{tH|6RLBa6hDAVP(n4FK3Nh2Z}I7|
z1WDB3c9SOY8~a~2Q4{^w<8W8QZFRnh%XBHrH=w9pFTbmQXCmuT1d~aC^1&*vJnK_<
zEzB>M)^xWnbcLw{DGy#ozvxsxj;m<Cn64MnEKM*WHzp`Gvv8vJGTXdeB%iut8$2d?
z;?uz_v!;rQ5*`)JI8p)@o}-Mx`lArI)5#7ypCi%iQGc3UcCS=KDHNz`%jM_a+imUe
zwNBnO<{rDA1mbSh$E&@gATVan$HrCf0B9?JufTB?Q8J$LUzbv_%4fi^vJ={=1}YnS
zIFIWS=igqmh-1f>mZ1iporRu0?<1NGHR{!AQA^|(gLSz{wd==!pcgwlUA%txMbL`6
z7l#KN4uVr!w64J>5+<1;1sutbS{ByfK4r-vdgJ?^OyGPWsSZ!-bC7`;iqM@Q5e4#s
zQ$Kxl7u}Z5k?4e1vHVJm6Z{4$1qqVDhq)U1<ud39uoKRrdy}g8N1vGY%A!T%@4c<x
z-D_{*9FGLmM8Ee|`T9s#NglGG&wEw}7E>v)Ohtoy8lx6!*a<O5(GYn)T6Wkgf%q4X
zi{dwoqSH)!h%RES@NVzNR<ktT^$u!Sf8{zd9lM^T+vLy8x5^M&f&XsCRzsqR2NNM2
zgx$Z3YSGe}ZXsuV{{GqJkaVYW0Iu!T0!5!aj7?lHI*Pt#FAa5e^Da7o&`P97B623H
z5O5fja%ea!E9XKUD`~Lo?^pCMQT>7Z;<ky5=$qW5su>CHn+N%eWRiz?+E7w{E`x-?
zbUB}22cP-g44`^){dlAX5k9l|E-|{ccjN_1%7*BSjI1;5#>%qgapg85x3`vU1J3i3
zo%VnK6%-tzRN=WY-TkFwN}Vq=4OewlJxMl4>z`gxqTeFT*vhRti125mQ;Zhf_D?JN
zY7kMTo%X0erAEy8=na~Y(qsI%NSX~kpo_uPNFjaVFPR6>9HwgaRsfpM^dlwcoq)|r
zQ~YB<Tyu_mF)48L$bY0p$HSTS(H-U!tR$nkj_$t8g$j2qgPeTVc6yrsn>~{IF^UbS
zaJzO`J(Olc6gIoPRAhmlX!Ka^u#j=!IiP7Dln+ghZ*RGtP41$({ADsgB6Z7ERPlHM
z@$eGx^I=1U8r&ut46}YXqqb<?h_#@~(Tdz=`KH8JGx=rBB*Lq>@daunYo7Bg;S68g
z?jX8IyumW0#5larYIx_6p@Q#*ixrAc&3Rr6$s~5EM~_6xzI}*u4*4w7%kSLaC5Vbm
zskbOYq;r3YyLR*q34QORLN-Vz{LbVP4W-rApxus`E0aJmeCTN_@8kQb_}yYx;U+Os
z0uKt6;6@=oQ5U0HyU}i!C8`(^IW4N8rB*f83}R~@AAU7>MtrWCRe*$=p}if2Ivkoz
zRGnwwuDvF#bQ4#VWbwLk_vYU3Y7HfKl!Yfd)RJg8fsfV4K1bx0KDe9n0A53Fs=o*{
zGBh)0NSWL?^f>^;f$9esDd*g$IH|y0UQ<bE_3U(kQQ_9IBjy(Qte0+?Fr0ss3f7ym
ziTrX;D~-Zb4zDZkiUw}#@?-``sFJ}Hs>j<V|L$UF2Gul(#e$paQ9_jZv@4nz^mm9E
zST?iF{B?TxNu#*^eIPj!OQIC@i93(}72b(KcJ-SbN8p7ZuWxOr)W;_=w%2DXE*Mb^
zw~d7VYVjcm<0O07`B!HB=4fO=O#oCjF^faX#=JFyjy8vJ;WQhEpU%<r-y_<dG1+*Z
z`d|(f0P`Vc%#l5uVXo6-{k`4f4N|i+yi##-ieXryS}o0BhC?IgByN0fNK+iqrQ}s(
zV|Sm)zH)#J<71LLMhZWL7V#Wx;Y-&_q+&<B7o8RNHoB+0Z30H>^LFLi8W6eDE+y|w
z9c4YM$Mq?bwMH1kW6_1p-(xm1>D!|2Whdtx#GZ;)46lshe>QV*Eq)G2JLx?u(;ZZA
zW?mtG?-}IudGgMn?EJ7N)%QjkiEH66TRsbO?##M*FV8R?fbcjk_AyareLxQBTGiV2
zc<VQ-F?F-Uu3?>#g@FPNAQfuP#6JF}LmospRy7DoyY*S`MO%)EH2%diu7aiuDi+Zo
z&&-Zac-mh3>tAAQiiaYvt1fGjNwg|xt{M&6q#0M$^R8%opWwNN(WmtO`eLC`Zqb3M
z641zQnLwq~P6?Of2bKbv#!VyniKdT<xMIJeYy(<ODT#%Lq}O#=ea>D~vG_Q}>7T%K
zGF0CkqYonp&WMet>;)Avn%jIg)@gUoYq`+E)#-bK-NWZ^#}zphjCSqKfU|l%miGb;
zSdf~Y+?Ujt8{hAI;B26g8NGawjoW>u?Zxl5@Ie$E>hFF5`NWDKxQwQH?l3~m`$M2e
zxP)cFB&+#OL}!+xslqIza(K*t>De(z6jaifs^5!%hfY-@{hH@-c@L%zJ%v+!xFk~#
z%7zc=vMmt0Q!dV2S+d4-Y9EZY=D$pyf^HWeU040#BN1wgIw~NBOS}Ef`x-+aHFF?r
z9&{0|KVZ@b<=<v#{Xp0EoP*@2hbPgYcwC&TPU7}O6#o_|v$pu)4Flb!>wNd-P<5K~
z0lJ1!j@&i}KE1T}x|mMvCL24w+J_c2*3YHvn$Xz_)-8nw(Ze&reo(2$_KlRnnb=1t
z2PZ>KjVSu6x1FYre)55v7kF&$4|N4>4c7mjosveypRQE`6*8%&(JS~iV87OE@8~$x
z>xrqBJ;8knB@#NOrO%RZHH4iYAPy9tqUfK-d8FW-99S_GE;DUBD5)R-b0(LIbLl&j
z8nN>M2IBdBKn7GxMuAtjVGj6yf;rfaVn{Qwrp0L;p0la_4&9{Kc-&oWEk6$#A~cjE
z@J?ufzCgEq<I3k3&1%q#28g5S6e)pSx6=a<<6EHo6n4j`YR9an4)k15Bzi)X&>)*Q
zrl=c2KxrI5M?1KJ%{h_4Lyia0Yl!0gx6TvJ)DEO+8dv4@)zop@bI;`pk5nP^Ym?os
zncra3o`dad%6^h`{kR(14Cb?Hp|S>JE%0~hr^(hN6Ns)LL28ZyMdyDxQA}J^?Z6F{
z9ut*tF*A2I@)p?n^)?V<bO_?D`-GFk5}B~YRh@;6LZ#eE#pC*+dDW<4m$u*x!Cj>3
zBZ>=s;*Bs+e%K)nwaz~Vq0>`!=*frO^DPjn3rY^&u#X|+_TMwYmm>;lMx~z(27rW#
zj03DZ<NXw84}jAq5C`?a4G9BWZTm4%NrO|yCF%P<Rew`IMY0p1om?X9yynG;bg8n@
zzP0u3xn`ib!+>=c8JHk>C@z7^5#8~$ok{b$Ae|Vo=(&o<a|eJ_o>wFXROH~QR?mVo
zF5GIKdzV{~#@M`Wvb$c=X%E0AN28-(n&_s7RW6vZ)v=29aSL0-nbrEB3W#1<gFNUZ
z3tuxm%DBxK4$*0QcL;O)&B6U&1d0DNLQmpyTxLYN-_)@-NpYkj&ZFNZPpVMf=^=1_
zQwxeDO;Unpi~q(ti*u|m-+zqe<YzGNv!_jIF9CnsW+TgEhB33g%ZW_yDfS6(x=;&0
zH-4tQ;vaTsx_M|sn*N=i`!_bwBom!5tmzqIFRPQ@&QGeO!73ax0OcO^6D71xQbNLo
z-wJ^eYM_;*%64G{dqBb~__$!mXsvJOhGC5F5IT;jm8;Wsg9w5-7c83y3V7qa6fSOZ
zJLJB8^DL@^%EsRd7M&lvPL6bNx#SHOKB>SnSB_InPwW=lPiQ}AA}R{_(WM-DsU<wO
z8*e(&+364qfa@HFt>H~<N*iW0UIMH(Ecj+TJ^-qtT3#HwyrCR<y42t09p9f_>{T{)
z^%yAqJrAL}YHw}S^0&eQFDD+Y>SIQg=)&$aCVflLU-3)?SfjNE<7k-u+d`^c;+Fj3
z@%ZB^>$CwNYBpDn++l+uct$)=@Q^4OkP^hU`EA%5HdLOcEunO7RPFlnbu(&oJ_U3s
zy&xr&cfjUxazrfE3+@*mm@-@Q##d!P2>Jk`Gj)l*ZrQ)C96bVnt1^4N^UB=@L&nST
z0MHf39N0*GtqE<f;%9B6OUqJ+CvKmOjg2~GF~y5o_!=lE6#&Z3cH&Li3rA!outR%=
z<9q#+XI{eB2_4YNj@#ud%K?F^$SLr0Y-??OJ2<GN!kuR%AyC!^hVVF66~AsU7|-o5
zXNM1qo5oHtv!H52=_k6z>%?B(AQ@%J32Kwu;ZvoCY%hFQ>)pWsTH;3m5&ySQ@`caG
zI7zkwmK8^NIr0e6jc(JUr~thLw36R83!3GL2%>W~ST?~1g_u@$GEU~lU~?%(AvU&p
zXCWP;w@9W;Hqex%C6ehx?3F(RqG)wzvTSn>p2_XHHhln<{**Fv+~beH*)_ZBl$mZO
zt^4#Uo(IdF0iBP`UW%0cIx$YWKe%_UWPfo1-gJXSTB2lKoD-;1T0a^JrjvalAShoS
zv}YC-(i#6qM5msN2mJ`;olYn_4ZqveN@-YKVL_554-Oc;R;nM7US?u6_cyZ(1zH%A
zBw*~@=w4?-kzv?(3DEXIZO5uq*8Xb1cRHvXv0?kCzXaM}{h$6?X#diG`lm8Oe=HR3
zgZ`Bm=&wo-{RMg9?<SNTGnYvTI`!#jUSg+1AM9xgyxjwTh>fBL3>_B4M&_RhEYJx~
z0OIbLpjo-y4p>{u<zNw{m;9eeUrzBpWe3~}z<61Jhje~u_3SA?Tz<cay`WzYNFqq|
z8!DI3qSElC)}KT=q!&^S@~{6hWXqx_a!c)>>7jZTQvMh^dZ?h&<yt+XLW)kifaF6`
zta3<^@<-^PhUlO#7r}F8)qyCnQjTPu^sA*fQUI+m6}1|GKKMw+5Zw<`yHh+!W)ZB8
z9R;Wf_XddJE-d)qqf?gXBxTt!@KYGr{hvwQu2Ld4qQSEId3k7(G`-*J@;CX->_OK7
zhaSG@9$-oz0Sul1L(>>R*#v|WlDmR}g?`j#fbM#7hdPV`Z)NCDhoETIbO^My6xJh0
zh5^(4y(k4?s?kx%po{7OCeBy|$RcTwuJag==a_dw#r;SqEccPfK`Y)2l!Q#(P=L+>
zKn=9ufksTtHxj^TJX)o)g+uYH>7+)9%pV4pC@DEu{YN-#!a4t-%X8SF26Trs9RQiQ
zs3!IfOTaMF^rJzS7^%59K{Hd6b<m5Ij|ee_Cv@DPkSeUBbMN2~05&j8{1`^Lv)6lY
z%_J%sogIkN=YTjdrG9|^!9ycia<iyb)pSDViGg{r02^Y-GSjZZGLKpPPBecSmT2m{
zVaknCIq%gcoL-5+G}{`m_>=HWHoEwPd30Ld=uofu=P0T!!6WIBkoSTl*fx5z@shCz
z#*irG!DMXcg}ER)_V7otTV~zjX?}N8$7z%dDM!pyfiUWKvhrXH5`Mh9#(Yzbz)Q(4
zibAU~K~uJH4mg6x*Z*q-JhR;;511{4<V;yuAHv&r%IwFN4)fzU(msJZJqYee6T6l5
z0TdnDo8tuDBkX4Aew}fNWPxLcQ5WiIfkjxx?bCvtAUpYki(}XdHg;YlShh3w03KUg
zOV>XMjZjWX5YxyWq)lJd?4WQRs97T+ZDlZG%Z!1-Q4(F7<^+v(`CGrEY9HYw4ui^j
zjHn84_^L(Olv1>wX+nB$Lds5U13;zoX1ix|frRIIt160lxTd)n9S{CWhdd|Vn>dQN
zgs3MXFjY59^=%Es(ql{d9r>CO+rqm5?LxX9aq`$0;a&gEBrANIsR>J`AI+W_%pRYm
zm1oR;P~r@{0B<@;KyxJ1q7S$K%PsE{`l&#$?6a=3zz#|u-|+2?rR{iUT9khPs#k|=
zjk&P;*AEqq41kR_JOjTpg25>qf%i&?7HnuB%IpFx*QcU=$#U7Nh4n>bcK(tFU5CfI
z{v6<gA7j8(UH&GSEK3&un=7#X@CcDQr2pjVM8|&y)=~O-AGv!=;_3@(uxn1MKyu|z
zbR!v=(`GpNFZ_M9^4SID3Vp~Uk!kw~ND6m|2)v#otCa_AZ1KOJE_MH<1)CxEy+g1(
zC`B42k#s}i<WAses_#tt#F_fE>2CB2U4}hEKh%~=_XW~RO8A9(PiC|1Zw<}tg^PS?
z+4w6;xC+kd(=L%8S<aGRCSyFjnV)l#&E51Kx?7zw?yZ==N-_Lhex4~%j-zFqm!pK7
zGoN@hscVIHZm!=fptzPXeFveN)$)=>E<=LR57<2Kd0zdvcG|4@&hu?2#JaJHgWZ<{
zuO92*BwJB4UcGx&T&K^6|J<aByQHGi%QMv2W_{!_uqq|<S(4LE3~lfJdbMKl?7uvu
zj(04{t#ceD*}TI{u`C%9>z$dh>cCRDGOahqdqOqxpBXJ+MqOckr|6|f*VpMgT5i`u
zy?6NTjl-J5)kroQl4vlYuX0xVLw9y?XXoAWZi0q64f(9`!rJ8X&(BAbtTPwKg)PLN
zQ&nu4_C7RDi`pGWn@IY$idzB)F^5KM$NZqo4{TD8=`*Tc?&SzChPE<&HK(9Y2GKbz
z^6PuYnm0Cw^tdM&vgvv*-3-`cnGG~Dyk7HX7<2|C36=p~%MG5Daliv3i|!8x{qpkn
zt%O5ny%Aa$qi=I_%3!TfHONyaxdAatjRG-mC`Zcn7PEdYS;4m7OKxi@Y1v3%t_frd
zTT+tR2`c`x{bt8#^@TeX_3NjN4Q~^Of)eIkBKw^60TU^Lo~3c`n;-55KNh>a%tk%U
z?N4#R<CG*ps-zcD*rDK(hL@KZK&Y6InzWOp%-QI78nzD6)hwsGGc*L!In*5HW0{>>
ziMii>&O|l?bJf7#j|7x!q^#U7IS)A}_`$@&9@bBDEch=mE-4H9FTJF}4SO-})lQ$^
zXrL24`;-n2ropmuX(bcHt7j~(>X*L5<GmTCyA+liNYlg%ejAB&^l&fxf6=p=ZIWU^
z9s}X!ZQq~_l8&1EYs@WsZCPeWdSGqO_I2YS+~w=bjf&t!&4T*Wz`k6UW?#OeyzeS9
z4u0G0A+qC=Rb|V3@pV^=B3*yO;W2acSF&qbhG+wI&B)8~f>|O&H>a6hyRw*6i8|KG
zbDU50Uem>u!7KiwEjO2Tcb2bXvRQ`h^!ozUl4MsWV7E^Hbcv(~S?EuXqbBZW319w@
zoTaPtW&65Nbm)dhf6(=)al2bZKjpGMrQPaZ##19U&pG*s<XlDRoG*sqmA*mn<9dKm
zr?XO0I6i?dK;@*O#MHvM=tgm(a+NgE;w64b@i%7t$VU-f^7KD1=@6cAm$757^&-v1
zKDPnSvT<fjvkxzGTuUl4?X&z94=U{Cmr0tdH7`k(C?mF99l>--d7W1C(>rqDgPojE
zi}S6~Yi@RKAfwe2pW3<n!}pE)loQdh@1wJ{bZm#VZ?h$?`@F8^7t<IOEnan3UUZ5p
z8}X>ttLWcZtIwuFa@1jKe_?r$Zmv&pF*|K5{X10x4tcgKgFgaBWV!aSa-IF*Rzn%h
z)k;aS9(P!Ylpf=%RI=tbx9;!+@qxQr!Ec4#XiK`>WJlOjw|(_z_|E*xtJsW^HB9>Q
zm>zX<YTC|Dl}w)f9b<xi0m0cB!mLALj2t4h?8#qw70I`{e(=69sbRkI<;b+o?)y^3
zjN`)&-qm7PM+~_F6{ab;Gs0be(|ldpdp58i>c2Z)y8copmlVkX1w(tcfV4@Js<{eV
z+jmNu<H&%b)cV{@=c<@N+hX(b7W~duY{`O9$QD88txrQzi-(X)9{<=jk$OrK`+Kvh
zuScwp#0QB%_w0Ii$%mJ!0vKMkw+BS+`(|6*%JeoCVq%SKk1_BoAg=Jn^mv%~4^<Lu
zGl@~LoB(=R(@WOnvDv&%Z@^-6D{Iz{%kF8f`mo_s-NQX5r?O2uslHass=DtTBUhf#
z7UuxFm9Oj(Wmxl3ey1mP)4UTOFgPw7p_;+%NwcQ0!evFy_K!w?bnVvc=N?RaH|hQ9
zZqYC>En~8Q(|I%Vb-kJ>2;30ybyMg5y!Yff5pkRXA4j&hE1mH@I^MR_JR`(@%l?;V
zFP_H0rehl_x7DD^s2WVFLm9k8r=1fxQysrkRWKjx>xqkN-XU3UXF1zPw3Tu%wV;jm
zDy~+gnjmfwlRBf#Q*zD#;j$$5dVD?1K+=HtvG`$#LR@>$eS7(tN4AvL+KIndE645M
zA$fgxn*L|-24)!uRL!w{BK7p9w6E3GL1LC$rJo}*cS{A=EB%#ho@rA2^o;y69+~o{
z5{T{$YcBCaxnS9sqT1wNAW)^Y{raQgk5cFH7I%HtP_1bT8Gg^&xssk43<0+fUV_e)
z0kT)0(%y`K6|TGSjP7B9`T6D~exl3wMz4FVVC`)!OCO~fvLE^u*WxO|RR80#4`<9M
zL4qTaZ#;fw^+zGKQJ<@PiJx!swGn!2IJKxhrSa0ut!4j$Iq$T0f~nk#*FupHn`Cri
zMZ6-uF+$C3XVSyulBu~?nrji5IE|p_!OnkdQKql{o;P}~+?rZ;|9n^^w_jtZhh(EX
zcPqusPZIj!FBc_o@_;@Tcv6DPhuBMZMiq@du%v2zKkDJUk;&P{?U&S}xUIDv6za>s
zTF@rWR681z9Nf3tJCOkuNy-{H=l|^q)-3Mo@e`HYcFT?_Yg5nqu1rY3zG?S<D$;1n
ze(x4@B*D;tG~Mp&ga_c|W=SiQ-hl<`IjjumQO-xVIo`X4D+@gFh1J;dnda1eXDOqy
zt&`9A?KgY!KBW~mR1#$#hvk9jQL?5|QIWVPFOe$WT}t5DG>VRnpH$zwHS}SyrG6*Q
zB%fTaRN+nTzJJY#^r=B21Tvma=Q1z#8dBQSUt^}gyJyhfdS*C9;j_Sv|JL93@%KHc
zF+LN{o0viNSo=@@3tgDKqu+)tPmF^M3;TVFhfBETd)DZiof~&<-84$~8scbgW59|w
zbj9_A=)9L=N!M|>!!}p*{UR+#LtKR!o+HLSw7VYAZwJdQD<<vLSZ-7FEH^n%Tvr{n
zt@NXPaEr6iQ+q2uEw{5L&*%O!%crb&td}mt5Z=yPkMfTNn(2Zf3TjG&$4)t3QLyLt
zsxC(;lH+f$Dn$NJTeOOs7XF+5M2-1u^UEm;k>ylAv$`eXob&d5HK014#?sm#T*;H#
zx1!^NJ;CB{laow3CvhQW+FXIs)+tQpbC<^+8_U_|i}$<qv5`x21<KFgJlU<g-6~$5
z%Xmh*ot2Xu0Sz8?uk6WcB*a*X9)?G{50^=&i5_2>_GIp{Ze$F@=N+pQO`Q79&&sd-
zyk!5{rvMO;ni^n5F#xCEznXyDa?O@Vo|{ib4=c=GD@7Ee{_!H(5ie&J{F6)GLKt1_
zrhU#Ig+WzVaTvi9;hlHMTfL7s8uMf>ORl=7_Hp#kZ!KS9_9|~bCUPPCqlM$bK#uhN
zLG5P?#pfRDFTTYUaRhJ?ev*Jwt|^V-)j1-u0XV9xcTGh!T#qBecQf|&jdp9^_i4P~
zrCT~aRdGV`Xpda@vne=rHzh-lq4SI>XUEEW9JOmR>%~-fOs}_J@R~j}U&DE8Z*{?q
z0!fAq(Ek2i{syh8ic)-w-~f1#T{*JVN%1d+GX`@jadEwA7o%^%yY|XSvUx^KASI(I
zM}EqT;(OVaRqqPA50l{&tFlQGUNWEK!R38=L$gCuGvae1`yG<``x#xY0hlqnJCpW_
zLDj5i)O(Mun*{Qrt{;74IN9&hIeIo~V<~)Uce}u@muE|QwL13I=PHHm^lKdMjvRx&
zko?qhj);9dimu7Xa!Z)EA>@u1bMKLmb$;q_ygpAu<%&3)>}WUvcR4BK1B9<O5>|$)
zZ-Z-??3Cqv&Pj*c5YJlZ+N`K)_RPlGttQgx@Jw6IXHu}=%E<0r@%e)w245z%4WEwE
ztd`QZO=I84>}Sgi+e00NrC1Ri@iYRivp#lLA$4mxCND9BRt;R;>;#;)@U{o+;PsmU
z=fOQtJit=fzLw6JLBWpqpsUnN#ikLS+Vuu+d=xC|Vt!2{U&Ijolq3j?tLnQXxr$Y0
z$*g33CA$@~frrT;g97}(Z*RWZ@EyHI{7WBKQxf5tSG%Tt+md}JZECa1<Ej97u+hG6
z6A(M$&bS925%^1LesK5g_A8Ic+x4m*aYsV(=W}Dy2sOO6g}XGxpEd(t&%ETpIa|;n
zofjvx^MJov2<zz@N-t<aOLkQKvY9t@2LIln4O#c8EhO!H(3|$8F`)Ku4f~CFC<8=S
z)h8}-1>$S0zpA)@RqQbLuW`mG`vtUQ?mpnM$=FzR4v=*>2qUEOD}RcXsXIff_Q~hI
z@hKn-2z}*=u6xq{-BK~($)p3<FlU*;T#CZ+@(npM_qTnMG+MV#2eP-VevZ)SJ!!1y
z)n*^s+4rm*%*LQdQUdNH9Q0nWhNrZ*GbsCwunBX>UscA=o8}1L?;TyV8J-GgAH>!v
zFngyEA#Kq7J(y!cfj0~(d9~_%V!5~7jKKpagU%*T7W2j=dL^jsgGsz=d8ZDKP4M~P
zHRi$R8<Zuk2-ij(UGFhKrv`nkDuuXb`Nn<my5c`EmSy@W{1F7h2P7%{S8U`1@ISS$
z26QFABu3=^03~|@CA-qMO3i(<x{pb1?mA?@XcK3@UWOT49Qx~6Y1rkQH#tZ&PI@Ze
zCVyvV%jm+w=eJ+$+K9M(R6BafgkRGSy!+P5B~FeXw4?g&9Jx$k`S#U#8|&fkwr{4^
zs!!B33iIIa#%V=S$JC>ph`nki^mu|qS!dhP0MIQ7&Jp0!9$IC;TIRDV(~N#p4h5vt
z<rzb_Iz#Fi(Rp00s`~7N>yBKIm0IY!mNt$3YsU6wBeB8YP0gKCn8GSsY(ViAS9IeR
zd5m=2nN8Vt+D4}uRSHD+MRQtZ*-d`Uyn$t5SCy~k>4i^=@i;X~oA{l&<Dm_YG<vzl
zd8%kQz4sxcl-ry(z+dy-kDrMCJLU9i`9ib1ZN-&6t61Z2w;l6I%XOa3If;6toa}dH
zb=4m|TihS-0<Nx!YceCYWgs!nJf3M^0f&p7mf1EQLsL7D*wF9rMB^O$_lt}v6Uy%w
zTqb_Pl7NyD@B8%LO$@R=@k6qn$^HZ<R^_Wx=}rD3gJ-K@cg5ZXKvU*uZ(@WF+7@*>
zMfSC_jxd*x7yngcP(;qnmIog5_ozDuV=pkyDVAVocV#qpQ!glNYD}akqYDCT$-tHx
zh7vrzQ@pW_kH#mKzP>*0XC{}ooBPHqHYluk2o2^tk778pzaBZNSl3m;6!9*(TJRJ2
z#5e$H5`V#rzvvqJ=7B*Z9uS9h9}dTl(kqsKyGCA<IrP?Cg(rD>D`7dZ%8m#<oN5;`
zuvft8EbiW_*>rAxszIQKe77y_bmr)dJi@Rraj+ntLf9W}x>Xkw%Dq4D2HC+`qRZ`)
z=NRVyTZifr_Cr9?FQ4zN&(@`$aCh5EreuL>ne{*-lm@CP^S!%Knit~hokpSrSAWYR
z0H}+L@G#8w_5KAx#fHv(X30zS1&e8t{4&R~^l(EWXS?&_hV?_b(@ltiu+Srl;K@8*
zS28OpStvd_(Gm+OQGKq4l=J-Tm7VVz=;YpzW6PS<fm4g=tNISR#<y|(f$UXSk=C`#
z*Pk?2Msz5(e^W{v9-?hNL5h5VO%YHyGOHS2JjCr)6bp?~2%a(}LrdoQbYK6Bb;a9b
zj!ct-+o>DmjrS$5?L2<v5c4VpUWrQ{)7t$J8cHV}GBu2sCZ9QEDx?X6zsmb@Q<_BY
zsCI!QX7K*gW}S*GtseDD%Uay2lDZXs8m835h%Jm|Q}g|@P90?o>vO>)N-rO|ikyBi
zRAQP#r@s>rD}D$$tv;dM_tWVt&+_c*bFFJHzXb>np3udvs`AUf<$os%Ni>Me<q2&p
zG~vD(&=R{&o%&pa!Yd(&fpPrgiF{JV<$%3Kac0GY*TMWquQah&%Ayr4YNPe_TnY_#
z_J{IvMS!|)>D35rivn*)A7iZm_8-kr>nk!8LG<9Jcyn7rsohzJM)FdBe>WRcTh6xR
zHOVE7FAcU^*v%wGeuKv{26bztL+(-tjZ9r>r!%JHXFxWQe`3ZD#yN9nua`@zSM<*8
zU;*5)05C|58Jy2xdj)^wP)0Nu6Jc9zo@(;&Mh$-XgO=lhx>|WqY_CsQ_-iy^g(>xq
zGW|UGU04KEZZ_zJ{M^i?M0$B(Aaxk%O*|))qvqx2X#Y);IDUzeb?Va{6Fa^Vw;`_x
z7u=Ml`gv44vZZ*vA7qjNR@R2gIPCYIibs4TqAMq4NLcfU5o4In7N#RBRXOKbvBXP8
zoxqq@*Mz;_<ZQr`ye3yjYJDekdHCa+o?lfua)1@8Q9SMkxoo%X_}6~z(4S6`ddWOm
zlqFf3j8=5DBgSe(ND+@q-enlns<d!7rQ7TTA$XT`;@gUcn{42aA!Rq0UdYoylUG@^
z^+?bF5W%6E@3vbp6~&&zQ?YbSEfNVqqIZ}u**hux5+a+uM-UsHU|FrK+B69eE@4a_
z6@7HeBv}HMK_8g~nprG0bWU*k!knjFtO+pZ1>vyj>(OlUGRE7Z!hZy)lC@paIbV|M
zZE90$+zwRuLyX)4ilLu(%F{A8+^(29gCX0HpGh-&M)gc<@y(hUV|+(Krv7ca!$^5d
zQ(E<xQSApg0OtnP1FiWWK1O?MJ)Y!;?vB+9LIFdT<y1&7Kd~3;t8;vK%TSixpZXlp
zGvk0g&RJSn{&%DzJiK>zV?yNBA&2@{m8c|0une+MyjW_nXN_r2ExU$UIaSXO|JzT4
z*C>$kaF}lh)CP)=&6qT3vvTV?ak8=Su(<(`)TLa~#A3y4%eq;jOh!^d=aoe#6CLss
z>V~q$BK!^aX%m`kj-+$zg=h?#uq{}W>y@R`m-rx3Kn25$qxcL^KRJbI-SxSNNJnC$
zS_`#){Z$vbQ&$VD%juC`ZvaBsOI9npFir5wC{2G<wq;m=9HD_u|C0?1l1WWU_zHvz
zBkbZ%@z@kWM5Uj%jTdxU+%mVO{6Y`f=rc3|L}+Ef7@t-K*L7GjWm->^b$jm&hxjrJ
zkRW1DU@d@nWn4wy)?gK#l0c_>q%<TbAvWL;_xLi}UH8-OEE$|@&a_`pOsgc_w)%R<
zIolEmQl+cXdvFkAfRuscQ^xqytG5h^^RF&9n2)~m-)sUJf$*0H8~}uBhOOiIlxx$4
zM)5k0{-cg$t0TtFn79gSbg!U5AHN~)ZAl@i`%#jIkfJ3z`oXH8m%qlrETGf<YO3JE
zmT}?1QtvmV$^1zSO0k3_I_KkQS0A=4-0_m_jPoIUT&?RFRQ+8fhh%aC#FHdEnW`wA
z$9z(MNbpQ9n_@Lc<$sj3t$`W*XHp2}{c<s&%tw<!<9{!hc*%;XlpZfq%MZlIysuh@
z;$p=x4tO>Cr$)4m@%`5ZXZuEJs2?|SwrbyA9jP}I$=Fb_r$v$>%I$GOhnSyE_M0Ij
zNf>%m#KRN4y_$vZjGXfmKZ_trAhce7J%~T$t1sF$CXe61^O8lOqa`#d0w^`{5t@`I
z%GMWOK$H)n+XZV0L62LzUuYTQD+Zrgod9N@<yTGH(m5Y9C!-gxD$nWqWE)i@K1Zwc
zD$?n6o_kN@imIZXD{Le}V9}@7Wy@~>kJ-C^Tt^6-#$Wl?Z{iLuq7A`zJ0=(zB#$M#
z#qYDHSjklEhb~r3&tZ9NI95mOKZE-LGz2@7nV2yZFXYI^<KC)VVLP&i`+lL`UMQfp
zMf^0P1MnKu7LazDJ{;#YJ}1#=9`Lo%2O552ShB2fto=yAN8Ol?1H$?W9Nm8$#Kwme
zY<05VryWYV6g3+P0e#$er-F-fLkl_I7P=)hk)T@;=#SRINo8+VjN8|EO}>m+7YSPD
zSIwa|Aht91Ds3K(G)9yJND2Bc^GG$hJ=u$9B`>C4I!o6zX+P9;>#WsVm2F3vx1Jig
zq+LlSCN!b6wMftjK>A}>5l#Mp);;rO1HTln&|f4EXRESn*=5}C7}Ka4;lfwl{5D@7
zfxvH58vi#;qIHzA%A$=4<FEG@7c8%^WU_`4FmFB38o@ez!Lk^kY)pE;pprw+YO6oB
zKZb17yclO~p<xPH)@;YB^j^>=1m)d(H~Ho>Gp4jNQm<F5)yQ_zq&7okP!w<Er2>XX
z0c?SWRn=<M&^3lyNFlzoV4;CAWYs`M4g51D^eOWbeFz7kF1gDSG+%ilC_l9hdfR3!
zC73#?Zq-00Iqr5t_cVq5fbX`2M(?or!P4OVtidlnqE;<Us$t2lj0jO-JK`^;CvYQ`
zTDhcn1F?|J<1B~{|3NF|70;FF=Y$dM-)!COPn^S*WbV`ECWXe{&UYVeT`<_rL68>^
z{WZ9!tPF_g@23$h$_^G$x&??x@?dJzlF+3@GNA-xrh^)5_AiECW2+kV<O;7t#2CjN
zZW>T7#eL;3uGVBhf^Nc=wgAarWqiy)@}9Y}_U2FKch30ryEbGWGrZK^IsBB^RHl^i
zD56*K8kCE#{a0-p{Nz*CeS;y`H5M_X<vu7;fb=DEM2hNySH61}-jCL^hXN^s_hicM
zn>C5E%AQefH`KE4P;G8{bP~r|K>D?2b}@?>&3|E+Dr_zpot5NaZHqbG9Lc}->Rg&f
z)2S&x$D=iV&N<!UUZC`#e$~WzQbN<s=#^>n0MRMc(*m<!ulK0FY>Ema#LPS!HFoXV
zQX)f=!IPRiU=`5Uc%DJ?i#jF0Ww!nVT*wea!h8o(we&L_QDgWryyLCAOunC@gt2v!
zDzwC2G^P8bJWo^cp~SDuyvy}XA%xMc!s6qHI-I2(qJQP~t(xFZ=$V*4c6Z(Rtv64z
zc4vQ6hYd+ihUIrnYTXUUHltUIwb0PHtVPj*XhNN+ijwNA4LigXaz`d?(IkH?Bw@Q~
z=90en{`xF22ChhNT(UE9e;XR}fGCI(@}%2aSs`J(_%M<5J9!@7{#e?Ipfb7|$tmd%
z`rI$)WMiK!H{1nxdayJB`OO?G>oW4WEnnru1Rto#uF1&T9Z2W%L!*YFF-2K|h3_Jb
z+6B-fDg<QNSQuEdtu)^8)hTp9CW_Aesd`z@8reLhwFUfqDo=3~7$uY=!QN#qMafqv
zdul$iy}ZEpPYQyDoML<I?JU`^Wn=zj@N5@QW{%^z=w?ro2bL$E(sj1*vSiY=Zf{kX
zj*xw=81w(YcwxK{p0@z&g}+8VWq$`U-6dnnC#XoJ%OG7Lzq52%q`O~d*Z0AK14Q(L
zAVW>xXZf;d3{bl3@y>|`x@X^dhe_<JXk=4_@xD|ACeF*l!;*tYkRpV`Wv05kfYb+!
zKSh&DS;x1E=Tj-MhY{95<5v|N{;}Z5{Dpc{$eRot2&9CE5zQ>|TU||0AXu^xg{DP)
z)tJBYfQ%>ehI8{ntNF3jMG~}~{>Lt3QK}VIgf&}tmfG_8VxP+s4=G)8Q<}NO?A}r7
zL$HQs(>f~T^wkONL{hia#2GazkOyRp%zW=!){9h3)6M5O)H-GY*$T+@8^)$&pm3Jb
zdl>lggo2_gF1pyWz+(FA$DYu_4n#~j!1$<2Q<g?TK_2O|*8>p)Cy<;g2ji~EQf;g}
z*wHF`{&Gm2^30oS(Gx^AVJC5KgWY|6HJbSB9rGcK#Q~y$Zgar?tfJs7(}t{uGPUHR
zQwH9-0t?4%=B4EV=(|5Wa5K^&*1l=a=ilVfBT9`rIP`d?HGdsb9J*&*URX2y@|!wk
zdcfX;aj|RUnJ@1@V)~>U+VTqK5FNNRs5s$9Llo2w0$CTVCD!oeSCH|Kp^!;Q516)f
zlI`_weVZ6YD1*>2{i_P^B1kDVj%P&VQ~?I2Cr|nH&x|p*OXENN>ST*an7CLtz|;GD
zp@R8|G1Y}KQE<D>7ZO81vw72br%o;eM5lJYQBb1L*in;n4e5uSUZ+^<83!Ft@0q69
zD($<Qf5LjDlnyg_>w*2ND_OPmcE|)Nu~)$pKINC>Tj77jN6W+@Hoj*uABxE=GKV6w
zzom3yUalnu@eK@PaMlTZhUwQ1&QS$VmyKexi`Tzv1hW>k6<<ruAucjBvTwP|+v$-p
zV!&hC;URGtPdhr@Qw(Wg2ikWwxSNn)Xe?k0SrTkxE`m&_Sdd#niW#j(9lv>u{OEL@
zqgrrioLN|mwdX{nAd62%@U-#0v>33#-?Wv5UEy+|sPPYoGs~nI_&D!o{lsISvRD4j
z26HwAaurStG^coyQ=skX8H`n*3|UP<@&ZTur{sk_ha(zIR11r@YzA{%A(?lA0c;=B
z*zF&xaG3$`F8O)fFMDW{DzoqY!sB9xl^cny8cop)uLM$$FVz|n1@(a}4=p*Vc)Kn*
zChg6q8cW+rYV-S8OL)sy$$akbwLKT%&DoRs)!j~Ww5(axoKEt*0Sd^$Bvme*AzE*>
z>79+RhPBf7%5Q3LzM@`TtNF=CL06aiAX~^hulAUz&ZrD)#ImHu8}dDG)|60W;u~0A
zGsSdrlgh52YmEGPi3Yq^sUMX1lbkM`e;*^7XWS_F)sR@j2)o^S!d_QJrOtV|%ksbt
zTT><F_Z6ckc;d2hyAxII*z#!y3hzI4oFvNQy`gpkH{vA(DxIkjO|a{XnWAqVtx+qb
zDb1F@Q$Fk+U0mHaIj%KC^ZUozXsCJ1bt*Ew#$sWs(1L+)cub?#gXutb18|G>fv(R>
zXzyrw(61a&>RUR5qpGnvixYK$8nVxxGmE+k=ZqR<JqqC;9I~OYKOb<f+##9@(Oi<|
z$<&6E2Bd4$w*=t5AJy1u%SOFghWjdOG`kv*vHo+6!fBQ^<E(eRB)>#Lc){S1Z)w|c
z{=ZjSXyXVBX=_Lm3%I_WLc;<E&qvo@xE_wbF<k`kCF_2sPMvbt@JqjIcMIE$A$Z0O
z8d(OEo!qOX*&l_pxa1fbFS{hAq}t-6x+c@c^KRq(vvedb>l>kkTPprnt5TXu?Da0s
zmbRHE`R!c)m?!$GOiJcV>>k@N_At`H?PATr6aoI{h1fmcWmWsWR{p4x<vV-79Ulae
zWl<_sFCAIP8a~FX<?>nb#M4z7*~8<Cho*nmGo?GYb=*G{vAEIf&G2|o07=lC=&lny
z)OcR-P^~#boAP#pHPfx{GaQP%-(O2JEAcEH5vHn3<jnB+J@{#5BlbZ$Bz>I}9eJ80
z#Z-O7cmk}izJ~J-k!n=8D%&<5RGfF9$XD7~HxVv4N8V>FJ2<vRMS{3ojFffnTlp*k
zmv^Gmg7gMA@fd=YLk;te12Y+!&bEiCf84y+#31BE9LRssrPQJ|%$R1Oz*JX4Ci@wa
z>G3ct=O;{R%8ov{$n3hpXIebX*tBXqYx-pbi3RV&`<Uw^7Yl!`%1u{A$%c3)``&GT
zy_*_Q{F6F66FIRO03D8uO-p7MgJS}jkb*OE^~d|c+jG=ApH<C9J}a!8SGFGTGU|IP
zFN(zY_uS+B8gOE`bh*;`GL%P$Yf4%*@9s-p7f!gHyc$PWn-~Fo(tWHl6V}+()QWnx
z+L^;$rJfhEXF|QC`l-9qedI>0>6__~8#B)P<wBA*n6kN}My<uU%$;4>*;QUe!fbnN
z7k$>_HFn9%gq}%7_QBQMM><H+-TfOqoC@7>snlDKrYPQiDrO==q@tSA&Wzt^l}@ie
z;glSEVO?`3>x&1wEJGvJS~x-YP<1@#?F+|(wCmzp7T!am2Hosi?zfP;8Kg%!V*59y
z-<LTsvFcT7fw#L@M_kGK&BCUq{3`f`nqSKzuEy=OUr6!D=v|?o;eVUG%pl9G2OM0E
zk_M9ZQwzpO_itQhTb`W{@E5CPIZ>87?Hl{f@2R_w*UI#{Y%KD)PJ5AQFiKKITy%Uo
zvMRNJ8fhwn-PrCjSPE+_FIhcwt26@3wQ@7rQKhc=q5O~^QIJ~6vF)v8WoAjcKh~Rr
zF)P@IjqTC;$C04Rkja)@c+xwLJ<3(3F7IwAPsGn<R{opbn=y%xei30N{j~f8qn0Fh
zcQ!A1OGV^vBy6N@a<~t^1qA>9`;+{3-z10#NhBXx@zqxyMFF{dN&8~)1=A3nD<q^0
z2m-m@JTA9&u6Nv)Zfb^PL-;2St#oX$I1e{VcOhX6{D@!<{=<lih@pRC#3Ur7r6ev~
zl#&#^pnB<&q%`J&po^1rl#aF<_2CnTp+EIy^^3X)LUtNKNUaW$!zX9%)fU5lEVxTI
zaC**GI4?6dOGMei+1!%rvZI-`rLLu!g^%k;OF4K!WW!ef2JVKIrVQ5EQP2!+Bk1ku
z0=*%HU(wse3~O(R<1)9jwsn#}xm4SDlFQaY{-mL}7DmfO#nQ%B-Pg@h&sSR?>uZmd
zwm7M%z$ND`0|Pi(;>@_b9UYw9WxVB29*ipkzoQ=uo#Z-bg0q)D`Ol(mXz6gNIJ;SL
zi3>^yV1>oRxg@0pg(XDAq@~Yu0YapNFj7Loq5{GaGGZ7R5fQF`e@?<|ZWdNDx))Xd
zoeTbwKWT%*xyT3!d3kvWdWi};yIBhfOG`@&VMK&PL<FFPfV+<q&dgiD$^F!SM!0C{
zj&-wj!Pz=HaiJr^-3kw!{7G2pKOi`|Xleb=z)tS}A_`C@<Zb36BrJ##a&$!DI%w^V
z)3yBHW&B@TyX*V7SPJP{x;uNgVPQY4PW`7d;O_rD(SI6RVE?C`i-()T0h|_CAxj5K
zM@uIhP?MnW!HQtzGFRPfVFS$^E;?g9&~Gnalt1a=VQV2Heo+J?B`qQ*4a9Zvg0Qf(
zu$Z!xxHRUXsIWLjN<|8t3?1OVJHjV|7SLBxMdFgA@WqSD;usZS;Y-remoOKkg)c~n
zsYqXtmJn0<Pv6T<?l?0itR*@r+Sm4f`>Omu`^u=eS(@RT-SnNE9sWZqmmM5D+;MK`
z$6P8ZTp}WZ!d$#sW>{M%oU^+PAG)9auGrGe*3;5L)y>(F>tI7<Z2xN={{U}gE@ELN
zCMkfG!b%7Lxk(C`iAqQcSYSl4W>#1$X)9szlmB+M_%F=;2LZyC=2&4#b1?xcX)$pD
zF)K+60W))RjDVRW)<R6g61q#8pA>=>Szu*wwm1jNf5}zZ0r&534z?)C$T*leSp#ka
zEG(_eJREQ*6+A87aJE=82RR{>7#(b(`N41h^c4E9@eV%zFY5hIOJE7~*Z<)~_~U=L
z+0qGE*bR8KFg?~3K^jdiUsTrj9$p-!s1mTeE3_9Lbok`GQ@p0i?58rT&)6~8PmK?m
z4_<tHuXOL4TD|I0MdXc>&*_dlA;O-&C!Bwbl(m(Z|Ce$I*CGB><~hw=^=uQ*wplkW
z5J|gqbiVSkQplLwl3zOJl2+fibjPn`ZB%a{l?YL4UwLy!=t*Ogk7sAB@NJD3OxEpe
zEM?A}!3K|t7~l;On}sOI(iNPsy!-Zs0_UprmmB#@EsOe$-=02)nzWa>DG?=WDDmTW
z{*!s-LsdHMI3FDY3+sEt$c=>C_t2g{Eb9Z#Z}%iT;`?@Hc6C*6o(MU90qtg(PQQBA
zT)kTbo6Zdd_pdQLhTDEK)hE>l6rtk{hH#Li#y-jahrKrshw=^ohHr@?sgY$wXvn^e
zvSm$nQW4pgp(rAhB|;lx$y!X7C`n1y5?RX(%Aj4cWgC?(WZ&NN9^dDA-+$jfp5r~<
z<M{PYb*<<1IoIpFuDR~*$#dH=@U@tSiCdAJ%fU82yseSRhTmwV2Cujok&^AK5V5>2
zDczo&4-M!egU$S>4>SDF-~WTd|4BK}<|)D)nXy8Jbt_$1RSdQoRhLPY#gY+3`nnEW
zS^8$F7jQ<pK2f*Kj03)}Ax;-ozliPQ5ZLXM5Me-my$^Af-E-7WHf|{qi$v(1G=x`5
zq6=Eu<MI-9{T#6&{&oMm_+CNFeDny{!N6X#H<oxgqQ=s7ap+=>c6nORlK%OIAiuu{
z)j0Z}w;nakRbY3>G>b22PQ`r)d48EVehbW$xtn6w++&N&daX|TM-n`x7jRz%)sz2Y
zf1Ih`_P}k)_pQqnrRt(IM?9a=BmcDKO#a!qf)-iZhA<!Q*4&A}VtDvuDa@&7)^X#U
zv|5wb@0T8<R^-fmv$fwxhbRolqqnizNOE%8+yo)m-xT9-0&5JW8l-DHi5XYc7+;uh
z4fdqU&WE_HtPPM}QNo-)Ogn1fQv;jFh30Rm$kH~NG{YS@k%otWxuL$}w_s_fESY@=
znh9APvo{M`!ukfne0W+<6DIdh-twGZiZ1Q9GzeL1w{{exiHz@ESq*^S)x|za+$zK}
zD?E~_7=A}z!R&Uhv!&bRZ7W$6zf05#f|<UBzUGq&VOQ5;r-OEf6_PL29GVaIK|A{G
zz#xglS8aEao^~nG_U+S{S95>g@@05-)Fot>^|yt%Gs+)DM{7%!?P3`=4c`uBt;2pi
zMk2p&m1^0&sOfKOGrceOL!?$^-hGx^aOx|bFGf+d?RKss{0f<FIUoI;KA5Lh@GT)&
zXWL3`okz+Gm)4av&LmOzVi?$Iz5OiOtm}qbjk;y0n{yqW+aKO9H)hxD=k6OH0&iP?
zi`3zW;OsGj`pS{!Zu3V*)wNge-`qJ{HebtwSZ@dE{_tw2?$67j@CvLr{6GXOwb}nC
z7FMIRbvXbZF3jQ_gZc~PL;bGiP+7S#pXMGX{)Ri^pi)SVL9opfXKR1Q#;7nMK0bW@
zBT3D88)*xwqsTuIxv>ib37@|Sow30usqdzzocR1rj2K)WgZn@t1cuM_awZ5SRIN#_
zr*t>fNYTiPKG~9Z=fchD64IL00~FV*Lz+VIa$}8zNhu{~ug$8`n!;BZGW*slMb{N*
z-xoK+R76v7^4zG(Bfm~Ke&cH@^P%c{PKP^bJtoOGIL(ANdkLL%{<Ycrxr3`fWqd+u
zF!erOtG#u(6vq^4N{4vgyVfhs)_vaxk9rIG8>&x+;RBQ9<#jj5)pq>$>YhwiL2cN!
zUG)~!<3m&8gql~|m?_FK=(J5Cgc)|h@NyEMbWm=rI+hR1N{8WvwA@&I%m_te?Q*z)
zf9PsfHMvmis?cTns2(T5RuD&AH8x(h{T>jEUh-RAv-{2@bY`=*(-9y0dcf4*jpiF{
zqxC}xd5W4Kc=BqdY<<jn{mL7`CM$dtrFkZvv~!#_aqs4YLULo>l$kfWnwd1)WFMlc
zx@OVyarQ)x&Dx=?atf?Ma#yUXsN7gow}22AeKKp{rPiTT2adJB>B;}>rtx)e%@`z3
zpz}2xZfU);X8peF)45Mi&leq7y0&P&aJ#Fehym49;N|7nhoqIA!>+xmv=-n^#f654
zbop?WY4dTLoxgVVd-z`eOQGYtUfgKFZPrZG9-y%^u2yEK`Gl*<jk$l<$?@5wV+TYY
zf~~FFRwWK~Ca;Eu3T${NU(-ZQIO04}qkMMlS~&YLxxaNah5dr%_hp!tmz&@RXGr0-
znnJ;StwRR?Bx)6C2d9I3KTU3Nu%Oewmn3MkScC~XAI|50A~cMz`%I3>=41!eDC*9S
zvb%=}b$8R|&Q|dLiUDr|-xsm~F(S{*Cxxf)ic!UBcFK&ad|;v@SXh_kI;ncCV>S%m
zPi?)zXUG2H7+rjxxr8;Qy*l>GqHfCTx8Xar?yEV+HfPb0BUZJNHAiV49~$o_YiG~}
z@!~<6fkB<`!|Xb94v)L^S-t!G-9M`xo_U>aKC@f-HN%e_I=mV3_2u(pBKYq8w4W`m
z2TvknXjliYG*3*qf37T_|5F)GJv~#_XU*C0gDxNqk`N0zN*5=Q=hUTX5lfd98NQJ=
z*EPX{U*KvK4DzBHjNX!I*o(SBq@h6du;179{bvL5h^O)9*f_Z{t=JJc5#JO?9@ScV
zwubagS-8ETg|n6kp`BUN#Usy5HXA3V%_)_tTW~zf`^`NcOI=SBkNCRw7&wO5_nQ!u
zb~m2y7NMC0+w>c8HneR{d3pHE)o0d@($R_mog}&TSw`yvba?Ii`<uM>N4}i-Nit_^
zIJVh%jtgfkCI?c;19PJBDH2gtQ@Ej$y3L4?byd79l!%Ss%cYn1`@1=*Da9@6IDWH>
z*;2WmJ}5OT<kE0csk#Bj^Dar+=cH$o43z@?kfK1G-<1=T_8fgCuxHj5k96kI$2icz
zb40A~e%f3k1+k|uv0)hE@&#)FiD<Jz!Ez_Jnkw-KFy%17+43yC4^J-;<~bNY&=HEr
z==$f957e2lMW8JrjKGq<DeW=gsQoTAQx}VM{z2!zX|EPBN4d>`x&UTJ<7C4nx`>ks
zYYH<KC>?iniv_r5arpmLToy&?ImuSL(h2&7VKhylk1P?Ax}BTw`ChemquXY0k$g|N
zo)p(z>sD;?8g$`%T%hU@B88X!av$_cl$pd$2gG9JR|}<Ef#yU;J_DXYOs8Xn&Yga>
z8pK09bnf(ve=2E2h2XSk<m_>dBOEa`g;Qe8BzEX2q2jRBNUeONS?$=Pp>Rzry@0;L
zTECR}tUVzw?Ac7=eaMCQk^9MpZ<q0c@ftSAIpuc(73P0sFsA3j#}_WmcRS{fUBonu
zN8=2Q{WUtWD9C3Ja_4~poSJ58?t!F7f|Pas&oiz{34xg&DVI)-FR;jH_BHFKONTI;
zb((#ggjI+zW3_;mr;E)bE`p(PxnS}6l_Sq^cIWC-E*%4>yg^M0l2|rY-?fX2(IPc%
z?s2KQ4#zv#6n!N`OoK&8ycy&l>Lx9hrfcrVwc@91uyVChng3m|&3NmAZQtnQ&^`&8
z+q7t|>XvU3N%9#QqGuWLBEQickpweV8D@U>B*v@Q`aZ9J#UbuLJtTKZSZL1BT3`86
z2%&w?l8$1>D|d2O=%d`LnqsN@T-iD1-d>fZxs-}cUfN}HOXS?^3skLGhNiZCg@~b<
z<F^d*Ob<z{xktFk=UsK@9sPWA=mA=aWs*bBP?)lh`h8`)*HzkZRaeH#z-OiR&duzY
zwYo?7wcg&=f5%BtO<r97Qg$Do(qu>7$)U<LEkbr$^wzM2wO{$AJ$4-L&dUmyIfV8X
z=rRn^jkUAFOqq9)MNqm(@~h*PZXJ6V<5DatKvhY}2GP#D1KL}!sNow_HpMBqe)k)p
zLcv+?|3?Yu8)tPXxv_m@WQeYD&KzKR4yRTd5#-ZX9LFV@v4Wc-HtmdIYwrh3^c?GK
zzbW#!bo_$SJ&o#&+2mz6rBi3Ws;L~9QGa|x5ZyCiYe4~oCj`W!kGwucHK8Cw4^W+S
zX01r*(q+3b2g2xcfEl}ObB>bS?aUKq_;8v3UGmo*hpkB?B27n7)6~G(b9(EIg}*h0
z6T)$u>L^i}uw8$Ef{TEMKw)4c4urOw?3XU0KQKsoUVy7U#VKzePoHx<VD}r39;LHl
z_=XZXAXv40&xBTgU8Ip7#5j+0CJ)Vwf?cy=leecYsHt6|d+1ZouAweM#J~^jtqq9)
zzy)c!*kB#1hO4*C-F8JD_KjfbHGBx{SR8k))L2UEQBw$$T>gCBAF5hMS6080c2P95
zKMu`a8MAg2m?bZT`M9Ya4*VTjU#}kSnBCQ=sq7<=jVbr19wk&{R=pu~q5-_W8?~;q
zW82(fO`qTT)l~_6`0z@QPk;0A_$6CvlxuysO!8ROtL^&vOTja;_y+l4%yzc7tGCC;
z2z`4Y%9p0z!pp@ft8TzENA)79;d8Xh13u@S_*PaQ2;A>3CXVzTthcv*^f+@>tF&M6
z_r>ff?pAkK0qMzG%K=og(oXlwt2JRqq(hp#a5J~6aA!NekA-tleCkD&?}rz=hOUd$
zwI}RhWJ|E9xb|StnL2s!%<#ht+_S%fTsGdv_sQ3&rq-T)-=gOke`3{nyt!K~>_(-X
zv>-`BnCE$L-Ne3?>5hF9vlXS%84|)4e_KeoG=m3$b2VYdqy?db=lN3IYlHFT5Z!6J
zz&&p~G)%V2o3a`S1y2)RSH<?ViX`1xXsS~$9J%Uk))*e^kuvl6ds_abe>Gv}rF}Sk
z&HE0A3sh8fw0X8M5+=p_+<Fc`{^a1UA7PGK=V|}meW^J-uji7R$X}ixjYL8wMnuL@
zw_h?f&=~hFTQKBBWk(yIYyRE5a|yvuztCo1e=QcY?VnPLEuirjhvU8ts~6@fPq!`j
zrrk8|s2&Qg9Uve4{w?i|$HZ=@{sj(3w%MHrwBHNtD}RYi{+Gz@glJx*O{P6P@2y|z
z+U=xPo|n;?cz=bgo<nI4DKbo%t5Fh^4io56PF;yrG-~^JEg>_AIdJZb{Q3Cgn+)Lp
zpN8DrE?TNJA8gyv7!`X-VdX-xM)C9&Nv7^)4y@uW5w=7f4#TXm_`C@-8I5+UhnZhy
zFY+acKEFHa3O=)`?14(k%i!^o8OnEFmm4;3)CkBsWe?3KE_LubYjY+?Oj#7hR!m+g
zdO`X&d(k4vY%sXCR6M2g?Ec?HKh9NuC2MWSgtElh`cM35j%BF%2(Ji4oa%Ahn!DhE
zX(-uL@q@R97uWK(J6qGOLY%qdx3)7nN{QrO7xsnJ)?%GiHp{>6)0O8n>yBig2LbX{
z_qK~Rp6iwu+EldnbHe#UNx?S7V$4`(x;1cpnY3Nhb(Rzo%@Db%{now4TT^D7F%9yY
z6H6HwnzbGU^`!?^NYl?FxCj@z*Os@+h;}xgOiO#2OK?Fp=f7Jmd%TqyA1=vkm`(S$
zrG6F}zpE0q3tinL;rvmIX}e%7^6Awz*!UyZrzX1cstXfia_?JTSLy$z;a|meUDAAY
zyGw+oRGue%Njbgaa>BO@>(zV$LIH0suZL1XWn*nLHxAc%X!5jo&bqcgiy4=+Yu`;b
zHW8)YT^!asz`E>DttNYMm0zZ&;sfKma5OV~*X6Todf{c$(@G=5s`yb#rhvZ{^&H-v
zyn3Aav~8m(X8gR<-bcE06KL%qdi`A$@b*=4%=jwbO4{^PI&S)Yo1p6?#(#lS-JWXP
zQcdZ(;+#G8(%>vjdAi?zPj;Y%`T8YIF~@3sv(cqw7tDVg@xz#Yx-nbk9lyIKkQy+1
zd8Nx7Q}ui6tVjHCO?Rk3U~f1^^=o<F^_fSc+)@7;Vaea=o5<NpTsK-S*luO#PyQuL
zD{o!Rc1TK_D=l4@KWjt%XqmKTdg=w5<Akr!JBV+wc5OR1rq({n)uz?bx;$>pp0ITG
zpk<OJf#C2TBlEL#)F!dzpF`8HmsMSBe??%AT{5<Gdr7q3v&ox3p%`tkis-IjO{tkO
zO@(iA6#n6V-d0inG4c!dr77<6ey6CJ-e8+-{;_rZ#!0TO>A``f|0cL4@^8u!U+f8+
zq&<YS1ky%f%=qbt1GcYrqhYP^$ejz;g)2?t0{-V6zxBrln^B)r&_omxak3!Bi()Fl
z^3=oZ_xdR+Z?H|h)>*YA(=>W5-v5WvqcgLl(@mLo(&m&2>yl?RN=;+`tGg-kXlw%(
zLY;=qm=-M+cke&R4k*|z6uc0<6l4n96cf&rAv6bzI8)8I7}%N|2=nP{b)=pXBLBH~
zdU5+p%JA`-var`GO$KyeNm-Ixu!SL%@$9s@K*FS0{Pd>epRMO)VC!piU59<xLbI1-
z`~ZE|B!4zP2GMs}LrI1Beu#|sq9d#SOtMVMRn>t*es9~{fn5+UOp$Jr@nCNOm!?Tw
zOvA4l71|SsQ+X(VH^Hn19nt??SDt4+Bk>Ts8G*V6)@*lvp%kquFE{oIw#4!O>0v;8
z;?3!hS+A$0OFWYdn-m7LDT)+h7~}d<+)eT?`iRB6*!0FPm$E9tWm!l!Lz-7%*DDr{
zbD&f4_@@e{!Oe@?ACdvpuZ!H$>C$WZMgi0C=#buUH(|a5(qw~%o3KkPUfb@Re4o1<
zcIs_<NobghAQpdfNh5>^qt_PH0|diOsri`E|D6_<9AUIvyeM$-F80%AWFpDV!(jT!
zT`%#!(0Y0wreQc!ZMKy-OkX}JM%Xp8g5~o}S3ye==BVu^F*=rRZO3Hl#8^moI--UC
zi`9ou0Nt6Ikkm>iZ}v?FYnAdbv#3^w?f0e`JkU(eJitu4*%2$WxxEz4l`Okk8fwEK
ze<hzRz31qEt8GiuMRFIGmgIyC!Qg{nK2?>bnd2LtOo(0oZ?AC&GK1Nw7x<dS#irG@
ztk{0jcaQRV-T@3lb1axg^nGmu=he%!7Z<R(QtqtphBxEF%%yYPD<)g?-RpzGvgIN-
z*+D8e4s0Ghiu=!6K3&$Q+7Kc>s?<o9<x&zg>A0rAfret~xG)R$cCVg1+a|llU2zd7
zRUS*09i{wNBnm>7;;O2{As;lw`R3v#7OxYC2=l}vk{r=x(?gg#Sh!_E=vNpHI(G{j
zd6X{ak1X{nLTTbg*aBBq_T7z}KF3*U<rV1}8M!f=UeIC{<Fe^`OdT!V@|$O}lOv8S
z*{TQD%SH}tZa9+{V5*^XQfIUaiOw(im5GzdTJa+%j2eVOMedh3$NpFGH>5fiNj}{?
zE*Uwnx%sxYbc<@9aWK;U)W_NJb(Zp9WLR0(tBbr_K0-C1$Zu*=Wqd&kd;FPuB0{Rr
zpQGa=*F&rl9i`O=oiJ#56kk`|4dC6cZc7~Lrl)RV&E5N*CFf^7jRf|y7&dhf`a~mr
zK}DWcL&8x_uC&<&+tFCAm;S<^BZU8TDd4_C1AKp#O)(dP$OBcqmEh^}G1imln1;Qu
z1N(7&PY8eHwEAkaVaj~Dl7L8`yghHL9Qj@${K{;8HvQ|eW56lt?3At2J=KFti;Va<
zPz1x?G<UNVldnE!C$gF@8OHSoJbo&1m)&~_zw5r1?C+}3^-!-?9=-HJM%%C&pC)_h
zZz2vF;Tn`5Aw$$NEY3-0#NcPxCdiYDJeMr{Ojvp(lKdiMyu(sv!hcqDz7}`vQxqXw
z)?+ES_fD4}_l4v>o)v$i*o1}qUFPqMY||}XYJHiReZ7?TN#NnJPX>hW%(7Z<r~bB&
zeS&wkO6$&=jMrym2frbTi(K39QPgV@y<eg~x(jx!Ju)<dhsWM0xb}Ve=vuGZw2$Mn
zA9XeOJ1t}Jplk3wkCfSs=Dsic)F-Q5Q=^q7+MfRK;W#Rl&Ua2c;6ZqCe721k(Iu2K
zS$k%1+lQr6b#L18DKPP$!)(V}XHplI%B<HVX;C<{x8cewA7?)Lb@oote6!{4B;Q!q
z(Dt4?o~gB~yKn3`c?QyGlwUT5v?udCl>4D|xuci;|GiIfjpw|~k?tg^Q8$vob8KnO
zBPG|5XZi98^#x;m9PIY7?_(P*2*D?)_0-fN2g41sgr$Cb!o4)I!}zRCsk&bUY?Z5U
zPDIfKWwN^Z{LsJn?9R3!Ew6Rvj;wDyLzzpn6CI-+^+of`jHTl$cCXui8ka5<N!+OC
zo^>zf5gc0#?hV})e2V(awVh*4=a5$JhAQnrsbD>a!81)wyJaT!54BFsHQH=LFYj-U
zcmNrT#wEV)>gFCtT$U$mERY|stRxlEGdkyPa^Rna>!dT^;ZDx$$ENG0=a<r%)QdCL
z!Y)!Z#shs;)?$~!ihl(cze=CFT;BKI>QaF!p;Tf$yoBhvy~$B|o0fXXk}EZ}BG>;I
zW~r4lB{R6Pc+)Xz{kPX|ulTt<hOBe#<SXP=*@d_}s9B?@>ZY<~9AdWoYBG6->$YPX
zqTRUw71ldp$F6L5IE3+6Q~sT#&n5IA&G{?re`Pg3*t;%O9nAMUdOE#ze~m8N=b!XG
zl^EzF*g8fCxG#ZwVA7_TkdaZGB@uJ(;!V^mP)E-6@>kA&Cxyoa*XZW>r%}}PcvWTS
zR!me*ZtS+ZiGhxia$(mI+=q;;XE-%|HZ;8gp1KS+$@o+r^6CZZg#%k^uUJ~TZ6mr|
z+4Kd*kOhtzQ7zBI`Kd)W=!`=ovO<yHwC?&a>~q)Pvs9;Mb#)rI`L$b1U%Y-to;1Bv
z?FD&Hd1HtV6;tz@)TL-HeT+vr*zd{olFwF&KW<fa1&a0I_yKrA8FFeHO~~6~v}8q1
zfjzD%=jY8GY{^VnyKC^jP=P)EYEQM3>-c6>&WP-!8=)HzplJ}`!&A9uO%4nznO_^;
z$2I#MTm~o8W&<NQY_clt39q=ccmC+8zrnkP9C6_#MmieYa8$6<-J~-VZuru|DLv+g
z<*nP!{Wxx}?{}2m;0gpXS?(qyLzms7NIUZwbEoG>`LEB4DANxTwZ{OjL#Y=sw3@tl
z{HK<FP#<$#KdB~8^C`gD$+CLK(LI`CYT9KbyVv(!{ZsB;C_WgN-9a;lFw>113rp1J
zEQDNc<jR)6+@*)|U-xL9Ehim2Yv#*<IQL$V55EvR;YmGP5!WSoHkR~!^jYWqhMl!9
z;pERM=6c4%#GBVzT3@Ta9FZdkaFt)B3Q~HE6#!1@?{FRn(e<8(&X>hS_PYezDD%vR
znNj<jdn|EKFG73R^=S^bi;D?OjYhv~eI4wmDM6dV@4Acb5TXyO(#}~XWr?$XyQ#y$
z0mp26T)SjwVV|H*$i?Y)aDb&75AnKUUgFKIkRN?z-N!R~=^RuhR`$9ETo$|VEmenu
z8{(8K*Df`h(q^|bvU<H_*#-v_nik#xV>XqB3ej%SD}9^MD+D$NSieDrnHypx8N!ku
z^~NKJVYLU-P2y_nB+Et~=0K9}7o<S~<469ILX1JIB5r=gcRY_7mwK3UY%CU8PC*mA
z{CEp}$QCD7G!g_(b9Lb#=3Ibi_@A)c*fH00Vb31LfuIXn@-)?WRGiYkzn}dzXk1PR
zK$K?iUF^R_o^-n1l?QfT??@VF@`r@eP4IR$irW)a$r-_CxRpoZziwpwKrc&#X-oGf
zbe-6X)}E~=oj$D>@L2p8glvcJq+RyU`j$%&5ZVcq9Oe{G%cOmxtjn~=N*|u5wckmC
z(nmwdq|W9Z1KxKJRiF!?B3hccH^m5D8<QRH>^qV&Brj7{tVNVxUYo25eT)+CJk1^*
ze8JL9i<?OT6#f$6b(^qcN##bdbUu<wsd*|{=0m)G2Znq-{qLRv2aHBhQKGd00V1sC
zj}mWstJ9N8|HgljdI{`>F<yBphIcJ09>AyXeD<}TyYB=e{Tu#E3WV%Wi8ywPfuYWd
zfEpdw56?Xb^9fxL%?ZZb*nbi#*3E$^<kIjeDWPfHlB=tj{06p$53Yvq2R0zK-}srT
z0;%D!jw%(bLjGNyShyc@Rr;j}RC>I*g<ok3EtD*CrM$5QdVjpEMJ3RB+v#S0j@hTA
z8=xXOB5}8&=CTh4YDyxln)rEVt4JL%V7wvr;4P6Co^YNDHG8el%wj#E?gUpCFV000
zI9GH`4{91D?cscx#OPXQ&vh?kx4aRnk;mpf$5Sz%psbvGu81Z0B6R`gGL|;YLg(^C
zM>PF$oWPzfvyWwI0#4w0SnOec{p0delt58n+!=g7I0@>m0^G`N>z|M5F(=~P7mROi
zUR?-Hw<ryF<mzJm*pN;S))47)MN5lgBuUyRUW}5t+dtIOZ8T=v4|;TtJbqZ!I%k7-
zZ(8l}dK$W#y_Cr@+X{g==blTOhZoZCAK=qEHbSeHUcVcEyb=>jNdNpOBbQe$&PKq$
z%j@@*__oVya+PlmDc?P3+*1AwU>hz8qT4WMOnNR?_DQaL88_aNdvs7{HEapB<z@Ly
zPqiZ41O2+lfB#;dZ!Bnu=c1?Xe~fH-2W^#o<S=M{{{em15|Qz(hj*o%5V0ABBUgXC
zk}PY5{5%+g00&v%ctpnVStWU2z_{}+YHY0Y-~)OAHS`084@J*(p{T?-K7K2(r_2Op
z&&AxZgZ>BkoF6CNta#1|I^S^nN4}&&XYV$&$&Sq?#u#MNoPT)P2w8X=Hf;!_CtmBK
zs|j!TnA9*O4iuh_h5!D%61H#l034H;8|uL2Z*;)9&_|MGo@Dwl$;4|@v{SvmCAB`5
zp;8tEXbgw4d$pYhMz&*Xxct8t+Yfa8+=Y%jSq55MGQ3#OQYXy(GZH9!xad+HN;B(*
zo;wW;wkX4i)P(;X5pZ^w+eQjCWte}$CjG%xo)~CAsthlVp}yJMa2se^S^dBSFLHXF
zp+=Dr)cXIRZ<8O7n?QmAPLm4IZfW#xCA)}7r366PPeGv+{X-`C#4v1@_@GFde%S^`
z3KGmeAETW{(dCnJb`a*d7%%z*jr84&yq@6m7^>pjwG80VJSwIUPi-(3F$~uGVB~C1
z^lZ(-AFgTT|F0rpdYdkbtqp%rdQtb^aA)<2WEq?^6{3J0N4GGh??QBuLKgUMF*krL
zkI8QiHKU)v>9m3>U97kir3&Iux}sgP?X~e{g>q&E;277Nhu;uoc0L9`^NmIW(b%d4
z5Rz-y2-K-~XC45OoXP2}r)r(p8h)HG)KPAyPeIrQS5#uK5icJ=D|EXRfe*>v9`O?G
zq;iH2#(9QbVtE8D=tZdi#Xehzfo~&&?`XP*f~fzC2fq@_uvwzIS>goxqR-aw8l8zB
zU0d8S|8oUbfjv^UL@o{4qv9c4?r!Op1|3hsP}-}Bb>|=70YPdS8YI<{;lo7xS$ci*
zA)<4Zo(I>v1&>^S(E`^EpiRT}L+%l^$Jw;)fG1f_D3`F;t`^|@hs<&mVYGNU;1BG0
z%cHOnN&t!)J+mJ<83A`uWSP+e+F$MGP*RyE9dO7G(3Hu|<(Bz?g}#H0sQAA-jbFea
zuX7S_#sd&%q}@#bN^H&)IV2sJcL}A^&lP}jCid;$k|PBJgRh1b>1V(>NHfz*z7?aQ
z#YXjpflz0Wg@ZAiwc~Fum0=@fVJ5qJRIB8Le4c^l_^$|!93rl%NYJ$L2pnkZyfV9O
z1NZn4XCysWxHg>OaDL)VcFL~Vk<v_209eRZ43!pbK|n;KGYLR4Utk9{x(Xg;0Tnpy
zKT|fKL^*Om;wU@@315upGw161N<fw&?wO>E@hQc?Z|iZ`2sn3t5Q5q|A<N0ao&Vq}
zN-y2ci2V9~PtB8Y2Z{#ZbW%Fs2v%Z9wcEFk1-+29Jbe)5EX&eK>NNtw4dAS)oCH#|
zb^5Hix{UEiEc6UpJ%twGQc+)sMXzM(XrZ^a;0jMT2SbS=&__?a7{0++CS7%4Yrp|D
z+ol;e3aw>P0V#3z;btiDfMyA~sKn|mpSN@~ATn4Vg5(`N=Ou0IZ!n=uWH7u2B+*Z+
zxJN#NEwE<OW(9b%_viwV(hV~t2MY2CqNg=gGZ+_ac%@{SQ#6C&Egg<49CAoIF)tO$
zKjiLk?c2{RbO2^dqtB>00ik*@0Wk;Q!sx)&Wpd4G;*qDYmU=qaPAIl#ph@okYN82u
zvha9B0t`UCSzMJZ#6Q~20L#4v0qta<DmUmziF#_bF#!7OLm6Z{7z`nJTONG@Dv)DR
z45<!~j8gzbILeqDsTE7T`KvG<h{ndc9nh)0t%w+0i;eh#w$Y07T}ElISg_KYmjcS5
zS;rvLTT1DwJ&31vY<o->K)YL9#04LZg8$*6GVmiB8?pa{;adW~43Lp?pt&g&?B@xz
z5nYR4j99|8)!mHpoUBIHaYKY63<Ops@pZu50Rj>UiRT@=<*>2|BSAnSGWN58)JbH(
z!UYxS_%YNfjt$;G)450_MEkKrhe0YEejHY&U4RlpC@DuBNrUZ`s}K&yFko@eubl<Y
z6Ak29A8qTh%I0L0KLs-<Lby(zxr)x=>3oJNMVk^sm?4cEd-)NnG>U)Wf}eeY02Ty7
zny!u34sD9U{X)#>WuOx4w%Zpr3E$fXX(?5h90Ys^r<|zl?GXc@3Gr?!#fQW)U>Tu*
z--0fb^xUNBE6F{Lp>|m|hyxtc_6C4rrGy|T>^*EmDPT5u^)yPo<QIJL9!7alAhQI5
z9O6hCeMB<fphn{o0ciq^&MiJh$>j4WQr?(?A^_u@iapx-vi-ht6H7NKJq9#F`}A`=
zEb-^-dANip2JHYM7Lt>}j5|8wTM7IIjv2i+l^EZMy7ZfAXhaCKfPfvYLjwm=%^LXM
zQ)~?+36cH#42aN3bYhis8lY9XB_i@rvdrIA^$4s(-ljNyfoT+21?7)M_;5g-(P0Q8
z!C;$$4t<)D0kv)zKBQa{T#Ai&3U=7Gj@SPs7Oau^It0f~F$^TQ_aq|Xc+;N0H3{g8
zc&Bps>~TC|0V?t@^cXBoo~70Gz7wPYA0m$dgx{)Ys3Fe+CU1Nzv;#f)$Is*c7#;IV
zd~|RcHUd=@0&M(L=}|zOjlXa!Pm^c3@{6sa!0dB}t<eE&t3hlFfhcI4&c10Pu~{^Z
zW7W|NBn6-eylg+&4~-+7Po-C%*HU(zayr23{2qWSDvkzB^z*8o&HECN#~=m24;!L`
z?rkOXNiaurd1+v@U&E~{OX<M7P|o&a1it{MDftf(*e5)i)J9SHS$mR~<u6!E!)_jw
z5AY-$NrQrHmIM-HcY}(sna|qR!7Ronk=6UK1LT&oFNzs?hT?SO%DI}yTCf}H1bhCk
zDjw)$>u@i?bsuL#!hz$zS8S<%c$mj|^)L+#N+kq>hLCII=}48m39kQ9ah2n+7I`eF
z^ZGVxxT?f<<1-xVJ7fDC=sIbQp8Peg<E6+zn$e02wFrhd$7+NHPuLzkauEbfyG%BE
zsXAyP?5;TC4d*tIL$jy=xN(8S)L}!EAvS58t|C37zzFY_OfB73Vi=s~Kna8fncA01
zLyv+4CEl?hI7%`{e1%20_`;Pn<WVlrWd_$7L|8XVRh=Q749<e$2?-Lgex4xqjDz%|
zCLY&$PR53G3&Xd6SMxzPoF72M`4-)jZ*gvu5OE1g?<YH=AB3?c(m0IO+BzJ!ILiP9
z&V#o)Zk6(ju%I={WY3wYSO(__=s?m$Bc5Ll{uQ4>$ViDdXR^F$6gd<92+6ND34BLj
zuVKVxpp_wp=g4Ww3@-|U9GK6uHSG1;oX8l6LgUL~pd^P!4j68YM_#yUU>YutoLNh;
z4nR{om(aT!8cuA;gzrrewu}r2TeSnzb8$PMDeN#B=YL~)zQV5q=d%Q7|3UVIhe^8{
zsBoSh{PoYe4h@MszQ&O1V>`R^W47d61&-7mM>W)T?lGi?xfr#Tp>?Peap^W_M9$03
z&M6K??La8I2$=G=)}gX<Il!DcJET}K_JZ*eh|194DU@-S{f<yAApWxEM0(8)-)<+z
zJ|1#aH3lw~SfyutSC?`;oh{880UqB)eI3=z603C|NM1)X<Ol*832Ovd4v^WxBnYTN
zvatww(3?p_o|9=!GZKJP!+AUISppvU2df+^OGCN!GLsu!V-Y8lHh4dI+%(}2*}6^!
z)>vr-xv~R}TG<k;5$iBvDE|Q{eO94Bn|g*@NfJl6Vb?KK9u6l4Ksn#sGOQgWVGwxh
zHc0t8V?B?0;MHph&0`~hz}r$7-t5@^;JX0I&%k(M@KY?p4FW0*hP<mZ)Cv~)*G?-o
zxM|f3hj7FF&Y`&@sFIGuRT~K3>co*x5P>Ac@Yowr=nh2Q1umRQIPz_nb0WXNidWX6
zR^0SU49UGC{Nyfe9hlI28+q}9JjC?>3V^)bjM|XDlP64X8Be$FlZ%G*aaKdGRs0Ub
zsm&-|NmBV{!p#pkIxQ#M3OObG+=v&%58jKnx%Y6~)ASynEM~t2OPl0fW<Cdt$62)C
z$`03J|CKMQSyQ3z;UUEX8yjo)`<E*nCe~`EevCPET<Kha%jXJ$v88{T^B8i{IYk~U
zvBy;ELVCm_x)J9nvlIE6C&aR|b1I;S*eG@eUh(2ybRo|Y*h0%sA*a%=i@Z2mSLAp5
z5IA_}d;|6J{t0_AF68TDAr_h4@LJm7MWQKGov6S4UACz<&4@{RPQp+pBvgD*{~U;&
z%Q|NIQP`_l<)_G#ZA?ZU(b$~1p^G=sE<#m~%K;<SJQ3+9V58b~8h)bZL9~~e;a&3{
zJp|2ppm`Fua73ry;2j{U7-&Im$Jecuo<hDP09766BOwv#-L?G_p(cBgKSoD5Y(<&9
z#hM0I6yR4g$7<D^UO1&PM=YDe=vVUL&fbZmEB~sq?jJ(FWI+EDY=dURMqjk;?Qx!=
z?+Yf3+G{B3wU$81lj!66HAZ`p^dm5ALI1>RVM(e8f_z<AB6`O;`J}Q&oJFb5kb`~W
zsqd$8j)hp357Mm39|$Ay-Tik!L?y*zld79ZbNWva4{j!-hIr8LQ*Fwu6vK!nASpHW
zNZ)VY#dJX81jayb{2}zWXHC|=Vn^Qj3FPhO8N6S9*en06Q^+A;LSnhditpkJXf1yv
zCJB*wAjBg5_dZc755iZL6LDKTFib{2`w4#oPx8;F!R$?@c#fPioFdnL&);6G2Ik3&
zI!SN}GuRp&;aCjE@2;uAdS3(`^_KxErS!MF07x%-Zqv&Y29H2}z(i@`%LAhV18nTR
z@s@A!@8Nr(rtzWhp#D}5MVL#8aB;C#g<p6N?99F!;O0+3`KysU#QJ8faM(y7h!N&q
z|5QMq#7=~?pGEo<8+XU;#%q9f!}c0|JVyi*4BdTDYfunftaLBu^h1!6lTQ(61|}ot
zB*M?2bNus3u#mF@%R~oP(<N1?It*35>@g}fAiUOFP8)c^1nhTN5$_AU5(u|@f%5kk
zSndNFWT4cS8FPFhP)*F33E7cbiAY<qi5`#L6mQC+D>)aSsMKIhZZI9OO%6{3qs~2$
zNi+cQ@Xy;4(VZ*ALN%;<)8>h)!>z?&d?xRb7!crF2un$N+V^vtZ_ss=bB84fX~3kr
zrx5u)XAQTQobMo1dV&cJ6(ww=7$T`Rd6OGBGXCsz6pUJP+k)hL?dzEe(1i4(w8TM?
zYh8;TWL{YR2jfn?@d7MMgV(+NEY$a>d`fKi&El-hzzNz8Ibk|}1*$chFd^k<B1Pn-
z@Y^*M*;n3gMYKIvH3tVk7^GzYmvc2zgZ!Xz9yKY#72|<wqtL;`<Om1pB{tEKFDe+L
z{GJ)ncHPH4{T;iq<{*i{&(MvWp9Wp#gQvOrcuP&<mWq;D5&bj45{SN#Q*W3t`RF5{
z7*iA<bfmsp^%V3_gp&hd{8v6N&Ztb8s)t_i*~}kKu>)p5#9%W2H&WdVhUAF3LX{dl
zQTS}=#6Mz`g#H%!G~o2fWkd3Dkky>jc;a_dos1+Ak_q77LjF1TSY=$mHyRzSsSV>3
z8<g7SiD0)u5=2<}E8jSOR3nPqjO^_o@A~eg3V>P`pcdv~{Lwh{*9OG$$qRpBrPFa+
zoqJ%Ws<J@x5@345$Uxug<5Ykwe5k7F7~rr6Us<cbUae~{1$*tgNn?6-8iZzSv4iYB
z#PqtN$Td~PuY5Hk?AggINJR9?Y4YrHZ+qaQEfGfMiCbwsr+ohAsf>$)wD0k^CAWi#
zS}<p5cockw4;z)n{VioHLb`L@K;0Z9yFmUZ2R0Uj<cP0|1c9pyw(_yhaE{-m0_udg
zkW<kh64qqx#c`GK{V<&CbOup|OPJva4%p#E&<^$B*OY{E|3Be4rQ4;QHs%c4TrzS@
z4W!!rgdyVdJa`c7QPJ)1)nN9_C6OlzfRiiWRJbq70yilOYZLZ$B$rcTw&t+cl<kaj
zV7s%y9p$cTF9TI36SJ5M;K>OdKyc5&|BbG*RS_}h9H3iv3cikn*6q153h2rLy4Hkz
z123>n+WRC7x1=a(4Q>Z1BPC@BYhp{!K$qK>kP`-uUCg511<KY3*tO!n>ww&H|2~eX
zUZ~E>He^CBgReOC_LR@XPL)i~(mG&tPtya8+*qL621wi=vm+c&;-2<7H>zarE`1HP
ztKB0Qxv4-kr#q}jx(?Ldf!Z+@{ynAFp;l%gme>otxdp(aeE-7y<PP?tAYardcOw&g
zgyqMtA4Fwcbz9(rsKQZ>Cy$_OvC6pI9z?q}lN(>$KanZJ1z$SnP1Zg@5n6Ti{eD^$
ziAb&7Ke!KLC#k>X!=+Xeh7&G6@s<AM9e}k*NjWY6XmN*iTyTyQIbnkr@3<_o5T|0Q
zghVjE#t&Y_?6Qd4nsW?H!>K+{T>^i6+;>pjh)9)#gL)t+r=B7?7pRF_CFPj^bW&XM
ziP<g8$O-?d8}oLt1BHfQCT!oa8RaNFzH&p2G7yEyXoc#dT5^%)xQ-N7<Odb4B>W8v
z=C8P|Vgm#3tx_1gi%GD8lLs&&d(;2yv`T2i-@2EKXwO}hBXocv-S!lT*w18?lgfF3
zAtI()oG=AeigXHT2%mYcbixE*S^whivJ!GaLs^d>>l+R<SgXKTwqUBPVjGh%33qoQ
z&TqqP*qk~lLX?mmcC<2<VdIQ%(0TH4H+aH2u_wr9ir5B{>pTsM+v@_{$FoQ2d&%)3
z4cL*zp_j1q4s!<NAQ;m_O#qBNza}64IMA;e5I~j!4*Ei^Nt0B!wkvt(o7=wMg$d!H
zEHp#!!dIusO<>sM)j$+)9|FC^vkNA&AkMnp@r$A4jFsN@{yavwV}69gqYxCW%2!34
zzyy6$-@d~X{{gda#Dqv|!1_M|s22t=>XOfwF(A?pdY;hQFiy}w*<>3M7kOReLy$%7
zo1;S)Pm!-c18T!v%!+>K69{o+_QA#w+_9AD9P=1=<HO;{=m2l8U&i(S0Hc!3j*$4E
z+7qgukq2TiYG7S2N@>Lh9RpiwA&EG9gSI?Z_{ujt)fW;waODJo@aWbQ^-u60;6mgD
z(2<YLF?YyDs$DF`@qq^jk0uFDF9DZsTtXTa#i6sMcYwbeS>p^NIDus1f&ssC<6eZs
z2CMoCt1{zfj}6N7LbP+wO#5yS*8tB0pBRu7K>GzMhW7k@T%`$6Kh%SrzE|_DTa^zf
zfM6yE;8Z`r?i6EvR0+wM_m++HIa2eof8rkiT5$9ThjTgr>NwKYdKMP^@<q<>dk1mh
zfW`^%mdGnuP$4#IL9fONI$PE8PS1m|NrABa0V`>J6O^r5g`dNhrwfTNZq*r915W)m
zXF$H@3$a{O1FEYj13!ruKz<|*_H!WT4Pib!6t6xHJwvX;NVRT9OivYIg5Ai~TsVfD
z`<x;SXFb5J%d<Phf45dboX5T67LCc<ysQ|JIj|}vTcI=8;NMh*)HDo2^6%tq9I==O
zzt3a54f&FNU8F%87_>{qCtd(RmKQ6ETht}5gJ9x*BN4O{iCal|eig%-X9~rI5qXXq
zL`Iw@m}%K0cEm$~$tWTZ#Y%`hJLbDF%>7N42>yCM^gfUFh6Q7<`H4;P=#BG~M#dox
zar*?P9}s=O=w&>DPq=_^I^P8HUJm^oAojwNxg`Rrnz-V7FaReE5O5NvXSAq2Qdf7?
z+2u1ILYj;rc5pV%?cX?k7|F?kwbNSYjC9;PJxNqNvo(Udb#8wMCL7FAnh`t*3Q=qW
zKWOYEf7BACM5QV-4*9^LY!E6oxChe@jg(DTkVF`!$qgXP!Fperz0`%|ypfGo5q}8b
zewfrgq~SS;X<Qe0Hxi*T;}`H;`$pzIUu|+4aPBV1lXMJBvK2sFT3MkI1NFQBsV`q%
zVxkN}UxP5q!4Re(tfn7;QZN31grE>|t=ra!bQR^n&lo2NTzEj!N<@GPNoTr+2+<wi
z;~U7!kaL|HxfRg|^PZyvkNEd<`W}bEEq)hTI`l(7dKn_loM<QDzO^QM$L%0^&kDxH
zS05Vm#B2kM_kg@&4*-)`rFNvK8Pv!U_V6+|vqK<xgLp$Y9wMMlLl#7y2L?G$C{Pa4
z;qTjBdfN+;*BRw$#JSZauetvQW0QVeM7s@@5sAoK?=n@ZuE!zrJ2oUEi`~NCNOd6%
zm4MHeFR(aoeqcixvAShD66<S8K8bOPUkt17t}-)*OczMflPVB?2oX4@3*H`1L00qm
zaPiR~tI7Z*m-!aN6rJe?%#=WEG>LJ!=68UX!6Pq2ILwjFT}J={m34^&i1uB;@(_xp
z6@P$SWbq{*Az|eCMRW21x+&TP{5W+N9R^ItlG+A|2(pLu-Dbn!5yy0Je*$qa5(n>M
z@_?esK$KSK$mTTCCrt3?Wq6X8fs0RA%#H(X<$*6m{Lu&4Z-H=bYZ_p}RO=T?2_ts{
zu9AHzCEJ(gpiv;&$P^k;pwY<S-%4U{%z#vHU@}*Paiz#$HKspq(GgaE3ReFZR{ygf
z+SxnJ@S<{ffgDq|Mc#^syK&3#D_lHCVkb!A2VJ162XzGc{P%fF{mDbZscBphNv+4u
znaM=zwd8^YD}J;U@nB>!LcBXSF%ahzW6*cmJzc91Un&4Uan*-0sNbRPEdTwzrB}%*
zIIASCi0-@9gi-01sZ?KMpvlM<K7nWfzYVf_uPF9PBC=d8oBJcQ3U9SZ=$DIRYRP0$
zO@v>5+X2=kU*7k=eiavF%)2X<D@U)0s3JQUh0%&pf$*wFS_VOOfaPjv0lXK)y(P>v
zWe3^Iwj45?3|osOSck6ql8t~b%;y*o5-(6qLj}d0zal1xz<c)imdpOG<lmTP?nax$
zW{}utkC+hW0FX!QGZ2+56)!ve_WSVNs)(4X3aq!TzZbbf0WjeDv<1?KuufAL?c#=t
zy5?Z%nZg574I~F%UxKd*!wea`#O)WbP1^}`O1grERAB2q)m|pM#tb~`3ryv8Ca+_C
z-@Z_3+nb2Mk8Ollw9mi_g0tT9-m%FHJw?tH{+7b)%rZRISuY)#@nKlH#R+yk^@ckj
zLkpmskQ!m{+m+3op(`zSQ2X}+CZF>aHB22g+V)}q$yeBWYCneo1Bs1~F$u))HF4Fg
zY%g@`u4H9&Wb*sk;zQ?_34qBHC7^FFY|E_G*faFJP6`NGS;unxk##C>e>h}Bk)bq)
z!<5=<Fy#l<k!O8NR~DK+zrAwjgho{rwF={|pIQ3zJE|D)_)l97OzMeF8r^ubwWYUK
zIVMP(%v#3inpA9`z0cQ-Y;$H6ERwwx+87cV$Y;>Csw3^ps6+}0U`xZuWeQu%XQGI+
zF$2_QY0dS+gM|R(y)OuYZhpb}1M~dw(x<$w+1yWhTQ{w-9+ceg!1XbqG6%~o(BX6u
zY|3flT_6)caDzGN&(74?MvYh(7lom^&+F}%rP>M}8ObIrI*_Mg?P3z@-+}cDPZfYI
zEEqY2Zp+Q_p<h=tF$<1{JttG2kTTx|x$xG@xxNXnD*@7_A^D5$<si5MA6!Ja$UUOL
z<466~!XbRgg4{2>&gpwHxTYj7b1vvXRv`oIk)Z99Cw{%}s||Xd$Ay@#gw)Pd29S-*
zzFx60q~eC0Vq6|f7h}R@g*V!J3pe_v0=(}?LJA+YL&$kFTo+~^<7^xpem#QUn03JU
zanrK$Dd`GUJ8qntPEeSc3QwJ0n9*`CMfc|Z&*9_JbldU)2QkwOr9{3<!u7erH+w_3
z2mUV=COJ!Av$cO$#H1aIHEA6>uw!Yeykzm!VCwau22*|b8Yfs2gj5QWf90Bj>)jcx
z{s(c=wng^qSxjwbS~pe{C^AfKitmTcQ)H?Wi#0FUm-+F29;tV~#T!a~hAXQ78lL7U
z=2(#!KL3Zvba03N!Y}D9j<y1`+4cJeV~At#H+ntaSC*{?+B*vPIC#{&06dFdK{oV%
z{`~(I0eP2JLk2d`c`33>Iq^A80P8zNd?{=tJM@PbuD^;OyiVLBjJlVNI~s@w#o8rH
zMg1_LmAIncBTSehs_EO?=*RB~+v96aF2$QIrcfD>RWT-`9{YdH8O<&o#C^DL_HQ>9
zGG@*S51N2K&xjv$<3#o<npGa<4~Pv4BMZCZ!`j~t^WfN{ec#?yU`29-jH-R)D~OF@
zl#7oW#a9&vYcbhzeDQp4SmeBh8AK|@aY3&5P*=jaow)hi-?f@pI$PzD4`*4EUraL#
zJ3U+WAji^v@vDdpF8P-Grh74J%QUlQGz}yYDsQ$v$>PJyHL-}b9zs4?wHh<XRKNKy
z#GbEPQ%S169@<xvxqG9i){P%IuWa?JX@G~)!zuhZ5~Fp{454ole_Xne<f#`XHrVdE
z+8Kr;6ob;{azh}Vu*c7Sb%1y}VcMxWoa{-+yjac+UC3-kKm1arKd7wcV14ikwd#YP
zM~<;0CmgnM4$0_0t`)vwz6)Ntzb<kcO)v07P3aXXJxC}qz}u4rkS8?jfeVzs`v*m8
z4y~`vzJwgJ=-CS&|MA83?4SKkG_d+Pgr<r^9iAcDc}=X{l!0HYp?C6|RR+Z2VEDx~
z-sD3LbywzEVnS0pD91V+6j_i{NA1(5IHKgNhKKmQGQld}x-N38?wz$5yHD{416yH&
z7QE$sH_4>nlH`odH%V!D8vVshXfpqUXel*+FChERPNffr;3(2pBg~oK@kD8Yq8xm!
z$#xrjo0!Qc{YpyGtriWb#gBfy-#R__!v!Ga6?^!^`2!&%3k{h;Gp;o+wd3GlKIkIy
zyuSM!4;D9btp%x3M(s@CQ=!Kmqs^YZ&A#xGC<gaFNThwjR)xRZ?e-7eOWzJJ)WZzt
zpT&gNJy*marqn%GHQ@mBWa1-Vh>KRp1MOTJq=XOVh&(=_XmPaL7+zdKN8Hof;SNtC
zoh?xQMRu8p38%hn?SM$hkTv<x$7RLExMwyc0*L5fpW;%cMLH|uAqlg1C}!`0ENk^5
zK$Mb)j`2V=+X9ShlMffvIG1sXyjj|YTqrw#Ofw(++6QY^NJv7G^*gvN^dGJe5TJj@
z0c+8}<&_}VfIt7!;D2!Ve<=^ra!g+#ZQ6rp_tY=s@{LmXB#Dvg`y*H{J@}Z&CoCIX
zc_<egv1H1Ld;VAER4(DHVq0cIZq01m*$7@{eCYY!@U*@?*K{#4b||w>U-SXT=xo7=
z;*~aveeUe*(4`mkayGktHJxNr8g#;(zQrDGa=@j=R@SZVTXH1}4!#=Fw|O`&)k=1m
zW9r0qa?x@UM%LbI2(L>Gno&w3FI`^B_*ebQKm2Z<&4^-ncc-}P+)SAK^FtR*ReKM7
zp4?e1o?yfHx~9EzE7QAom+Gi1wZfBJz6r$Yw50I<=aqTetKM#3cL=Uj8Jxm|$5e_B
z%8f+OuCHRE7yEyal|6V#bHS-h#FbQ@F{aU(>y=|K{IA@@tX7u^-J`ryuiD5Qox09<
zN5Rke@3!Y#Ocej#m+Tk~>HD*{cJjq+@DeoimfS|#QS>qVUcl}3tK_8-McZkH^tEdL
zY?bld(>IASv39JcJN&P%&eq2bmBNmzKWdL#3FfNv$hn1EJL1Pot7(O*6H_Da2Pq1%
zl?x`FT#XMuUiTfMe2%{{V>=sl&iCZMyo?uHKSuc_lfPk(Cj?z0-)Pl*^(0(VOnVJC
z*o=wN*ILfyXP<d<>05{rv88{ZaJulcz?9Yf?m+&5dY?DJYaQoC7p^Z_1a~a1NNSc?
zH%TauX5oF#D%}n`L1uhk8IHeB7~0-@qHhtB2KwZC!Ex*>^@?pvt130Q%z~GPTBdp1
zlWpgo*I<3HrSD$Ms&-7wNzI3(^JF-sC5_IhV)AvvtF5KphG%}Z3F=W9ymn?-^=kb?
z+g)D%XTSKw3>+nw<IHZW^hSg~{c+WiU(@ME!t!;G(Hk$Vb5{ma2LCP-n`I~)R3Bl@
zy}l>@r9C_Ia^^yvS@83&5_Qdz)s-TyO2L{E{)6`|;`h%6-GAk8`&rrlai58>qYYc^
z*>Ych@-E>%!8Mwg%sV@70YTe7LCqKH+2zbH?3uJC`ybzyI9N96Z~Nk_mgw9yP7#A{
zUjNiD+?2oXXxwKCEryEkP+}qeNLUQE`B3?o8J=c7k?3~ls)W<sE4smEK8{TVitEO~
z1FBEeix0LRnvLPk>UfqqI!pUp^f|C-`t<w!pZR*L(u4UJvFdY~zD}gm;)V)cnxtJi
z?8Knq?Hlg1GEX{nvzOA@PCw4_XZ~{bb5qhTxyXYPV<OGb?#KDmXetV^ca%K`n*M#x
z#4JIEkgL(AGB^3wyEFr*s+=QL@9$A}Nktws5VVXx(CN`|x;3h2sbS>~QCcKhp(sR`
z>0O>yu)p>+nXnk6$1Z8*_4jmLUCr*RT7w~!i;+#oxV+Mqzyp`pw+vIxWGD#y_*<M=
zJh>`9Na8=F8@^iWsC}b-bmaZD!9DM1ReiRmc|!k+8ht??-%F~bf6KjZSDI>cjwHXk
zeXx&fI$d>DW7&*6*%w1HTq!!$w@VglK)XuVqny;1rynm9$&~N<uy{>>th1tn=1F#v
z(qFmg_S*jN&zBz!*bC2vl{wBQ5+~lbY}+CAGRM>2>i$r0_F|SteSiDcdcz}r@6^u7
z$}bNS-MJfehHYic4BFdU28WerX!(-G(c*?>H`fk0C3WEmD}+kN_r_4KHE4%1(9L{A
zI<m84G?QuR3o$FkWxwAXcfPPwz3OXevrw(}(bj*78&hJltV~8t{ZoGWZKE**dtds?
zxL2zmSnjY<&>Ee%k^q|6)fDLAvR5{4@d)`Or9?aU`Tdizbt^=_o_^lO`bnt~#fjH@
zhYw6Ky^@I>Tc(xm9s47*0f#|jkV50Tul#<)h3Vaa>Nj0gHQ#$qT6qfx2EQL19tg(A
z#9tZN+U*(kK<M4XLQ?hJ8_jW<n5x3U9{sxIIW5@K2G<OVaA{`GTHedoQ-8*<T_i5`
zDyi5{(4lWPfA9Qd8m9=ae|T$~f#&Y%GW^D~SsCKQ!(CaAxb*uTFGx)7@aM0(7q=SK
z+B()YP^5f!vhlb?w?`(^KWSSZ!K;G>tTf?;g`iNfH|65N?63cl^_DI1p_TJ_C#mGq
ziT0QBsXbm?r3S$%<uQfS?_49h?AaeC2rlduW=)oU=u~*h(b>_OTV{2=&A$DGiipq8
z+>Uj#!%rHPYP?i0QavwezHx-_jQu)0-9o&9i}xHl?97@RS6Vz`XPGS>sU~_{XR>0s
z<(I*z=j}Z2Rx_Kzpd%kw4_wtBDLB`eksVa&aIbC^@|CMU-tSrL41Wb@zQxZBWtAkS
zc4phfxj*(u8E%~9&mFHn)QMFdel>AN^+2FwaA{R>ob*d+M>nRmgF`=RjgBPWviER2
z#g23ENbNiR{@Mse>4Wo@QU6KXN`v66x+rLD@3H<F6GdKH?ckov9oJ$_rk)XOoo-qm
zIp)pPG?=05^!ik*w67Yiu{e~N#S|O*<O1{hxP$fjqyYcb>0O`jrJ7lDw|i>bk`E$U
z`>r~7u+W71!+KxVXoZp-OTWy#nRmhX+zyzK`@K<qeOPAS!R$*TTRvCo777Uqr+G$)
zDh@{cdQzV`RFUZ<Zn#&Qz4J<&|8l8<g4hhhQ90q|>HfSMs+#$Nj`urM`TSIQd8;y?
zUi2VG4Ti2;?pXeeDqq!@(~{(r7;e)1LBeJ0e|henS-h`YinLY-iKn>*!fxAg%lTax
zO3=?<Exi=?(rGlVrDt_=Ki8s4N9_E@CsO^!vTu+cKD41EQULF#e5bQ+>0?D2_20(1
zd#TxXVz^VLV~Gp;p@FiFTo#F5bE;V;QtDcSDdNhz7VF{0Nd6PUm)6SjZeZ?rwDL4=
zadXUlbtkFxo#K5>?C9*Sy*;mJT)_4^rx81=jeXN`F=6C=xms6`n)G_}^+~aZa5Y}1
z6euW+w#O|Rk~{yDbQv)&2lj<eStKQ-@J(FUJ+a;ipF`(AT33hlc0S)9QMK@jcv`nx
z0G|>bbT9ROT<e`1w-)rgo^+U+au4-6u{o{PoVz)p23FduTQzIP|3%YRN442J;g<3N
zElw#KC=M+y#VPI%#ob+#;sM%X!L7KpxVr^y@t{SDOMyV3c+j9XzkAR9FXtpX*?DJo
z=GmF&o#jW&J++ZrjO7=5Ds~CnUheDu(#@SRhJZZ+BsY{4Sp(xk9P<}6OdWM)QbgP9
zMoRJ<>l*_jr2f&3J^!qs=&=$>1nFOi-Bc9BCEv~fygQ~id-njEyuHEp7O5(q&-o60
zH+sH%D(-2Xz(QAtqdt(q)G<Ajv9>PN>^7!3V9(gdpI?WMAe9{)fsHP}&&e8^ip+i4
zaX!^EBQ9tefkJk*i5Jtde83r`%oI<N1|b*DHTtXbMiQu-Y7c+zAR~I9Wf7?QlTGtj
zYB47HZD*Rmzl3*@2PJhDXNft0gTsnHk3|p1bZ0GH6w&^^KPW}t9i(sHZ0xl6<U0Ly
z>V}rDH-73&i<r?VSkQuq^ib9Y)lrK6x{4R^@xBhPK~2ZYOVqZP5IZ|IyTJOqjz@!m
zOPclV=c0HNP~x+%vT(6R-FH*$kwnxzChOI|wkG$>GK9k|xg<ENvnQB(0PYt}KrXG*
z96_2WIOcS&_eD5$@P+UI!b0Yb01dRfyww<HiXkpWWi$%~bVuhi$oQA(J-r(><wMw}
zZRv<LSH+tT!qFo;4*ab%$h4%Kw|TFRkOK-2m}9Mf|LgJ_SlFJTBg0MBZ!>QF*t~Gf
z^yV!s=T`1|2c@LhjrtE_V|&q&ktGkrZnoe~g0I)XIqD0EXy;qYYePtNtCHe9<MP26
z$$<(E*W=pgMr8p-e;<t2_38}7y8O{()z>d(WT$YFE7CP#g}EjhDCAi?9B9zI;5*YW
z=Ue4vxxupRUs57b*R-BW)U3tv@A7jw7xK+%xl<8>^YCeLv5fF60>p9G_PT$9%V3Vk
z#eM}MP((oVHnQ`*IXlZYfg{P+4MlEqs)YPNj3Wwp!0s7dk(ogHa{d&wtFJR=^B~OQ
z#ew|-gtn02I(|E3{;p7=*HpCWG@it>3e~MJ`Aw|R-aRALtMOUZ;7H5m?s9wR!1Q#;
zM(nohRv@VM+xVye$Nf^HL#o2S$@o^+<b-<D`uQ?4B<$bl0fM4%qBidQ#&q_HC_a~g
z%JRKd$2rrw_FKhy{q^q-e5kKZQwUSb#x>z*Bv5*9LfO|$2ON&}@Q%--{Vq)VPDiLN
zb?A=~ERr=@zQ$T$a2;yU%Ne_g#HruYuxAjYI?xI5@;tk_ksNC&KN5=XS0TY6i%IrL
zJD^0k!4mzq9is0-cU_y%$KBz{t)LyGw($uJMi`TPnUu=V8+dT{(;nd4S7X|fpJy5u
zl-5LbOzrJ8kO&fM{nUKScw28H^6<FEjpjxu@U7nLu90x4DOF7(uyUmAtOL2IoWr}g
zpXisbl7RCZ?~nXkcYs2t(IiC9BMayZLJ@iM8aoLT1R`e=p3QOPiQTK?jwI@HYZd|#
zaa2B?`o*$PsVUyqQ+mX?qB3t`#x+q|y*O_2GL5<3$pAArekCoMYvOKh@!4Xnw5)@x
z2V+DAt~3gG*0i6^R*<w)y&zDSN5@4QFIA8cJEAZ)^{)D8R<Bbj*KpG4bLqYB2X?|<
z_DD}NLH9${=g79T?a|htU~ATp+0`aWkLIgENT>4fmR1xsc<64@ixc$^$mxtY3|#r%
zRr_dqgqI@9!A}USmG|&!=(uuk1}kvJ>PaQ~_7;44?@OGe)iCuoQcETyEqTZ?DIr$q
z>2!wMNyB~$ak+gu3n9wr-F&~0$3)2G`6_<6{QShg1B{IBlAM4mLQ9X=ez$ho4wS`g
zI+R{d=K#1CWFLH*uQheOJC7~GrrLd>iYJAW2djry2z%O}MvYYKuaB~~hXOYahco<L
z_`tU<HA3!bSaskYWp-*oh?&rq#u?%zK@W!2Ch%$%HvLGH6r-3o3q`@QND`Cc=hv9?
zov#E0AJ#?<WkA@Pwcac6%P~V&s}*-M{0vk;bp9%}@$ZoZDJfTX*mA*vpV^3Lp69Qg
zMv1z%-{0a>B6bYnbS<39=?736%Fs9ZkHpiGsG`fPJsc%@quA=lun{v%<^l)AF&f<{
zb9@lNp_!(z@F1;PE|{uP0Ka>@2a<XQW+j75j@hP()@`%MT#%iAU@h9)Qzzt?nL5qQ
z25#Cb_S0KFgI-w$1Q)vofz|{2(?miUF)QV2KYTAu^A=F#htni<Jcmrb^@89hen+?|
zXFou+;j25xJIhH);+0SAw}bs9g{_#dqnJ%~M2&sXCGg8Oc=40nMXX?PQ91(TaqAU0
z;L$i8C^`gI8@MjAT-6sVKRubB9P~1PA9LL<FT5{40uuaM<va>g2t%W+TJhKY_TB67
zUss{!WAcgirFjcl?@kEZE#}-%r=CqFWXxlR&06vPNmsVn=mO@!?`~Cg7avIk>Cx&U
ze1*hy^u?^ihplgWbRh=^KAH%QWhlI_+dj-0c!shJ^iswOZJLk1QM?Z@8d&DKyEPR2
z{s6rGYe_DowoPsf9&4-VN%nMARyvy8Uv1y*-s%3)X0@`}Fg9Nda@e#9xkuIX4GD6Z
zafjbE?6FzCBX7jUN)s;wC7oVE{3wKKtx49Hw~F^TI+Yc6rVu+!SLouVlc`&7gz@R$
zdJZx@c+VEr86tpWrR_aIXiWg%m?UbOX@0iI7~&|OYvK_p`vIQwT686VuEHsei(M+B
zjnfRSG5N8DLf|wPl2iO+2Jxx(<b0w}Op0@zoy0O;G8NCb7tOX<ean(2UU2RM?Pq$!
z1mIMZ6uFm&2K=#@bY#8A@u?GmbC0hyOOW+eIN$BKF44vMSFDfQz_GJXRzZpF>olyi
zY1d(W9oscsoQ8o8y3pxCExbYH^f)TNKOf5I^zkkC_2TSQ4r$Lc#NQemgL^E|O@kC0
znSlhSo<VsDd`}i!fCj_+0D~WtS(A0vfZgR8(J)oMl&sOVUBU@rt{M*GfT916nl0?{
zgm?OGpr*@m&7|+Q9R4nO-&k9BD?6}Jv_Cpu6m_a7uuLM9&^cd{>tq5428v24hTG{|
z-CvX;b;op31q$$)SLv7UVm7YORlK=sf(4#B(Kny@04ETU;#_Myy<w9yPUWG*LDJaG
z@sXz)#ov&eFTz8ct`W4v#$o`9{sqrBoMfaQ3jENqoI<Sem+pvRTPXR1vnqRL(MF}&
zhLB&Nlt5ppYTJ#>#IpCSjfjf9oW`)Ozr_IGbb)%@XWR-i8U7GvUyev|j;vO^%U-IH
zh;5=cDJgnDoHF-LvO?Uj%Aow@K6r<3A<oQLi1G{g6zq0U6{L*C^jNdZOjxGaRd&jI
zF;7^dBQ6Q0)YLULZQ^?_+J6-e<TAEGderKn<<nS@NAW0d*13Pb62=@G{9n%8f--I<
zk1-)Z^6FCs<$>r!sm;wOQ=Be2OJbuUC(~`7iRjkD83GnzUqHV56|(IzlRg#GpFHRl
zCQg}VHvD)4e1~Jz$X%h1mj2p;A}U|#i{dIV+%3HBb^ijB6?gS(Z~2QB^Aa0Q#HUGM
zNUu7t5|AoVO9fL6C7uRA<dGy3X{Dpn%FAe4*{WGs>-gEWA(O#xyYVkz;&cUAlq#0`
z938t(QXE}a+u&x{GA6aR-06v|&Ono0m}t5%yJei@^{a}^rgPB@^Bezrl;V<A!Vz__
zdyumgdGE)n^s#>UcrSsST{4hsVrt?0hx2$S&ucO>lQ=~v=+Qwww5f+veKLUb=?9Oa
zd6$~0G?ND|&;jnpl+Ox?Q?VG9)L;L}yL=vyWplIJ$6+7Fhw?{h<2l@-=WhMjLCH<j
z6c@)i6HgL^UN$-G>-p=Mwz<Hm7&_w&8rI$LXmaMU%kuG#&kn1v?fCc|6(tRXGCx~f
z{Gw3lR}L20Dw+97x%Q#2AIpJ%cTb*%CN!k(P<XXx0bS`%WnV81I1aK+@a~iwXe)a9
zpvZ1@7$VZ})eicx?6Ukjl`uBc;A4-4tpjuFHvtyE)X3!A*^~JGD*LZ5{q--T>Rf<9
zy;^88TrLDLHWUX&7e~R(Tkc|YyaFjOSRuTvkj{gFj918UxMe>#8vka?ZlkIGBis9(
zA$rT?QNieZE`Yj`#VldN-IZ>^Eb6LHlK)ruDo5V|i1V<`IS*1dTo9#H&BY{uOlaQ>
zk{evP6!pHzEw$-GULM&NN_jAn@sbyqdYua$$7+&uNnnKSju7x1mTKt3-PTrvgG?(j
z{|I)N`Uic1H9-kxLo?FfIsVQAG=#;CkMuI;&!Ab)`e&^Z!mfnx+^pmT?R1cL(>!#{
zWV~hABn4bU58HHX*G1c>3KX<X;~KJ(KA{on+I-NvtIcUCI!-dRPm)qhgg7Jrk=4h)
z)_&w(6Ttg#@KhsC(9TY=hpIsb%`fZNa__XKA>^uC(k4TX^D7E{%+ULpyTntggN}^0
z9QZ>j!B5EN`-PYj?JE8TG*@Xa+1U$#p~IhnLx}VKt<yh!m~xeyA=7MzsgVXxtXzPz
zQJZ#y;^&v+_e?e!?XVTettm3kjiBL8(?PEz$@1(=^d<}G=+OH)VorS4fc0d}Dg4Hp
zA0fuG!6mU2Ub_0$O&?#l;Y%ga+uox3hQ)Kyg~Pj6fE@d7i0<#@jpE#a(^;E#=5bo|
zJtIA@8?4bfG-DsFpwkd1g-hl2;4#*XR%0D@D?5*vMS)uV1@0T3-7b16wlnqsIm(8f
zdpRbL*GN`ANAWslz}!zcMnVq1uZUK}dG=2Hrn!As47BWZ^YOJ43bLww5C>5j9f?C%
z2Vvfz>n?~4!Lt7j5P$y*rcY8+la#r~-<O=-*F!D;7Wbb9k+wG(A!0Tkp_VpK%F76n
z(C8b}fkAsSS~SDQr_E(pKi2xo+XAs#ef)*qktLafj3?SS8~T7U5gOwwzVvYgk|#iN
zoen{1-t2;snE`$QC09L=%8zquLp;Mf5t%DwYX_5PpycK`6|1;OJQs~^wv1ks7D_kD
z?+=CCeB=XbAh(dcovd4<$Sw<dPdj8wUGA4`tiNDWyCWoZ-Ve$yFTa$p1`luCX`;dy
z->?G&fS`d;r7lsAWA3VH#G~Dh#jf|YTqgwQl4mo(d-N6Mp&}1$pa^6~Q(!<m?9|HF
zH=pk80P;}$m1NX=i*78azjy85`e`JD!{c&_r(M{rg+|Q*&UyaCUPNdMt5fPapMToP
zC1<wvYVf1+o!#&-v{2WK5pgxSP!es2_>Lrq>*JT@JG#AYPzXr=nsrswRUs*2Be&FU
zZv0(@Wy_Gnk)r>yE<`xk<@UugV{Ga*&(w}Y8Hn6U^5)D0R@g0s^i`#`a0C>gNVHNS
zS1#+E7xtRQ&O3Uo7>-FSicSn4TRrsh$8yNhp?r$Y!;6fb_3LkvbKvhX$JJ|lFAHyI
z#d;jv^K$4VEzh~;<4F(-xyJZ-)=TRToM!SlmJ(yDJf`HF#~;^8*W0?*;WyK67lT2e
z@YA@FCqCU@uR5Sz6cX;sM*LF;Qc9s6&f&dv9BH<&T)WfH5FGS}Abn;csc3%>FaqHD
z5SrPvKb-t+cwkcro1)EIWq{AV=w3p6@2&XuD~rrGM)(D~l0Wdnp3as<mLKD&37F3X
zE3aKzS4P-OH)2J&r}mv@rPNPLx$&r=JqXgVB8`E^kCSFA{L6c83ZH)w4xXy8JUR0o
zQ9m?wy^DJUp8vP(m<80%TG*{&dSi%R5ZMO9W4y+h(g{J3^_%CI=7h!E6Ylu@Yl<*l
z7Dy8Y(#2%bJ#1xDw_Ya3tC6#_{h%>jr*Oy>n!Ms#xB&YPFfk$@gYm9U@X`kVY81J1
zS1&;`7Kn+S53vo$^>U(@%#Z2lX-Dont2+ee=)|Zu+_vdaJ1!J+%&gQlL*b#8OF+r;
z{@7cj<&=8nd2g&p7o`WaS6?4{KiN%#2|7>wfn`gS#Bae3R4ar9+oM|{@Aug~{3-rT
zpfmw;quIO(C39~A+au0MrXY(Al*eKkI`=|6<I^4)&4L&^ktA#s7SZN^@6q=E$a<FK
z6}hmdl!iE;B=K{V>6Bnw-f{(fn+k~d3TM6pP2z@x4vfW$=F&{_ikf;P?h*A?TL;wv
zqGn?^b;<Da%-4(Q@)ow8769yX7F8J$vFNvyYACs>2DlKLOoiRGmD4D+=2$SOkGW{%
zz2d-iVd#BR-vdL2`B*f^ijte~@bz=i{1ByqI}cB{?r|D03|yEZzWt$ahgQJR7|h3L
zNhIO?N`N!Hkf6yDp4w>6ly90TDr)G04(yLf!ab;Lo0SE|i3NLLa8-ZdT8L>=&X?Sw
zCpa>967M&X%X920T4=Q*-m)uKC5H%~ZV@S&bZ|+Nvar{&_BX>*M54A!QmV@7_;@cd
zrWLhBv*Ts)gI=`aF^5P*>LdPwyu%p~n&GE#XjoGC=T);`f^Y&?H6RO#ah1W;W02u(
z7hw6c2fS}@3hE0LXI}QSh@bq`75P><!D8MQ>He2T9_*UZM4y3t<jwF1wBQ5Z@Q#-B
zBFQd2;5+cahcJ*%(m4CxJ-Oc`jRZnbGHT(-Cq|(e!M;N<HO44(y&|BS#-p5$R`Pah
z+jLn`^kzx}3?#XtTiE~AchtNuhGuPVu_$yd5CnQRBOF(*N{SwcI3t@<mjB_96tLqY
zE(oJxi^?_Ls8F|I|MEYNX+??&opq#xt_-j%STKX;rW~-%l2UiFYm$uk)4m463~Os^
zC*a{h69T6c#q$l$K_amfqH3X2HaFVU6T5EMPc+Rdze4<!*oFD;-2yb9YGtl*0^&n7
z143_-N^S~9mrkJ=bJhaE+fG>|p~>Lew1e^%_qAwFUAT$ao#K|3^J%=>WMJ^efsc4~
zi*d5FxGB()`yMX095Yv5M=$UvU02zJAMT)e*~wSqLhJ1%?p-R)Cs^*NzUf^k^KhH#
z;`{<S$we1)C0X{vJ%=a}xw#35bvV?$Z*!{h+2yrF*9&0YS5sy}#fJX&ek!$EqU*={
z-Y=tBx_HLh&}o`gEp9Ai1B6E&V6pVmRnsHC!BGA&y>_PWYQjf~PB-e3nT%P9^@Ku_
z=4{aEx(X1|ds;6d(L_0!4gQJ$XbDWs2mgKAS(@uhr`p7sdbbL#mCbQjh0`-wj)izK
zKM8YnR7@nGu8_M**1#)v^Q1W6b!I{~@*|Va_c2JD^RuO6JEK{USlPi8Pb6Meo64kt
zzdxzN=*0JU5J8<;;13N~nH^JHQ2@WC&%K)3<W3i><0fiNp&KvNGEpdKmuB~!XCWCg
zqDRU>2lW#<6qyBU)3q?Wj{3pX&7;ni*4wKjyjhb?)eM@P3Du`^U-3VpAW5v<S|@IE
zDf-{KoV1V}2{9cIKDhtv^zK$`T^K%)Rsm@l?U0_lpKQ4Si8g`KeJ93sYMHL0)6G8t
z<zoHhG4DIvX`AjRJLPdEuwWqboU*$bm(@hAT9vCmg&zh-Tt{<CgR8oT&uH>zp`@$V
zg=^>fx!~@93|y#xP!7~Rq^<dHr^8tZ*Wiem%O;5AB)aFJEIn^50Q3GxBm-0w4tC01
z*uQkW(NFMYseKT!LGP2FZRu{~%98&DYvlGvy@%g{8||+njB^7`n>P|oeJ5Zc;!=~>
zs}B!pgI?(&rt?|j!Z;fy2|3RB=VL+P{mVv>T;Bu)x(YCwNy?P9Hs84L6G;8fVp@bv
zMC+;dfsQmPQAxr`C|%j!QCTr(*LB&`NkyE7{Oq>0C;LNe>y%*?FdlZTuv&s;DO%tr
z#ku@+f!*dTNhQ_JVt%uSEPVt!o<DioTx3In8IO%p6Z1Ot*L}DtAi{D$%{wy>gH*MA
zw*&m#hFtjRsMA5O5Zuo(%BKCBJ^-#L=o!;`m+o<Y(t7f3A;<7_(HebGB@$z=bo#Nk
z(kllpIDik!8p{ebwtJKZtbeckYOnYkW*FPQMB?Y^U)v~_i<K?6Y{t@?7m{=k*;CAE
zQ_a96pbPtI*K9vYJ!Ytx-9vt8ENT@abW>5={yU^TFhC|m0q<6}r=#1R){i$&Mtr@c
z%i86Zvm_)yGIV396a5<t8bZio4>sNPcc)>BNpH#jRR)SCoh8TrDT2S3Yn=tnG(JN$
zI&CunE=*IepP^X)ba1^jfg|;w)&?5-U)=r*-mVWFNHsn6(c&6T5;kb&LQ)sfiwZ!;
zr%VgEaCG@3i;V0<@U%5}6nAZI0E&qFE*m)G@qgP&B3r!zS_(n=F+$$YlE*~glhzvC
z(mRJaW_WfV2S-*ul<~wbisKlgVel{3F~<9Kf(H-da2FsSG7?DBm}~<-%AX3288KFa
zrf(>aJ(i0O-PV&=tu1ao4tjkYyYJSC%gqWK4T@y~Ty;wtz3-*Wy2Du&UOs*{IHF(y
z3L#DQ)ZW#V*0AgkXu?ipSlQ}=C@B;KSJ=RBxb$TjS3lIO{Jn>Ne|R^|SFkeVv*Qqe
zaq9{t4vr-42(d7HZyPnQ0Ary58g^Z0MoMjiZs&mYX#yA?=vr>Dq1o*5T0Nso?a5s=
zcAGKz==m>M$%&q!C9$G&Q94S=w_Cr_6&I}*Z}(&Bry)+dv)vnkjjKgfMF)5v#2rZP
zHNZk}K$IBYA4|RNyQ0{6bll@Lw2%u<`@mKOF5R@eT+;x^waQEWH(~rh6yI|zu%8)c
zOu;;sr3bb0{^(~c$-eb#T9m6=@-8Re>?1O&Q77k%UG3dP0=A_W5EP}PxFMnC%5#PS
z2M=_P0VX#DFI;yOHF4hWfhSKuR&p!s!X7B)fn9xzwu(N)`5;N>KtZRXnZb|5^d_hE
z$_STpKq?WB7I&n;H^Y=<s(3j`^0V(EPa%sxACnHSLMne9`Dq7O-e8&sMAwOCD8L&n
zL~W6t1aIU*WL+0jk7-Za_j1s0c^QbYIyyTj_q0<=+Iwc_3SL%19Q|)w<|w{*K}QrO
zHjD@d%3Hw`4m;Q(bu{-9lDFHE4hr0tqQN$NxiWVxks*U@!y11`0Z4NT%l9DBv@UKb
zzS}KV0{V<w@S_WjQ1p#GmZW9^i7$trTS*_Vs2FmMMoP0n>B&?u<6e~XrxOSV;Fk6}
zrri^>*KpEits!?h5L(-%w~(6)Z_*jKroJUB(DS%Zy9{ok?BVmv)l*-u#!c~Vtf7kX
z6XvCZwqMwe3d(rQe^3OTK}BtPZ$LRn#T1uyEBJUDYtM2PRx`Nd+^9yP5p;`$AYS+9
z1?Ak}UMr0XKl=xkL}0Uex>>Ej-KsUlwW;<|_bVb2jD^CRiH#W>`zH6Tc9yV(CJ@Ei
zj-6ctF!+~WTCXXaP`hQd`FoJ>`8)fSU^&A#OM(cxL9e15v$5{zRDB>m^lN%;^&!YJ
zdhv&|n#0_Zo1^lsYhGUD4x=C0q<Ny&Z?0YV^NVepcEUBPMjhxEyGKHB^%qMnVFU~Z
zKXiT+1k?;|rj&GYT8=Blkv}v(KdJW|U?*_RSS1mqpm{24@`NLhEhK1&;M%KULyi*P
z-U$7kUVb5B{RcwB2B$U!jEuy=@n<+4x{I)ypc|wOCjC9Lzjg!>*B!`_I#E$$mOJ%H
z)~;r2%aah2y5FN|-_+*d>+~lAXVoU@?etWbDKwC-F6)4iOF|IAm)?J`K!F&y8)#~2
zpJw?V{yNH@)&*uLY%rFocD4%?sQFY(Ia%wn{P}}$yKzxzMA#}>@IqwEuxU}<(Iz<m
z{2T@H_E+ayH*dEjeOgB~TJCRrGYdpi+qCCS^Yb?v8B+AK2(-ra1RLPpDsgWk`>=yc
za%IxgzIOd=qz8pezzo|!<1?O%hCxcX6n^u4X(>caZR~e6WCA%<DJOA8Ju;#rY&}yk
zgn?<tyy>x8wY|tWn|6`+sdUP_jBt$(s_~@{ox8I<HR7$H+k2pNfJ<1<ya`Fr!bMZ)
zcWcBss4%g6Axo(BTy*1AfbxKu=bkXcA1FGT?UFz=4;jgVp@;*5sj`x7V>dhO=wjL%
zST;oKL^a;&S)xx_A@YWARs`9Ev&V5(*o607Yu=nW)R<B^D!ENZ;>i27ph+f_nG*F*
z^I{;nw-lK@I);=7gKP_PFvEVcQ#Q}ULQ#Mv{IDW#G@hFBMD*cWM1rAEC06dlyv;b}
zET9d&xmUC49jSJxr7S^_@eklfCHWrJ3;}n9O)K1xQ79&K*w4PRv6n@BfB_Hd+|E`J
zX&uCUne1u$P^$0%-}H7GRrErMAxH}!9+mvwJPEQ9CUWgQ$}EcbY~LFh9%!18cYyXI
zVv7qq(mzGoP3k(0eym^JTAPi9nS+53NekrtEt8q!(n!KVFP(kXk*z`B>9U>@dp2K9
zgqSo`8>K~!OhdlB2Dn^hA%ypacpayLhqDByL1J{rt880;24{H2k`4rShKNzr2Ob`T
z?Bd);Y+I-3I6S?~&(EZ!;6@pIJIiI3ari)hdIQ~eAWsdg71ufpO!Z{n4NEGG+cxCR
zhC;3K;1450LUk2AR20m%pBuet@~4wd9<KIs>3-j*wLj~wkipFEfR&;ATz_7VEQl2t
zc;pVialUDBWq<qz);FKWh?&X~(97W!=cnU#^Bmq8&7Cz=IxH}+rkwoxC_kX?_}QH5
ztRJ$VP)+e9F0Po%T$T1f5D-E$8NH|?<iH$j1eG73U1<-n2y=k*yj9FERnxjh&r$4%
z(%b3danpE8Ze}Vvw=h;*c$;p=HPR*w7e{n(pUhvRbv!#Fm0A=9RB!-n0m?!<FmrCn
z{5t0+<tl?+a1Z<K!tC~xTk3@Cqt7w=t&6Dc66}IYbAmldl-Fj(j)RKcL03<OL|Lew
zh1`5xe<aCu+(<9z!&WYBx<JVj`PmA-+SZ(ngjb>nxWj3(s%<-IjPTIB$7R{z9B@k8
zXw(qjvcv9E1LX@z^-YvAjP^H~=+#_z-C4=3n`yN5aTsWw&Zzws6PT%kP5@H^@$Oj1
z6UGOj8{d~W_Q?iM$zW^6Hk|o@22ISKVZ82Aa~Q@BnfKaA&I<TpA4Bj-j3@pCxz6qh
zHmKdcJk3Uk;#qWN?wjR+?k&A<6sYF3?>*qAx;z|_IVsib=wxGA7i)8{X!M@A>Fdh^
z+N`Ftg4gZ=ksjvIgE61!VPL6mzN1$8U9c)R19g_iJ>O`XJT~U`k()_DWBelRs5|Di
zjuy2IB=&A{sDlr(t*{6ip(@<QQPTWVJKca&{dLlZT`Mk=C6L&H8%&Vp$>6*$MchNG
zZmZx-kYJC$E<y6#$B{73o+gQu07%-1i8nZsb!#_(S>t}^SyzKXSe`yR{7=Jpi4Wc@
zT!}uzt^MP43_Pw-7-ppV=COdxI%sKL{A!19f^=}RnCNvpetk2J9FBLf1OsKZ@$76h
z-E+eJWrs$sx@{h1HzE-iPvrfE9<{Y7!=+A6xM4$meF&=4*bztG64fq%y?cLcgMygV
z?iiAo!bZlq?MY0BJ?F-%m9Cx^a%o*31uf80OyU?Q+|qB#I<DJ9JPqawLF^g#OANQ;
zC|w;Xfh>kB{Re%Qds@)x=_hf{Kf7D0AD5dxdqdsEvpS|q#Xi^&HRZX2Gz)a`9i<kQ
z9+>j=rl-<fNx2NSS9e$N>U>LouEqeiqJ}pA$AG(1Mf+mt<30|PP|U%i_sn#r>m*yz
zhbL2kc?Wz{hE2PhSstAm0=sZ(CL0vwdEnR4lWso#mxV{9t{ml;OF?@foZVqSQIN|Z
zs>Qksk7O2RSZp1#WT4}OyCGbg9cm``>jpP%1)r$vs{f*LbB?>pheRLb_`vRyLu|Z$
zy`&rpU2KozQF1xx<Rv<Kac#Hl6AS^KrZbN9&Rr+ZA_x@!iA3Jpqj~M;bq#IlxdQ0o
z0r30#xrHqUWe-FAs#~8lahFgzfd%ANs%!KS8!40Fb(YIiY|mNHgppbuPh`&O+#k|y
z2e<B+;8O5bNLlvoc_bvS<`NTBwtC7geB`gj*B{Sm%AG-oZb9O3w(_a+)9O%@D|iBS
zSzSPT6xi*6z6NLWhe9`<n<sVeFu)a-EG~?$0%&{2awyM3{Tr;FDF$~7_I>vHB+Sb3
z`p-u0_SJ=rG}4{Rc;%Pf`hSPyItzIx$Utb&pybEAx@pf?N$*Ah%w2e3ugkzA`c;D8
z5C6M`IxID6=wv47bq)D`gy6#}G<w2gx|YJZ&twc8V&-qod!<Pe^dzMNHFFmXRTR3p
zg2cnJI?;am{@+{6y2U@NLYG1{pEsi%-UF@oT3m0JrZ{jI=k9VRH9R_e-l!YcgK~fw
zs~sMy-fq^|661e7`-QwkIBe=5_GpMx%Nbes(SvNE98_YP{P4fU)>umS)IZ%SH4_ux
z&a>K5ej<t4x$}zJ1ZcPZDtJrXxx9BJhapR#;@@rHup~BFJoE-0n1ZWQq=R5vnL7Wk
znh$YdxaH+!egcd6_Zs6sOq}2I5#)}@$tB?Jqbpmtiid=4P1!QeXCzahWCp^vuJ>$1
zQmMrw$G7fR-doxZB|+UjnqRjWacu3Icryd9o|KAzP<hnRqwcdq%D{uy+u5x;K;f<e
zm44l|a(EnqZQ)`&bk#&NJ{2%vW;Q$Zc#oSqr4J4Um#*the#26{&Z!UPGgBMm_#yyO
z$*N)-I+>1`X;^$r%gLShh83*xa?yP@uOiD~T0Y0~zH!iy>e<*U$?*KyvnW@*YvfBp
zk#FYdP?T-qZ(%b$Ib`ndF-ez?#DOd=G1x$<LylJ?7E+IP(UtyWn5)a}S%J=auEq=#
z(|nEfF>qo8GZ%xG`pmT1cVP3((c^D>Lfp8rM|QilSrj4na0ci4Jc(b;CgRZ_Dkm^;
zj)aW4+(6r4ONZH>6<t#~^%ITdR4L+f7k4z2v=^TymL;ZZp^@JOhaKu_5f>KISB6eK
ziutoq1DoyCAs6Bq!j7rU!35{&!jC-X@&H994;RqTavhUzN<0<JJl!v5<GZ8cy}nrb
z$fV%?cqq5TZx19T|H`$7;QbzyW_`B#Z}kqx-JPmj6K5s8@$fH=p2urVjb*139vn)}
zB@MM&W8@9`e+mXZZ!2>xIzjhkY4P;LHBZ47rKQ4A1;QV(6p;Y0L`c#06xiLH3k{&a
z&(fP1pOo0s+k1DqZD{GfcJnRYsiMag#E29{76dtJ2)owBp5IbCJEhxG05_ppG(r`d
zegQ$Beup~G?6M0B1{A4tHqa=~yN6YB>K@hXQ-^9Ij{OU2HkCGhbgATob1@!UG=X;#
zGVk`zc!N;9jD>*EeA<RQbXh85&?|2w;F!dLE8~T6r$Yg%7*gldF_g$~Zn3G4RvEQ?
zRcYcCO-tea=;Q2^AF-zW$NRc$gS@|t`Mo6}?|7pz|5W*=<D-q)r;w6;69&tQ$`#H?
zvtDmJ#CcpW^CY5o{~xco_j%xkP5ZzgnsCU>6q}|d568{`40=xS%{1u!yP03jsU}(`
zoSqz}xLo<`umdS`>SmFuEBT&9Zje;H{c+)XfM|vwyNQe<pT-K^LdF41+9Z1xdYFfk
znKpPi6h($-q)nlAm_1mlqw|Z<pm1@_G9F8h6Cju_AI}O=v{kWrpG_wC%1wvZR9@Z|
z!`5?=m%Ym7SBO3_p6-1w&qlSyygk(KI%MNva{MkR{~X*o*67y*+Eo`701d5syIZLG
zBvezxYlVgn+hfP}*rrMPvDpT0xwleOmEujaiWSmHVNFpmn5xjS{L0-nE%ekO{5NXl
zZsAXND5>ZWi<|$mp8WH=iUUV%=ih}yH3DmXCFxgTZxj#P-iw^JTa?D(yjLzd^H<M)
z8$Cgf2jDm-UToJXjm2dx&v&aH7q@%(vR9PRXN&3D8X*;0%g!yI(>~Ich^I<+9u6R#
zv<E~BA#^H=7=tHA{XYp9917S&_jV(A0C8A{^kZoe+~v5LyW-4QY{jV!ej=8gOhtA{
zdc^1pMb?rLV{X#~tXV5#%iOU1%xbQ5^zI|tw^CO6NKa6?Dcej%JH;LENDnCDLDAY}
z&*@A{4!=r#OG(R>D{i#R0)0M|<T~oc;w^k1m^(+zJ%O1bPR$|ZY1X6T5Jyx%x)<PV
zlW&BlypFrl!_cJg@;unML)24J*%Jk-GJ6@CUs%Z%uKe<fs_U@6te06skKA=wl_v>S
zm`4H3C~h%J5g!GzoH<s|yJh1r*VKfYf5qN2&Ehk8WF{NW>xh)4kPu4Nh)Dj$3{tVM
ztzI;~&PsotGMfif!eyA*W*E8M6X%{&sn8or%4PC!Eg$ieJx<vv++~bs2-~J=J|R*j
zu>SaQ?u>V8bqYW2!F5ER-+B%|tcy)>JT1R=C$<VX+Q0WHKV_+K$mE&pIX+ty$KQsp
z3~Q@|q4~w^T;b)smeT(ix_=L;CyD9Waw*sRKw5mc<yCWtr3l@=0!7Aju?+dr+CdGV
z>g+EHwyXw+xJAD@L~N>lqYEDHC-cTCL1+@$?sV(2#;%tIs4N-DDLhhPr{)RVR_70m
z2Sm6u6BqWyeXS1b*#eIE=_*yaIh0rD65%Jq!kfr`n)EGozGqkSU)u4iU;xKprr=t<
zh&3aaj&T|@!nLZOrD8~Z=>`4K2qf_=ijy4ErF#&QS8@v{PTL|Kk%_-->6Bhi7UQ@6
zC}+P@LP0lX*T;fUU5B667Nss^SQ};;$|4w^_~$cxtV2PASc;dHOC$3H?(vzcHy!q0
zI{`B52hzdEZDqzIjbXW)IlP=$SY}=^2N<T8{4Slmr7i;+UO>TL(*FWwOpKp~yY+o&
z&kn(wrCBcdKf66oM7OvC;D&{%Sm-(ILxxJJZa_*IYntP#yy}9+FQzp!nZUvqFL9i%
zO?Pca6i$tXmA#>v!DZE~G41o(#w~J<_7+N=PjPd^ID$Rf#<+<El<aL^DGDi%%WoB3
zGQ$Y)(=N?NnE12aZaK)=PcUk?V;85A1WUxqzz-_>WFfvk@Bg~~;L`bCA?CJsXci-4
z!saF~FeF{gX~Ro_y60a?Y}a9jL?t{z6Mpa~&ejALQqDzHIE`oRfq9&_gE&za6CG4K
z&AgfS&l;=0G}iXTy6aAYnpzoF-ceK&7f#5DjU+p1(S2ioAIX^<y%!b)vn!<Hk!}^x
z)*P}ih>FXAy-$xLi^YH?^XE8W)E08kqcB~^$|9DioP&?l)p?JHG9CzCw}oA|l?jUG
zPMBBzl7$EXo4zJf%caAjEyC+ZO*AoJHtTXyr(JWzM1t7j`JMJc)6Y8=9W>|P>rPfA
zMcH#tKQF>h^I7}$)RXoZ&Wz7!sr`pcwmErYUhp-xGJ(D$ZG|*s+{lzYGc2h1Yr7M!
za;<%FS69HLN|wfZoK&kfCp2st;82W6^ysk1SELNtAUeBJR?nt}tto1GT!!T_t2o<R
zRRVo`jsFSKmIi7zqd57qpQpG|zB`eV7-egUhI;kt@#g3=7`$RWa7uR~X}&DjK65)v
z6;>a2#lM`k)dxiolV#@ME3K5RI95Ho=n;7{ra~%f7x_E|ghV?i<FdpAM+`aIsUrR?
z?T1V@4gh<V#{xOST;ls+4=P8;FPnV&#tiaUd;d{Ii>eA&FoFz{al@0Q^rII52d+}z
zsJFgWC2>%)*8wM@=e4~!tXY_L?w6OAFxV=?(i9@mY8sGJO7_tMzgD8nCi^KOuGaM}
zCzrn6XpHU`;;hE<jV#V)=v!6Fq~=#$e|3%=?fChGd8r;>BnlV56bOSkS~pSgXE<ST
zh#$|;sGIB;73lhq$?9ePp)dN~!_BF0H>8S|lijKRa*ga2gJ2}h-#<gQ%g+2+nK(SE
zSPs~!9r1?ExXbr`XE&?L-m}Xvr;@}F6+wd+$<NmqnC>Hj8G~O_lE{LD<5?6OjBu6N
ze>1Df$Z(50Q^IE%ivv>(q=76;DlbSxgXs;?W))K=bGYMY7+9T_{k(fN-S-*JuQ)1Z
zvHL3fb;dxW;%J3FFG-44*^ZwYOjGv7=B*sI3PD9voF2XW?w&&sLej0e?m^E5LWIqn
z@m|+}WsIWav_tQ2dQwd|SPYc@{>qPILSA2=L4Fj!+Vw4d618rL0Xs2cCSNhjCnEV`
zUV3L1|FhO{miO-nOF!O`BYV_Yo+J00S-r_`_ok>1T+7NUaT)lnyv*f()XfoJQtCo}
z8_BZ&rjaz@#A4Q08I(9P?e2wKKJY0Q&=KLa>GWWk2A5HDJa@U9#Z~5h2YAUaKm*Fy
zq&&GuV%L@VLc-9fgoi<`rnpvN>h;-Jv$H~eUwuZJ|GKNnh5h+CqJ;6v`Ep7Y!nyw+
zmGOf19;?0{p<L{;tkWa;n-di*Z}j8Y!X8Cc_<oEA{!<$`Sszpu#j7l3<PEjp+>)tG
zNy1}jEakBKWG-jzTv2G_l#x#SM+QS>f}kh@1EyK|U6#Ov*T{Iu;F;VvdE4NlPZFin
zZ(Y!BumoMutGZCZAS|xZ^{tbkrTrc=*$W*q@^85Bh2zqw^|gOsYm6u|BIKz~`<OeM
zk_$s>+1bO(U!g7j+rsx7dpNP8j<hbQ-^p5frY{^}nx*<pX1uN2#CR>g)P;TYXCEQ#
z{Y(L;)qo_fGA=`<3f)MW4?zT>u0rP?BiV}|DATk|ZnA-wm?`Igw+KW2w6|f#B)y$!
zWUY1j8VXe7Nx0#}vdyxgBlHzN%-??J2rno9Sn^e*0cd9`&a5E%);~G4Sx)y`zdEM9
zx~(Iu@Lv&H8$0a(=QVy!;YGZNpVa-bd-Bge`~?nHXLyp9qXxCO+HPuaIB_8-_JZJR
zv{P`m;X^xxO5R>QdK(1{6%s}R57Rkj3&>1;Jur8OTa#nhkX)aPOcw6sA<$L(<F{Pp
z+Z-5rtLR(Dphp}xbA4wXW0bd<ENX8b=Xt&z`}(moq3#8PJnHl-BpI!(hpvJ#m<_G1
zD4NON_qjL%(v`v)3p5hh@>_6kW0Y^k<atUBWeDfW|8n?W0Nd~D16(Te1#KgfQtm9{
z|NYM<+WQUQVy2KA^f%|IehW*Z5#if-(_36w@it5W|C@IpZs_djndlBJX&<3F1qioT
z32owT|10lJZiiZIDt)vpBL|+Bv;eX~G4&)|`D*m)w-&6fQfC?csanqwpX2O^wz0Ge
z!MC$9)u&(RU4LRnhxSwfl#P<h=~6Ndx4ygf621{&(mip%sJL?1x1YYDB8WwIod5s4
z6v(=W88j1SM=1D>g<dgyQDOGmFm87jtAX8TV6U48Hxr{Gk4Dat+|fJB()BU%h6*zc
z2kMo02&C9c+td2?yway91vk7Lmq-PR(SS1Peok6c+?u!nGR~rEXN(snss3!H-TqF1
zNytR?kKTXqDd*dKtOA1sAqM1FaMC63Zu@Kgh0jcnN8}QkFN}yD7{c^uzf#KKlDrzH
zLsiew+msAxBbs8yS#}lBI|Rd#>2q?-hP5o;pCyr2u2Axl#*}1WX-oTcmK$@p6Q%^Z
zHGLz~5VmK!NM!r#L_ExSm~<Q|PPxnYpU3ft`;zwz@};Yb%QnfxKWyL8LmSbP%%wCH
zNl7i;FkZYgt1_P|lsDkhooohoSp8iy)D97101hgTh-JbbiwK}jT481s^&Z$o-T$iC
zZ36M%$-ng?`Fo-p2BG3mYUR>UjrgbX4(xE@iH@=VR9ZtEe-&hHg96aLtdel}0!MIu
z;TSh-E?w#`W~P$#BkAd?qd(e7MODV`^A!^_co8hGwv}L$2&DTe*K&cPU!mcMsMNgG
zOijr@cC?54+R$t2Jg=uuR#+MLoz4arBp38V{5aI+e~1~tt!?h}H4g1AKYeWBTS2_A
zrkz~S%%GM(<fTU?BsbP_{7>8zTAcEkXD^p&^ym7StKNc{jXY-YmkcJGaw8UKq;@CE
z-ntmwD~Oet$KZ)o*;bo0?L&ZNKAN_6qxa$rbJ(D9g1nC%jeHNr%nJXj{tr5XPd!?u
zKx|dGNR?PX{qEQ_`L2naGJGW8)hvYr+4}xb<dK`g#22`EoNY?Lj~hJESE-s6rxii`
zGNUN?A!CkS{#8=*%o%3_Mt>zbSOLoE&c(5qqtnp6<SScj-njjBGt*5&TV}sVSkH%y
zarVlALfz?3Mwftm>!dek*dwV9^N+pX$P4pv``RgzK6XFZgjDKq<@(o2%sFFrg=Ca}
z|Jgb5liXPW71W=7B8ha0=ZgOZic~upX(bD_pm^*mN5|s|5X(bNLyxbX0Ucy2@O2_4
zL(}s=&UF9C+>LPbd9auxl#`Q*OBXWV>Ay(U#*DI({lg<DN`_G%@uQKQ{#^n2=FJ83
zMM)FmwIjFJm0lVdqu_eDTWss@+ky?gkEdB}+h=2+FIVXJmH&*7zXLE-dyCo;HJ8j5
z<1*~#N{_#BbON$Jx8h*h$vvLwF5mK5Qa38A{qge=Hd=cV{SF($UmY3D6sS$dCBK6r
z1V*d*Do7eleEoZlv+b?<v*Qh<$59%7>0W5235n^$Dt?#_nRj(8CYCCFM~{+X+A$}>
zjM%Xgnx-j`0*W&Y24m6A#Jy(2N5i9h67$3IWscqFA9+6s>dv1zw^1ox)OT0b5R*lq
z0BzE}A<yAex!;`W?VNs!(Z%uEZy0gV{9Ce<vsGq5j{Ei0n9+s^s{bP{w6DfuR-wz%
zXny9mYXq}QSMd53qvhBCGgMIDa{9SAfc;?X-P1!x+@7_-&H1a!4q3gpbH3zYPAx3i
z01=qvE1=d-P|>E-SfISwiADOs%V~#prW9z%f^5(d9rA}Bqx?Z$Z3!%)MWs@^yL?{y
z#C}PW5`l<B1CGc0hfLYd{D>Dc>h)QH4s;^|UwRmMlxhAKg~=<ThpW=@bof`hA35Rt
zBkM`_;Mxtt5^9EB4JF%D+8G?oa81d&bYhLenlI}#M#%jS!ED?EZoh}>!j*_n&Bmeg
z)65Ldakft@oT{MTM`&{y@;_OPCQbVfPn_1$DL7cDVZhWF+D4fahP)`?!bx9!rE#Yv
z(Xg~@E>c*M%jx?#o}6#gD)afvufMifhp_vN@h>di7bmWd6T}jli^j^6-pPtlzT?0t
zq8lsdEvq9Zh=5>X|NDEQUUE_1lzQGqBhpF};kSx?a%(SN+VX8Q7KIub0Ynh@u?mJr
z|H2c>7ZfrkD~x_1Nb{*wOPMR15P_uStWx?foBlDPyxcG2&%6lTO^J}h^P2Xe(6?sT
zdUiDXpM?KQ_3~I^GzR!bjZ4eK&oP|T6!*<Xe9=KAppaO0vAA^afDJz_N1V4~6x_E_
z`+z5>5JDYxJ%<_bC^Sidzh6?|(sU}>E%XKeU`LXE3D#s0F%mR}`2WldJ0cav8^^sM
zgW_GNUTD!WHn91HnJi^ZNuPxvWf{WjRlKE<-f}w@&w%CQY(G7c?D5lt)uftU|6F{5
z`EXo0`JBeSy2}`qRU#QkQEIKNPtN!T9dk~Au%ne9Gj#lK8B<ND<y<u1qJc|8hg=E`
z)tG9DQ(BSW&m4|K!0d!h<)n9*P<PX>Xaxhwhhm1jaU4-IK@&*3Q*~W8bz;-=kijo|
zW!UmInri2L`SoMjNNMz>lr*O4Z5ZFAdqkViHrA+9@=$`SBZjZ2|4xv(V!$x1W(W0~
ziX!(ZIw;vs{=3L4aJVoY-xr)n@<@PiBC?4Yv$XL0Y?Xi3iBP(mZoE);cE>m7IU$vO
z5j6My?h(Uw=cz@VQjpCQP-gr6F(fkexkdhY55oiJR-fcCiwOp47j>BA2O+u8{Dfhq
z$WKkL?CAcuF%*Ueqs%d;@*<0-{*km3SbhQ9ly^N?r7G+M%D%9!`^dE`X}fb0HtF~w
zi%-((y5O%jq`_vxG-B#Lk&pHPx7A!)P(n46$d|y@esa0@Sg@3iiyD`N;Snim@g8aS
zy>9U(|EujZ4~!MB^o9V2uw<o?yKv$@azXukGySg{BXK%?d3xvQ)KG9T*dgez0wqpG
zpc2e^X!MR2{un1UYeKh1OL}#r*Af9qL<5ex)4$WZL(-NF9Cq)Q+e<KoidrNQ@?0)>
zXjtTuP4H&j8%7?iMgy62bkE{{bALQyNzEbTho{HH($|fxA)$>qx(CkgWU8SJ1w=_U
zC7n4+BHU<yFoo&$M?grMlj*jnagg5M>)NU9Uf<S7U<ON}?LwAE-h$o<uLUtaNp?+u
zzN=G_^+s^oRgY`gSV=;0Q!y;`E(`h0Yw$(Y|40z>CLjEDTOSSdB)eZ)CJ}37aa&aq
zG>3@DbY6<Rk%|IS?Q!@<#l1Lt#nY>^qi;JnU)V}4OIcX*xp<Iy?(WCAvE?qBF_~30
ztpwn_UDLlm6esw1fWO$0>H>a!NVN3R3aX^P58}F-cD(!9M9e6QUbO|@Fcw3B=fMix
z9cENc;=-dw0nqZ`Z(W)%7~FpAN~a8~N(o%Op?PM;2~zx3kk`GM4BurBxvIgwZ29^z
zWbyBr3<3|IJWo8a%4b`Ug0e@jv`&M*S3919(E=@9sS|#6q`iOAr>^6j^Nat9a66V8
zDaH^!A|=R$Pgx2$0tXhIFUheIP%O3yzX_t|yyZBps@!q76enHhEpPj1eZHfA9=5BO
z0S7k@9X;NB61>l<pyS+)?56)K;VKK6S*{E1sGsFLYd`(`b3HoN^8~;lz(al8jfQ9p
zNUe!gR#U|d1drG*6>B|*pMr%$^9>VF8#}g>SzPY1c$uzRt1f2vonmZg(>>HJ9i;MT
z$sj-QetzK*Bk>nT@0QhtXE0{t0%uY1<XL@xHc|vVb72skGVprvb=XP&{nw7atm>L!
zM%@|@yENZ6$%{I~pJ9&X={<zORUv~|#aaxum1dFRxf5n?tCwB1l|97MplZ)y**sGM
zCDR3_?|zN`zyttQt@fi0T5@O^iV6M9%0xRc;w%ro=G32Z<n{`f+%Npq;(>ps(GtlS
zZhh$o_>|7}-_C5*RzvsnR^n%^scHv|Qxtwof>62mx@?f(p(PU!F{1?-5J(SikhV;Y
zb!VEM_rZe)54AJ<H43&y(l8{F%0ljEmW!<*(|%jwh=NB*9WUXbau8tzr_}`+a8rr$
zK2)ifx3XWK9x(>^dgg3lbYa+E$1A_%M3Ez_nZ)*jM3^!I9D&9)3(tcG(dcXMJe}~T
z0Y1H@ZS##fq9x}4K7JJqj=ZV<NSv1dnaPxZu+J(LHE)7oE6+UM+NJB5zbPwPxjGZy
zu8rWdz91Va@&q%o*;Bnljg-Hck~6=_l8}Y8%LLuNd~>)W_2PmoOVve>o+8lL{6Eug
zw%$kM6tWO7f89_3WYf>Kwvx-<rt@b=j(De13+yd^D@b5O(RkfQ$P?lIRlLA;hpH4M
zSlq^HM|OtT_cwFYOI$q*DdPS?D*K%)2QoaF#Dmu2IEmzOAkkjD`(Fy6jjOL{rEF{^
zoR~3moP!>=W-dU`yQ0BBlLjI2Y_n#Wo0b5zjOyuxJcr6utvUn;a!8=-BDh`hyJ9HN
zpb;K0OG56&w2`GaVPY`-EN1YaWD*BvyVW34F|FzQlRMm9_C+#}%Pybv-{aa9g5C`z
z_e<4DwvQ{nRt{K4a3d{kU)kvqj$L|=1Vvts7MVMas*R)Ghrzns*O7$DE5F%7a+_4{
zpH3-Vjmn~ac+jvAk;s1ku>CTjA2Vd|F-c}<;|l<b6_9_vzBkMy`+@;Dhwe}i8`sN}
zh?CFuF=y+!<DC&3bdIiKeC6|#sbi?&%n9H3Lk{5v47V2gH%#<nl%Z*{dbOXHRp*lP
zk*^v48+yAM5n_Ul9mGd#&-$-WuM(^94+?&bm_D@2qYt5knU2!0@}`RXB|PpwgrfVL
zcx8z{-K_Dm0YV7~7i-78QMI4J_C~!D$N~Lh0yrP^+HpCit<%%vUjL1PW#&RiQpSop
zZ}kd_;YrclSmO;-xU}h*!hX`MD85in`K_>{a300xbE6l-hzMfF7pfm5hiNJM<9iQw
z_Rtpxd<XT8=WE?_jfN8a)sHO94^H3y^;q`%QX6dSX*3)weLN6!@$;^W?F7aZ`k99K
zXVAUi@S_A?h*$L4%X{6V&VXd9^)mW462?Hy&zv|*96$ZG9g;SkP6CU%gZfN1b$0!<
zeM_yDHtGoozjW;%()~zu&mUQxm5^D$Y!tI&8L=TQz0Jl(5%ZHEbJe)5I_NGhIh-{i
z_kJ-YUH~}P_Q|L@<!b4Mxx<t_TmR$^`9_7&uK36x_GmyfPnCV9?Zun9yulqA=*7O}
zmbc=wI{xYFF98m3;R4%%yYMaU|HIc?2gTJqVWUWJ5AG}yEG+H>cY=FxcL*-Q-C5ir
zxI=K41b26b#oZn5zQ6kJKexWRTeW-U%&9ZgTYaYI>F($B%w<kolL2;$Yr9hTFVO=9
zNFYl<V6^zJ#c|6gX5=1t3(=3T;Z-N06kT{HzToDL?$d-AMpQcI5=ML`ysP)V)*d3@
zFsEO+oYOx3<%dVUwT+buWb)@l!*5#(05P_*g#vE>8CrCV<z`Npe-n5|Ir`jlf-1JY
zvKhYN={WTP_xpwxuqt+8FqG+}+Klch1N!<YR%D&XR`?)DmjGYz8{$!g9$IUS!`l3a
z;Rtfq#eP1s-2iE|Zjb#~J(}{nFHnXy-u+oDPK>JBLaxQMWcEiu*A6jg+;BGzb;TT&
zY{8)_2aXr<xm&r)>->0e#^V+JUseT*`j(=T<1Wt9b1kClupn3oRzeT=KD~5>oSf6_
z^&E4EAG*U?GxfB*Jn_kSTAGdE$sdJ^V3;(_f|%iAdEy-?Q%4U*KdT&xQT+J#fDgEg
z&2!(5O~#Dnzv01CWdBO-Fp_NGzGqKKHXr=`UmSt3(eLo)b2bY$_bQg2K|T6Ov96wr
zZz!$dsd)4TnU*MmZ}Q~QrDfV_{O&lfCPqPK<OD+kk3@%l+@3o2&l%_-6Ws*j7aq-Y
zL+a(v*L3gqdy;SR;fD0Q6h{sR-?%{!`ebYi2)*KWeA&6J)C9|%Ak8);-|M=(0Kri&
zF^V<|%peprJ+QX=ofTO@>q2t#QnJOwolh>DUryj)F6{J+LMZJ~9>fSli~%P6r{+OE
zx=!D#ldkqcLD+z`_-h8m6}qXfD^pFKF%Wx34{<M4Wn%mtTsX{A!+6e-g+Fe7y<N~c
zRCxK-Q<J%i5J9A6L-W|Vk?~&0m}$X$`n@JYg-}p~aD7gqB(xP|oR6GHBEXY|L_;v_
zErq8UHR;skAon%2BKP4LI%a62B%S@52w#Ea+I90lI}m?0*opqT!=@CYl&$NlCmN!|
zPYV`D10gF141taD1|en}?gYBjf#)CRZR^-<-=;LdK&2>dAq-^k58F-q+aq&v*JqOb
z_<b5hp~<b?h0s_0+|~#VX7M|Eo1Jjzzo-HeNQZBPsJ{@=W@5{c)7|*m+f6ON#?YM$
zcb9RJK|$UrPi_9EJ-e#{3AN<{OzeL9R~bTltIYz<eY{<h_25a>s}>evKYfXulysp<
zgzXS0W??s(ZK@?M_WptS6==p0+f5#O0qQNy(~D@hN5jNHJ%V=X%>6#GX<+sjhtZDB
z<s}+=;kxf70|Y%jD{0i?f<&86+m0QM&`16vtQ#(i2J?VKg##@Cd)MI@%e+fY@I&b6
zWZ^VGkK(V+J=p^+Nqn^sv;W{7XcPY4dM(C;Q^^krJnnD%cl2wHu-*wEPHsIn{W_4B
zVlwP2=z8$VZB^<reN^@)Ukw5XJP9{zAcj5QG6H&F#5+<B7={#bV;BTK^m^U${W<$g
z_io0W6~5<|Wpwzns9IbdYytu5pIKf2%Qr~QYbUYBU9C~Ns8<{FU*AJ&+s{}RE=R!Y
zzta#!x)*98Xf&jaiNW<rgwYq38!Pm!0a0|+%R2>sgE5Zd$yu1JKeM@mhdg@a?_=5Y
zYiAA4q2!~G26TJiSBeqK-S?e@kW?i?)Z9axA+j}jA9X{nts;g8Iyj}{w+U#EH8kyp
z$o?&@d%mP1Nj$84zJ}o^Z^~UP=;NT_#g8CKD=YPwNH?Ai@o-mjVgH&zVK5wY2Lf}i
z2P4bsPyF-7Qa`_0S@(XQj3>U_kXwjc_9Eom1CPPk?NfvB=J@)d|8`xnDw*k+D@%ng
zA_rAL*3?f1>eznM16R-E(39h##H+Xys-lUo^{_VtLIty2Ww*TF(f+m0cI&>}U~2~2
z0R~6dMAd3$Z5X=)ys>{Pc!>-=F@f{hu(J<z6Hva2EBpn2*qktLZ*I>C+qq=PC1`%A
zk!i<^fR7%pMTXd*yLLD>n?ri8fR!dL@+5l+1zk2nRI6u`q<}Hr5tEhq4uNod)HTCP
zQ4Hly)=_s45^zHQIp%gC!>o)eyK!9H6%W5Kf91|gra`$+xmLI8Xxmvr!Mo?qR|779
z_&@_MMZ|<fJ_@6!FY8*@cy<E*Gl^CHE4l?>-|z}MyE>rj3&Ou%7_Z!I5Np6nBtKft
zEY`W(6Gxmn+vH>`NJ&-a70E{j^9lcrwT%&`QPq8@zBEzFCSl3k&;0kUQED!ffCHhR
zatfANgX8ATU*gq4gy%>S{x~id>nQqkeY7d`EQITsE`Ha*>h(8t#YKUO)t8Ri78DDS
zABd_A+y*cX8a^~i>n@jQ*v%&n`Q<7aVfBr2_J;yrwidw(<pr+{K6F99x<=#Q*F{aS
zQc1SE)=RK3i=NmWrUhpdpPSGh)p_Ijxc|8C*yUZoTh~m0Mgi_8c;|I*>FwV=d5tz=
zgLA5yw3B%4w^@zgxxc_YM^?0gXJSIomW<oT#X?7bpj5-CH?XJK1OJWKgwt?wm_YND
zR9;rpkg=$#TsusHpyxXl=mKV8x((P``#^~T8_3|!qeqcN!RD^r++*-yJNK~_c;!)o
z<dH?#at3j&EI{%yl?O+&744>))b1-xc$XD*7{vb1AM%Fp0&sE9Jrzd^8@Y-zMJ_kD
z7WbnMV(?<uJUK?`?-X(oY^$yAKKv}a5c3v$iG{bq?Kjx7<zKO?0y6s3Pudn;0rm~M
zIi#h41>Ed)w5-vzLbA8wO%1=;VkZu;1m4L4ay*g_IXNo3r?6_tUAZ_h;fo2!`1k@f
z_Z@>!V10!)40(Y+iQOD!KrvBhnZr?j;Mu6>;9cfc>Kgk)-Po?v?f`{_3m2oJ6w8PS
z`7^xZGxX~%@+WrH(yZ--M3hcv{k0&ag*{VFWpn;P(pQ15H@n|8Lwdh8iPHU8$e#*(
zDo9RND*g;wwVB#gzbRNCDym$=^r4~Q>hT+f45i7Qq3_TjT!{Z>Mo*}5mkHcuQu8r)
z=gC^TbepJvl%FQxV+VwpT=G+G1$^5)L;R@D>vchm%O|@L4N>2ltY>cJAu;IMPYB*+
zT~nCoI%y8*rebb+;(*a{q8;cg?fnR?tRnMjQoINm{Gd2!0T*9)^l}~i)K+LPI{mlq
z*>U(~PE`jIb4OhQgl0blqZl2C=<l=I+i9d1Y;FU4uY7II>`0b%N|=I&QX)T5Pd|AF
z4CVn(3s(DoO3n9L{z+@M?j>ME-)N@|mg@G%axMthf76|Nu%IMZa+Y8(E^tO@Gi`iv
z8d9XZwK#X$*rW-F@)J&p0naa6+&y5Ig5I8}Qr8qnQQF(67Z*7}ZPG7?`k4AZoTKFI
zBO8O=O2eC)T)B50RsI9XzTbNMNj>uR?&8(>_n*M@!6k;7f~+s(8-A*YikWNHe>SZG
z%fuEmZ5YJe)V}%=@#P}uEe&ev1d?JnJd+?TGbBuy^ACM{yk;G0ieG+F#@7VJ@>`R|
z9{RLKjwZo6JocFCeR}VJD$JFOHQyW}m)M`}P=9%s{&Gxp*}_M;>eM^}0BI@>)&z;O
z{_Xi?zx!etJ6xFq*3wK}4R>pB#oxU;@HcQ|c`c|3aC%SJEekIvbM|p67{Oix5U9pF
zb=Y9&6C5Sz#_Pae%AS<d;8OB4bkaOMfX;jhNU%FR?eIAU;&z`jht3Ev;SvW24y2Y>
zX(}exsqS#U$bCo*Nj2&a%uNQLdA>&QvbT$y+K}0p8YVQKv4%TaSw6vC>Fen^y+%oS
zn#hm6bAa9BJ8zIMfjL!V)BNlaf~&0iUtTeCP&J}M6(^C0a(PpB&Gfn*pW1obAzM4}
zk0DKSr8xzQoWa6)bHlfVvYUNgsik!i2+jJ}@dDId%3;oLYc7*>LsaN_F$g?pe5W>2
zdZaq$7gY!iPHE?T#!(P8mFd6Hd(<KE1W1l?tN0-j!n6`)Po0GF6R#vli4n9M61CQl
zK<RAY>_)v5bZ|@B`|bbRrs3iKP3CPq7fbp|{UM!75}`|B{L2?<8LG)PdMY>FI4H{E
zM#}c1SuY{O5b?N&y0^)+XAf~xF|4WJGVaefA^mYRIoSutZ-n9`g7PETOxrQRb9?-A
zs~km&%mUx<L#?DOmk(j#6+3D|p<R^0Ns50C5<FO@#zJ0{oH-3(bh0s(bcX&94))3|
z-Cz{tD^$Dk{C-SS=FX+~7<*{Wv;0f)3(w21Wv%^8G}<a<+GVNEE#=8xHC*$}El*~!
z0f=9jxtQqBI{Zd%tEwqY`cJN~9=An_)5*27cYO7rWnS^YHdES-D#69#kYNhua-)q^
zeXE#Vr=FNUg8}r%wYjRoY@toDCHx-C@}=~|9@Jj-0?m4Vpxvd|Li#ky<Lhr+*qirR
z<cKw1Wm>a!KZk?uU#A@KK4?#|$FiiLW#ZlW3bme?AyF30tKPma{E%p;;m9*pPoDRa
zIIpYl#Yq6a7*|r+zW*R!b6{0hgtyY9$(TS>CB+@a_nW_{&+KvjT?yDaj_%KH8zuCN
zqiW7S32j}oz8u5BZ@YL7VO%0UByQx=PlC6#nkU5u43THIFYCz8onisp%UXxsnvq^-
z2RNYUqAHyU8c#@!0km7)Zl|Q!HCBt3a<`|ez<K>kKX~o@C6hM&3%v!G&I*k?jZ#{M
zZEd)1?|P*a!W?`Z1|$&;PT_z}5McOAoYoA=&<Tb`IM4C!!${H(#_q}#DQM`(U9;V{
z>oo-bW0Q*d+3#txv`1QI?6$5wO(SwwJu{$tGD@YN6WHP3cH=q1wLKA(E6R2G-q9+D
zhr6H1`y-g&tSL;dcr@1np?dkDvc!6t(!k^GlC6HQQ>Z&PK(7V1u01seR0WU|Fa0RV
zyO39za~3M`H~oIL{-etQeLhuE%x&B`$9d^@$wknCX3Q(rn5s~*CF+yy0x`faH`yn*
zSE8osRkv2G@V*7}S%~xZeVk7?Oaf)Ii}W&d3*~@!!l>*#&EKtl6ioZw+`|x&kvPDZ
z&I3Kk-HFESIMZ#`*jyX6W#1@+#+Awee=1GkenQ$dEWSxmB=517gMbHXFpPeY$cNec
zFn6T4mrA10uiTuC$S(YQ!Oo<Iqhv^*d@A_jh?+Ci76r)SO{eZ{(7nXW;?dR8p#1q(
z``p^<w(HeRnOyJk{Z*dvS%2sxqb^#`4Q0AS^ZtEpy#Lp*nsZJVkXyR;{J|MndSGG0
z?r4x11p*E#C&LQ5yi-kxS;Fpc%VTbW+i480oJGlQa<)R=#-;2UYYi@Uvb@!Wm<ul@
zkI*>K(}J*n@5({w6iZ=r6!cDVVW?UD{8t2X(~(+xkH{({eTF|RvC4|_Nx~$r*vj%G
zas{#Cq6#A-+4^a$NHerpwq#T}x30X3^*v<EALE5?v_7Qq2U)kQ@1_f*=2Y-7dJURo
zYd8KU<<bW0$MHCHv%5t>S5~?+F&(Yv%T_2-&d@gHk|{I$D?tMPOJ=Nw`|TTg_knp*
zk=|n~Iim#m<McP^#$TsmI3S!>nmcqt+$gD>XPJ52qWTNd4Dr81BTi+3@m0^a23G`M
z<<*k<GoBg(<CBAeZi8^5vnqtx{pM>5Bh+3j;iyI}%GD@TEHCW)cON0P-w=|b7M>XO
zh?e6j4{!P_Oy$1FzK-nv#s*oHGnQeU{(N}3e>lJMD-N>mB?QJ7u`57`E&OcSfIcXH
z?wK5bD+=t-KVJEBEQ+zN!*KGV;OxXHgcuOfkF$bSs2fcyQE=H0Svbm~`|}HrEb>c6
zbO?{=cD(kz+g0ZB6n9=SUTomtX~7F1N?lKd^7CA1$1zzA=!DA5%){fry}sunEJJz~
zx?xd-7H<L+(d*Q*ri(BTvyUedS5W#RS~z?JI)TYqMXP}fI&?*lz<ZMp6z9#B*qAa$
z0hCW!nISbF#iguBpc~a4uCq!%%a+r53J+)Qcv6Fzti-^W@QVrwM6&k>+Cbj(yV3@L
zQxBC&fOKuA2}2we#RL3vWXGw!DJ0>o6KlsZ9S7h%$Mf9bgYY+OhdC&Y+||#}JinLY
z^9DAP-AJA(7Dm?jJi{JOSS9O#qYx+%o+&cv)^ocDOt^>SW<pCT1%MA7a}+A}7alGi
z<oNboE&t0_hZH&623cG#ExtW|W&xD{-7QUImPLcW*8S$OCsNC`;*Y{PW+$ki_)aC}
z%@l@})7i1RMp$uZy?6w&;L~H;%zSUZ{qgKoQT;?N@nnL1_diJSZodX~BHTm2qu%0b
z{*P?qGEs}>A)Z3--{4PIK2BZ)1E?!0CL)iVuwWzm-cqSYke|Wg-_(gw8gc)`p^4Kv
z#UinSsUD1?*UoS!+Wz)rBG44n0kjKeU{PbhBy4gQIGRRKfdpgQ#j2|y8T_GIH2c9_
z%#z=QrDSnplK+XXDBmc!r0CH!A1tMY1W(m0@l9>#b>!)G*5efM=?7$R|Gz_|KK829
zzJ9*=aoM_cQM%!kEeNiPsYMZ$tL>UsOOP3bGHaHd<V?J_mCz0!JVXTl@1&94ApBTK
zbsXbCWLO`hX@(pRkpC;ahg8;~D72lhtGGf>Usp&^z^h$eS}N3i4td~dB=CN+@hDki
zs#{;AZTkA*p94FEAe^0r@m93zz5@M5Wz#XZ(qFrU@PKkL`9_p2cO%<97f2}?SlR_0
zI)e0a#W=@dh2cra69_#<*qR*}Uj~8FKWxukGDHd|g_Jgv40P4%J71bnxG9>T3jg|}
z0o{ku4*9y6>b8tZLLe%Yl_x{qc9*q3bD55j##bmMjGi+?J9@dr-Y9W}^d#~Fe3Unf
zWpT@%*_q#t;Ru=S!jsYvc_pkdc`Yxhdv-Abx;8W*)ShpsOIy~d;H0cPB6^h^{PT$C
zVy`bNs4H`^AT+>>Xl&>!vJ;&t|4`k`R7cscoX8Y`_kMz&x``QHJj_}^JMQtaj*5i2
z;J9At+FRvr4kem>;AsJhE!&Mnj`<;)r~V2i?!L}YSE<R0I`j3vbdVqXvwaESk#m}A
zLMwAg1z#l2)><L{aXObmc-@tVG(5${&*2E+{Vp=}ZS;#MJty8xAJD@U|3^?3thPjk
zO?rj^?f`kK$$RUn8IiIGS)gsu^Iex(e5>Nk%x@+@n}D=hLbnLI=-abK`OsXhXND1R
zDoG-K{^v`reZad42jF^Ufi?Fi9yATzrH}DFnw!%Yfh_L=<w>+rMGf>J!u5bsC7J}c
zqPS1AZzTs$;U4r=Anv2?3mBEl>akmlVpKZHStYR<=4l=HA`Fc86o=bFK0z<l%$3De
zzd4Ek4vUnmPv&>BcsL3i&(%<{7sZx8vg4z_2v;X_iNo>Wxmu^qQ8+Cvj9=cwTflgC
zez2Q{{nAT-kuI?lr}5~c`8(8HgshAXQOplSd>Q-T%9YdH&EU1ug!OoQ;c6!t-<h2l
z>>H71u@)02cdJ_j>uW7K1r7l1)+ly%0#Q^`FNrXM4Zb?iyN#Zvx4RH+TCzo}Usos<
zBHn{VQ`wtti|2wk*Lz25caLazN0X~T8yKu%nd)_BK88NIJ&k=GXkBE9fJ$vwb4!u0
z3rUVwY+n(WF6NW7XMb`=uL<L8Br+8miU7@0NQtI3RpPPz)+Vp}1a^BJPb^#x&Je&y
z4>e8lG#FZh5aD3CFyE9Q`ZnRFB!3^H7!U#76rw4AAs24CA8ZyEe0}0?s(rj>DIqb)
z7igJ{fRvR?WC#vuI;ToKMaH0C)Xi=j#e2Q_ah}wn*{IS09joaZ;B_0L1{ksaN{lRY
zb*2C*J;pwc3L7sarf*%eo`L*?(4{*{6ZP2d7}0(CnZ%0c09wXjNJp=Z;l6l`W+d%U
zmr5NxlS|mgLu$bGF_1bFP6tiqxrBMQPgq8oDmWfR?$t_d`L(a(H@QQg*G;7w0JYIM
z2DnU5I0GMnhPDzwFP5gNV$~^LHf8Z3wf+>uRTl2Fy~hdUjeMKUC*MR`{(N^d&$d#1
z<crn)B%znO4SAVZZ;}%a841=Y>U{t>2A;`xiVkp*^6?ZcAL>+Ow;;eL(of|QXS}@5
zuv0d`IUQ*h5{ev@1W6U4O(ToFQt0E4Aw`|7sRD=T31u0|_zK+8&S$+yPhA2P8YaY3
zZB>+WjHfly1b;^5Uwn-ELb+P6oJuz2O%c|S72=z64+(bMhVoJZh=uWN7ksZwhgc<q
zjP-{B<9^Is)|EJO2D1OuYn}Iq^WlI_!+V_Mvbg5n89HmNQ$JH102zN@oe-WzZCpr}
zLWS6e=7?t~?8412!`F;TslrZLvRF1IV*X<#0RAL7>gZl1pkTW~r26F3*sib`-lPIy
zpF|F(O9*Aa@cursM}B<?0P>y<#yDe$p8p)Sm)&RRBxOTax#YHC)|_+Gix~{h?;b7K
z8tkh)A(9KZOI?4Rph1!limyQI5x(0f#ixBC#tLD|H8-~UqA3JR`GWLM*i~^ZhPV*f
z`Tdm%oC+MqeF@>9)U8A5DiK;?7DqfIp-l{e@ks86`2)w?zWwi>ZvOlBHoEx$^7Hff
zchQDquc3buo4Ij(oMneEaI%lYuOA)SFB_289Ih^MPxl4dd_KQ-e$kM~^mbGWjrXX;
zXjSa`%!%=b>`|cL-?_gN9ykuT{JDl|&9RqiWsLbDU(INxgz)=D4-NO{NRL+ZI;`W~
z8{V(0rc``thC;b^YuX;KVi`jrOc@GOqzLI>V#LvcBm|h;tFI+8PNlj=v^~**&l&uH
z55c(2P1HILQ`e!7R%$b0?2|{g^0IZW)$vw2Cy61hS`DT8cr8BxTd5%jip}z>2;`L)
zoXw-}34DQsYJx`z6az|DRD5aHMizeJI#PVSmj~RsPE^Osz^p8rd=3JNB@EXs%pn|k
z?|eFo=u0=XQF@CnVaAAlMmuJ}Wu`K?aUP=_=?$+}f3>{#>drY%oHUbWp2_odnrI9C
zzZc%9=}?5R7cZPI59i}u-DS%U{QW;f<Q>rNNT+fk=6c{pp%3b8Y}deVXM(Sc>Z{>w
z8K%A6<{~|l*w?jVgm`y3+`msZsE9WgEG)btL=k}>Enx7!abD(<<fu9qXeHm(=5&u!
zgj%oook8f8V0r_t5MAVH^j022!))F`&%}ER6{#q#G)13YUc=atdaL@2)z63a8-Cmv
zma%sCZ(nLPrYI)L3t-r-=rsEk+*hi}85&L;tSlTHu<nI(SC<xDhU0~>zFdgh2Un%T
z-kX$BS^D|*(O79rgpDOh1_opQ?FH}?^0rP{ir2`RBwRGb@Oz~#ZtMh(js~m*2gK~^
z)nVS3TU$-79VNiA?2$BYZthh@S8%?(Cp*16LvXL7zy#wn*2VXhJZ+tRL$50jt3547
zOO|2wH-+e%*TREt>tBJ!5SK$KyC%vepXd<Z1B_vCAJ9P)^Qj*f)M&W5S`=ydnx5FV
z93_jn?nQ{#+aZKeo6wB1XDV3Qfxt+ltgr_f^V54?ic=M2Q?q?Ox(Qg_GZOHH=N&wn
z>6<dlATNen9zWQ@t}+3{{C&(ywums_Os#vl4{ZzmM>jMJTqbSRjDK$y)AMN#`B3fn
z)yTDgOtfYv$Z~H3ltK0?M7iV<4JJj8yRaYiMpcn&2zvW<sfF*9r`n};^3(k$<<HSH
z?*tR=%$>zX<Ol~NZJWPSngsGq@co_Co*;+Tdk3?AoH{Q1Z1pt0o7-?d!k1@b;IpJ*
zsugH+cQhsosEq;*KjWD`mjOQ$2p-00dAaP&!gu~YF*2Ld@beVb_Z$)%LV3#VJW5D{
znJm6d7g544-DPbCt3TEe2lIX@so-UUi?g_~G~ixxEVY-#7HkHW0b7es(XIMOP&F=j
z4hG&ItHW1wJ@dDXH>EJ#+HMDk)*9W3OzoDYuZze$FXY~<%FWC5b|)@6W5#&xW5&4F
z@*3d4!rTW~GDZloq}(A)2*QG?d?Wkz$u(ayF2Z%o`&j$whEODgba1aBTva3cCqR_D
z1fFqK7AK&aWO8531La|bXem9Q71s0iq?xar`p2aenb9h&f&GC?Vm@3;L8FzUQ8+OF
z^Z09eGZtA8Gk356T?{y<c%A<C0Hx(+=<(&}!&?b26Y(hL5A_M%%mF@E(}}2IUk}UR
zrfu_N;;X%5P(6h~#XyEXedc|bE!@jDCf9~^frDjloThOd>*~b}pKg65yD>759>sUu
z+Qye{H3QlqgNzSfh^v7@#)$KF7^B5#A&<&@6hzRzJF2fBWq2*Xx`gVsf`45+2iV`9
z?KrcAl@=-~{O}Cs7f++D%f!PMM|yvSG1W;WarG1>8m4I$Ubt&l6+|uEsLg)<r4YqU
zu%{aNIrGk%j;wps5zB$g=}PU#{Sz|V5KVwgtg6fO55aAF)|}{_FUdxHOpEpd!tbfG
zb$S`SY~SWjU+hM0Ez&;kPvn!^{m1amTdujw7_^WSlmE^fHNuJ~y8GaU{Cyv8#mIT7
z2m|a`CYH24Sx>Rp0_L*cCsH@8d;V#tm^t?(5HHIG9JxB0#@tUmMe$T18io@HY`{9L
z!=Ucd@%(^K&!}gs74TD^XJ1drK1p!F@eC5lt~bkD=JHD2#Ssea7@%iK$4}FFb{S&$
zGZ}(;W?J>#r{p3xvp3)IoQpE-c_(&!2kQJkP*ybh%08~hduxCH7I5?UW?33BM?d)3
z16BaN%zsyh<I{6kfzB77&Hwf;(0d`h_1npR^a9y%$a~jUnqxyTKzdps*IZvzU-S<x
zSlNo&nTPct1UmDXN_rQj+NNXsdMpd~#MS_4lxYHJ-mCl`1gocIsYu+T>hiXR5g@ZZ
zq(_>uVhm3?X>#sSR=C4rCbFTBmo?<6t8nKkKfQ<|tN^_E*o0L3WXkA*P~0o`6S8{c
zI|y$)nuENZ-HNox;}Ug0m*p4`$)LeARfoN*!&1iQ3)SnL?D}~9vZ7WObQ+Ey98Jei
zI>w}ba>2NmB<UEZjVXk8KzyeK=clQZ{PuOdO>Bs9QX<*tTb?DS#lJt%un>5MT^2y-
z_av`FKVGn?`(DAdTRXA~$#A(iT2Z@x`7;@yTd)pFpL5vf_MV}EZnAbpQ8a)=i*G+7
zK)`pYvCK}u$g9xD#oKF|71yI@7~cB;qetcRE#qUh{riEg$7buH=E;>q>fjG%Tu@g1
z%-2!m?Sxgs)I>=Jcz3z0g&Rhk228>ijzr9l5gMdg{1iyP1Gb(28fH&F-oIF(n$rY5
zDUwfa$&miUW`p4X&ex||>5~OTz0at+m683A{}kPle5otj`gPRE=`)fvVD(Mwsg6?=
zLXz#9CA<xKSxvJ!RFplu)7l3K{9DEF$;|bed1K4nHU=VqG6*-?6RxiLaxnYy(P6fK
zqY|$iIz|oSiv2EItujCS_H)+S4yD%m9O=M{5<(_Z*A}b?F&e^kdm|8*$(oTXfvIMR
zUZP!qLVp2+rr5cr1y%X!Y}8I|?!(b|Q9Re*PrHjE9y(3-Joxjs2XNk--f0&VHigMt
zcheoEp#ej+Z7havohw*z@#;i3j#6Ozv4Zk)Leupha2Un3KbmAEc+gx=V6^k)n|5_u
zQ{|kJow+q>t%}AkMH>Jhzu$sg09Um}efII0ZT06zdQg=zLJs$D+JRt?cxy+cc>eG1
zl20ghkH5NIWX_L^9ZyheqDp5M=_z<GBI|L;5JcWFX2giBa1|_DkiD_N16uAs!q;9n
zZaz7>MnaFw7shKCWrQdLhxu<D)}I-i4kt%<9a&5bQsbzaJ<U_dwd&*cmCGiJ63FLE
zV09CI6n`;kCxQ93MuGB4uel{N6rb0;6Xk(zu4>mbAaV)RWI{ZRF{4UEk3`n{&TUFy
zS~#N&E(Wqs4UC%Jmx}sqNi<;)&de)bZdEM{F+E@LgQzaa9#S5;Jx(+EnJ{eb6$iH*
zP-8m<87Q>%LrnFtzARf%n4lb8yae153{`<vx703VX#Rl|*;A1<I|#?L#E8<-ZiXCF
zr_OvYOZ#^IMG86p84^hR#mhv&#oCKe=xJ<3@cKkmW}0(nsVL+*VO&B@dw|dbY?i)J
zo~yF!WH!f5dSwUWocSyCr!YQsnLCUl`F&D-VsSt2rf|0=Nnhm~`%UdGdp~+e<tgwB
zKdK%2jfO+u?-WFSRy26n$O4`6gGaxL-76GCcgY2=mxIJBKcI@d+U{~r<Z#8Nr<yH7
zs%}=Tt$58x*M%kB108cAVqeK3-Sv?^usSP|8UN`PR`x3p=JEjdY6<C|Ny};z3nnTd
zJn4no@V|eZmk0FaSZ0gl=e|Vf+N}L?>7SM{?x*Fi9p{-KJ{N4AN+fx&|CD2?j;73R
z`cl#Z`YHTVE4dI5FOO&`XMJx^aIUjPjs5$a-aw#2NY?I5C&wkt5Co~$5H8>j#xJ(<
zG8b3{Ms;_b?%REEs)jh~w|b*=kIvGEiQqSv!GEEn(B`$+-y=l*&Nc{zP&fMNHj=yr
z3@=N@`Gi4oNCV;GozIRbH>W>XReL+YXjA{z^d5h?ee>Pok<q}1eqoQ>v_DMfhrgfB
zZ2JR~G&agP@G!lG#;ebt&!FPq;W*O|TwYhQYJt7+IMa%0vcJ05&_{I_M)rGm98xaT
zVV0g%ueFm(J)Jsuj7KphZuefZ)U^@}5CFeqAuxeqajF({_7^P_j$9dDODx*JFxj(W
zOQ%~Vf(W7$&U?&S*J||cXwHkzFXgU6zx_?Ua8sHC?r*a{^B1@R<Ot~anpN4i9vd*U
z1kg)7A;I_f7j{jwMJE|h!r$m~%>DcZ&{~$K!oV-T9Hx;A2Jmc%{YL81Eb+652R@b0
zExZ1}6_THQl7wm%W9JnCc>lZgrp6L{Zr*BaNR3YCWy=&zRL)rlcViAls{+2v{>T8z
zPOZpv7RZ>%kM}05dur}Lm@KrTGNfkfm?7xs4rI_il7((~J{16fugGI8b}<^M5!0<>
z^vculeRE9(pS*?**f16Nn>Ho8Ym?7utqLszs=(QTqi1hpj+afT+;0^7G@Gs76mm$)
z2|~_`^9&O2-?dwZO7O@2@Z@sb94)_}`urH=451q@Nqu<lP>6?E-8bG*9CU%>`)cyO
zuKhiA!R^V5Ar<us^311U1X_UJ=wnTyo>RdSXUgZNsP88WDZtkL^e4H|<&K`LN%uA|
zWpO)hIETqazmHITu^(3q)iT1kW`F(_WiOJx{*?~~Y&`Q3TSn<It^4hD9kKp#yGi;D
zVXU5q<A%~)`W4oZjZZ2#_4L>$&5nK0hWQw0r9)YmO(?lFD)*KJV>rQAxK4a}(H1o$
zHW~=tkM8q3p=FWBCUm3A^?YhL96tN&aAGbGV7odp>riA~A1m=xYmj3XDt2(U#RFNk
zO=m#&TaA0CPX@|4-FLv{zDp9}Q>y#v&%E3yX55X-8_cF=x_x(db0(YKjW1$;T^wWT
z6ZEL_;~Eb0y?iEn^{nH_Icb~vi-6U#8^N2e;V9EZw-9jDHSW8rc$^y?9VBld>zp6l
z)*tazRru~QaW(nX!$`!Sx$E-mll!s&oF|d1O(+L`^c(-PV6l}^CW`SW&K<k_+r*B9
z^FKJf(f0b{r>8CV@#l<TUy@-LEL5`2gTaK?XCJsmiF&@_wtmtzfwSQlHO9v_?(W=*
zKk{C^G*QKIzu&)u7Q|a$yP;sA=946uPjv=Q|J#L9MnXZnTGTL5Ne=cC4ipq36co)*
z9i_*!KNaWbP!MDU1qIpY8%oK_#KqOg%$b>$1@d8I`QHKJ<#GRa`rlDhf{TTVgN;Rk
zos)~5o0A9l)7~ONNkIw?nFtwjKbnlRxC-Q$`rj839`Z|&JM0Msh2AJ5E~4g<b*d-i
zKrMq?!xy^?Q%H;+Hk3097Y5X>p%9hk9>i|}I11O9U}0iz#YlrLeWBe_nE&iTML7Sf
zl#XAB1qNx01aA>!CQHNHll+#bNJMUYTLB7nAD10hckA6H{%~L2J*qx>pRdsDemI`b
z6h&On{5c^NU3;vB3^31IO(ga(81CoIWf{nkE!n^p{R+!P&)<R71`X`t%>@{%6Tn+5
zG#!$*`fFi`HW&Ps>ZLsJ?jhheie4`e#25YfQ8hx``A0W1TpbgBI5En(OJ^J&$@p9R
z`$x!uIc}i>kV3<(b|YTFfMwvEePDm4)zyFBEY5ToP6bw?G9J?y`dK4J!vBkT9Jd(v
zZ!|=-sJ~O1SQSkwb+<}iHKC|2T6qps1GP%RwNT?L!b_k*NqZ`mT2i9nNLL5#GavX)
zaKfMY@TJjkYXwEfzhQ}z&~;IL{3*!6wq*)V3$^bfRRc#p8AhY^0PqjfIJ_;yUwt;?
zJP+MN;!1shGS(o@N^8lMZosHfd|ngodNj|E+zOH2@*;Q|hC#9!J9ERQ=TPgqx}b^d
zPu5YNm7jHmqj@P8PzaC<PVxky-w!^2%M4?E)}7V{%A+w_7~1&aP}OSL^5Gx6`co{_
zi&irF<50cis+Uk%jIvT>7)>knj-Uri)Vxlvr`6jOP^1QGDL-QYpb|5M@@C0V0Qt^4
zW}hA)e;I{R&pdGsgjT4_Nr+)Wix>6R2|$xwG)3hT=qxA|A7QE+LO}AYdV7I%yAa4Y
zG)ZZVKt=`cw7p$(-Kl{5w_2J1)FQgpQMP`6tCv!>;!1)84x)4VHe_W`lq>23PG1B;
zXulj(fSYp96Da}ZAath2)aPlfY9h4JzDR+1f_y6ccEC~+rUp3@03EHG9mYmW&*5_W
z+`ao_KKJ$bgn4uQsmHe>xzxNjael+CLAH%iT&9{xPgHcyz56b+`~6}*)8N;tm)PA;
zzsBb5<O_nBNeO7_Tg+_V9$tqeh92YfGJGtMmNuoeQ!Qhldhf0v-`g}iQ}kS5*VCq-
z!IDEBnN$6buc1r%=nPUh&Ry_-8&en<!u*uSscY4g-!gA>T%{OJxIK2S;t)39rzg7~
zo+jM&yWdB24EQXMr6O<QNY)s=#Lt|K(kzX#Zi<qSPX+W_UA?Or)?FG_Ruw4mEFqXH
zimlM>ISDV+;I{z3Gm-2HpI|Os_#LIDaqZkte+JS$4%YW3)As6>dRK43FLf5$*%@cY
zT@aAy#HzIp%ZzTJCIE*N2q@Wz*n`}<Ndt3%8hSiz?ZBT-QIA3`1BCyCEgEge*%*x=
z%(6UKXW!ZsJBbkdp=pw|dx}Y=?KBU?bc)3H1~q?BXWhz$Y155)f()5MdRV9aQ;_|@
z9on;K^g~p4r>z~@`-Gr7Dez&LqAAi`ZAo(#BLeAAsS(avEYPK84`u>HQB1fRfFP2g
z^lfX0)#Ydo_1gibc~Bv8MP5$T?oE84mPM-^I>T+O?rEr@m`pj(nQ^1AQyMn8`X{mj
zAaChZyHPyMf%lY~5$qT$zPNfiGI`B?Q{t%ILx}zlV03IBpYng=RS;@}DqxF|hqq<o
zNw^9?a?l_WHEs0auiw!kM1e3Aysy!ZbY-}cdCEf}Q0!tw;3-%0A>Lf4iPWqc&rQu_
z3s#*uILxTehRn8~3L;dbJN4D|zv4rghq6nscp1|Z#8hp3lXf{RYBLyeg`M|}d8z2M
zlNII+%||xOmRaRb?gpKF`N*bRh=(2Cj^@$CI^~To&*rG3U0k?&$`f_+*r)r@YtrX=
zf5M4Ge}K_WM4=8d_)M<Hw-Rg5n0SI&u0HDVwaA(_#&&p~f>(D5L_+k_Mm+)3cn$R5
zFx3AIqg0z6VPnk7VbYOBBU;X-&!dB78()W)LfR_q)T7fq_lJg;L!|4S)A6?##zbLf
zsuR-W=@49BzIiByoeVlLg-*53=m$XkC2VNAW~J@BGRmlIo`aT?A2cE6!qr3t^Tx*e
zD0$Pz{ZY-w>viry?%$(>nOtw!l23O<!4_QLK#skGyz}n*=NG^C$64|YIdAd(d*_L;
z;N&VqH;`;de^zL}(NJctUFXO73%R$nkNC6d@BNb`rf|FvU9#HeMLF+dX~ewSo5DIc
zt@2VtytgjtWz?usYfAyB?Su?^zFr-JE?>^qGiHt4xA)n}zj+2}_Fg$V)%M!)jIP3#
zhpc=)L?;tOA-WNOqHGuE>sBx5H2MwNhCheb{}SqT^%f}Zk?1XrWVC@xzb;W89Tq?u
z$x`jv@@(M1WfeWWFT+}ycG4<vUzRRlxK4;<P^0Gdw?)H6S)fXvP&~tNL@)nT$@Vw}
zI0RToDW|;=KuubRJnH|&;%rsf5LiPnR7Pk-vc{<&C>@p%XraPZZ=ZzH+~yUjj5kh>
zcNdof{@mJ&_ODAKgOdH`h8t^)ty17}NRQCPc2|2l1d^s7AjsZ>5!#7`&E>CU_`tsX
zW*szp7~XGOuRE7S6x!PrS*)6E^mVx^ozbb^NtiEs=uoTYx~|wlMGo!yVZm@bsJp(H
zs?CU%ea$8Tt?&_`;7Z0xLpTt)#C4M;YDtTnJpcf!3xWS2CT7rYQ&Ous(KF;SBKR9T
z#XWDTrF|*Ns``>-G%W<yedot@px`FMKH=aru0;&%C!t6@N$E&P2rUW{1%7~rU61$!
z=2&RC4E<pE>u4a8=L4h~vM_9|MMMX_#_;^o5t@g^>?)U|RXK(SDWBhExunZcPV!g{
zxr#c`dK~Z&sZ}YBHN7RVclZ#YRS6np#@Xvh#FlbZ9@@j_v7>AIB$P=fm}()6cVu?{
zYg4rer4>0V4>byILTN~S3pGUd|1@Zt(vT>GeYN5LYOd9R7|C@@Zhua=`xIW|&{JY>
zr4`39@bn)r{0tSXhOwXn|6d#W;iXD{Or$F-wOIyISm*Bp_g-Cf_RP%h%vC$f9!BzP
z;}ys3z>#9#LTc4AyO1n?D@{UJ4zN!r_ve=0dxQeCHbz7SlnlY?#dkXfo1A3}N`ZBD
zXf?1clB+MdF0I{0Iwzl{^>XI(ikjBinhG}gg&X?<alWzp8b(rD>cy6s7|Sy?xlT8V
zwS2)Bsg#?g(@h&h^O)?zP)WimSH|$9O~_S$(QgOUR1@)4)pS^C<xCpd8LuxCsb$(g
z4VD@mo;Gwhjv6UHWs*MVm!t0WT@odRZrhnoRiNYc9u3UIhb|<y4HBK#xaN96hwZo%
ze-m0viK^3b<=6WhMHw>vv$RF>#OwE#sS2~*_9b9)H39!sF4Ay7tWeBpT%EKBx7IC!
zc;c&W!K|rp+x=J*Mlr=%KuA+8qD>1IO(lvGea>#9nX5=8;EE+Wl<W_T9DZNIxyW6M
z#-b+bM|K2_o}X=A{SO)lR%rIEw=-526U)?>?EG4B9T3<<%T&#N`n<z0fX$RU%hih0
z*LIU>Cj@1S7F`vyW2Qar75+;ZPvj+pp6qsJ;Zs11=E;O%lx|yJoh&e<+C-opP+jkG
zm0$Q`WME}~saH<bkTGtx5tp%r>JvX2thF#y^f+DRjsDNT`M!>5rJ9k@;|wvdN&g3S
zd^MPjCI#2&ukAqOqzJ02%_6g$3kAnjezw~u5$qpwl1HMzknZLyQunvKB+I2A?37+%
zu7gVpKDa6o*ao8mKC20GM$3&GawpzE(5pqM)+wP@T~p8IU1K+zg7fqf+M|Pl&)jlg
zC3;6#W8#@DjuH1++oN6r+(BQc)NU*W!Qh<t9@jPpNp?dT;JJBH;Op83kTgRavT`?p
z1GC9~io7cjlVQ=2GJC796|A7~YRUKHzKmh_J`gQ+w4fQ+a;2C4H0cN#5<}2wsNy~7
z!X`Ac^)h<Asf7pFL2nMO_~7=nSvGdJ<gr`XnU{K=fusu3h(un%CIxBbyHnhzzY($D
zCYSQU^dqWft;#dW?0VpoNx03IWQjHR#?&ACJgBD|7}Q86evqk|rpPgx;)?K}h}nQG
z>vWN2tcr(jrxvbV3<Pkan@FVxz-;K0F9P8f#yE+nQ~C+I48}+(%k;!y5^01xN$a&?
z>Kq<iM8uch@#L_l#a6_078r8ptI@|62BkGC-rdmoET|xHVb0mBv7ej$D}2Wpe+HN}
z40FGh`LyEpc|j|@arT67rSHV1^sF07^3#?!vaD~IxRS0!s)G1SWM4?|<gxj1ulfgm
zw;qem@z@IB+Fd~f_TlL?B}ZOa6?Kb?0_}`t7M1o#ZQ@a~S`@5CNXekgn6fvU#eUTm
zHKweb#_O(JG#OzbA8nm@d!E%xeeQEh2(d1!+PG=`nmD>-Nhit4mQ3mwFN=6nciXug
zLU^$C%a$=Yf~e@OPUP#+k2yr=!GomkDNpE%etgMeAS;=8*sb*uKd3@AOue!!YaNhE
zSqyGS`4<}ci>6JDr7x|ID`kdoqo$hD*|<gbV&SG?E@fcPtelmjw8-)Y<@uI=i%BD3
zX+Zz<u=T4CaEir4u^>ZN#5|M;O><uFkK~`G*6m0e<yjZ1ll&`z%Tu*r>Qp72b58YK
zMuvk{09>K#8=NEdV4;`pNt%@yv%XsdzicnX9Z7>8z9#tdabXZ#{gojsR%JCw!I?ns
zS1I*x=2m&|DUpW%3K`;BY7xsv1pc{b94F|OKj7pGraH=hl@7=$;34SR@2F;s6eRu|
zMa1p>F(>-&x4z)D9a;Wmi4fCH1Z;#>lwqvq!wfG1j<DLViK|NnfqydM$=@L_N)cb#
z|Gu<oBeBtJOA5KpU^rQn-T!IVTKMvbS!dbnOJg2OhBC44iSiV{98cPuqmW^RviYwz
zwFo+SXz6|jp6K^>{X&TlQw>d-P>PP!WQkKq0l3xj%o6iP7|sK4RBTvy0H+19muUH%
z5%ax{ZRy#>@sBcqY;XmXAQ&XgqWiD*QpQ*F(GTLfetdv1@P|k(3LYUR{~re$5fSl!
z4)lLl{@)KOq~UDl;$mfQ;SBV!v)%h)<GjNI0Vdt~Q5jVkWlTh3(tO2y-_yea&@uJ*
zx0&gUkbZ(_YN!XNx_zm|*p5C~t_-N^G<qZUrA&N#IR5c)_-|2&o9z8In!ugDbrdXQ
zlMdNe7^ltDGqqOI{GRK^;>p0^$atHt^ivtOM|k*GDbXRoYhspyhn4#a5Sv9M-@m;>
z+&|1ihKJ^u>YA<U*3E^Ut*O24FHn2aOhfdsNEe9OJGnh?F_O~SQGL>Scs{C>3jpT%
zha=`%T%Kh$o0H1oonPxFtsgeu&==Jd&If0kU|j_k<2tv07)Ux#_8+XMnAD@+c@KNW
z`i0|CRJ#MCiC+GmkXFpD-D#e`^m`>zhJ1gbA=jVz{pw1dwXU;(JEY2cZRMx!*fA=d
zSY&}8QnQ@M%W*NtYm!<4MSvQBb;r)k-M^5^tw+hWXZwEq<%9D9>oB!v)e?Z7j~^M5
znb~)VjUPD=c=Z<ady`O%-V{G~a-D*HlboH{&%N`{bwv^<{<OI&y1jiDxj&R-vg%Aw
z@CR;l8XP!mI+Ubt-KRSQ?`#xxv3rH?t3WU5Z#shF&np|~z$Uvf`1tvdNszjST-j`o
zpu<o^^p;F3AKg$c_3}2lwA(KAcfl7RW^vdPwo~vhxPPwdw$wX(#<4gIcH`40<32Q!
zK)cAJ3KdP?Qr15tBT{JO204#}N`uu0pDC2$cI<GPnmQ;@&Ca(5+^eh{JD)5WV`x@t
zq=;?J&VI#V@U+ouP$M;sCplYm+h6QB9t|_8_<!JX*&SD6z49inP3E=DVLE-}mel&|
z{U}QFEld+wHfZL3k`5{NAg#6>*C`{t-nDt+>gob+==axiA+i_?F*#gyDkpF2YrH+^
zSJEY7SdW#sg#TF+!cyD9hqJ$;yW+zs#*D<PnHGj`jnuRFCQ7Uvc0Qeu+xOk{cN>gp
z1iXton+!m{76t19!1a53o0D!}?bJ*S{i|?8?V#?$2ST1-rT|w-$b0JJb(1Xg?jg_H
zztlAF2fWb4H^Mf0_Z`)~L_n@7Dfy3NQ21>Fqv9zl;)qIvaw5X3G#hEH6EtzXUr(Gi
zpKpT)wQ6!YpEASAA?w!wBIQH+Qlm_jivW_+I{Z>{ct_K8VI|yuVHSOOX`yxvpC;}X
z?MPc5o1A~1-ggl?dO%6-yiUxXi}vLIcwuCs>wUOd*a@Hahf2k8>c^d#j+f=PnG(#W
z_IvS}0Bb9ko%nAHIeEhoj66ZfaZh#EFm%6>NeB9!B7s{#LC`_DyxD^$G(||TD&4gV
zcWN(coF9@2GZIC*)RU?=YY|fA@Q)0f3M^k}8=#=^5*Cz5@T9I7E!Q)tENA4h^WvH@
z<wy2`!QmbI8rPx5I>?7xJxC_qO5uI-W5UZqf!1gyBRoC2mw7=gQr~tfbw%V-OHC|n
zgZTnz4`|m5{q)D6U1+qdCl}c^MmPd~&ip#mbW|VyX56>MX5j_xDE{+0DXkK}Y()-N
zc5x<s4o%I!USU`IZDC+o!^fCP1+j3pIA%&-Gb_P)7>%PqPit9vFVlZ0RP>^FJ}>TT
zv~KiF%<PbSNcT#>o@CaF8+Ixl+)sa~!cXMM4@e#76g{w^U$66Wn-)Q=lVQsFa4Nkl
zWy}IUFMpHOkIpBunGO4Q6T#=CF6<MV{Sbm$!oBFtDa^+EOSzDcto`;?cwvoeX=W?@
zk#00dPoo@CV{^}(G7%x?dC`{#S^e4kR~^idu8-|K*(zK2GB-6@RL1>b=}nJGiAQ!A
zm=!C6?9xn><rpm<aRX&Piiy}5VcYMK>&q$kN8+po0Uj3t*ULZaG{xVB_I9cc+Ql2`
z^6g97F9aFQKT0&T$B_AQ4SaN>CEvU)*bs~JuHw3$pBy)z&zn!_!S^n|8wZo;D=9Q$
zxwTNoM~vrKx>si%9^5w52qXvTfCeQ^sIyJr7q1QO=)98lpwP1M(1BuE1|62xg;Ogz
za;^c*n*pt$d2c_iqq^nWRj=}@XH~m;C*<9;DPo)1i?=@}$BH-q_Lu*9HS5%Kx$Sx>
z-?>DvqyO%M!~S*{!#IgfXlsF8sor^BKijkPRBbnR;Av7Hh$h$kEs-DY#8)t$m3gbj
zKJ6o9wwg<mhm*;65p|<1blX0*tC4sYlPksRpv>=rqn!<&D`(VkCam!cjpg<-@tapI
zRt&Sh4E}@UK&P3;@mnD9DJClZ!lxU(1UI6#gV58<@PTp0BD@Nwt5(Was$X-UkA;D$
zpyo)g!v2S<9ZS<Ov9s~<dOR14jgeVg?ePQ(?CT}?!PWuqCbJ#jA-TJ*=t(AxtC}Mj
zK+IPsTQpl1^;?mfXct;XFezW*jDQOK^cdXp(uk)ymp|h3*s6BEgmFCL2dyNBfOxXF
zk@E_P0VmKx0?YpkJOAHSO-Ljf%FfKi=)V;+CQ&YKl>#T^;SD#1UuTS}$%JZ^%2nBw
zRh^NO$`zltr?7!b%b)hBo7uNWfwsKvQ<wAPwi7+sq#bq#vPqGKSvVCAyeR8<5nsyo
z%{kT3zrka@JOh1d>?E6oW>MZLWK9J9@~_#kBY(Ifk5^>n)Yp;aNDJDqt>dRS<)sR&
z4%VdaDp37+7L^edOH^G}#8*fF6E`HWB`71yAtzq5(Kr@L9L7KYU`i1HPeGR(O0ey*
zbA(23R%ZjnYnmoi+KV$k3`8;N%AieL0+mop?nGBLxE}b>zZ$lkbsXfi9$QtJ{&GkU
z@JW2O<Z-b77CG4w&~?&S@wWn}<Y9ZB;Ps>FX|L&qpb|bVc%IFy*IBLqk!~!UmH09=
zpAzu^ipC$z-%xaw@|lDNX*iLj$PwCs4te76D-9wA%#a(1QatgiD9@-;8;un-zO56k
zF5d?<)Wx_~#dBM4F5)}Mu0#DO@y?GS-+IX<>%{k<$ro&I99fS>uK7d(f-AEQf$vm)
zCE)@BGV{3)oAoZa1Amd1+$BG7#zdmY1aIrM{l~ueoygxY=gy<6T4kI5ZK=Ts+E7%e
z(IxysjbfzUQ?b#j^U?VX`=9dt^Ls}Jp`oCdKK=hG9~Yv0c?mTUCK&}uW;-K$D|0hv
zm;auG&XiI6EEb&52cJl+RqLLmN0<@n9peS<LX0gIb7Lgbf94q-K4_!~5i4bE>M)s`
zDdT>Ev9)my=Q*q9&PhSa*&CjD7#%Tl>dl(Ze{OsQl63ah*L~ZqLNppVxU`9gA9A>A
z*0Z_M`Hq5>zf9*Rf2mcUxl_4lx3(>68h&{iCOK+!hllD+be$bO=y&I#j#6Ha@nWvb
z^g*W1{l!~qCCwqDxmcbs{Qt1_)=_aZLEq>uvbY68aCdhNmV_X|T>>oblHdfFKyVEn
zT!IHDxCEDw#XY#Y>s^v33Ga8#ch5cNzW?k@cU4za_e@v)x_V|dv7Kn+bb56M+hVl4
zI9a%%0XSj^v3jSU=A>&EwZ)9|wzOlc>G<v1hbCJUZdiDU#<Mk|^R={HQqZu-=U$gq
zZXyhM!>jxN3mI^H?)+9eJo;#`A8PJFVJ6<y56Pu^f1Uj*mcUjn_c-gh4K3nM{lO5Q
zR)iSSmqHomS%-!8fm^=wg}vc^T&;dCR?9bJ5z@D)9`;tO;OjgO#2MIDCbACqVc(U8
zbhvUD6DHP{wbH41EP#l4E7B5sI-=5xOg>{fZvP@a^Q4zlS@@#x5h$oX-4IckwBBRU
zunj48o9Sk+Xd$vmgm8Gb(HW34nj!J!6_SIi=|affqdvkhM3p)oMT`V;h||O_io1qW
zc1ubc1XI5FFdcID(r#(KRM=ro-@h_j*`))h#nmY;bI8?}qmB7#l@Z*)g2-~HNx3YC
zpztHK9<-8@UATjanl+E;-w|pApGC(wD}wK5RW*PQ5$BWxd>~su#D2kk<vT@F?0A+i
zRBBVgGx@p9tJ;>a_&j|>cE2lb`}E2Ejc56Y&4dRA02n~}f4lKepf{eOt&M}R&9B>S
zyKyp{QtD%_tBAaqOBP56k5b1NLQO+S_(jEJG<3~3C_gEwN$R^fm$OL{KC`(=(};&2
z#-#<zCGl6%^x+#eSg!9UxResHAwl`U`ATugpKox1w4WKIgNZboDEs)=)bDotW_Q*h
z?kBYxb6!{PWutksE^e$`8*A_OcapuXS9q7M2b!-=?hXrA1_lgx?pEFS-!&!Ai-ei>
zUD4hM{E(j)@l>9>IUP9KyiHy?esgd>aC2;Pdp-c!PF`uh_B<Nlb=tJ;w~bRLNo$&`
z_MD-rPV-Fia<#Z(%W?da+GKmzNAu<8_{8F}Zl^s~4Q15x+GO(dCu>B_QgY76%h~p0
z^Pek=eLIV{tn*D5=f}tU1JgBWB3_@|abs3C+qKnjzG>S#C;yz}nQcGX9LxUtsWEka
zaHET4z8vXYz0^BiucT_|`y*8q4tMTno=q0aNgI$#r9zCti!8a!kXL9Gvri_6_;$7+
zfn&wcAMXTH(!9d4oqj5(<ltJHd6kZ;o9)@-4a0QLqnc(2?|?}2yBbUN!uslFadTqD
z0kx38v2RSu(?hKBeb#ClKIIk3+lN$9wtYitn?u9PY3d<)7roNLAv9^Swx-%2Sob#l
zb0J@91irc4en`5m#*QK*fyLObS=q5(?AlsTzdPESyLo!W*POijh&2g2;>lTrJmf0X
zh-449rr1&}4~=VT<0jKlIlVHjq$0BuGq%>PK1qa0U49z*t2qYnhS8ldD?;A6<|ldR
zu1&P3hK}Ai&FCbS?TKA3Ld-$lx9g*3*QM|Db8IN3`bim08(1;jCSu3Hj}19o(?4JE
zjuO|ZkycwZY6{Qm#h)l3+ug3{H)(w@-Y9n6CR`)jp8Bfebl%GyQEY2RR+TVs^RmP`
z%A(n%j%Z$J^L>%v_Tf*$E%SKS!g|)7rf`9c!^_UQm$ofQLc+m$Ur+b@<ZU<R5+X}8
zs&A=ZjsCRtY#g@ieY1VAbJ`X*X4}aNnRIs-N}CnFy;P@8tB#jgG3`C8v7KY)+75M*
z5Ru;_olK6(?WQT-P1bAnIBJ$7{TOjqA79pRZerwd*1l+-+jS`q8ExY#sX5TQHNG9n
zn)lQhkeJtjm{q@q_xc)rNG2jTk9V<Q5j-eznkwg{eT1F7b(-a1dadtSN*L4m&BB$p
zaqkGCTYQo~n`I*FwIW;CpxCBtw0qW<XZ+e=8Yizi+?+mZUS7R$Weps@{eqd}<lOb(
z+$CQopeyYCYuVEH!gpCMURSGED?2Caq{o1-3B<f>x|VAQ+qjKKr%TsE5HGjz8X-p6
zWF`*}_oVrg=<&m)Mf2mckgF|m4V8K>+8#*tU6|*&$nDVZkVvR!$~^NNv#`6n#cp|=
z#9+))+A8TM+dTc<02018HeM-SNptcd>uXxe4)Nzyb=RbKHzIdKcc*%{Cn7h2UN@z8
zUuc}?cAEHI34fH0jpq%?ze;-F-?{p(x*+~yyyxr$cKUWgpma<8<3anepX&Bz7AbTu
zL8K@bgVfn?wcSB{>-B1Tt-IO9?a<LAWbGTIYvl+suy}epu!=A?6i!;1B%mk6yc$8-
z`{7e<=`Dxe1}i%wf{0gReX@wT;>`zIugj7S1?tK3qs1hXtDYDAyE9jA=%d%v0*cTN
zzdAL0*f%$%m9j>v6@}#INyq97#o<{Rxqo*%n0+=>+M86K{REp@q>;`mTN7sEfGWT_
z<mzIH?FGFYd2d(V=ppN6PuI%M;$@hJwY!kVNY0JoonSM~=j#t^UO!UL<QvYF`8kRp
z10QSpMr&+u!`QsI%Smk>_uLc)sX3M86>iB!Pk+lwULY1!${Ci}9hp(nLh6&!<&H~A
zXr7V|QzKWNDed6+W+lgYZaY6CV@tZmT}AX6lC+n7HOH$Jpdl<{8bYhX%p`T&83!r0
z@%PeY*)?Z5aQE7&e9U~h6>zJxwWvliiFQ+SQF37=6?fsdolPG+xxL!y>2?&B%s}(_
zL%~vBd33&n0x`AMrSZ+kDNuG8;pW@WnbyLGn>f<Eq+CM?%xnFz$5T(g)I!K+q#+xm
zTklBMV!xaWlp~d_VjO*LQfX2n)f}+x#Lx<tUt+ziOPZgiKA(zQnC3Nx{u9o|;zyew
zL*Z2d`+Rw!Hv?u6^P9ozH+5RqebH(mJhK-=LlN>J$)(KiJQ9O(&~>!?hO{*&GG}LX
zUJW<7R=5ysO-F=yCGJfb@V|9`&AfZ}jMp(~D$oqU`l7+Io%hvjOLOhXmnM^OQXQ=s
z^_UGy-SWT<?w!Src{es8din;!y?A-~%9py%drqFu=Y@Yhb8}YPBCWRZ7&H91>#`y@
zaPw9s4f@h#)~A#okD5Q8U(eOmmgqx*XzF!$=dQKh*+aGt{cn#*9IkvP_oqv&Y||HX
ziS=03k}_6>A2+;hChEi`FdeTCF3Hvu=AxQ(D9TRqx!6%Ly@=?E;GP%sa$&M`#E_;}
zK#tuM`#fK=s;48<2%GCo4@OQ9pvqMOTX-jw)6Csq!jGjSbEhMj9U7QL`_RB<_u$8`
zvaQwOpz9C9N~8HJ@zcRe@5s|@MZFt=T_LKMi2pz*iiqjPj>!NZ7tOy@*;s29-h!@V
zo9>XvzG7nPm%z!O!6`EV^FZD7R+wlYo)#p#!?$)nS~p?&fO6j03vkebdx}GuJFFZF
z32hlXOi)=6NCpk0Ok5P~12wNxbODDCUM@9M*{+!Fg`B>l4O<zsVNARq_PHn?g&Y_i
z4pV;&_P)iw4?w1s#LOiWCO|YJ{yF)%93TLU$tCkhzZy;sEkJqy)4hNQvws4_0Dnxl
zT=H+%X~ld4<45L=7-H5k0%n8fMQp)A^=+ZILr(c>B-h&9hRGi=TG!eFf|{(0F1LW7
zAH?S)hAHZ=iNVH=C)0`s!v^n{{*xUU2PQxlJzzlyh~q2volVMr@(~|5j$Et9y#S%i
z2Lgb9#(*Cn2U;v4^NzMWsu7V!$B2f2J8<*b5hXBz;r%wNldpX!pR`5A*MfL@j1-?I
zePD98vodQ}P2h=pr#*Gf>r|%bSOhd1#7Ju8<A?-~HLM-$A&g}Q2Fk85$~UP$XRA|u
z2gtK2U6n|6O*jH5BecYJrM`Gyr`%Zc6TR=*4E>%rn<-T&UZ^cBW-gk(P5HBOk6bQm
zL_Y{X6crP;0}hiDuNh9XA6~}5?hxO9<2fEKxy;F&(*ctt9`s9Jsce1+beI$}`nS5+
z`o8b38fp`{w|5NXS2Ov5kG$dXC|bcOKyb<ZIT=v$dla1Cml^~lQJ6>o6#z*f8qCJC
zNB$^#6$4uORf!0#Qd@zt0`6OgNjyUBBqO3S<66T0_KrFa`Z?NXz;Ik3PCPK!C&6vW
z3@aBEb{P)JoDvM@SMv?@NAe<7q+d<q-y(q|n+wF`mrkgbbRRf2vHxf;J5=6ChYON`
zv|?~Kickz(pj$g7s!XyN9wx{is4tqZglV!*1JP+;X?)%0uU2uIivqoH;9`^%GC9<a
zbO8VoT-$T9r))4j`<RG(+v)fXjXWP4%9i0}bQp5WmbqQpQ0KlA`hVH*5q0@Bo+*#m
z{c6Y%4CMGeh><<T1YNO{g^J^GyYxBy8p5_@4kqIb)MO3-yeLp%8!5Pzuml!I@ZC4U
zON?{?9RS(eKwbfLu7vn^0VaJNA-FZU5f<kcKLF=O6u5QL>H{O;Dwgm>8ZV`SfJ7f;
z+Zg^C(Ww=PEF%sG_DshMx)2Z@hQSGfK~VtU0K{n(TCUyg(p!=qBOX0N^5ZW2i3M6+
zBSS@mZS!U$>wkj?yJi1-H1IH2>HMV-Y(3CR5B3Q#<iNb}DeK>m@X|2Cu_v4m?#){)
zOZPsw*a8M{*1+7CVbaY|knz&~8mI`h{+#Ha^~e*E4`?m#|B`}y4fc7K|LYb&Tm;$<
z=P&WT*V+z$8#anYq0O-oK9H(m@|UQn(8BST6yyu@aq_QF9GtR#&~GaNbeZYi#yrqL
zhYkt6C>A_CQw8weeCVJD)6ucCbG$3fxa+)b%+0u4|FS!$7*B=j<#qK`qD)XU3xR7F
z_iWVYa*E$zaYHce1Tp(+)<lIAVk)}U@VyR|(N;8%)8T$<Z9RX!cJC&GdDT5(97Ty0
z5JvdP99i0ph(_urJ`b{bqo>=uuM?T#qkXS?vA!Iy?-?#RA9RfN)|-f|tB<_Pcp__0
zJbe58Ei8W}mCGB>dLX|pCciEpVKhZ~tZH42F)T*8k008TzW04>VhDsSpfaEpfRN<_
zTD-m^I*&IR7<K}{^ZF4XOZ#^sDB%~qmWt=~d+Q5bD;E({dr!1KTts2eMsiJS^tmz(
zX+FPOdZS4gwi|0iPWu^cSS<6p<!3A3<n&<`3HXqtBdi16UgHYsrqjDv+_r!wBpO6{
zP^W}pR%c3sh~o7JbyA(THx}6diIzv>K#oAuekn}sW1DqEm{6c$czc2rO$foDjFI9<
z#ruOGX5E!Jr;m&C69Y;r#Fl`h3cuW1RP5ck^bb~9_LqCyvS#7C)0<F_RuFt2(0)!K
zr?kCB3=*KoWNB9;3UZSQFLQs<ih+v=Z%acq@&?fnA9ssvgbfis@0bi{Re@}T9LW*i
z=}3YK=UQNK28Pf6LrSa6`r|jN99H`g-T3|{GsL=J`d6j^G*Q^^04`e4fHB^&;WPV8
zYTh-C%b)QxO$Zq*{t8dp(_<!fyvf&$x{dK}{m8+Hcrfq1$yuYw<2T6`z^FdO=vI!p
z42ZgmZ^v(|1!y%-+mgmFH0|+s;ljI<2D|z>99^bVn(fUH2JCPM(%alYp<nRr@xu{7
za$!6WG}Ee06<GOHY8Q>VV_WNYF5+7=j&DB8O?RD{T`~EvAAfU<dr}PkNhN~AM5m!p
zM%0Zumr_@OA|^_Mn&><dIKZ>Cb3_yiG#15Ipm~O$K;_4w!3Z(};ES%BMdCN8vXj}v
zbhmhr(ZTk5bCCC<&gJ6$W(LLbQyPP86|M>BA-fJ}=ts?PYTlsq)*dsc7X?Gd<JYjH
z!=r(0mr)3y6rdS^pfVlUZzpy?TKCkCuiv*aL2G{z?bHa^G$Q?e^Lc|p(dI@7f6D-H
znTf$B82ux)IuZP#fKhn{e@VWVVOS;(`h6_`Xn20i9DhW&;8{ieRoV#-LH%P68%W#e
zkEPykCMf=?Xvf9>tAePy`>%?nhbjUesNj33LjQpZ^#3m^U>>NzexM@3`+*9$2P$YD
z_5%1o1=53F$h17@#s5`>{{t0NR#6C&egk;A2yg`3wj(5>Y|hmxbe8A$lPL6l5^bEM
z4x*|?c_M_qMtsRrUM7yx4d5{K?q85i!9F_sN~T;r2MYk@0~oxK)7#QvPKRJ$z^mo8
zAeX@u@v$+2iP6-&A3y0wh7LL(J{q+6_e$_%Zmk25O9u21aEM6Y*1maDB7zsF!3zOQ
zWV6h>&OJ1VOhsGMW2_;WpXfsa6O|fkjDx)lyJ81Yhujv18}o^ZH((|0O@6c-3cw{F
z?^k|yryi8|Q7%nVzBPLJl7=(x9pQc%6WpgmbWD4-j+PX{AbuhPPoRN!0!ffQR)@--
z^%{>@haK7Kbr60-SS_1ZDH40DIOkd=2kw9<awJT)*(+pjm#a6>GXOobB9oRLWUGy?
z<c&iHF9}pSruw#k)**J!2qg!9%EoK(;DgrxA`i#l_|>2z+&8-?yG0x9e_Z<23`!Q4
zS3>P5Ao?v8CYz6d9{gCCPpO50D9AM<$Vc@YfCXE)uO5()Toh?Vs;+L0d32<g=E#`g
zJbwq*>CFyC#WUnI**EzKMtvFqU}uG6*PtgPG5FCs9RmwJg*DJcG++zCCo=%q2F>x`
zZik4YW)8vNB!mEP0^z?c?0iQ#I!hA8dOE)%)Ayf&S}_LuPU{a1oI@x6W8k_}aO-r2
z-|udF;|NKyy9geSTsP7vy^s~@pC>8H7vww%cPsmHT<h^^={pV{EYwJ>PSiQyn-g{#
zKEj^m?VA!(Fb~ZA*obQ@q0V6vXHNt#Cgm`t`uvu<{R)a!V%ohZu4#SmYlb6mCKrm^
z{>SLP;r$<@y9;_ax?{8BtEI5?=orDAd#2OA0NR!hes30S-Za00!ef1%`D#y1oV<?U
zrX$S=p|4NkV0k<MR)eU?t%O0&PTt9%+m~`LQ|)|Elo~CRE?DeBf>3698=2i)FolF4
z0}>(6P4=r-y!)ld{S-*NQORJt`Jj$cQ{diFlF|HBq+9ZwW+R8#4(#yBv?Wc$M_cT7
z?xa%sHh`7LX%OvTX8^qMfyu4f-Ahk_gV<o;j<3Go5nL&V$B(zXi-Bkm+gm066@%3Y
zDhbEM!p;#8UlbGxGy)_ZiJ9!@-gu*;7Xvw<YVC!go}3Xt=J(t(9Tn=GQ=&Nh&gcNW
z;6~KH?4RHS5Db7uZINPNNd*wpZ%-+KO5jBCw|fD<L~wPt#6czK;Qu0qOW@Z6@yLu9
zK!E!R9NeA>Lvzjc6M?n`DPbR$M<NhS<{W{KwG|gd@<d580DoYCT>15Tq`Q_c!zOJ}
zv){dFNn9<CUp3cjZRU7cPJd%`TPulp<v1nRq`uUQ3NhgF<hteL@=SQD`&!-A2ZCZ%
zV(95}0l)f$ytiffjdv`Pb%`l-WiY!fhL^rLlMg@z_{Fq>_j5mZ1Hk}10LWX66BR6m
zcz<?Zfm3!2iwb~k0k8p3p#XRp_`4ba8eqd~=pp{y1PK0)3Y*aJAFaU+Z-1FXX8gZa
z0Kba11r8a0;BO)KML_PrUu`fbM!$qZxygLsIsOQYY=Oats{AEG66}Ne#~!LOQP3ZI
z9%+!l{xJuMDe{j3SkOO_-mU+{fFCr)`(I~Ycp#ncfpqi-#<c%4=6{JD_)og%gAv1g
zU<}*?V}K~jz&0@F`*ENT=!&ok0kc1q`Ef77t)l5ChNYUq3w1Y-JkIB;+4DfkC%#c(
zOjg4%9Nzu-WSlO2s~y*kEZzPlMDJk#MxM-wS$l1g*fuMI&ZVrGunR`*%|*{?w{QMy
zlTF4XL9Tk<VfQYA5JSE*#%>rl4`M_l1_%W#wYHc=i1tv$1UPz3Um7cp*vB5QNfe${
z6P?&@^L?#5(!_WQbr}Ac80lMy8_3hGm{vd9A-RWf8e6b=y4-o!NGYK*3k+vG3;LRf
zPgjV^R*Qms#1{*n^~<VBRu5(8q8WJJZdKS&AMakJwcxRVps<#yQxZ?0iJ_ComEZ^k
zx|Ti`MGYa#b+fJa#C?H^U@#bw(3&id40Y0&*fR-O_Y2&K1mL~5Gtg6NseWsh-SP<;
z^XM6t-$@CO0)(3^+W!;tNC+wjz%CjZme4xw<HR%U`X$K62VK->h2?(jh1bBmwv`+L
z$NQ4V<d=s9Dpk_JKb!dP+#BZ&G$sK^{<!@6nAGw&)OAP!1s(o`K?-SPc+0ncOLEYO
z81NuA0JH4=(U2#c{*s^y=3Wr~QLrwBJYn{L*7EW%DJTYpXX<Y#O2H``{_E)%v%SN3
z{zL&RYH?&j>xatz{|cmqx2pUba`@=MS!jQPJ#+*fstOk7nX-PPfD9q%>qQw^$32^V
zPe;Qcf7b8G<I>)md{#k`2J1i-Jb7|`^A5Undl!`saTebC`NBB_&7kubAMPnDu%cBP
z2ZmfwvEO$2DZ(>vOfon`e!OQOTMI;gXxa=B6ULtih1{=34DMN3B>a6<_ZLhKm!%h`
zc~`1r9n<{w>vmb9kui@tZmRWRI_4r}f5W9t))1Hmpe=Zjk8jS3?G5H?f}r+(?8#Nu
z;8WFaw(3Wv$Cq-Z?-?YUVL!8tZ?KO`QEY#nn=T84pKP}i*tthS*2`fRum<Qs3C<&a
zt-tSAEjE*VwK#BS#YObvXdTidc9FXiO<rubvm5ze(GbAFV+68|MCwj?OL2q(4gara
zS^;dUMWJG~I&7<USM0ws8~}D6gTvP3X;^jyJ;oy}zZ?!W&?{rGOb|5j(bdInLSzV{
zW5Wm1UHU9?6zw7i9Xo3V7bL@8L*$!d3tw#!hov3Q#zd%oa)nK%($wX)UBFgV(+m5m
z`C??Cw{eHA%`dBab+B%L@O0D3gDDPUi(O%Zp#PMZ8)QKJ1P=_wnSsF7{iQxBuD<lJ
zDoVusj|$8fxmu@OQA=2|m2YkPFz-6U$qT~C%OdIlH#nznp5zWRt>0)&uy`vsj`c=x
zxB?9ZgQ1hFD`yoWh`;m8k3HM8H7FMQgLZ_`A$UZL@CM#^WUH^C1L;VFY46anph5qO
zgS@jv06nzT=00}@VDA!>VRzZ$+wKJO-aCYrgbH?({joO*_vN5_h-y#1%CWuaouE$!
zs=y<=uOsR}6`o>N>n&3P-DAN1Njy%>=Uy^~ECvLAaUB1#w6u{1wMygv(joB-mFe0C
zuPD~%9x>W8bwY`utz5t5Q<9tP<K9B`5!{=9FAWyOiwy+%tt;FYFY1>luHV)fvV(AM
z!Kf+vzW<3ro$I*Efu9l&b^MhHVL`)zWgo#%fEkX)V#bdYtu%V^N?61kTq06SkL0x1
z`Z>Oh-iw2hGA6ON5zR#d7e?L{A&8&R09<lcfN3A|IC_WkbL$}TuYvNw<8*oF!3NUp
z@=kc-i-#+ApH;kJ3c^G0NFinS;~no>72?_Zm4dm?_7KiCH`PfZ;^4E|nD7F=p}@dH
z6E!KQ@MU2Lzq2$hJ9J>b8vXxD0OTYEfU^DXjF7K-gm0_1f3xtA+JE_-t4uH%&%8bk
zBGmaRU~*mK-aB7#D~bUS9nS~n$ur~$D~xcQ1TIt%4zz_G2M+37H9=G60^?>*^g@6P
zzT0K60J0ji2%`^6xrJ#3UC7VeFXT<e_Hp5rP7;S(PIds~oGzS}qM)Xy&?Pr0lAqKF
zoQc-mLjN;BsS`SxpXJUcO}|O-=dMAa8eL%S7JQfL)|%}*Prm@F1=_Hn^SbY=ZSu)`
zAHive)`KS&p0*bHplvT8@YS@s!bEQ7L?UYowFmYuFmL}499ez!5J$FblSZ~?aQ_Da
z6I<Wm0F29YLC}?*cmD-6!pg&>&XT}#=yx|{30s-4)C}4GViiq9G+vMf#I}~)gJ1xM
zgdgf_Bml=m+^=N9s!Oa7p*K(oWCMV%1!3~}=osK+&h^_cpc!>2sI&@4CrsGKu+#Nr
z#{Fd{XVTB-s~k{-86L)ieV@D%Jm^-=(z~1;Rbsu-o@UV<7IgM_T>x=9Y$UidPQcAN
z$T~>NIA~u!Sp3?HlA;T?Cq6>yXJu<fR0PpPz-G&s*$XXw8`w6%XahW6dkGJPZz-rC
zKVDh5KOikhAAs`g55f~|`GN5V)nWSacK?Nz1o~tMwr>&spggX20L_~}5YeXr6~g^T
z!a@;SEvmBIgQB-N=O55WrvDEpN<ILGk8r#H3iJPmF(0ziJzz(E!0!8xJ^cX;{oi31
zL;eTf$O8UpifsD_6eS<@Df<DeQ+i-9{XdB3hx5<)|Eu^1pt$=%r;Hwm=Xf9<|ABba
z2jW5h%V^SX_K0-uPBX;k{mxKGUc|9mbGFy#`QbuP&n`unS#j%6v^UJ^no}oDve;LZ
zF0UKTN(8K#uo%XAEo^MxswOm_2-&}JuW4{vu&|jGo@d_8JFBSUHdAEPktIzldPSP+
z?5u2>uQO1(b5(e8J$HG1d+K@<_O)if<_QK@`QWEp<|P5h<o2#b2Mq_~x-9#!^fOoL
zfs?pq9WQZy3pbCfqWb!87UDTvs^#j~ghAZKqL1r%yognz+8HTm6`xzZ5%Bnd1$T_O
zPL2S1er#6vU>SU3fwH7umE&exSPk7Kvglid{*T-Kx~>WX+%d4X-!(3gC^w0GB0De-
zx>NL}5?QX%Lhj<o7(bC!eb>6By&Th}S5UNH6AKph`+q5lG$~oaj_d1j(^={D*)x$}
z;Rd#IBGgA`qtKu~Dv!Mxic4iMI?50Y3eKvxO#dcbstPKeoH1bfVQ=^W|F~^c`2XDY
z37vNi!|$YfYoSEz!j6ja5yGGC41Yy77fYo-dHr-Gc)y6~t4jsU%C%qnK@U83un(Tc
zk~bC&8Z6u|70A#GNO8H(ulzl-w=WIUgS!#@N%fmOYh4ISc|dHz!~acN7|jB7cKbaC
zKCOkJU_CZ^)Ubty$<Fo`bRX{TLu$BxLMx%Xb9nQ)0hZr-2mt<LJs`Lpx>u1qT8e@5
zr7nmvti(PFimAq9qAr9QFLwJ3EGTSmg`hFdA*`s2#usVpQh+|0&Pkf$!slc+-mqh=
z9-x9YcTAWsa9*zYSQYUVP>q-hxrk09PPHdn@|hwSSf~zHh(5Nq_Q7Jlq*Paq>B8T)
zQ}B+6-JwASWFSEBoexvsHYH=}vBP`yTu!pLPjTJ@%s{pY!OzKAj};KvxZP!b%5?7|
zLF27DW@m2KD`X;!`z1twpG5z{j+svawwwWaoftw}gFxFt!y*96c=X!Eg0C<SWCs&Y
zAnF@03ZpUXd%uAPc+}wZ2z74a@t^%VGqTo&Vog0g2g%>NYraBKY%Ye154PI;B4DpC
zCG9k^mV97{m|^I2pVCc;$~3;IL{xtN^9>ACklah()@cL3-}1fT(5Ubl2DpB207AD6
zMSWY7c^(kGkvM+SS}kdTGLZ-pFy~hA&vjQ5srW_+$@IZfsQ0^8_nTKlfoy)fiJl&c
zk69U%p7I@R^7&Mi0N)zygGNguu%9F0V0568vfB_fa>b3EST{@AzmcXOKixIXwAja;
z7aeVVG9dSuj-<%Vy2ya3*f4J4QIXq8(V`!_fa!&g{<o2zS)t?ZYdvq`p!tzEuOEN2
za<Yej)J5Xr9EdbD13<;P@WmFAkJD8a1DR^*pnEepvHKY{?IWkSe2zXT1ffz-`5bZO
zh|kzyMBx>HDu6i9D46LK$bh0E2Ak?Z4nLKW%(H;xa_H;AfmiPZO>W?>v+dR4Jkp<o
zl|y^4>~|mykV}nLu4FmO5A5Z4iekZ5YQbbX_GRP3i$`qv&Y$<{7kbCJNAIG;0qKZG
z)ZP|s=>(ys@ZP;Jk54~<o)hlFJ#`g(iXTb}4?P3Qw_xut7d^!fY7PLrDjAr+W#WG-
zCD$GW?l6$R%scFXjclkkF1z2T8Idvi8Dr>2Nb==b@yzsMXY-e=umV3cNqb;6enUOn
zIi5#`@XOZE>Mitq_{2{QI=~G?0Cwv?2+-UQj|d512wf!8bR@L8&;bltzyyA<-$i9e
zJ6aG<0a%=P^DyKc*{gfp<TSPHl)-1xa$neC@7HMGnzHdi#{rR<t|)2$GpjhUV>nq5
zh4T(!^w$a+CYue)X)g3<5&4En3AMBOZ>p2;5k1JT3SH@SO9uUfCxD$V9;JgX2tSBi
zFq3@`6Z<f@oLBdL^U@y6yUjZ@g4j))z=d*r)pw1>NA{3nmh-CIFKp>PZj4i~uN^IJ
zP&Ur7Zs_$AG;X%-u>A0zsY#JF{2<6tMIbHHM>5Y`N^Fy?T{EPW54oD0A;2<6)OZjb
zi1hx?=rCnc6M{fcZ7P4K##>t$bu=_zl13*1E=`N`ZO|@K8{rIdKP}i3K7AQzQzD*u
zYF*+nSWe1w^%`UH?fmu`KiKuV9L^?@E;&T%(~gdW#~_IKYxu~m<A`bd<#!>fxOcCb
zhghVkuC4~iJSkS{Q*xhf9!#|?3JMu{gv&9%7~o1japva?p5^7PI&U<ZHk~~vlYK5T
zGRK@X6nk1$7mwXKAv~GJ%sAtg)YQyveQ>esnJjdb32_^kJvnh?#Ok4XV!@l}=9vP`
z!8k*vza*EBaGZ5p1t>Lg_8m!OE@N@jBTIc0NJv&r(o!uqAL`^wTP~O=)LqMPOP!yy
z@zUk(|7`AZI+Tn*zUgP9x-}U$G1%TeIy+)v@24_6JJCBbuOK`QKa%yL%8IvdXY+vd
z$cyCWbjw2ca`!T3m#Q!B;$=*Fit^iw{o_v0aF&R?h>#7B^;Ij^Gdsb%@}^lW6R)Bm
zD@Ic0FVobrmd|EKHe+m)vn`DlEhcu3G&X=&s|TSO==v{a-4gS@U=<54xiPozWH5T&
zbZidzG`*gVi8;wG$ZfS@WvxVhvnO38b9-IsJ`$Hh*s<u=#1z8T=yA?Bt8{STd3yZ1
z1S@h$1nnFA$@DBk>0sZxV*Tp?yE?7@YN4AWi-Q+i+$&5+PTZbud#Et6d4Y9337R!T
z$}f*$lXH#2noLHQ-i+UDb`TTv@hpwxZAfFhlpncKcdmR<6BYJpa!zD!J%mte5A#TK
zO%Y>%^}=z;O-pEq7>gw>jqYr&JgLrD`sDacmHX}fml4L9w0s)3%S(m$RsD-vy74fF
ztqR(<G0dA(mbqdPrizr8x)vNqd9*+Hcqyv=?F1X|_KV)N*4Ub@gqp04jH-VvbU%w2
zJF_m|L$<BhSL@-RFD@+C+VQn*+CBPuV$)Q5+Ec#reX)J<*7f3gz4t~rStZ=zIsJIs
zu*GpBR=7@=Hj*v)ROA-=MS--to#yK;uS<-(OT9b8NSB<M@%g5Yd#iKJ?lUu*C~o#k
zf%EnArZ~eVLh5oK5h;;mN@`*~YOZTt2yPl}hC>iTEIFGRuipGL^?0{My2;VpNI2+8
z_Th8GMJh>9@B7#0dNkJ=^$bQ$PTb8p{k9e)6V>qw5;HU!XU96FyaT68<AD)JR~ry_
zTjHaLIOB-EQIOqJz$Rb>m=CLfkd7`&%oi@8FiEyv>HP*#6(EBEX?0*DzCRob%am>>
z>Fwe)moG%%3s(ZoV84UX(L@QodF&9a)88WQELH-w)_5O%n-ft1=EEq!rz49#_GYki
zQB8kqa=EAi^wI~A*Wat~763Tj>-2#wgndkz?J??OCklInz>DrJkdB@Y3w<@>_V=Tb
zBsWEbXbI@KHDI@I@V(@D=XSRU#(-WxERYU1;pcNg7vL12uog!!Tfpwu3cJrX3myE8
z^b&9kT!;ORkd7fr%2z4;eOhlAKOVu31oMCNGf3e3G&lJBW!e+oiudi_d;kDc^?w!w
z`nlO+c(odOWV)0t<ES8via9C}-ycqt6>rSKFEQU@DIkmhe?P_`k8(2i>9P&i<^J)N
z|H<1})73~eI(<F?{42px;l@s7Z|5niq$911U_N?*-)6eNuY*LMn=Pq}1aHvv*Nz(~
zSVj-z|J?^~VSoqVvIXndC+l)ZFsMBxSQrq&uYj12DN64B3=jZ7ZuNN#<Eet-)}>44
z-ADAN@AvH%$SzwHh1PRc_smF+n*#qE`Twpq(KF)p9WhoH2D@UE21(3D;`PW`HwEF@
z7Pk=>gLrl=Vvh;_x&87k$sg0!<2^d|hD%tSDE&+<n92#7U=yFjZzyS+$4=*?TovAp
zSpT|`7PQ%Qbbj&);`Lw8ejU<+HyedK#f#tflNJSKKrhYjZUK&cP{t9$*BF^%D$e-b
z1AP7rNBU(?{@k>>MvUIx6C{e1lW&^y?O|%AOGUOLeG2Y~`5Pa1yfltaO)!HgYIU=%
zh*~!*^hCT>E`LIO;_c4(=ym;;{AJIHx6O%U>y48U_sM1QG|0$ikGwl8$%ka6lBZvk
zox5XX|L_=92JP3Gu{@f%EvG`vq<WUnNwp)&V79Hv_|e(k7h!a2L}|=eGCDB@-*mWC
zX(WM9-=+qxUk=*;zAJv;9P;8PbGVjy_TD<Pn=O-0|L0YBV?B#bK#mf=`R}qpAC)tt
zhieR*9jp`eM%4TtS6l4ZXU^np@rjSX*xh}8&|i=8j@IKWr)|qS*U==~{st-4M&k@&
zcX%(aaP*L~5OqN+Olo#f>Xn64t=Rd^;ptb1#zb$rTnFkVk2q4erPJKk2#XWfi8+il
zgXE6Et{g(hhkSM&(&Xw;=mZ$#v1YDdeV4opFE6W;ERvEWuta6n_Q(^Tsr3aSHo1(y
zfV}@{Rc_bQ^{OGi<ySmdU3K(kaNiNru|z3be$c7-`hA9L9O#JfbV6nq&cGI>^_Byq
z0tA2#zRK%xtgO4da`Ix--qL_L00U43CLc~h0m)5J$((Q48yg4^Y(X!B-G&}KpOula
zUe?gfG4jJtiaA9R8zI~uZeor0b{<o68PC6iCj}!+0G+&v?+>SQV37jnn2u}W@AW;`
zpXS`p#3N{rSN9(3hgpXU{DCC5_H)@z0EoULM(?cz$N@+LV`1pvB@~d|>dC({i3lTu
zo4K6reog-N0E`4rirm7vrVG$w8^UjAqX2rJg$jm#U<Ryby^xQ7qZ@rj^2cG`d$Wa;
z0$2&h)iYnBvwMdKum(&4?mc9wI^p_G=U%4!srLq00P4y7Ho%u##%{JE?(r)n2>*PD
z9_z@vtA%<xd7(dS0tvTniF4Cea|$WP|6C??;+Cot^A!v=Jy}UZc<AU{8ZSj{y*y|t
z!YV(Lw@l~i5ATe>i~U?vpOF=BevqA(yrY;~SyLZC`LV|Vwhn*DvKOBqBzrW+(ygJc
zF)-APFykwS1s&_2f-VUw>wIa0B4e`Jl-}nbvM)qGPtVzn3gq7A7RS~WF&=0Uo$%Hy
zvelenN*pH~)O9E-zV}SLJ6f;NQ$HGZ9#3;X(8l;_`bhH_XFN)L6@wT03d1Pm)ng-v
zwQFCtN3&>VX+zdJRX4M9edt$9g&9I8I4i7=C%$7eOy->^EumHED834IoGxyzv#vK_
z4ZT*%=oUj!ia0mizl-lZ_nPqSuvkt9-{o*H?CD_If{U)XJOW9gNyi7~FD{(7!%`QV
zZp}UGKXEmBHH~8bP;`wc*~++<z4+3={mCO`^P=bO?Cw@%dRt4+z<BDZy~LJ0<m__L
zWYRj?;x(7kWSEBMn9%iFsq<d^be*PyaYx}$^pve3_3U%#hcJlxImXX#u1)HaZ2j4u
zB7N|a3X(l1qo%^3%W#i;q=XQInbs{PO(&G#-$Aw#Lo6o@OPqJ)CnbsQkivpam!TgH
zVd75+8tEg*FP^q`utwJ*{L15Cy*?FBOTIq!y(+`<`S|-1kI6^AC5@1(c@|q6+=>fc
z2bX=D%gTf}UJ|dH!jrJGzOB+}jLODJ=o>m)dWjynfg6FYbxSIntH+7fgXKw3$gL-0
zRWc__x?zV)J>wFWGB1;6YhFA@mB75Ww^ot2QgF#ks+Mfa?ptYl^TvM7>C&+TK3nhO
zP-Wx(Mmw)w0*M-Jf9U(;i^5x`3I8`=>J9^xV-oUHY$5xO1XV(#7N?!-{xg33x;-g<
zq&8`5$((t~f=5?dI&W=sDzQTj&q|<gXVi!0^hmO$mPRlcZe#PZuH49nT&(TIJCHeL
zLnK*V8gQbxrAs@DkH3s<D5TTm>ETqv$}JD*xyYt75>Mcul4(j~W6t;@W7;Vx>#@wR
zlGYijyVa5F0D5`-+F;2o9rFh^p?m@}4>>Ipz15ckgJ_(mR6JNX$pzTSsFh+(*tF^b
zF<L1ChNMSa%4wai*YaN`T$%_h%3x%hM(2H0Rl=!$N}YzNdK{I9+{=m7ZBNNd?r8Gz
zt6sq(gikhLx9x)~rKM5VL=e)aRUvU&x1d2>l#>m2ii#QBRB4(IlGei;o~+^u4sS(<
za|YToA_Zb7KW>F?$fb54Q!2v`Z7zQ<U878;+M*vGbcwQxrcPv5WTDaA4gDbP?3~CS
z#-4^acp7iElaR1OMVmO-AB2+X6T$InlJ@h9f_Y;{;yQ)sFbCg|kEu*F(foE}@*kcG
zMQ$Iij+ynTEGxMiXclxyrXuK4jxfFYft6$ClU&SF)o^pE@2W?ujUUU5(dSg?Yci=e
zJejm4lRbkpQQ7g#TG?DyWxZ?UqnhsIvShC;0#CHtNU`8!^-G4?#z(KQ2ud6_8H)#0
z#LHMV)jqgiYN%U0W~wq%w9wqQ_{=@Kt%Qx5t!)vPQ<d{E0FT~0?0nVNCZ<Q@z`aN$
zjI(usQU06`qNVlaHhu#=x7ncI{(1kK!42a|IU3%(B%?beN+#w{AgLTNsUF<uMORe?
ziXk1bFC*A0S|hz5*0c!wP+n!xv6}IJ;DT^~U+NzBR`F%!pg9LIX@EyFTeM`0KJv|T
zpNR%`bE;|^%^pkCDRC1&)61#PeNL4tNT-;^R<(uhTGnqK!ofLMU_3VPy>Mmb^UBFH
zr^mG^No6@ao2x~H{d})vmd0z$Qod{aOnd7oI5?qk`2Hht$rgpiZjtO#3B6Onj1r@z
zjhS?+kxyrFUn0ZmsKeWw(zxfdZWCEv??$*@xt**f9ekR+;r-sAsx{wW-eB6FGB!I>
zP4c;xgxkRp5?LxS#r}%FaZ^lo_Qy_&$B)@-Cz(f(xA<GSY-5cJ5RH(WX}qpB<d=jQ
zY?{^xp-*g{F9ctq_HPM#Q#}@*{NVp`KM_+){;`8$Y$BB_3DcH#;0?0_0QVC;u_O|i
zcu_Yq&@3!1RT~NXQ*+R#5}>pF49DpUMC#yC6#!Qa8zT#}j&y3%m}x~S)jF6DDk}?i
zArne3k>5Ys1Tq!v5KCgEyR8OjuXBAaU5_b%VJbQ!e(@yzarTJi&+<=zJSF%xt$806
z9}AT6_W6K982z|?wgP~oHv`g^V;g5a%+n%L66wd7F|%u>CgSfaI4z+y01|0zOl(!Q
znu#%r^}b;^7Y+5Nku+p9=9^N%pY02v9JJ6j`KL(ag9S+YWo^!MvZCYmyQ3AV2Wt>0
z_mN;I4OvwI<BTst?lamSa4yZ_O*~1WRX()WnU8@aV+a`8h(S^`D5U;*s&K-gO*6Be
z&spl60?~QWuCu2bLv%RmnEN#_?0ZWVzA#|q!KJBAn@&>6r${(XOCG)Nf}|4Bwt1v%
z<bES08S;(TLhrA5pLetXv1&_3*4<VMa2V>@2C<pDeWacatQz~t#M~?ODNi<{LMPxr
zis9{Am-x|<`&k1cr#Yx>y(05gbM~z?>I>43K7o$Y`m(YC^z|dUuVPFpF0CP8%ufs}
zVSd20vP={2*nWJp<BskUxst7z@xnm2$nTWd%VTye18ewwuC8ej_Qi;ayrJ}R$ogN^
z{EiD{l-;=V;FlAO-H22*3+DGn+~wU{tT;a)%4Y`SE<O_Eu<FP$uAR=}){&sDV=Q?A
z-$7kF93UQ$shNZ?{z2(AJGuD9V74`ddF?*MQ@<&erodN2G~$YiWXIyAUzVSJ&B17i
zef;&UBc~)oKwe1pbA_XH6?J2SN789+64jfO?@qSbwuWPkM+@Quf>njmaHJY9so?u0
zUgO@PmKT|L%whv_c+oPXV3vh)s?Vb+C89Pe`1!J=7KtcF;*w12d4_JNW>T&Ua>-T7
zU*TKzS}upmKi6HMvd2)REB?7^qgElUhTT(d!u=HA9M^IcsY=p6URflKVJm59zds{D
z(izfGB~#q^++N|El+r5qPReLm?>tRmdGsg+%}CgYA%9pHgT78mm1dfLrVWn;>yVjv
z3!wt@><qDDz$eF`&Dc<Sb8zOKo^hgUhLH|JbXnW*%%UbuBTp&vidsZ!wsRo{q=~;&
zin_3$Q1a0RZ%%{ZOJo0jG<@pLWnH-(2lR=rQd8BJU|mWw>wZf$b3j{Cn7s&6&B%b9
z>yDg|5K7ccAL9@wZ>iHG8^^)$tPiMurJ90hs5Eu&&Mhf8Bod#*P}ptzy^nd_n{H!)
zM(etRY@$6N^B&(VT}i!CDaTaZ=eaN~qoaTKKp)@Nh{E2f;;}ZW5LKraq;b-r{u8H9
zLP)e?vqNbTIdXWk=uNd`nbR2ZXjh44<zK!w4^Xu%ytpLxFx8Nr{+8ClpioauBG3nB
zoO{P~K;;Ir^t2!#KWWTto0{ZoKVdM~N-L|!SDu%dXStO&K#ky3Ywpd*4zu8?TD33Q
z3vY^ox<zhDLIgckt9oi1YqNS(`I3(Z4y(tVue-Y3^1G7@rgfJ-yZel3Xc(dwIg-pa
zrL5rGgfUgb*F0ks;wXB;TY6lEByV{tQZe$W0g^I+&x$N00}A&&Q2F7yH~TDt|5nJb
zPGg=p<aL~FEFDQ#9iC;5eZRSn1jfV)jJ)D<R&36ys>tj+M~U}U2Ru|#klxL3o03mF
zgZ>q4(h}60Qqj5e#kMMnZIz;^uN;CIqaQUU#R{1{8tzSwcRD817%8%0v;3$I5jd1m
zYAz8U{j3?ODlPZK{D}1x{Xm?QdB<?xG8S>Ot4<)(=?{w>Q{OHIp;00<rVVqka1EMk
zYN1?-FvhRDIB81Q3Rfcy!7{{C+d$gUm!*yjD?FFa=xSDrQw>XpBl7v;Xoi-*e$)F9
zdb^{!+KrPv3Vj9?A4Qxcm80)PEwRv(ljr1#=&QHY&Tpxs-HX|Kl?-D?Ca+=zI1<g3
zH>Z+L#|dVht;H1OvsRU?PgT8tR{MC?ActISxm$W6Be-a$DOKJnrole8cHT%*h4%UA
zFjHyewzp=;_n3^N*8XP+>G)#gz3S4FS<6vK!>yq55mq<yErdgCG^41hL7u)qo!*pb
zE<uUJD|&Ngt=h4C4_$aWk0}tz*f6@9T_UbctLwt`p!usg)A1_f9{aV(CYCzK>LYh*
zdCDoxBL?|mrvlS{e0za&&#BJ~nvQXKnTfWlkV9g5l%xSO>anMD&&jYxcfgdo;yOZm
zLGdqfYIxR8wPH2pY6W|rIF<5CBvK|#xArp4xS_MEr{woX4J<5;a$=h@+rO|B)D^N<
z6RA$i@5d_MaWR&25$cgwS?zv#_GQYcr0S?5d^$?J%5c=4M9YLvF^aO#ysL0kCbgnp
z^M!<<LgFZuRPA&sEKN2o!`l}qg1S+hPJ?w$PVUS_x&6UuRpz96D24P#uG~Z0=UN)F
zi9>|}#$DrW493E|sTE6>`rO9CECmGN&pWcQhKG`B0(-tFe!Gs6b=mdRme#{i_pwgT
z#AE-Yz7n-2MIVt_8;!(UN~0g)ggN{}Yv+<D{<UnvJH(3TJsX)Um$~0_5G(mEW1kik
z9q_DOh$}*152?aN>&E0^p{1zs!;bl5?i?A8yye(f;Zr)dIZK`5>UFDVt=+Rz7J*mx
zcWhp=Ikv&NP3$$YPtpUmB`F;S+4r1iARKTdoSt&CJ6@m81D{*uWc)Co`mwp%jOoBe
z)x5~SSt>9P#OU~~M?<N({B;;yUr9oLKVuHI>)UUx2D<oJu%?F$*sB52g;cyf8>$$k
zm+_@AH$8%0__2mHN114Em&IR)e=b<dkIK#`=#Df}GKb633w?c*8C&Q{?StoP;fjA@
zvrPNS)j}-lT3TO;;*oYLWxvPr*nj~g3vZ&NyiFZr%~QMgG0QYDo8b*jYSj(0ua<NC
zc^*+B5oB~9s>U)i(oaunDQSWQ(~Gme;)fo`sze1|Sx734RQ@Q>u-3v&UC;cO`>tps
zW28L4tGqm5<C8f-lAMzRyHkbf<OlXbey$WG^;t!!;qojK_t*~%N8^W_OE<Z*D<hMk
z6Hc=~B<Y#;RCR+HnK>@!7%%5^qc=_Du;XK=7c8jaO!cKkx%p-te!S)4@XfrXE9o7h
z=8%vZ!5eT%`*@gPYZ)!Cz=M@jH#{O)H<)c+!b*Gu5PDbEAZhoCg?Iq=FerDr^RPLW
zA@LK4o68N0Z&O^gC%STK(=miwKzJ0L+trO5sh$+pR^WC3MO%5guT4aDX8`i1BB$Qt
zJXw&|m3wnic=cuw(vyvOrEw;RQBjpVb~<*mi*GfyPT2BgPrdi{z$4ttUdVxOO1{Dn
zxVK+puhA@9x3e^_@;0xxqr+8rJ%Hya#KQjcYp2y~`O4ZQZAtZJN<5Qyiu<xE$1)+>
zO#zQC`LI7gy(o%WtgQ+SX_uP@vE_|Pk*jQ}!}(XR1NW$h@<-d_CzXPpv+LIFg_$=E
z)@(Jbt6?|h<Amm4-aGDv-!5I9NZf7Q2vDWg8_fz*9eKJpqxS?~gNe(-x;^Zn-*&I8
ztl0DL!Oc;&W`EKrG)rEVZGuLAFowy{m=r)HrO0X|HA~^!l<$+&%P~B9889>Cs3%JA
zR`>k-l9^W4E4nUX7-E&TNotw2G$&u-hLq%h%-3xdDp5Y7KjYG(^&S^QOp0QC+Tdj+
z;CM#^zL1qNYB=}N#EW~|VX>yq!8{ZhL*(Go$IFy|RL$sSR6e&Vqa{0fBt=2kOH%Ci
zsoUab;f|;B-U^|~>Jb&@kqd^;i`8XoITCGs<09qN62eBQBuQtoZWx>6u`M2MgaOS-
zT)du+28D8xZ|FlAu1C<noVF_dz-impg2dg5Je{AfWYwuTiyJIm4bOVVz2S!Q^eMHl
zO6w@qnoZqN<VE+--dRgrY6o<k*ov1!n$^2B#1S7l^edFd<ecqan@0WAgk%Xe%C2$N
zq}lu+d0W_#Xpb2{B*3M)FeRYfnTp*NLt$&!sp&sXG$liAq{cahGpA@~YD4Fsn(b3f
zdt{_ySDh?ncgbhS!0lY&ZZ%f4F564Zzr|4gMd7onYAB?T{hYAEA4RCRyGuOjhx2ju
z3KK;Lu{BOCSK;tr>@f~b7qfSI9?UKa{eJQ;=3{vA$I+(_X!(`?Tov6q*woDwt*3a|
z6v^)fww(G;yA93r!Yf#2SCnhcT^Dd*`;>I*rNSy$%3(iB>%^ItaLm3<NO#ngo@qR0
zLSkIAKIT+Cv6Rpq<jhM$6oHZ6(EE~m{`I58YpWqxEx*cG=trkVFdf3;ZDpo}b0W;v
zh$WDUGhK6r{I#Ler@-hX(kCPCYTK0J6XnznmkaLSY};+z&K^9U1t%2GyI5|%nu;s%
zo8qvPlq@~ztcb>>jEj>N*qYqXd^9%T%6NpRYB*q31<Fd|n`?sq$+PgCpYuc$vOYi`
zE?cK+@>Q(VAdq_>_nXP-v-+ykC4s%_Co|GaS`gKm-V-w6-fBzFv0f+L+NB0p@`x7V
zRP!%XnSK(h204KRZJVwAvE7H$y1Sxw&Ir$FdxA@vc8`gQ>`ih?D7t1-ZJYvXv<*^w
zCYGxzmS{ivj~1;qXaOyFU1hVAHCJA0JYFVmu-9!bkW<#J8p$39F+r|53YDZ-3(MC(
zjR$G{NKm(-&+YI1FpJ3Gy0e)VDh?COZ94jP^J`DR{@0JH2^@tvj1@MnXt2%Vx{x+o
z*b;Ri<1|xkQ?&yc3FDvrFMZ!~oA4;cf%;H*E0_juUPe0E!eeFfpu+_eRr-!tf^gsP
z4y3PdmPU&EYF2eyMY$%PxNj*Ip1x@jykatn;!_z&tkUmi`eMzwh3v(wX<yc$ZE{t{
zSfhrQK+Pjq5ikVHBH+jK=-@MdMdFiO&lqgR3Mbdz{_@@9U^q*QL8}6HiZU)oPD}n{
zowX`^x%!G%rhXSoAB|Vba2e0Km~C<?QaK1woJSHgRnK26d_L^xg*M3K#G+6PPU2)_
zYz%oEkgTb?p_7A>W|O!R&YBv7jHR)7Qd0TMUx|6|<D~HUqc|kr6}+teqW+uRxa`?v
zF;e%Q_dTdRbE@d$%0V`oJFu+p4$^H{mT=x{W8atkSW4UnX+FoRM_r^aM_@bjS&=%Z
zawo(JrW8ZKy%%yd{ikB;s`UFNx{lIf5sB(l4&qO8T9REy>EUPdbfYA(btJcBO*bW{
z4F#}2pbiIA&N<|UR|@5FM)9HRR5Cj&X=hoTBtTxa@j3h~;!XU#WEIgPLlyZP!9g__
zLHMhiECxj@(W$BWz_F+rSNm>-pCnh{YQvP8Gmv|1Roj-E=h1-vop^iF=TLB*tNL0I
z)EXs46pw&p)hSDi0KrG^Gx{FMblw=A#`&a&j!n>4L@A)^sBst7MrEjmMcWWt!)Q<u
zJ?{!ry2CUyPM*P^FCff03B*%Yt&q2fKAqqV{^o4v7+b95GW-3ALhXECj(iA?5J~Nv
z&_u@ByYR4@zRvZzV8;qOkOjNiGcWXU-A5FUz91P=<te+xt*nfO8CT9dH`g4)C{gS$
zFPkb72N``|(PUzVFTC!$+(k~a<V@|0njmSjpGF<(QBlkzYc3E_^%SSChyEMYGug_C
z#_k(^$kt3Ri~iOi@t~D+|M-qxc0di@>)94MQ*EFA(~9APHo{%(bTPWFXMrPYxrSPw
zM^Tvz^A7!8$8PNs@3@i?Cvk!~Fob0ntdT3q1i`tSU&mW{`pCfBB87R!n#xVqg#cv7
zB@hPl>_Sb||5MplK*hCm>2?StND_iuAOr}mjeC&B-5YmrtZ|Lt1a}$<?%KEp2=4Cg
z?iwJE{4@8xn}6=iTXTBtRp)e9?Qcs}SJf#)J8m<_4aM0cM5+}OxZJ?y(d=^flOUaX
z&R$&=*9x)F>f4{Bu0Sb#JARr)Dl&B{XOWdDILJkelL@2zz}OTeWCS#&C03R|Y`xaV
zLTMsQ%`u|sN!3kIzkk_;K3T4-h*{aGz-~(Rly6QQ@RDP2CBu=-WZ5+|V>q=j?-nfr
z1_$wUsHUEshDy!`cs7OM0DpGpIn{PUiA$47XN6^zaJe*N-#e(NBzM80cKav~!|==J
zyM=P!bDz_C>0Q~lEl6HHp0bq2P4&rXA-7<0J^P!H$%Hb;<~a>gz&GZTbEfyZirX5#
zzF%<aCF-=c>GkQn3xuyOjwiLvcSv=@eJ6WQ!NK!Wty(a$T${C5uYTpyLiL{8LVA-6
z+Zb4fb_3wbI6Q`>&~L(Y#SX51xSzP(a%mm)@N6NLNs_kMbHuL&r4xVFyILumwl)Fr
zo>&Db<J=<ef;WAsOBEG>YD=}!7xaZFim7O7xv3^iWHE4wufA&bMMd{*Iy=xDLmjQ1
z9@+0KG)$GJ9kgO^J9|Ra<Ohf}o72@IhQY@%85FyP>ly*Nb+p@BCH*ctq6P7%gh83Z
zQf>^+lMK8&%<3)|Y%V5R&hAg<^NSiT#KqmR_cAN4-4`8Ha}Eoe#6HtF9uo9xRTg0D
zQ9PMgIDerAw>HVKnMiF-nkvrl3#WF3#PK8+jPp-r53H^U=bhHs^pdCIHiN#-u`8`z
zmzG-%#}f!8a%u-RChsR49g$ab>sk~B3a6OzrY9Z-9b=$0+T{r=*D8c3S~yJ7=u(`v
zt)S{CVh{3lg!t-mX{YN<=+TMqH{uY_$k|}MW-RR-OGhrFpUkfEj+n4@*#L3$o>{UH
zN5-+NoZr)Rpq|afdqo!Sa1<~X!ilOmhFY$3ePtkY1k+pOAs=u`Y*=qg)k|EN1c~W!
zebZy1{&Gm@P6x`kclcILGIhKSixsg+dB^K!oWyW1N8}nG<qQ(PL*kJ1y5U%GNm7=D
zU6MzX@LQweL8eM^CX+620qOMc^2b5*Bl@dzaDEtgyICu%?Tp$Wc-jW0GNhfL(^|PV
zxeYR^k?p0NpK-w2`||FfT9OWIyHO9RQIt|#QT`bNT6;Ktj2+K<av5;8`EkFRvweKT
zp4v5w{4z(jOX6!N2P|yTLcOo0pg}*<Ozu^WEQmjzHAhSd{J{6v(li3=F20GDCve}O
z$(0qS?4qCgg=eIeb<RWk6i&zUO{7%QZA5R_XNUzeCQ}trLYJH(vQ9}VB?ZioZOuto
zi$PjP7*sSnSC{(O^){2D`UWmcT|T9gnl?)ap`WWhVK?sRFHZ`9C+9ZGqUbmf1Tw~y
zTT@u!o^^*j$1*LjL6sM13snyPI?uZoLOWGj?-ux32L-Adq}PKh?bRxWHL^B$&8^^;
zqLCb})$1(Wc*s$qOTP{U<Mx!y4I}C7gMpjcE`+W5YYMppX1C-_Vz+*iOy_9ql=%%h
zJMaB5fw#@&5t5B_z9v{FQuCX3YK&IK(ZOVkU}0Ix`1SVLxKI+Js6^ag8`_yoKVPAz
zVo715QeT21BS?%zP2aSAH9yJqT<M%h^QP<iEJi0qRn=WdP4iGd;@4l3q`ub2h7v9)
zd!qE2?3Fz2Y^}P1lR$ZhDA(h;lL^Iz?+fvm#|k3U7}n+5q6A8wLvpA-7-_y{E!9jw
z36iW~%z3_({LI{42Yrt1&Z;iA;+rkk_q+ur8{3q(xE(r7Z253prYaJ$J$5#S_6*n1
z=c!fkY!1!Br|IfaQ%3z^h<H1i)-6A|7tJV$^IjmjjAzT4G|jzl8ILKE&-ZXceCZg>
zCT%oP>>+FJ_sJcUG~tUOnMYh!2<$022A8J9N-T$~@mVTw&0FozF9U!oTkFWIb)(6^
z4JyKThi|KU_OZII<9+UM?6v}HX#1ACl-imjoeR1@&LJCHTHtqFR(S{RRX5Ewr{MW)
zrL|lN^{-R~o@SU=G+yf(LPWIKRlM|VT6Xry^t-3ewO`|y`hdn|BvmVPEoo&U@XEda
z6_W`RJNLj;Z1gE?E5Cjgot_FhNa6SS*rT<+H}qG&Qg$sZ7R-6L@Q$BdsgrIG!#m>E
zF^X&O2*jc&^!7-SRHCWbJbuCapkCyh)}6@@UcI{$!EvN`A)Mnq(^Sv6q?o36^&o5|
z$!AdK9Z#{r`{-3BrF%J_w8Z`d>GRGkGwt=9t)iva#k*?YAx1t^mYbNNYb8$xy;T^s
zM<G(s+Llb=W!y+|?kwJ+<tJKow9`|{;+Mvou?f<JNNq*9+ldii28ABAgMO(hR>6Kl
zA&Oby!t}gN<Usa?8$-`3DfuUK2;~ds3hiR_Ce5qhSE9E(?-FAng)$2s6v5ZoTM#be
zo0BS;dej<TV2?J00tJ6-8@DjmSyGWWm|j*Ux2_je_mVxjR{n<kavE|gQLaTiW3-6D
zcacq3W3yOJ*Cb~U7iJF0+Uh4?jcvy9wNwvLp<Or;s%;lp-p0GIj8(gjpfl>Ju{zs(
zpE1Y*W^p-xDU{GX&}igHm)N9I%Yjv6nG}y?nlg}RRI*CMN{1x~pEP!X_@vz?GI%Mu
z^jX)CT9}x|zScDbZ#LAF^|nu?<iTq`1}a}}YG{L#JQ4?>@)dPBR9XGjgY{<B^2^K(
zLM5zyu8jl{lru9Evi;GQ&5DE7+(C}a!TA$2H9|iQoI?6dy<rS@Bj25Gnr)s{6t)0J
z?3EUh!MyeKa0f#ZwF74^jseoWSyQ*iU7?Lkk<Q-3zzs~<Q^-5g)m9-JEYF7rzyo)<
zuv>38zO7=Opxy?vYTlN0-;L4uLYQi6)>56TdWa#3J$yb{^^jBD<VKzGY&X1Y!+!L!
zfjP*?pt`yCfn{?uR$35V0gvV&vHv>%Lem2j2<9#aTE*w~7j5q^e-`H>=aim2TdaqK
zIh#UTItmV7R`b@+;{-U-Md*f94V9N@2~9TjIEznpGSrNrIx}bX*KdGpJ`X;Gx&GjG
zfSN)#IKeCK!gg9tiQrV1Lp_Y6?#Jf3*e_XA9b3+l<2v?`?YNo4W3nZVW@ES1`osZM
zP({(1{_B&ldBfo4`aM?e6U07NrqYcZ@tVfVL=V+m)<w}s!r;>H$A<+5j}Uk`Iman!
zs;UVNons7euT5Q?rf<NDf^DP)GhMz_!nzP$g+w>ii_eFwOeFT9^GH>(Ju)~|{FJPZ
zlIUn?CHAX;=Zt_@k9eT9f_{raLiH<dhHzK$!!}J@9_6lClCi`<mvzSLQ%V%4>s=P<
zz{j6HGug%|bd{38eSiOC6_5&)4m^urbEk%5{OV=^!fvB3a@b0aJ>)IONTM3(->I|N
zg2CJS>2BhD6h|$u+NZ)&$o7~U19;6yP9hqAtv;(+QwfOU3?5|has453`XJryN#-lU
z>;O;)C*!5Sgnob?Es4fd7$wPB7{$s|SoD*c$Ub5|Ms?$caG{qzNqy0c=#%&z`4N*^
zr|%R3s$iiB`A*z~09wGrW^dzU(slbsb4*KPv#7^7E_{SJ&lOG5UKU#S+KPdp>Fyjd
zLllL%PdRginlcS2Ay-~tl9Sr`U0<02|Hi70u?<n-xEt}zMl9q#m-=NZjBP5h$-@I(
zGcAN%9UC>xXBP-)SYWoFClXF8bRO4P%hMj$gF8S>0&ZJo2G6VZqj)`zjyH*TF4A6B
zX*bu*O{J9AeoZ$Qf_Fg85;31^lk=Z9V_O@$OfBvWUdvN^SLj6L``)Jqa(qHYWh3zo
zT1H<hYZuQi2XfUe4U^6jjaWfeAX$I;UiW1CC4G9xDTc-4!N8zR0Y;*?LxwG>R0krQ
zQ!yzgITd*KBsJEZm15f_sRt`M(fhaidh(N<P=*vMhvFNwtrHcF#98nmI|}x^TVvg9
zVx_yzVe%WxvF!w6s`<-LHl3|SEN2aB@vhFF3F$$ZdMdnXuDe`Z?>h2X&gw3>T>7(n
zd>o?%)zvhj<llsMhl+*GpKePLcSgdjJ(Iu(3t^&${j9K!PB-Q)i1&iSwp6+X>(v%)
zV=#MSq4udb@I(fNIOGy)BO_#+Y&3<nxIGw`E3{IxV?R%_=c{#8k8Tor3SU6hdZ6mv
zQdJJ$aQ^0Qo25H<+ew0VsbR+L!SuX=-l{?xm;SQRobbSR;k>bW%%4>lG0paDZ`55=
z>S#(@P-<jL_4vlPNr%vjuZqNM@Y9J}ODc$jNp!9BXqI><&t_9gq8V9WF=M9ZhkH_?
z*BK-D_yku+?2wQ+<(;aBsSaY=WG0pEF0+zm_*|Fwtcea%T8@RD@|SoHeXO@-a*HBc
zvu+fQQfG-eDLq++e4W-JY6VIaw@%i`mBzb6^w7v-jJ}O}y5W(_gX|d%>I$!1v^5#*
z4WiDdWEr}PH~GulI-HYKn=c87x6QC_#q$Sv?^T=R>(3;x<2S+V7Ui*P&BAoiVdFn$
z(^{*=(D)~c1b2(N3alv*uW~0G?}I4}78AZ>(+<fZx-Qyk5`)XEQr`m?hAcA{Jc`Ax
zbPlVMQce$Nw9Bm*ER$EqF6in7XqOUm41atx8O^<pRA6P;f1|{^+*xuvCfpG`bSBx1
zX1+R094s6rs;M%sqm;i>FR2)}WP#FT{2Huf4P8x94?V>6Kxy1ZXiKz13Edzjo{tov
z(cxIiC8zpXFFc~7Y;M}`ORbX@6`)Q#r$I1<%jbe{RVFj!qEvHa2GUoR#N#XdagdIn
z+~tCndWAaMPTp!JN)(R|kt*4mu2bKbyqunqBAIz&tt%#TQJGm0LCua0o_du=__Qqe
zDQ~@ZM@5#5y=oTy_}SD8{PLK)Pj+7Ep1JPa4Qr9zoW-6Z<qOrt8)u=cHMYo8H3pcD
zud>-cjo9dU^3tEqSE9Nz80eF6T+q472TT#84I(`IOhxZ%tbA^VWESLzmP&bnx{iWI
zGNaFL*ouU<{UP@;;*~!HHFY*OqW81eljF3KWv})~NBZlV=QYjmBxiB7arzltBge;%
ze36cJcFT-fhXiXcLghwFmig?Hcn&s_o5HWYDvahYYoctL9j#Ff&&M2CWEY(%d`QB=
zy+cgW%3gN2>l<7gm;Y8r!>b_V`Etu~L*Ub@n(`qU{+!&m+Wa6#=frmDrd&D~ira3M
zKCg##23)swJ0$rS@skg=#aMAa5iPZ3>rC|h4t<dXKh087xvetv;jQkodm~g8=Pd8c
z7~rD3cliF9&WuTWIDZ)0PLC<S?uyjnTYiA333CjShM{hKirxM#j^(2`RQPk30_j93
zOcnehZ)ZFvlC}>4XEs+XSeKhtHXieoLJ_tPGwI>m4|i@SY(KefZ^D=Ez0bQgc7tB+
zm&oshdEXp{i*uJZ5HNA3T~42c`*L9n@TQK((28f?h;oyxxaElB54F@F7yrT${#skW
z<(IpsE`yyfDP&`c<rJGeBe8iWMSxyZ*F7MhP#O`=hj}l`W*dBhQuvI0JbOXsMYo8*
zH5&d6H6HjqWldy2>SZFf<EZW_T_-*SEot3L^z|g0R?vsTL81dueaJ4NXao{2GPj@Z
zR)dCC2{I->vmz=3f}}H&6^6p809l|lD(7P+Tqx#6jS6{&p^*b$%qjZ@C)JAo9)_HU
zr-0z#-PNHg6gFEbvnqhFUB#(Q_feqzGsXvVjb*SRF^;i`3jRUoYjQ@^++Me~5(l7s
zIwb{lx4(^|y3}!nUio%p(nt72f<}811g4BzS5&TL*Z>XHlX42<t>(oRXMN2qC$-ko
zVptQSblyi7y)3nv@5YYuvobI6r5vo=f;L~#NyP@eh;X|Xy&^KiJzMuZH^?myI|a|A
zR>f<nQC-p<wDWstY9W|I5rJWgur*4W-$Ri>dN67>YR@XO;*Q5J@`F^Gdn{kkVzB8&
zoNPfCvsK|dns}D*yU$pimQu|nE3z|K!YJ<#bgomqzo^RU)l|!Jdhy$;yYjD>V?^iM
z=Eg@aeq-8O#Y-f4H9G&}`$T^J))kEpg$<~1EyjYKE2nweUuA4VwyBj7o0OYjTVFv(
zrD|MMnqFG(wb(_-H<mK>9gk-cgJXpJqYly9yyM~pg7WO^3FlkRd#h)%CyC{1*&mgC
zB}3N=Pr+lH{Y1O8^={@(B6NhCFCz^^54t^lw6q6P-=@X6taXKt1>DjYP$2u83;bYs
zJSIaFbZsbnyy3@bozn)K`#Q%*iS=_PhxI0ICh<OG&o2C6|4rgqhy$7E&obBgs%i8P
zT){?o^RkU-GY9%yj;Y753ZupCdq-$`BIJ0DZ~mOLhQyHpFDZ2%tS!OWUL<P|5z(Al
z%-HGCfjbCOatOrxd)v>`wu6uD7dP$aTqn^krZe0b=D=4on|hm)-z>h)os0Gbk5tcF
zSEo3>FuihD^5wB>crjO9@$=s9-gV+G8PW{*@rImf9P%&D1L=7?>@RL`1@)$fj+kuv
zl<fQOMmf!vfGTfzDHlRbo#)-l+K)6h%MDAHVkf_Ni`%?o?4zAL=#fR|*(|f+=L{W>
zlU$u9@|^wZ`FK;y<4_$@HSr@kAR1SYF?u<?#yuJ7t*x?SALU52HjHJdLei18K~f($
z-8ow(%;P^LCv9OlANOu`TG?RMkv4I{Wm9d4XC(0I!K5&#oIg!f4Xtp(wq~};&Di^w
zy}KYxFI=!c-sLQJVk#;BxpeeJi&gQxO}Qq6`r6|Hf>ph^EBUdx|J)<@@Id}-V$5)J
zi7oomj-`NC)`*%<`RnA*$}DRBd9!jnEdtw#ZTF|%cV(LM45_$j97|;bK(M&?&rO#~
zMhSb7^EcN47|NgN(b4XkfawQ;UsvZ$U@mT!tFZT(DyEdT(ca>mTsSO`U3mQ+GwA&>
z^+a0m08tK{)=ASnUQrFJzPq-E{r<Hw!A#=_Niw5vP+iq43knAd-S_tt1LKMPtXRR(
z8NO)IdP#7~#^fzilhY!7lkdrGo=qtIV#2HEXYRqd%87czU<n#VXtNv4q1g)-YnyL3
z?_1t0sbV3ej+BYi=BV82rvj^?pV2Yp%iKfBHU$pQh>MZZ8q8g7_BkDxP`0R~(ZUy%
z{U?vIG1P2Csq<gZb1u<4G}GX$sd(+_ak}Z5F)!&3N@nr(<Q2%^U{_MdWpDDzSmaA?
zm(oeRaX3@kv^-Oz9;2i_hoKyI0D}YavaJ^>W8!v&trsPu65Xh%>nxDl?i_{nemu@?
zsG<3iDLclDrkJA%1-VTG<ppUmTrP!s3!ZA)8Dz{PN#&fMEA!Fh$=t%cjYf}V_tE!)
z-zyr&2nxMqm1f=5u#R4|%)5Qg5!w^T$z&pBD``A#F*&raxr44^n{$atjtW+*^Dg{q
z?a~6bN>_P(ODtEFgCzUOtIn-Y;*O&5l%P=d;hW&F)gVyW-HV@TFQ%D;Dfr-M-J;&&
zv!DVrDu+8Ur$d$@<|U9tHjwZ#N2Y;N+>bUOwN0gr`6V~Ql35OSE^NzT?6WNSPlFgL
z)7L8$TV(7Eu*IbG_f#`QeN|R!g4>!j951C4UYJsF8;E`B?_DZkxi5>mytR_)V?AX%
z5U1EUYMdz<o$g~fs5u~i$1`U=7yUfB_p&?*nTiK@h&X)P_dF<SXMdRJ>L`woBhyDP
z?U%{9&CN==cjg12<+$sua4x{z>*lSE%~#u&<Ebk?<1#RG&hs={EWWopO?{P17b9Af
zotAuMi!)Vawive4BeBU7B>}^gNCpdc7$|D8-3;61pwQ0rO+>MxsrLRnNIt4^kK+!|
z?G81j!y}BmhC|vGvz<&w$lz0@sw|Sp(UMWt!F%yX%GqLMT0?@}U!HZiZLtO~rhfg3
zCsZ8OWB=}4gO~AI1MXCm&JkDlP2G!^!0OGI$ZhP1m5&cWBx%(^L*4pCzJr|b>_fkV
zsAW{{<yUR&>UK79(Z|8@o<`H4G(3t=k8gZp{a@s|toBkI!n-iIOQz?=d=KV3fTS*D
zRhCb%mFf{*laYR;$c{*lRVYSDd99EQaEuzg%5r;rM}zTUectd4H!Zb!GZuH*R&l)Q
zV^*Hv`}C@eabLYlL<Ke84m-ILYI;+t2ELf-N<Uo$WZUCvG-d5I7Rnw`#|Y9=k55>=
z<K@x)g6~B}SXeFMQy#MAMhdrA4i-e5ybo`ruoBfm5mbFn2j2#vd6W&7z8gYS2UI*n
zOz-^kreNG}z4exTy8I|#^wqtD<MdM}09Yn#ZC8PMF7a0#?}s0Z8;`T&5fzZt0TxO=
z341U2Ngc$FKRnKRL<(Gx+OPBYK624wd2<#NgZJg*+Mdq@NknOTkG3c}@}5uE=o1Pz
z>3kPrC;w-!S@gK$UXe!Ip>ugX<!Z*<-us2E^-kZ{<MbJ+;k$rv_NQ4!t51A{sB8gb
zn4Q<=SfuGlN`eT<4hR&629Yp%F5GBsl`wWz(}1JJ=wC>XaOOCvUx8L&<9b<+C*Yef
zmiK3hk*4dy(YXE5g=~s#$QC~B)y^T`g0`Ny7EwxO@@mg{L01{cdoLu0onNv+y|wA|
zD=d)M(F9}}lan}x&xXf5Gm_*irc+_rd*&_>@ll5-j{DPPFrDL!nSo{}h0k|Qyojk3
zvQ{mVEN$f;`srWakDrpJdkAFt4Hp^t8rhUq$6ch%>~*I5>0tzsE_S*A3qy*HI>cxK
z9CuQGNF2NlSloGnT4MAn`Y6tO=ZxNj`=uN0P}ivFq~ti)z_dh#XaAUE%-69jd}!x(
z)s<mspeUWKSX0~wP1ezd9A2p_GqYknsp5CO^iE^e6uZ_gwb<Dr`ce+DD7wuU_x&!S
z^a$>-u{&^zi~dej$tb-qvGF*AkJ#cT6XM-0A!2D!OC_Dypipgh6jI=f1?!xwWf4Jz
z|Lqh*RvuH!;49X-0URxe&XnT<)|2eq&S7bU$caPK<tfPzHAkZ7kssG33vtV6yl?z(
zg=gsc&t8(DfMl@v+gkT>28%Vm^uPF&NR+IixV{0ww25+jnMCC-`lYnTibK-bgE_r1
zE{8hBVUGNbXR$HbWP;WVzF~?ch^uSiGv*=v!fv%RYwP@AYl=BCAv*0aw?@V|H5QKi
ztDqBdS=_L%tQn$SYqmPOHY+b(vT@ltQWB5-5fAfxa>hU1r-^1VVLb$Xh<D1*uJehl
zxI{t^^)2VRC^q$Kbl81g4ugOX#}nx#*n6JB1sKH|kdNX_;<2qjAGA$2(BALy%wHh8
z>dnz8qj`Ul>#307>N{Kkc<>S_Iz=*Sn~}SJl_3sDxc#gYAXs&N=6Ttu$>&9Uzhcmw
zB)|}N)x}kJ-hTIB(M)(hm-g$peTihlZbYnV+SAe{FR;{T;$Sn@ZEW0{GX?i@1@0iF
zRdzXMv6)D$@OtO6(>1netS+_Fq8Lg$AIe|Tl}N@T6<Y@$f|>mYy71hkwb)Bww7s8E
zG57Cjg9dSkhoGt&;igh97SKS&<Q?QRTg)}71*EXHj3Xbo)*QT`GU7rzs?=fufhxew
z+YCeZC=1;IikNU^{&zHb19<0Yb`{6InW3e~V5feglr1KdXx@VluOs#_$o=s14>WU|
zO1j1BPMU<hxwah(`b(${!Y!WdIpz5$iJRm|25j@G(z=AjMEUG~#H$qUiBy_+?-V@u
z185;7n?3dNoou(ewxB+vDK~iwIeEuStc)uS;RN4Pw9BMaGf0J0<*VK9`6KpJ=_Ni=
zT%CHwf**ekEKG(P7QGiCHlsHdU_`y;8fDT%JU7(D@@pbYe8#FPZABj&=mIOVCL4oo
z=F=2jWyUqM<vYgP!3@?V7;3VkM=#s^yM@XJLU6+ffTx}m76ZW$<185&6U@hvhLWUD
z64FfB{-&$`vBH@KL3;*0-P$ddCt)VWh?W}duTT>M%uEK_IXXfMQ3^V-<aeC#7~BLD
zpXlgiS60MQOLuObeGTcKSKrYH$?=rUii@O}p=KX+{3(MbSGrf;z-&K0%_X0G6ZY_h
z6Mg8p7Wb{B6;B~tEo&n5$0F`}2L(z|?1lwPujS)zT=Hy!!&esl9Hrova@Z9&7B;nW
zHW85ObFK{;U!g6z%CWX8=Tq5k{?g^gfrVCb);3df7LOsQ`e~can?e;g0ZBJ~sXQeX
zTFc2!WKnnedfI4fX+1WkFCgi+sf5+S$_?(NFJ9iHUZleA`DGc%5e%U;s8IkdY2ivz
zM;T17FvJr{HO}(>L>E$F$=s*I>pZVz=rdmjyLCVa>yESoUS?6K(`UcLcK<zK;8RL2
z<QYX7>;2)Um(7iGWc>!ZYyGMPnV2S|l=ybCV@k55QZ6m-=&{q*ag^O~Dyax1W0Y1A
zxd^aqA$>5Be4mh<@8GpSA4Md)Rv-f*6fQlz;zv(ab#w{tOqxR={mCp2*r71G5J!-3
zTWzSaEqu5D<(`X0PkCjiuXxa;JH;{`1O^e)>gCM!j61W87w?}EU)(zVVoJazxcP)x
zCl=^NmDt?rz{8l;GSqL||K8nblr^|dT*vG_j18>SxiF-R=%hFzk7v@@nVnkWOIjto
zF@OP5YmtP|8>WDKE44+bRTVo!4RxE}Az10?;F=N$$w!`lH!}S|q^e@0I`V~{JTP@@
zym-U44<peb>HS%lM1(1(KKz@X>tM_hqwHSh9yw2TyX+dR@)b#ps0PgjBq2*9l$>RU
zD`O1PPWDcM7iHU2^QgP$ylywhCO27;Z~<DGV|be)xgd^Ua8T)o=y;&Uf6E~+-q!k2
zLzDMyxude&qDHjCLDp7`==r#;ReUtihr1`qBUa>br3*TZ@~=V5xM(0N)lAjh1+CK7
z0wD%>=}4tkJ7s>=MyCu!Q%lXX#-G-+=3$`kd&;J<ZZ5GN#t0D%4%4z~>Q6%}g<BO*
z6v1H$w7YQ&fvHn5IyQBAY;^-vAW-d1$%LYftjjLrJjrt$3A<*yGx|c~sXhpI<WAfi
zi8#)@L0~aFgI4z4S%sEnfJ?6py|p{knZcvk$(h04mN#h$SLLeub%@<!vQC}I3Qq&l
z)!b*|oAQ1ei?T(Ah6OqNB6wf+628Ns^c3T0{lV$sXej+tb~DbC$N3z-eZ`r_dpUC=
zwfxTKev?n`_Y0)tvD$3WD#YdYKC#UbTn3a^j^bjr(BzTGravE{#{78hKu5QRpj;QP
zGh(E@4XRw|iE*;=o5G&QjIG<?PZCDYsM{0o?+s2_n76In7!|FVza%A``tq?fgvM6G
zj_9gB&FL+!;k$Gg+=@wonU2oc`GBlg%jPN!7j1n$S*I}FCW-M1Rubj6<VYls<`19y
zV(v+%oMv7$I;OOOZX|h?ii?)?7%}zw>C>&Yz7n0M^GQ~YeKzP>JNui>9C0eoo;5sk
z&2MsfOJMjU7zXc4m~-X?m&2{_g0vba7b@mLEN}*rRo#=Sh#M{H`Q0_qvnKL6L7S;V
zCCav^htOUP<RwN_5vMpcReX1uF~d(Tywooq=!@kHwppY@{Q3?)>-)?q2P~6}r9N(y
z&WL=O%kPAI$Z`<Wk#mp{b^~1|bSmn?=E7B|M*DPcAy53tL&n3<K)-=>AWcFga?*+n
z18uQhaCFxcQ()A6fWq*ddILS5TI@pat}MC^CoXjrca7h9K>2QC0E-X)9?MCPALl^@
z@<HLI4br*V0J-xMkJ3eCDlV)0-Iv8eE@q+>4qFd>@8*g`<3)lG88|W3p}*M8Q?x9=
z*k`>b-xksCBJmR#DqwU>HMD24KVymxQypzl`2#l(by%eBPWIzGRvv9)wNOr`z4@fL
zgr@tqpNDrf8B38lR}7E#JFEG~({Xu8gvXv947%4iclod$C!tM<nA6MO5&v3vqH^>i
zNpjApixbnfJT}GQAn5tX*^e)I$*#w8Tt!Pe74b^n9!C_Kk97mg<&03`Wk(mvUbFd*
z!NV88L8JY?g-Y4e_l`aywMU1!HF|H;!u0PheHhez+&qERPEC-d&#LbX%YiVDVyXRu
z7kz1RtEum*b>tGhv4E-zgE|(@+da=g;Xt38%{5E!Odod^4|m;xw@XTIkmOSLF7yhv
zc41R3KZPC_ywEcM-(P%Z9nrfpy~i;@4(sYzXg~0T9-OS5p4HfHx*Tmy!K9V%vBs!U
z9Nd1{a8JbB##2l+bS!vkd;9fFY26R}nu~9kvlL{mnZtRPuK#rN;(58-09I>OKls7u
z61INyzzE};e_M!rK49B)xxyCCGuAy2QFT)p-}i1!(6h8wPi>lsf7^pHEQmXAVeo^J
z(X>}`G5UBFJmUQA)bhHlSg_miPF0mD?^8+PZ>+WQNvTdn<k{?gz*h^WVm=4X^QDrs
z+TvFkH#Z+!(mCXkK0o-M2S#y<VZ{9BQk@P|o$cogSXhabCrV6YLe3^|tt3Y!6$bRm
zioSgoWeHifT(PX;p$41XkV<^XDhz2i%ou?oY(JCSpN2AP<~MR#j!MqSbS#4*{f)rl
z+tASTHi<0DBAMygWIQ9#r`nyu+qWp8qMNY;;=*vAuHqdEsGJ3qL32eEc?}EKPA55X
zZIZ2!H-{nHeo{Y5TQa!acroz@KidxpJKdS0%dE@%loUV|nTuBFvds-EfjL`SG6`eB
zMs7&`UHv<3$_drP>F#Xxn|8R?j3;H31x~3u1qTe9Zx%tLB$xfu*_eA<obpF9J;a>q
zoq8&yvyT?9Q_v;Egr~Z@=~w#P6PcXir)eJQ;iN0sE1N~lN-6Q9WGh@r6@@S|qeE}$
zO;;kCtz`Gx6_a?PkO7;Sm-0zO@Iv@158BA+zyem3ZW6E|!^5T>YZJFk7S$z1DctX{
zq9EQs9w)+i(LdBT#XMF=t*6BD^<fS|eTjtVs;ITRQ^zX<Y2CHcR;O^$2JLEf)aD>(
z4PqOLE%w34D7wUWF@sxym*tyPenXXZ{GgcV&3BZMhiZWd>q>4SGOLVzic}J0jL_AY
zP*F$oe#XQMRHlY%{+Fd$G;ml}ih2zB6MRkMDZxZCN?{XS=L0sF?y%d}AYW<oew&;I
z^G8Kkw(<hv{Yxjt2Mbdpx1TXo&^5MWc}C^>#q03Cthu$CVxhzg`{t*n#oM`EH+}e8
zIDd?~%k1^kS@K6c0zzZgB=rRcNUWwu0t=0YxnraPVgRitC{y-=qF6Um(0+#eTn<(>
z6Z(_PW#g+bR<OoI*EqPR8^<ZiCLZR3sZfU^`i??5=QvvpMq^*)U6Q;RV{4Jh+FQr0
z7NZSW9KCYp$gh0LKN-TBp<^7nx}GG7V-YM_0Yg<#&iG&}r=^5N({xX9CPEd?)Toum
zoca`sI++AZsIDs?nQx@~Rps5#Xc%Hcob7s#v?t0fKmWRev!-td9{#w{`r77p#k&N~
z)~w6-V3Lx9S>#HbaQ$o1H1AFqdXjQaK1Z=pH826xFS=q-dp2;PuRR>cK%H?=#Zp^j
zA%uM%(lm`LnjS}UO?nTv;MsiIm))K0uBpfJOY^|e%a5eM!mz=%hQvj4=I+w@<QO0M
z(|x!ctom0rh<ePF@M%Z&!e*dozxieiNx@mt1&^t0)4)SivF3J8ISSv5P54KXmh|r}
zLDvnU*1BjHMv)K4DJm^J;0Kqb`(wjuZk1-Yf%ocsTltJ3tNDBv99==4P)g0Wh33GA
zxU69jnU%^2>jT-7GOef<*y3PZjf=Q_LY<;DN18B^<TUZDK<GlcdNnTv`AU%SS!(?=
zX;qALaO7H;m>eqA2fQ((o)Y`IF|wTQH3i*$=YXsmKCJZu@KXFvLM#jYIq#suEU}WL
zfSPd96d&Do)z=UfTzC4ZZ;aC#3S7vyIg2n6Am)e!`%&Ibs_J;&FVISI>PQoNjmMKQ
zWl7Z|29YR%f)=>Dd!VH1ZA}h^y7q{5)MFW6$c+YKPDxZbBq+@gV$_e_HaFd$ZWTS8
z$8<YFU+3oyX77;I%@}|U{<HHNE7*9NnS_!ouc2nY@*V>HGW(2_s?nR~omnD&&)1)f
z{W7X!PV$H`i){WSh1EdJZ4ii~>*3dBiA|j%F-lADrS^tO2O@>{mSMqNJi(MCFm)Pg
ze;GDSk?x;>y=?4NBM(QfmakYq=)!y^WX;MBXXpH+KNF?7P^{)MrWaYc?;5p*R{4oR
zTvG~Sekf^&?lhi=svp<6LN=MSUiCQBn|9w{x?{Gk!w!nr*6y!$RAljn@r9qH0VjU2
zO{{p|{HZy*EHWofAQi;iDpo?;B))jw_mtADIH3KRmd~z0hkhY-At(1ytb5MlXbm>W
zCTIMHfHN6x6XOcio>CoKgjiPr<4ni|=>RH&bQ78Q#A;HkUim`$Ea(YjRJcJS2RzD{
zv#-unHG}#+JzY%slhvqU?YL3)N`+E3QJt)Sb~`T{r7<l)QuBp6XJ0$JRNbrtEKXQK
zP_sjBj!jc1nq0V3fHHjC7d39j;0wQ@mah?Iv^d(c@Vyu@y6T>Qxoa_BsTOL5XPWpG
zs<%kS(!D32SoVsHyUKM^?^3;4ih|#yak8q7GdFHva3mw}E~`M7;08Knr-eiOg06?b
zvJKo*0Be@|_=j);J(;@Wi_1buS;He*iV$WKM#^htVm<VaZcsX0xwq$hztp_5R$N@O
z-sR-Np;~5Q_5m$3VC-&{Z!a|%K3ftl1aJX=AlyoTw8kLvrs@3njEf^f%k962k=*qj
zW9b7m2JC-Gy=ueT*=Fh!YRUYN8-!p0n&hwKqxIi93(i`#a@v+3?{B+ZY5B#Adj5+D
z2^ic@WrB@N*&-s}-|kC^)#jV~5+M>!;TjBIc09JAC6ahDF)Aa##kn7E@O(8v3H3SU
zrw}tM)1cV58;Cy7b>JKBU4ep6<WI(+Vy%~~!#)AsF$0HvJOM2T&e^iXdSivN4l<NO
zbFsri`inV=(FmI?pHsV2YTmy6m^A7^>dSv!y2adEs*?LdNZjRQ>N_9Jj|+PUh0IX4
z>pKuD^k+OL?+ex*75%D8hZdC&&dfAyZLgc_L}^3Ra%B{!NM&Ap#YTTE*X#W8#WN}b
zU5jj6^@K7hMr^7>Txf}?g*^jYi1AJ4?SMX_g?(|w5XuHZ^pE3UhjeIunZ{b-s|z|E
zA4gk`jq)%M=(GyJtwdi%!@#a#T13hFD*9;+i=?*YvehyyH4{qnF<ilfwE8SWIy2Si
zyx$*q-HTItg}_FX&NXnKKNm$J>ZvKBYde%DfR=$cH|f0sC3@F52*p<)|8#woccDfh
zN|JN`a-a-WJ3n4n_ok}FU>ZRI&yoQ(7@+os6EIxQ-=5=&gk%P~F1Kp@*eK3VLGU`q
zY-P@2+<oVX&Z`NR;Koi4C50!$^xq}ci@p)bxk(q%d`5?|B{XNE6r3R$@r#&UKe2bk
znu3VgN0$l*cdJc7ep$t08d}sdRzSmXZBm@UkDIn!Y;ZsGpNfeumqvX;uDko@rwxK5
z4zsH4^5~Vf&PNrbp6U*)r(+3IG1<#OO=yaTcMG?ji+=sDMGa!@Any3o*8M{f4k9u%
zg+bwYESx6sZ$7WXRhLTfirvi=dD-HE6~e57J9$7ZnJS>qmNBYyZ`!|c*vpDzGhVy2
zem%(Lk74$1&r7-dF#5fISs~a}=et?z0-PA_gz6fn+1u0958-VdH$lhnesCjdU#!D;
z<VrSq=yQ6-FRyJq^!34q&3aL@ZwP2@9S*sjz1!zVR^n7iFYzJTqd3)gGVzM<qrc6T
zTuNphfcVuueSL<`B9yj?i*MUw;V`})j<AvrYK<9<>p#!w;M`Brrvk;is}4Z##v@FV
zM*Ke6{ahU5gQ9#P4s(K{$rsI%##@<!o-YYQ>|HM-yo8H`Kl-YdH46<vV0vXUELiF>
zo0iaZF1uB=mlTWW$+a2X>O_4F4y*mqTL%Q$4C#~zeq)PG%-5ZV%+kit##MqoF+zQ~
zQBH9l?&L^it6ZMYlY4u(n##z&_2jc+=Z3rQ7E^C&X1_0}^(O_32l{N-u1M3+H*#s;
zH|9U!)?)e1RV-#TFnbNU^%-rJ<Q>d-re+Yr>G&#BwMEzYwFu!l8W#m*WE(HN8qzj6
zJsa9>+llWGTZ~?KVPDgD_R$@Ff1sg%ClB^oZ)$z5{KR#<Z3Yq~DUTqWW-UNuID6{<
zb{T5)t8(xVTqd=)4#0DH8l*xh&EPsv(x!@2u(H``DrF{LNy3*dqcf);!cKTfhum#f
zq{s7xWu9xTd?A<kxz?^BC_q#{EVK4$0c1!so&=$zX*C7L(5h3w?f%o!(H3!v-^_#f
zYpWb*zJMv|PT0o73&f+i!7#95U>9yrzsRas&|rxNAmw@H>g*Bh@;kw{HQS{aZnhwj
z(J$oY&MEB6YeEvKo&$gU_3j-A%Nf8uJY>(@y1_`^1>Y$F;_h{|mHs%}F8IfYX<7t1
zt_y~N8EC4Zq)w>=Z;FALM!q2zDKgD;<#SeI%e8mKHpJ|WrTPRVJbRkKiA|lUJP%Ui
zBjVhZ;imgUmkA>??o~j)UCK(H&kbE!9vQfH#?ysOQ<e3LTaJuHoh9ON9>kq$Yh-1U
zQNlmG)yoCRGJH)M&)8+iPqiAE*?c?ZdX#l`Yk%LG*>aO30pd}@k6-tSNIR@6EEnAy
zsd<0?9LT^Tw23TCH0kO={Hc!D!Fo4r`#W*ix!$MYi)QWy*%O7i1!X`OqGjwC0j^QX
z4mQ(d*XRr%&%2|RUm_GUw&q8raqBd4pM4zd)Rc{hD!Gd42n$CG<-ny<24eJ%kP-KS
zf}Pff>+1xQp`Cz`kN{>6?Inwl>m4%f+i?5!C7m}9ge}2J`f^2a-WApY%MJQl`|s!U
zB^i3qtYef$8KlQTro8VOsIR~Oidq!_NFqwo`8!<E*6g-APRSQ$lyhx^to7N-Otds@
zU_VN6USeI3teyaCucj0ywGb64$_L4qdyRZ4QPayUz6>Y$cs3$rizr}H7Sc<o35k{1
z;f%UWM%a!`kjljg2@5<K(Yt?{NNJDzbfbG_d90H1{c-KXq(S8ib@Z&3!Br~VhSVWP
z{L%{FtGTyrz75;%*g0U##bP+1;js^E#uaw5`(9>sLb<HB8>w!iE<(Z|ROSoudvQ-K
z)iYzx)m)qMikD#W*<tI~UvF{=qE-YvHK@1^oC{fQ`Sy*uMU&<cXRMMvmo9q0Ex~B^
zvh*~5+JS5oo(^!(bn{=b?`0I)U*c0R*M#(7<Kp8!piuLI8K$_Pf|!AP$&SKneK#@5
zI{x3*H-lQFj)dl`y_`oDa=E-eHaC~FcetEF*cNCo^h;FBJ`5s+d0*c`Mo|QPo_(Qi
zmA}lD9uyebN*TU}gw@#5E=H_mrbWVgAXHd)bP~%7ST5<IrFQ6E8@x0Gekk;6$<`7+
z<;bHd-&QB`mQZj?*ESaFL)>(H-k*`8p5ke9Y4LTT6b)ZY-84oAS)1yW@?0;#xc7h1
zIUJOJ&ynw*8Mxc6XS8o_qjU|3{jT{UXLt(A<&WHN5B=y{wS6GH%9Qc#%iGkp=Bo(A
z=kyw|w_TxcjJJR<$eP<D;X4QMeLVx$_nuQ34Q-x)xlN4yAiGH0HS%dw_h_7(IE118
z&+G5C5!d&t1(Q5IeuYhWV`q}yr*;e>Sj~s=7=&iDNb||h7au9Er7h^bs^7NU{Eo66
zbhI|t^wm>Rn3MybnYV*%e@E}t>*w%}4<8GKZ6tib8r74g&+#!Kl;}lIE1UdFM$mwP
zhSMuUrc+-8LG3xy$aSsd?8W}keR5ooPJXIy=<RuyHE9dlE+T=AbHxb#6D&2$e$Ax~
zBVXW5?JcG$^oIyTL~!wGeEoCy(1M-9A_}uyMD|TSCU1lAtJxs=hh)xI@R!^$J*Rel
z7+dgLp6iu5pPH~c->-N5RB(C}&xlVqdC`)M*OK_9%2CBa??CHy`X9>5o*oGCQl)Jw
zUqg8Xo}*Et#GP>O{Nlf9@R6e&)2-c=T^=LVGCwE|42fD3_8#4*N-=_4VCu&Or)M+C
zi}Q%k*|%fsa)B;FaA!J8s<*zhD{U!Z_YBLh=#U6?ER3z)4onVF)0Z7t$I69n%<l&k
z7DEgtb4zD}DP)TvWa-GHan)2)YpwJFHIypm8MIaz8k4tQSsS=V1|9rH_A5##I5WyJ
z!nD?LtMnA-Y;;Esh{{RZnO1-jC~Pn8*uHWY6Yz<j_<PW*ca*F_wYy$Z2>Rbs>ICQ`
zEOepN>3u=)xm0YA^858wSp1Fx?MTS(1D#C3JxyJ}0QY?~Z}S5I;u1<;Ys@@E0{i>3
zBf)Qav>P=TC{X#1oSKWisB3PGNH$$6eURbO4mX>osFh=(*R=(BxK#oc^|XfJmGK9V
zP6Y09MV#pl&c+jl{Ms6nB(Z{BeOwbKxje9b-%j+_HM_*e$ZO53;HpKSZrt_N)k;S2
zld3Q6MMG{8w4Hjd1eVE{a~8fdxYl6^gyC7S)wqY?_YbIEp7<z8KSv(GgUT@Y008vT
zuK)_tPY|#l&$I*}0|4*sv=q{wGX9_g006(~@vDEkAQli4M>ji@e@~^TRJ0$$2mt&h
z{6EqtK0c|KJ3$O>3@ognOpbruGTPag{lx_t8Tnt>jo?(p{#O8ii7fzt`Ue+GCIA5H
z=w@vKWpssD|CR19ng1U3&EFpYxB>uxh^>vOg_)Csfun`34HU>^=U{8*U;>328aOch
zPn-z<;H2<RoNVo!>>wsKPX7x&f&ah<>S*BT^#7ITPtCsn10Mq;BNJ<rM@4P_XU+cf
z(Ct5P`mNOe&OXe7|JBltwzk%G1~w+v|D%2Wl*arY_?TMT8aSH#Z*)ri2QI&*`Tyzk
z_79(r{{t5bh=G|2lu6ja5n^Bm{lAL+m4%z3^gbX00N`O90QfTlVSE4p6fBG!ogVWZ
zlZt_%wTXg*iL-@?3kxIE8S?KL(Ue%4q!beX_)YA82$c%{8y^<t#|y~(uYj3_9rXM0
zcPPpw0utrq0CI@}g}FpTng3qe{wg)0+Lt#sF9Cqx^e4nO>;Ddd8T21e%%UI;E)X{}
zCo7PXm4l62hzs~n5J;~~F-Y71fZy~d#J>A~3n47}FD;mbg@o8RggJ$oSw%tIqU=E6
zKSHoAyeU$`0|0*0pAb6d|1AX9e;_b(F^jRVv2y@LL|9q4I7LK-#QsT(;6qA*<val3
zH~k5L@Z!n;^XVVH0E)2w3*#~5VrFGwW8-4s66F+Q27x&L2}0)Zhm_#b6Tol!6N0_!
zzlC7`4>f@7TwH8Gb|4p!gO!_|9mv7<2gF}F6NEfPTKfV3cs$Vf-yphTp8lx?kc*k)
zxAYvGoa}#vAQ5&pAQuM<2RA1>8!IQrW2XHt|KE4h%Y;-Y0KnCM@x^NTzd^8YigEsC
z%?e`vm!W=#-0Y&<93nz&>|&3`0tt!y9pbM{o8@>FA-)O#{H8w*WnK7h5dXJau#1ZP
zhGJ%8eJmBsVw}RD#~aSacY;Fyn4{EswYa~x0|3A2Pl#t>h<_UD|3LuR{sV%8gPV&(
zSd@#CRaorN*WAp)|K#rLgR;WI$BOPZ{Ru&!g!JD)FmwOQV9bx9Fo=VhgAK?GVrA!G
z<z(mjJH%h^-kVxXy?X`#L{R}Ak1YKArD=c!fSNcuTG*KVQJemi@?%DOU)K`=fC2H}
zTL2N}NPx%s-{9|c@L#E{Fqus`5CDLINB`se9S#s`i3E@ZsR%Jh%84;S3~Ve+O`wkd
r#NzMG60|>9JcA$sjBITjO>F)%A=0B}0Kl8aPvv7H#d;s<@#+5n*7MAk

literal 0
HcmV?d00001

diff --git a/docs/images/screenshots/malcolm_name_map_ui.png b/docs/images/screenshots/malcolm_name_map_ui.png
new file mode 100644
index 0000000000000000000000000000000000000000..a28d1b65303eb4dad3f30211e6e7a7a23c2aa2d3
GIT binary patch
literal 106240
zcmdSBWmH{jvn70jLm-5WyGw9)w-6u@+$|7Xf;$9v3BiLq!QI{6-QC$paQoIy&i(q{
zxBvF&F?#<()_Sb!nKf%xLC7b$_b5nsNdNrv56TBAam9cBfuZ>4A83CBIN&F)4C`k9
z{6q532XPT)mz3j`J8$Kk4$iZ3Fi8f9?{U%x<8(_S(&%#k5&ds)(J-W+-*&|d$D1#4
zeew$+L8;ATmkO!w;Jjt8_*g)=Xj1&<aGjObx;Sb@3;Pzk^d{&7m3@2?kIAkPRmV{f
zcrV*vxA=y~{`6>BCS}zW8tv~#fxV~44LbPmXMZWk2j<^jNDx9JlKuUJ^1^|{|9&tW
zktzOtnC1{i>g~USOtVCj{Czg7z>q}b--i|Ygnj>gI4kncz~7M;cw|1eq5uy#L;oF=
zmKpNuB;4QGF#n8c=J)T@e<rK$_%n<Y?4K7F_5X~Y1NG+xt3Pj(Df&QO_|ExvMTPB<
z7o_n2E>-!@3pptNFHJ{bSi1Tx;57q{y9cS)^Ooc7<H^eHLmblM)|Th((fgg-6DF<<
zQ$tY9k37SH&uk9&-HA4AXlM%Foxsj%{OjxMgTo0psCFMRxE9~0n})dPoqDf#B!b_2
zbLp=O_w>2n1}m_vt=jyERmM+Sjt~3MN7U;+dQxv+B)MKy=ahBOS9E@O_kQEqo=4Ed
zP^h#`Eo6zy;%sL|`mx>`Hd(&7gII4hd=b1$YSBu_>qq(PA!FB#NWj=~IEn`i&9e#O
z4oIYv(jMB{+QT;@Hq{2x`xVF(_y53wJi|uyMKlheJRW!DmRmI#5J{o#ZYO_mKUCG!
zdsgAS+}0!6G;8|s)tR5I6~(zcFT~YfJrjA{-oMdyH{p82UqcWgsib`U$5F4SAtn|b
zCyP$x^;8|cF>L?#>fc%XW~@6hiRn@Cc!5d$yuE9Qz1tLhY^?i(FoRy!6xY08o}@AP
z%fNjnKRLeY(f1s+F?F;Fu0*wYm18?w&#VXR&3)EwY*D)jgLu~enh1x}LtOU8;J&ya
z`4}ELq@N`^n1jyi@wn@DS29laAB6~|zB&D)-Mju_Y2O9&z*YU;Wf(S)tnu)Wl&FLT
z<MZX6*P3%{qiTR&TR9PAqQ$1T+g)RhQr*(-Ho>Cak(--aO@(C-n<yK?)V2lWAGyw&
zvJfZFdiDoaqJW^OyuG!#2^ckUK`<QG9Thr6(AP)YavxchUdOWQ<mcqu%`UFA?#?^O
zo}od_as)76`WeF(F)_GnZm!67XVOdLC{%v6v|DYiX#H_T)kfdeH6bHcVj|FW9KR&_
zlp1oa4&@;iDIi0IgyqX(c%o(7sQ!#4F^-gYq>q0Br5RC-B3pJPV`_)*l#m9s8QQtD
z4B8~yG!qk_2_opDs<yXtosEWjntHh2lLw)uS1XnY-rTxS`bi(Kg7a02hx1wDx{V)P
zLtpn)QCe^H%Sd9sK03V~Ry~1hMOIA<M8@?+M5p?*XF&)M0DD&1g-0PG_;Hd>XroUu
z5yTw*R<qhcqKt9Pl=F3?`f`JcpN+LL`G7TodlCRJfYX<oOW2LE+DP{$xSX!rK|F_%
z=X%5a!QRum&B--kyGm8dm+Aq(fWD`%uPOjyVV=LP^ox}k8yh}VWNCLn8X1>2)<>MU
zQ&@CR|AVBtWbN+INPqd}S~^l!Ffp+k!aYL%=J6W}2RORZ<zGH~S5GnDGM9ioj{n{Y
zvOP(Caw*B~zPS;q5eO|SQ$rMu*?doC!$QU=cC+fv)EgO>Zt%y6d+>lG&w5*pOhL8G
z*Pv%3^vA0ZhK*z-k|jI3v$Tu!@y3Ad85+pNPz{~Fq4+I{|9oYJ+1jib!BnQYk$;7{
zp)B^Q6$>TtZY08dnpi!=lW*_g+3D)Sdj7}oEqJffmYQgZK!avN#|aJv&p!m68je8^
zvR#_lzjpo-;I*D1qOfxPK<p9??6^yqtorUXc9*3*%EJQ>&j(-T&BdLS^2Hi_<yoO<
zZrfrUte*}GW`$H8?FkScp3fBZI6XZmHIS(!oiOU?sb%mTi;Jg6a9@JVSE!UvOZy-5
z2{JOisoJHIv|0*6A?^^)iZUR{l=U5m48P;~)n+2kikSDi`7!^5S-l#cUC{;u4%E?T
zK$%$V@(`8VYIS!zlFEHKmDa(*Rr+)8N`p?<QhRSsF$-_#;@H4y?rftAGl2;L_ZSv`
zjmjI1Bec<4V0p6)Q?<J^DokdFOfk)(9`il9v=~2Vz`SGR=K7ZQI=xvV5GMP2>f|0C
zM2b7yI*V6lqiT2=h_QCfK{RmlkOEs`!il6QZDc~H6(m5}#bp?he3S&ihySu+=`<=1
zGYRdI=gaf~07N8kpp6R3d~zNJx_uK}u*<Mo(#vL-9Yt~tD*128I3NFsK(RHw-KEm5
znj(*vr!o0!M8O38a^Q|HyLmH#WPP;saTo@qlDPEFxFGwPPKVqIB#|R&Pi<|2P4pTo
zQAU%$m<LSteL%Y$A;kD#J(jP|<bn1=Pp3>&S`$2Cn#~#AKk)IwYN<i#=zJt1?VO=I
z{UfvHd0o_?=gaDHz2rUa4}o>g|Bf;(Xj0)gJdJ8~Jc1LGbW0<Dj*Kk9R8G`wR&?zp
zKW70F4D={lw<qpe8lQLQF25&#FPY!WeeJPyZFecz;gD`OG&b-7<d20~B7Oa|)I1E!
zyfg)6jsM^9WgH*#p<eg2mc?K*r-?H<k<|(=@C{*Jxu_6m%A}{y<LA>=oiLf;MEE&6
zSgCo$5S;Xl$IVc=mSG~rfB0DYG1IZC?BaQ;3g6wcg(vJ%zcQER`EfE=fPq3Y83~r{
z8_fM^+KGUY|Eh-#m*qRN@_ZwIZ8dM;o~;O}OgOUGO`8r!a+y|+;#OVZu-L_BZLz!b
zzg>Q5_Y;9<rX<Tc`*YZtYEU8d+_FDen&xU<&!R~~Yay}BQ!qNQgiZgk`vVTMu&adb
zXz=%J-#~Qf1oQ(Ok|$C~JmQoLCm^)NCFZr{KK0h;b!eHFc*i!iT~z<_Q1w(!b!DB)
z@{R)<fGhnENXyb9$N5)xtycWE%4y)Xmum%yaj>UH;qc9Zjy%0`b*U*F=tizl@4T^l
zEtTax@dUl_jch&kIpSe2LK2Hs(D!UIx;bdLH{C5i@<;?LoO`KB$?j_n0H%cDy9hsv
zcq6C!yFnq_eeY!Z*v0QxkQ>JX)`;+DYhOgMK;(#eMS4!7eddMG@J*xv9RexYWL8XQ
z70dKwLr(MG^SZ8Gk3H}LTMUn9?x+KiOqrCa9f$aBA|L1w{RU_fN2`pKlEE)gf>o^h
z&Ro{&n-9laT)!|0g*f&oReib>D{f3xOY>xZW}0dRy-^Y*{H3@>EostAL6+5o`v>@@
z1#^Dg$=N86$HI{To2rwC1D%Iph2!Rb44}lZm5}^MNfYyQ6z0?I$F?WA3?)(cKqZu+
z(V$n6Wr8#U04u5BgfGkw!b?_ck`AM}M{deow<g(Jcu>c6k7?~Dxtcs((2%zm)JTMd
z=ZjuFmCCjIz-6V!mbl07-XE=F;H4ydJN%iHFjIKQw8(huQkSe8ZpZcC_6!!o7g{va
z;E@RmG`K)ySvKU5J4jmKDLjL3g~P9|kq~lFwcBgyZZh)m*xsjmxB;={B2X~eooc!0
zzJBGSkN>E?%5s#hj2}E|hj!e^$&SNg<Gh;2nnp6iEmxQTO433m-I=t;kG;F+CGWtn
z+IYpBT$!dE`oS6q+_s)H*%!g(r>%uE3C<rqco*s161q#nS-v~)ZM$>+(6F<BZx=|!
zu}7NxXCe<h<i37|NgrS8)qIZ!G7byt&t<wr0MDlTch$@@_;Er7s07@frmRx4x!!4k
zGepMmtvqR?>uoNe6^i(8@wvRReqDOh!GNkZ(GBgIp9Gk#jOUkZ%GEtFub9eII!(Wq
z6^spOBmDT-O6jY}>xVf@aVNalrdD*GK2~J=V9c?MP2Be|dgA+bbF>7{!?6TONU$1D
zJ~rp!`FaAM&%@>lC4M_YDP+~Hjk;UC;j`|zm5TjiHm(#h9)JDZ&=2o+7x4Bw1*S2!
zJ&NCpSJL7Rb)WzGaFAllL|_AwpHDrvRg+aXfq>)$Z(k%nYD)ze2DEjW^!94duWdjn
z@7?q9%3CRZZhLFlsJb@5?~yEsYi&k;t4zM+yDIgM<r^CXtwfM>2*{khtZayQWWhq>
z*N-|{N>cH<HZSGK_&hK`$sW!&j`%#h%L>(zfO&zS#H{(luhe_*nqck5>*^8=^HiK{
zNDQE&rt$FXl^a*Yx0^s8XdZNUwC~b?Le8g$Pm50ixjLw)sq7L}Rw|kcC)SK>*ia!A
zEN{q_)p+k+NhT6HgRO7E+tjYSZq@FwcWDsuikUSn)f3r>FRQ}UQw${}8_^`IaN(*{
zR3s|-qUWo<(roabA6(<~{~7f5tVHG5d3^?!zu9`4yV-(|6Ugj5`8iWgncr!u!s%GB
zV64EdQn2_ivw|bly*O^r#nEOQ5`1d>@9KmXpIQb``3v?h#RA_<8S%|1vp2P&9|?aR
zoIYSF6E2uZhX$N`)6nY?D#_tRx#wX+$i634i{n+7KTI}alM}t@LmB7BPyCrzS}YLy
zg%3XME!>+kI8fXWj=L`Pp?~_aNAEN7xd)s0dibp3@*MVdgbC^V=TyM0=MXuB=<Dg0
z^u}@BY|UKu)Ss^swY}r7Qc2|kPJ77v^Z+R)*?fB2t4BD?8Rn;MVsNnkU!rntz@7pg
zoq#XZr{QoL=9V~Ww6T*93s;8&@%nM>Vg`Nvy(dgI+sBBJ3k{96eIuKCcX;=Cpp6=5
z#HHa5&BL>W))WD)Ur1;nsHW)0cT>3-6h79f%5$|g=FP($9mulO)(#FD&u6aimOa`)
zFSjnlg6{75V6Yma0AdU2ZF{WU^~vBB!&aeZ7za-uGKE`T`35<Ai}imyTIR!-6@#uo
zy8B4170y`ebnjcVB4JUJ@?XCa;n{%f3mIP!DqAwD2S7&s--)(B<Y9+HJxE1+dN3r(
z+(Cv14ARv<VaV)u%pFd|_Xc>h127*Nm;N`ZK2AZF-^ciE=8Nk^DP>xz+c!3<%BLFi
z_^d#ZgEALjb*nQ(^|<k9{CK|e`7yHwr_I|8y|k@L>zdDo$I0LZy&*9@H9VFbAB#b{
z<GWuGObG)dA#r$iLkAda$6Bc}VA54pw3imm2s)eijhO_l*LhT_2}G+rDO_X6TBB=a
z$5Y#0GeAi6frkGKB#}4*P6WN-P4L-$kzGItWH$W-M)l`09oG-XS*SWyFzo$2e};yZ
zu(!Y~2P-X}1M@H92j6?&_?WSE-KS|v|J+2y<yAgwQHKR-%Jw<0ZNoFa$8P@e!6OS7
zU;!4qEBZjlJ`MZY>w`xA-e7jwKSN3G5LtCNR2~vs#H&jcvitm((}n76u2e=pu2fmz
z4Bzf6CQ&HwKRU7yy_4<RMKPmU5+s%f>xIrS9S0mmVcxc(Hoxke8EX1^Fk@A)Q1$lZ
z&a%xJ3wh2<qU2qgP;+JeQlER=*J^hyxyS2-sP!$bfTb#P3B~!nPbT|GD%)%6C#dru
zB}OVD9Z6U`x}}CAQFU$8v$;Mm--aaXw5{~6u#uV$v8Q%~;#N5t$cyoNZF(kaHvwSG
z_b(W~y?U|s$dWj}Av>tebdYWdxmjVl)uo3*Obs<8qh6k+sM<ooVKp-C#!Py~k`kZf
zFb2-iU<5CNO})h?sY@G7(DJUolHqpgy}$}3XoNGzWd8hy4%2t`?dY0NAmFYj+)mwP
z@?}9=-ke*&HFX(M@L>`xhCsyay(Ff25%xycoHHy68ROFiOY`*u$iqGxuZ};?<sr-Y
z>1A&rtP5UseW*xag{!qeA;L;)CJLX_>A`sHIf?$FPin+A@(Yj}9wMt8C3A4Sf@U`l
zV6!i6Jm3k6!oi(wBokN@7hi+>12w_FNgWD0t?{$_!e3iFOe>%D*wh=MN%`{?^{#h_
z`Kl_%CA+L`2h*{CFBV$#5wGuP-+nhmrt4g9QwxuRhw(KDPDx(Ir_4sV!;%FFDin|f
z%5Bu%wBBa$n`VsbRJ^E6@#;yu>^{V~fNMN&f0sPD?0KiR2RgpHJ<kj}I~@9X4j}p2
zPd$vy2EU<+g+@#;_szys-OW}QYRi_gwzmnF6F(<$S?eQBX&ZG4Ty=(i8r2QiO;4Za
z&~O@)P*rg97D18l=S|NaU7Bm*3ys00EA{o<GX~;Zxi_}nDNwP&H0=M{6amxQdoi3R
zw3Ul_nCCcdbeB}^d!!Qy+Ue50h#$O#n;f-#5|&dyo)9d+G<M6c&pVRrIrwHb0zp2;
zw9HHHd5<1@^0~J+`2sq0&vyfY#qQi6K)iqyfT|0g4~*2q-dN;oI-lX#&`&V&uI-(R
z**wCZxxFoUy4|B*#X`4GH4#fN?TG17RX!Q$ARe{p-3gO#KVN!(zH%YauXQLeT4*-l
zaygUMzD`W6w&6GD+-`&@KozLi_on26;UzQff;1@E5ZEkPjAJC80Ozp<SBy0V;D^8F
zxUM=hl2hFQ%7*#p0$01tM^=Nd!Y6&$^5qf)3EuNXC$fL}b-2Z2dZxec8?N)V6d-AD
zRdXSG-Rd-r$dVXB@CNvTSP+U*3n97WAh?NP;It@q?e|aV%cCQe`Acy|$d=dE1lyWl
z)2SJKh&QN6I^PTdBZ!8)sKxm~<e;RbrN)gSi<#SU3xbf&8V#ur>EH)1r%}+F_mUE8
z`R5)FcCJ!Pe-e4YR`E-&?X{v~+;aP=z`M$H1^aNo=lI_mP<mSXzAHZB1hUU_#P0!O
zVu8PoE;z2!5R=oqf!(3~3s1iX84RcQS&--u4jZisaI-~A6^T!T$x=?CGvP|Z#koDZ
z9%M++<Sb%I#R4U(Z8T$*L|_&3h8L9{p+aulp+bn2cQ$`tqCPyoWOJqYubPShnJvr@
zkDI`~Ln4qrh`6<)Z_YFOCxAqdkYi?sm1Dvnp2dT>z_VITYGO+iZv6VqlYZ_xpQ}uZ
zpITntP!Qb4Vq2BT;TU1mUcZ;*$a#bWNoJ2Nf(d=%2DzkUvu<w5N~7()JXzNG-$2;|
zeG|TLuj{Ix?$B0=1@E)U`JOF0@n=TsgRo7T0kX-@dl?cIIzff2)+<RFjF%GynbH6s
zfrV3ip-!%;o+#Cg+$jMzo5ve-O3M!d53JrBpBJnqaf^Wqmf8w_I?V+&KlSwi65;2^
zd+dPQbZoA5K+ib?w4JXf7uFOwB~r`_6{TOHhp*Z9BRI7mtq^&2X)hSIsNY|B4sof+
zKnId;6wqkxYsoKcH9+jsnoTH$OvEbwW9zLP7fFdRf@0O^D$;Fm@F~^5jAfm!4jBN{
zSJ1I4;`t+qC3m#|JIy=30odbk%8!gzUxEOUjcGZh1wE(`maXZNxkTHW?nh0f&iHLY
z^36ef`D=#}7k94Ky0-kQZ<o$dA6gSY88w}ccg6sJfgaP_&cAyE@5Ry3ee84hUWn?d
zp);taB8MnivQC!oMmva?oHn*(1eQLRBMey%@|z`m|0>Yp{oO`DBI<V=BmP#e{PZ@r
zY!WZI@ePRM2$_?c4h_xqj}9tw;%Aew6Hde?H*pi!Dv^@SCHcrq1f*Y&-4D|$(S57v
zahFB4d?Mb66w~ob3+I7}dKS{^ma8HRYu+b_5O(#Ri)!m|NBXgJ2Tkvb=Sr7Z40u6_
z&8Q68Zvi4LZ53HuO!+yv-wnGpKjkAO((jhCP!!)DpXj(eY`zg0LQWM~9PHNrFl)3H
z_53x!MyH7Q(A!T_Znhw<bC_pPD<z<jsffen>@DU^s1Hk<ZgBAZAH|>4^lF{YqV$65
zx1Hx+&#A(^rEC9q`$!;!uoJLL%{1nXB%;^Y7njD^I>Uh~T1R796I-Udyw2{?Z|~hO
z0cnqE^<_v<yYVcstTL_X)ARj@q5k+sh7O~inV~qB-GeU>m6Ty2a$A`XX>OzooA?;h
zAH>x1DVTU>7jpD=c1mY;bSm|BKq3sTTU{f^cS}4eOg?Tp>f~H&#A1{Uy=?}tXZ$ev
zO@2|F>W)o!zrx@g{zi*$@cz=bztW-LEv-&(tQniA^&Ck6=A(u^Ius*$vX8i4DM^$H
z3%-Om0>!lId>{%w(dCgW&+F%_LT9Q7wg`)_Ksxj6l#5i-wx7hY_5JFi1RgX3DB4*I
zZ;DnZ?j8U^18{PMhm|kBpR&wvJ{#@P_nw;&cP@D^21PLmgp`%tgqu`+od7LdsUJ_O
z;+x-%Z5qhOpz2Jg+yJ>I+a63Sc44k@3pBj>oTI1}cG<ihleoAiL>~dfz+$PW^o-)A
z&gjf8Uq+Ki-MeY$j`%4x=#W>?*-O)|gX}w=lMiAfnNFPF9`fa)?i}+1FK;MypruM<
zWS3k4T~)hGkm#%_X(0^eg^6g3l)?TL{fAEB?CV1QwMwQJGro9w9f<36T;6+mcxEFp
zw$0)m92h5B7WQkBXh$tzY0x32cF^L?k&XY8<H-{}Zr4k|aWwNeFv8lfFTw;!%5q5m
zggsMSDN{@e8p1DL$MxqT36Le4qQY_6mtMT$0v5;uELEk?-P)IDcP<GJkk2-N#PIQA
zo7ZE3<GQP@N%NzN*4t?ka;4{{5UQrK*8ww3E>i5&A4L6$R39Iz(nOdN=tsMO!~>{$
ztj432<iGZOxdw>NIDX3tCnOb)M*|Xn|CX_&B;yHQvbNDILaA<QbG6awVzr@j)80bU
zk3Eo*$ln+ZEEa$xAlX!(umch^%1x_eK{~<x+TSz6pSKGp6a@OtLk63;e+LO~u6|HD
zJ(Qm6y}|{e>%&=7{QI*Fd;t*=!zZ!UmuCP5rPyVfJ_Dl}4UhSZ>IW>OApz*b4lB}8
zxMkrv#P}{P3KFyGN`*Hs(xqWnc)eE3C7J8LXi9R*>M&4%Mm9b|yWQs>c?`XH&BT05
zKN|A!kDnU+r2*zf$wxJY95BP*116M`t#^*;3@!7hgUux$MpYg^$t;5d8H!dP2k*F^
zqWW}0U<AX^GotWICC=G(PoM1pYShM+kn%0<A)x-ZuL;uLJiTyn6;&8jJR-Acyv8CW
z=Tkf9b>?54qTD_RmGBjYr0e{R9aIRE&tADu#$jJ~W4_Q`7|483YiR>i5p8$pD4PXb
zTpzIrK|(20?ufGFt5voQ-I3WL;Bck1{y_9NZ#1ARh*{J20)(8l*fRWe1A`|=G!6%E
zWoV41dEWCeuvE_<#K9U8ESjrM{BPz0`p$Zb1bn*R+Z?x-+}t3D`fyn6ez+b>iy`IP
zl4L$=`*EOkirQAE43Z+?DOY|gMewvCHjba8gHdT8Px58eL*>YeTS$lb$NTaz)@VqX
z@BbG_g+)hL`{bMD&jkL&3^<y50Hj{so0Fhf{+e86rqjKPEe2$|Pi#^qfRYN}7$I=`
zOP-prHl6o~I^LJ2G2#meOiq2-x^HUwZW`-^rXG!7-z3Idq?&UV|Ma8l&R00A!8U><
z+$D!u%n27xrm{@YT7Kl)L~@qtN_uO}RNXQ3nhw_QDr5>sK>oLWv>ze7+4_)At2x{5
z0}YFM4&*m<OK$?=c3bhJ#NFc~;E7UP)nGwY%E*(r*w{f6hGKPj2NuZ2uQk1%3D+{>
z)tJB+DvNEcx&hO!0_iij#Zp6Oa$C5k_m!1yjYi8Z&UJM)zJ2&okI&2Gt=<+7JLInt
zNatwD+4!*GWbE3({EGAF{*OmfPyPJ}x`ierkiu$#&>xvl)CLA*-iUBp=kP}g1<NLK
zf0%FrE(X~m>V>okLrB;WF#wuEtD57u#RZFOYib&0S3j>WCy8Y|(`CjqX_9)`ny+xr
zuddP<@m}tYh#6nNf{zbVPiK!`g1}(opO5Vk9mey_nlazsv872UhGGH&z;A|!btRea
z`bdJzImz~;!lD8YmtXv&`H0%690wv3=9#(z8L&bN15hoXSqubpP`@B#g_=?zu~Ojc
z1HM*i)^WBVK`YxpMws|q(Y<v&V*YrNP20TOysBoqc9!bO3~+$cG)UHenxt86JSJNI
z(u}I6Eq`A#To9<6H<_wm*_BL>B0=OugAQjuW?PqUe4B^(ajYERngXx-A<kJ<Q^X+v
z25JV7+V;QqvY=%Coz5vmzzSz$LSeO5M@EMqri~aoG-8dCLgdWXU#<Gn)vCa$3Hfw?
z3h+^@1GK2fyPCZCQT+}e&h<QaFTl?Qfb@1e?<%W<8%<yk87vz9s~6zH?^jQ&<Ky))
z9H61$5$n-jKAr5kH+`X7u`3}4%0Foy9)f}%hD>tLE`%4v(mk8ne4#`G{#$igfC%R}
zX1BKHx0bRH3S+o$YcQQ+4+lDg5Rpl&zx0;h<Cp6{DoSW+oQ9l%$ST)ZdLv!V?9d?^
z_Hn2L3;39c!o89BW#)e<qE#=!%)<<^$x?p`7yR66VK-gdA#UFWA8cVuC8Lh-KwadE
zM=NpZ>!q(1R!t=Q<M;u6%o8aXUtQa72Q-&m%B0UcD_%TmiBW=(&RU+rFs-ux)6Tw&
z($&ddPyyXlqsQSEq31|#>bD>uX)eYi*xK6SuwAF=3e?%7$I5pc>e)sarA{DGY@(0+
zy0O~yyt!GdNPBGeOXUBOOe;Nf@zZ-bGXI9*LS^%1y0&KSdTXrA@~UJHJ}&HR^d-K_
zvts(DZX3gZE^yl6?wz0`9G$i6_2%^mo_34&JABFNM-ReP?-FF<=2mp7u*$*a<jax&
z;gP^fQ<J~QrwVFaUDRlM1EvPlDnOGcT1`)~|J~wb9aM<m)_9d5-09vNhvIu^Q#+b*
zXRFGGQaFiZ39x%0P?1@9ff!T3xI=(%sW5BEwkR3{Qp|bD9^ke7EjDPHKixG=v|XP*
zteIF19K1@nJUeu4jYk7Y*8y8Xnvt*D-bt=Zg;f+e5IvvU!ahG~U_RfOVa8Zh0Z<*p
zKzVl2Sjf}*KmGK#G0EG}3qJ*X9C5yAm-P;fUpHp$?LNLqlGUtUn>po?w%$k-L@7LK
zSI;QZw=QFmTqM@*|I94ej@^d5N=W)!@#$ETBhm^JN@2Q&h3<PJkmH(kaNU>SuKB^^
zepc?Wz^NwVOV>?NyogCT8Kv+Mf_tR|v;NM6pR3E10;xJs)26c>QVJk`5}sEf_w;%*
zeBG|2I89*qAAYHtGtDTJq6+OZJX7ROM*vB<wjeP03c9+4q9|!ssgdD{IvU}@1(l#+
zpco&b)+3OI2Zx1;d3?JR08$j3l7X1EBV?=;7weV`MH~6a)|wz7`MUNc=y20DTkyZA
z4DfAxI*0?|giB6vYMyUzy@r_zYTfgIg7gNw0D`2D;Pvy<%G~uv(b3HQ;}sP}aC|10
z8+4K|TW|qSFET}Ey)&dJG>P%|CP7y0oh-S+3DCz<x0MP63MwGQzZMicTOSUdB}~_U
zQ-trAQMoz>6|%r9Hvhoucz;|z$7dKRc+A}C{cFj3cH31diF$1_<EOwvpqf|B2WFC-
ziQ*^WRG=&bl(3On&+)@AL@ii!xphf!;WvwpRBoqih<j>=nkZhbz0+DuUv?zdUYY<v
zvw0cdtJw$ZF8b%n_}T;wB>Qex(|4>*6PWzxDd$Zy>Y0=W>eya#9XuEQnj;K@sFR;F
zLZut#qcg?M*N1t2&G7+>m4PGS+antvAb;)JXW8mpT{Gx<Ux3#K5g8!Dn?v|hf(ei!
zaR_Lg-&e7o01XiGpT6F0I_;x;ue&}=NZqnZ{d9c`CDQ(NM-kWjdKWH*rEBeHnYG_h
zry<a30tadJAa1T8*3&KO1*+y}%WOkux7oO%b=2=T(65!jdo%yJc(Ov-cN`ww{lRpD
z8^v5$z|wG5)j@WW5k!9QCZj#aF3`J&9}|E6>ABe5|Cq?Zh4zEk<*i>3%}+*^!e^j?
zVbZa4t^ORH#XgeA-a&HsBQv>RM|gu9x^W*qvt#2$p_yNNMd4H?*J8AO<pb@rIfGtu
zDAQA~>Fst2D@9^;5%Po0T;A1zFCz|6H^`_EByJOELgQLnB2S#WgmgFrm4St?(qM1r
z@`0?yOlZ}8WQlB(SdI2<>R!d=g-L#WUC9+FQTs0E0_tAyrs01g43Y}>Q6di)X_oXd
zAdhuw+7v?}wkZ63ONDh0sKZ=~%=VFjyM2tYnK~<xlT}!qG3-poo&XV`S>@Jy3-a(V
zqb_!`(v%MNi;1ICge_rhe0t6$<5x|IjLBkuJlu;~pLua5m|H9AzPh0WO2Os;XW)ty
zsDcuDIX7><I^+a8C9u<qv@jKVJkNlJA%54&tgZiCqqIu(?3RsWqLN`RYcx<nN_NN$
zu6@RXQ0rwrGwI<dz49&d@`9r@w80DhCJGw$nq@589`(|lKp^(X<Z~ftiud0g1?}A4
zm^{FGKLDAcVC!#+H=aVx@o088-yzEKX7{>Z9c%QbC?JRXUi(+lsQrw2>NYL7Z+@OZ
z3=}F<Jw6Z9b#5r9kT2{3`oEi@5nK50ctDV8Pm5Wlo3jyl=I_Ax390VXnGpL7WLZn%
zd3Q9%4F5FgXuzHgLZ*T!-T>=d?`>*=l&%J)u>)HKp1b>;F1817*o?!EZB0nfdat@5
z3|Hx|2%*)0<Sek^v;=V4M`?-TKLJ1k%}H&-H#s_^4IZ?Sa<j^AF<bmi$-|to!?c6i
z<}|ii`u4O{!hk`3U>+;Pm~OUI4(PO^hB<0ETn)KNm0v%?SNYTT^k_t^I8}}B!1gIA
zmCYn_`+uVw`Vy6;K7Me8x@*<A8}cLb*nnqD1mae8rIWELLc<}q1I-P;#@<(!d6EKF
zF<kRB-0uI5BV+&t_;!{Z;Sq>|`+iug-cxB_8dA97KAUD$*^(*1wVX2LFnmeNy%ieM
z{qQ<O@8vVln_$(IsNd(YKc0yr<kbv*!Idh2^z!}7^gn4$gc|7>&Hx9&Op+D!*b0K!
zes}^un@AcE1`q&bR@u9=Muc>#7>|AkUf?Ez)TWnpt#L`Id3r)+yyvM9;jPz-d-=Rq
zBWqv_gXNK1but0*yCXCu0E^rE2ItwmMzON=#jBM#42#-AQv{s1OThde{*Z+^(73xF
z@oV-EB+SkwKn_IfJHCLiwlZyZS76jz<!B7G9B`I!)<a?x4i7DDUo#hN@P=l6d#LmC
zqj>u{Atc)wd)DU(B_0r0Rb`D)v}8^kkz!8%UPA(pDES)n(Re<_vcF$eawFOG)=Py5
zC<d9dfAR7tM2;$!2gi|!TJc1N8IqvA`Cq)%cX3daeU9rr@pHR}o8j7PipG(Y>^|T!
zyOoIYyAD>DM?I`yN!=1(0-Es6BFoL`Sbu@z#3u*@KR+6!+#T>r_<eGU5;zCCK{kdg
zCgV|kfJO&4)xCVNgn|`yG@k+<;{O@p3rZX$8U;B#AINpo^iY8LW^vh3r~;#KFv}Hl
z9B=`4yx~0@giQErfh8&|tgGCh%iVKbnqj-FdTZsy6Y8a2F_YUe`Z9g&W(z1g&o`42
z@`{0j-fqNh)pG+4ERekFU(PGr=>3cKdnuFPM3$+5QvO(|iw^2&N|E^*#L5Fa5ai8y
z$p1WFzVVB$3*hD*o;UI+Jh~#)qvtvArZCD(2CH#d=x)wKjDao-2cW@(xA^U6Kxj>5
zb#znKgf;z`U@9q@M;Im0_!ebscgy1v&f_eB+DJ>m<M~>y`pJ%5j=&Sg-HE=_H{ioK
zE}2CGhQghqLL_-hkZgL1QjH)3G$O~5=ht2Bky$>g-jsr8qPJ)(ClL5hXk)jqCIcEj
zFah}jsFP<yx<A4RxroqDQ~e=@&Q?$7Y#ujsDxouy-iUOdl+~*bh)Iz0)@jmLCL))w
z#%-psnXnvHmO#&|f<6Qff`k8GY%Tr2+&Bwq1^(arfFW(e|K}Tw73x6|;|J(ZI2mj(
zFOiHBB=?bsjq2d{>cv3L`sA=wqp#q33LPH;W1GYr$oPH}Orf4t3kKR(k3CObhLcmB
z9f1dj$0>usJUUC!`u>a)j|_rL&I$cxEJf8R6p3QXWnWsmE->KEZTu$fN$ejVp6o@9
z9AZq0KYd9IzK1kgY%G3-VvK@MvpzMptbluwQ<ZQZ+Y=yi;q?m6tyo2kbASVyb&cpf
zX|Q_*%LOVbh)@{YF82?_Pd3luYkmvom&<a?8z{w4?)xR&@)5!l9X@$-s%OYBw<pF$
z<>FQdK37!2ezbnM^dfS{7T>DZidHEntU<{iU)=aMwR76ISHEHBlvQ#Eb2u1QF>U>g
zk;P>pQ&6_bf*$`%2~meY=St;kjSyALHQOu$9b#^(r%}9V9{;}9J%VFl^Ni>|W<9&n
z`%8OYtnePD_7iUc%^Q*$R7-3$GawKv)VEssh|hJ|9sbfWHMQ?pd8DwcSj|g3=n?MR
z^2s(J3=eFN3)+VRsqTY5jwfLmC|R))Si>J)7<xV$QV#m~cR=YZYEIX3@6geHK9ysS
zXYl);DK3<K#X*Ha!B2#pTx$$xcGWH{ithuB81;a`3F{&`PHBU_qIG{@?;8l*Vo!H~
zd?U@((MONx?itz`nv4muMeo-D(;tXir3vWgvNrmNv)YBe$?RFUQe6eQ7&U$T8O;bI
z9qM=J-o0uVS8T<R<g5d~uWs$#hC)Q;AKjusp1%+E@#pk~0TEG07JmopnrM4#-||n$
zr=wSQ3;XUb0UfBo&cFDGA70ycTA7ecg!%ZxpUxs}!<c?1ToL|^63P8k7vUrB0EPHk
zb#@>YWlo~H)deqtS}yB6pvu%<JKhz2DROXmKY~v5`{X^|>$g%a{QCt%sBcwS0OeX6
z?hOU-t<F1i1dWR7Q8aF&<M(5Tnygm*;kBc$_xC5AKJ!i9w>zPIzXnbq0O&@B4$(!1
zoY!dVAXkMk2^yUOG6nLQh~IjB(}Ytsj0Weq30rg>m_8-zVynPAafS0fVjmW?S}tw<
zRTvJWnL4EJ<DXvxrLpPWNQ&(aom%E~ogyrb0SRFnp{gVX<qi>?3~cy*o8PaR?rCI<
z9rlTG*DzdW!%M%HD#>Vx`*b_avnTEVxgJcSfbfFgA!u7NFkxve?Mb;-XP0CxN|I#5
zr_WW?>6^@qkN+{t>0)}fa8<5D)O{LL34IA@gw^0}6g?A{Qm~3!>Gohm2ZfI6xIIOk
zo+PXvU+DXqo6|74=4Y4}Pee>9^)JSg=coCHU-dh@s*wi8*lH=@X`5bua+8~`$v$c7
zpJ<jXXp!sQ(>7KG4V>4~s9Q&SN-@)}dL8h_u2EMvfD7t-mE+P$eEg}$|4E>Q4*Aw5
zv+`j1#tymXCahG00xDI$!>*XMim3o+SS8zzIFUR0YevZwc+o+o%uwgzP0D#wS^d)D
z#;3=WjN>|iv-9Bf`>@~5f!wR1#tYGwZ9HeZSJGbCu`5~>H+LD(y&we|ATo5$903=_
zPfb&>R++FbX?C=9;%en<L(0CXKmhqpPk#lz?@Kv8{Wv8Bd42)Z`((}WjjtUmPiI?B
z9SakYY!UFERHIR{m#d97pJF!<E>T(-ClCy0;bLb}g=K!O9ls*tT4sDdCYaofnk#^W
zuiXiMx3j8&Xop1iHK&2_O+LPL9X{iGzR_v54CW!c&5e#l4wpTrX^xt#t^?ntt<;f>
z+)TWmb`0Z`Sd!GyXD;gn32(j@Qbmtb;$>FtWmnI-hwGe{vTh%XTTGG0Vj2TfFsAS~
zedlWJ`reA#u9bx8Zy};nCDyn-BTI7!#8z;uYgpM(>08zA)V@z7T6rktJD7$xPw%Ro
zxHs(FJ*woYISJqI%zES;LMPyx!4~7@4oK!;DQ6dsAl5CR)D4A1#%IrOz9#gA2Q`Z0
z$E(&LJqWlj@4GlbADa(J?&>O#YzT`P*tLhIdFo&uMiPm6CN%m{_D?p;27~3{<}ai_
zEzOfP%i%SZ{cx}}yGE5>RCw1ahc%Zm(pI@#kJu;<9p2DWV7aeb3UE%lraS`9#O8-j
z&PXM1@^9D}sTVaP4Q&jZf_(&9=IR;haN<x#Ozj;Kh_O=$OSqNvd_Fb|i1<-ho$}F^
zvZ(A(yO3<0*N-d5((<+qLIaEyIn@)5Gj1-sum=52!jjtV3L`av6@%%oCCqJII&-wm
zTQpTX+3|&h%<60ZwX0+C_d~YF3{p3$6ew8xzYl0=iu#f`gTN^~i^;Y*^u&dvd7LwO
z%RyvsD0ppio>SHYIs$sH27JLda}O`QjT4G51iZ2Q)DBOzOe>lZfxD_}HJcAs&ehqu
z=l@8n<-#)#-3fvGiAw`N>de)wUG1H=mZIv*SldNQd!pg3u<mg%tbv=|yqA`en@Xoh
z_GBk;K(DV6Pk)^5_8I&rp3-9E)0EGstu9J|aUb};|Kz1H*V6Ogxxs0ol7g+R#IRIF
zPQxY+;3AE73!apEri@g_;Dypx7(CaepGAZyTF?UDv@+S4x>k)Tvwt^DOneHT7MD4D
ziY;OfLYKmk?Wg69jQsSlciz6m9WbeVCqhJt>F4`}#>y_3HsE=$5dA$8bOfhO03#`M
zfa8hJ&BBSW;Q^xotag`h=Lr_-XBxtFMKh928FsRo0wSwY{k}Pr_x7-=R3UqfYDyZ?
z9eGO6dmRCA6Jm9%XUvhoKUwQk$ook6p9}f4VD?5`Jp^QZchoc37{tsBP1fy~J?Z)6
zGU&(fNMfVmK<;(3GDF!%CN#ete;^P@?ITm=SPM{|@Y-fk410}PNZ5?Dd;!a@Fk<Xd
zJ+#c!&{$ugyC$9K$swt#*1)vLB}-o_{NjzK=@_gu9<V*uu;w#YqwK0Z{6`b|)bDkP
z$`EvT+<HqL)^u%PeHqV$ViQ*3D_Xn7W#=qxsrsIsMOy+`;}=gQ94Q=n=G{}#AN7`S
z^Lv3=$Vu)c+|k_roxbMPFxq*q8Fq&BWtYB@Ta|u0vgfox<*q4I-4SHBC7Fm^92r9x
ztj``53a-)5)qf0jQnr51T)(^+LsZ?5xlmXD-MZWox79Y*ln)T%123o(Jl<b&+vZu~
zhFA7!5J(Y-8i<r1O{2UwM687J2W`ND<VooEc?G`K9E(O$3iGfeMr*pzNb%TaXSd?O
z?v(hpu|<=FB10o)eI0-WQ8ie@3serq!GapQl`*CRO22*}n(xL$@8ZYcq)A~dKkBQk
zF%LO=Ww$jj?$a$&<KvInxNKhi4w1Z(n0@<x6|V;q8k?6F<GAdS8)=6~3fZZ+*h<ZI
zxycM$%3)fF+;tus^=lzbG;`v2O$X8W-&_c4VJ>e+B<7chHr-FF<|kD&>V&8~Trldq
z#u<KL2^zWcpVe!9N<LkK5hBz|exxgBWVe<@i^spTQ?8|TMF8u*2P_n_2Dd~~@~vS#
z#udRab^Z`L7zTj?*%(KSFgn)6#Gc2FyuNQ+wGDLZ_O*6Pc8gRw-nxB~T}Hm@O5etr
zoDp4MXy6@o9nAMFf2FUoV(=iM1iI~~-Yq--H|7Et(C&xG=BFjr)iZ;rP=zC&?^ihT
zQrNXk`CVk~R{3Ba@&F#AF$+sfE@D@jTtTU$9VqVOzqDg@@-~Z}CneK3#Wp+FvQ@Uq
zD`K#PY*IMO?#^xF`5wL^kYBm>F5&y$r}Abh2NDCRt~^POwi7usDa+~)P>6L?xD?_0
z@4zO~*n`U!z=$#)Peb;cSmY|ZF2E&pNl8W0wX2`dOe074RoB;cl$y9nmD{j+3)rzA
zLa!2h<Dp3h;6PaONb*v|NGVL&=lYm~PO;gK3qM#9TcO`0iI*TK`g<w~L}Gucb*m`5
ztAEEvtQFNt_Bi33+D-KWzdpS~Gp`=baFxZJd%|P6pdQ{C(L<vilXY>M8@5{DzHTlQ
zI2mE_y^ey|^+@`Y*Q0O2<hXAo@<F9PrXS<!Yg68O^njwv?{(JHhod?%{GT|iqXknA
z?C5exLoO+&PiT67Vcx0NR1jS4^$cAIPYGw;lNz0H)6r^mzG94n0X1%qm}0=<kJ<;d
z^ttqCVw?(6xrI@9Ny&)J9)8BK_Chj&Nw?1`>~vp!&9!^e{3OqS9$ypbr+(<Je^u)d
z?Otw0f5C@38_^k0U7C(Kltuc%X%|uL!EAaaHrv4&(>$sTIe(kLt#9)!QMT~NB2(AG
z9joRNQ|C^DfA7fi7cIu<a^Zv;LKE@6MaO5e?ZQ&2(D@4mMy=Hx)c(?1V}f^U-{^mk
z>L=v%4~fs&RXS%<&O25%5TH~pm5@a5YufaM<X1SZXl|D<O5PRz!}gYYG|TBdi)x8_
zSe9pgF6Jq8k@%8zz<H+I#2#bji3?_^>K?g`Ba3vp=LZMyiTDYt866@dT$Qo(<ZN_)
zcYOWHMO4|xvF>x3%{LhckuA0Fe5eFY(t7DzGv?6uIydOr*%Yh*32S!DFmTPL2!B)A
zR(b}IeQ!hN#5;FA<Ll*EQYa@QE~*tEw^EsC)KWB?`L#?(jxI$%+76(uf%NOaMo~PS
z`!^jm+q@N+PUjq?mnj)qk75ROZ^k6pXJRw-d+fGL)x$aoCk?lXnPN|W&_wU^U{fnJ
zWy1vE%Y1S>tCk(AP+}DUetzb8{e^w{SbU=QGscNvxbeWSupE1_e2k@*x{vrxYno8t
z#Rz`mDGGJ&(ps(jV(v(}IL;ea;J!0u9c0us@08Gq%pjiIhhYDgPpjF$f&z16h$WmK
z3@~y+1rs#F$x}PIBx6)zh9qo+lIz?bW~h^&;3~AkC$~%{Tz=!mf@wrD_4GI7mozxB
zGQO@Eus5H976}s8ol<*M&!2H~{QL$Y_?b#@xW5|d1fJO!N@U@_<~L=~qtJ{Wp0+5h
zqS2wz%(vpXt{rqJ8mEs|hikFrxlY3_>9YAYG!B5DMiy1>>8$j?lG{{hzW=N6EseIf
znLj6S|G~;A?(zPqRl(Kt;KPCYGkJT>`hE;9Q%i}dz`tJ33Nuzhr?Hysn49qgWT5wi
ztl5)Zq{ZO29`~9;o4d-rp-jTxY{PD%7;95F3)B5_c2g>7pZA!bsztZ!%g}p`Z$bJR
zqgc~e#{CXk<G*CpzbjE9QR|o}P&LS1D7<6rLV`xz3ju8i&^Xd1cfTrrNHI-)H}4?o
z!t^zL5h{B<ja8mKF94o!tQ6A;k##Ye@|Qys9w$;l_JQa75stiAZ4v`NLHj0}+q3qW
z=9Z(A>PlfU=gX-AA=_E}`39yegH-NtImt}Z;zZ5?!66t>YEXsr*OCx0^{SQmVzY30
zaW!@Ks{w_HL^jRU*KyIWDJ-Ryc3vJ1B$X6c9VGF?CGugG)+#N0ekVt}$}yMBM=oYl
zPk1~-rJN4!b0;!2tXeJUVG!XrtXU=rcQT;oC94XNBOYlD*-P9gCkcz5a<SLopk%3X
zp6*(eheSHp`}iL%>wcIgA-e3?;*AuYxOcFK3>9Uj#*^6jXfrI_p<qTc3XmPvKcrs9
z$KQHEWa4L(+;nO58r+n*E!(n_GUG*2Fnw_>|8diz+=kSQ6UJ_C*FHWE?|ksSZi~Q4
z{;2-B_4}Lt*=vt!M}IHjcx7bGTvT#5L!{aikcv1(+^s}R;T-RqVB(9$$cNrNi9OvT
z;ZC@zP!sW;3=@d2h;t5VKDHh8CdIIW6QQ9rXfQqGl)b_^3kvCTPk5QsO@^*Zcc%iu
z{jF$MF8p322@F}n{SkS6k901Rp#goa$gr<8Nw-zQXh%k~)o~r(3Ze3+j*&3!-+|yk
zat;o`gXx#CYb1$_6=n00zqXh%#YE6eqnZFJW(3DDog*t1^>b?+@9xNG<uVK2gVM)e
z`%aSz(JVm6teL{_cQ9CC_I<9;q{sR5&kQyjtlDW?A_<>@i>#GD;ZF9OaHpx*>}i7d
zMm&0iMBzAY=g(^;lX5rkQfm^?q{93<Ld6&m+DblG7%k8pNxZ7q;wi?k@v9d-5%lTQ
zZNjD{C6?MxKmhNJ27=p7%QG@o+h(MxX%qUj(L;^5DxIDJozmf7E6T_tdgmKyMoB@3
z2!COM4d@GCuv{MD6Ce8rGPqmA<I^#Vg8C+}kLZN@JAm29B}EUzJ=rOQfo|SS%+pV<
zsmN>PKDM_P=4L%00H`4a)XR|)D5Ae+T}_*@x4fNClA91K9`=(wlvC(wy9^S^18b4v
z(Tqp1EloW=d-BjO`TcHk<eQkagL2%Vr0K78_;^IwR=SEn@tFTu{e?kHWP(w77RUuv
zgJkEo6fvZ@kLHF-i-g(Z19L!M-j1bgh<5e<vy`S8h}BVRM(p|zjqrc<0szwbI~s0U
z>tCypi~R2U!lIQ-)(-51qB^O{Kh{rL@jp^#Cab|0(lZoeykVZ*_B^6QUPv+JKfPf-
zw3alhR9R&0e<G8HEkVvHp@&MfXqkX}+60HvHlAd?<ITl9${1o>BtfAts!vwnWePVF
z#2gX^qGaqWf#g<$TF#1+M_ip-@o(ZX;UZQ88jLvjx&o~*;-9x2Iv+?#1;H14ze+?G
zCxz{z%+Xe|<HNdi;YX*32>sBr7;X0`S9;i+zy&S67>EF$j<}m#gLyB26thc*N`Wk(
zWP^9Ipsu0rTlq`O)Y3YEaEaW3WJ5H2xJ6Y_#FFtx?J9Z#@eQKoVU2qx=oJ)Vwkbgf
z5Tng?LNs5-SME~k9D_E6J8cH#m3Zw`t%S|)UJ;mCiu_!5!7q8p#k8~~A;sxdlLC=(
zr(wd1Zwix1@x;qo(6<T&;Y+3bI9V(ln<r0_Y+&zsVFOA-96o-k4G%!~?_Ua}#xzn%
zn&g;ycTR%oodoZw7ce_iokK7pEh&CeKQZC)Pk@Hx!Y9!qpl-_CkywlM#W8=IIE^B<
zCK`c#t9$VNEhcnPedU4h%7yTf-n2!PrNeD{+cXF$>N{J&)=mc^P!vbK?z8`tsiHWc
zq@<zAh>WRC{mHb3%pzZJ2ySky+$`iJHh$IYtb59{QEO0Khb4zWJ!grQA1>zd-Msae
zIBil`AOAjRlP<{*mxhjyYrOa^P__Dl!mGQq>`tL&q}X_meRKf4_v=u<8uBXu<xxbx
zRikMdQwjU})4!uA!OFer>r#(T_u`g8t@)97$-ZvJg6I1yjy&;l2=*Ly#muS^*7Rf@
z(T&sN8}G|5(9oClCB4bdDizO!Mx>7HKemb7U)?vSkFl07xX3<e`4l4TBOX{#BTIK(
zineko=U8*EfFb4Z@lHcIA~0U=%Z_HLDAOAX3R1sx$1Fya(ygpnnoZ%&W(p$&H)1p$
zLjzdQDfTwJ&xniSZ;%LqloXg{)1;7S^2`@d-;5x_7oE9JcWp4F!UN~Is~Ickj%Ouz
zuCK_NLS1f_=HTG=5gO4Cw$@kdqRO&fPpq#2h&i_ycoI6Cku(StPy*t`{1lc}B!xKh
zwS&slP|8p!KeK?0)JkfJifDZjC5T-7OTQ}KwU~=mM14p}<DlZI$jg)MW`8ohNSmj#
zJ??SuPQmeSK5R!+a!2>7wXXc7r37AajRbJiT2JFgN0JFLr2$MuEGZXw(b)7sxg-aA
zhQ-Lr3-jsOne5DS4D&fDcu#cQt=t$}ti@lCgE6XKMD0?!Z7J3r$*ezS(nr(8(#w=C
zwERAC>=zcDoRKaJE6`ezxk+U%tr!P%5jVrYoV%93lW$@eASq}>I)}^9iE&bF5<TDS
zCrWlAPdvvgvpl{x!BG*FPa}m`upkrz7*H}0LJ=^eq?)R0YOAIDqN10m8%k3{!W0%M
zxQ2Sa)Dtje-`yH0&!nTr-(Ud_m1FU9jdzX+8x}Mcgg~*V&_L5}8`C6Y0g~#6P3GKJ
z>O`RU1?Z$7fnW%cMga)`Lka=D?V^3kw%jC?87<YICg<*VQXi|4;M`2xbhK~r3?)qo
zPhg%sHWcU0DR(q=;UlC2lOA8fuccwaHVa9D4(s;nHFg^sct=?Dg0s$Kon_!U9~>;2
z5MdprK!r>2$)mN~h9pdUBo;b=Ze@o|UC%5oE*CQh7PX$xamM#750K~9M{Ji~DI*b`
zjT)A@kgywuZkNPXdFiw>N=}*q{{sO-ZE>5fLDbHt+k(4_k2oOfl;bpBryt4vu)QZ{
zmZY?Iq;g9BJ~$sWHuiPNV7J>q&5|-`o%aLQ$OZ8CaH5m^PyR;weBg>>K{%f%=a)AW
zmg6SY32!hC(Y)S+q;Pf(WvX19a?&#_4FxA3SEa+iW|M~K)+D4;3{*z1@fpAY(lEfE
z><{H`K_PmHslv=t57_&{YHXT0r!r+)_rY!7J33EVahD24f8{ciseC-Ih+_|Hw0xAR
z)&cM>An@v9WzJz?vlMG`7Gna1B4?|G8^4vD7z*F6T+N~E3yBB@E=0IJ%oP@GyDvA5
zE|i<z9SA?sFK@4x<`2+m(#suM<fvC63pZO(Z#0Ki9mQ^|`3NLJC){L*O2^h-+N{5t
zKLYZKIz6wG700A4D{|Iz&8y@qb2S!q5?8U!V?1$1k7X+@`K$Ykc&JUZb%`7w|7y`C
z#rSthfs@fyw8T7SSYY8Sw}w+*b2=G|0Mu>kgf+1*V_M8pyXkj?VqDtK4|9w{iHSxz
z4kiLf!;|p{ynY{e(fzlWRS^ZLQ7A-jaIxV*jMb`p?qci%$Z&G(Sb4A|({NRX8WXpq
zr>e@kc#p<?=WBXw4jN4qY+==>7sNE5idZXzd9NkAB$JN1>Frayxuc~p+Ze#&R;99c
z74+?cDq+!I<o)GrzA=j2CwUP|;q1WGV?ZosgpgnGyM8QFd09`7^^+k`#Q$R>L<-Bz
zuiY=Y*B)cXB&5)Y=Okr-V1T8Esycv7lon5oiEMr#s`TAOSR3B~uE~fW!`Z&jR2KCh
zBR-O(EwfXEAw3~n2W>@Ibh&X1I%?}}JXI(ZrXOtM9cGL>P?r2RumE|;CQ@o2wDS@v
z#yrZZ2z8T5medkS>i@^yTL#t9t?Qymu;4I(;O<EvI0OwoA;E*YyKB${ChiHrgIjQS
zcMB5S-DTnv=QLU0`u5uE?!D{Qz32Wpb*reZNz3T&cZ}Db=N+SMjv61pP{7ZRGn*l-
zSiB5iYO|F<_j8pmEMyz4G|QEyrJkOvZef_enAGl--rikHVK`XD{*Ygb2ew2g_Y}I-
zhI8HsS+aw<P*6I0&llwlR=B^S3D%~LpPK?QfTP<pcMAOvZTY5e5c7C?VY<V30)rmB
zy9#>T*Ne|~0lH>`bo-OxmP1D7`CF@g+!D>(&j%u+U&<^!;jV<`yYN6WfkWfvpJjf+
zg%1|%QvKlU9+jVG|870?#I{-)i3T(5xB0QrvtR=N);TKDu{nR0Vd(wjJ(GU3{r3dp
zt~ImnMPDa^b41(eX*{0Ulj;GE%($VUOl2Sn(_6KXT*x;Xy_4d-ml}jaPWValBfJYN
z!*X6p1>k%Ig<A&|b2Gt{IL2Q;e*pCHfb&H%kW^fz^{{<`%zr?T+AKb(aQ9<%Y+i@G
zpFI-*DhFd>BD8>=>PG9UthjHfyLfj)^GOz~X45evy>;_O8;0@Xhp$X{#*JO*S9LD_
zBc6!N5u5G$T=x=FL!GMal$TRQvL>@~u8#no>s>%1+<ibuuG=JWCOH_ai&!_R*!;Zv
z@J1s8nRkpThBGwx_E8BL|0p3qMFmunuG+%^t!j>{X?`jHtv&sU5MdE6a_iZy3aVs7
zjqPo)*{lG*#-4O3+pC$I7rikN+5Qte)QLYuuhaDX%qzB6TGv_=>Mek9QL;nU96wU;
zLz0|yP70q=H5!)}6~G>@<C0=oD@}=BBbsl>j)i<#XR1LWbEPM;tT9wt0p^GELD(_s
zkop$^Q?*z(2Ztv6k}pkXQ&!4<X~KoX7-1mldu({NKb{%rAoND7?!y4YIPV~aIk$ZG
zNdyO(So&r9keQ#9;$eO48@Eh4FUK9e*!Ry!OVDu1d}K~YRp%JTze7dL)e$U+HL|s%
zlZAx!dlQJMFlo-Xj^8=}h?Rc4tp>ZilXQIvStJs`Lue!>+2_<DSYyQPYuc!u%8sU`
z5yc`WY`D#1B>yaUw=;RbQ1HD$=o8ir5PRHge#<D|k&rY*KshasPON&4VBAAn6g``t
zJ@#Nh49;um_EjPR_hQ=3+>uIAM61(TQLY@fj;i^RC}p@N_BDdWtH2$-BYqkeHWcX#
zKwJWlT_0YRFc;mA0Sn8}#AcRjJK0(n^yIvLuNvCx8N*rmK9y1f=AUBR;W}*97JYIs
z{qbX%V%^@1Gf4caNB#$jl?Lwp_SlToCoSpt_C{4sIVpKapz^0bP)TI~o<_s>x5M#=
z*8)I@A|CL_6uJYX9x;B}w%aoIs$xm{Czyj&0g(GY4Ux@Lk3c#cG6i_Jm|a>qsYThF
z=CQN9tWZh$pIvOWaso%S3&M$54fZ)=yxVEjcyPq!>+KW?YfL0hm{A^A3aPZtHLhVA
zdH$f@psOetl)6V7Gl2LM$j+s&CGtF4Xz@N|qPr)#z4%%jXd{gOj5szVsn?zV$Vt$z
zG0oT%Zg&<BZD@C{Bu;_$v~=#(V~d5_874<VIMXq>n;dCByYiqP%SxJ^Q@U092uL(y
zk%=9?zwX(=^%pI}q-lhSU8PB0EKV}}2#sGf<8*Vrh&g#D@|YvrAD^`^LcvH?TAvjY
zYC6awi4Q5X`?b&`gZh19;E>S=yv*9*kiD8OnHpgvs3!IbEP2K@U9ZYpzT3D)9S4vM
z8~o%U0bsi}Z@-47fE?@JaW8(qqjIY|(#Git%^s^G0;cXw>uDT+7&(kyxPf8`v;Z*W
zKXB)B3jl9etbKyOX==RXj4#OF<a_-q6s}~dng9SKGq&{yC%g&#pC<iemYAt~@;y`K
zO7Nj=nwt#uz609)xm)P~2(9Xb(W(Fk-Hp3`!1wAVV5vbHf3()R&g@CyHauw2k-}>k
z4finz>z(uBbs}_VhU8EDZj*0Fm?Zt?6S`^NCx_0U+4j|ilBLK)#~~R&M$o<H6;Bmh
zRz-S|OkKC6Vwj^*sjaq)0AUTpH69!S%&#DY@rc*L=Y0G(FB5e}*N$7A?^!~gL9hXt
zH?hJYAn9Uw>e{D>&x90Z2%ZAfT&2Rcnh`}P{gHc~%QxwhFw*lWH5Q9!$i!zqY0bXE
zcRtOz)2by6kI<u>p{-2eVX|_jB#eK1{RQH(AsB-NWbA6M$b^LZDpRXB7(7_rN;mmk
zL8iBn6%7c+I~ghgY!y~kGbHOZGhWy-eCs;i(-hnT5(k?<g!>1Kok-pwU+!Z8C8D;K
zl-8%LPVh4i-PV}tmFoNh5_yD)K@0?csvg{coHn^jr7jl1yZj>fIzG^y*s4-EH6b#?
zD{$259*-wEZuvqhVD6lVcPLfjt{K#pH`_L?8k2UrZC+Wa3mNd5fxQD3YI?Va+9O}}
zR`-I*|D8p%>$Q9jE!5BV21IgTI$CNgx()4TVPX`XIF1`x*;h}gI5p-VWs+QJ$K7Uk
zMM-+j=R-w!nSXRitKUV@`q6rol|V$<^War==7kunT03Ci7$q@M<x|aondm6;Ltr7Q
za6KV>oa>RVUIVX)3}?-{d0$6{lPCPBy-w{@<KdKjUf3e^dB1#+Ljh0_T6JvBacN>w
zhZcAGOhcC^tmx^*T=PL?UUq9)itt?hjI<cuZD^h@sk^4<o|<A<xgY)LZ||qFQyawx
z^+A*PKEC<Z>HVkAVt(KYl5ksN;OaQx*g^*w;(p$~uScle5XzO94LM*C+7$>~^g6ex
z07OM{@Fsm{dyGN5hUcAlx@-UAOw!qUhw-K(6q2C<yM`tu3@(8NoKHWww$YOSr2oU`
zigj}Z|C6i_6lG70w;)^jpOVhBW?Yl;7IlXY&@>Q#t3bsLj)9_t#>sO!7~A|%sF{+y
zxBFUi<^_?GPPMM6SCG8uEZcrnt1#F?u$qiN7~rngHZSfYDjV$xvJ3Fv*=j|+6pr&n
z&0uk0+68h3Ck<tw2yvchrD@dJ)6YrMs9#P2x8F-|l{HOA`1|s$aoU-<KElG?s*Aol
zu!v9V76d`9YK<jv$Q3$ZTnnh0%OQ<LLq9Y>^L_)$rU47q(dm`BF|TZ^ES-kd%xJ#Q
zj1UUX`24g4y?o4@x%yENG62EOI{&BxF1}c0jj=`ZZeg>2aTk#MCeB4vQ;imd=2`N?
z_>YWttFNW~`1ulEyvV%WR)<zZH0){cAAgv-&kgN<X2149DsKsc3I#CQKrIqu&U+50
zUt%KywK=z8@Vt8_`k&Xlu{EiRkFcXnp234wnBKgjz~1xv*sr%+U*fzp7dFx-vtSkf
z#-eNkKyCy}@5Js1fSPbBD#h2i^`tg6sIrm(v79(Mt`_-Q3u?u;n1I^I{u`V_>q3I@
zTRc1nSPv1htp-%<@QzH*`m)RPC}>u`bI=`|2^C+k8M=|Fkrn$>cqb+nB9*A<(U^G~
z_kvke_K<3Qy{IdvT+|FZ{QWY2y|8^8h$`e6B1nJ@CT$XZT&p49;LH@e$t)s!$cBrn
zybLZd^US))jUwK&rr+HHycDoXqC+)04^=`eH$3b;!<wd8MzjAHNGh5#`;k**)$dAm
zn{I3>#eXco_|rf`F(N0eg6Xow*ptwi_-aIUd<$57O<FrN-%(mLcxptkf~)XpQ!qH_
zj~IWNYKHle4yUbj#f`4G{o=M1hFQ^DZ#A;xuQMhi2L)wVo$D)5*rOG+>*$m*L}3lH
z{MI$1a5a3pE1N8Cxn=2H@%58u1rev9W<+}$djwWA(Ld_!fKt2vC#y~Ve^X^P`d|vZ
z^O@y`-aR~IDrSL|Ol2fYhu~+P5s|=Wmp<=D&Xz)Au)_*^SAjhw{BcHI8__R}!9hY4
z8;Px5^XZEd1l(ui$*u=p25dI;zhr(_+Rt@n(yD*Sf{tXFI}Eu@ZfynLT&RYXA$Lw0
zr^J#e;?C9BE|uik9`4!e>OQB0V2J=5epd#X=V%f*-ii01zjj6OP)}O_vXcj65rid1
zx#<t6h-4UOu0|R*V?xAG9p4-ICD4|)4T7jJ=0H9qr`0Arf0{r+F6VM<6E=d>{W&_L
zXM&84gn~?kfD1BWI`Z}Feg3bP;)29b7-)JmmJyJmu{UFT5!wH=D@MXV6ND=dj;d-!
z#h{`dWQs;N`ExLc2Y4RFv?vP8FZd*467iZ;#DlLN4`SH^I~Cti3Qs<J!xI$7QX|F{
zul{(DauwK_^;yKX5JATdi%{Pt*ovj%@t{cO7ZG3ZQ-64M)W&5Bw)S}t@T`vqAwh8d
z@X^nJ7kTl2>qW|92V?h{x_~-!c{MfgbL2MQ*U_$J!_=8an6oB32`&g8ks7!SaU+=S
z@7sta&G?j*^fY_jEIaX*)z&^2yj-R}di;?)7VLF%kzRfAZoH*Ot%kEhm{M4eMG=ri
zTd2|BvXJ0NV4Bek0nS`GUh65dIX!L*Jc{gzBsW}Y_EI>H`44G)4gOmiqed6NL_s^=
zA7wUM!1)}Qz`fv*sGzjKE&dV_4bI;p%ILGw*I!{jkGMQ+fF4bCmDt^Vo4Z`@&b>TR
z;@*VbwK!Yd1Ffh<c6Ev4zIY*V{vWSvc#9GYNvyDISkNcvdh^YoCAGZ#iur4e{*roJ
z?2lKH#}!cVi{@1I;?@I~wc9V>BUNciDEB%x2doJc7dt&{xaSYwyV1kCK5w1y6?YuC
z80wX<Ufk66>6=jd`J8r9YEYI<_AK3BxO&>HDNV-^0)MwYs)A?t9-C{Lmp2dhP+l%L
z?&~s$c_?Ain4Dn~_1=-4{>Xet@D)(Mc`L|31D?k&5m~+QSnBd{;j;q%;)?h1X{J~=
zu7oTxrM(Gm?qa^nxJD;`%;jFJByq-TBpAJ6py@Oi+u$P6p<D@=TMYXk)F(kni7{wp
zbY$Di!~cfTe!-cT%NS8r@akFWyoc{_^EJ7r0~EQ~(;W%eP430ju<DUIBxhJ#foI|f
zM>J?sso~Db!x}oh^VtmqI*lhw`E1EJd4t`8iGmDr?JS6TzPyoHyI)s9y5|*)!!;-F
zVDU}6q1D+Oy*9}&`_da8ni+)^`YU#>^b!@h26YSbcKn9KAHu^@VfoqT)Uf{)3xwHn
z^#ZteoObG3MajJ>VVqEcpG-pAnr-T9pVKkIv&3JeXmW-w-pKFYpT;}O7#g@CmRXAS
ze2ZE(%p}JJ(Hu@!icmG7D*-(+<q-vKVmA|$N<{_yk*P)XrzKa%BbgWu^mdm8|D@tq
zZY4M9S@*5BH$uH_ZyF?7ofi;l_IPuKnnS&Ij=d;b>X^Sej=1-s*W94g6V2*5Hmtb(
z=xR20o%0U!Y)MXry1}*VW5l8tv~*Jo4LuynIL(x-ZJxh(+j6GXnJ!1aLicimhQy8z
zTnJYl-Z56Y3;7UxPmTn_n6-OkYKXbDRrQFiM5RJXxO*aXY&$-mquA6h*fkWdl~-Yg
zBh10`bPpal(!T@Ot~7hU*l>@#*bp%wK1o76->+MltT<21MZLvbY9*{8w%JqIx7;4p
z*{a8w(_=pwLseKZ?J|x-<t|YhRsMz@HFK0eH@HuvrT{Mdy2hkg#@PgdhUv6(#-UE_
z`<Z#(p*z*h+v)n?UzOeKd_Cfabk4_xmNK%}zI~7ZQ?6)?K)M$EZw8k3i6Arl&!=9d
zmaP*>lyspv`VnqU>Yxo@?u6u4lw!KH|IQa!vLJ+bP0G;?Vzkfm2JP(VJ5?v@b72~&
z_$;02(QEuNDKeGVDqZ~c4j*)({sB{C#Dc41el~c;ZUHT2C~eBB4Pq$)J<yl1gu<Jo
zTHF+S*}UR~bN7DT#>u+9VC!f}kC?j!my%i?Kl+x{FIWdvL$eAhxB^?)q}R|ttTHsI
z#gCm-iPvP>uDbD&7>Np>5sudkWEEf!TU22mG+}@3H};%h^w^1P%<o0~uj{S499A=%
zuA{<-<Lb1D63Kzi*IWmFBEFrZNh)BgE5_X-;RUFVd<YIR_k6K%%mc6_p$)f<4pC=x
z4p(xiB|h5};;ZOV<5xP<U%$8)xUdR1S0h24A`SYpxz*O(8h1_V!HXJ4#VM(-(GN|j
z8H>fnt4#r^*G-4wM)yNwp{t-FCzxKV_rl!tn2{(=$?;zJipyI0`Rk#%8~OVV{A2dJ
zCZLD5cegt{R5_#^3`*#5K`)0^bLPS=GX>17EhH>cwQ(>nxUy_!b}c{aybX0tOdK^M
z9IvSV)U9HhGhZA+j~RD;G^EZH7<UtLbjLK{-x-M!X7P3Jx4M&a<KC~Ln%pQ!aP2~^
zIaGM<3wP6&bj=)srY^hp%y_PpUJc$k<E*Vo)dw6C7nwo|8kJ#tY+0@2WRIJX3GV!0
z4sL%j4t`8ZRu5M)KxI=GeTWpno);4jt%u2Nz!0Kb<PV!fL=7-iJq$k@=M0*h)S1>k
zRdcV0e42vi^&{#X8)F`P!?d#V8)TB}F=}z>KTy#(BP{a~?HX1eAGnYq1sA6~jFuW@
zHbT>RR(LTlmP;qAGAq-R8#u!jv@=8d`d0&s6>DZy1%8vCOA)NcYQ)<Rx!AnPH0Zv`
z-47Tg9BFOy!NFI#*Q%reUGu@_ccFuFl^N;jcugq}Y7Y9P6Jd*l!w~^kAaoP80PWc_
zH{M9(P{J2b)RcBkvw%9sXT{mMZuK0Y!HX*K#GW^te1%d`Gr+EEC*;!#c023Uw=W+J
zbJ-_<h>QKIOM`t;1D0luRTm6)VUGXG>$)p=%Zp673>YAn!hqyp+8=G1w%a%X-5+lL
zLhc0>x4K&lT|AJzW2U}X^75PJ$M2J9oGjv=<gHA;&1%c%tYqFnzhlxoZik^94>=dH
zp38pmR=x5lS?;A3n!)O`tiD7>_NV|1SYGGn_j{wKvzV31)-tw}?v`PbE0UU?qC!@r
z-!IieCNrt3mhrOa2+N!YRII$ThilFmq;>9Dn_G-ud7n8@ddJ?c1qGyb!X?qyU@zl=
ztb0HF?D!OC>id3;jWRk)2XX@E+zShOC3nG3c#eYHz)W0Cm2NVA!`C-ojyKy`nwZ9O
zd>x8y%)8kGeiA>!S=zpIJK=CkEl|OIcM>Ph3Z}%S9To-8-}t<r<;V89<IM^KtP8qT
zKU%Z<5ld%7s)5V&Ge=QB7grxUf{O%oA^TFuj_d<s^+kNDng1s{7k`1@i|pGwF06dd
z9YyJ%N$3FvX8#S7?~<+gyMke~C-La}w59u&W+Db7wtjNJXwp0Me<*H1{AGsD-m!iw
zR<N|SYe2Isnre_URTF*{tin+#3x8&(mRQ|7|F(#{151R;EHyTVPyg`8q`NXduyMb%
zwex=VLWr_#)^*zIkAt%^p*(JXG`Vr6(*f8e=h{>59~$osmTwAeSLqjF)*a0XOX5{E
z_C&sbx3ix+cN^29c}V+c$x&BwsX}$+;tacK$>L3R1^meQ3MUjR4L`bMAnX*$n`8#)
zNl0fEMvD-Scaw8$x-NsQR~<T6obG+`oPACMA#KWvs1QRZU)=5DR=qC_aY_7cFDW<l
zHmA>;<`OlS>CJU;DHq2D0_KbxHu9Ue)i@dGYNz@uW)FwWXmm2lmAC__Dw;(JVd1#{
zR44=CxcfKseJ|FG4?VX8$WPcC5LHOZu?2gC#>A6<wZP^umqv!>28}ua-9C==@eF*g
zYP&p4?j0Z}`aF1txQ12Wl=c32!S$8x`VPoMd#qFrt^N1xlZvjf-juGix~J&ql-oZ>
z1L**xJ&O9i;O+92tX#<#z!LxJm}Nn~D>H)GRw4<V0jxHnAsJ4QN#XW8eo?O5xt(I+
zct4}I{nEGZoCb%{GN*o{R4jQX9alfm{%0+KhX7qy1^E|`pXg(DD?gW7;K(XEyqCDo
zqR<~oj>jiZE4qqFL$CBJnTbW#P@-7nOan(PxH798u{v<Z;<abz9j$>7z1C0(5Shf?
zvn$^E3l$3i^5T}gB&GIK!3VwxP46(>U6G8vbNu6Phz-o-yHQsTvQK_89`i+Zn$&@1
z^F{-N3u%57J6mec>w?{>Ay!AuUQ-Y;_>!4b9FS7W!12NRV)_mN2F#%ZUCh8DM*nG8
z16lI%AkNBUpwYH#k?y51q7L6k0FLQFbErMc8O`b|^GOnI4K_9fO*P`#WZh3wQ5?`4
zs;a*H^Wr+T5S&=<GU&TV7t>D(QQK{n*B31<syHC-8-9ZeaVUuZoQG~0&sY+vi3>X9
zHmSuuLSV~4^P4VIA`+Yv6%-%-0<`1>BW?CRLl>;)L`}+A{e3=cw{{59LS0(zUZB0b
z>d>rpyW%DDKDAya)=rctnHhW4?l0^}fc-?9SuJ2C5ylagYEVA~q&FIw_@JhANT>8S
zZ8r$y0TFnNQyeo+O_mjnlcB3pqZ&73(RC36Iy>>NPo7rXi->rP@oTZWpzS$Yoefzn
z8uR}#m397|DxMF{UcFs-MNeI4PC}qIWiX5s(xNvWhmgIdm%vCkgEbsjFB+dJVxBFF
zNfLV}5VwRk{<4q0HN5?u&plGS{k{j`&8scap;MFyt<m~MkBV|yxNw(;6@utS69mfR
z4ru{b!MajTm`w7v2YwOW+speG)QYgl^ic=go8JPC8S81I`LNBI8!C`av6$DGLgnH4
z_)ySo#QSTz7*%+lMIh{=RRdd%4h7yfz2Kl+=_{JxBU$s0JD2*BDh@78G=CZq{RD_v
zDb@ii=eSQ;zEa&BJPx()Le<pilso%G&p<<EO6}k2y5xnFdrdi{72mloj&NAlB64@h
zKK=bM_y@LHjtkvu^rMTyQ|{ts0=ShDpY}owX)7t=V?P%oR}k2szoAhfFE2Y5S>16m
zjlvz>vV9IXDi+N8XY}>^Xk_Ksmq65`LRgM13l?KBqP|?YYWy`T=ldsm(FQjjHHkDj
zb~!%vMwZmUI2Ht=#3|Zja*}a+ZO64)y`Nk^H((AU+X>shX9Hd9hj&k9)f7^hTV0nZ
zxVps4O+CvV5DIl|>WeMIy&}PvQhqM5UtSxpBRDwMepIN&%BT_cS&E<_3w>H{W(z5f
zAWLq^IJe<Z%4`|7orB&E+5VRHI)@b1Nmhm0PSK*NC5}#?6*q^!+IAQ4_BgewpO=t+
z4%pIIYX-tbG8!6woF@%OIz7a0*0!XJWxF^k?n6H<u|e2IiGY-;_QfVw9QKpOPd2j^
zl1EkNmRT~krx_?$-ca-N-$5UqKDj-B`t;PuJrMgm+&mOFr_bm+VaV#ua)w@I12Mwz
z?kj#Zy(!IIIc+~P&Kd(d_ZRQq%av7fU{0N}&^aZs2#umR=4#ts3U%Fz(GRwXa{2nh
zSN4$zeA5ur{v8lDcwJInHYz}40@#v6|6Io}T>8cx4wU-UdUg^?BT7l7W3E;}_&KV_
zmFYO`f0ZkD9?Y(qFwT}7rRJ<SkQ-kmr)T0q_Fhh4I1pdr_#Vh}?R#?YL7F;evWNsM
zQt1yj`_>FXBYv>rhULjPix1~}4iD{^y24GSGjcVkaYbHvk!y?CDL7h%F#XKF+aHr^
z^`9=#y~Mwd3^yG7x+bBXEl;X`r6Iex=Z&+`Qi0eT0M^0L09$pTF5R%|0P|<TjXN%D
zv)KxbN^3s!GeLuJ(ABWJdRKM1xf$0osBx+ln86K4J2TGiSGIP%ZZ+mA7-1`FItGFZ
z(!6v3a<v&Xop_H}U#My~cF<n+N(GIhDY*E(ce#y>h=C>iKQfCI+xz^t7e3(w{sWU_
zw+^-yTt;jC4V1;?U<NK}u;=a0!4tyc<J_9b$wbXWf3I3q-D^c%iE?(c8QCZAi;<yP
zs3wlDUN?2bUofMwVtSMy0RL(LQT&hiw$7KLT$L~cCSAhD{VfSpWd5#wu@WwF(E@~6
zVLlT&5ww}ohBN3?+MAA@8kJtLSA%|Ib~|&dNle@5Y8o6Gl<DNdSOeY`b8aE(Hx#@~
zMJ!3gBYHLyvFHnh3)BG8vKl2rNz-1AzTuZ*pDBdy$-JHwyY9~fKpzhOKv+_#ce3+@
zju88GhmWPqTE6qRkzx@N)6y{OHmrQZPF+}R-CQ*BhJdKQV9J0Cjie?mx%W%sJ+Mu<
zxz7KQOQ?cx320-<k_no!mShA&y`+Ro(xcR{b^eAfhOwb60{D-KCpD=6k7HkzXU2O_
zY&ZxcmvYZ-BIvMkTGwKur(|0pWI#i+sXY*2^g4;>8z%Ih&6^2O+th2<y6n8x(8Xl!
z^c67>cZ>e;7osI72N<P`YW>z-!pY6<UqA=m7C#rd)+vO^kY(V3BFTj!oNpp9q0|y0
z1}fxaYouTGdtO_M_4cf;Qu)IN3vrc1Q4BwO^IxMfYyU)Ld~RxdLU&;Vd;bYm`}-k4
zGeL9}v>xvjw6%ZffIN?|+tvUSD6hD<yP)JC;(xr3tD>q3NnTq!d?4<Pp}jrpq_v>n
zCDtK;JOu%JGVAM!fa4kW0^RjRgcvBu&-|hR=nVZoge%51`E^EBcP<<b2_vnvGztsk
z3;YtBU~hl;A0GGrd=&5x68Z>d-fv6@Ovhdtieyl|GBq89eTg#rSJ092apzp(3ShWc
z2&%|HWs68u<b&w{f_{c$s`XsHJL6S+L|#{sz6T*YivA0nx&}ANDu~q-@dztsUJBD1
zw9o$wtT}V}**OeTtONiYzqB!U%Lm7^aQ_QV$|a~rx&}A82Y$p9L&!f;(fyxrYq4Rg
z>-TR7h>3d+G;5C5=X!>J%+=WFTUn9pyxHiyRV$4sG%QSi6nGcrOKhCYfWJX#N(YlM
z-Tt=rcF)W1O>W(_#ipA}hhwrsX0f5TP+k3%HdVK?mB7o*feGSDRMb-uZj<a1Lk6<>
zwhq{^-bzu8eNDy-M}&#^InBrh+j}xt04~2qkj{tFh+)M4vIC;o`2+>Ao4;J03)BkQ
zulXfeu84Y0PlR+$`F!zsuxOhq&Q>O_SX;wk6{53O?=hZl`+fYvGddX=Cgi`SJlNz+
zhM9?rQ@A$!-@T1$L&5#T{63L!C%Tq^ZBN3_fy=xd)mr@Ym|CwrmBC0U{z=x)ZxK#Q
zTFOI$p0B3v+54EV=C2T!3DU7mj_PGaQSfH`+mOS0TT#II8tT<ty@(xmfX`~w5YYEf
zz7~0}xY|nSS<!FWeI4IvNZK@?(yCkW%(z3>VUN|v^BHC`_tEy6+|kI-<u-Zp=EBQQ
zX))l!)<$XvM(jO9Dnn9q2^8cEYWIH|qS5Tcby2ncI|-3Txv#kOFb7iY*Q9C5cn)eg
zoUwh-VnMbokv&$uf-qjes|(f?{@M_K-{g0F@*{zP`irOGj##dD2oerVhdv)D%cB2~
z7mq3=HD1SRoOyQiq!5E1w}(cSv`Dy~@zOaM{6@%k5!Hnu1P5b|z@6B|aE^U{>mpx}
z=ObQ3W<#7n4O7XB*n24+T<g>!=PBw}yTj983hxehj2%T3a#&`4o{O8`4{x=5wgr!N
z&u^)wt}o<4d5TCajZr4kT|OE~w1n?={NVZ2h9Rz;elcZmgXpDlug@2gj#u3h_7S%l
zt#wyEJ^$r+x_g$DkqvS%>m!)~NT4k0avL!~l5WJ2j>MGpI2Uw#=cl#or)syv`-QP2
z<`O4>ZmFl~#;UhFBSNm(>vM@u19zug7>VcoX4g@Z$|kdc;FO%vzJQ-3E{OP_BXJ5r
ziMAe>KH|I8x~WlSo`owU{N+_JGk0*W5I^z+t8aC_0j>&ZJ7XZq-013)nJC2xq(EMO
zM@h_#j7AWivrK7aOwnCD9bSjQ4_{GaN*V`@)tHQSE+_aZ<?jqd`I3&3I45yZUyrQb
zK)=ZRXz%Nm#*H0scW6W25W#VAuQ^TjhnRCGzTrt%yBX0^_4|FIF-~qHX{{48*Js}T
zc8);SrDiS58G*7)HWlxCR4?DNB;H`d8&^Y9S?2QJE>?Or+`i@8L*gF1EArR!^@_|0
zJT=+eVZwxhL1)ghi>HQ2<@qn~ybBb_Znio#)}i%eOP>$2Gu(TTEeDFv?^2{Vx0Uxx
zaXWc&j0A%2KDiiY5SQDd#tCTz7hD?UkUU&c;2(Vr^oMaUvU2RS&htYHd-5aXHiy=1
zR;3-q)|XFfRH8vO!^;t_&jwYGH*NqcjSi#-t$MgZd3)`SwPwQ>Bz|lp3kw<v!7sV{
zfV+K6w(PyQ*Ogu{XXt;D|4o4NWk6SsL8UQ1XwsM*CwhVhac|VmtO4sajZ4}Y1gBr#
zYdt(K$|%i6&EFxT+x0kg45HwS(jyHzpW@f0j8=3d3dzL8>)WgPMViNhtpP5aG8Lz$
z0rlUcG5lcAS~Kms_lyhw9pJ|hQi&h@M8u%Vajx1|V;s7KXD>&mKlB~ppp?-o53I3P
z<|7O6Pv?ToU*<BSC<<_HPWSu8#(?6?I#wri|5c7|tCSS%w)K^vtF`SWP(qlVsEgt5
z<+fXu+`C4>pui!)L0Tl~;5Xg{5K`IGyoz?%H8&m4nTg*YpVo!BTTjs{?$L-XV*`=~
zI;%%-==kPg(2pmVcXY$N7QeD1Ct1Q;!)WdUW1g7!C)RQmiw{{7t6A1hCd}(tkWi5Y
zFts<L7qoScE52ITDJs}I_~b7=Kt+<2{SQjFPMs+2YY`_%sY@AUc?xq!RZ>V58zDD3
z$Zt8#4h7K*tWiRCA#3eVX7e5HsxvuXSV_7{(l~?ITr(^4L01XE`Z_gVqtsf4e?!D@
zq=~Ot@-cUItQj#b8*e*Ytb-(2js=ZGpHX7(9TX9w1an$N0?|)I@7Bz=I~Zbsn5vC>
zNVu|QTivvMd2VaB&gL(+zgrtr^3tJkb>%RKi*>_rt0De<n27Y?kG5o2=HM6nZmqmF
z@PGMgZTz#)i^Tw<N_2Ba#MidCbX3{vQCvP>@<qzR(+bL_p&86@;!IvVx!j1>_=qDa
z*-b)C`kf`wxSujLOfvdpfRU6ZO)mYdaxGbpqfPInXq;|I@WG9oXjxTe#x0ht#t(UA
zdMnX`ydmTXHCZu*8k~GyM8{sfUwrc8`aNdvnL%Nc5HVRCiSMi&aZ{~qg%fl7q-w$-
z$W>voXlcGu>HcU-Tpzq2E8fK2%kg`nyNI%js}MGS$3RPYHTkfROltXYR*o$MpPHj3
zOOGpTC(>d`aVgdlRF}-WVw}tn(jIAk17q&j81%ASG3nJFXc*%Ds|2F9hW5RSNOLgE
zcglYL{U?Tmz|dVX-5{?PRZcEFCl}cvJMd7)qnDkyavvx7s#qq#1h?Z1C;y%7W0o-m
zEfd__w~oFT(}AKkv-av_4HDwS@s=f;A!l;2X5GjrNF^IbDuJJjLORbr&(sR6@h7OM
zpJ0|KVmZbd1;dgr<g0Ih70pJ*svWt6wbJaT9@c<wOvcTpvJerf+d3vZe{=yJ(=i`a
z{Ob{tquYufbI$^-;$MzthoxIT2$K+3znM#wpBn&F+aW`0Ai5($3B8VmKq*>x>M*H8
ztjzFC3<pJ^r#g+4OOxILR<jo4j1sa6v94u5^3?Aa_ZPGc&mXo`{E_>hauU(HNnh<Q
z+Siw6m>Q)Xym^Ri?U8@c^x9iQ{)P;xDfK6VOPC9}*u8YSAsicVy$)Y#MX?f}ELn8j
z=JlRP#u~-og5lz|#>E!mSrqb3152VF_*FoiCQfC@0mthb%oQ4cv3ZIUXXB3oGyy%w
zskwJ={f_ZGB+S@WVJ%#l<tZXm)y|C}pP-#F6SY2buzABC=&|_c7&ipRz>;DLS{pq|
z?lTv)p2sZfA4bjhCrCR4Wx}4wTDc)Qr4BVaP%@1nSD{E(&-T?0M5ZjWCY?ate5UuM
zdAn2+N`c^T+eQ9UhHA2pTgG}G4u~gv*Lq4l@~P&&ZSg@r!mq_Yg+X(I<C6-zS@Wdn
zLq5#pk-LZh*88;*>uZb&k6fk#d$jxxjHD{e&94j7>hi&x>5O^RvbanQX_!lPa=m=;
z1x1oRK*@rF9Xyva3fCM#{ce9L`!F>!UFJ7<z_|VVW;XD?b0}6S4=}f5l`9m@e6ZQA
zf~SW2=U%%E7$Ay*;8?7lbVC$rVB+Gs{WP8Zp&1j(sY`lkF_KCbA&XXb2Rm}G^X+RH
z@Fn^ZE1kuIsQ~1MaLK}jR-o0sNX103Ba<;$?!CCQEa7ax4?Cwg^YD^&Hj;|BtnQVF
zR|$mRzSk0W$b2y?bVdmu>Z9b-)jZ^zOz}}*>js*wB%nkdCFaUZ4oSX}{nxfVd8=Z!
z-xuFSfPs%!)R>>vFho3!fA0{T5?e6U7g6j`^kUfEMw6N5W8Ng$$MyZsZMAUf=x}zI
z2XaRj<wW%9`AR$!iov(OZ0ot^H|uuE5{^>LieHtYb>u^t3zlqifDsAU%TD2Sdir*~
zehKj!(p`T#FN0aMk1)A5R;TCLpJu>P1L6v6<~$^Di;mvyDK0!Qf*%WMs%|5jr1q|i
z4vM>m20vQK0p|>u^W3^S8*@hNEM*cf(iJJ#jC#Bm7+|S1+uBoi@g$Z=o36ah%`(<A
zoxo1kbi7ki5Xcfy&b2EqLsL(f=`Gp&qMUGIV>_|rzi2tgIu6N5M$6ioXazz8<?N^+
ze6i-@u$(}#<(I@`wZ$>3KB_U;#`R$=nJ2102<(->oy8IO$EuM|U{4SA;eaT`jMJCR
z+SNb!E-gy7IE8u|zd6r8|5JK$>{rjcjo<eaJv)o&>}5*B9AO@*L%Rz{>6hA~EF_Gk
z^ccY9cFjhJK)WnomZP{(irc<M9Ya@doxg-Y7Qx#klJ%<K^=q9>Sp<wsa6!-8i4yx4
z*fV*gi6;#WWYR#@X2Rzc#D)<obXw&0WqO)&B8lbF^E8gPl~G6ND<i!^7MNdgqt|(e
z#lr=7j3*BHU#0NHr7RMpbf?uQm^^Ahd&JME@S9#Wsec&2Nusa!Jyhw9NFltXR^B07
zFKIp)Z!6~5l@GbXxGAmiPaGAa^*AWAZQ!L_Vccy|T7KX9abJ6YnnYGVY6mR2-1&>W
zJSo^!z#c(mfIIK-c8q}M2yxZZ{7OzYw!2lGC4KgCD2?pNHBE*4eaiX#3u!RC=N8Q{
zD{@m)VYgIXgbVI9a%7A^RUQ*Et|p%*P@El(TiNk~1MPKs7EVYmy~-k`S{(Y*F-YE4
zGR{O)c$QYo<OJg428?9u*%D0A`pc5&+?MH0!_fy(t`A*2o6n0|kohogE?(7NTZ&NW
zEt1^1LT45&T0$Z69j6W$`Y|F@Hdt5nYz~z6sAH;L10MG~4`e+>E1+9zJi@Y)Dst0g
z$J)~<5h@pFG!TeV=k(W2;PI!Zm|DkM31I7Y14OeJf8|wE2*b%wY47pxjjtaP^jIwL
zt?B)UoBOJGvZqH?^n59cKt24T$N@Kc=7r+=InZ-l&?_7sqYkBSt(3%!&bgva$V)|1
zp$v48d6h-Dz#>xdzF;u$l|IToYNGzqUs+Q^P^`jyA{t(h!t6nqjjZoyN@6k*^cgk5
zpBqE5eGJ5heDZGN7!zEdH%}IN`v)c5O}Jjx=cc(C3$sSN<@mY!uy}BDzSfen$oC4k
z3Wzs0qn`5~dd#joXBAt%x`+aI4h4+a<-Pm}WFyYx!d_R*R@~;p=1uC!@-go|D%(aS
zaS&qhw1^(PB<721&PA*Wm(<%i>|pc?^5uj?jktp@0|?cK9aV*DHb{My2}hwWH(&<n
zmyENtUL*HS$2kW|?6V&N5BL&bh(@-drYvDTF-H1<8Kx|TjD_>jdKO?GXu)cq?%(uH
zQPbCQh2)F8RoK}x#{NYD%0XL?o9dYV9brh1ct*+6mO*>u0l97o|7A6D{EI)xF&~BV
zl7}Im?n~I{q%Lte_B^V^&HYmbU^qz}HGqHep?A5^9L<})>|jOm7i$Du(#C9n724YE
z@zU~`&@JL21tWm;*{+3)nzCM}6O+$pMFm-tssa!^1#Pz`5M<xa{alU;|Bv8Wq&Ije
z0~aKLgVs$7ev>C={hnS{C*C*zx*MtlF8o0AO@l7x?45$72uiS-N*>sj09D{BJzqq*
zsyl?T?gjmnC|HdD=Z5=P)Chd*&(FiZVKc8#%N2wgwLotEBlRf3=Qo9=0yMrvp~I@+
z?VGQSsNy$CdOKvJ-JO`EVzId^6S|R3UV^CPKNBlilrvNlPPjTbZ~es(r5g_9NvOAZ
z=OMHCZ0lS50iUJ`6~Q!F2O{2WHgEXGKtSh+Q_-C9mH@g}7B%wlrZVdJytn(p6Os_p
zTwaXy=3+!~ggS<kh63mt^2Su0*EA%}brQETDeFSfHdz8RA^K&!E43qm)!ptN<M4q*
z$SWv?JOeqHE-e3BX$*u1qmS>_-A`P@M+OXkam}i)`JImDg!)n&z?!=aP=a|x*7y3&
z0<7HXT*y@K(~yyU9tB^-@}SU03-w^2G0^N8`KD3KK>I8f-V4uF&O1XYc+T(A_nU?d
z&)*TN3LdBceFiM1@(E{f<KESuO`b1HWR%zl7o;C#G&8)ek&JezQT#qs9%m>UcRVd4
z-)hDJ7rC!)I-zDDl8B_@r(JTMq_<A>q9rBqIsSO7`<`JZsbn1HjM`2`JJZb!Ug^H+
z5eaDKn&m5l;6T;}=d#-N`|Rt1XGQit40;6O3O%?VE#>hoGLexJy7Kb!g;x?)9`y-@
zJ5cP%C8Zz=ycj+kd;M7o8Rr7XEG*D(&jMKUs)s%^Uk9wSRXV$7@b*;JNA*6ATW#V+
z?2k&&QeV!Z@)cJbP5a&e$!7vLb=G(Ooy?UpzT!qB@_EV-2$$T4qhywuJf2y<>Jzk<
zDM>n-YE|^h06+M<N&gq195$!7ACpg0DJJ8C3hQN^s&EZG#?N7e#Y!YBluq~h4K=xw
zfYFN*<>GHaKnbpW2XsT8J9vA*o9scz`f^$h?0Fryw7l7;o3@um_}%s%<6%@FtT>(Z
zcB_|zSrPnPp=a4xh}_@fpm%N{yK@Bn_1(pm*2U>t0AGJZ?Z%z;l_~YxFTRpZ$4EI%
z;86nsvpOx3{qLOi$#faLI2|BST;mw@C@&LW#M?mt4y<(kyqoQ^mR@-NQIp&PwoYY?
z^TCSHdJ1;i@lBqT+H6iYAS0ieXJZ8N+1A9x3+!w7<d<?+?~+nz^$Mf)2bY*{8i*hR
z4CGAYxq|Cu`GaliJTZM?LJPj`v^+x=$)*!=Osid7+3JrOrCBdxQDqtM6HCW%FRwxj
zU`6HjYMRC!jaCTJcB$V(LcHloM3Kta-(m-3S;de|sMI`<LP$90$>w35Rfx>+HHhIl
zYs*J0Qd^mUm44I6F))=P43V}N;VKkq8i@$`%7*)WUjsILQdB;gRa9Qqf|J>Q(ol-H
zcA6rZ0enRmXEK6l|HBv^+iL+{#IDH*&u>yV))>|XUG0NtR>Q9)ydHqj)Ii6of&=Q~
z<oU^CUz|<AC>1;%TTMJcI$Mf1r|+fSWr_z%SxRwL6kVc$G%3#>hhNXfR-#UX%P>r^
z6BR{0UtDycOouh^OqHiZC5N{M2wE$n4R00F(S!l9f`dqzOGf>>)bVm-_>fgt!vGMr
z0yqW`L4R+&^*}h2W!!;?{(xlD5YK(!i~6bxHvp6xP|8<!>VV<Nmc;h02>mj`S{18M
z8T$yQ)w5-icYoSColntMeUuo{N|P!+@W5C}HUz~A)Sqb_xato|+(qF;q>D22_q~&j
z5d6aWA4!1VHCli8fSLD3F2fy+``Fx-dOx<te&3q?Vk)VuWCxQVJ_xMv{GYV|4#IWE
zgfYaaD<_isl$6q>se?ay7Q~k1!y2ev+fl=!b@jR4Nw32{4|%iX1EjQAe;WuYED)k0
z)$aj;0dL-w(g+}r9h74>O3N$5%;XyWYD>LsaiqD*Qh}&F$(YwqlXwb$Ih3){9TWb$
zBe!bfh~yiObEU~u;a$#ttMT=9WE#i%!i_0DXdteAPt>vR1ksM>eVEAsbiDi9E2Yv4
zauEfMqb)vG_gcg%(iGzpL{C@q%&Wq60}hy_;SSy-hBqK@KYqv^2<g7?_1h-8&}^>O
zcRd^McBd;sBfH2rgXf5tTC1phOOq%+I-R>^xUnIc3X2N2ep^)vC}@5^uEb3w{0EVQ
zD0RPTZ|hH@*5>`94ASq<$U2Thxj@l6ixEmH)}BoU#G<zE(ewFkEv^Se+JTfA&Oh9H
zz#Ah_?SehgF{x(j>xDoj9;j^&mD7ltGWSIff1Sg$eQ^VFwzHQV&)I|{U{~p6SV#m8
zv~$L|=KZb(ysy|dGOB$*A(9ygUL~!DsUhvLPt{2CUBZ~rTFYAiL?D@9!oxe5iYE4f
zNm|@nlzvD(H!c4q$>bQ1O3i>AqNI|K7e;WVOeva7`)0gv2QLtsgneGr(f7dzT&Gln
z!rY4bg(G~=1-Tf0pj9V2m9DD9qUb7hSaPZuw9Y2xz#YAd6RE6au_6TcBKX>ZeIqxH
zfg6%P1k2g;<N(g|Zmvo2XO!9(gspy2?i9}(g2({hY%wE&*J?ec|I8W1KExCMU85Y(
zn-Ja@*vX_-?+)j(l{&iQgV-~y+ZiwF@3mQhM+5H<0YA2E$p6U>@3hWafD{B<EfM8z
zM{9EXoL%Eh#z6hm(*D74(w_RiL%TDH%F9duN2V?LriR{*`&DVrzoXA)5^a9zf}VBU
zU<sPTuG^ax4`l$H|7Q^SpV^UU_J;bX%Ypjm!3~i>qv}0R03fw_`TK?_Yy0tVRc%c_
z7UrbA*Iy{t|Ak0Uwfrck(dbt&{E|lSM~^B1&Q?YY1lm4A_%+AkCl+k0e*k>ovrKhf
zllH&<#-{(3-T|=o&`{I@j@RU?_qW=fw==JceRx9?<fyi;b5qy4bvIcb&bhI<4Hjx_
zdv4=9O-WT>;9&Or3l)L)hl+3xw71=+A}bOW`=6PJvg&|+L{@;2I5lkNEsrRJ{FVCu
zdpFAXFq$5?PE93rbs=Q6#Nhmor*9_!ry~IzhTT##={Ll}n+xl(NV(?=LB^!&JzEI>
zB`;#~e<m>%|G$xrqq`j_@HiSfi+di7@-GZl+h8|Rp`qu|o07xePk+re$h_PP`~O)(
zU^>VD8?JPeJ?UN%qr1D?{$`Si|LWq{aqFT;6CfES0j`l%=tUv*9)aawxPx>jq>l3M
zxg9~tGiPxQrKK#uhZ(PaP1U+W1)H@R0~=7IPd8Ro)!dHo$h<Boo39+s5f9qi8%M&`
zclHQEkX(<B?%37b_N;;V_FY=SoSPSuYllfKJx!DdkuNgv0oJeL&s30qr)@>o2O}co
zAhvqmUYNyl^Owt;8kbn)E>#A{=eo;_EgDBvmgW=P`<Itu0R5*mX;0`{>ePs!OJmx8
zC%58;=V<$*r-Pvjey`T$zk8dB!+al3?gj}$dpOnMIeU{`HbIMPyhCvYTAQVMyi-F^
zq%)eHY}@T#Ng)-L@8y>Je5!hw#ic}HWN?@>2LU5ZP{j7X5!GTt`xfW}9;qcouARm=
z;%GC)`X?>>mzgawJa&jng(nFBA$hF!Xx5LW3g68f#m&19lBc%9ZK3mDU*hmPy>w$4
z4}9|qa1ykjS1iyVE$Pnd_+B;1$8v@3AhQ2VYy%RKV5YIrci*JG-RVc4?l>`>uT>02
zlI3HT(e5Po%kG?muCWrA4>vusX<_u3#RlmV^zv-DXDj;gFwZrTPHmqr(ORK5<Vs*G
zn!ky6khRV4fh4`R_CzXyD9TltMHHQTz}hwf{7(uxkh@rel_V{rY%~V$58h4QyCj#t
zO=nOdI1qwlaP(Ch0#wi@5R?->otsgg3RaqAWXMMew1)2?axrXp@+k@-1se2co|4#*
zRj0^mCNTk7!n@%FyX3CUROuraro$IZoi?vM_?$+?RXKu0Pjc8{1toFlBPaT_`Tk%L
ztAo|y=qd@n1E!JC5Ok#_6kP^GBU1od5&ZS^3urW1c$o%r5`!>mqKtuG7%?sY7jW27
zc8JXb<k4cl0z{Bq0%1*MR+Ival^9X~12fiY@jBbN0S`T;M`RD=Pg_;0WhYWM0{NlP
zAFgI&>M`*ISCT&DtLH<UBIgtFsx>1++LKd&8c4_Fng~{Mb}*JqneWDDOEK-;9C{s%
z1Mr*+QQ?}kx1-WpUG(f5mpw>zpX2ynH|9zOr%NGiZhkTqP;vHTb0u@dQB9<#LP~9^
z3IS+rMAt?fz2<+5L&JR(6$I8HRmO2oZa{A>hhzZgN)$PG9RLDf4sjZJJiN(1<iIt4
zGSN5cDS>DasLVib;VFRRkjRoRyP_tQK{MCqe<fl^=aQDOgzTJ0#&|!oqneH}Q647-
zv06O+k-SA%o&Zcv69<OU|30S7;+EP}RKLkzOhk&FWS3y@t@lIfC#<cH^z|9oPo#hZ
zC6A|0Xaf4+n*J-l-Nmg2cTQ@03?s>bsOo74uS?o01joWBTsJbBltEwxGAl=k&6ou9
zq~H1!V6{02QpbK<F?t^LybDdR;l(_Ad(V=U$LR6i(sHjcO7QfAJ+`j$x?5Mr0=Bh5
zf6tIBYaD@pOgx|8Tc{R@$?fR#f1s*F?@nyST_am}?L?Gw^hhlvofk2dPII(AZaZQ@
zyakD~nY;*`dD0nNl6f^kuMZh@J4*lXA-j9L_WfK4;t9T04_GMduIcrL@LXMhW&{-1
zYtgvD27I(ya3WCQ%w7#&2&Mwq>_(?B)SEGcG;;wdIyI}QCPUXhe^(7t-?T9DSYit(
zMt$T!^M42arU9TJv4hKm{t>)!O9N#GjJAB)wsOg(h(35*Ip5FSjd^oY;^IK#5#`3i
z){lHNq3~%6nic!OyZ#i>M~G1QE744I6z4h@-W7WDQq6$~`Jjhq4<BVNqV=7j9Ya1B
zR7z6dL_om(!}o3F?vY75_*^R`JGD85%1n@UKTQNDi3k*d&x(t$u;WJ_(=_%`!XF~Z
zQDj1>Vg{OQ0CZDe5zcuyTq$pk-d?eA$S5R6K!%5l1356m0!n-+X1$0}=$V4-b4X=C
zF|lMO5@uk^l}`rhSi2k^yH9Sr3=yE_AUwX&O;S(?`gM+1r>oJ`px<J?<-p^xYz=lv
z^-j9cx2{7~H44OC8b$2RSGaclPxn9`%&;5poB2R-!md;%V2%Hhmo9xaf?~-Cz@WeE
z-ZSz9V5D=rA!anMW3b>y4>Sab*V&s>OgWLV^K@@HE=7PWtv3XP<RhXW0~~^wK>61X
zEHrT|@iPATVJm9NT-Ag)(T~*uOAC920oV-He~62(v0r{DOWMhnWfo{zRvK|e2m=g2
zK9FA1;edYk>y1JqEb;FN^CqBL{o`0_wv><jxAKlyG$ZkOhb%(}QnWE(6VoMJRcnC3
z;|#L?6g)k{hOA8Z&N*@M8--r2U)p1xKptE0X5&c9m$N&s(oaOO`J_!x9l{E2ZE!f#
zw|R;lnky8h-H0%Z;m;H32!31G0mz4$B-05ydsK>QFo0z&-BRQLsQ61<OU!)OzQ{_7
zmKD2l#(RbIS$Fy9guIE${GJlYFz*xxv#pr3N-f;U^VVHgS=N2?Kv8A=J)xis-vx%j
z_Y>|oj7mH+rNldZKmWn`G^Bc}d8eo!%!_xvOKBN}m;o_>nL8N1xSTb7Pnz-GRh&>E
zXW%*eOP`5gY+$0#{;nIg&p9}-vnKA`>Nz7VZ^`PM@m!r>$%VVlspBA@dQUhoW%UmY
zC#a~f03AO>bf<&+(BD1OXmud#@QBMhJ5CYROvY*ve0@1u@FBgRv!$o=u(kNqeXVSU
z&x!(Dd_fq!=aC3eD#eZ0W5HXC?+9KzA$@vNe|kiNdnceCZYXbkz;Kq-YG)b>{iNQY
zXqy~0(xvDl@ViNbiu>f?2Kh74yF69`3^Lwa(MPw{--6mRU0ST*%f00IBuKw)TQH2#
zRh@Bte5<e$us-<_EtJ|V`<qn^7gstJJ+?a2H~BXtBC!u1KoX}ox`j0AFV>osnIrAQ
zIFv@o4^T5M29=|ZDJX)u+c?b_<YM)sS*XG9%)dve2h7&5w$ASZILVIi&s^1rhfj3A
zj;e*0;vDN&#4<sTX{8o;zWq#j=_JMHx~0e7vKHP)Q(R)-@}P%si{y|W0F<>!{UBmN
zQ=X^y`krJow1*@u*uZvK(7!W4^sm}CpX!6RzK$U%$_edeKJ<xu{ZZMjk&DefPxA9c
z6q3K>y^O*64t~z~nqvivg2tCl;q|_q$PV-Af<KqJK}UH{*06n=2>Sg8asOR2$#ezs
z@)dLNHvB!gKctO-->Ac}Fx9y?AkdW5;yAhbn^uKZ;wQkv_*U-*l}L(FonX!Z8VP0}
zr=Jx2K3D0UtWj1I!j&8NTY+R;R6HrlsghDtNR`LFuoL>}8<!EaTarJilDzCk15Kdo
z1q4`bQ{?^$_Wy=J*gl73rA^U5MMm%a%mn9yi|?_mgSE2(xH)Kf9&b+r8$ID(0>^+Q
z<i|`E`V2w$)mlqiuFoa<ys%<BJ@sNYao~`_nJBklt<<BXDdsn#ekUDPQ%FU7TcgxQ
zNlXm?SI!m}9rNY(#GQlupyO>4%EV}32!}S92hg0@FEJF=^tA0!t~3UeD?aJuI$#d{
zkB=x<rzsuuoo}>=0b%mEL)XEhSx`48!@je*sY|03RJuqF$iHB+O#V8;??cJzZ+Or4
zGAjx!rVuzLmn=a=^UN|OY6{{Qf&&Cl9Ngm>l}7l#3*6HR8E905T)XO3I&r;#>E%y=
zNa9x%`kSetwSID7g25YFPqqxaO`(^y>t2}tVpe+u?ur9=*<!6<(@Itk`{Xzn?LDw`
z?Gy*l1OKUGZ1UrF&nG^4hbzg!HuFhYa7ji3G%tm02PL{j$tu5_x&>;$|1b95IxNb)
z>-*kY1f)cUZt0Gpk&;HbyAcqiI|h&#N*V;DLl6P!?h;U1q&p;qp@-%@G4{2u{p{<0
z-{ZKi`#Ij{x$l4GP=~>D&RD;-KHu+Jzj>c|=-MI$@yI<CHNplG#=)_(g?1$gO#`|H
z-SF}`8H(}<SKSlNyeuSK4fAPza#4OAtJed{rsByv$pFdcM`(m2XJHsQy4*dE;j<3e
z+CV1&NsKepp2tK!ew`3Gef=bDHj~t%H<)!q69;5H%>H0UkZU^m_Frzb+l83O-zc(C
zA{Qwh`!`1ggxD1O?uNU*4-FRd%S9Ohz=6tf%y80`;I-fMUU_EB=@DjY`#^l_;|Wnt
z#)V7L>s)UF197v{p;#;ZH!%-#qT2g>g;C+tv9(EZVcEpm=Q~67-`1V~6m`5zQ9tcr
zC9FNY74zM8fkkwGR%1wNCk8vb8hZ@!{7oVYm2v_&*}3ZDieS9%_*T5GCJCvY@H=xZ
zu?|4-XE9Swz|t;sqoCnO5Ga}k7oK*fm$FhH3A`6qpzrSsh0wovT0fOoPb^7ePH(*t
z_|r4?DuF^|bad}?&qo2N;hI)-Nnla=l#QXH?JIv&FZ2bR%$ejjesVyz!>P-tqOFS7
zhxpb$M^v=7vbhj5JQrD#>BMC?I@(&=-i!tnEnH=K7@?@JV=MjPD`1s4e!_Ab=1@y#
znOkP^IQ0d`=v{GL+qO4}4E(R2k);GUEyXOnNz8@@ZSi3^KjBgR>}Iu2Ax+L0ceV8`
z-G+ns%vGq2QElV>XBw$cGLXRSGwh|DUWtJ6<XtZ#e~{XJ+`=vXOvFq};O@i%$E@3P
zQ4mpnU)ITekiK@CbG06*C0t*mo>nztx%JKPozxIsY!6IM93i92*JsV10=#y};f(4e
z=0V;M=UI+DefM0fz!GA2Zz((RLmH<$cRwV-M2ty!@7-FnRW7rTve+)H4q2a1gsjD(
z8<{a%;TJ|{j3-{Hr<Y;Cv*zu?gaa9f^XAP(=^VHAM5{0aOazJ-xFd9Bk{5OG_R?HY
z3ky3;gd)vc8=E3G#-KqcGjh}5t>GR!Ij6S*)3eWtA`AKmY>!gQKHm~s-K(GGNw3}&
zEW_UjA_QWpTh;V<RE!#`=@nLYp5|VQ-DP^83_MO7I`>tfro^IJX0Pqzv?_M%4QlSL
zJ78|1LDmy&`MJxEl!A3mI1^$VmRFZ(j|}&iSs-_D`LBg2Ig}?iZeCL)UI7wt@EgES
zIi5&9mMFL@;p2&|$lz9m`%K6&G1IamvoVxF=9o9-LGI*t%qUI3FA_HIJVy^qx(R=N
z-_)<!5;v0PvZryy!=AQl5Ad>6Y@M#oAfKMsdi$tSl;1%cd=+8`6!u^;3`DuGUN68V
z{D*6IB3k|1Y$fsL@9tUE`}0ih@pMe(o=%nf)ZeV&dMB|q)Zn4_tkidC8>p$#!9&ax
zDwIwZR4_o+PAZvyF?VKp1kY^WKg0*GDVt=T*&w2bQc$RpW&+GqiA?_kq{K)mq^tRK
zdpMF^oQ=$Q^L-}rr_fd1*_&k7S(#r}2H&ThkaiS3ccJe|91A`)62ZZv!Kepvvub*{
z8r+2q9%2C+3gVJ26JzLsR9^*<nK^Ml<t4dEGuU;hxRWbOZ1u;<BEtU2gTx+3`*a>$
zx!;|*v&7U?Ah_xE)m}3rfNp=q!0jhu7Bti62#wqmcyGEPtxunFehu!z{LBARgcjCX
z{4%EQB2<hr5vcliDc8^pb%b%KNN)6BdKaPZ8<S1|<37IMn;@`>-9JWgP+GcGOMT7#
zAW(N+EVexA3HcCgBfnh-7_Uj0N&Se8s7q<73_r~3t?wU;CCpfoPN4rSDFh&GU0s=M
z=K;m;(87nF%z@?ex0T6f)J`RS=lph;=46LPe%Ovw<31N|0PcW{JDP*{9WK%F=DmpB
znXJKD%Kr7u$8~z{1n^+i<q;x@yW6KW{|dzd4D<Q(Ub_cB{Mfg^NA6!C5&-y&`?~w2
z>*(u0{?3PJ|AQaTxaC9a!ot79cV@s=Z4LGd-KVEP!;#wKv91uqzdf4&9LxG|fmfe(
zv^F&$izxVo#S|F->Bj4~fwVp9M!q@N%1Hh-P9@xaF!aAeXT-k~K>xKB<$+Ko&|YB-
zbXnBe&vnGxlZ&_mI1pN1?)XC@Xunkyg8#LmfDANLED@(JKq9^2yDNPkyz3et@EfuE
zLZQe;OCurV%c*Qy_QR~q{b+N^uUewAJsglR7eoS~we#I`;kx~}>SlKKLc1+z-m}E2
zd(SAm!0nHOiT{9ef9{F_U?V_3Pm$Ip;EU&7k(hQRP|ST3Ehapp8^qnKB1EIcL`~aU
zh}s2cD(0j~j>vL7dV7*iw6ixjQCeX5xTj!*D$vyN{8y~}t3G0|Q*y55T=_f!i`U_}
ziPSQmbtO07Xvr{0bs1pBKrhF>HXtV9^tWDrVx*)D^(*PQ0?Z7-_Wv=nEEz9rf}c%$
zN$b}bb;axu(cbh$iJZ%YAz1DWFlG{N-*VR@C+|Cc1E>iYejnfWT<)U?I?T7_MvJtI
zzYRbZ_c^UtUiVj}EWdLY)te{rAL3Y>Rk3Bfd`sbu%#zs`Ld<^MkxZ{V7OPf1f04Wd
zYs)rW36oV)T+D6*OK6YB!6G9bs?!}BaZz%zV9z1mLDAV`e1ebFbvIyWmz3Ba%|#<?
zw9QQ@iP&#VTnm&n1g22~4CAZNa9M=-T-)!5<N&tk?Ako^P1@FpRZ@QijqKpZoAgl!
z0^j}uOslF%ULH>=iYa2G2%I|%ZUq$<64>@ec}A{a{a15R1AG7gsiyI1R>Wq;M&=aG
zO_FWH&eK9!c?FcGZ9`n^Fnb!L7w^$fpSW}^5r}HZ2{C?RQkk1XF3RZ`R|&Swn4mV#
zEqjA5dHoF*q~V%V3z1g8Xl-sn1{|z(#7sXDSh@r>g-NS$2=R7(dP2kRldNe{6C=VA
zjDX!u(xraj@lF}`IM7~F>Gz}e!J1<~O|r=*ymf@S1jzeGFsACDedO=EG$0&mQGSpZ
zG>?y+9o{Jk1Su}Yb{X#DW*R+o&g+i6j(Pl)02S6Nk_nr!bm$TIeXZ#9;0n2T1qlF0
zh2~t)UtWM8CX*$8{aH((UL!1#mMw1Gb~YWT|0r<xc`q4=PzJ@i>-H@TB<0wqgOeH<
z`3t~!#>J3w)e9Uf>Q{-#QgGt0?gg_lQonG=2r<*nteCy>sX?8J3WjT`_&TwFD@xsJ
zXnT3#YB>j$xCi>=omD_pFr>f9{oMgNVz9X_iG}jN@>KZYg5qz$Nk)MNMGv?Q#=TP5
z=S}It1yc3~GEjDMyX8cHx76ursx8|i-z#F0dU*=0#z(BnMd2i+9(4ja3i4-@XRK?W
z+!&CvCHs21Tn-{8Sy>b@FjMS%@7)CA)pAR1Hj=G)yaWBuW`)SRux(JRs?)t@{BO$Y
zxZ$>U4I)4I;%^huTW@yq&*0#Uq0B&kuhOuBDcKY3rw%Q0Sx<1``|AV4Bg!kyL4~>4
zP$mq&TXU)_ssYUi#svE+Nq|OrfO)hg{BAr7k{M&+g+{>@cWhte@$~mE_puTsY-|u~
zTK}OfUAM8CI(^g=fYSytEBVGdsW{eQ=GHLmTt$J?Y#0ukMS^1P`3=fSnuuc#PNm&8
z6MVPD3l8b*x8<J_D=eb|rM3oU*plPrx|QFcG2}xAR!YR_Rp~%M@!MM$U#aQ50N9*+
zci}_`KDqA=0W5un?XycoOfq4_+PxUfq~nfPe{_i$7fK}Mh`FXo>5bXFvD_8gT*9LN
zWTn21zdR%R$VBbihAq96rY=u~Y>ES5ZStxjn2DgZDJ6Pgx-IHzh*U#o`LMMFlgCxQ
z)jJdLmzyaEV<IVb5cJs8#mE$imUf1Xu)Dt<1<c8h9;x8$fZ3jfD5Oj18RpOmCH$`b
zcIWXX3f-4%`dxz33Aa00F_SVGz%T;0D0XVCoW7-?>Ri0<hVG(va1nM*l&KBp?qih@
z(oayggtceuG3j4-2sEz!PIgb|N)8ptPcxkjNvepbA9EBa-<5iZCZ?c0`WpxH9hHJ2
zohmBI&q&xLp8}Zm?@Hp3^rJre9Y4l%YfmpT43a<anp)T{V6>ZO5FsCF2CJNOhOMEo
z!I#bA#cLBX0y06kPn{veuq*iWKBSa{ZzAnNm<)aF9JSg2D)Gil6ND;|WV~VajCDxb
zLP|KC7-@-1f1~uku)NbOk(=aY=Eze9;9gE-qP_#G*vAs)WZY{t=?j%LA{>cGaX)8w
z&V))_u6ZEbOfr(j4Z<2KD4sHmxMQ=q3k@Pb+}*aH&v!J0I18dOQ{M|`^i{@$!jdi+
zZsMC(z0e8uGVQ$Ct|nMto%u986E{73=wgQM`mUufHGPg=ac-LUAt}G)+t{_4#>F~=
zYsedD5DWPU3U5SMe!5bU`$x&cG?Zpu2Mh0IE$UUS!N(IwDzRQ=V#|-Cv0p&DRHpqX
zu&xMV$JtTDx23X;EU;ga)D3F~b8(YGtM99?(;y1Am`#_upsC0N30crg828?r?;q1s
zO&(R~Rrl<#2shj3OkoC;n%(A@x{zqQ-P!rW&YPA9@6oTPmI)lomaSwTG=><-1kEV0
zTKSQ1K@=@(A=~Mvv;_$s4xaqL>kB$&>L?O4lz<$-Z706ecv&xEoZBwDkU5oAV7@UT
zMDPxy;YegG%CXb^AWbEZ>@Do`1~8nfdQv5=`S7@BC+Q-WiTbmOmlaCzc*y5_sXBJH
zWK$Xy(F0TniMrneVeN@FB#VxB%3}CrFW9Ja$f?5F>P_^+xZv2m%<n>)zfv|J1%r3>
z&X>^jWF+`3aH~44zReraWLrN725&T5hxRbb@!^T&epCfAo9jdyd0?Y$xWjrN+(D!u
zVUmGraAkeRuj|`7e1CI6Tc*oBYAMO)ZUP9+Rz()&rsv&STqIS8SU^_6GV-x<(CkCj
zZZWZHQ5B_!l?6yAHNp}7^(HB-N2e!je0Hs~<O&qAL22Dj2+pZVJY!!5tJ%u2SMTm!
z$Vqf4utdK<#RcgU5ID3CTMjQwp?cfWpdJopP5DKK7o_TTYs(by>?PB*{<<FB6;I7(
zj7pc{F`J-4ehlSmQkO&ne(ZbeJ1`RptOfqy`7azc3|J0w!@T7@2YIy#+Gj#7U-J{C
zqo8+1Re;8_>`+}9iAE9u6n>5O&q@wNp7aO!bOep)AxR4P0*5L|5v$34Zy;G(`bm`n
zqYvFx(x8NXNvx)N^wzZO>bC}(XQwl+Cn0qP>mwpjB6uL_&5a}*eRS=LSmn<c>$8$L
z>pUi(To4UM%$UTJEIOuYqQxk`#bMz0*K0m46tvL!P<~3NkO-9eW({H;?lVJuH)H;6
zz^Fq3@}`j1$jdud3Ihe67b5$8{#Hjy{VVRA<V#3sC=_c1keQ+N*cP|7%UxAdQ^JMT
z8$A1qGorGXhxCP~qCz+-Xeh+0pOCW&<u>f;#Vw@poIa(p=e!>FVu~%8j+t7#T5YMP
z#%K7r*~@I*5xU!cTF*>hh+&1n$zE+TDR&U-hRzfAlAAYd%2HX^Fzj=;$+LW7Di&^f
zmQsmq80a7<K(n8Sw#uJYJweN>wWbM__tm^naS=P5RgBYMgFf5^R}v(PEXY3K$rVy(
z`%HE$3+`GqmQ^<!Rl<)MQLmXc&D}V0$S3P09Nx#IqB|Du*crsLxOaVlR$;n86?mVa
z)<0EON<hlS)|%h@9TGp`rVLYo^hBDyTHhD12m&(s>Q@vj{3v0BmdX>2cSpIhT{BLE
zjhLZb<Gxra?rMEi5&Aeh=p9ydVD)Vw+Wlm6jGkpnE}d|I^KYVt&A6K|`$eGHU*5yL
z+2`3suWB1}B@<dtbsQXt$gK8#0fsM_FfTyMA^7AAYq+4C{{68n?qZr9<`3Gbo)7BV
zl0A`)kP|?jzaxI=+)hnf!7`x`RaV~*^rAmemZ7%>aTL|qZLa(8riuE=<t?yn>CoE}
zb{E6&yc?X6t|H9^G9xS}au+s(t(cd@{C~T#Xm^Sq<$$@Twv*}+pVN%r54rSqo*2V<
zLf^6)u-O!<hLy=F`+HW#<H34i7z;KAZ(8mSJ%;CY=fn}8<lL~>)dk%*0m9sgw3)fu
zs|ZNM-rR|^3rd4Y$Co7b&pNQimy*B{HGp@I+PD-5rUiqiw^Sy!1HfCUj`GkT_%Uwn
zDe!?uUA7{g{c-cZ?nk&Uw9B?%U$0~M%WsTIH%y<lQXK}%UGXFDUmnz=osPbL&?f+l
zCI$CsvGML7T~!L?iK%k)2rebrHF=%g8KMi23u`toY3C<H{}J=lLD<gX9Hw?pc>0+?
zN&$iN3N_68^l-quPSCG?V?#r~#SP)G0cGNSqlxT2JP_r;{#YNrN3|#R_L;BNBkJ@I
zBD9HA%*~Tsa99hjw$z*H{Z+KVefshrH#`j(%u7wRmiV-@Kh6d)ILOQKoJ0bh0_%0Q
z=2*}9{j~%kuV8KGUnOn468A4(vh80c`VWMe2nrIbO98+8{J2+3!yyW}=SK*8)zvi{
z6OpVJhruaVaVvSFg_YjVi_!KT6r;>=MlbV1*p{^aW*Cn3F?z>?#5@dn-GfhC<^hhz
zWma5rGI1Q1vs{IV#S<Q2rJR29^-vnq;V=u@mF^1Z!Jeucbc7#7BA;F#ctTQ%-bZ*~
z7r_iWM<WTyGo5F7@j!PaaYYKKY1e|EcFo4wB<sXQ_P+KxdPemr>?^0Bj!`GRduz9)
zdrS9wHo%`DuwZ;v<XS9pWimup4%gCLzRu8gj#_#dW{IX%zQ5~PtT9urs~$O4dB2$3
zWqH2~LvTSF>tA0JR%Yg1n8ZmaGc$AdmCzCie~*Xhk2_n|)YMK!s-NX!@N1eWK#1&*
z_q@1qxr!0;s`3Z^?C7V&Cp`$x_`8#kW65*)lnf6K&(Y7EhLx@iILxxLGWw$@%<H}U
zEv!E?fhY3)7#~CHX{OjKsfjJdiTI?SKk$kApEv)%oCNDmrFrJ|XbvUN2f#B%2(AUr
z;O&#3i?IF-L&UR^dUrh~_Q%RFKo}PGzx+tfQ0$Mzknw-s1g3fX`6N(zS#T<?nfUtt
z&II3G0wPlB+^1&m<V>T-Yag5HTJh7U)(PzY?k<hxO!efzBqrXDRpRmU2=9r`TwKcS
z(Vm%X42f>(>|S&CxISAyT{1bso{o%k%~rC=%QT};#oYULu3^*UP4;}utr&02<hU5&
zx%~}NG#$F&LTGdHA_->j-&`pwCkuQ$JgQ7%VV{UrKTq<^Yg-ZFp7pEN?%d4lJJC1q
z(UfkkeZIs`L7^Y&TImwgR#-9juD<d>Qd1%?Za^PXwSC}386ULe9ilG&RRk2)xUoCl
z_DRI*tMeRy7VSnmHXf4-&YLlmJHZTR7qFQI!EJ^9$C)iyd7<|X%#br?y>LbkB0XB^
zI0jWzbYx<p0lVH`f^-#jU(dof*j8w?0WW*@6|UUP5LDze33TI&D<a`J2z*vEZKdXw
z<RukdnawHVg8y;f%gH0=l{0*!<<~uJYhCPQnyt9nveX)81`FN{STMLmH$NjI8p;8d
z&|gF7oHvCdCiz@LB&LW?FjG#e@mV~PjhFsu<pt991AW=F)+l_zSf3qd$ngQ9q3wK^
zl!~G8M`f-EORSc4<RMu3nvwDMB?rjx!hT%>hVj{_n$<bmpQzIsP)1#{bLlsp$0_AD
z*gjZsX59!z5l`(=)}!ID^)*s+z)G>|KyTk*dAYyfaEE`r0bJr~Okmd^Rg=p_bpofL
zC?&)93ITt;U84JW)^@kA1dDsJdp(+{z6V4=p;#ANKH<o>!~=V9$BCHkcRF1Ty*+Dt
zYrh!gjJ3O?x-2fwY|yhpCm0*qLt@lC+cgRw3f7K_4Y8kZ!8$8^HAbvG1ZUzHH2mNU
ze1)HP(N=cZSk}T`*4s<^Oe*}mYRec9%y0WSNY73&%d`z~{fONQ$s#L+ky`dVYnyY!
z-Z`tG5XqIL(*a2R=4Gkvd=#8mZ}Yb;m_B)0KC-w5ovGIqgGS)6Jg=0lwX(h)kg*|m
z>oX}%om>-yTZ`*<5>(YcIWi*ZE-t^JTq+|Ap?t|wt5c@ry=e2%PpGu?4Q2y40yQ<V
zhk4qK*;gt)4_Im@6K!TYduluD!`SRKmTrUxkZW*_SCr;~wD(ER)*}&}=m`>|_lBLi
zs&zt?2YUmJDzag(iag4ie_u=W@bHOu7Nq=DZGL!u`c?R?IazlVg4O<YZ42$ipn|AC
z8bxVLub8efVazB8<|u)<tMzG*96v8oCxL{d6LTpQ+KCl*_p9^t`0^&r{uH~T1iGC=
zAqMfGY#fx3V?G>Iv@p`1on)G#KS~lOXczh0wGk1lPt<GG@0q9qa2MOF`v}gT+MC~1
zdKzsJHN-ZtgY!V-N+`oKxIBeOTNZNBg5}6RaM-eyUV3vznKVy=^)nL)2>^<a25~lO
zF_{9QAd|tiSkm3+6~>u+kI4(B>cdUh;<mx2$prjKyYTh5BTKi5@YK3@hnN@=Fam_6
z)-16&>ch~p3LF5k%;18uXFKLvk&Fn-S2Cw{j;^<a^e>Zd3-;4{3mWUT_?XW*=OY=6
zJbYh{y&;ed8!OVDo0rSMNCi?{72{tiE~Ir9lY2bZ%oL?z2}p4zq%~MUHLa{DRsg?9
zac*Y^QcU!7y-%0EIzwVsGwk_Xyy&9{wsz>G)$_0+o3#CzA!E>q&o{}3sS_$PY1VoH
z@8H>dvmD{*$ocZT=Y3{+CE2UhomLGa8q4Y40Ru>q3es~0D9%;FHBM&4Xefjv#WA67
z5qrCcpB>G~QcOCAlh}RVk@4%DDGW-xuCrTk*TOH3JtL|#b|HR%qIdviBK;5<nEY9g
zT>-NSD2eZ#dXrTaFKS;#(8>Y19oT>Z-27re;k+>%TBarC(HFXKSxCrz9}l#jzM@cU
zZ!fPCLdPWF2N%1+Xu+VTnQyaRA7Ibx;@~+D7rDRg;qf!)Aw$)}ILE-w7Y>V>=Irek
zjtn0pB<QBzg0zOxCBj8H^$Dz*#TBJkoj&P-b6z_bGK%L|i_7j1pxZuhMbwdbG9YHs
z$<F0G58w0wDOUG)CflLT290z?HO2H6^u+A8+XN}S<s`N=-twW3JQiZx3btU)&VBe%
z&x^pUppVZ#oQW(M`{JrA85)FsUsXmzK#Kky_r`>f!^yNtayqms!0U)lXxOVSrXb_7
zRViAxJ}=`zQ%{VV##}PDAVJ|Vu5}}7m`qPGHI5r=`*6>&enxbE1O$iowuTxu`r3RD
z(!>1x7a*`<){?n9Z@xkWu~1+1>rBLY)xwcO$PGI(SrbMJI~~|Zx-QoMa`pvRbMao)
z92l+Pu2&lJ>F&4ji6*Ek=DG*YA17^r4X$=g=lSuNfTKp325xv>YQT7S;W853bs)OY
zO|Yfvlf)~~sFK!D-Sha7Q@A44K&^YbW8>wS3>u1_@HcEb0&E3=OjcOj%Qb#%FZ;#*
zlP=(Cwo3Ca!N{R}1?_SyyAh*22UET`0R@joinaFB;_*9Vm!n%*KSF&@S}-Vw>H+Dg
zGTOw;iMi+9FI&<cgVpr9sP+x}+tiqM2g&BRzv{-H3&?DJ^LogQ4<S6iZ-0p1ylco;
zD7+{`L(rpJjMCQ`osn7$GJrWDu&<!Zu)lcV1ib#Hq%A|j|Lbw?a6fbQYYT?HY7wav
zRp}ef^=4NkcG>hRBwY!Ht@7t02`Mh*jf{3~SeNJWd9QCr&#=LzwPfDp9(@L(zsJnO
z;;EdS4yq`6N}j5W#5^_WX~;TN)^ddp8i~gGkTlC)BJpVm<!R!V&Uq&+1B6ZjILnno
zFbg#$NhRv^5|<mSG)|fOUMInkA$ONqBF!(L=jJEJlkd25;9Ymv?p;T&F8eJ3YkmLl
zM8x#u@Z$6c$Z(bgdiLaa?#PBgYv}WWZdTNtKX(74>=m<nfNw^TJ)KoR7o($&;H^h4
zwKmJHfbRvlz$d9S+KtYSkr7i|p+@%sMK$$GcD}2jN!E2gy`rI9%1`Xk1b7FtI(nV)
z2ImIM2HIQ$f_hpGe`}SN{Gz~O#!RhF?9m^$@T)L2)2S%mDV^B+h&(UW(R$0Kd?VLH
z2u=@A;AJtPFcNWlYr>j@dv!D$soKP6pY>#mFUc01)cUA?rZ&gQ5-ij?22trjX@#0x
zT4$Nm7VW|&9UClxIb^NCq2>Unmng`hKR1_pn)X%8!Q$uFp?%z+!?#on^up2%YVTtB
z%?w>XsJ%kJ;k(Ykzg+{W{G?l-u9&vPMFz#$@vXDw@YSNI<umPtlj#vQaA6PD_yDcV
zNj7!HgVmI3U%`Ehf5hZbTu{r5ui<s+eaMoQ%<S2s(53Av{)WA^)WFP5n9+UtTt8E?
z*3`3myx(i>#Tj4W=%Z@Rb@wC?cHimsRjtR&(8P;Bp{&UmRpEOB+G2j<gdCg|F>3Qc
zSOY=hdSMb{!Tm@uI`{xhz04CuX$uu>DHqJ{A#+g`Tbbv{{_ik44dbG#%*vkV7uP@O
z7Y0UY$tLjJ7w4QKuzDwI<w=9;lN3XTQ)N2No{hnkozwLBqWbGAdKR`B*E^ZYE?6m>
zV$v#ais<8%A1(S@4d(K9*@~+bA~l!hzDN4-)y-wV)40ES`Af-^q%R2#KlumXv+u1x
z)R~A8J9rqmi)t$CIB7?Vm$LoejeW}gJ=ljnTI~x4%a`qpGT74<W%3Y1BRltn6V3zh
zEkGQh0WwcDqYfF%W*95pliuR3?z&NgQ7)5bhXmF|(gr~6FR<?h<AUZVv}Tuq4{QRr
z@+w%)>yJQpfeWeyJKLg&t05E!UX{`p*>~{wj2m!0+Ur|jT~w+SV}==1P;~vuGItYD
zpNviJ1sOH$Z+%4*%)G}+bK(X?T=!uA`?{zR&P2VtG{l><ba087o2%t`HjUB0O{-tK
z8_YnVEfdNG5GA9<u{DL_^$UZ|7#F;oWbLT3BU9{!)(cHz!dUB`cs9PC+^)YzHDH#h
zNr0m4XWSMJ#b56l?(b=|AZ#b$mv8EHAF{P{9qJ+R&;{@B*(ejny5Mb3P#I|eK;$Qw
z|0|@DVxw+(lptoh!;co`0aQ3!7{&O_<=zZZ)FL%2jtMkmX)8-V6QjQpl4o?UhRB85
z1_JRw?&JHUN>5iF_00A0k}Y2Jt?%1fS8*&W6t{R|DDj#?AcKwoQ~x`BbTX0~Nl%wJ
zwD;5p!)W%3D0A+NsJ3OcacCD3__cJr{Q4+FD6?zcNGI&V+jM|Gn2k1rMgK#0<9fNK
zZI87Ix8~5Jvhm@t9&Fw{2)X3le|=5L%IaFNr>H8*$_U`_Am>$*l|QPSKk)*f&;+XC
zotx2P@so`aBo3vu5C0J+%DBZu+S=M(SFc{xrL_Tv2~5Sz8Kx@-s^-&%pQ!quio#@_
z=ZhroMUVI^{s!y)_k8mf;M^7YB=`ge7&7{c31V<Q$4JZNzFZxMtIK>Y^+S2#wfr+S
z{P`oH!qR`k6#w_Xd5j?Q+b=JG4!~8vAOHVf4i12<8?OfhUx%EXAr{Xzh5!Mm$qfKL
zx7_D7-Qn`Jp+i)fS<}B@&1)Y8ZET9Ag{Ll;7|29?145$7%xukIWWwk70V~qd*?Q(m
zNXUrNGhUu?sPOAozERmW!fln?e*&~2w}7_!idZm%eGfu)VjAEqNbomT4Ise=+S(D2
zfU_g;_4QXD$a(G6DM=>$hA7(i98K`LmR0cT0<NNTOM_Mb66_S!DA)#1n%T3p=GncG
zqqa9ao_p?rX9jNP-zEQhDlc`Re$_Zu3fGZhURmSDFKH0z-Whk_^N7yt0=O4|d5iga
zek(#6_dAzLprq`LCiQUIR*~=HUB1fb<&%~)rw|neX1)FupDQwx`&G6UQ3<=vwFRAM
zF<*(`UoRTTUS4QiKKRPNa+RU&7&W7bw;!F>R<TqBK^|vgGaaprST}-%S&|{7Vt0CI
zUuhaM#HvTS`oQuenijAL*9!`mse7f5{tDdPV9+ihh|4yQ@a0p&lF;jbuS(Wsn~qCE
zyTqsB4h)Xhj|}%DPO67~sSCuCp8hoABkUQHry1metvx9~SLW>s1LW*9zb-+(wsXAB
zSa=Cjyu%i){3tXkC#%&y&EG180%I&=&&S{q>X3oNO&5r(6G7bF#5xP*!@Kg<>!2nt
z{SDIYgxkdzJd;d(unj`{wn1bNVCP}HA(u?#@Q`i|zJ1qe(A7-;u#J5-nbcO=s{48#
z-jzdpq||6kK=#Zz&;ch;`YgjmUEfihyg+n$JTost)W8zRuJzgFvDXSn8Gc`g52^wo
zH<a|Zz4JCEvg4yWH)i82FP&fpk-=nsX)VC`+vbSP*OKUlk*m?#mt`b3hgQOSo5UW=
z`a#}}38xRR<tFw|QGiA24?Tw>(QI`owbovu#oGKBY5ediJfc!-KMmRy`%CO1p?;c>
z-9XK>TS|pj{&npxBa*&@B4)0oF_IThcT-%T%l0uLsJjoganYG9Jn~d3>4{nDIL*`i
zqA`}WtS=zNg`Iy$iE3Nkd|ed`e&!s%(aIH}LnTiUI}voN20CJ$OcSYpdE}5?%e}TP
z`wqy-8^E7c1DBly8rB5a*K{2jyL(hPz7c@s`H)kTbyZO=+CcJVpp$R+7UJiE7|c*e
z5uf<plxWIZ9TE_3bcb@PQ^X=(1Q8F8ymUxAyl!lyon?<C<U3f-Y@SG(p}&<byOq;P
zuAkq(y4i^n-som$wBez*ezYYe<WQ3?oC9Y9ND!ul-oc7+?F#c+|Fn~et~c$*%_hP<
zk0zHd3M8Uyke-v09C3(zIB~3BX@u>^ZXpOnAT9OuKoj>GHVQG;`<>@{m4${j(WSWL
zF#gyB5V>xJMd%C_CFVjCabALUeK_(Av2jaS$OJEc&o4=R>^y1%zlo{_HVe#BBg~1J
z+_@`@Jj+f?B6H|n`dKypP77;x0ddNvsFLUBYr|;W;EWh(7mB+6ep|A`!^6ig4ZLro
zv=L0l0(AF0-zRg=fm_#ZHTPp-9D7{C8V(mL+NwcLlNLG@XgVvw=+ZR?ow5(j5iW><
zP*h8tdLqk+H{12ot5NYjU^fW!GT!lrbT;KKcW>;GaX?Rc-`NH<Q%`GfTzn7{yIXF-
z^PR8VI360`A&-XMm83g>y(-tI*zbAgd88D?5$0*T{VCKK(ZgYfBUpG!kFXtkD);ru
zVV|o2VwaL%v}J}#aXwNaXraYkLSON)snlzI+pncJk5@YAN0n1}Tpn|ep&scf7@2B4
zC(R~r8f=#`(#l%Q4h<T(xV+Lp*3Xa8kH(@pJx-Sj;Z%)%Aj?Vue0zUcYMUD!kgWF{
z`?{_;{{45{1fS=yt}&KS!;}w31o1B~4?LTD8gp5xqlnN@uz>7jD)iFZ+(t_#$O+B;
zh6rNb73F7bIdV}1ci1-rGR#x}e`uxG8VD8-c<|;!md;o-<4x&lG)qlgz1hNeZ0ww(
zr2T&!v-OKFoDS%xrO#nf={F5-dcuVQJ(QO|tc=sa;398h0@etlicaw2JU^IuD>(nS
zePlSqaR8&!p_6|)YWdq}!FKxojvjmTbugqgz5<(X40!u3aqy<UFmG^F;p|T9kk#uD
z$2_YGSHfVlN(2RZ`4eCJ<AMcWltH(&aJV<*OZ}7?MXa^}dMAOnLBbUUNVXw6Rjy9C
zY{5@1S&Xt2x3XK1Redb?`E=t%z%F{)PR36HXBwD8OJQ=M>W#hj>}s&(zPCrZK?90q
zDtwi_J+UgCZFEE2Dir%me>WikR#Ih`vJCZvSuZ;n*P;|drz>uzYube1{Gses($mRL
z!+D<U>ZxRPPdhaODa^=7Bk{o{_1Oa6BPSP&H?_@lr-LuBFBjvlU2u3@VBcUSb?n}G
zu9lezWpX@<x#DQe$bF}pgf(whR+8bT1#Bj72K)g;=ZG(7fdF5g(%r>7vrNdb$gZ*_
zP)mWss)4D)U%YO7;VWmTVe_<HnEm3sg2U<Y8;_F69hl{M3%a08hr{TjjT1`t*r-?0
zUkS~hk?mc{kI{~}mXK00Q!|UNE-(R>3{$V)TT_qRanVdlBlZ%pTF*2%tx3MqkW}r3
z`Q(cGN}6uhyU=T52(hwklmFOYs)=lvxy@>bFUjEk-p>?wZt03ko7`5+#O;wPhhlDn
zJ4$|yYsV{Sg9`6an43DzDkTdQc^*sr@G<y{xkqbjnKMc-54!Xd*3T6~Staf$!B$AX
zgfNtya0LF3JoN8gZH&k#cME!1JI5B#QoMH~Xeh5N6;)h8N4G^E_<APO*W2-K`eic5
zt#2#i?rK$kC)XT-J(GCKz{N}5B-p4Uj4eo~>_XTvZZm#8mjy5t32pg<b;-X<@Z(2W
zVMeH2{4R`vt|o(H07TqutHTZZg06P~9O_0X{wAzTVxs7BEa45=ujhqG6suX<xw@5;
zmJIHjDt7HL<i7`9wTL||Z^BI3l=Aa@^qGj(B&D<9-h5A+8xm;>vKmG#YEUyC=n3B#
z52hNq#0O!X2e?n<>lI2Q{DyI9QNH>NAB(~+nu}uCP56*iw48`O(45K49^befiBaac
zp*IMJp#fh|PC?otmh?&y;C-**V9IY4vBq*@rUxjQ%<4xC#(V%R{N|HU(9<Ia*osUh
zeR`xX+Tz?hweUa(Pc;=f-X(ex0Iseh+}IIcsk|>y?ZZeaS~1XsFU){rM4WSdsrUY|
z$7Vq)yGe>&M3p)vod7-*BhZ0pcc<s@diKcpL{$j2vN9&o0I3HTKVnmJ;UFKvHRPEE
z>|4jhhV~lqcq8SojY~&H8`|5d)$Ih8STx`f?y!_XyymqbRM}*rN>KsqeHOcwF`)}2
z_KW0tdE%eX477NHm}$=KmcN$tc)oxQ+W8FVX~P}<h#*_{VQdT2kA*(h2=6Nles~w4
z52NEm+;KR^MKqkp*0j_UPFN*EC$u|Cy6~g)pxyiIx$toXx)XT;0GS6a%gOrD6rDR)
zA3kaZlg$NYXUQ!qxw6{Ad~OvFwe5Kwc&Qis&g2xazZ{R-lWMcBJs(uklXAsH^%+5Q
zAA+%qCNrp3omhvKqQRpTEu8dj#GCle<~=5ACnC$N=Ya(>LdFy-E?9~_C<Zii9eAKH
zjZOi&L9F@CW*iX1*Et6w)}sXSF+;>srD8hw56yN2S~a`M%X1SFu=hvT?xA9)P3?XN
zeLxrhHn6gyahvQzsN4`TJhiBLtH2T;GrGt^{B5e`zy`CY$3QLt;+;?y6T?s`D#v_s
z%K6E`E!V@_FT-UOCtXU{DYWMh7xcULvdxv>vUgKeFd>2Sdw+K-+4nu6OHx`-;@lT9
z7n#?p%@UzO=0JG=I*$gJP&U>EcZ5VPVSRPH22p-e08l*HR?$B$UT){Sjq_&86j;m8
zee34K>;q)Okdu-Efme?XvE|;M1;KHWwiA|GFv_TdnOhYmJ`rQ=%0(B?*I5Gj(I69#
zJFkJIms{rE8Crd<129!KAQ1%z?saEkV5aGVlvdb)H!{L#5aDGSKy6@B<qgMu`f6=N
zH*F$-laLvp*7;zP{ar+>>dxT^PZu20Bh3U8)UW_IJ_I}dtpPbn2T@!FfIG4v8&xc2
z=FQ3RK<HA^Epu?_0MANL6K%vcSp@HzoGYRdU-{a&_rYqPsT0PzD}IA4gwC!J6$R7l
zQ{Wm2fNl$TsMj=dO3Fz|laRn1<#*?}+&OAPfTykrQ?XM|+xAAMYQ@Y@AgwzBrsmiR
ziEsk;K_o4Rnd}^*r@4jJnDT(g<3(V=;)Y|HdGE@jMIM=LP8Lwn#9>nVnql@xBAM`$
zPb(NY0BsD)HbB?Ucvd74Jt)?}C~@8F^q<1d4RTI+s6`}o4pu<yM;V2qcz&t}C!aqo
z1o$T&H4Q(CZ2Jcxe9$#rM=V+xpy0`EFk<efy`ziCs)(7Sv8E_@)e283quUOX#0NjG
zV^{Yks8s{P-<xT$69H6$gr{1bzJXwQl_P;3Dq&6Il}5(r&4dZV3vk5qwo_UO7!8b_
zc6syVe&_Jz$?BwrOx*~!z95v5`i?A(y=Rr{=gcW~q&WwZrdradV6Ozcueo1fqu-tZ
z^EnK$yD@mXiSMAj0b-Q{v<nxw+1$ziwPL8?y^bZ`Slj$~NGv}uP;ihfj0I(*hP5&I
z+sG6j<AI=h(5?c6*Nqj4Q8=kAE)>~`<uPRsZc|S4kKHw`hMjce9%v{xs-|xvPPtQV
zj2DMy7COZ!Tb$9G-<eOUQZ6QD*_+y~%GooNA9zFh0Mq3!V=5_NRkM*!zd65p3VRzT
zUQGviejPXgU(Y%J{P0m>MNN|KUFNAhgMe0;Schhq?;N`B+svS}VBw?MR}?_?S1t$a
z?c0c=W^vl6NBvZQJ;$4U4CFHuS(W3ZKB4IaM?kr7U9!7)jn<QfvJ<y(fSy__Gt9PQ
zSb=q2-?4B~DFT?#sG8TB=S~jqGM3b3V+OIgT(<JqP?!iru32Fosa%}sx-d;D+12vo
zyWTa5eBey6bOn3iIrV8c*Pi9&o}E0Q_HTDtU}5SqZ^pBv(bOJF3JH4wPE{O-78+Y-
z>eWv+i*b?9L~`R|)W*Ws7;jpKez-krF7|6UNF30Q<_ss@Nj}=7g}ggPWL8sGWf}nw
zhcpQ4ZO{-;DI_n)Ve~yXgMUgci2+P@hX;PHi)gK4%Y(?UC3~vY$9`&@*7Mg&mrlk+
zSJ;QAbN$kF?P6k~{74HYhn{ar)A?H)6Oy&N;jq>ZGrlc=Li^nW?fxcrIh?rrNK$>(
zlXu~ftKEYXaP*oWF%CEW2?{2<CHYo3B(<h`ppAWPBrWOgjRH$8k8M#4SF5*LpEfGW
zf`wl&IIv`TR7P$9SorPwiO3={4}Al0nq&5SQLW^wa_Sy31<Rd&{iI-eLYR=Kl~d(N
zkh0k=BZmPLXe!C1+JdW99=uA-7#ft+N!fi?9m(6`2A+BFeF$o0pwezFD`|$ba{&`#
z+@Xp-U<EDIj3B11`aJ|*j#^P;nXW2;KIdXmP>%FL@>Lmpu#<g#r0Ka@U+>T>Rql-|
z-r9dMeY)n5f91BE1QcrrLn|@KCwcCpqGlkso6-Thj)d}{s2mw$`}`GkPa4_2?GdnT
zN7}ZO>+N5ZE)<`Rs(=@Rt@^WadG>rx{QRC)m97}LVdtYq!?c&->ndnrb2s*xTlxX-
zqT5yCqWhaTCXv^&iS_8N=8KGvMrhMy6~x4>S;L7#vVk4Z-mggBu4fMkM|bE4@1H+?
z#Es(3FPveW8j>C9$$K@x*X#p%N<pDzF-l|sNsV8l8o;}<RJZ87Rj~dfp&X^RVnPHL
z@)Nt!Sx*!D@)D}dWZ`<03A)h~b3tx-C?BSDWInP6ntj0-o!V(^RA(i@CfmT?p&#fI
z(>26km9MLRmj}HqGvopBrv=UI%uL^7MY`ZLy4KM$3$di+aD#s#!a2&~viKMwqW<Q-
z*%@oZ*T&ORV8^cq=24}Zr6w#^mJHp~{eiuR-TeZmkFpYa(dg;P3>Q{OqVN4QoBswV
zOxD5m&GW}%^$RGf2UcGUQjX@w2ag`7k_F{<!Bjo<SQ%^Vy=#N^2Weg8y|Y};g-s&r
zW6DHTMpY&!Lm1u?=Ua)nE9SgiI&v$20Nhq~M0`aT<43XwR!6?V)o8AA9c}UHkcIr%
zSJ_Hlwd3L;UTFqed=mWia9iE_?Q+`7QoMUD1{u8ejW<3j8FE7YY0f^$pCPq+Bmna0
zjpWM}io#%!RM^OLwr$N=%Q<=hWBaB*{i@c$hI@lo>~bbjbRnz+{wZ4-c9>y@#aMPl
z3Tw(FNNtBb{~|`&bu;tvtqGj86Wx{!FxM6kPwL>s##l;6!+0u#cRRj3W@032B2Gx8
zo$0^_dCm(di4E9XoZ{}B7FcB0nLnsZfz|Y;yKy;VhSj~~ubevGaBnan(yJAZy5y8q
zsZ^fkh|n2GMVsRfyzZ_@zZpUx8>$WI%F}dFU=|&n8%{T?Q^wU+r+qq+Yxc!^MhW)*
z`HV`+lAr4e;bg5{-ur>9b^UmEKRi58;zOVk_6DK_k3|WK$usNUUcJ4+H9uD1Tc2!r
zDTVBNHiLM%sTul}l$kmxd8H^R)#LnnDqWT09T9QHo*b`XGsJ%#yFIUKzNG9QKCrE&
zCq3`tID64gSLeJh$`_BzaOU<uMoPpzcbm(PyYtfu2ypvbJFn2?*&2s_Mys*Q5hJiS
zp1<c@(DwKoJI!4*l-RXXK)h+1ZVEewv@!v$8_VR_eOQTxHp>_83#iOgsyiMBfTWY~
zOSjL^zfE~D_>_~=qY?n0Ky8F5X3J{&$?EB9aB<L28z<m78I6nd0TLM)znz{=m#*R>
zE~e2}fihoDtkev1!JB0{!B%r)XHx>qA*5GWPb|xQg$^`u(^lGlCRRf7C{x@U1ji*)
zJb>vL+oud!|3J~(HO)zUy!{VzY^0$K#FZY}H4PY>_S4K>08S@1FEhAmgp99E&kDVq
zAYV^s``?R2BZ`cfB3>_2ky)sBi&q3Pdb?et8k6jAq3O`d%$H~8T|caGc3r2ZX)7&%
z&wsz=N)xLnGG{J*JSS?YyWkdXJmj|Xsdopo8l*m>_hwg{nBKx+&8-z6IJ_&x8Qn-;
zP_HgL(tXJ6{dCk=j&*T{tMU76>}Wc>#WUgXdxQJNf3F3(nV2~G(N#!4H8BD2!cYM7
zY&Z7bLtKlD{+XM%+acdZaxtD}^uN6D?%;Qd+W%X{OsEn7+<+f9^n!`Wk>4LU%m64<
zGF!=%UwUxg^(X54CvA(pa=eXSH*mxG>EBp`|9iek?0aB=;+x<ZM-S|M_ZJuQ>Bm$W
zN0Et$ANb0CQ09M(&c4e32fDpC_MB6rmTR6o1L`z#DOc-7KY^5W6M0?=wHJN@AH#Zd
z|AnaKvQa<aVEoC&>`giPTU4i5f}@3Zl5Tv1=~6kr-MGbJM_2y~zx&3pbLzzXw_p@+
zspK2lM-R!K1FaLq+zwIW56?+-{v;Qxe5+TGc3gRw&-J|svm?MSbc)TIj#1`D@8mK$
z-^letzl6z|_u8QAR>VSxT$8#NzX-8o@LEW-<xmP(U7V@PrVNYh1em0-S9zjWt5Yhx
zfJZKe{L62Iqh}YdJXwENoLt=5Q<#JEKxLNw-rFTHKaEE?W5Gdp7I3jzR4Gnd5zxZ)
zC+P&)^VxE89->)ISsJ%42W;B(Fr;Fj+?HC**{#{={DeBa%oVvkoBoxD=%BkEFnVE+
zVxYy~yLJrttlI$D$>aFo!}D4v7}?r7(B{a&whKeNjedX`@V1%mhh`tnQ2UXafCI3y
zJz9dV&&PGlG7{!6PXYDz0pNRDA4yw>le{x`sG3qqPK(-NB72tf>CUH+po8z2Kh9RB
zEd8<R!Tm&>9)#Nq^1sEs{UKonsN(?zq5|PY@OvL#sA?)pz8Gb>H9_!v$a2h(I{?j4
zM)%t8nWh{*8|(}4F}36my>&){Zs74zWIv9y5zy?<?jCNMU0(IwdbKY0`GsLO++<fr
z_#T(`1|H{dSZ+o?(AojCbd;}>xC3~Jt#)bVi_Pp!lFWS9R^!ATb2lJ4&H~+Q|7bp;
z_M!lfIU!jQ>iDaU-f~777&_|9nlvd3r^^MUM_z*C-}`K;l*U?tJ%}^SyEyC&otFwP
z%x3L;kfY(+vVe|?4=i}$K)Z~!@zq;<2?ol5%SnH_TCxvS5UP1tScJ2>Iv!{h*sbw<
zG}v%R{BDryZh1<j-X5zT?Q4rPfVf#eeB4&28jaIB5u^Pj{Mw%uXByZCMFp~_{i8GI
zzg$`z@#U%J;)dlXS`pUM+Ykf+kf(sB?}ED=2h^efjD7-|ck`%dR?xSQ5{>&kd8_4_
zH-iD8YF;xeEyCpu?$ij3D;x96-2@z$rk}^`%?9{ia`kHWm+1N&B#-c!{Zs=LqS5@^
z7TU;xuBpR`{Q$a(QlF?&!<M$9fz(O*PiV}9;lcaN9q`M=GokTIv<P*93`o1!@;`My
z<xV=MLYMJcXM7c5vnOgQwqQIE4?U0?!_tG)c$;glnm$K;eh<@#kI|fOaGp`}L7_@N
z?p+$g>LL1hBmGxc%o)Rex#YuP68(Tj{uz7%Qqf@X%L_pLbRx^_d$Zc`I{33rVE>Ew
zau=M8#?b39nrFet-xGN3a5Xc(D-_S;x?zC`hPTN1R;D#z-qi^jyvY&nhP!inZGZ=u
zd+~A9&BWw^ijNh#qR)Czb-m#BhM|&5JUnP@?{O+|P%gdD$=NUYw27`|tw3m%ZZG6O
zKVWG;>Q~>GjU3PJ(#p)zY*$ik;htaS8o~@}**={;1GxN+nQMAxanJJ~Wf#LN8J6ei
z+8jL~jB5x^&i{6(AlTIMk)P}j<93H;pl@ej#z8J53fSW)gP$i!vnMeX`?j-{UnnBO
zpKt>}I;*$h+tKFB0#^RO<!QHwZQ3e1bD7!e6rdj(P=%}|4Ky$q2dm8_I87e0bvJbj
zzc)djo~1r#!!R4ar}o<_x5+Gfwt{|8a}5%1^?m&f+hgw%Z2BG7_Ahjf*)`~I!x>Fr
z1_4-*=RKWXLWFJ+1hi>@KE(1a$j2BZA6Q!4Y=-hyt4(E7dwL)9N~Hm4vD1sSo#f>T
zsSfIo-nW0JcDI%7fdQ3J>=TTzLjJsbW$&YKlAa30Kye%Z83(fWw_)6<4o0@KcPlsh
zAWA&?u57aXRoO&r`>AYx)3<A7(rSU(euQ6C${r!#Ol3Eb5#MSOUoMnwW<0N10q3Kq
zMdpy}oiQyjd{D@Zz9}DGk3a<u&>aPoL}ra*lnHuu7ZZz2RBo4Q0x#!{nnPZaf9LY#
zOO0DiJIf}v-HqU{XhZhpDLCQ`<zBc&Gu}_COq_wHf<Ic=5z)fL-6y|)E&2Dv&}*Yq
zKztqz%!s>ZE)KYQ^TT4DFANkP<o~v3o-eX^AFaKfQ9RntlyT9!Z@7AU=>F1iLA`@~
zDmxOR`w5$Jyz=z+eEo`ee+Mo|djBs6{BP2ugm7Bo`?9;eT;x6A2)C-(-a?w9f|#zS
zKrm!`3&R%aipAU)Q5;WpCK#MoZ;}ic5zICUj(z<sR?y`~kM?I42RrUJ$2<e9`v&OD
z)Ep$q910P<K@0H|*>8v&>Vwb_FRp5X7=Am@1wZd!5z`QAfTW^t4VD|cX7~m?ZQrCM
zPf(~QKRXth0E$j<gOBAyeTpTPM`^b6Ol%;V`8ZlYLe3uv`Rrp0At;IA3ttCymh;WW
z=H0di0ySkHF38_~>hxYFA@1oynYlz>X~Z+B0Rf-n`k`A7c9XxK&8z!Q*4+)J9#kZ3
zG=?QLlCA&VBG7ouZErHy$xnv(bDazM{)7g-Q_9IbLFcGc%FS^GTIB0}mXo#Tkp~<A
zrUhgt^}P)CA3`lUHfK5?0t!?xPiR8`^P4vo*<~gKDf}=!)0iMNmX^6A8etu8mU<Kb
z8>bNm5|#;e2H)lu7H^6$oR*SL+6b!27e6JiBR(FH1RAMRcmOR|HjR;9{5X%0U=75I
zb81u`3k{#Afvv^l^O_AHVwDt5!nXHW5MNvOA6tyM<hBZuT4BVq516P^!`ACNa6r-r
z|9o@64P|CKrFq@$U}sByM%~SuP5{3k+^;l>UM{r6#mp$bm74-l!yXtNb{;E2u+?P+
z>zYV_*EVdRA?S~8_&q>Ap{u#I<Iip|mW!%X-nN=Fs;|K}YcayU1`bDpzvP`KJ_SU!
zrsfdQAC7!?r*0ZzZ=C!XW!3HGRC>cgQ41#!sFG=fdp#ISu-2B&q0p8rSU6$}!5|h?
z60;F(kuuDhzTeknrSFh3>|N^=2b@FB;c76KR(kup91eg_`DaIy8Xxuu;eaIZm%bzo
zYd9@$0MD5>EBMc`=|T^fh5I~dp)(zGzVj;UmUr_-XV%_eRc0>qy!8XX126!<r~*q_
zmbprjf##C@ZHgRE)GsauY;j8dxUD<npRD*tAKm_8#UD)96L9-Efq|L&gkB%8xW{Pv
zVyT^vf5yiTCL-M!5u|{J$P|$V-}=Qj9%@mYT96n1M*l1X@ciJ!gi))bdl)O8uB9!t
z)or#bw+UmPJ<H(ChHD}v=pp+GiT2T7I=g?7<GH_H-{rs@<^Gi6M|1RleyYK}`gi6L
z&>-u;oQ%g7Dj45veF$DVcXAnQFu;8=(ZYnnm1R6EUGG>;)z332xi#My{!%}PeeJ`V
z(bRqe<PQ+AF;TrA6!ttn^`!ocinkhvqgKMP<7bDpmdvT$h38r8qdlk*g(EO2Vy`yV
zD691yA-DYvoi9Io<aL<mrQI6U?02(pATXUk@bkoA+Jb?sJoCy0d|}yE#0cTnqey8@
zfo1zq3glF%JEH&9FD@A{>Y(J-qKAJHGabso1<gP%oSx0mA6-ZYQ_T2d%>}+o991cO
zEW=bN?P^QoM9B&cRsOC2wg2lf!1OU1)N*X;x#N&>JJ`gieW_Wj14tpe#C?Ry=fXKD
z8qvq9kLd@aTm;nTPvT`<ex7m{XxC07d!k4;l-D;X{KkXW9Z7d_>rr&Z;Q-(Iv+f~X
zk+$Ru7<(eDL%Zc=wEZC}iptul^)b<SoLi!4F|di9zHxt3U@3xZSksGu<)veV!Tr#m
z27v$9aSXszl1z#3yKRof>U;?TzTdv{ywWBBpN*|M%aT^96qe<tqZ$8p9K+H{MUqQG
zjZ1EQHW{vl8=seDR_bnB(ZjgD;jdgK{m0oQfLY%|7}}`V6#vVe|Hb$I$1{4?QVA;!
zrfv-E=@*?B+K4(ch!V0p>@K6w>~10)e2tEI0nE-c>BE!!#CZj71s@Q;b)T|!#WA;l
z)*#8+HekJ)_u(l4ngQN`PW)+-yPx)6G2SlU=-vWfT+$eUU+yXNC|@Djd9L90e>&St
zH>C_-kNfziSbpmTw=-Lt1_kFMDSMt9sc0?)IY+&3eCD#4)N0U{X$RGw|E{34c-4o!
zg=Nk$;Kmh}FQK%$tlUlq5XRD%{kDS&%mMht%*eulkP)5|)L;01#@8!L02m>nx~awb
zG`q^2pfbgs9OWm+#jgA2btEvy9vL_rph{N01}r)Au<-%`3%!~X20s6e#PS`uRw{8f
z^o5?ybk<W|6UHvHWQzhO)Eu1OS`?Vvg~o$!#_j-tEgN%15%%8j7-%e`$JC{b^FoT6
zf5LbCeu5P8e7F-L#PbG+JKK*b*SYf<E2;*c1Os)=?j!6={qBd1HsvBo@=+i5qnM#T
zn(CW@=LplUr5-(LosEFBIlOPe&e)K5slk<39tAiHZ}?k)$qJ=B_NGD$Fxikdm8U&j
zPC<G2si)U-wRieLzZV7kWPjKeZ)XSqwK@>NPuiy9{5(qA6JLIw=4?#tCCPC466v*Q
zBk=#Q_m*){t_$BNh)RQWgEUHagM@&9Ac)c+-QA6JhaxR0f`D{ONev*abPgaO4MPll
zE?m0zTI*T+Iq!RZ@A-1h^AYcvapsOI{@Jv;^QfCi%B9C(6XM7*tOo(c9AZ3(ndS`P
zHQWI53*OU{odIjpoYPEAMObxuD>G$tuiJ}@eHuQ|FYcF}N$$R1ej0HzFz?g88Zf-@
zTrRpV00}huGd8#fG*!N(DRj%<_&)1Zj2CH+sPN-xzjWZqX#pA@X~*lpvH#74h4@4C
zaE<b~I~0FxUC6fH?Vsc#*Le&9GES&@Dco9Twa)9L3(4E>M5Os~^mCcU@KLu?=nt8w
z*g?VVzaR%f8r1PIZ6UTGqvl02gJOH|B=bimr9&Sd6@DI{JN>{q=-7~D!KR2=l_Su8
zcAOH;?d#>L*p>nH>09iQPz;_HrtdY{Cag22y;i=xVNi36`3$6(#B6<7JlPzRAV=oq
zx=M?vbo!QnNzvyx&e)i)NaFFCA&_eHxQ3eg(`};LrZva%!(bg&*gx<4Ha-)=Or48M
zRMIEKtw`K}{<H}Qx-elvfCmXc53hRl{6LXKf?sjRi+>i`>+=9Zy$c>?RPAW)Nw3JY
z05uaLr=8~<eEW|RbG9}tlYsZd%)O#HgnipL8W;znwe`1WL4w5Ref13uzti>%Wy77)
z;tl`~tdO@8;SCa&7%t7iG>U4BstZVq%qTRh);gBL$=sV`Y5uNDb_Ttw|0K&P-Qg>1
zj(&8g61p>1qRG@$b<?PXK#-5D#?C}|Hb`;akLVvwhT4uehn#_1Y;=lWqX8ZJZn81&
zLDE;Rv$3F$ez`lnK{rQlcLMQPdk~adTDQjnAB>B`ZlAPQ{VDP*zQ(_bj~%IbwAS_f
zLq+K7qmR<DE1x&>Jn>D<s98T@#4rP4qxMxy);Nyj1L}CNLT`_b@8a%Od_3>l_?C;7
z!Uc~((TGy_S-qT^jodv;NCH&G@7XSeeMgrO>vdcSz)$|$Xbj|gbR+VcWl6|${heN~
zHb3FXgWJdHHrCarf@@8jJqXkHDw^=8C;J1XLKBcUO2l7r#^XAMC%=@$$JOGGu=!l-
zu^}Irm51AWt%$jD{d7`bUUpVuy6cB&>r60tbRYuqdFF6Cud3gV8Fkp7T~d^@PRezc
z1T|%|>{^Bb$?CLQ#2z7T*8@!4+LkV_G(EFvYFpL&I;P=^%FBKKE3^PsL#VW&9{oD$
z^ss})9a=nvp~rYDV?Ec;LKAi;VypuxQF_J}-nqYIP8Nj{ZGrU@o1ea9jGS*ZwGa$^
z!=A3^^-w&x8Q9w{Xwyw+O;kM5`2N62o8Pk}>Lf9_4q#X7oPk%?8;P})#4>lk&fFI_
zoR^}ZKID-f<b_I_QJu<~Eqr^N+*PJe4ShN0A++0sW7rav+sC4E9{#^>D9H`P$4$XB
z8p0&%@|uR47sy(uh{+3ID7|V=K&F_20yRi1$r=Y5D!-@vIVE>JhOQF!LA`-<mB17A
zXCY5Lu;xcGvnjdZgWf-d79^T-=y5Ul+F{`CX(hnD1=6TR>|<P)By%YUzURkl3Zu{#
z#G!bLfWfR3=^w2PRacUWJVHEpm56RL*Jj;}R%W_OaWA(sJcvgr_W586QDDp%?p?(D
z_!2C40-oT-SRjyKX-Q|Rc@1ge4D%&FU_wThz`<9s_otOYuk*)<{FJWmN;_DS@_5mK
zjL`;n+N0IB)m7S%aW68%$@xOBuWXZ>#dqS2QlDLnJs`=TY5t4C%2fRhr^p%`rm)OQ
zGUf)VKm!FbEFc>SEgvSUF{VA?q!m2@>J5|6BE#6zS*rK8I#1(E<LtA_z9O~r<CMRX
z>apoq_;yoEVM!!b01GW#@mox2({^HGj0p@ayjU6n#{2^oj>@A}!KuHqLlAa4`2{`R
ztbVs_7JfXEdisLx^uR%moFgxetWvD(>?#zGy#6(9%m@08p-SIiLSrxBD+`79WHZ{Q
z*xSr(EmPE=1oXyOxE~^zY84kz#n|_?ow7OCX7U}E%hktqzjWe5@%cbBO7KtsCm;Bw
zGyP4i4eFY2GLj2+7n!&37S`W1^0R<si!;_@a;GBBTN4#VM#kytARl`pgt#3n#85#8
zrCjdjR*}q#+Avi{!~tnr@4$%x{Qa<2YG72ccX}~ZYmR9v2jK!By%L`H6^q)(9Q_T3
zA6{aa>}GN?upVvvo?ntuJ8!*~9QgimF5ee}H^^Uzw^Ldp*im%n+ZOADoh3gOU@>*t
zBp=*<v8KIN#Nj97qC8<EuD&#L1dB6z9*b-c#22Ml9cO>{lP~^8DxwtGLl@I@dNNC~
z!ZV^iQPQZpRnfOFYHJPbX~PZ&UeR8qM=kPU45Zaw@YtmY`A-D|MhntrgtouLV|6m9
zm5rW~qS@e?c}fXO%=AQ<%R{Y8^DHko<J5R#{#p^-w1YRet+3N`MgQi<IZ$)b=0(eF
zzCvwkh0uN2ZMqJXnF66Q*ndlm0mSI!|I?%YN~`&&5B{Hne-7*UKXZmC;KK^Ma0w{7
z^gV-rXFC1y+_uN+6+SwvH|6?6n&c$&=h&xzezbpOLjBLd>ot7FWE+t@bkBNmB^u=8
zU$_m<^po)~>{;jR29H#=5CY$0vh6>+VzuFt_gvlFUS(SQo?&j!eu`z^nQMPLn|rpu
ztv)e(hK4=wM>X&30Y}~1-i{e!tQ;BS%xIc+-(7jQ+3ZQ^md<9aUTt_5Mdqe=!n@7-
z!yP=~z~&`J`Dae&-+^MYGmYuzH(_aB@H5%k-MRUgC7(v|6XuzVy+Qk(`H;Q-`4+JQ
zV^=4b<CH$0_5f#>jkixTmHsl}(pU=}47WzVDG2!<Azu2@-ha?U7-SauRbNbUehJ&C
z^X!R@eCf6;u`}qf6PDKj&dA7R>V!iKPL0dvIlNOUB8*AgdFitH(>>OCxnnDuC31o{
z!8bLf|CYq$Xo@Xd4#KPVN@Cn0ezz2wTV8CmT)=(Y@9pgn?QKzubI+EBQ>+p@!niIS
zxGJpSRWs3VVM*mgjWMBAzCp+m6kZBW@R1Wo<9qQxI$~T8RB6B){$Qbu|7&27s3)}p
zlAZn;f?bmr#pS!psEr*yBla~&<_-1Tvo+Pl%`|unW5u9%Ol<QNR_sxUVQnE#g>gY@
zdm!CB%x2fE4o~mJa)bSq6d|tizjPW;3+wM$uXpZlay6zRw(lC1-9O?a>Fg&?pAUFX
zHpGj~mTo1JO?%FHQeaKhwmd@U?RlqR1=6cVROs~7?~)|XW{oVfJ%S&louh0{6ZhDG
z@xBgm26!)Www1O<isO<o+=%?UeGE%$(JcdF3HbBXAzl3gjZz!eFXTM!{(O!?M<;47
z29BfHy4Y>CoS1IUF3Wvo)*(Hz?bZlWYTQa-R<dN+x11r)(B;0`{$r}R?}$s4TZhiv
zfM}G<zt4*=P%HhT>n8@Z3G}qsB}Oh=T<_T#V8}YYMU+=CJ;B|%$hw`Ts0SeQ6kS2v
zZgI{hqx-!PI8XEK{H2-UmE^hjnJtd=C(oFt)ytkzJ~vLU4+~|X%OL%AuMP%A1qcaP
zQSQ(kX)3Vt3z{eIw|^1}E&sr4z6TZ>LKtTl=0#HWW9c$3Ul0g+k(%R$Hf~NJ(idTJ
zH&8{=HksR4%1E6du)#5i=cv_$RJ|@eDA0FpSd1Kvu{JydBy+0JBO4IsNABpb_M4kK
z<k~gzZ<>A2a-G4J(w5Ozpy(|mg_6z#o8FMFXWuwq5mx&g0*|N?waP-<tyzD!LiB3h
zX#2-DpNEp5_m%d{$X5kAbv1@-IW*!ed_JO-<RLV|r0i?cO8a+J5ki`8yUnzCiKSQi
znv<f3JIC+&gk<dWy-Eieg_a6@whM2uaqA;uOL(DIbIiz+_sh;?D-$%PM#`GnmB+sF
zLS(0t>>0U-DRJ`P=c7{c;b}w;!c~YX3h@1Y(Sf~tzw|klekbO-Xl>Je^8Txi&X9q}
zod}H%XyJH|zYaz7*0n1|R8A9RZJ^tSl=yec>e-rh9Gj>`x0&7Ke4gpixSBg=z+y`s
z9~d%u_kf-s4bP{v{d6v4zpRwkkn7Y+HZlCQD5bk>14kW>wp_xY-RB{OCtCvWlXfwr
zW~Xv>Rl3)w4qPf81K2*i=hfZPt`gry?`ZZXf5U(ebef(>_cJw;A=$?wYskF|PT%1^
z5HU+Mrgt=bS}(bX%}lAt)>(-WYj@QfW=>G&^FzdRPE_mK5|+;m30>93Mhm05!om)4
zniz;?p>KBARc=UMfd;`A_Qad|^7xfee<=XYUc;oJkBD#?y+k;?a|<y1tR0A+N8RnR
ze3gJ%&&EP}o2`n<?uTTXWZQ7mBhj#)_jC$($X$rPViZez+fjrVHM>gRV$<1W&8p5K
zp9OX2s53>k4?f5k2Q?>#Yi-;VH?Y86B8K$XbVU)$U21`cr0}GXHrB?+XEe6_)LSjK
zEKUwvaNcaqV}PYce!1_xYp}Ek2q@9dDUA}?Rh}n_y4vT(XaWjsAE(C1()7ISMd(0k
zJ?D3~&+{*Yxr0>=&uD6-ydE7G*~L0}lm3!_$#jci9;?Aq4^^r{N;TaQ+C6Nkdoq)<
zvi-0&wC*%)Ll(o(w?DLgW^8|!yL-a0u$|nR!;YYf-6|~ZzrOg?oI=0yh;{cxMXtzZ
z5Hqp~1)j#i?JP10b24;d>-(q|Cq0zd2a_d3un`yWvHXT7DJH(9PILYS8jVOy3ddIG
zRZg!9;@0K^pkxs&bZ9dgoER*wbj^Jtxu*E3<-yGnOP9L1__%pZ8snmCR+eCmP1RuV
z046gq*68>Gy}=D1vs19!emS?;2r;$Be=I;PGqnEPsHugV#IjMcjYX*OV&x4HNlf39
zW(=Pj)v|gOuTCA%gvYa}Of(grlbIe&a50qnAWpp^^C(1mGeUrSQm`ok2i+#gQf~bc
zCvQ}yLOy%MR`2u>5<+GRW?FI}!%-x&fu9GcSx#>ZHRcxdTXel^4lW-+?6ZbLVJA@C
zxBf-<85hl-yD1rUnr$gmaE3PT&WuJ$!XCHIRw9%V`r8#^g8$2dw~1Jr>-YudG56&B
zSK8q-#r<P8+(5OK+;FvW?lkaCiqha)j&+d}itZ*snlk67Nwemzm2q-A<fVp;Rh%Zw
z+w&su%AG3xrN}VV#fR3JpHj0D>SAX1;SeZ!Ci$;14!KX+q56bPjc}Fr(*l0_(%7To
zcEpFQk{jL#QzHnZ_vPc%pTtaMd@p+~wXr<RkL>msbw5Hm*ToyX!9bc2Hw1CMn2fQK
z{D~tO=L+|WHOi>!goU8g@Ww<z^HVOJG1S$b0p7LdTh8N2w53@nCah8#!xzccT*_KX
zNA53(5m}DLsRyACWF%-qnpOsRt{^QaY#Xl?Qj~6HI0JN~8G+W&BLs=$5N{~TSe-1P
zwTU!HY)5jg{E7_~ExeE#9);j7hRq;Ms`6X~d9|C=*$CZ-0IF_{pZ&Qv-hh~+%EXy*
zdV=$1R0N{C&)0%}#|Po+avBN}&xI81b9`@z(faqCdM~@Mv~#R*zi)T_tpym0bLq%@
zv+h8i&$)(fn735MEXJiWw(~OkaW1v@>)~RVsFNBF4U=Y5M*`dxTvA=_noFOgtOhfZ
zR9jZo`{wPpSi=q-i0(&5KG7JC`aFto5UrOWNdBDK;K8v{ZuJU&p;fQL^$0NQ4^0cH
z6u^r}4R1@dfJ^S&8#_xdZO+FhOaLX7q;qA*_<7(iH)!Rb51uOgT2Rtmdjv;WkX*IE
zUs<6ot;5>Z^wT)Gb0+3A;YAcKkug6k%>Wcby#%=NZj<h0exqc&EvR3@WQwBJWMG4g
zWv-FI(x)r#x2`7GDYyo^bSCfACM4HI>=?y3k?Fsk^y~XFf$A8ejPy&djdWuE7CSZb
z_O_pD+OvR)2wbPH?chYVN8EVr(YC(D9{OrDibNEg!d+$tC8HrST{-J)_NsgO43_x;
z9L36R{h5;?;5hVts7sIU9d4DRiln#G0k%Gam#RVQWy(okPO&d_#uPqe0^`VXO$r%n
z3{NfxGah3E8D}GoKjkW(+f%IGQ_-PnL4l{uq|`b&z@(EeqZCT;Fn?&3H!FHvQ~!&!
z<{&B0{Edb*rQG5|tdF!-L)F3f{HZK2t?v1E4n4Y}4wfFh(>O&KV&zC#8Yj@^pv2QJ
z@%25nsITh<Q)5Ft%hJMz>7(ra8tUoORJGusT&#AjJCR#Z^|geo?0lku5k**GM)b?>
z7KIXYq67c>{P1UT(mGHh)>{!ehH5v*Er({@=!!_VJrBGhG*yX<bXQ)b3aH;Q!RK!q
zRUy*s8&!PpHGg=){_cv;3d)Y|k7Vr5SF3J3@sF1KC_#ez%i2;(kl_CD%8io$`NrO$
zRBu@3xg{l0;B?)E|MkTpekRx9(N}Ai(Y~sZ*Rcf~&y^3Kt{aqG{O}9eCf%0qkMo#*
zAnJd3f_mV>v-s}N!rJxh21dJo2{J9o?Sn~E7~WcPTN?{G4H~Ks;zxtbU9hjG9q$nC
zGc>B}GT3r>(HeG{(r~@EueJoKHRADQ(!SBb9nFoW)Wzm!Nr`8iUw?EZv!5>ads=@X
z_ijKAeD(oYUhYXyt8gNe8oYQ<zu!?t-I#UX-e@>X>_cU5(B7I4{;TB%3({0O{ObCY
zZhK=ITB{bgc?YVj>6%9fdo{}72tX<1e94Q3gx!RG%+u$BwGcS*Z@<UKGTR%d9A}l%
zK+e4c9s8Q@gL&YK&^E)nL5|v6wk+%6iAdjD1<8Ua@8`FzQt`l+Ilcs!pO%TcB`fgd
z#A=FC`io6R;SnJ1uE(c+x?hMy0u~>K7EWTkxkCrH1ajqbqGp~J*z8Eo*P|*9l%~{9
zjIJ&c;mW%2$V0rD5*5MtivMi0kJ7HE>pt6CKTN8YJyP3;Z*Y-KIyBFn7qB(_t_bJO
z$k4+N1~~U#MTe;xR$j%a(wqw@u}!+m|C%zpy6;Pxye9LZb<)@)0gpmASogdz|7uT&
zPt7jx`kWylBAb>77kZVO*%-Ih*-#z~Jrxk==0_&Ej~-6^2n`i>*e{{yfVy8nz7q1r
zGhNtG4bwpP*y#QDM>B0464db<ZNcqm;dN)~8nNN29$dk1GXf7UIFDfPP5$b>0@4UC
zNAeRPUc)}JAh$+NX98)t(L3I#S9&Up>ohAz;rO_SQKLbt!g|#4;ZuOIa_|JnLTrmZ
z_j7ZIm_6^zov0kRGz>lQLknj8Is{1h&=xn*jman8BNs96S2Ma(9-H*YbnCN0XZiai
zX&Ms*m}q^2x92zDPuIM_;>s;%4~Wk+<fUhD59nv=cjGnXXU-{_7v3i-Q~VxS9u{no
zKd^$IUR-=h({?O=ow;^+L2n<UXjJxrsp=bzVNZw)>SZ}Psw^!7FRi7I4}+4c;){wF
ztjX*16H0(<P->(Zi`-zxW60eZWysHFE>V0y-n=TK_lzu^HG0MOE-F>hT1_Usy&dsx
zbkJLSAti$$s|V9pT0amPW$tjZLe=dx+)|TmxRY=xpeM%5iMhp#YRP<2Cm80Hwrbn#
zk5r$2(lwKDph#!6DPW6f!iAbcdL(}CO`Q7XrBJ;@8`J}bR&<%7+=4@LQ5b12_41*q
zn60~yTQwbeS>8$ye5^L6-A8+iTenhcpWQ^)^D6o-gOmc_A_1<<H?BJ{AM>Vs@Q;{R
z5(fBB<&uL#aH_x2lp0MoO459JIYCeM`;_mW$1re(r%xu7#FYV(`?BTso`DAS-X2*g
z)Q-qEq^HCd^e$$?JHOp$ND_f>O-<K<#LX~48Q}9WsDPBbjb^1!ELqwZ*I%&_&qVw^
z=kE`5koh+Y1%-^z7_Sm$7yFQk%?56(BKNt#CD!IptDbA7X&seHfCUvBFMsUx{I?Mk
z8_OT$dmR7(m8UlN7(af<i&2{{sb`DRt0hxjLRBm*-WXRVW}&<O(B+}Z;%o8G?^4t7
zI`dVu=fkE31i>`TcEFQc(~R?`^NdmNq+pBWp_?ojX{wHWY^enIjd*nl<57bNs|WMR
z53GE0Jwy~t`oe3guR@^`ZjH+D%3c*+@Hy}GSk`ZQKedHv5IoG*G^_2C;66|OVJ+kG
zj8<ofaxDaTHhbiY&d3Y%FKbpGq)hrRjn0XSV)f)5yJ6vXcG$?UU^Q6{h&$Fqq?V-6
z)Tw}McF1h0p&#ngndxlG??3lW*nGKBXFCq}5v26nUnnfIwCT5-t8P)3w|vN}#<6v^
zMJ*I2>ceD;{5Z~O{q#%Yi0J|Att>l?AR9}PmbmNH#(2`*(uIT*v3LENWDQzp4}<v9
zSR_m!JdK_cEx`inatUu??Yob2t9g(~G*1LH#r+?$o};C$9jCO<f0D!a)76GA;H{0%
zOUy@#KWO)B42aG5T%Zz*EU%n3cXL}}Y_fYnz3a9%F8<Q@0<RH<_|t_ITf+`jTKTLR
zC2Upunuyp+9Abu(Cv71uvG+aAD}CwduUZV=0GDZH{k0lbr?nz%;gcSr;IViUSWTwP
zo#s)Cx^~;)d;$5PI}NOBgoJ}G2KKxt^MV^s+Y``Hk&o=q>lQIvIWWxUOrl)U(Fo8(
ziEvj!{5MjoUC+9`5WC-y!E9;EleSBbH+M|p0(&!V6*D%BX0Hoq98>NHaH<QCt0HKm
zJ?|p7>LED#VSiwQ)8E)>>?p$GglhK|eiIFK^yOwDo1!gTYB2xP{Ywg*S77j=gxueG
z#U{)tJ{tRp+-UC2E}m;W8Y;4(?dN(SOt%Rumz*lhc9`}f+cT2VIF!Y<dc8jD&3P?%
zl!1}m8$~FiqEK<}0UPmLG*tR)=y_#JwqKi4xpnrN6{`oALf*u2%JPmb-R%#)vUnd1
z&5qX8<-Gl?6||EzQzVx@_&wCsCYqW(a~me^VE3&I7uSodYzzzzy5r=1a6#GZanUF7
zA?`<qEyvzSwCucJXsE()UdQmYF^UTN*I>uUNM*vCuR`pQQdd7GY)IrS^lFune=xh)
zRM8Sqkxz6xBzy6Zm+ePM8j3Tsxb%?>%^ZC2#ODGI9?7r4lj3qAlT+LeXO&&|r7ZVC
z%h96%+<@R9x$7_B=3eDSApG4xUC21&vv^_&qo!whXsN!BU`1573-mHHed+5jugzi4
zJ&9v*h41m-kA%hRK8ab+xMhyY=8?agkvS9h_MK=g3mwx#i$NBZ2mlDk191{4Eok_O
zVQr^JH7-KGI`X>?=y&Pu3Q_vPaVYh^me=xxvJXnX!AUVIgPHDMlkJe-!IqDDnQXfj
zyq8V-OKv7LK6M;?YTGR~lA%qAn~+mwmdNyw#_VVp^kg!s%FTFmOVYe`iYoKDCH#!N
zi>*^`C6sMO*cen9z>WVYnGLkU7%;xU-kIwfg|O0z&3#rEiGRF7Zj@v<(>1<2xEMLp
z-W!%wcCk+HU75DHCkQe6iv-}`%>kd>+^_}9z5UOG-FBgjnb1-yzYr@bidlW}OY(8?
z+0O&~^OPraM`QhI7JiR61tA@s9fAFk6F!G5+XA{1C5}HqPN4zl+z5e)hzuw*_-`;y
z??!+m82^D{4#YbtGX66f%Ickc0M9HDH*nk8{sXCHxJGJ~{t2la=DtR1`S{tFuD>BL
zOu4`qz+dP-xL<(BY7p%gBJt<4i;$FR<bh#I=}g-HIr!@&2<_%3S?&h55rwI?{kv(y
zz;x@SQ&lKcliKSer+(u<7IiC8e@+wo<0Z($tKI+L==-08*OG0~%3$_{wx!8ypnZ4k
zY$u~Wjo-F)X;K=Bo@e35dfn48`_B%;n%!X4&FyVE@yYWevYAhARQhvGp~9bJkH62B
zmVG)VplrSpYrfdu#haR)rTC+=K*XzdZ{bgmr)B363IBHEzSWHO$eum_A@G%Wi~Q4b
z1QPA*Jp@lsSNM;2k7I42O)V6VGk3pz^}4gAOz2z-=2BXVpU+y)=E}<VsuqTtbfc(g
z_^G#eb2n?(N54la^wuq&sMxA33<8j)|1i?DgU$lWvr3~xoN<T4S5!nuI}3qxnM-px
z3gO_4yu08nUm~Zq-k3PqiwwobQSn{ty0CJ4s?{97J^rglpdyU&?}?z4u7(~vuq9oJ
zy_hSsL~p;(V}56QXS=G4^X!Y$Qog1Q`gp<voXaaF=S#-Mle-r6WWuZLM(pks*y86X
z*a1REi7UH#u<zZfG+)Chw$}2b!5e;s+0p!R!u)PQiRbn@kX*by*L;LH=Xor2{^){a
zeBP!@Zzxv$R>{IKnDHk0uY*N1Pspi!t|%zCbUSUISs3>`;SEK8)Vw;quw&2I*!puu
z0_Zx!@3HT_n$y#XZ;{YR6L(&u5GdruvrQweh%`=tmRpbcv#cm}1jeHzW#LBqDwASC
zJ$bC~gS*cCv2Q-Gsja@h1e)UMA%3w?0=qjQ1}~aGwaAi^S{;W7crUi(cug7C_pY8@
zh(IrtT+?42y^SMa_v1kJr)H+k)z?U?jfm}G73(s32e1$8ZOZ^Kqztk%BHb=LH|l3U
zTw2aG;6tz}Bw<uT#^=TJ;I+jVEJ^Wm6Ghk=xv4`S7#^!K6HGAc55x*5q-g2dInG8u
z8+MMmgFBGN%Ntxtz7oAYL1Jrp7JKDUO76b%aOPM~=B}E2V{qO_euo_~W#g}$5ZU=1
zXxjK-hh~gQ#GrottMkG)Tg(&put76|PRBJ>gZXRuuqq)VL6Oe;A*18Hx@A4sgd|YS
zjS5CR{wNWtE_c0ZHhZ8=5m33pQ>cBrtbk-U`kN+WD;ATcP4e)C2KkSNR!_M}r;zPG
zo3-v@Wsk&9!3H-p{OycLUW2{qI355_bv3?W!V^OlEG=ZDBFTJ~nheC5k*k+{iKn<u
zwbq|JA4M656FRpCZjY#CC}X9=B-UU}<^^`rTg`<u#zEpGt-<JERjo#3Y4vMW-To|n
z@jS*UeUYtrO`Ev5yQ=y5&2d$PxfANT>Hcw3_j_P<9Vom#FG@9_Db91f&gh1VNe#N0
zK2icYziN6gS_~kE>vYPFr|$agyg{NSn7GK*lxMNAn3#hyZv04H%H2|^d!1q)8>Z@g
zxlRq3yvRC=DFhh3_sI(7DjcNp{Olg9Zt<>Sy9M16r*Cx<Y%p4VZ-_7_5Zn>|-eRqb
zbjE<Ob8-uP=<t?+l=_2ZT6TW!#WSu#87OxEanYd2986_{gRnNP8*KXSoW3Fp4sRYe
z@Uc_&m>4JJB)O=TN(l}EEY^>u-qYF_=6D6J<mcxGnTYfC%k#%@NRRY)LGgpp-EkVc
z$y+MwQpUVSs@x00L}}mgcyo7cF<M0_Ur@&rIyMgu!O}Hfy#ZV5?`YxT#qJ#S_=8*`
z%@@qHInNf3@?gmx$L7~n4VeSvR2g=nOm}_Hg+)*X421bB65xw2qCXr{L-7UzAy)@n
zNpm9fzs9#M<pI24MqRn|&Ary$=p3%|a=;65g5UK>m2bJB%$&Gx$hR>M9gr5X+zf|z
z8PZ;{NZ5ZfP~<Md-D`3ojyah!0IC`c-r@P`o7>NjPSuPip5dhwR4eV`B{C>43e@)}
z58vp~M;`@1vFx$TLHWnh(o;a;#I6I+(GTj?GYrwe6nagti2YU)7q&_&cA{|b1_$}_
zhj8GYesf5+8$b!{V%+xLRPv~a%xH4+zdvV#lUbX+e<E+K-{ES`9`3uj<?wGD5~V&L
znt`TYDHbud%exWdC@{!McLKxZIT$q1MVA~0x4FY-Q33(Dah)Z;*!<0zYlh)g)&`>c
zD)JLuZ?um~R%6Y#C>323Lf_hd&nh;$5jlt8Op9V;gc$gkK3iOTa_ObmG=ZlcpfXO?
zi0)VR?L<!qw+j1LIJa~u3-gDgg<rA~H)nTC=Cno=w6_|{E`I6bwv@>x0g4%c?Rk2D
zgH1)c%my~U=ffyH%_h6eW4CPG&x~A?<t01(Bs~yAR;*WuFv|knoK^0-poZX3;1DKK
z2u|ziCW0k8P3CHuY3sC|o<}^i8{_+zA;u?O%k<12sPfC4Fi%wyJB_OiWMWy3_NR!l
zSX0gn)a2FWmUAm$3-h&hMp(1F$lujvEXZ!JijFliYHN_Y<vLzPP|9+fI%D4!4lP?l
ze*lZg;map^eM;CRgv?P14INw!b#u8<QkWi=sW~ecO^{j5-qS^X+UBIrjn>bP=r(wx
zQ468@1K;uotmV-IL+hTIz|NULV?X6s=^gH#>usv)MGS*#C)g&a%N5%$)_#Gq8FEA4
z;Fyx^ZRoq^PWDUEG&wa!ydCOF_*mx$TNrHq>Kn~YBOgvw?z3$fpt>mJ`elhK)XCfN
z*X&QpA>KK<^680YdhBMvQ~MZg#&RrV{A!esFhp|&B=Z6$2|WoxORvOsC9IFHW#`Ff
zc<H;D#iGadSl2>uH06kIdso_~_c=ZQvasYq|7<UgG1UM(Kp$(ZWc~PJugMt62>6^c
zLO?;sGzQQlRAU%CJT|K65wQ>iSKi=e*@S+mNGKA?t!Uz-RPnFpR97^0#ma0ZLOAXt
z!O{RqjSBltf@S<o`2qJUU7II2jxFz;HZq&SAh`-p<kT=fo84T1d2mb)hgC!f3CNCR
zk%8L+r6nR81@n0fKw-04bA>0nVjR8$f&gVZQASODG`q$JB~t6#9PyZH+?xU1bf6O(
zM0rsmM&&{Ag(FIk$CzTzEYFi1Vu5iQpz%XsGa^<o;m`{Jh~_Bs#ymwhM$N1k&r?cM
zbb_VdYcg4W8Ee_WRXb*p`uZ{N;VqlGtXt(`+ma>@IB3kNoOPuB&BKvgq3!qSFxKWQ
zs>aeKT^<W638Zp<Ami``kffQU3b)Dx7pDH2Xs2i9NZ)ZnTY#gQn_@fJQAW<UC`oP%
zIJh?2E~KLbCu5XUh&pQ`(QPx{%LL<}MK`dSsSM}Mu)KC?IJ;rOsoiux300bXHZr@V
zQct8yegl$W^EWuN=9eco$85{v<mSms7pTtiq*f-AnaLItaq-mmeEJ-0mx{R0Vm(NN
zB?k5^eiyvlrTPeyfPHPfcwJSDoA4|lIgRo;Ml0EK{Nz5o=XQRA3B{&;Ylw<tq57N-
zq=9p5l7{F$*^f`SRD=nF%JE%m1B>~<aSV0AVuho?<nV@srp*~b=MAr;BpS6)p9Y;V
zzunaeJ^71w=&1Cy{WInc??{3*Qv_6I!l2Oz2LhROX^u|-=~L4GIb~!NWf+$L_qiai
zqfjxEP_S4jqD|w#sTM=8=UCPW;n1uzsmU`Ja|+GC64rOk!^R0wh1BlRW!Aw&sL!N!
zEwzbDdOR8>7f~RB!#v23)5H$olZUyx>njyefu(8m!F<yp)*Du;1h_Fm7*-N2HKF?1
zPXj_S^aK>R`-?pJZqr<`)wAggA+2OEJg3HS2#&4BXL1Zz!O<y_aGH<5J`KY=_e>ud
z6uYJ<ST5=iB&f`wsLSdabE<PAKF*X0Y=4=2oI=~^mS-e}ukec{`n9C<wD%gUy`1-$
z(f9}v#|DXW`$Zl)7`97Cz!CE!%}9+JXO(ll*#j$6_6=_BpnmLqdfO#Xt&;!Cr)61(
z$1AmBgLH^6w#qm(J{<OXEWaGgs~i|e4U|#F#6xCj@i?_*9O$88l9KultR@&6N0&Z#
z^X_3)P7s$kXn2upBu&Y3yfDu#c>WP6{26f*yGzUCCX&>}g9vP{MjXXWg=UFi4>KDz
zV{K9bm5*PP-5)K&$)RVWyMKFu7o)FAI)j)mh)4}E1Ej-@E-PYaQ|<?1XdlGcoh&*(
z6kNs3u)rLWtm(vKo~^wVetWR<N@XheA!}IYz<%<l0G4&igJ;Wk+vCGAWMk^pgWV8J
zG$FG=2P7*st<eufhaI!X1<V46q`s@c&jU>}$W7}xo>LvIVmbB59B>vvkigG#$T39F
z6LoY_e+YD&7NiYgHUs&9vuj2$Q+t#U?}b*qrMo7~|FY+V7e@H$ROcMr1;1#ZAAknR
ziFiA?#5$?bnFlL{F7fNNe=Ja4%!(3-%)~lJ+}N3K^8)6v_&GrakW8i`Z+%3iDj!4z
z>7gh4Ejjo`tog9O+A-J87>ij9DdZ5<<C^=iAsq;yS$^0v&>N)6>AWmSbMANWnh3W^
zgTIDDhicVqW#z7v2{jJwBWi=@X2EV|HVM7N_L(x(SSQ(-Lh9lT-@Yo5aBX4+COSvm
zI(rRj9Jed94Netq@c~!_3s%O(`$UpwQVz;7wEFonQ67Q2G5jGV0Vp3x0|rs1Ki!r5
z7Tyq6??V$TjbOwJJ&6J9)Erk4;^*m<d2z{+?wP#>Yn>64L2kbIK5yB0zGX@peBn6=
z3hsdJ=ni`F;b%Ix<o>8<1S5%N1<rnwg8MOMWgH4SJyvg+e)ie1&?WvUP?P<5YjpmY
z6)zDNr}m}~svDcPaUw3iUnqOshwo2+<4_N9EQOJWNSl5AuJ%_F$v2i6J$?L8(`ml~
z;Q<<Jb(ltlfo_1`CQxI9J?anB($5TkO@WuZSt?c2D@oI35G*~hp)t1fa+@rALXk6f
zA{t%m4zp<JPJO)k=xsBF+<GdxHVA#gmKo{{*==uH1IF~2r^E-OLq{#og<h}~nWMG@
zv^RY1uuiK_VEVplB&5P^xwT^-H?C$oo}!|IY^Fd~7->{0EimQaI0OKBzEN`6F^WUF
zB$!~P8qtIIN`~z5p~ju}5`xo1toRVx`4P=J?^QbE3f7K+GEQb^`GwT^w&0^zbP9X{
z$r!AYVd`?kDqkM-9cLeAT>s-aa<GabwE-ci%s17@Kh)7I$c9PQ<d<`Y#b#1_J-<h6
z(D>W1wR&<z+7W6H+ySv`3~AAYlQ4X07(VayTO@i~l&rJAP-|tk1W+Z=`0F!07}`Vm
z$(64rL8Bq2RNpV9_QL!2@5#LTTElg^euq>(GVZN*P{ol2+!?z;f#S(G+`7bop(Z@@
zj}?5?oBDwzUPHQ;wv@F1T>molZA5S}eD)jH8_6~;+R_axVq3xB#u+eKM;YphYq<Hk
zQych<G<=I(kI3m@^b2^z%g+d82!K(je(SVL0wyI385<wk`;o`Wjr%Io+!5O`d^|k$
z3zYhSrZ;Iy1G)>_%f|hiIbV*Q%D~(cdz10(tgf)Zrp7&U*X&Jh1NfZBP1hTt_cJTy
z_kD$*JN?!IL`YT+*ro)U!a2WAMy(gh)OCptVPZE(<t5d>`#h95Jgyqrn|c9(b3UhP
zN}%h30k!(#I?rukU3)&>+-kEM%&CYz)kKW#$_MB=D`I4oy5<EIK~|RNA<g7&EfE*=
ziVk+6o(W6%ZUzs<C!)BvTOc10FnllrS>r2F{4jGLRfl$5zE2#JshhkOtLt#^XR*}i
zLCPMp!sOG2Yw^Kvx>NJP<Xo~1d>38)fX0BQD`#<hW;Sb<TSPch))hD3P<-88H@G5P
z)S*^!9l&nqj~*K#H#YvhWPIUY&skW0<x6-W<^=z<fB=X~sJw4noC>db?ID}PW7T)}
z)UeOn%{X0a$hNj^&)*$mvfRAHx;SMVD)kF+6I=LMO+0)=Khq<k5#eCA<+^{vXloVD
zl9Rv`&BWB~?F8gRzqwHvKxF+upB=Ns@;NkM6xYlj5~{GCJNk;!R(p--v!3G1qLND1
z-kNP&tY^b0xeXOI^RY~Jq=vR$+90YoA`*un_J4{hk9nGH2;G%zo4I4JTRCP+<-v|n
z?`Sk<Lw7WCahP#Ik1ANOsoCn8qfJp56X>$D7lY>%+)f=FRBd6>SDvV2kclNbPdMDC
zt;hgr=Stcg3xAZMY)gB(@^N~SbY+W{J*rNHa1|}!|HFL5E3=a0n2B4NG0P`C{Z33p
zB(Jp)UO$fgWKiG^u==7nImjgmUH)&p9`GVFt(hfyq2h3}zCrzt69x5!VGt$m^C~L{
z7;8uV1^p;_OuWHLG24yJ+jx|yw+Y=)*N<VL1@p)i^(vg_mrU2kQGTciC&;chx_8mr
zm<Y&S%n-E#6z1;L18&5a(PEGl9aUasid!Lp1_)Y4UPS{GKYm*<WTr7nn31;B{coDu
z&~fKY)_&+0ZWR;h6_U-yl=DKgfxX|FV4qh%VI?XL%}VCa^g9VNumrM-*s9gU;G20&
zTPgJN@!ct+jdAb;z>K?5R>aAz0ys|pv(ji}xdP{_lWg>3EX_rL@00v9e&{vv=zII8
zT8Bdi^zc}>T>^mb2tg*klhy7Wo>anVj?1_fe}aVboA2Gd2lgiZ8S^~ao}HBfAu<b>
z0~Fry9y9m`BojI%D|<X1D-JnSb}NJR*UEzUHW!#FkV1P6a5`}Ay@1iU>WfASD-qQc
zrB8@0b-j&os;hOrg&nIRZ66aG`bX&dUwdR7P5JrRsX)2%y-A?GJ{rI7*!lV&I(E?Y
znM5!1H<Tx4KYe2I&gR)Fy-s_3|1TBspNq5)`Usn!MD+K6sRQ3oOX-E(Y-2e1OER;=
zF(!Sf@)!B|mqw2Nfyn_({=ab&u+G==NYAr&Z{;L#{JUg4S<`EQd<!beKKkxLhnwUl
zy4oU0`{#<=KVI@5+l;Q?|NrxY(u3B3mDqLXbAWYWikx14GTR2u3GlZHT+(7nAN`uN
z<Npm@|FshxkaqZ=J_+|I^R-;uKHi>%B)RQC2eyZOJdT++w|#;`cUofYT13u+fU81w
z?X~8QRpP-p8xi+EJ-b@vK3&nmrRSu_iOwQ3kFWccf78c*hy87B^^|-APWna9FLJfr
zckCd0Vsn}21lyNzv$|uucKFJUK9wieHKnmt8qT^(yu{ZmHXqCG80oN~|H=b(x>T<%
z5I+)iU=RKuhM_VLq&0Q9nQYSGqSLet>1-8-XC1HBxpk;sdr7XTPyq<aw2-Us`6Bg0
z=>)0<hpVaCghab{XT0$aF(4)(faSjy?}Wb9m^(XnSC?&EY6+m9*DpJq_dOSDOn@Ip
z!jIxIQ?|!DVw^DQJxHzuNHqDpwYIwkPQFZ_>p|MF#oGe2Vw&;<y?=NMRwQ&g8_EiM
z-uv&Fkw0{GKK`|HO;~=aeqD!dY2`!*OUf^q;Xcmy9F87)L+~ce!~h2G7b@$eUatL&
zRFg}sA1d)`=Y$U~JcG*4@pHNY+uVN*jQ2)o@c9l6-Cara`uz>yoEijY$x(}@7z1_^
zUoqEGk%<O?z6|Fw*;}m!+rZHRT}%{37iMHqh(22XLHsIegzq4F(4dnn$beX5hb8>1
z4v&BhV-UPIaHyKKSh3!L>zoq+o3expqX8UIcfE_8)=JntJqPm((O(z&u6f>Rj<%>P
z+K)X<&Xv0mI5AJge2`|@g$fYZerdgEvi3@=m5p5F1>IEtA{xd$&WKNCIb<Asp0xU_
zJl_+UW|Kj&6qw^2srNp+6qo3B9dsIB`hT$-UGf8B|2Z$5<EA7WlsC9`1{NESL8%+w
zq;uci@Ua(s<&fJU(I{aNrd~qVVrg=Q=GxmH5yefk7Z=>|wEYj}^Uxzs<q5Lc<8{XJ
z9|>BvU@P+-0E}2hPpyW4+DX%e_=sfadFVp1VDx$-B8w&1D7lRFd_<B5;%aAcLRrt@
zsc%ssM~FJRBpi)W1<vn|&S64?3)321%iZK-hc|CMuplCIL2AyUuG2~#9$J){cek4u
z?3LK6qY9~sYEBeNc*fht+k9(wH|x{EJ(0{CL~Luf8=vYHeEhY{#!z>Nh!u=jBF_ij
zkyFCk%v>K!2|icj`@8v~Y`ek^$@I`#hsGCT&Q6!x1vf(9i^>8O=*?=@{P+t2NI{DK
z`@wALPCq0%WGI({GYVLZOuYi0s?|X0lEqxB$MBZp-j{J`o0r2Z^ocb*);qhe51sq>
zey)WTt7N6`iTNGIfk)@z43>@m3GQE)!c+QUT1f%BN13<__2jeVPER=z?9wF{rN8nx
z8)0sj;mvIx-C8@nk)F+bcRxNUjbzV<1W4>jB%(&mD0fZ@T!<sJ5tg$IfakO)x=nh1
zqpZ0$Uu4rNIyvfc3eQ6f>+dFs{HLCMD(`&L71c6eQu>&FO<eK1cU*X-pK~(+_li@w
zhqwwi+D;e3%+kx%_i+LM9c^BhnOh<c4G#Jko~W7A4qC9)O5)({5y-C<_E_4NrdzmZ
zv~Jnz3&p0m#Xgq-g;qcM_Mj(Yfj1T*E$x8|<TXyT3gPT}<FDEBJp`a4?&r$vPCxp8
zOOZw|HRPBIJq%6ZGAbmO6M!%x2EUE&9+{)A1`mdgx%gZ~P|z*^T$0zGcV0h!lt?77
z&hef^BOE>_gaPs1LKUI<MNrUkNdhVGN0)s)_hkrqCuhv-=_nG`xbs6*u<dkowv(os
zK0Pg@GCDjdpfsS4$0fwAVbC%S#{%J7PeJ%rh8297eOO(F9G<^}(dBnS8Zrl7)hsyI
zsXj3BWY6BLe<peV(}G>u+Z4%r<vuvmK+$(vUJDTv!~C@*q+QMk@w)FVddj5LKAtPw
z3l*u2TOL#x8WIn6VMPJbO^1$K$7%};Pv;9&;NE!lZi+94iGV<N;Vsnzm%V#cF{PSk
zgzg-ZDwM8VZvrb~P+2^YhN6F(Yx&*;U7j1qBA;5TuX+4vpxOZUb{|*ExS(At2g@8{
zLf#p#?^OLGHMs-3&%2lp32|@P78Bnl6vkyY>nR`!Hnq+!U99s<x_*$@$6T;aQ>Qo@
z*F$ZIhZ^H6c}vkI0=6k0N;zP0k)JRDX7D}mo-Ck>Qx&c49;K=484GYpop2qXeiMp0
zP0ke!Rf~N(0V<D}6wE57IC3F`d>(*9OYFmg$pfFgx0);E`Pq?8U-qY!tn*$boA!l9
z$keehdgKxiRq78fnRmV0{`|s=sO$N~(7|1v9Y-dq;I~%DS4Yt%b!bQP?4Hon{Rdyq
zH8xp7b4+PUeG$0HOtD<%Ng2G>vE(tXFWTsiISo+fz6TjO>kPi1$hT?u@bpLwKq1bh
z34iJ=3*Cq?q-X-wMsYIYj34`QQ+R6}PLq@1jx)Vl!oWmdVpJ<~=^y}M{IxV*M}*;N
z*)*fS={)IX6S%cn=YqRo|3D>jNQlb6hQ~i70(Y4pA-Bd%aC3P`$m5{@v+mP?#>KDZ
z6u^~593LD6l=&N7JuJuxGr$snLEM0B#7Zxa4ZgYwR;q1=2vZ@_{}%NiQqCIir9qNr
zDW&DTMfc+XV1oBSl<C;VK;~L!%p&P2;bVH~#f#!IcSxMc!N`PA7_z{9WA{WPdDC24
z^C3k#P`^jB9y|-uFINe=%`6*Y&<a3-x7J^~mc*#6?sdzXp(=e-ZZ*5fp_v&A@F3zY
za?*+zcyg`?xUNeA(GvQ1m?=Va30{R)_+kSL5fe%lZwgezwZWh7!(0e}p`8c)hRx*Z
zv2MV6hKYGYbyYzYCQ;ShF^Fyf3!9|DL+;z^NJIRdDl7IH!9j@a!kA_jSopliptuGQ
zG1<rODuB~xv}9=IBcoSM@o}W7+H>BVidKVx2SD0fiN%O6Z(q?&MC5(D@$9UqEUt{#
z18DM6fFA9>x|}p<`L;QKX4iVfz(Py<kt>I+Up%vQiuD?$ULrU*YH{usA#*a3no%`e
zyx$xvIAG)LVtU2NZp7IA@23=dIoCxDWnPVJ|L6)LTy)cffPUpFLH+-hRKPs`O)5Nc
zx%LDhgcOmF(Vt25N$bAXbG1cpI21ioz$t83BJ2g0hI9o!mU^2Nh6vhzroP^e@I@I6
zyPH{%6Q0?GKyYH6ZLkK6^rIIZEdDRr8NTtyi)@|*CEff@B|OrRqXPqZhE&9V<P!*|
zCRCCo+f+gg0Mvc73$VhWp|9v>7VkZt4R$?PhV{8X11LF;dCJkk!<fA*rtBrKU(|J-
z?|^m*aBW_gLwATw4StY)h-6|>{-!MTm1rn+;{~;W({F_;=*QvTJsJ(1_G&)78d&PG
z6utD2BiVbc-@jyNPgY9>jA--ZxoF`6u_s6UPH>UJggT!~PqljvWXGCvA}+s1&Gxqi
zBwTi=1;}M$;xC(HWYVj|Ec$Kr{SAnR4qwo<Ukmx8>Vktc1*GwD&#qqEiN5y~A+DdB
zH6SEw=f$#$MM9D}82p9_dnY+74qc1TaHBfmCB!}3Uk@$I+0t*@hA8Hf88yF{xu6DI
z;KEl?;$qMAA{=r#4FoleRx9FU3siAm2GTb4!W;aA(QA^uGqe(9v2(Og&P?TRToJo0
z^jZ}-SDdn5Sh9dVIQ>Z<r2UIN=!Ou~l@)jmsmB9?mw}61a7B**496xEZn-0j3De*s
z52e4nbX-Wsl%y(+oJBXHH6Iw93N<bk+Z;S@NqiR<=H0@fFo@2oA_#Q0DzzX)1>Eu}
z;FiBvIFTYc_bU3Cj?fjUnC}wrOvL?b^t%%Nqm`=c@{+aj80<v=0KQ01hLhJ}dPSWl
z4R=V_so481eTa^K7SzkYe=4(5w#fZLBQwsdmc4c8J(Pt>QZHe%Sdoc9N|uc--5~RT
zft}8?+!lmXhz$((^-F{R;9KUEWSh5-Q=Ga^KqHIn@+0*LBc*@)5AO3yAjbX0e{f<X
zP9^cvcMzZ++bAp_1qQ>PoIuyyT!kfy7_Bwc8x$2r*q~6Ya%EguGhs^{%KY-H;0~Bl
z!~F2U44z=+2M~~a@`b+fEJRZ-DCyd3Q95+tMd63$10v#p(E=c#s0!g>+5yc$!bD<R
zKsVLWPBimv|F;RoGYh5qEs{B=eoN-HCCNO4=Q(D|7gn0F<D^zWuISJ2bB0tS!|2Jz
z=;07HI`Zh`Z&3x+uoQtw&X+xxLdHcbbcW>5<${`GOhhTynuo)pak(RAuX)rFCwK;#
z$1@xI8lKd%mvr7buWr0(4{KDLb3hB!Lz=oAmq%XU4FEUNHPj#Z6Y5_J7tLe@&FoQ&
zLIT=TPjtz>=-Y;4UISMvLe+<r<QA*2CHz0!1KB>fG*^u%jLb^eEXzDPm59X6r~=GN
zDV=H!j#dE9Z<NfxS#rXvW6u7l!k9L!XXsTlki6CzFL^Kyf_d;Ykd6F6L*1y!T)nco
zLlpu*Ti{i>bcLEFZ?4P0m_cp3;zvWrp1}E%rfBBtG6$mr8*wTIug$5+301=%Le0Jx
zCUZwHl7ADfn3afYMN;NWtdg!k+CP;K{R%7qE)P@`7PQbLkCn2jd#Aot_+d6|OSoAu
zwDDIv1EYYDtVns9)_YYsjg5I1AIx^v{J10l`zNXtZy;|BV6)Q|D{Ccrs_3dDz&n&U
zKCG-r?^%2s<Ikya!UFy~bkY8Tk9N`~d%hA0u~Qi;&TduN**&+8;iNpYcRUEBpHqZ1
z-9Cs$ts3J`g;c6_rK@S5`4Lk(L(UGwipWO~qYG@-J9BJX`M>kUK2yO@b@}Nqk4+gc
zRZ|E1g6)^UJxy`HsqZ`5AG-y$u}$$VV3u9Wql>-rPPma&KiKsrM}X|Mx<dkF^Xj75
zM9IM}<uAbe<Zoae76JEqh+~Q!e({*~W3+vxlfskPdW8AQjVB8c6W_Q>t4Mql5ZB0%
z4AQi~<F)_q5E)uMYUl&k3m)%NLI&aWCmK(JULWe#EpRW8*)6|M97Oy*-vMET_b%$e
z#!l8wCsh_yT<<gFspu|tX6MADZPlkwd#~sC%kIF14>mF%v|OUjo%pNEg>n61(T2Ua
z*Y&n~x(7X~I&-NqOf`omC+n{sZPL#TTlvcT?5jsW5mzd<*}<@ZuO*w<KkZ8jjQaUd
ztWOU!7nvla)@rh}HAKdPKabw^UM()dQw0ysL<{Re1V2JMN0vtt=a|ENH5PI`x#YBq
zk5)3@OkE8Xc==amWenNB=<iI<=ifzsBZ{tZtXT=XvicpYd=$uDt{uWkeFV2c@e#(}
zzu|;vIR>*bhc)LFrPL-X#)O&x{CzA-dH+NpPIol82h(ru#96&F5mnYBDu+^4j@*;H
zXhETYr?c_Ky=})R5B1G`%t(RYAf$-Y*!2O6VtCu!(>A?OygVBaMIi4uJ-8ekq&gGw
z$POW-nuksgREwoBSx>cWncYcs!+b3ojhuE?0Y=>a_l5tce-{4ZtApKEH3CB#rQ6eC
zv&ernlz1J01i}Sn_0o2#bMBQ@_Qmr&=3VpK=i_3Jo=BF(-Ld#rz603e$%poF!yzMw
zbPDW8yN5;WvWYnLY%^DJPTr}%U>z|*`n5TfHvaE2CJtg1=)EeyTg>|T`z8RtUz1hf
ztz0MQ{0vV2Kcn?;L{4?tcycX}L}fDrrh@#LI3JE$P$=*-;1~=7Vt@|rcni`MMg#$T
z1mYGB4L4PzjD6SInxqol?PHX0|AQtS#GO&Ps-Em_+vxbrNG>i>cz5DWRt<2vo?PdE
zT(UHGixx+@{{*%8Ki#9ubQ0nFXN<1N%k4N0?+bEWixV=H?>@=p>7H5L(eUua;nJYP
z#aD_=Z`fA6vLV2%Q;x<vGMp536h$T)!)Db77h}E#Z{26C8LV^2Un1XT)&1OVgpZTH
zwDeDnBw%|CAa96pypKGP;^$xRLdgXo&W3-EApE!g00gweUi~=5b3NW>L(^w^d}eiB
zj`HI_l%oJCwV@M?%NBgYM7#-Yemn42#jghY;(zi<{14^}?(e^z1SE0K54Xjcyk9cW
z|D_#;Qb5-0I*Z6cd|WZ)Cuj0s+EK1wa>pm;p9mn+vHy7RDznK8(`sGuTj&mdOaJ9c
z?c}`aYQvG^`I7K(^8;qCh~DSLlCz75*tvB$5W?C0{As1=n8Yed2Blhg3T$)HCqtw%
zg80@i(Nd-9)rN8i-qDa^B_dEJrwn+_?u4@3MMZoi*A46N(jDIke8uug<XEex!D9@q
zCnN<ElN>U1_f()F?yfohUf|z)bFyD95tB+&$%2O^n&$5%D11Ej<WhlaOV`E*m5#q=
z-?aCI+>S9azvFY=`@s_dm!SU(%`iFC>VScn6MOA1k--r!p!*Y2j>%0%DiD(`ao_-w
z%Z8X1|60y&U@C<K;p7PuyFSIF56}PFrru|5z90~Cdl(WAu1;>)uci${ThK$o0+cv?
zGLVj(vN9CR<DI4Nk*h`}&`TeDLPBaG2EMh@TafrAV(WkUR3J7MVj%qZu?C9Gm+6w-
z)P$rwH8ni4-o$95JUn%RFIrvgeq?MPg8cZm7GN1^YV3L15OU>6Y%b&5*rAJlk1E^g
zn8als9>#Y$9wtIsb64C`u)Z~mLxAB6G+zhF{Ff6P&#kSdCUTBwsxG{~!?(C{d|B{t
z%RqE0u`%*!o@D5m9o628nt}p>wbDm&F-v!2Ux+7$hvIM#3s?y3WO+<KbUxEiv?sr~
z*0}ur@&GtX_O$5q>k5PTmoOnUeHO?`;YM8(45`XXQ=Vt0h3a6O4j(f7u#%*P-Y)iu
zbX`hDOiU_YrqVph5r{hyu*4_CeTOUhm+J;_V~QWG6&JEsrm{NhEdh-cJ5N08$@K-2
zaMK2sCQ(|rCrTeN#Td1O7>Z<k*WwciQwZJC;1ptYS*v#<nkD2Gf+;ON+E*P{l}y9X
z&O6SNE(1mbh)OOPwBD@!^#+n2C_WDE@JY6`&0UnC=nZxGzsP&*sHoSzZ}e6~q-7+f
zq@=rBX$1*Eq!EzLp`=IY96*q6B&54Ta+F58g`v9#7+}s1w|npVdG3AIde(a1bJls+
z`3KN7bH(?%zV-RWh3g_Xo;mUoTKMYqet;))`4zd?+K26gNO&*F;6X*@!(z<x5(eq^
zXU_Oe>E>}1RYD}B1eWV{K!cMgKo9<LLC=$t*ZD<_gur+VpER|KS0+=r&IBHqmvrp%
z=H&C~8kMkhZisK)r(E?)w$v&EQ{%0D%IdTEP+vho0=4PNy0<`$>YT)#blIoph}C*i
ztpjE@fx>29q@~~ONPMZ0#Lo3PZmB)mxzDlXg%-s}L^|-8Ai8EDx@mXJ5JUg|!GRm9
z=`o{CmywBZpBZ)!7L-=pD9Nz)AaHLhG4K^*fvWpk%EzomLrgj{k8?X5XcrDH5(-s6
z#s^fLFG`o1tZM3U=^C+5Zd{09FxSeo{n7BKXaeXFEkb$}20p%YXpsTSf_z%YFlN2T
zDH*!*H#r$tqF!I%PK&xdA`b_9oo7AJr!GEr5Rqf^@j~_NS867eekEShcv~bE2_#b8
zy20^*o3y$0#(30`p7FxtKDl1Y%43Q`Xl!<;8wdlsoc%+chTBva$5d0}A%aF2%uSr*
z6+Zi%wda)cHNIU(Mq<USsa412-Gz`*{;e`AI7~?2ETH-=HL?Hs=^341x~z7aFvUCs
z6yFCtuu!fWZC#VaW>5X&<+#zS=OV6@vm3{a?d98Vgo{3{m9d%%uRbo4n{IoVP#iGS
zb+PZ(<ZYm4DP&udwfs$!O;InRiY})tX^_S?Hxi(t<W^!m5lLUpq_|<>^#ac4l~<X|
zeG;GTotu0Dn^?5^&lM177fRBHA&wfFp?V5^Pm+dx6-AeB*VqyW!#(+KI;vi{_H=ve
zwTj1D%@%9>q4vxuhU_JDS{-9S?m3?<Y7RKJ+8)B<`$>kgC^sJxl%IiT?&ZjIxQlJJ
z{%cj#?eGO7jQh#&+lK2s5|w2B^qE=HzaqOleb&sbVN3_A3Q7h}gl5(fKT`4B^6bR0
zE6>?JBF(Xsq~H3FulPK8AR(JL=8N`B2SpWGL4g4@?_AV!X}|4cAd(f-V4vV&xaK!f
zHYT)v4KaB8HF=F+u##}Rhm8%3{Ol@_2RH+^(+z?7eQ$9cwn=ro%Hi{qAI4U(Gd97@
zTMl(ULMz1mjwFN+)ME*~!jJu4vC#)>ctt**3Qo~BG*j?$&%7UWBqkixUeS_Bu)7K$
z?lSq-vZznihBoyz++?tP^uulAXLt?ljKdU*I?u%}zlm*c@QG`GN2^77bE`CC-v2G(
zq^YqnBS3-LqF6@kNJ8usdr>D=4lQ<}C?Tb(`_X}Vg+zIR7w>f1qkx<`5efla2e*E%
zJQ9C)*oWt=9CfqrgmL_?2l4&VCMZ6W7jsc-M}%C}ju<C;>{IQW*fuS~JZQ&h8Y`^M
zCKNIK<U;&PzIxAXqR4x}k1QV&@0im(1vKpN&6^BcGdP$kR{I_Ac6sUUUS``c;Q5@%
zZ#ND|(YnDW1M|L@Uv)_<w!qtC2ib#$icT_PEhHjWudScG&8m!nlivHSCK`gZ!jI_&
z*0Ld?8f!<x9ZOM7Yuj9s>3**g8NpwE+^(#rs7H=O`FyteS=xe`o>jz#y^&lQrK^cv
zS&zkFF43Kpc%UGjP@1-27~GKzPr=J==YHoz?5J4qrbb6q+kv=oqHhCrUPKwdl|DI*
zs_R>I)Dx*7!p;@iP4?=>Dtz_okbCtmk{{36E|7(uN70CVW=%&yCI{|27CPH6oj$<B
zeW0$PqgZa;(mH4wEJf?e$dQO$Zry*EG<=0iw>X~-OsNYidjB#(QKG9LaWR2Z0M`j%
zL(>)Q&vMPvTcT&~!lBTQO0W<6om{q%mZDWQHteHQf%)dgEhUU1bkt_{%BjDYx-H<v
za(88ZpQ8L{P#`)j(0ReBjOD1vBwbBAbR=<Oaz{f!sAeyfW9HrNwMzm~BVOYX#RSzC
zHepPCUlU0_{*~>or@MX4;dC#bolw2_9Gt41Zl*vQwjb{_FpzEWEs+4qvouJ(S;mnX
zAmacle^_&kt)82eZS>Q8kQEgk#F5iEV==ETF2k%AG%hr_wI~F=X(V`~Q!#|DrF7lR
zSc&^m0>7voC`jZ}bp{4J&F*`$naHBC>K*>-XzdXX3tq2lij#<t20m4<GOaimkJg++
zZu3UAXiiAATggs^IQJ!i?!M@>qF}0Qx8msh5G$NeWI>SV2>P_@q@a#3WNy0Lq3256
z@L5PkuK(+7tasfT4%i|;wAE&CTJ2t8HCBCMF98{GV2E0w5fk`Q8TMfZ=kpg{`p3|7
z>xcfcIBE(?b8f_%@guzLT-?mqpT-x>$orl)4BtLV<deC$(hFpw2c2g2=>$|%NKwo;
zJ#<>*ls~-oN+`~m<X>>_?#3y4>GZZ*$Ea8gW6puZ_Bb?XEhi1jk;Vk?F{A0t_d1@9
z+^;{UC>oE^;_vF6aXUhK>#Ix}Z*x@sY+sEw3$Wl8th_(oldZMl)i%If2+k-XY<xgb
zS_pW~#Mr0t?K-X?%S{Qo9fdD&+I-~z|1q6_S;{c(SC}2k{@!(OtK0P)e}E4L$}F{N
zT1Pj|Ex5tYg&r5?4lIOVud<|29aLved=lFmmH|jR9!~};S*S2-XFp=Obo$0)T&*Lw
zUbgGUwk%i?b#GqCpbg&g<7uP!P~Y9i92rf1100<}Ix+pJcgZ<r+CtC|Uw><&_m&Fc
zCQqlLaf7#!tlPkeh(e(7te_)Fxe#@=pFf4lSigt+ne~XgO)hj0`tIJ{3G5aOboMPT
zMEQE^u!$Ofcy-lV41Z_$q^2G#(4Whtrv-h=Ze(<AmpMSYS!LnNy|9#PM=?RCpKD^K
z(nRHLV1llzt^4A#Vc&UQcc`kOR|d7_iu#+_nbGupVvN3gUP%D(;i#h($~Z5JiK_8=
zQNCE6-jyW#>h3pr(<$xsaklPR{}qL~bbO~3?FCL+;U7ni9GJkley$)4?A*`94#~8G
z_nYj4#bYK?WK36v2__`@H`HSjDDzBlE?cud=Zlr!QXfM-$c;)^TCAcx(Rs)bAd_=+
z+DzKmJ6l2nJVQ}=&ZJpCNEM=mD;<K)FhF9*;7B*<$rtVSE%Br!st#ZM<m-f|rk6Jk
zBI4N@?4D_-#}!#hEgxJ>5If{&M7A!?;-bJ{%akAW-1885*yb$obNvksfx~Z+Cz6~}
zH+b;r{VI!|NKAl!@@td0i}>*`<do`}{bpgTg+!|lwz!5(j24+F^nm^}+Mh+PPF#nd
zhHahi8bOUaqDXTM;9s!{k$Zf)lo-sRA~`d4V=GOb6DSj!VMZQHY7ULl7bcwYu5u!H
zvD#t=)U-S+^gVq6ld1a!0CAb<S0Uk`LZT_=fvpMSPfkyXK0);gJ!w|z<fK-fBCP4%
z%-7deJRSx(#RZC(b{yF@dA?{ejMTZ<(H7f2N+oS1s{cg1Y}Q#n&%uIQzbdtzL=6ow
z(ow>}ey3NMwQSOty0jPYT%NhMoI1O6+avQ8%u>@X&xTOQe&Jy9)l%G4r;3`T#D<Q7
ze;18-Db^?RA9F3!ao;{E0r&c$>~`P9yPiM-lE^Cp1QbOOVVBeSgshyh6?LYlS76)O
zzo)Hm=N(0mglR`kEK?6fW~_sO3XjUvy+4&BMj{Uy_V{O$iR+j;RkMIsSBi(D5#|6#
zhc4%n1v~S)gc2v6BbzwrKc-&)5cQ%de-K}k!$t3YmP)XgkY5%>`W6V~99#s_Ij&O3
zC}TS5O%87_k_&@Q7eCfhOfhF4y!ryzRRoqo;xB0y4=#u{ZD+e@$vY%DxjC(bxsB3;
z{9FYI0LJh1{peSSG=F-mI2pvFGNDnXV^po<@Q69Mp0XfHXi-yv)SI0?*J$b~tXiH}
z_6#AmenK<n$=7@e*yWsgHpj?aT04q&grI?&{bvU4V)K@qE(F~O?%^X@_8>L}y%x|h
zWmQVc78Aom$NeahY8;_IrFGxeitxzjO|R?gSeI`Cx)c}@m`I8|-MW+oNsRBvNMl42
z*;SrST}nl!avP#C>Yi>y$0yBNr?u*YYGLdk-guLOb}8eiXe`XU3GgmdDxp`xrCxQZ
zGjT&m-?A-$lFrbHj>ib?qq?SO2?o#dPT<A#ps)gGS(XjTF|RxlwhLlqL0)s7n#5|c
ze^UmhwPpH*b%x;j<u2kQ+?w1CvahPsADDB<JNDdVOA>Z_?E7vD6ISrxRlZn--MTtn
z`%)&aj;j0P{v)OLWn>Bbl2lGecDd;g7OmcjC^5--H6?V`+D&G1j+|JJq<9n{Su1%4
z+VtG<Hp;Ul(fp+%{}hmUWT4FnA1b7m;I0r6=;k&pr2CKr)ozyUUa9N{(aBK^uyz_A
zzWCL~2keZR9!y)bOK$acV2*x`fs|J~uTD34|A!MidTXR?Q--Lo+gpoB6iuDZ?9Fa>
zHWM$26bbp=2p$Yecj5%aim0RvgHaw{YBMJq=W-n(!_kVp+b-Xc*cgVRKjNjN#8GoL
z13@$lRM7;yT!Jg=dOW&Ojl&18ccZZ}VTOAB?xN)u*Ep5~3<!R~7;}#9iqB(OabS??
zI7`ZWIbQEaO_R317QbddHNe%^1?;~T@LMWKCPY5B{<LNDfw|X+sk~h;Dq!^U81&=|
zF^)*SW+}>u-G5-ja4)aZNbQFen{MTUdNbA@=x5P!eux}OOXY=d$a8Dq3f^%ewRWq|
zlx+S}I`{M;8!JNkZ949FjW6R&o*FOM_JALKzlserqKd2?WM%0Gr$#)`EoT8&!*7SJ
zI+aWm?ym}X52}dwe}})$^{7ls)CISRIdDIZoY{`P@d+kVmoA!849(xQ>q%$XBRNF3
z>h9ZVc%dXZ7Nm?fld_pA<KX+<LbckjMm|rSTH1U+qI$9X$kEI@i3W_sNZ2YdnV7LR
z8jC}K_rBr9lGnh$x>5?{Zk740fm4bLg6emH&-i>jnMt9c=@DwNX$dCY`TB*F{X8;|
zlj~6ONsJ;h!PZMvvGZKO=6v+0&8gaYTG_XqFraTH7NY-58ACvQDY^lb0=JedCXOYG
zq!l0D`1;5OPxA!AZo%w`u<5ePMmO~wox+qL0RisgNZBJgY?9{%fQPE4?TCjV07Fpg
zh3hE@ah$&U@?+B#ELMJ=L=LMZz)6dfbU0{rV4DOJ$M=kuvkHaia~PJB2{`oQscez)
zbr|_eNi|!nWVo#42&ZcPy#7=IZNlwYewx=uR0rYDCy4|)qVn?_vEq@$A|$Ew+kf)3
zCC^yI5@3Z8Ok@*#b)+RNC45*ua1Q6S^ix?-4N+I{2h6gsS(NhNFG^R>2gNOi>J6pa
zx1?w(3YE12g~UyRQ+`;h6d){U0a5EADZM0c$QehAY$qs!qEy%x%81BEkS($%g4YiD
z_YB9}gqm*}@W9UwWf>bJbc9t|EMkVO$Sy`B;yKf@83&tV_w54FVFzOXz;J_oiFo81
z*)18%G%DSS1RMw7+5T)WyYEErRt))}MUMzYNs;5#T`bJM(dy=O8Zh<i!Yx(1`aoXu
z0r+GWD^pQbR?}(_&GUQ2AlisO(T5tLyhOa|Pi`r%1^d2`q?Xz1ZtBR%e9na9!MOj#
zA1KA0GFZzpwiQJFFjT=>Rd6<zpo9VC4o`1K>CC^MDBl`kCieke3fl&6PpF2+X_xR)
zQFZ2YxE7J7#)%xy)`z7%{Dq}_e_qQY)d;Gw4@`g62KKs%rQZN%(A*H-2_r<JltzIe
zrOpk0K$BZJvTu+#tGfQ?H&V9T2h~#$BmE?ml>>-vE&vHSBANuvQ+cs;JLKkNdi$%3
z2|=^{{t09QzUr(xHFA1ytW-x~wsMgf|E-@06gXeEJIL}KH&X7GWCwUjwfZuz3nRDI
zgf1ffd61gwYN*4TsR%q>?A^;De_ce9s?&sL?e0}@1BSq4Lz=ty{h7(3`v6YG2LrDg
zXEm;i>D1cFD>^<*dhl_$iHDLs8Id8rhvjj}L@NX>y+LdL0}ov8BPJq3zI#OeNLIG%
zDddF^lmhk!0O9`wbR+<t`{6FXM!9&$R##Wk{(=iJZ{R|u-!%Q0kU;*C!09GQ`<X!2
zFSrmG(!$2#Ue7HX6KS;2(9i&h;1wZ93fN7*o&VP$&;Qf$T?QQNg=d|*!`w0w|E2T)
zFI<|qC5H6aq<`@b_D$yfuN{p3e*|p*ublEQFFECdu=aLZ0QHRo<YHufAQGXbrRBe#
zFqzRxOd$_7DFaGz{v$R3M6lKqw5n>R10^TD#sf}I@x&~x<rNDNX;tE~)@$m=qvK0c
zG12%Iy1KSf)P2t-p=r(%QV7Ad;Rah#osT0!DN&)TpEfMqQG*tPyxDnU2xDLPnblul
zEcf4a3qW3%n%coWMuPrMe(Owd@&YoOxH{;>Lidnk8e;zBb+dP;-&9uCQby}z8eyoP
znD3R=V=B2m8TjYLCcjl%lHnZ_?l$l-06hH%<Nd;{OE*=LlP}rmHdVdLDb@;0;HLxl
zL%XKT!wx8)A;TC|3VD)#v&pz7aVdgDGY=6Ft7$J0Z@NjK6F)p(O-mu_`SE`ZLeQGK
zen#s(rM^n01UFw|9rm<HZ>%_aE$ThD5s5UXyBv7a`Z!Yvdi5~$z%9;tYX1=jWsOPK
zdevy=+JL^ZZr^&JXb9tXMSVp~TOONF^YNfIpBHZ_<RgH}7>)nTn4c#BA&d&@BSOht
zn5f73N9VMHlof?bH1*p^c5^yU?e|kKDoiAxoQ7hs-T|ws$DIvvIGBvX;(gv}+Kxj@
zdT)N|A?%PRe+fRqqFJTzx%c`QDoau!076X^&$D{xs``<;14RCpfCK#ZEvY3}%JB0p
zArBuR!>l@5Ov#0CG`p4v=tpCXlXwu(H`c4WJCtHkxZOf6Uc(_Jk(wStlyt<BEfCW)
zZPxzRZ^E2dcr?@GfvlbPK!Ef{;<{+~7k3y{qGNo#eJ;BCM!UyY3HQ{AlCG`i#qw$;
z6RS{A2U2C}V`9La^X}T&fg61GBPH16=nPb;YAF%&%E)NeT&;CtNjym^6mWHSVk3}s
zKAuctb-I;zQ49S-84F%jJ}XQNhtFAuZQzFEe*93*WX>#E(NTU{;{$jN!Sj&7Bezk=
zt-g2r%gM@6llOnx1uWe^JFadpIPwt!vh6hyIp6f;6(InF@amK@{<>8&`0>>~qFSZ}
zP!lbEQD=uzG<a+7j(7p4-n?|P{jlsXSd@21Babge#RoE2n#mV5^v;hI&brE3!tK?u
zZfDW%lOvWM6(2F|P)Or6j|YDmdQdE%I%=2e6|;w{kBd7BKA#y~vuyR-wgVGiw*8)X
z%=&=p1&u6#O$$i3$2`2;Pet|x-$F6zhWJrm6Cg`~dgytfnng=T8_2=X$GtkP6{lVr
zK5K6#hNQvldXx?*aeaGP=<e;`ypb(+<&d6Qeyj25xte87M#VCPYiXk24a7>zvta_1
z-*wmkFi%`$hiIIrw^sTGQvl}7EW$Daq8RAr<)U3+)Oxs=R<Y)o@Ml@f{gi;d{u_9y
zU8e>g+h9Y$2*@A0cB_^${_O1!f5_OVLI}i90_rOW>yd(QG!rh4n86D3PN4Xn0t!Sa
z5NzoiLqi}`6>wSylLBSQ<iVMJw+qL7D|}-nR}P(aE2Y~0+B~0hyOw`zijymqtn@&*
zLo5O0S~bXJgN@!-6gpORVwk`~M2U+g>1l9oF6PY4FfVtMwn_6mM5L<Q-2fj3KK|>Z
z+s7Bnrm(D6gtwKo!`BlJw5l1Y&5ndW7f^RH-k@lD(CzS*1R{Qn%8#x~&WS_}$as?q
zP~aD4b0ZGX(9v^VE`H;?#5NKkJk~Tn%mbfhTX4UVr|Ii14#va&;S@_N2y{=ZGsuY|
zwWQ7r(F*GLL>x<@)Zv@RdtVrWh8L@)>gpi;m~~OhwTxobSEZa~yc|EVarKwGl?vKD
z^9G*7T|Cvk0r0T^0BQZ>(tS#zAlc-|tWG^>hjs4LY=?9r7K1Q^1s3!FK9ntARdUwQ
zLBcKdCVIm{3hKyEGke57=v#5sn|j?q8u<O0JOGM>jox$daQdF7MVR>tB7s{8S|Skc
z0?$m?UO4SL0ih$WH3$v&p#-htkucztciqlIyZny1G5M*SBD#l<P2rimW6`+j)rK54
z$4UR!ec;&Z2a_uBrp&M_Cj3Q<2i0C`Md%U~-|Ww~wUpry5Z(Vf;4CPX%f-<m{hHs0
zu}u_!3bO%$25jX#|HgSvS^yw&+*ZEl_t=UOFE(F2JA%<@GCEL}7hu!|?>c-RJ3#pF
zU2@XP&C9b*8=@bD;6kTBQ~`7%V6-2u+kT7Ro-G&T`NZOAE8tWPCZV{W_nmLr1l@Wt
zK@l+JMcCWkUN?wE(6%rEI==}n{VyR$@&PdH&U2th0&wsagO#;{s`}VcIP!hRbf9R@
zpvWdW>RrEda$?YOBT$0PTehhn-1q5RsL7o1$4gC<r`yKsDWz)MOS0_VZ1k~Q4(SZ7
zKliLdynryVx3FpU!aEW$ye>P+frH_0&pmNx!vt_OO5zuDr2)XvTjs^XPZ@g|E64is
z%)?QBK~4FlUw_*SA}n%j^m0ki;;tfo(M(;q*S;v4rMqSVK1Yz8`<28j@`|0@THuj;
z|Gk9@?xjCu8^M{nz-fI-1ve18h$Y<a$Pxy;avePBtda1bvK6jaZMBaZ@-*Db%;YO&
z#M?4e?cSRCZtU~f%%6c+6%aMZH$=K`AI;UlH56t=ujRcU7y1<Q1sx3t$u?>zDOjlV
zKIFUL;!THw?%^wINzcGW+w0S|92o=3ZEE(F2_NW9`{SF)fqYkRfDCEwV@lb?dcq(<
zPI>21oWAGNp(Cc6v6Old-=C9a38wqiA5u7nI04Wxp9~Pa-FS}eC^#U=_nGt0T!8m-
zn9|FuURpp{ft?#Ky0lGp$=6k_ml>=TTlKJad|ReuDzt)bLn{vW*Xp2yuqyrG@+%H2
z;U5xNds%Vur==Z5`If;ct+xVipJc@mkULD<v<3971gB(mE$4SBh-+aLjsd~D1L(q<
zBF*r-W+1^&mYptp^-bGqHWT-28quzDl_d#Qz9!<mVZxUHLZ`w@Z-@Gq)11q;2a>&L
z`cPt*a_WO)hbzToNk_Lc<@lZ$wDQ#n*Tfa@8T>k*WL|n1vfp7%A);&s)bKvK+%<-U
zBQt}sK2|8>g0mw9n*SgE)u`H{EKR0bRj|Pb;*$@tM%*%dA3CN?J!<}D3K~=Q*{93E
z^qB;nIUDsE>vbQlklsu5!g|8SRqS87f{74x6C*=yVWlqTL~v#Mu8*~zI-Pm@UsR`?
z-zcPZ9Uz$GDUiQloGE*pq!O)b{9(*0puXt-R3dql2Ou(etz5lX=qV!Yhw<`CulPL9
zrd4(;KO=OS<kb}b?L0piRTps?mh-K};Z7kO^`KYKrmOq7#eR4)LXv`|{WU+8^4`tc
z&wtu1c(GX1Z>w|yC0uUOMb^JNaWXU|8v(vF|3CSCfWSqP0Z$xNH{h+rSqnL>ib3_8
zeA|KOx3v#x*00)kVBiA^PSHZ6FsG!A4E+$8yGuuk$1o<cCa1(yM&_Z&t^)<yO)23&
z_^KDqJ%I~a3U@pyko<(%rg2;0K^WkTGD=ptyc|67ce`16-QfdGF>Vz<io=IW{CAQU
z&0jfC7~Zr}|L^|hjoDit<;KMlAfpIaU~iz=VXLfV3{B!^8sUpdD$>Y%d2S9A@)-X&
zU){*4$lD<(FszQMGw)ER`gYfa0wcZU;NGdp%mJ72XPzZWKKsVt5>4ufLGba-%eDV7
zzpb@3<>J>0a>^Rw+4D@y+Fkz4)e?l=9Fo8V-=@q({OICQO?f5_klSJbg%5Sfyc_;I
zgN8o)CWA&`@2TfJ(eW8j!A@a#(**G!W?^SxIo*3A@C5L`{jQT7D1@PHH)(VKkPee=
zVtj?#x?r-lww85PvKcab0HuR*C;X#7GHBzh#0CsG3;+<ZXp`N6cL|Azu)Xj1f|rG$
zM8Ac{Go^n|9s55mSL%Por8N7WZ}vGU;KT>lW|;(g{g<w~A)V#>sht_r)_6DdSJ}Y}
zDbfFqu=KG-3&|`{{bOpGHZ3@~Mf{)B*<_aPdwc$KR#`|V&Bf_IXR?7pq>p$0DWNPd
zkpUF6KJ(8>Y>M=F!?pjMI2Wftk!2tGPa@=hxG|J(gY%SQiUb&Ef~7^SdIRg(rcT#{
z&?j%45XHF2XLiB95x>)g&HkRN3z1>a*ZO{jpZIcgI1mCfMy>nSczLvzexNQdx>+=F
z@EU&pel<|x&hN}quFAj3)q?J_@nfaVw)!VE1SNWXT5HgBBgoPu>7F$Me?Yc&x+Jf!
z1xK~n6_oUdqh{}i`2M*7fwL?V;~PK$z!eS-yN<Xg98eNi*kSi6ACMnUEV(fLCc78*
z=EeiqepPdXtW2=``I2y2P3_VVTpsNsIj!1n%(bKM?rVVcbaZVy2=Au4IcF1+wDK)^
zDRT^*Endb4<Xdf1lqXo&R+q=#<M~beC0*50O+CDeHeU3BvBMwlmvaZFU6?1U+<A%F
zb!3)nUnC2fX#Xg9zqgm5`|!o}YFuK@8?xTMAM4C4EL1i0buMoi=H1}zO0K7?SeJ+p
zr*9JRkt1}%PIwsCj07<YdYD&Z<3M}fKj4Q_-oIxpeDQjJ>6}*#GA>QC+I3`}FQAX9
zV8{2I^x9tT?s%yoepr`pO-;=kLkYjI&x*Rb<ZQ&)z<)=g=08#mT~RvqnpVZV{?5+Z
z%Rt(zWfmtlv0q77Vg#e8<ynfT<#IpeAgsCe4@%=BF@h(1cXgq@PF_BsGMEoo7o0yV
zh_$GLNUoQD-%|R0bI%ME?jXM=-eyz{=mhq!)#@XjCJCY19@Ns4dh33DDGW@#cVq|<
zful|D^4GKpiW$6$+4g5-*g0;9el<4wc{l8s1*NX@?nU!wcaZ$<sUg4lOcE<3%??ZL
z0}H)?{X9-s7ifF%m7bJMxfa`Gle^Q`(|3LB@lV)V0NSpAwi%)lbA|<113Jl_%BoWW
z{PX{0<h_8-%HP8PN7LCl2_`$qDK5qhBWA~%yoT1VfP%XwW_c?0e4Fp^RPtQ_#`j<3
zR-qX_*_>uAhg`j6(-rYQfvL_(V6_H$fq<UzLt%5V==wF7&C>H(m~yF9-MQ~22{}ya
z?leUGY-hNy_y`*_lSG#rC(wBE_JyK{QO`I{?_2zJd$4v=_|R6k#Y>c>ps95F2wxvE
z+6x;S(;aXY&42T6SEN){W3M@-Ak=8&;^b^@^F-l=XkejXDXi3|nNZt&;E{QhB+cS$
zo$b2C{s!xVgHjm$MTdAR6-hm)FsdvQaG`PZ@iv?5__0GKoCv-|l_gh1MMvLi_WZV4
znK?p^=5@bYHkaWnz@IX=2<Pov9NT03bx*aJV)+_NKKzlb=xpAMNmKZyY|QuI!(8qn
zv{@|73{1J^TPr4$A$L5CXlU>OoB!V~!LjqZ^CIQat~xMW!+r_QyLGU2#w$I0O#>Yq
zGe+XtkBh4+oE_E4X_OH@c+4hi^k|&@5m2!EnC|#4U1;UWw=dM^ehk0XS`sz1kuhT0
zwxR`e_#>$W)_7;gy0*itQaGU^I<q(M%ie;3=ytZZn7v?IMsFZVqZ2i;N`TD$xTnAe
z-;PS#<D8<AHwOgxi(RtN&+C0a3@*c+eFzR`Q+wr46P>P<(}CYLL<v1oQdoadJ6)=M
zw^F3Tsz}oLzIG5^dzlD&ATRTo%jE`*9V%N#!L4#v*NO%_Q3~VF@?}WiGQz|{E8l%x
z=Gd=Oq#f_8IRk$xX<aSeodj?|y;<?#7SWd|3!Y6QrrPXU3G$2Wq^Gie&GW%F&3GcI
zRDl!^HpAwyLJY{2gzv69i>x0{F_j3?!0MwcdOj$pqX8sm13svam-MgWX(cYRjm#0#
zCwaV&8tbUgU~$bBECYd0^Q7eh@kE+$O+8K~k%WWtWvis5%(>bVik(s!fH3-`b@(@d
zV^gI_8x!0VB(`ojRRhI?q#jE59~-#ezLYnbO-G?2+@`i7z6q>n^g6tq*LolYNy9Cd
z^_OZl{WADrz*1mZfox}HVZ){2`sy>YE=C8J`t9w<enCI#NCedJa6Di>>h|A0d>3%|
zHTbsUC~2k9&=w_f?65_hW>ni*xl+Vg_+;O$C$O2SYwGSG@?`$u+btZX5^fqsMf}u(
z10g*D>SRpesk`egB5&87x!#gw&!4YRVPV2NmDUNP+31%SooEOSbT1`a95{Kk6z;wF
zQ{t#8I8S-6ib&Ifs1ZaUD*IAm&_uI#t&YO_K-+yuf(PA^uro}Z%UwV?%*;uq2iCVH
zy+43=!ws)rh2;dXS?nRtI}|4+-qAh|rw#(cAs;YXLpyVClY5ldca$QjD?5^db}vpY
z<#m5-E*O1uWr-`%3K(aMM50<xzMHV=mt)0LsYh2`ypt$>og$S*CG0(-?+GwWZ(uK*
zp{_8Fh<L?|7iEZPN@@!ikv#my=KR57X>+cu`SCCVPw~*o;~~>JA`qF#x>JgT#mtLu
z<6F@tR=#ud*p0<ha(;M$Et0Kcg$#lH(0K#V?HZ5KV{aD9U30zLH9&K{*bXz+z^CS<
z3BL~6sz+_)?NJK15MDcvv&UPKi4L>c?C-I-%>(bZw{1wbY|CbBxmMOQdwEXGYilJi
zJiG;ZwrrucSuLd6DFpP}v>r6vFXeV}ZEkL$eMR<!opdudwupW=SAY!XW~Iwe;|tTW
ziMP^uy;9{#TNlP?&J8xB`AARTI+2liyhYe5oq8;<yL{ViY`dRlQ%4MX!L{i!w3aaR
zwzgybtrT>Aqx^XMk#77geNAo(bNAz{@9Rt|7qz92A1Ix?D4X&ewzhX9^i!Tmhe@^D
zNyQ!cJUP5!+a^wW%{Lc${aVf~Bl5)wtzdL)%x8a^UJKYEyCur$V+};0i(ef2g~o2-
zGcjns2r0S_5yyiwT9hBFkbtvKb-faEyIL=MAwT=1PXs1v7bk$D7Iay2$UYVI^0vVA
z;rF?{G{~3PSoi?FknyMC{A{4_*2&po8ri2c{GUoI4`AM7WFT}Ov9%{27gcB>&sfJ^
z8Z+3a=nRct++p>py$f7}gMp8x7S{F%_vS1@Q1gkfGWDs4S~~n<f+JZCKee|g#9;L8
zR@Crog&R8L1@+o!>vA6hP#ar(R)?mIDyn_8ijORFLX@L@ypYPl<HAdLcChY_9RW~>
zi=gyc85KPg`oT>8LT){U<Jg>aoUUV~9U?$_LRNy|RAZdCvFDmlk%Ir@?s#^u<>7{~
z16i`{v6S)9(nmGX9^74$2peBDNj;jy4GAcUx2_6PfROyIna*VB$+w|KgF7R3jvQ!B
zO!OCN$s?=7h1Z4;GFlARe^z{%3^gL%Jy{1-!O<7(G%U=~#(|y~uN#qHiX9UCLd$ub
zWt{S4t{`>e4DgPa|2!E<EKJY5K`UNBvW+mGjX@~7q$6ufgNy=+XV`z84kNU~pMhj}
z9093u3PyF^DQa0hLrfGhzVTX?xEz9{GcsxM+=81^e3eE%pg=_)oK3`j{D2f~1Wxzn
z5H>d|va_=(QS~<N5ax2{fb5L3LDSyh;o%Qy9F2g)1z@CD>;Y;$&n>4Eyi-a^!8%k<
z@vNmtS^vGO4E&fAKb0wm^M6f+C2iAi?2jYb#ti%@05R)L>=?e1Z|Rr@66*tKZ$nTS
z_1@!2_P`;SmEObFTfHNdS0GAOKKf^h0qjGv;^G@YnnK8`>H|k->9-Rd8_IgVt-%Hg
zIO%FC7}J|Rz*{oyYJ6|&m0Swtp~`~m@0*$BCk#IeD^HQ?fwuIhdiMkTn`dnW&@v1L
zv+Rk}JbD7Hw?44tB|coYm2!uA^vI!3SDe#nutVAgRmOjD0|&iNp&vLOTN~<6QXL!k
z+buZAivn7-RVTIr%e=-$iP%weM^Hx|_=R`WfghC5EdfSBM!FEywD*GOl_BOh>X0N@
z67is62j79oQS6#Or+vi-AOD&d4mmeGo4$TPm8RI)3Z;(3oJM`!tZF{{arowEO+1L(
zNQxHg(rw_w_{iAC%jY<;1Uu^+o5$9vQiLGa2NhyedK+W-kTl6NAga&jUKi-^NyF{-
zygUfwo^CT{mmKW;>I#BReE>+W@_V`p`MjQhPAF?61Z~D19p-)ryW2q72Y{HP_^%X%
z@Vtb`q|#)!0T4g@LR~?~?4a&?c1EhbSi^}qMjl{@#%r&PDAfgWN2Rip)<@8ZH<MCX
zwNz6Bwb8%s=6^LuoTng%iJmkEd908Cj_cY4Zm@4J|HJMG@*vCykT9|X>cxuwWEWAa
z5J80Z-Z2Ew?H7#B!bG3}#1<<(M<L3tS@#1khGgd^Dj^sXkQ-ze))ciaEcBP|^B>0N
z#zIb^u0=YHc!lF7(w;$ZK3vEIqZG|z0#tWfXreY9H<v;mMbv96hd>h$!n@W}o^n9;
z@Ouj5?B?05>q|bF4n1i}bsb**a<;!@t|w<pP#g80&PfC<TrN*4Yfl3^4|$SQp>MVY
z7}t|VJnMHMb4(;gBtQ-)0q^D@GdUES$g`)qEeCTSKyHve(^s*$2tOYPaK}ob9Q6F!
zO^+%_I-<CN1v%<`y8H*r@`y2g%;%UqoE*X0cecYx86b0|vhMNngETf|MN=UhRvPaG
z-BO{-J_!-ra%G{vK&i0PD+^zHyN_{lOE_}wo}ezv;js}5R9~g>w~D;>UXzx-vWI|)
z9$(TDtX;VcnB>gNhqR)KNgya)&W4@T(yEf5Bp_E8ozfuu>Jw#jUlGa{t>%ZGrNxun
zh3z|8acCq(RoN0SFt}<F3v-fk4MZN!Z&4x2F+Q$gh-Xp{*F3#2jz#EC7EM4svTuo;
zT&^zqbTc@F4F%ls7><S4SwZ9sX)>?Js!)YCV`0bcE<N2*0sbCpim4;$+B*WH$>B_R
zpRzOW>-uxhH+{>Wi{*Dv>ou_Fu=;Y1huC`R<^+5aPrKV=(!<lpo<%Nh;QW|@JoE%e
z@3mRq+1Xh@H5!cm7>B4SCO5we4%5MVt&m?S8ftsBunSoAqW#l;FsZC}ouyfE*8kly
zR#y-^(Jnma9BM{zjOR6lRoSM)J=WBn`9Hz?J~W?=NC;v$f}7|4k1*x~b~WJlwrUCj
zIw|u|$mi_zqmX3D&Qh4l*Kk`%*U4T{o!6sbuv)Kr#QJ8F-_gu`SEkcSodE;`(Fc*$
zS?1(2dd8uH+!H0(;+${m$d!Yk0?IN-KsCnebLIla?9H21&L=|s276}>%FPD&(yrV}
zU3Vi5kzXb@G6mnZS+Gzq#zwTjRMAXoZh7bjUYyuZaTP4Y4eJ`tqF%X?iBKME%K^qn
zF6An~&b7h%3U7WA(yx_XX;c=DY#DvyX@Bc6rY>+XUTDVEaquc4&<37SdUu7ko7S1;
zLo~0*eswyUVYYT!v7gaoX{-gHna++w30hBiVg4TRrKGlw!ry8q$j6Y8$JOc5Ua3dH
z0e2`2k(NW!c_W2;n7IT14~gAHVE6Yll|@AX0HWjLKmB`7`fW*ZZ&^s!=ECLO18fpJ
zc1PMcigWDKohz)@&z0(sZuu_S(ZXOcTEsl~qO~;Yu-EX>_0fl!xqeR)-qF&l%Pvlc
z9|ML`+0`-OY5GI(Mu(OKg#T76sU#lUhx^t8l3l3{zZT?tTRrLm*GG7s+mG(>YpR;t
z^%9l`O<O=%WS9crsc_75v=f0!n}p0*>LAaek;a0i=gwBcKOL1nc4^}H<+bZB-N^I*
z=3O3GDM6kr+Y`SzDflF<82)4#Lex<qcpDCj=%_O+>CAzZo_Sizu+i6jt0{~6Neid-
zrWu~`Pr7(K=?U0RwO{h`SKPqOcgQzioERA9$&Ujv@w<Og?ocA-Er3qI0~>$Qsk<er
z?9=5fURt{Q!oFmCD;=lmXeAWxB+PqP=)|}1CZ+WsVTY^@reh$F2;=YTPESwYHc;TI
z)syo);IEZ3tEr{xzAi;~Ny%FED(JFcuOJ3x*8K99<yh!zj!8f$G?U8K0DnCDQxeco
z`3Va)rrMu=JYcj9<n0h<-F~HDGv7o;9L6x2{-w@;(zsl!%v90iA02rwn&IH>SFJng
zQ)O-w!lYpw+53mJ1`RkSY7(v`iP<FpbmGH{OEROS5d8eNXHXWE@s$K*J(2T>pZ^oY
zc9qAf_h@Y}Iw>jC^jYEUnpP9L`tZ{w6}v=j0E@Vts{PR0*0#7K9u$!?WN#2syT<sY
zJLTLbEH(XoZTz+2Hmg0=DS}^s@6Oe~K@tnT9@R@c0EBe+>T9Ch!iXz*NnHG0dclVb
zIH+a@$}eBO)cIVA0L1gXA`ANie<?9+g^rGDT-HWb(%rxyItC22eQfb>*h~_&AL;|?
zTy%XONp=6o6f^h>0I1DK>yZeQe}Q}UB|Ac@FFW_Hm(Qie6UPyA?H?>RR0QA)+QXUE
z{$%eovbNcmW#`GdW^ulzYyh^xDDv2KSsP^Xxwx1J$S(sj(Efc~4($qxTDzp-VKeND
zTYM2|PyuqgIX;tvk2$x#<3=+j=zhfg)fLo_6DUsooo)7<0KlZ*XJr}35#0V0>TE$j
zS-8GJ{oLLd1Q%x!;``*wdv3*KP%FitrghVQw&9=D=@|I(=1Ia@uaGDJqY9R3o4u)s
zz8U{75OWF8()K6`%)O?g^s{XU?%8JPn(FnK;j@>9S0@w_NJBKxytY3CiFgJ?xR<&A
zsOazL`~Mzx`X4pUf1{lLQEL4EASet94A`SzDqbh0P5+}sYcNw;T{;5@*8UFU=Tjtn
z^XxhhgLINJHnvlc>tiQSdjppI`#Aos7@HQ0ZP)ytRw^U&q3h}&k@DYj{U>$}B0wib
z{2T83H$`Z(zApLv4JQ9v;k68**6iRvopVU=?J(p&!twv(%^0xfE5@_K0ASdmc*$BL
zxg?6d<ds*1`V=gx?ybA3<559^=y|x@s&8{Eon1WPLzyY+fPyDG=Jk=8szl$sKdz?(
z4-Et5y{M<n36NX0)@%Tm;-W6k%^jl6&({Ve;dxNkQSDNAY4?#yQu6Dr+3)o?qt)Mx
zrYB`iU<x5DxLuyUA`z&_#Q9;CG32`bS3u&7WHd)H9$qu%3%R`7JDXYX0HAHBCb#Qw
z`kOy4i)%?xXUGLr^Xf<3;HiY=)mPl_4j)GJp<6@bXE~Uwf-5AkUS&7m3@oMp2=Ocn
zvimCw>KgszIK;$ldcIo_{re5Ft}>&0aDI?&^6}T=_FnOj6kSn*8$S;bZeOY8Kis)u
zLvSBA-0PHhc04G46H(}D%`hmgE3y+4r*Ad~7+d6Vz5A;^{rr7Sr?%+@f?7o^)3zCa
zNW=4kj?~hn@xycfzA38_B486ZgXt$x%LZbQK&z2Y+~4~Pjd!K|S`)Fyuc3ANFW0eF
zubDI=PJQB#q#mi^r+-h4l3F^i+%2E*Av0$YFh)#}A8hnvRo#Vi`#(y=3VG8kH&|po
zRPh$uCLV%w;TCWkP)&6EGo~23vECtYMhV2gRH?&S-cR$CWgxxD89giNp7ULuWL<~0
z(f8`F40!k#H%&Z;Dit$<0BN)9B?rAn18hF>u1#azJu(s!8h9aE9c4J|zVBxidf)vE
zu|f&I)!;;n6ut)$K<f3&3zH$3k}Dg%lzc|5qV9oa(@D2(LQ&}To|lGRV?d$cs|h>W
zJ<i7c>zX+sRcG8h6yq&>wkuvX72kBHk7(E-!$eU)u{fE9`}-457J~Eg$ZL(TAJCs`
z@lwG1tsXmPx(Z@j8&sZDSRol=(ED^i9rSqVi%2IjZh2={ihuo!O7NM?Qw__ESU0_!
zmAo+fV<o*a5bYm^a!NjM_CDk?F;&g=a%bSkUQ57t`%7Z-BilL;2lU6S2gLK!`wTw!
zA8lo>I(pDoZOA@_P-KS$bgpB`&=3saj4re_MfYGxi-#{Pz@Eo1E!~Am;Q07hI$t?>
zpjTld+8%bofUGeCQ6Cb}oW9Ab8r)pSWGW(NA@_|n@OmsWdXQ2hxZ4p&a7Io?p5K)-
zC3It^m2w2O6WPulJ!DremfNacAZ5%3%NDSAAR9J(Ui3946h>D9w={ZKHT@-lPk~QB
zAJ1o=LTQrtLCA6waVGE0Jw<=l*yJrVTq<RJm=gJh$~aZh;2I|x$XOzgAc|?v=JvLu
z)wDauiBI-zW_MlG9<eMMRqmp<rEpE0h4_%j$50@n+&v5Z4$q3*MWetXLam~zS_<JM
z?+HO4`o1D|13LMOE)ON}5_O_H^-Xs=AN&hq?d^-e2mC`x51l+X@7h<SH+>a1rdGW;
z{y0?4Yt|*5Mna4rXj9HUb>8Q$i&u?y*q~qiAkNn#$oL$;s=}QucbCZBf4|UKd5zZF
zml^?_9GqZ60*<(!Dr3Y|k#$fjuPkDa$wl3jYDNoL_{v`FmnhPa0}FfK=2JY8Qd77Q
zgsl8dB=&Ab<tbi+j+}wK{0*gKybf*o3kp+5$FjcAow+-4ElO8M-50*$Of`qv-iFsq
z^h#+p&tj;Ks-lAzJRatZRp%EL25vY~;n^;H;M}~SQ)b=<pQaTZx44-=u6=Vj-dg&r
zy^f~+sRXJOCVJm%E$KTqcNHl0%^-8&pueugt1p%`Szj@q<*22d23Fame8RgH=QTR^
z1(|T^twqM~vM+GOl7jb5eye)_ls6w<8Ic`zZ@Py3{o2CFT!5z)jT&Xq+E_nueWb5R
zK&RznY8#r*+1k<z`YjNf*MehGSyET;$T^xwLV}CyndXv1-PNLp0%0^@Pnum9N#6};
zktGw_Ox#Gh%Q*G?T~e)y<`LG6)JC*)Y8CmVb|Iz6knW<-`1`W@$s>E#9nI}Z^qeWU
z#jY$>+y@E+Y@N+`jllCZj#wl->fD@<A5JGw3N`RgcNh+%p{9FYDTIS}8+O($>))?l
zOBti5je0;9pzVlJ!JSMy^+?WfdFkZiMD>BqgYzT{ix_D300SrNpzE|cK~NBHB-@P6
zrx%<+C0bfYkdxjVbe5o?^h1u;cu~hI;dL1FI{oz{Iu_7(81}(;&yWNvBFr66SXBLx
z_o*C9i`({<6Gh=Kf!;R9F^3&8)mVbdLeHYS-Hx1br9md)5~b6N0JwKWtsqs5vFpzn
zBgh_|m!}vdE6ISSxmusx<wY}7-2~#udQw;rbO1o5^QGB@$yv1Jht4J_kAfrDH!D$l
z=u~{E?ayub1a|s6oAMD3nGju@j@lVGmv^s$SDgdP>Q3_%Bt5s+vz&&RY9yPMl2?Mb
zHAs3vK&1Hf+^Hn5@!Ew<U$Q7U0r$b=zBYQ2S3?A4jxKHH+{;N+!o_?q7C=>dJ3iWW
zbCY?`U1Y9+M*8)?LN<|`K)RL#4Ftn10DqfYbeF8$>4jKskmz+51-Bppx$*+Vg$vdP
zKm%bZ(GYya@q*~G)Avn|o$<bJ?a(j?VnBJ~4to|*Tq7ikBoRw9zR6Z(0J`d?lZP}{
z4zjNu?EaiU$$`vyJOX}uJUE^dafXnP{xY%_aI+DkauXCcv)IECl9DbOb#jkgO8G2g
zUvC!-Tsi|y6QPsvvPU=Tl94Wqkm;Ny`X=O!8<|=Idwqo?atOR3B@sC}Jfab*G7h7o
z6$4Et$k+%Ogl2Ei=^F?_(oo-!9r9e1z`dKbfcXe}39K@hW@*fs3uA>S5fYlwx@W@q
zQ(A;54K-?U5A?d`|5A-jQZ&P+)Sf%uIsQ6wZr+A@f<YXj9u3nDi*pJ}p`jf;N^}K#
z<Jr58kC!^=2+}KvS!-9@HFP5z>?7%fSwIKc)mK{$@2t=tTheh`E7I&%&kT>8+*{av
z;V-a?7F#1^cXW1$kx-Hvv1~#Fbczgau$Po}?9=F*)(M3Tv`Tsje2mn0x-|487irkG
z64e*UEiKdl>T(<>G~b)q8q$;#7uPnm+M|+B{fz7o8TXToX}LL%9*Q(ftHxK~p3c|s
z0@v;dSQ%7RMtc<yQ|h}OS1oi7^A86re3y;!AXhgNt5Rd#e`ds<L^ays%tBe&o?YHH
znO~B3n@mleo7sw8;=G0c_?mN7ZD!t9l1ZS<F5O=uo&u=Jee>Lgc0QrjSV7(7!G3bf
zq49t`m%EnX$d~G&Kt|)W+K7(JdAV3BBo0YSbBHJY!(k2GP-*7MO#Mr;%?q9;L8|Eh
zPqiKAR#?Cu4Xqdv$tc3N!G!fbw;&Nf=W(Y!9S$C1IpgtDEST#y7?ME@inj(^fcZ4j
zUQ(NTG7EHdE_T?LF2=L~upB>+PhfVygsOKf!HakHS&y91X|u+cj;_7GeXW74Cz*)u
z)g_1Faz`tOX>N7creI;Nd8@lo2&{~Y%=hZBl#T2NOK>Q`j`xLZdYS`0*(35Bn@Ctq
zXj4xkPR_hu(C4;#V&yhQxLsyYxlCXkbgfJqbt_!oaDoC2!8e>^B2dsnF!|S!X`Q?u
zPpe^}3lKZkz6`g?Py`}BKqe;7r2(>91qT-skU8ZUe;kp>hU+|DmF+SaVTPG^<xXQ!
zcnji9ccly4jTm<Z=35l?6+D^qlLw|F&h4#ds+(HXvM&~q&KTc8EcA6T<~=tmD1PTf
z{B7>T+5Xg|#w3CYwVD1j2xSBBUyDu_suBVbJo8l3nF-EqoY?P*lacWkZMO4~Kt-Ph
zQ7-I$J>HkuW-F3a@1^6LYYzFLN2j#ugPi|Dlt4%oq0Q{6=1@t6uu=qDyx@B*yn`~G
z{)-{b3>BQ;x!i?~=$1*GQQ1n&?a85%{oo75XNLes=y>70L)vFwFU%_GIW_E6?*J$5
zgoQr}SrD(j9n(HRyY^w^Vn#8V;6VscJ?{Fh)z|O*(ZOzr+d3)ZBgT68wx}zyE1#ei
zLBDdZ7p8zY7t^Te9A_wnjE^5Oc!|-7kFe$RvJbXaDC&Bahg0p<NO{x_FSFdkNFb3Q
zPsSqG^J%5y)XsM?K=n5#kfa6sRj01oaemFsSD;TTcvo+@F+Qb?aH4SN>uK6N6)Iio
zNKh#1w<Q+&QxUgF89y(;#9RZ4TD6LU6<?@ghv;*;>zE_imu*7i{Y6Y@4(9O7jwaFd
zJh|FU>OFBnyk~S@Gd5UP-lwJtN}af{8wuxJh>+`SM2C7qJehfnv&z4ejk%;d2vZWM
zZ7^9-FCoN)0*Iz9Y#L@mG4jS~rRIEe!?y^^9XRc37J%u<JH+P6&)yo*Yo=_@MCQ+2
zyH41mcFT!|2Ifjy*4&+vm8+we9OeXto8?az%oh!2w>M=LJeQ8yb1dF9_J8%+zw0^>
zA+uC|VU(u6z7r|+>Je7Rd$WwvsIyDVw106C>5(5U#bFvsqV3}#@d5Ei_d?nhl2%Gt
zEl|q|??2;V09Do)x=e92=sK3y*ta?&fUIwL`H@cH8caVqz-`U@N0g3Qxr+epJi97n
zq7ZV|_BD1$OxkJkycgBEt7vWz<I*?%HRLB+y6%n2i+pj&#FbGPxcNd}X0Z01*MQ;P
zg)nN`RSBPZ=^U#?1$5;E7}36R?g3Km^JJ>2l6nC<a%5@wR+346k^>hI{r<V&E#+GG
zLw#Hyk4;N&E1JwgRn*QTnY<0VOTB*A_|#DDa#q&{%Bm8Ssh<*{bF%PGrTD$8-Q$w_
zqSjlC@$$wEyDSYmL}y%bS8rClk}phxCkDEMh?H9)iW?cQX_VRhpA!>_fJ}XF7*?|S
zuu8;yvrq1A!<yYVg<jvghKLgu5goD8(&nGyFn)R#yPvDLjJ2Ekj^noWUDc6G+|RZW
zp24qqBi$`opIEuk3lLRhA;%5+up?oNf_e~0FUeLWE(9OlHg&y5H1}<3^U(IG(3sQ`
zHUdS$`sbx<7z72?x%!)<O+-zik8o|-+Bba&_0^*|Uq>rSAP;%A7;^U6_zk(6!w#W@
zlJ*C8Cvy{zJ{uVsS*e*;{5_f4W-9qOV4o$ocTSa^1y_x2-S`AP)rk1`uwoxj^(s_H
z*-$K%^A`ljSTZ(H>p!v55R<6ajEw2c9zzgSM@>4J{FFG!5vp?$Un1!iE)geKNeC6Q
zA7nof*sR%WiFobxeq+%(dSrd)51AP=<7s)bt%#|T78Q~C2d`7C9Q5rMFuYuvtMkT<
z8w5ZjB&G7*^00kV*=D#4?&4n}a+WNC#>mRDdk^<hF!EBA9*2d#Wbw*V5=~OFOTbS@
zL2SS3mx-!3+vI{>E%+Sls3^8-%ly^vdPc7+h+BGxnl@TzDAdkVyu}NUmHSh{D$ig8
zMS2>uj?)tMUoe(yXMG?u?1bCTV4+=TNWb9yFA2wu>YICzlfew=pn&u?tm#bb@aL$G
zg-K0z`$`M$w{!i^BjzrW=_m!jKFB$9Frt4f+XYA2?_K*Wi5!Un#rK~yr+YsYs0I)f
zKBt>DdU=cW7Atr3?H4=G!ZxrJtQs3TBiQrqn}=u-L_gwxRY_Br@YbY>U(-a30se{9
zwWIFjr#~61*+;IJfBAindQ*13vYPeD<6xspIDwZ`lvGI4?6Sq}S>j@!(?E(>`kwol
zTi}S>5<@fCRp#}YpkZtIKx@)b+HQHN*!nXAL&SZBC$e3hnDm-9#~~Hwq9-e&$&Y8K
zN6M)$L(<C6&Q-3J)0<4@N)#s~btlc5>c|vi`eA~7vKoBmjf#}~hm=%5CgRov&@kZ#
zB<AG(0dX#uvGrUL8>c#>IP@>;VNtuhXd#|^sMG0CckbXxFCV9s*N=?W>a~WJx=K<S
zkcSIW9_NFOTf2$W61j`Dj$2Nfk?A&~x!_^D@x;D&JDyT`<hNN4J{1&wF*IDh?8_%v
z2r0AENjH4>GE6c9(%>dt8za7Y`_a4E(m`sq5R|sQp3d-2bv~KG>}17W0-1u>%0`k?
z;X>P-dwuN_;~=DV=+-B{oJ0Q9iS6l7yF4V};p>8ObA{I*nfuLh`IEO_XSd1?8cuut
zU+rA^H(Tq!K2;q~wI|n9MTw(Y3spr!O-)WIs;yEX)YR6I_DE5b7-Bl7s)jV$9&>|M
z5g|#bc?d-*nwS$L;T+l^A!<w$BH!qDxc5)EYu&ro+H1diz59LE-p}XxJfF`m`(-Uo
zzy<h8P<4%9Iy>uAq4qR%P-)bFWcgPNbv-}vks;r15&<0=th^<VJ@TttO^B7uW*3Ft
zwc+3mQB0m5{h%i=)HEhcT)j#<e%QUvkR3NmGrKTMG>U&`#&fLmFx;E+z%h6-TAy)P
zD?J1axnquG>KT-G6f#tUOZ}Q6cdm(6ZHn=tJ+Af1VZ@#!8s<=@RpKKw=&h{%LtnQd
zi_$ir&)8~xS~N8@ZJ>`%<TPSvwWog*j0`|WVm%Uh4UPjrrfeFhOu&5akTg}$V65$1
zsp~4D)y{Ya-7}FLYG)X51*JtOvP$jC>#POCZiC)N2BwDo5r({Y*LFszX+@a$RAX!Y
z`zmN%RTK!M74f|pi?^)qtoIWT3%?m>JmLK<T7Cm0&Tme_gzLi@j{KU665@@MU(n`(
z>dO*2e5v3LjlJa8u*j>$+EKAAYmGgMipv)=+<iT(oG*qgvv)f9Uo6@Nzr?R|lYnv8
z2eudZ8{5}83QMe}Yh`flYDT&etUfB_ta`ACA2-6;I3uUtGW*=#lsAI&v31TT$r+Ai
z`m+N7$)BGP^jujj*@R$xts7=iIr}RW_-w#yl!Xv;5qhaPX{{$c2ZD*HLt2YgN*?;C
z2gqwDEr4`A@-p`$fL!JmFUZ;NyYs=Dfl|JF--7-8%j?)>(Uj9`Z7tuicPcHRKKftw
zBu%Az2K?2HCCQ^bddTa~by3~>LSuC*{UlS=($H>n4)EDIjw${HT;o}@IL91e%Aq%d
z=G@x;XkJ?#v67a9MYI%>&P9%Yy9tdBymZCd?z3JnY_y4zneDn%G1Pk{YmS{fIzt+*
zN(;dT9mF;1)d}8}Jb9X_`u_dijWFYk^Cov#!R399k0^-L?`lIA?#h>5VNq4RM5Zr)
z65YteKKXq7%ImVJVOT^pg$?SP%&+t5XHy^@k?4?XmE%T1!X?{GW|=7!pe)WaZ-6$4
za847l_TxAAz9_7qZA*6z%uI9Qm%}h<@s4>#nJ?p@ZaQR!XIM`(qvVmlRrd82j@|0c
zQQDilSE34?)>%Igae@3e&Y$L16C^k}(X>pRBp?z==N_CddXA<qb*ikB5&76kyED1I
z6K{zn*_!4a;rytWB7R$OTmwr?YR49qQ6QSPS#U-e7HHMW<*G~lh{Ht!61zCn=oyBz
zoQ1K)GZwrhWNqebzy+VPc_EB@)CgM*LtIpUSnpH@>OgenIbhiqpu7v{bjbyyDeuzv
z#x}gE*7l_9QtGehK=z3x{MRvDNieiG_wvaTtpSoG2xq)C+uYpp_4PJ68XvBf`i6b3
z5IgdmFgK9_OMFC_yR!wkW2d<i*yDAmzHd&Z+`^n_)4|CbhPR%+WTCKrAl%5PY-7yd
zze5}PHwiX3e$lZt>l;FWa}25pDp?;-aHQ>nMnpoC!}6<$(SklexrHTh{S)ZYmZ$3y
zX>{n7PS{I{nBB)iU%u$pMm+`Sni-b~7HNes#cU=A`2gv|)5(yyt<AJ7sBR-b!xCSW
zf^axx3mOlzQ6wjDVtUX^-A&LX67241&I_(_F((KIO(EH87t>bQ3PFTFNoU>!__j95
zH*Ps>s@=#1<BDTDyIZiwU=MNE%bNC6qMFgllKgcS+DABENmIr2NEBj8lk66`GHns$
zWpGqmk#{f`=&W8Z(UhRi+MEV-iH19*JjmvV_9O|3R_!MJsmB2yk(Mt<b_JFWd2Q{d
zis_WF0hm%YRbFuR3vB<E1c!TYD-5v<oUvOEy?S$X{BIZ@ISx>1Qy6EaF&FKU`m!J$
zRF!Yr#>N>9m3>Gf;k@T%F&`|PAGsvj**#zE6P+m-Yx^ngPMlGPiv9gvJDYnfNv$ic
zEX9#wPIXpyv?Lk|mQ$qpt~W;I2nU-38@8Sp&9wfTg~y!k4kTzwcpJE?gFQCd+mxU?
z`54_;pf>6pUvg8}o!LwMEiU92ZiS1=`TLbehSR!_Un>B=3WzV4wP)U)B9eHhBhdr3
zlrE6}QDn8cGF|n6lrCc2{YuY6c7wo9-;~M-niBscynTvULEU-Ved<(ZZte}E;S#5)
zlBYi@i!QL@=Xq1cLkMX(`AvSYi1(jr+YHd6xn&0`&^IKmfW&+^ID`4$C(;QFbY7wj
zZI$^*+5Tz{#zmC;xq>^Kw5G<^|3eBNbdTPcvajD=#v!SB^iJcL=M|WH`G+rCy!gOy
z4}|e;Y`{U4X}+;i$z}m}`@7S{$Y|B6h8Z%WG2j3Xyp#A1t-90PL)Gc6Ug-x5QvS$2
zJ16pF#F4xD8=)u&@S&RXTjoJ+4u-FjRm%%@=(HkaG46x7qk@qBhWx}X+UzIWn9&=s
z-_*IX*nVD*fI0oI%9_ix)-bH2L{4-im}5*U$oSATw@}I6+|>r9%KgXFH)`=@{0)EC
zU-kiN@G&@;e%y(SkGZqYA~FRIu6G(8-AVi8t-S-xocy+BDXS{3!1J$NM6+h}TqdF&
zu2Cg2n>egxQjl*r7wi$`G!~xxuo4Mj9of@w!e%b3(nvSao(N$dcWl@=AZoy30`Ac%
zS+ufK*PP`qaTd54U}YyF37^jR>S`K3-{F*u7g6A(#?r7r3Z6vxbD%|Z`|E@3Ggq0c
zibLf<MO_Q2A3YK6a`w_q2CB&6k0`<%ZzWlukl5w<j$crmkDy*F-+>FZDbc3>)Xb_l
zY=BWPl1qYKV*RYPq;f9$vTh}{^XIiqY&YuueJ*U9x)Jru3fXO6MLH=a>-fA&ABt68
zTGZEvfO;cZ*e?Z{=-jPOp2gzD`$wXeYp*$BQ~YE3(Z5Op+R3@#MKX#nN4ZLnWw?Y>
zvoGL?m`L&T7~tKIk6Pf_U>S}Ku5vTu=|<pY<Dbg*U4)*1{c>%2Z`*)N$m^@Zreuhe
zuI`kzMpgCwV%gZ8nd_jPjz0q2LL;d(zbjZXt!a6yREBT|oB2=EbIhgZM>r$Ft~2XT
z&^@(9GGJ3BfI3d8K7dMyJAj<?7gDT+Yi-~3T<b)?lrJCFsup@PW^FZAzUetc7SUSY
zA6DJ3wAnz}$u%1}?dzIs>kT%QmfNCyPjmZNV$<?rVBL$s<}e;T_<e)yNcm)f%D~me
z_|s=jWVBn~<tKLOtNLe(C?lz&#UDj;Ls&d)F-a*rmP(y%^4~8<(hcHnA>HEk$!!*-
z<paq$3}y@rVOhNroA1<|0#hd=y{2;#yON3Y)co&tw|^~E_<BcB-m@|82X<R<6rF!l
zh;3y@V`F-f;p1N^>h%+Z5byadNL8<ne_P%S%Wb?$h14OkIWIA6)(5N$-ISJ#ptaMZ
zm%-hx40)Fij-q}=P%F5?127s)&Qn$!Y#a(HDJ3D`tJT!nv3}STUS@;`%x4_b`Z_of
zs8Q8~;=X#Qo$<B3YB5{VdoVA+c;kn)nBb%Q?~JnjcZ@q9%S<nZ<g--hp5h0C+fN=!
z!hIloee8CL7uaCGREo&oPUG(g^er(3HTcRYuvP#fIJlbDF0fX(L}0ekf7$=_>fIJ(
z=F}k@2`{`tg9ewdpbd+&2F~LLwKlUQ4dYh0)cGWc6adRo;Eb1m?+Mtix$;M2>QQTt
zyI-GpI!f_zMkd{^-z9ACnp{#pB@T+)Y#tc)`+9a_x#06gI3Q6P3T<h=XtkAJ4~mbq
z)vM3Sm}8R$aANEQI}V(LYwmc<*foO0sFaQ`a0zW&th)<_kvWV1LxbM0E^I*mcn$;8
z2qmh->t2gflB<J{$o)W}(DR=t+x6N1M)@4^9~AfTp%*P=-p?5csi{a94r3`if!zvh
zBYLR}EkbXaDk*stc8xdYr^)1D9T2BghT6n+zPk_o3$qsZ?+^Q+Cuwz-kcA~ZMS~L)
z|BVT>w_LrKQh-`bh!Y7BDsf_~OUcuA1;-=<k#K{)PQSi`R*$ODB1!$oIRjp@qcn~!
zx3}2bUU87TV}!Ka`Y{C~i<swhy2Q(!oU8aUic>Z$4WM)V54Q}2r~gv(Da8EWm~h7Z
xAUP5`W;U1e_>xY4_wI+|cK<*4Uqb?4e5$$H?|gr)&TeQfUvjh|UcB}DKLC2BWY+)y

literal 0
HcmV?d00001

diff --git a/elastalert/config/config.json b/elastalert/config/config.json
index 5f28031eb..ccac36286 100644
--- a/elastalert/config/config.json
+++ b/elastalert/config/config.json
@@ -18,7 +18,7 @@
   "es_port": 9200,
   "writeback_index": "elastalert_status",
   "index_settings": {
-    "shards": 2,
+    "shards": 1,
     "replicas": 0
   }
 }
diff --git a/elastalert/config/elastalert.yaml b/elastalert/config/elastalert.yaml
index b0a735fad..1fdec1b25 100644
--- a/elastalert/config/elastalert.yaml
+++ b/elastalert/config/elastalert.yaml
@@ -43,7 +43,7 @@ buffer_time:
 # elastalert-create-index to set a mapping
 writeback_index: elastalert_status
 index_settings:
-  shards: 2
+  shards: 1
   replicas: 0
 
 # If an alert fails for some reason, ElastAlert will retry
diff --git a/elastalert/elastalert-start.sh b/elastalert/elastalert-start.sh
index ec6991b6f..fffada6b8 100755
--- a/elastalert/elastalert-start.sh
+++ b/elastalert/elastalert-start.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/file-monitor/supervisord.conf b/file-monitor/supervisord.conf
index 236e9528a..5cef37486 100644
--- a/file-monitor/supervisord.conf
+++ b/file-monitor/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/file-upload/docker-entrypoint.sh b/file-upload/docker-entrypoint.sh
index b15497a7d..96251eeda 100755
--- a/file-upload/docker-entrypoint.sh
+++ b/file-upload/docker-entrypoint.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 if [[ -z $SITE_NAME || -z $MALCOLM_USERNAME || -z $MALCOLM_PASSWORD ]]
diff --git a/file-upload/jquery-file-upload/bootstrap.min.css b/file-upload/jquery-file-upload/bootstrap.min.css
new file mode 100644
index 000000000..523da07bf
--- /dev/null
+++ b/file-upload/jquery-file-upload/bootstrap.min.css
@@ -0,0 +1,12 @@
+/*!
+ * Bootswatch v4.4.1
+ * Homepage: https://bootswatch.com
+ * Copyright 2012-2020 Thomas Park
+ * Licensed under MIT
+ * Based on Bootstrap
+*//*!
+ * Bootstrap v4.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 The Bootstrap Authors
+ * Copyright 2011-2019 Twitter, Inc.
+ * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
+ */:root{--blue: #007bff;--indigo: #6610f2;--purple: #6f42c1;--pink: #e83e8c;--red: #ee5f5b;--orange: #fd7e14;--yellow: #f89406;--green: #62c462;--teal: #20c997;--cyan: #5bc0de;--white: #fff;--gray: #7A8288;--gray-dark: #3A3F44;--primary: #3A3F44;--secondary: #7A8288;--success: #62c462;--info: #5bc0de;--warning: #f89406;--danger: #ee5f5b;--light: #e9ecef;--dark: #272B30;--breakpoint-xs: 0;--breakpoint-sm: 576px;--breakpoint-md: 768px;--breakpoint-lg: 992px;--breakpoint-xl: 1200px;--font-family-sans-serif: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--font-family-monospace: SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace}*,*::before,*::after{-webkit-box-sizing:border-box;box-sizing:border-box}html{font-family:sans-serif;line-height:1.15;-webkit-text-size-adjust:100%;-webkit-tap-highlight-color:rgba(0,0,0,0)}article,aside,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}body{margin:0;font-family:-apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";font-size:0.9375rem;font-weight:400;line-height:1.5;color:#aaa;text-align:left;background-color:#272B30}[tabindex="-1"]:focus:not(:focus-visible){outline:0 !important}hr{-webkit-box-sizing:content-box;box-sizing:content-box;height:0;overflow:visible}h1,h2,h3,h4,h5,h6{margin-top:0;margin-bottom:0.5rem}p{margin-top:0;margin-bottom:1rem}abbr[title],abbr[data-original-title]{text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;cursor:help;border-bottom:0;text-decoration-skip-ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}ol,ul,dl{margin-top:0;margin-bottom:1rem}ol ol,ul ul,ol ul,ul ol{margin-bottom:0}dt{font-weight:700}dd{margin-bottom:.5rem;margin-left:0}blockquote{margin:0 0 1rem}b,strong{font-weight:bolder}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}a{color:#fff;text-decoration:none;background-color:transparent}a:hover{color:#d9d9d9;text-decoration:underline}a:not([href]){color:inherit;text-decoration:none}a:not([href]):hover{color:inherit;text-decoration:none}pre,code,kbd,samp{font-family:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;font-size:1em}pre{margin-top:0;margin-bottom:1rem;overflow:auto}figure{margin:0 0 1rem}img{vertical-align:middle;border-style:none}svg{overflow:hidden;vertical-align:middle}table{border-collapse:collapse}caption{padding-top:0.75rem;padding-bottom:0.75rem;color:#7A8288;text-align:left;caption-side:bottom}th{text-align:inherit}label{display:inline-block;margin-bottom:0.5rem}button{border-radius:0}button:focus{outline:1px dotted;outline:5px auto -webkit-focus-ring-color}input,button,select,optgroup,textarea{margin:0;font-family:inherit;font-size:inherit;line-height:inherit}button,input{overflow:visible}button,select{text-transform:none}select{word-wrap:normal}button,[type="button"],[type="reset"],[type="submit"]{-webkit-appearance:button}button:not(:disabled),[type="button"]:not(:disabled),[type="reset"]:not(:disabled),[type="submit"]:not(:disabled){cursor:pointer}button::-moz-focus-inner,[type="button"]::-moz-focus-inner,[type="reset"]::-moz-focus-inner,[type="submit"]::-moz-focus-inner{padding:0;border-style:none}input[type="radio"],input[type="checkbox"]{-webkit-box-sizing:border-box;box-sizing:border-box;padding:0}input[type="date"],input[type="time"],input[type="datetime-local"],input[type="month"]{-webkit-appearance:listbox}textarea{overflow:auto;resize:vertical}fieldset{min-width:0;padding:0;margin:0;border:0}legend{display:block;width:100%;max-width:100%;padding:0;margin-bottom:.5rem;font-size:1.5rem;line-height:inherit;color:inherit;white-space:normal}progress{vertical-align:baseline}[type="number"]::-webkit-inner-spin-button,[type="number"]::-webkit-outer-spin-button{height:auto}[type="search"]{outline-offset:-2px;-webkit-appearance:none}[type="search"]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}output{display:inline-block}summary{display:list-item;cursor:pointer}template{display:none}[hidden]{display:none !important}h1,h2,h3,h4,h5,h6,.h1,.h2,.h3,.h4,.h5,.h6{margin-bottom:0.5rem;font-weight:500;line-height:1.2}h1,.h1{font-size:2.34375rem}h2,.h2{font-size:1.875rem}h3,.h3{font-size:1.640625rem}h4,.h4{font-size:1.40625rem}h5,.h5{font-size:1.171875rem}h6,.h6{font-size:0.9375rem}.lead{font-size:1.171875rem;font-weight:300}.display-1{font-size:6rem;font-weight:300;line-height:1.2}.display-2{font-size:5.5rem;font-weight:300;line-height:1.2}.display-3{font-size:4.5rem;font-weight:300;line-height:1.2}.display-4{font-size:3.5rem;font-weight:300;line-height:1.2}hr{margin-top:1rem;margin-bottom:1rem;border:0;border-top:1px solid rgba(0,0,0,0.1)}small,.small{font-size:80%;font-weight:400}mark,.mark{padding:0.2em;background-color:#fcf8e3}.list-unstyled{padding-left:0;list-style:none}.list-inline{padding-left:0;list-style:none}.list-inline-item{display:inline-block}.list-inline-item:not(:last-child){margin-right:0.5rem}.initialism{font-size:90%;text-transform:uppercase}.blockquote{margin-bottom:1rem;font-size:1.171875rem}.blockquote-footer{display:block;font-size:80%;color:#7A8288}.blockquote-footer::before{content:"\2014\00A0"}.img-fluid{max-width:100%;height:auto}.img-thumbnail{padding:0.25rem;background-color:#272B30;border:1px solid #dee2e6;border-radius:0.25rem;max-width:100%;height:auto}.figure{display:inline-block}.figure-img{margin-bottom:0.5rem;line-height:1}.figure-caption{font-size:90%;color:#7A8288}code{font-size:87.5%;color:#e83e8c;word-wrap:break-word}a>code{color:inherit}kbd{padding:0.2rem 0.4rem;font-size:87.5%;color:#fff;background-color:#272B30;border-radius:0.2rem}kbd kbd{padding:0;font-size:100%;font-weight:700}pre{display:block;font-size:87.5%;color:inherit}pre code{font-size:inherit;color:inherit;word-break:normal}.pre-scrollable{max-height:340px;overflow-y:scroll}.container{width:100%;padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}@media (min-width: 576px){.container{max-width:540px}}@media (min-width: 768px){.container{max-width:720px}}@media (min-width: 992px){.container{max-width:960px}}@media (min-width: 1200px){.container{max-width:1140px}}.container-fluid,.container-sm,.container-md,.container-lg,.container-xl{width:100%;padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}@media (min-width: 576px){.container,.container-sm{max-width:540px}}@media (min-width: 768px){.container,.container-sm,.container-md{max-width:720px}}@media (min-width: 992px){.container,.container-sm,.container-md,.container-lg{max-width:960px}}@media (min-width: 1200px){.container,.container-sm,.container-md,.container-lg,.container-xl{max-width:1140px}}.row{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;margin-right:-15px;margin-left:-15px}.no-gutters{margin-right:0;margin-left:0}.no-gutters>.col,.no-gutters>[class*="col-"]{padding-right:0;padding-left:0}.col-1,.col-2,.col-3,.col-4,.col-5,.col-6,.col-7,.col-8,.col-9,.col-10,.col-11,.col-12,.col,.col-auto,.col-sm-1,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm,.col-sm-auto,.col-md-1,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-10,.col-md-11,.col-md-12,.col-md,.col-md-auto,.col-lg-1,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-5,.col-lg-6,.col-lg-7,.col-lg-8,.col-lg-9,.col-lg-10,.col-lg-11,.col-lg-12,.col-lg,.col-lg-auto,.col-xl-1,.col-xl-2,.col-xl-3,.col-xl-4,.col-xl-5,.col-xl-6,.col-xl-7,.col-xl-8,.col-xl-9,.col-xl-10,.col-xl-11,.col-xl-12,.col-xl,.col-xl-auto{position:relative;width:100%;padding-right:15px;padding-left:15px}.col{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-1>*{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-2>*{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-3>*{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.row-cols-4>*{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.row-cols-5>*{-webkit-box-flex:0;-ms-flex:0 0 20%;flex:0 0 20%;max-width:20%}.row-cols-6>*{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:100%}.col-1{-webkit-box-flex:0;-ms-flex:0 0 8.3333333333%;flex:0 0 8.3333333333%;max-width:8.3333333333%}.col-2{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-3{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-4{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.col-5{-webkit-box-flex:0;-ms-flex:0 0 41.6666666667%;flex:0 0 41.6666666667%;max-width:41.6666666667%}.col-6{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-7{-webkit-box-flex:0;-ms-flex:0 0 58.3333333333%;flex:0 0 58.3333333333%;max-width:58.3333333333%}.col-8{-webkit-box-flex:0;-ms-flex:0 0 66.6666666667%;flex:0 0 66.6666666667%;max-width:66.6666666667%}.col-9{-webkit-box-flex:0;-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-10{-webkit-box-flex:0;-ms-flex:0 0 83.3333333333%;flex:0 0 83.3333333333%;max-width:83.3333333333%}.col-11{-webkit-box-flex:0;-ms-flex:0 0 91.6666666667%;flex:0 0 91.6666666667%;max-width:91.6666666667%}.col-12{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.order-first{-webkit-box-ordinal-group:0;-ms-flex-order:-1;order:-1}.order-last{-webkit-box-ordinal-group:14;-ms-flex-order:13;order:13}.order-0{-webkit-box-ordinal-group:1;-ms-flex-order:0;order:0}.order-1{-webkit-box-ordinal-group:2;-ms-flex-order:1;order:1}.order-2{-webkit-box-ordinal-group:3;-ms-flex-order:2;order:2}.order-3{-webkit-box-ordinal-group:4;-ms-flex-order:3;order:3}.order-4{-webkit-box-ordinal-group:5;-ms-flex-order:4;order:4}.order-5{-webkit-box-ordinal-group:6;-ms-flex-order:5;order:5}.order-6{-webkit-box-ordinal-group:7;-ms-flex-order:6;order:6}.order-7{-webkit-box-ordinal-group:8;-ms-flex-order:7;order:7}.order-8{-webkit-box-ordinal-group:9;-ms-flex-order:8;order:8}.order-9{-webkit-box-ordinal-group:10;-ms-flex-order:9;order:9}.order-10{-webkit-box-ordinal-group:11;-ms-flex-order:10;order:10}.order-11{-webkit-box-ordinal-group:12;-ms-flex-order:11;order:11}.order-12{-webkit-box-ordinal-group:13;-ms-flex-order:12;order:12}.offset-1{margin-left:8.3333333333%}.offset-2{margin-left:16.6666666667%}.offset-3{margin-left:25%}.offset-4{margin-left:33.3333333333%}.offset-5{margin-left:41.6666666667%}.offset-6{margin-left:50%}.offset-7{margin-left:58.3333333333%}.offset-8{margin-left:66.6666666667%}.offset-9{margin-left:75%}.offset-10{margin-left:83.3333333333%}.offset-11{margin-left:91.6666666667%}@media (min-width: 576px){.col-sm{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-sm-1>*{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-sm-2>*{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-sm-3>*{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.row-cols-sm-4>*{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.row-cols-sm-5>*{-webkit-box-flex:0;-ms-flex:0 0 20%;flex:0 0 20%;max-width:20%}.row-cols-sm-6>*{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-sm-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:100%}.col-sm-1{-webkit-box-flex:0;-ms-flex:0 0 8.3333333333%;flex:0 0 8.3333333333%;max-width:8.3333333333%}.col-sm-2{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-sm-3{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-sm-4{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.col-sm-5{-webkit-box-flex:0;-ms-flex:0 0 41.6666666667%;flex:0 0 41.6666666667%;max-width:41.6666666667%}.col-sm-6{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-sm-7{-webkit-box-flex:0;-ms-flex:0 0 58.3333333333%;flex:0 0 58.3333333333%;max-width:58.3333333333%}.col-sm-8{-webkit-box-flex:0;-ms-flex:0 0 66.6666666667%;flex:0 0 66.6666666667%;max-width:66.6666666667%}.col-sm-9{-webkit-box-flex:0;-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-sm-10{-webkit-box-flex:0;-ms-flex:0 0 83.3333333333%;flex:0 0 83.3333333333%;max-width:83.3333333333%}.col-sm-11{-webkit-box-flex:0;-ms-flex:0 0 91.6666666667%;flex:0 0 91.6666666667%;max-width:91.6666666667%}.col-sm-12{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.order-sm-first{-webkit-box-ordinal-group:0;-ms-flex-order:-1;order:-1}.order-sm-last{-webkit-box-ordinal-group:14;-ms-flex-order:13;order:13}.order-sm-0{-webkit-box-ordinal-group:1;-ms-flex-order:0;order:0}.order-sm-1{-webkit-box-ordinal-group:2;-ms-flex-order:1;order:1}.order-sm-2{-webkit-box-ordinal-group:3;-ms-flex-order:2;order:2}.order-sm-3{-webkit-box-ordinal-group:4;-ms-flex-order:3;order:3}.order-sm-4{-webkit-box-ordinal-group:5;-ms-flex-order:4;order:4}.order-sm-5{-webkit-box-ordinal-group:6;-ms-flex-order:5;order:5}.order-sm-6{-webkit-box-ordinal-group:7;-ms-flex-order:6;order:6}.order-sm-7{-webkit-box-ordinal-group:8;-ms-flex-order:7;order:7}.order-sm-8{-webkit-box-ordinal-group:9;-ms-flex-order:8;order:8}.order-sm-9{-webkit-box-ordinal-group:10;-ms-flex-order:9;order:9}.order-sm-10{-webkit-box-ordinal-group:11;-ms-flex-order:10;order:10}.order-sm-11{-webkit-box-ordinal-group:12;-ms-flex-order:11;order:11}.order-sm-12{-webkit-box-ordinal-group:13;-ms-flex-order:12;order:12}.offset-sm-0{margin-left:0}.offset-sm-1{margin-left:8.3333333333%}.offset-sm-2{margin-left:16.6666666667%}.offset-sm-3{margin-left:25%}.offset-sm-4{margin-left:33.3333333333%}.offset-sm-5{margin-left:41.6666666667%}.offset-sm-6{margin-left:50%}.offset-sm-7{margin-left:58.3333333333%}.offset-sm-8{margin-left:66.6666666667%}.offset-sm-9{margin-left:75%}.offset-sm-10{margin-left:83.3333333333%}.offset-sm-11{margin-left:91.6666666667%}}@media (min-width: 768px){.col-md{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-md-1>*{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-md-2>*{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-md-3>*{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.row-cols-md-4>*{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.row-cols-md-5>*{-webkit-box-flex:0;-ms-flex:0 0 20%;flex:0 0 20%;max-width:20%}.row-cols-md-6>*{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-md-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:100%}.col-md-1{-webkit-box-flex:0;-ms-flex:0 0 8.3333333333%;flex:0 0 8.3333333333%;max-width:8.3333333333%}.col-md-2{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-md-3{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-md-4{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.col-md-5{-webkit-box-flex:0;-ms-flex:0 0 41.6666666667%;flex:0 0 41.6666666667%;max-width:41.6666666667%}.col-md-6{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-md-7{-webkit-box-flex:0;-ms-flex:0 0 58.3333333333%;flex:0 0 58.3333333333%;max-width:58.3333333333%}.col-md-8{-webkit-box-flex:0;-ms-flex:0 0 66.6666666667%;flex:0 0 66.6666666667%;max-width:66.6666666667%}.col-md-9{-webkit-box-flex:0;-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-md-10{-webkit-box-flex:0;-ms-flex:0 0 83.3333333333%;flex:0 0 83.3333333333%;max-width:83.3333333333%}.col-md-11{-webkit-box-flex:0;-ms-flex:0 0 91.6666666667%;flex:0 0 91.6666666667%;max-width:91.6666666667%}.col-md-12{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.order-md-first{-webkit-box-ordinal-group:0;-ms-flex-order:-1;order:-1}.order-md-last{-webkit-box-ordinal-group:14;-ms-flex-order:13;order:13}.order-md-0{-webkit-box-ordinal-group:1;-ms-flex-order:0;order:0}.order-md-1{-webkit-box-ordinal-group:2;-ms-flex-order:1;order:1}.order-md-2{-webkit-box-ordinal-group:3;-ms-flex-order:2;order:2}.order-md-3{-webkit-box-ordinal-group:4;-ms-flex-order:3;order:3}.order-md-4{-webkit-box-ordinal-group:5;-ms-flex-order:4;order:4}.order-md-5{-webkit-box-ordinal-group:6;-ms-flex-order:5;order:5}.order-md-6{-webkit-box-ordinal-group:7;-ms-flex-order:6;order:6}.order-md-7{-webkit-box-ordinal-group:8;-ms-flex-order:7;order:7}.order-md-8{-webkit-box-ordinal-group:9;-ms-flex-order:8;order:8}.order-md-9{-webkit-box-ordinal-group:10;-ms-flex-order:9;order:9}.order-md-10{-webkit-box-ordinal-group:11;-ms-flex-order:10;order:10}.order-md-11{-webkit-box-ordinal-group:12;-ms-flex-order:11;order:11}.order-md-12{-webkit-box-ordinal-group:13;-ms-flex-order:12;order:12}.offset-md-0{margin-left:0}.offset-md-1{margin-left:8.3333333333%}.offset-md-2{margin-left:16.6666666667%}.offset-md-3{margin-left:25%}.offset-md-4{margin-left:33.3333333333%}.offset-md-5{margin-left:41.6666666667%}.offset-md-6{margin-left:50%}.offset-md-7{margin-left:58.3333333333%}.offset-md-8{margin-left:66.6666666667%}.offset-md-9{margin-left:75%}.offset-md-10{margin-left:83.3333333333%}.offset-md-11{margin-left:91.6666666667%}}@media (min-width: 992px){.col-lg{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-lg-1>*{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-lg-2>*{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-lg-3>*{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.row-cols-lg-4>*{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.row-cols-lg-5>*{-webkit-box-flex:0;-ms-flex:0 0 20%;flex:0 0 20%;max-width:20%}.row-cols-lg-6>*{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-lg-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:100%}.col-lg-1{-webkit-box-flex:0;-ms-flex:0 0 8.3333333333%;flex:0 0 8.3333333333%;max-width:8.3333333333%}.col-lg-2{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-lg-3{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-lg-4{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.col-lg-5{-webkit-box-flex:0;-ms-flex:0 0 41.6666666667%;flex:0 0 41.6666666667%;max-width:41.6666666667%}.col-lg-6{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-lg-7{-webkit-box-flex:0;-ms-flex:0 0 58.3333333333%;flex:0 0 58.3333333333%;max-width:58.3333333333%}.col-lg-8{-webkit-box-flex:0;-ms-flex:0 0 66.6666666667%;flex:0 0 66.6666666667%;max-width:66.6666666667%}.col-lg-9{-webkit-box-flex:0;-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-lg-10{-webkit-box-flex:0;-ms-flex:0 0 83.3333333333%;flex:0 0 83.3333333333%;max-width:83.3333333333%}.col-lg-11{-webkit-box-flex:0;-ms-flex:0 0 91.6666666667%;flex:0 0 91.6666666667%;max-width:91.6666666667%}.col-lg-12{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.order-lg-first{-webkit-box-ordinal-group:0;-ms-flex-order:-1;order:-1}.order-lg-last{-webkit-box-ordinal-group:14;-ms-flex-order:13;order:13}.order-lg-0{-webkit-box-ordinal-group:1;-ms-flex-order:0;order:0}.order-lg-1{-webkit-box-ordinal-group:2;-ms-flex-order:1;order:1}.order-lg-2{-webkit-box-ordinal-group:3;-ms-flex-order:2;order:2}.order-lg-3{-webkit-box-ordinal-group:4;-ms-flex-order:3;order:3}.order-lg-4{-webkit-box-ordinal-group:5;-ms-flex-order:4;order:4}.order-lg-5{-webkit-box-ordinal-group:6;-ms-flex-order:5;order:5}.order-lg-6{-webkit-box-ordinal-group:7;-ms-flex-order:6;order:6}.order-lg-7{-webkit-box-ordinal-group:8;-ms-flex-order:7;order:7}.order-lg-8{-webkit-box-ordinal-group:9;-ms-flex-order:8;order:8}.order-lg-9{-webkit-box-ordinal-group:10;-ms-flex-order:9;order:9}.order-lg-10{-webkit-box-ordinal-group:11;-ms-flex-order:10;order:10}.order-lg-11{-webkit-box-ordinal-group:12;-ms-flex-order:11;order:11}.order-lg-12{-webkit-box-ordinal-group:13;-ms-flex-order:12;order:12}.offset-lg-0{margin-left:0}.offset-lg-1{margin-left:8.3333333333%}.offset-lg-2{margin-left:16.6666666667%}.offset-lg-3{margin-left:25%}.offset-lg-4{margin-left:33.3333333333%}.offset-lg-5{margin-left:41.6666666667%}.offset-lg-6{margin-left:50%}.offset-lg-7{margin-left:58.3333333333%}.offset-lg-8{margin-left:66.6666666667%}.offset-lg-9{margin-left:75%}.offset-lg-10{margin-left:83.3333333333%}.offset-lg-11{margin-left:91.6666666667%}}@media (min-width: 1200px){.col-xl{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-xl-1>*{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-xl-2>*{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-xl-3>*{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.row-cols-xl-4>*{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.row-cols-xl-5>*{-webkit-box-flex:0;-ms-flex:0 0 20%;flex:0 0 20%;max-width:20%}.row-cols-xl-6>*{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-xl-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:100%}.col-xl-1{-webkit-box-flex:0;-ms-flex:0 0 8.3333333333%;flex:0 0 8.3333333333%;max-width:8.3333333333%}.col-xl-2{-webkit-box-flex:0;-ms-flex:0 0 16.6666666667%;flex:0 0 16.6666666667%;max-width:16.6666666667%}.col-xl-3{-webkit-box-flex:0;-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-xl-4{-webkit-box-flex:0;-ms-flex:0 0 33.3333333333%;flex:0 0 33.3333333333%;max-width:33.3333333333%}.col-xl-5{-webkit-box-flex:0;-ms-flex:0 0 41.6666666667%;flex:0 0 41.6666666667%;max-width:41.6666666667%}.col-xl-6{-webkit-box-flex:0;-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-xl-7{-webkit-box-flex:0;-ms-flex:0 0 58.3333333333%;flex:0 0 58.3333333333%;max-width:58.3333333333%}.col-xl-8{-webkit-box-flex:0;-ms-flex:0 0 66.6666666667%;flex:0 0 66.6666666667%;max-width:66.6666666667%}.col-xl-9{-webkit-box-flex:0;-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-xl-10{-webkit-box-flex:0;-ms-flex:0 0 83.3333333333%;flex:0 0 83.3333333333%;max-width:83.3333333333%}.col-xl-11{-webkit-box-flex:0;-ms-flex:0 0 91.6666666667%;flex:0 0 91.6666666667%;max-width:91.6666666667%}.col-xl-12{-webkit-box-flex:0;-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.order-xl-first{-webkit-box-ordinal-group:0;-ms-flex-order:-1;order:-1}.order-xl-last{-webkit-box-ordinal-group:14;-ms-flex-order:13;order:13}.order-xl-0{-webkit-box-ordinal-group:1;-ms-flex-order:0;order:0}.order-xl-1{-webkit-box-ordinal-group:2;-ms-flex-order:1;order:1}.order-xl-2{-webkit-box-ordinal-group:3;-ms-flex-order:2;order:2}.order-xl-3{-webkit-box-ordinal-group:4;-ms-flex-order:3;order:3}.order-xl-4{-webkit-box-ordinal-group:5;-ms-flex-order:4;order:4}.order-xl-5{-webkit-box-ordinal-group:6;-ms-flex-order:5;order:5}.order-xl-6{-webkit-box-ordinal-group:7;-ms-flex-order:6;order:6}.order-xl-7{-webkit-box-ordinal-group:8;-ms-flex-order:7;order:7}.order-xl-8{-webkit-box-ordinal-group:9;-ms-flex-order:8;order:8}.order-xl-9{-webkit-box-ordinal-group:10;-ms-flex-order:9;order:9}.order-xl-10{-webkit-box-ordinal-group:11;-ms-flex-order:10;order:10}.order-xl-11{-webkit-box-ordinal-group:12;-ms-flex-order:11;order:11}.order-xl-12{-webkit-box-ordinal-group:13;-ms-flex-order:12;order:12}.offset-xl-0{margin-left:0}.offset-xl-1{margin-left:8.3333333333%}.offset-xl-2{margin-left:16.6666666667%}.offset-xl-3{margin-left:25%}.offset-xl-4{margin-left:33.3333333333%}.offset-xl-5{margin-left:41.6666666667%}.offset-xl-6{margin-left:50%}.offset-xl-7{margin-left:58.3333333333%}.offset-xl-8{margin-left:66.6666666667%}.offset-xl-9{margin-left:75%}.offset-xl-10{margin-left:83.3333333333%}.offset-xl-11{margin-left:91.6666666667%}}.table{width:100%;margin-bottom:1rem;color:#fff}.table th,.table td{padding:0.75rem;vertical-align:top;border-top:1px solid rgba(0,0,0,0.6)}.table thead th{vertical-align:bottom;border-bottom:2px solid rgba(0,0,0,0.6)}.table tbody+tbody{border-top:2px solid rgba(0,0,0,0.6)}.table-sm th,.table-sm td{padding:0.3rem}.table-bordered{border:1px solid rgba(0,0,0,0.6)}.table-bordered th,.table-bordered td{border:1px solid rgba(0,0,0,0.6)}.table-bordered thead th,.table-bordered thead td{border-bottom-width:2px}.table-borderless th,.table-borderless td,.table-borderless thead th,.table-borderless tbody+tbody{border:0}.table-striped tbody tr:nth-of-type(odd){background-color:rgba(255,255,255,0.05)}.table-hover tbody tr:hover{color:#fff;background-color:rgba(255,255,255,0.075)}.table-primary,.table-primary>th,.table-primary>td{background-color:#c8c9cb}.table-primary th,.table-primary td,.table-primary thead th,.table-primary tbody+tbody{border-color:#999b9e}.table-hover .table-primary:hover{background-color:#bbbcbf}.table-hover .table-primary:hover>td,.table-hover .table-primary:hover>th{background-color:#bbbcbf}.table-secondary,.table-secondary>th,.table-secondary>td{background-color:#dadcde}.table-secondary th,.table-secondary td,.table-secondary thead th,.table-secondary tbody+tbody{border-color:#babec1}.table-hover .table-secondary:hover{background-color:#cdcfd2}.table-hover .table-secondary:hover>td,.table-hover .table-secondary:hover>th{background-color:#cdcfd2}.table-success,.table-success>th,.table-success>td{background-color:#d3eed3}.table-success th,.table-success td,.table-success thead th,.table-success tbody+tbody{border-color:#ade0ad}.table-hover .table-success:hover{background-color:#c1e7c1}.table-hover .table-success:hover>td,.table-hover .table-success:hover>th{background-color:#c1e7c1}.table-info,.table-info>th,.table-info>td{background-color:#d1edf6}.table-info th,.table-info td,.table-info thead th,.table-info tbody+tbody{border-color:#aadeee}.table-hover .table-info:hover{background-color:#bce5f2}.table-hover .table-info:hover>td,.table-hover .table-info:hover>th{background-color:#bce5f2}.table-warning,.table-warning>th,.table-warning>td{background-color:#fde1b9}.table-warning th,.table-warning td,.table-warning thead th,.table-warning tbody+tbody{border-color:#fbc77e}.table-hover .table-warning:hover{background-color:#fcd6a0}.table-hover .table-warning:hover>td,.table-hover .table-warning:hover>th{background-color:#fcd6a0}.table-danger,.table-danger>th,.table-danger>td{background-color:#fad2d1}.table-danger th,.table-danger td,.table-danger thead th,.table-danger tbody+tbody{border-color:#f6acaa}.table-hover .table-danger:hover{background-color:#f8bcba}.table-hover .table-danger:hover>td,.table-hover .table-danger:hover>th{background-color:#f8bcba}.table-light,.table-light>th,.table-light>td{background-color:#f9fafb}.table-light th,.table-light td,.table-light thead th,.table-light tbody+tbody{border-color:#f4f5f7}.table-hover .table-light:hover{background-color:#eaedf1}.table-hover .table-light:hover>td,.table-hover .table-light:hover>th{background-color:#eaedf1}.table-dark,.table-dark>th,.table-dark>td{background-color:#c3c4c5}.table-dark th,.table-dark td,.table-dark thead th,.table-dark tbody+tbody{border-color:#8f9193}.table-hover .table-dark:hover{background-color:#b6b7b8}.table-hover .table-dark:hover>td,.table-hover .table-dark:hover>th{background-color:#b6b7b8}.table-active,.table-active>th,.table-active>td{background-color:rgba(255,255,255,0.075)}.table-hover .table-active:hover{background-color:rgba(242,242,242,0.075)}.table-hover .table-active:hover>td,.table-hover .table-active:hover>th{background-color:rgba(242,242,242,0.075)}.table .thead-dark th{color:#fff;background-color:#3A3F44;border-color:rgba(0,0,0,0.6)}.table .thead-light th{color:#52575C;background-color:#e9ecef;border-color:rgba(0,0,0,0.6)}.table-dark{color:#fff;background-color:#3A3F44}.table-dark th,.table-dark td,.table-dark thead th{border-color:rgba(0,0,0,0.6)}.table-dark.table-bordered{border:0}.table-dark.table-striped tbody tr:nth-of-type(odd){background-color:rgba(255,255,255,0.05)}.table-dark.table-hover tbody tr:hover{color:#fff;background-color:rgba(255,255,255,0.075)}@media (max-width: 575.98px){.table-responsive-sm{display:block;width:100%;overflow-x:auto;-webkit-overflow-scrolling:touch}.table-responsive-sm>.table-bordered{border:0}}@media (max-width: 767.98px){.table-responsive-md{display:block;width:100%;overflow-x:auto;-webkit-overflow-scrolling:touch}.table-responsive-md>.table-bordered{border:0}}@media (max-width: 991.98px){.table-responsive-lg{display:block;width:100%;overflow-x:auto;-webkit-overflow-scrolling:touch}.table-responsive-lg>.table-bordered{border:0}}@media (max-width: 1199.98px){.table-responsive-xl{display:block;width:100%;overflow-x:auto;-webkit-overflow-scrolling:touch}.table-responsive-xl>.table-bordered{border:0}}.table-responsive{display:block;width:100%;overflow-x:auto;-webkit-overflow-scrolling:touch}.table-responsive>.table-bordered{border:0}.form-control{display:block;width:100%;height:calc(1.5em + 1.5rem + 2px);padding:0.75rem 1rem;font-size:0.9375rem;font-weight:400;line-height:1.5;color:#52575C;background-color:#fff;background-clip:padding-box;border:1px solid #ced4da;border-radius:0.25rem;-webkit-transition:border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out}@media (prefers-reduced-motion: reduce){.form-control{-webkit-transition:none;transition:none}}.form-control::-ms-expand{background-color:transparent;border:0}.form-control:-moz-focusring{color:transparent;text-shadow:0 0 0 #52575C}.form-control:focus{color:#52575C;background-color:#fff;border-color:#757f89;outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.form-control::-webkit-input-placeholder{color:#7A8288;opacity:1}.form-control::-ms-input-placeholder{color:#7A8288;opacity:1}.form-control::placeholder{color:#7A8288;opacity:1}.form-control:disabled,.form-control[readonly]{background-color:#ccc;opacity:1}select.form-control:focus::-ms-value{color:#52575C;background-color:#fff}.form-control-file,.form-control-range{display:block;width:100%}.col-form-label{padding-top:calc(0.75rem + 1px);padding-bottom:calc(0.75rem + 1px);margin-bottom:0;font-size:inherit;line-height:1.5}.col-form-label-lg{padding-top:calc(0.5rem + 1px);padding-bottom:calc(0.5rem + 1px);font-size:1.171875rem;line-height:1.5}.col-form-label-sm{padding-top:calc(0.25rem + 1px);padding-bottom:calc(0.25rem + 1px);font-size:0.8203125rem;line-height:1.5}.form-control-plaintext{display:block;width:100%;padding:0.75rem 0;margin-bottom:0;font-size:0.9375rem;line-height:1.5;color:#aaa;background-color:transparent;border:solid transparent;border-width:1px 0}.form-control-plaintext.form-control-sm,.form-control-plaintext.form-control-lg{padding-right:0;padding-left:0}.form-control-sm{height:calc(1.5em + 0.5rem + 2px);padding:0.25rem 0.5rem;font-size:0.8203125rem;line-height:1.5;border-radius:0.2rem}.form-control-lg{height:calc(1.5em + 1rem + 2px);padding:0.5rem 1rem;font-size:1.171875rem;line-height:1.5;border-radius:0.3rem}select.form-control[size],select.form-control[multiple]{height:auto}textarea.form-control{height:auto}.form-group{margin-bottom:1rem}.form-text{display:block;margin-top:0.25rem}.form-row{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;margin-right:-5px;margin-left:-5px}.form-row>.col,.form-row>[class*="col-"]{padding-right:5px;padding-left:5px}.form-check{position:relative;display:block;padding-left:1.25rem}.form-check-input{position:absolute;margin-top:0.3rem;margin-left:-1.25rem}.form-check-input[disabled] ~ .form-check-label,.form-check-input:disabled ~ .form-check-label{color:#7A8288}.form-check-label{margin-bottom:0}.form-check-inline{display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding-left:0;margin-right:0.75rem}.form-check-inline .form-check-input{position:static;margin-top:0;margin-right:0.3125rem;margin-left:0}.valid-feedback{display:none;width:100%;margin-top:0.25rem;font-size:80%;color:#62c462}.valid-tooltip{position:absolute;top:100%;z-index:5;display:none;max-width:100%;padding:0.25rem 0.5rem;margin-top:.1rem;font-size:0.8203125rem;line-height:1.5;color:#fff;background-color:rgba(98,196,98,0.9);border-radius:0.25rem}.was-validated :valid ~ .valid-feedback,.was-validated :valid ~ .valid-tooltip,.is-valid ~ .valid-feedback,.is-valid ~ .valid-tooltip{display:block}.was-validated .form-control:valid,.form-control.is-valid{border-color:#62c462;padding-right:calc(1.5em + 1.5rem);background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath fill='%2362c462' d='M2.3 6.73L.6 4.53c-.4-1.04.46-1.4 1.1-.8l1.1 1.4 3.4-3.8c.6-.63 1.6-.27 1.2.7l-4 4.6c-.43.5-.8.4-1.1.1z'/%3e%3c/svg%3e");background-repeat:no-repeat;background-position:right calc(0.375em + 0.375rem) center;background-size:calc(0.75em + 0.75rem) calc(0.75em + 0.75rem)}.was-validated .form-control:valid:focus,.form-control.is-valid:focus{border-color:#62c462;-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25)}.was-validated textarea.form-control:valid,textarea.form-control.is-valid{padding-right:calc(1.5em + 1.5rem);background-position:top calc(0.375em + 0.375rem) right calc(0.375em + 0.375rem)}.was-validated .custom-select:valid,.custom-select.is-valid{border-color:#62c462;padding-right:calc(0.75em + 3.125rem);background:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='5' viewBox='0 0 4 5'%3e%3cpath fill='%233A3F44' d='M2 0L0 2h4zm0 5L0 3h4z'/%3e%3c/svg%3e") no-repeat right 1rem center/8px 10px,url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath fill='%2362c462' d='M2.3 6.73L.6 4.53c-.4-1.04.46-1.4 1.1-.8l1.1 1.4 3.4-3.8c.6-.63 1.6-.27 1.2.7l-4 4.6c-.43.5-.8.4-1.1.1z'/%3e%3c/svg%3e") #fff no-repeat center right 2rem/calc(0.75em + 0.75rem) calc(0.75em + 0.75rem)}.was-validated .custom-select:valid:focus,.custom-select.is-valid:focus{border-color:#62c462;-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25)}.was-validated .form-check-input:valid ~ .form-check-label,.form-check-input.is-valid ~ .form-check-label{color:#62c462}.was-validated .form-check-input:valid ~ .valid-feedback,.was-validated .form-check-input:valid ~ .valid-tooltip,.form-check-input.is-valid ~ .valid-feedback,.form-check-input.is-valid ~ .valid-tooltip{display:block}.was-validated .custom-control-input:valid ~ .custom-control-label,.custom-control-input.is-valid ~ .custom-control-label{color:#62c462}.was-validated .custom-control-input:valid ~ .custom-control-label::before,.custom-control-input.is-valid ~ .custom-control-label::before{border-color:#62c462}.was-validated .custom-control-input:valid:checked ~ .custom-control-label::before,.custom-control-input.is-valid:checked ~ .custom-control-label::before{border-color:#87d287;background-color:#87d287}.was-validated .custom-control-input:valid:focus ~ .custom-control-label::before,.custom-control-input.is-valid:focus ~ .custom-control-label::before{-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25)}.was-validated .custom-control-input:valid:focus:not(:checked) ~ .custom-control-label::before,.custom-control-input.is-valid:focus:not(:checked) ~ .custom-control-label::before{border-color:#62c462}.was-validated .custom-file-input:valid ~ .custom-file-label,.custom-file-input.is-valid ~ .custom-file-label{border-color:#62c462}.was-validated .custom-file-input:valid:focus ~ .custom-file-label,.custom-file-input.is-valid:focus ~ .custom-file-label{border-color:#62c462;-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.25)}.invalid-feedback{display:none;width:100%;margin-top:0.25rem;font-size:80%;color:#ee5f5b}.invalid-tooltip{position:absolute;top:100%;z-index:5;display:none;max-width:100%;padding:0.25rem 0.5rem;margin-top:.1rem;font-size:0.8203125rem;line-height:1.5;color:#fff;background-color:rgba(238,95,91,0.9);border-radius:0.25rem}.was-validated :invalid ~ .invalid-feedback,.was-validated :invalid ~ .invalid-tooltip,.is-invalid ~ .invalid-feedback,.is-invalid ~ .invalid-tooltip{display:block}.was-validated .form-control:invalid,.form-control.is-invalid{border-color:#ee5f5b;padding-right:calc(1.5em + 1.5rem);background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' fill='none' stroke='%23ee5f5b' viewBox='0 0 12 12'%3e%3ccircle cx='6' cy='6' r='4.5'/%3e%3cpath stroke-linejoin='round' d='M5.8 3.6h.4L6 6.5z'/%3e%3ccircle cx='6' cy='8.2' r='.6' fill='%23ee5f5b' stroke='none'/%3e%3c/svg%3e");background-repeat:no-repeat;background-position:right calc(0.375em + 0.375rem) center;background-size:calc(0.75em + 0.75rem) calc(0.75em + 0.75rem)}.was-validated .form-control:invalid:focus,.form-control.is-invalid:focus{border-color:#ee5f5b;-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25)}.was-validated textarea.form-control:invalid,textarea.form-control.is-invalid{padding-right:calc(1.5em + 1.5rem);background-position:top calc(0.375em + 0.375rem) right calc(0.375em + 0.375rem)}.was-validated .custom-select:invalid,.custom-select.is-invalid{border-color:#ee5f5b;padding-right:calc(0.75em + 3.125rem);background:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='5' viewBox='0 0 4 5'%3e%3cpath fill='%233A3F44' d='M2 0L0 2h4zm0 5L0 3h4z'/%3e%3c/svg%3e") no-repeat right 1rem center/8px 10px,url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' fill='none' stroke='%23ee5f5b' viewBox='0 0 12 12'%3e%3ccircle cx='6' cy='6' r='4.5'/%3e%3cpath stroke-linejoin='round' d='M5.8 3.6h.4L6 6.5z'/%3e%3ccircle cx='6' cy='8.2' r='.6' fill='%23ee5f5b' stroke='none'/%3e%3c/svg%3e") #fff no-repeat center right 2rem/calc(0.75em + 0.75rem) calc(0.75em + 0.75rem)}.was-validated .custom-select:invalid:focus,.custom-select.is-invalid:focus{border-color:#ee5f5b;-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25)}.was-validated .form-check-input:invalid ~ .form-check-label,.form-check-input.is-invalid ~ .form-check-label{color:#ee5f5b}.was-validated .form-check-input:invalid ~ .invalid-feedback,.was-validated .form-check-input:invalid ~ .invalid-tooltip,.form-check-input.is-invalid ~ .invalid-feedback,.form-check-input.is-invalid ~ .invalid-tooltip{display:block}.was-validated .custom-control-input:invalid ~ .custom-control-label,.custom-control-input.is-invalid ~ .custom-control-label{color:#ee5f5b}.was-validated .custom-control-input:invalid ~ .custom-control-label::before,.custom-control-input.is-invalid ~ .custom-control-label::before{border-color:#ee5f5b}.was-validated .custom-control-input:invalid:checked ~ .custom-control-label::before,.custom-control-input.is-invalid:checked ~ .custom-control-label::before{border-color:#f38c89;background-color:#f38c89}.was-validated .custom-control-input:invalid:focus ~ .custom-control-label::before,.custom-control-input.is-invalid:focus ~ .custom-control-label::before{-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25)}.was-validated .custom-control-input:invalid:focus:not(:checked) ~ .custom-control-label::before,.custom-control-input.is-invalid:focus:not(:checked) ~ .custom-control-label::before{border-color:#ee5f5b}.was-validated .custom-file-input:invalid ~ .custom-file-label,.custom-file-input.is-invalid ~ .custom-file-label{border-color:#ee5f5b}.was-validated .custom-file-input:invalid:focus ~ .custom-file-label,.custom-file-input.is-invalid:focus ~ .custom-file-label{border-color:#ee5f5b;-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.25)}.form-inline{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row wrap;flex-flow:row wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center}.form-inline .form-check{width:100%}@media (min-width: 576px){.form-inline label{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;margin-bottom:0}.form-inline .form-group{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row wrap;flex-flow:row wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center;margin-bottom:0}.form-inline .form-control{display:inline-block;width:auto;vertical-align:middle}.form-inline .form-control-plaintext{display:inline-block}.form-inline .input-group,.form-inline .custom-select{width:auto}.form-inline .form-check{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;width:auto;padding-left:0}.form-inline .form-check-input{position:relative;-ms-flex-negative:0;flex-shrink:0;margin-top:0;margin-right:0.25rem;margin-left:0}.form-inline .custom-control{-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center}.form-inline .custom-control-label{margin-bottom:0}}.btn{display:inline-block;font-weight:400;color:#aaa;text-align:center;vertical-align:middle;cursor:pointer;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;background-color:transparent;border:1px solid transparent;padding:0.75rem 1rem;font-size:0.9375rem;line-height:1.5;border-radius:0.25rem;-webkit-transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out}@media (prefers-reduced-motion: reduce){.btn{-webkit-transition:none;transition:none}}.btn:hover{color:#aaa;text-decoration:none}.btn:focus,.btn.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.btn.disabled,.btn:disabled{opacity:0.65}a.btn.disabled,fieldset:disabled a.btn{pointer-events:none}.btn-primary{color:#fff;background-color:#3A3F44;border-color:#3A3F44}.btn-primary:hover{color:#fff;background-color:#282c2f;border-color:#232628}.btn-primary:focus,.btn-primary.focus{color:#fff;background-color:#282c2f;border-color:#232628;-webkit-box-shadow:0 0 0 0.2rem rgba(88,92,96,0.5);box-shadow:0 0 0 0.2rem rgba(88,92,96,0.5)}.btn-primary.disabled,.btn-primary:disabled{color:#fff;background-color:#3A3F44;border-color:#3A3F44}.btn-primary:not(:disabled):not(.disabled):active,.btn-primary:not(:disabled):not(.disabled).active,.show>.btn-primary.dropdown-toggle{color:#fff;background-color:#232628;border-color:#1d1f22}.btn-primary:not(:disabled):not(.disabled):active:focus,.btn-primary:not(:disabled):not(.disabled).active:focus,.show>.btn-primary.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(88,92,96,0.5);box-shadow:0 0 0 0.2rem rgba(88,92,96,0.5)}.btn-secondary{color:#fff;background-color:#7A8288;border-color:#7A8288}.btn-secondary:hover{color:#fff;background-color:#686f74;border-color:#62686d}.btn-secondary:focus,.btn-secondary.focus{color:#fff;background-color:#686f74;border-color:#62686d;-webkit-box-shadow:0 0 0 0.2rem rgba(142,149,154,0.5);box-shadow:0 0 0 0.2rem rgba(142,149,154,0.5)}.btn-secondary.disabled,.btn-secondary:disabled{color:#fff;background-color:#7A8288;border-color:#7A8288}.btn-secondary:not(:disabled):not(.disabled):active,.btn-secondary:not(:disabled):not(.disabled).active,.show>.btn-secondary.dropdown-toggle{color:#fff;background-color:#62686d;border-color:#5c6267}.btn-secondary:not(:disabled):not(.disabled):active:focus,.btn-secondary:not(:disabled):not(.disabled).active:focus,.show>.btn-secondary.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(142,149,154,0.5);box-shadow:0 0 0 0.2rem rgba(142,149,154,0.5)}.btn-success{color:#fff;background-color:#62c462;border-color:#62c462}.btn-success:hover{color:#fff;background-color:#46ba46;border-color:#42b142}.btn-success:focus,.btn-success.focus{color:#fff;background-color:#46ba46;border-color:#42b142;-webkit-box-shadow:0 0 0 0.2rem rgba(122,205,122,0.5);box-shadow:0 0 0 0.2rem rgba(122,205,122,0.5)}.btn-success.disabled,.btn-success:disabled{color:#fff;background-color:#62c462;border-color:#62c462}.btn-success:not(:disabled):not(.disabled):active,.btn-success:not(:disabled):not(.disabled).active,.show>.btn-success.dropdown-toggle{color:#fff;background-color:#42b142;border-color:#3fa73f}.btn-success:not(:disabled):not(.disabled):active:focus,.btn-success:not(:disabled):not(.disabled).active:focus,.show>.btn-success.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(122,205,122,0.5);box-shadow:0 0 0 0.2rem rgba(122,205,122,0.5)}.btn-info{color:#fff;background-color:#5bc0de;border-color:#5bc0de}.btn-info:hover{color:#fff;background-color:#3bb4d8;border-color:#31b0d5}.btn-info:focus,.btn-info.focus{color:#fff;background-color:#3bb4d8;border-color:#31b0d5;-webkit-box-shadow:0 0 0 0.2rem rgba(116,201,227,0.5);box-shadow:0 0 0 0.2rem rgba(116,201,227,0.5)}.btn-info.disabled,.btn-info:disabled{color:#fff;background-color:#5bc0de;border-color:#5bc0de}.btn-info:not(:disabled):not(.disabled):active,.btn-info:not(:disabled):not(.disabled).active,.show>.btn-info.dropdown-toggle{color:#fff;background-color:#31b0d5;border-color:#2aaacf}.btn-info:not(:disabled):not(.disabled):active:focus,.btn-info:not(:disabled):not(.disabled).active:focus,.show>.btn-info.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(116,201,227,0.5);box-shadow:0 0 0 0.2rem rgba(116,201,227,0.5)}.btn-warning{color:#fff;background-color:#f89406;border-color:#f89406}.btn-warning:hover{color:#fff;background-color:#d37e05;border-color:#c67605}.btn-warning:focus,.btn-warning.focus{color:#fff;background-color:#d37e05;border-color:#c67605;-webkit-box-shadow:0 0 0 0.2rem rgba(249,164,43,0.5);box-shadow:0 0 0 0.2rem rgba(249,164,43,0.5)}.btn-warning.disabled,.btn-warning:disabled{color:#fff;background-color:#f89406;border-color:#f89406}.btn-warning:not(:disabled):not(.disabled):active,.btn-warning:not(:disabled):not(.disabled).active,.show>.btn-warning.dropdown-toggle{color:#fff;background-color:#c67605;border-color:#ba6f04}.btn-warning:not(:disabled):not(.disabled):active:focus,.btn-warning:not(:disabled):not(.disabled).active:focus,.show>.btn-warning.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(249,164,43,0.5);box-shadow:0 0 0 0.2rem rgba(249,164,43,0.5)}.btn-danger{color:#fff;background-color:#ee5f5b;border-color:#ee5f5b}.btn-danger:hover{color:#fff;background-color:#ea3d38;border-color:#e9322d}.btn-danger:focus,.btn-danger.focus{color:#fff;background-color:#ea3d38;border-color:#e9322d;-webkit-box-shadow:0 0 0 0.2rem rgba(241,119,116,0.5);box-shadow:0 0 0 0.2rem rgba(241,119,116,0.5)}.btn-danger.disabled,.btn-danger:disabled{color:#fff;background-color:#ee5f5b;border-color:#ee5f5b}.btn-danger:not(:disabled):not(.disabled):active,.btn-danger:not(:disabled):not(.disabled).active,.show>.btn-danger.dropdown-toggle{color:#fff;background-color:#e9322d;border-color:#e82721}.btn-danger:not(:disabled):not(.disabled):active:focus,.btn-danger:not(:disabled):not(.disabled).active:focus,.show>.btn-danger.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(241,119,116,0.5);box-shadow:0 0 0 0.2rem rgba(241,119,116,0.5)}.btn-light{color:#272B30;background-color:#e9ecef;border-color:#e9ecef}.btn-light:hover{color:#272B30;background-color:#d3d9df;border-color:#cbd3da}.btn-light:focus,.btn-light.focus{color:#272B30;background-color:#d3d9df;border-color:#cbd3da;-webkit-box-shadow:0 0 0 0.2rem rgba(204,207,210,0.5);box-shadow:0 0 0 0.2rem rgba(204,207,210,0.5)}.btn-light.disabled,.btn-light:disabled{color:#272B30;background-color:#e9ecef;border-color:#e9ecef}.btn-light:not(:disabled):not(.disabled):active,.btn-light:not(:disabled):not(.disabled).active,.show>.btn-light.dropdown-toggle{color:#272B30;background-color:#cbd3da;border-color:#c4ccd4}.btn-light:not(:disabled):not(.disabled):active:focus,.btn-light:not(:disabled):not(.disabled).active:focus,.show>.btn-light.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(204,207,210,0.5);box-shadow:0 0 0 0.2rem rgba(204,207,210,0.5)}.btn-dark{color:#fff;background-color:#272B30;border-color:#272B30}.btn-dark:hover{color:#fff;background-color:#16181b;border-color:#101214}.btn-dark:focus,.btn-dark.focus{color:#fff;background-color:#16181b;border-color:#101214;-webkit-box-shadow:0 0 0 0.2rem rgba(71,75,79,0.5);box-shadow:0 0 0 0.2rem rgba(71,75,79,0.5)}.btn-dark.disabled,.btn-dark:disabled{color:#fff;background-color:#272B30;border-color:#272B30}.btn-dark:not(:disabled):not(.disabled):active,.btn-dark:not(:disabled):not(.disabled).active,.show>.btn-dark.dropdown-toggle{color:#fff;background-color:#101214;border-color:#0a0b0d}.btn-dark:not(:disabled):not(.disabled):active:focus,.btn-dark:not(:disabled):not(.disabled).active:focus,.show>.btn-dark.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(71,75,79,0.5);box-shadow:0 0 0 0.2rem rgba(71,75,79,0.5)}.btn-outline-primary{color:#3A3F44;border-color:#3A3F44}.btn-outline-primary:hover{color:#fff;background-color:#3A3F44;border-color:#3A3F44}.btn-outline-primary:focus,.btn-outline-primary.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5)}.btn-outline-primary.disabled,.btn-outline-primary:disabled{color:#3A3F44;background-color:transparent}.btn-outline-primary:not(:disabled):not(.disabled):active,.btn-outline-primary:not(:disabled):not(.disabled).active,.show>.btn-outline-primary.dropdown-toggle{color:#fff;background-color:#3A3F44;border-color:#3A3F44}.btn-outline-primary:not(:disabled):not(.disabled):active:focus,.btn-outline-primary:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-primary.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5)}.btn-outline-secondary{color:#7A8288;border-color:#7A8288}.btn-outline-secondary:hover{color:#fff;background-color:#7A8288;border-color:#7A8288}.btn-outline-secondary:focus,.btn-outline-secondary.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5);box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5)}.btn-outline-secondary.disabled,.btn-outline-secondary:disabled{color:#7A8288;background-color:transparent}.btn-outline-secondary:not(:disabled):not(.disabled):active,.btn-outline-secondary:not(:disabled):not(.disabled).active,.show>.btn-outline-secondary.dropdown-toggle{color:#fff;background-color:#7A8288;border-color:#7A8288}.btn-outline-secondary:not(:disabled):not(.disabled):active:focus,.btn-outline-secondary:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-secondary.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5);box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5)}.btn-outline-success{color:#62c462;border-color:#62c462}.btn-outline-success:hover{color:#fff;background-color:#62c462;border-color:#62c462}.btn-outline-success:focus,.btn-outline-success.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5)}.btn-outline-success.disabled,.btn-outline-success:disabled{color:#62c462;background-color:transparent}.btn-outline-success:not(:disabled):not(.disabled):active,.btn-outline-success:not(:disabled):not(.disabled).active,.show>.btn-outline-success.dropdown-toggle{color:#fff;background-color:#62c462;border-color:#62c462}.btn-outline-success:not(:disabled):not(.disabled):active:focus,.btn-outline-success:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-success.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5)}.btn-outline-info{color:#5bc0de;border-color:#5bc0de}.btn-outline-info:hover{color:#fff;background-color:#5bc0de;border-color:#5bc0de}.btn-outline-info:focus,.btn-outline-info.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5);box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5)}.btn-outline-info.disabled,.btn-outline-info:disabled{color:#5bc0de;background-color:transparent}.btn-outline-info:not(:disabled):not(.disabled):active,.btn-outline-info:not(:disabled):not(.disabled).active,.show>.btn-outline-info.dropdown-toggle{color:#fff;background-color:#5bc0de;border-color:#5bc0de}.btn-outline-info:not(:disabled):not(.disabled):active:focus,.btn-outline-info:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-info.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5);box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5)}.btn-outline-warning{color:#f89406;border-color:#f89406}.btn-outline-warning:hover{color:#fff;background-color:#f89406;border-color:#f89406}.btn-outline-warning:focus,.btn-outline-warning.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5);box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5)}.btn-outline-warning.disabled,.btn-outline-warning:disabled{color:#f89406;background-color:transparent}.btn-outline-warning:not(:disabled):not(.disabled):active,.btn-outline-warning:not(:disabled):not(.disabled).active,.show>.btn-outline-warning.dropdown-toggle{color:#fff;background-color:#f89406;border-color:#f89406}.btn-outline-warning:not(:disabled):not(.disabled):active:focus,.btn-outline-warning:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-warning.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5);box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5)}.btn-outline-danger{color:#ee5f5b;border-color:#ee5f5b}.btn-outline-danger:hover{color:#fff;background-color:#ee5f5b;border-color:#ee5f5b}.btn-outline-danger:focus,.btn-outline-danger.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5)}.btn-outline-danger.disabled,.btn-outline-danger:disabled{color:#ee5f5b;background-color:transparent}.btn-outline-danger:not(:disabled):not(.disabled):active,.btn-outline-danger:not(:disabled):not(.disabled).active,.show>.btn-outline-danger.dropdown-toggle{color:#fff;background-color:#ee5f5b;border-color:#ee5f5b}.btn-outline-danger:not(:disabled):not(.disabled):active:focus,.btn-outline-danger:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-danger.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5)}.btn-outline-light{color:#e9ecef;border-color:#e9ecef}.btn-outline-light:hover{color:#272B30;background-color:#e9ecef;border-color:#e9ecef}.btn-outline-light:focus,.btn-outline-light.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5);box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5)}.btn-outline-light.disabled,.btn-outline-light:disabled{color:#e9ecef;background-color:transparent}.btn-outline-light:not(:disabled):not(.disabled):active,.btn-outline-light:not(:disabled):not(.disabled).active,.show>.btn-outline-light.dropdown-toggle{color:#272B30;background-color:#e9ecef;border-color:#e9ecef}.btn-outline-light:not(:disabled):not(.disabled):active:focus,.btn-outline-light:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-light.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5);box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5)}.btn-outline-dark{color:#272B30;border-color:#272B30}.btn-outline-dark:hover{color:#fff;background-color:#272B30;border-color:#272B30}.btn-outline-dark:focus,.btn-outline-dark.focus{-webkit-box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5);box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5)}.btn-outline-dark.disabled,.btn-outline-dark:disabled{color:#272B30;background-color:transparent}.btn-outline-dark:not(:disabled):not(.disabled):active,.btn-outline-dark:not(:disabled):not(.disabled).active,.show>.btn-outline-dark.dropdown-toggle{color:#fff;background-color:#272B30;border-color:#272B30}.btn-outline-dark:not(:disabled):not(.disabled):active:focus,.btn-outline-dark:not(:disabled):not(.disabled).active:focus,.show>.btn-outline-dark.dropdown-toggle:focus{-webkit-box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5);box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5)}.btn-link{font-weight:400;color:#fff;text-decoration:none}.btn-link:hover{color:#d9d9d9;text-decoration:underline}.btn-link:focus,.btn-link.focus{text-decoration:underline;-webkit-box-shadow:none;box-shadow:none}.btn-link:disabled,.btn-link.disabled{color:#7A8288;pointer-events:none}.btn-lg,.btn-group-lg>.btn{padding:0.5rem 1rem;font-size:1.171875rem;line-height:1.5;border-radius:0.3rem}.btn-sm,.btn-group-sm>.btn{padding:0.25rem 0.5rem;font-size:0.8203125rem;line-height:1.5;border-radius:0.2rem}.btn-block{display:block;width:100%}.btn-block+.btn-block{margin-top:0.5rem}input[type="submit"].btn-block,input[type="reset"].btn-block,input[type="button"].btn-block{width:100%}.fade{-webkit-transition:opacity 0.15s linear;transition:opacity 0.15s linear}@media (prefers-reduced-motion: reduce){.fade{-webkit-transition:none;transition:none}}.fade:not(.show){opacity:0}.collapse:not(.show){display:none}.collapsing{position:relative;height:0;overflow:hidden;-webkit-transition:height 0.35s ease;transition:height 0.35s ease}@media (prefers-reduced-motion: reduce){.collapsing{-webkit-transition:none;transition:none}}.dropup,.dropright,.dropdown,.dropleft{position:relative}.dropdown-toggle{white-space:nowrap}.dropdown-toggle::after{display:inline-block;margin-left:0.255em;vertical-align:0.255em;content:"";border-top:0.3em solid;border-right:0.3em solid transparent;border-bottom:0;border-left:0.3em solid transparent}.dropdown-toggle:empty::after{margin-left:0}.dropdown-menu{position:absolute;top:100%;left:0;z-index:1000;display:none;float:left;min-width:10rem;padding:0.5rem 0;margin:0.125rem 0 0;font-size:0.9375rem;color:#aaa;text-align:left;list-style:none;background-color:#3A3F44;background-clip:padding-box;border:1px solid rgba(0,0,0,0.6);border-radius:0.25rem}.dropdown-menu-left{right:auto;left:0}.dropdown-menu-right{right:0;left:auto}@media (min-width: 576px){.dropdown-menu-sm-left{right:auto;left:0}.dropdown-menu-sm-right{right:0;left:auto}}@media (min-width: 768px){.dropdown-menu-md-left{right:auto;left:0}.dropdown-menu-md-right{right:0;left:auto}}@media (min-width: 992px){.dropdown-menu-lg-left{right:auto;left:0}.dropdown-menu-lg-right{right:0;left:auto}}@media (min-width: 1200px){.dropdown-menu-xl-left{right:auto;left:0}.dropdown-menu-xl-right{right:0;left:auto}}.dropup .dropdown-menu{top:auto;bottom:100%;margin-top:0;margin-bottom:0.125rem}.dropup .dropdown-toggle::after{display:inline-block;margin-left:0.255em;vertical-align:0.255em;content:"";border-top:0;border-right:0.3em solid transparent;border-bottom:0.3em solid;border-left:0.3em solid transparent}.dropup .dropdown-toggle:empty::after{margin-left:0}.dropright .dropdown-menu{top:0;right:auto;left:100%;margin-top:0;margin-left:0.125rem}.dropright .dropdown-toggle::after{display:inline-block;margin-left:0.255em;vertical-align:0.255em;content:"";border-top:0.3em solid transparent;border-right:0;border-bottom:0.3em solid transparent;border-left:0.3em solid}.dropright .dropdown-toggle:empty::after{margin-left:0}.dropright .dropdown-toggle::after{vertical-align:0}.dropleft .dropdown-menu{top:0;right:100%;left:auto;margin-top:0;margin-right:0.125rem}.dropleft .dropdown-toggle::after{display:inline-block;margin-left:0.255em;vertical-align:0.255em;content:""}.dropleft .dropdown-toggle::after{display:none}.dropleft .dropdown-toggle::before{display:inline-block;margin-right:0.255em;vertical-align:0.255em;content:"";border-top:0.3em solid transparent;border-right:0.3em solid;border-bottom:0.3em solid transparent}.dropleft .dropdown-toggle:empty::after{margin-left:0}.dropleft .dropdown-toggle::before{vertical-align:0}.dropdown-menu[x-placement^="top"],.dropdown-menu[x-placement^="right"],.dropdown-menu[x-placement^="bottom"],.dropdown-menu[x-placement^="left"]{right:auto;bottom:auto}.dropdown-divider{height:0;margin:0.5rem 0;overflow:hidden;border-top:1px solid rgba(0,0,0,0.15)}.dropdown-item{display:block;width:100%;padding:0.25rem 1.5rem;clear:both;font-weight:400;color:#aaa;text-align:inherit;white-space:nowrap;background-color:transparent;border:0}.dropdown-item:hover,.dropdown-item:focus{color:#fff;text-decoration:none;background-color:#272B30}.dropdown-item.active,.dropdown-item:active{color:#fff;text-decoration:none;background-color:#3A3F44}.dropdown-item.disabled,.dropdown-item:disabled{color:#7A8288;pointer-events:none;background-color:transparent}.dropdown-menu.show{display:block}.dropdown-header{display:block;padding:0.5rem 1.5rem;margin-bottom:0;font-size:0.8203125rem;color:#7A8288;white-space:nowrap}.dropdown-item-text{display:block;padding:0.25rem 1.5rem;color:#aaa}.btn-group,.btn-group-vertical{position:relative;display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;vertical-align:middle}.btn-group>.btn,.btn-group-vertical>.btn{position:relative;-webkit-box-flex:1;-ms-flex:1 1 auto;flex:1 1 auto}.btn-group>.btn:hover,.btn-group-vertical>.btn:hover{z-index:1}.btn-group>.btn:focus,.btn-group>.btn:active,.btn-group>.btn.active,.btn-group-vertical>.btn:focus,.btn-group-vertical>.btn:active,.btn-group-vertical>.btn.active{z-index:1}.btn-toolbar{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.btn-toolbar .input-group{width:auto}.btn-group>.btn:not(:first-child),.btn-group>.btn-group:not(:first-child){margin-left:-1px}.btn-group>.btn:not(:last-child):not(.dropdown-toggle),.btn-group>.btn-group:not(:last-child)>.btn{border-top-right-radius:0;border-bottom-right-radius:0}.btn-group>.btn:not(:first-child),.btn-group>.btn-group:not(:first-child)>.btn{border-top-left-radius:0;border-bottom-left-radius:0}.dropdown-toggle-split{padding-right:0.75rem;padding-left:0.75rem}.dropdown-toggle-split::after,.dropup .dropdown-toggle-split::after,.dropright .dropdown-toggle-split::after{margin-left:0}.dropleft .dropdown-toggle-split::before{margin-right:0}.btn-sm+.dropdown-toggle-split,.btn-group-sm>.btn+.dropdown-toggle-split{padding-right:0.375rem;padding-left:0.375rem}.btn-lg+.dropdown-toggle-split,.btn-group-lg>.btn+.dropdown-toggle-split{padding-right:0.75rem;padding-left:0.75rem}.btn-group-vertical{-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;-webkit-box-align:start;-ms-flex-align:start;align-items:flex-start;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center}.btn-group-vertical>.btn,.btn-group-vertical>.btn-group{width:100%}.btn-group-vertical>.btn:not(:first-child),.btn-group-vertical>.btn-group:not(:first-child){margin-top:-1px}.btn-group-vertical>.btn:not(:last-child):not(.dropdown-toggle),.btn-group-vertical>.btn-group:not(:last-child)>.btn{border-bottom-right-radius:0;border-bottom-left-radius:0}.btn-group-vertical>.btn:not(:first-child),.btn-group-vertical>.btn-group:not(:first-child)>.btn{border-top-left-radius:0;border-top-right-radius:0}.btn-group-toggle>.btn,.btn-group-toggle>.btn-group>.btn{margin-bottom:0}.btn-group-toggle>.btn input[type="radio"],.btn-group-toggle>.btn input[type="checkbox"],.btn-group-toggle>.btn-group>.btn input[type="radio"],.btn-group-toggle>.btn-group>.btn input[type="checkbox"]{position:absolute;clip:rect(0, 0, 0, 0);pointer-events:none}.input-group{position:relative;display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;width:100%}.input-group>.form-control,.input-group>.form-control-plaintext,.input-group>.custom-select,.input-group>.custom-file{position:relative;-webkit-box-flex:1;-ms-flex:1 1 0%;flex:1 1 0%;min-width:0;margin-bottom:0}.input-group>.form-control+.form-control,.input-group>.form-control+.custom-select,.input-group>.form-control+.custom-file,.input-group>.form-control-plaintext+.form-control,.input-group>.form-control-plaintext+.custom-select,.input-group>.form-control-plaintext+.custom-file,.input-group>.custom-select+.form-control,.input-group>.custom-select+.custom-select,.input-group>.custom-select+.custom-file,.input-group>.custom-file+.form-control,.input-group>.custom-file+.custom-select,.input-group>.custom-file+.custom-file{margin-left:-1px}.input-group>.form-control:focus,.input-group>.custom-select:focus,.input-group>.custom-file .custom-file-input:focus ~ .custom-file-label{z-index:3}.input-group>.custom-file .custom-file-input:focus{z-index:4}.input-group>.form-control:not(:last-child),.input-group>.custom-select:not(:last-child){border-top-right-radius:0;border-bottom-right-radius:0}.input-group>.form-control:not(:first-child),.input-group>.custom-select:not(:first-child){border-top-left-radius:0;border-bottom-left-radius:0}.input-group>.custom-file{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center}.input-group>.custom-file:not(:last-child) .custom-file-label,.input-group>.custom-file:not(:last-child) .custom-file-label::after{border-top-right-radius:0;border-bottom-right-radius:0}.input-group>.custom-file:not(:first-child) .custom-file-label{border-top-left-radius:0;border-bottom-left-radius:0}.input-group-prepend,.input-group-append{display:-webkit-box;display:-ms-flexbox;display:flex}.input-group-prepend .btn,.input-group-append .btn{position:relative;z-index:2}.input-group-prepend .btn:focus,.input-group-append .btn:focus{z-index:3}.input-group-prepend .btn+.btn,.input-group-prepend .btn+.input-group-text,.input-group-prepend .input-group-text+.input-group-text,.input-group-prepend .input-group-text+.btn,.input-group-append .btn+.btn,.input-group-append .btn+.input-group-text,.input-group-append .input-group-text+.input-group-text,.input-group-append .input-group-text+.btn{margin-left:-1px}.input-group-prepend{margin-right:-1px}.input-group-append{margin-left:-1px}.input-group-text{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding:0.75rem 1rem;margin-bottom:0;font-size:0.9375rem;font-weight:400;line-height:1.5;color:#52575C;text-align:center;white-space:nowrap;background-color:#e9ecef;border:1px solid #ced4da;border-radius:0.25rem}.input-group-text input[type="radio"],.input-group-text input[type="checkbox"]{margin-top:0}.input-group-lg>.form-control:not(textarea),.input-group-lg>.custom-select{height:calc(1.5em + 1rem + 2px)}.input-group-lg>.form-control,.input-group-lg>.custom-select,.input-group-lg>.input-group-prepend>.input-group-text,.input-group-lg>.input-group-append>.input-group-text,.input-group-lg>.input-group-prepend>.btn,.input-group-lg>.input-group-append>.btn{padding:0.5rem 1rem;font-size:1.171875rem;line-height:1.5;border-radius:0.3rem}.input-group-sm>.form-control:not(textarea),.input-group-sm>.custom-select{height:calc(1.5em + 0.5rem + 2px)}.input-group-sm>.form-control,.input-group-sm>.custom-select,.input-group-sm>.input-group-prepend>.input-group-text,.input-group-sm>.input-group-append>.input-group-text,.input-group-sm>.input-group-prepend>.btn,.input-group-sm>.input-group-append>.btn{padding:0.25rem 0.5rem;font-size:0.8203125rem;line-height:1.5;border-radius:0.2rem}.input-group-lg>.custom-select,.input-group-sm>.custom-select{padding-right:2rem}.input-group>.input-group-prepend>.btn,.input-group>.input-group-prepend>.input-group-text,.input-group>.input-group-append:not(:last-child)>.btn,.input-group>.input-group-append:not(:last-child)>.input-group-text,.input-group>.input-group-append:last-child>.btn:not(:last-child):not(.dropdown-toggle),.input-group>.input-group-append:last-child>.input-group-text:not(:last-child){border-top-right-radius:0;border-bottom-right-radius:0}.input-group>.input-group-append>.btn,.input-group>.input-group-append>.input-group-text,.input-group>.input-group-prepend:not(:first-child)>.btn,.input-group>.input-group-prepend:not(:first-child)>.input-group-text,.input-group>.input-group-prepend:first-child>.btn:not(:first-child),.input-group>.input-group-prepend:first-child>.input-group-text:not(:first-child){border-top-left-radius:0;border-bottom-left-radius:0}.custom-control{position:relative;display:block;min-height:1.40625rem;padding-left:1.5rem}.custom-control-inline{display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;margin-right:1rem}.custom-control-input{position:absolute;left:0;z-index:-1;width:1rem;height:1.203125rem;opacity:0}.custom-control-input:checked ~ .custom-control-label::before{color:#fff;border-color:#3A3F44;background-color:#3A3F44}.custom-control-input:focus ~ .custom-control-label::before{-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-control-input:focus:not(:checked) ~ .custom-control-label::before{border-color:#757f89}.custom-control-input:not(:disabled):active ~ .custom-control-label::before{color:#fff;background-color:#9098a0;border-color:#9098a0}.custom-control-input[disabled] ~ .custom-control-label,.custom-control-input:disabled ~ .custom-control-label{color:#7A8288}.custom-control-input[disabled] ~ .custom-control-label::before,.custom-control-input:disabled ~ .custom-control-label::before{background-color:#ccc}.custom-control-label{position:relative;margin-bottom:0;vertical-align:top}.custom-control-label::before{position:absolute;top:0.203125rem;left:-1.5rem;display:block;width:1rem;height:1rem;pointer-events:none;content:"";background-color:#fff;border:#999 solid 1px}.custom-control-label::after{position:absolute;top:0.203125rem;left:-1.5rem;display:block;width:1rem;height:1rem;content:"";background:no-repeat 50% / 50% 50%}.custom-checkbox .custom-control-label::before{border-radius:0.25rem}.custom-checkbox .custom-control-input:checked ~ .custom-control-label::after{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath fill='%23fff' d='M6.564.75l-3.59 3.612-1.538-1.55L0 4.26l2.974 2.99L8 2.193z'/%3e%3c/svg%3e")}.custom-checkbox .custom-control-input:indeterminate ~ .custom-control-label::before{border-color:#3A3F44;background-color:#3A3F44}.custom-checkbox .custom-control-input:indeterminate ~ .custom-control-label::after{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='4' viewBox='0 0 4 4'%3e%3cpath stroke='%23fff' d='M0 2h4'/%3e%3c/svg%3e")}.custom-checkbox .custom-control-input:disabled:checked ~ .custom-control-label::before{background-color:rgba(58,63,68,0.5)}.custom-checkbox .custom-control-input:disabled:indeterminate ~ .custom-control-label::before{background-color:rgba(58,63,68,0.5)}.custom-radio .custom-control-label::before{border-radius:50%}.custom-radio .custom-control-input:checked ~ .custom-control-label::after{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='-4 -4 8 8'%3e%3ccircle r='3' fill='%23fff'/%3e%3c/svg%3e")}.custom-radio .custom-control-input:disabled:checked ~ .custom-control-label::before{background-color:rgba(58,63,68,0.5)}.custom-switch{padding-left:2.25rem}.custom-switch .custom-control-label::before{left:-2.25rem;width:1.75rem;pointer-events:all;border-radius:0.5rem}.custom-switch .custom-control-label::after{top:calc(0.203125rem + 2px);left:calc(-2.25rem + 2px);width:calc(1rem - 4px);height:calc(1rem - 4px);background-color:#999;border-radius:0.5rem;-webkit-transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-transform 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-transform 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:transform 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:transform 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-transform 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out}@media (prefers-reduced-motion: reduce){.custom-switch .custom-control-label::after{-webkit-transition:none;transition:none}}.custom-switch .custom-control-input:checked ~ .custom-control-label::after{background-color:#fff;-webkit-transform:translateX(0.75rem);transform:translateX(0.75rem)}.custom-switch .custom-control-input:disabled:checked ~ .custom-control-label::before{background-color:rgba(58,63,68,0.5)}.custom-select{display:inline-block;width:100%;height:calc(1.5em + 1.5rem + 2px);padding:0.75rem 2rem 0.75rem 1rem;font-size:0.9375rem;font-weight:400;line-height:1.5;color:#52575C;vertical-align:middle;background:#fff url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='5' viewBox='0 0 4 5'%3e%3cpath fill='%233A3F44' d='M2 0L0 2h4zm0 5L0 3h4z'/%3e%3c/svg%3e") no-repeat right 1rem center/8px 10px;border:1px solid #ced4da;border-radius:0.25rem;-webkit-appearance:none;-moz-appearance:none;appearance:none}.custom-select:focus{border-color:#757f89;outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-select:focus::-ms-value{color:#52575C;background-color:#fff}.custom-select[multiple],.custom-select[size]:not([size="1"]){height:auto;padding-right:1rem;background-image:none}.custom-select:disabled{color:#7A8288;background-color:#e9ecef}.custom-select::-ms-expand{display:none}.custom-select:-moz-focusring{color:transparent;text-shadow:0 0 0 #52575C}.custom-select-sm{height:calc(1.5em + 0.5rem + 2px);padding-top:0.25rem;padding-bottom:0.25rem;padding-left:0.5rem;font-size:0.8203125rem}.custom-select-lg{height:calc(1.5em + 1rem + 2px);padding-top:0.5rem;padding-bottom:0.5rem;padding-left:1rem;font-size:1.171875rem}.custom-file{position:relative;display:inline-block;width:100%;height:calc(1.5em + 1.5rem + 2px);margin-bottom:0}.custom-file-input{position:relative;z-index:2;width:100%;height:calc(1.5em + 1.5rem + 2px);margin:0;opacity:0}.custom-file-input:focus ~ .custom-file-label{border-color:#757f89;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-file-input[disabled] ~ .custom-file-label,.custom-file-input:disabled ~ .custom-file-label{background-color:#ccc}.custom-file-input:lang(en) ~ .custom-file-label::after{content:"Browse"}.custom-file-input ~ .custom-file-label[data-browse]::after{content:attr(data-browse)}.custom-file-label{position:absolute;top:0;right:0;left:0;z-index:1;height:calc(1.5em + 1.5rem + 2px);padding:0.75rem 1rem;font-weight:400;line-height:1.5;color:#52575C;background-color:#fff;border:1px solid #ced4da;border-radius:0.25rem}.custom-file-label::after{position:absolute;top:0;right:0;bottom:0;z-index:3;display:block;height:calc(1.5em + 1.5rem);padding:0.75rem 1rem;line-height:1.5;color:#52575C;content:"Browse";background-color:#e9ecef;border-left:inherit;border-radius:0 0.25rem 0.25rem 0}.custom-range{width:100%;height:1.4rem;padding:0;background-color:transparent;-webkit-appearance:none;-moz-appearance:none;appearance:none}.custom-range:focus{outline:none}.custom-range:focus::-webkit-slider-thumb{-webkit-box-shadow:0 0 0 1px #272B30,0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 1px #272B30,0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-range:focus::-moz-range-thumb{box-shadow:0 0 0 1px #272B30,0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-range:focus::-ms-thumb{box-shadow:0 0 0 1px #272B30,0 0 0 0.2rem rgba(58,63,68,0.25)}.custom-range::-moz-focus-outer{border:0}.custom-range::-webkit-slider-thumb{width:1rem;height:1rem;margin-top:-0.25rem;background-color:#3A3F44;border:0;border-radius:1rem;-webkit-transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;-webkit-appearance:none;appearance:none}@media (prefers-reduced-motion: reduce){.custom-range::-webkit-slider-thumb{-webkit-transition:none;transition:none}}.custom-range::-webkit-slider-thumb:active{background-color:#9098a0}.custom-range::-webkit-slider-runnable-track{width:100%;height:0.5rem;color:transparent;cursor:pointer;background-color:#dee2e6;border-color:transparent;border-radius:1rem}.custom-range::-moz-range-thumb{width:1rem;height:1rem;background-color:#3A3F44;border:0;border-radius:1rem;-webkit-transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;-moz-appearance:none;appearance:none}@media (prefers-reduced-motion: reduce){.custom-range::-moz-range-thumb{-webkit-transition:none;transition:none}}.custom-range::-moz-range-thumb:active{background-color:#9098a0}.custom-range::-moz-range-track{width:100%;height:0.5rem;color:transparent;cursor:pointer;background-color:#dee2e6;border-color:transparent;border-radius:1rem}.custom-range::-ms-thumb{width:1rem;height:1rem;margin-top:0;margin-right:0.2rem;margin-left:0.2rem;background-color:#3A3F44;border:0;border-radius:1rem;-webkit-transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;appearance:none}@media (prefers-reduced-motion: reduce){.custom-range::-ms-thumb{-webkit-transition:none;transition:none}}.custom-range::-ms-thumb:active{background-color:#9098a0}.custom-range::-ms-track{width:100%;height:0.5rem;color:transparent;cursor:pointer;background-color:transparent;border-color:transparent;border-width:0.5rem}.custom-range::-ms-fill-lower{background-color:#dee2e6;border-radius:1rem}.custom-range::-ms-fill-upper{margin-right:15px;background-color:#dee2e6;border-radius:1rem}.custom-range:disabled::-webkit-slider-thumb{background-color:#999}.custom-range:disabled::-webkit-slider-runnable-track{cursor:default}.custom-range:disabled::-moz-range-thumb{background-color:#999}.custom-range:disabled::-moz-range-track{cursor:default}.custom-range:disabled::-ms-thumb{background-color:#999}.custom-control-label::before,.custom-file-label,.custom-select{-webkit-transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out}@media (prefers-reduced-motion: reduce){.custom-control-label::before,.custom-file-label,.custom-select{-webkit-transition:none;transition:none}}.nav{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;padding-left:0;margin-bottom:0;list-style:none}.nav-link{display:block;padding:0.5rem 1rem}.nav-link:hover,.nav-link:focus{text-decoration:none}.nav-link.disabled{color:#7A8288;pointer-events:none;cursor:default}.nav-tabs{border-bottom:1px solid rgba(0,0,0,0.6)}.nav-tabs .nav-item{margin-bottom:-1px}.nav-tabs .nav-link{border:1px solid transparent;border-top-left-radius:0.25rem;border-top-right-radius:0.25rem}.nav-tabs .nav-link:hover,.nav-tabs .nav-link:focus{border-color:rgba(0,0,0,0.6)}.nav-tabs .nav-link.disabled{color:#7A8288;background-color:transparent;border-color:transparent}.nav-tabs .nav-link.active,.nav-tabs .nav-item.show .nav-link{color:#fff;background-color:#272B30;border-color:rgba(0,0,0,0.6)}.nav-tabs .dropdown-menu{margin-top:-1px;border-top-left-radius:0;border-top-right-radius:0}.nav-pills .nav-link{border-radius:0.25rem}.nav-pills .nav-link.active,.nav-pills .show>.nav-link{color:#fff;background-color:#3A3F44}.nav-fill .nav-item{-webkit-box-flex:1;-ms-flex:1 1 auto;flex:1 1 auto;text-align:center}.nav-justified .nav-item{-ms-flex-preferred-size:0;flex-basis:0;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;text-align:center}.tab-content>.tab-pane{display:none}.tab-content>.active{display:block}.navbar{position:relative;display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between;padding:0 1rem}.navbar .container,.navbar .container-fluid,.navbar .container-sm,.navbar .container-md,.navbar .container-lg,.navbar .container-xl{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between}.navbar-brand{display:inline-block;padding-top:0.32421875rem;padding-bottom:0.32421875rem;margin-right:1rem;font-size:1.171875rem;line-height:inherit;white-space:nowrap}.navbar-brand:hover,.navbar-brand:focus{text-decoration:none}.navbar-nav{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;padding-left:0;margin-bottom:0;list-style:none}.navbar-nav .nav-link{padding-right:0;padding-left:0}.navbar-nav .dropdown-menu{position:static;float:none}.navbar-text{display:inline-block;padding-top:0.5rem;padding-bottom:0.5rem}.navbar-collapse{-ms-flex-preferred-size:100%;flex-basis:100%;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;-webkit-box-align:center;-ms-flex-align:center;align-items:center}.navbar-toggler{padding:0.25rem 0.75rem;font-size:1.171875rem;line-height:1;background-color:transparent;border:1px solid transparent;border-radius:0.25rem}.navbar-toggler:hover,.navbar-toggler:focus{text-decoration:none}.navbar-toggler-icon{display:inline-block;width:1.5em;height:1.5em;vertical-align:middle;content:"";background:no-repeat center center;background-size:100% 100%}@media (max-width: 575.98px){.navbar-expand-sm>.container,.navbar-expand-sm>.container-fluid,.navbar-expand-sm>.container-sm,.navbar-expand-sm>.container-md,.navbar-expand-sm>.container-lg,.navbar-expand-sm>.container-xl{padding-right:0;padding-left:0}}@media (min-width: 576px){.navbar-expand-sm{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.navbar-expand-sm .navbar-nav{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.navbar-expand-sm .navbar-nav .dropdown-menu{position:absolute}.navbar-expand-sm .navbar-nav .nav-link{padding-right:0.5rem;padding-left:0.5rem}.navbar-expand-sm>.container,.navbar-expand-sm>.container-fluid,.navbar-expand-sm>.container-sm,.navbar-expand-sm>.container-md,.navbar-expand-sm>.container-lg,.navbar-expand-sm>.container-xl{-ms-flex-wrap:nowrap;flex-wrap:nowrap}.navbar-expand-sm .navbar-collapse{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important;-ms-flex-preferred-size:auto;flex-basis:auto}.navbar-expand-sm .navbar-toggler{display:none}}@media (max-width: 767.98px){.navbar-expand-md>.container,.navbar-expand-md>.container-fluid,.navbar-expand-md>.container-sm,.navbar-expand-md>.container-md,.navbar-expand-md>.container-lg,.navbar-expand-md>.container-xl{padding-right:0;padding-left:0}}@media (min-width: 768px){.navbar-expand-md{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.navbar-expand-md .navbar-nav{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.navbar-expand-md .navbar-nav .dropdown-menu{position:absolute}.navbar-expand-md .navbar-nav .nav-link{padding-right:0.5rem;padding-left:0.5rem}.navbar-expand-md>.container,.navbar-expand-md>.container-fluid,.navbar-expand-md>.container-sm,.navbar-expand-md>.container-md,.navbar-expand-md>.container-lg,.navbar-expand-md>.container-xl{-ms-flex-wrap:nowrap;flex-wrap:nowrap}.navbar-expand-md .navbar-collapse{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important;-ms-flex-preferred-size:auto;flex-basis:auto}.navbar-expand-md .navbar-toggler{display:none}}@media (max-width: 991.98px){.navbar-expand-lg>.container,.navbar-expand-lg>.container-fluid,.navbar-expand-lg>.container-sm,.navbar-expand-lg>.container-md,.navbar-expand-lg>.container-lg,.navbar-expand-lg>.container-xl{padding-right:0;padding-left:0}}@media (min-width: 992px){.navbar-expand-lg{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.navbar-expand-lg .navbar-nav{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.navbar-expand-lg .navbar-nav .dropdown-menu{position:absolute}.navbar-expand-lg .navbar-nav .nav-link{padding-right:0.5rem;padding-left:0.5rem}.navbar-expand-lg>.container,.navbar-expand-lg>.container-fluid,.navbar-expand-lg>.container-sm,.navbar-expand-lg>.container-md,.navbar-expand-lg>.container-lg,.navbar-expand-lg>.container-xl{-ms-flex-wrap:nowrap;flex-wrap:nowrap}.navbar-expand-lg .navbar-collapse{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important;-ms-flex-preferred-size:auto;flex-basis:auto}.navbar-expand-lg .navbar-toggler{display:none}}@media (max-width: 1199.98px){.navbar-expand-xl>.container,.navbar-expand-xl>.container-fluid,.navbar-expand-xl>.container-sm,.navbar-expand-xl>.container-md,.navbar-expand-xl>.container-lg,.navbar-expand-xl>.container-xl{padding-right:0;padding-left:0}}@media (min-width: 1200px){.navbar-expand-xl{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.navbar-expand-xl .navbar-nav{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.navbar-expand-xl .navbar-nav .dropdown-menu{position:absolute}.navbar-expand-xl .navbar-nav .nav-link{padding-right:0.5rem;padding-left:0.5rem}.navbar-expand-xl>.container,.navbar-expand-xl>.container-fluid,.navbar-expand-xl>.container-sm,.navbar-expand-xl>.container-md,.navbar-expand-xl>.container-lg,.navbar-expand-xl>.container-xl{-ms-flex-wrap:nowrap;flex-wrap:nowrap}.navbar-expand-xl .navbar-collapse{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important;-ms-flex-preferred-size:auto;flex-basis:auto}.navbar-expand-xl .navbar-toggler{display:none}}.navbar-expand{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start}.navbar-expand>.container,.navbar-expand>.container-fluid,.navbar-expand>.container-sm,.navbar-expand>.container-md,.navbar-expand>.container-lg,.navbar-expand>.container-xl{padding-right:0;padding-left:0}.navbar-expand .navbar-nav{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.navbar-expand .navbar-nav .dropdown-menu{position:absolute}.navbar-expand .navbar-nav .nav-link{padding-right:0.5rem;padding-left:0.5rem}.navbar-expand>.container,.navbar-expand>.container-fluid,.navbar-expand>.container-sm,.navbar-expand>.container-md,.navbar-expand>.container-lg,.navbar-expand>.container-xl{-ms-flex-wrap:nowrap;flex-wrap:nowrap}.navbar-expand .navbar-collapse{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important;-ms-flex-preferred-size:auto;flex-basis:auto}.navbar-expand .navbar-toggler{display:none}.navbar-light .navbar-brand{color:#3A3F44}.navbar-light .navbar-brand:hover,.navbar-light .navbar-brand:focus{color:#3A3F44}.navbar-light .navbar-nav .nav-link{color:rgba(0,0,0,0.5)}.navbar-light .navbar-nav .nav-link:hover,.navbar-light .navbar-nav .nav-link:focus{color:#3A3F44}.navbar-light .navbar-nav .nav-link.disabled{color:rgba(0,0,0,0.3)}.navbar-light .navbar-nav .show>.nav-link,.navbar-light .navbar-nav .active>.nav-link,.navbar-light .navbar-nav .nav-link.show,.navbar-light .navbar-nav .nav-link.active{color:#3A3F44}.navbar-light .navbar-toggler{color:rgba(0,0,0,0.5);border-color:rgba(0,0,0,0.1)}.navbar-light .navbar-toggler-icon{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='30' height='30' viewBox='0 0 30 30'%3e%3cpath stroke='rgba(0, 0, 0, 0.5)' stroke-linecap='round' stroke-miterlimit='10' stroke-width='2' d='M4 7h22M4 15h22M4 23h22'/%3e%3c/svg%3e")}.navbar-light .navbar-text{color:rgba(0,0,0,0.5)}.navbar-light .navbar-text a{color:#3A3F44}.navbar-light .navbar-text a:hover,.navbar-light .navbar-text a:focus{color:#3A3F44}.navbar-dark .navbar-brand{color:#fff}.navbar-dark .navbar-brand:hover,.navbar-dark .navbar-brand:focus{color:#fff}.navbar-dark .navbar-nav .nav-link{color:rgba(255,255,255,0.5)}.navbar-dark .navbar-nav .nav-link:hover,.navbar-dark .navbar-nav .nav-link:focus{color:#fff}.navbar-dark .navbar-nav .nav-link.disabled{color:rgba(255,255,255,0.25)}.navbar-dark .navbar-nav .show>.nav-link,.navbar-dark .navbar-nav .active>.nav-link,.navbar-dark .navbar-nav .nav-link.show,.navbar-dark .navbar-nav .nav-link.active{color:#fff}.navbar-dark .navbar-toggler{color:rgba(255,255,255,0.5);border-color:rgba(255,255,255,0.1)}.navbar-dark .navbar-toggler-icon{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='30' height='30' viewBox='0 0 30 30'%3e%3cpath stroke='rgba(255, 255, 255, 0.5)' stroke-linecap='round' stroke-miterlimit='10' stroke-width='2' d='M4 7h22M4 15h22M4 23h22'/%3e%3c/svg%3e")}.navbar-dark .navbar-text{color:rgba(255,255,255,0.5)}.navbar-dark .navbar-text a{color:#fff}.navbar-dark .navbar-text a:hover,.navbar-dark .navbar-text a:focus{color:#fff}.card{position:relative;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;min-width:0;word-wrap:break-word;background-color:#32383e;background-clip:border-box;border:1px solid rgba(0,0,0,0.6);border-radius:0.25rem}.card>hr{margin-right:0;margin-left:0}.card>.list-group:first-child .list-group-item:first-child{border-top-left-radius:0.25rem;border-top-right-radius:0.25rem}.card>.list-group:last-child .list-group-item:last-child{border-bottom-right-radius:0.25rem;border-bottom-left-radius:0.25rem}.card-body{-webkit-box-flex:1;-ms-flex:1 1 auto;flex:1 1 auto;min-height:1px;padding:1.25rem}.card-title{margin-bottom:0.75rem}.card-subtitle{margin-top:-0.375rem;margin-bottom:0}.card-text:last-child{margin-bottom:0}.card-link:hover{text-decoration:none}.card-link+.card-link{margin-left:1.25rem}.card-header{padding:0.75rem 1.25rem;margin-bottom:0;background-color:#515960;border-bottom:1px solid rgba(0,0,0,0.6)}.card-header:first-child{border-radius:calc(0.25rem - 1px) calc(0.25rem - 1px) 0 0}.card-header+.list-group .list-group-item:first-child{border-top:0}.card-footer{padding:0.75rem 1.25rem;background-color:#515960;border-top:1px solid rgba(0,0,0,0.6)}.card-footer:last-child{border-radius:0 0 calc(0.25rem - 1px) calc(0.25rem - 1px)}.card-header-tabs{margin-right:-0.625rem;margin-bottom:-0.75rem;margin-left:-0.625rem;border-bottom:0}.card-header-pills{margin-right:-0.625rem;margin-left:-0.625rem}.card-img-overlay{position:absolute;top:0;right:0;bottom:0;left:0;padding:1.25rem}.card-img,.card-img-top,.card-img-bottom{-ms-flex-negative:0;flex-shrink:0;width:100%}.card-img,.card-img-top{border-top-left-radius:calc(0.25rem - 1px);border-top-right-radius:calc(0.25rem - 1px)}.card-img,.card-img-bottom{border-bottom-right-radius:calc(0.25rem - 1px);border-bottom-left-radius:calc(0.25rem - 1px)}.card-deck .card{margin-bottom:15px}@media (min-width: 576px){.card-deck{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row wrap;flex-flow:row wrap;margin-right:-15px;margin-left:-15px}.card-deck .card{-webkit-box-flex:1;-ms-flex:1 0 0%;flex:1 0 0%;margin-right:15px;margin-bottom:0;margin-left:15px}}.card-group>.card{margin-bottom:15px}@media (min-width: 576px){.card-group{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-flow:row wrap;flex-flow:row wrap}.card-group>.card{-webkit-box-flex:1;-ms-flex:1 0 0%;flex:1 0 0%;margin-bottom:0}.card-group>.card+.card{margin-left:0;border-left:0}.card-group>.card:not(:last-child){border-top-right-radius:0;border-bottom-right-radius:0}.card-group>.card:not(:last-child) .card-img-top,.card-group>.card:not(:last-child) .card-header{border-top-right-radius:0}.card-group>.card:not(:last-child) .card-img-bottom,.card-group>.card:not(:last-child) .card-footer{border-bottom-right-radius:0}.card-group>.card:not(:first-child){border-top-left-radius:0;border-bottom-left-radius:0}.card-group>.card:not(:first-child) .card-img-top,.card-group>.card:not(:first-child) .card-header{border-top-left-radius:0}.card-group>.card:not(:first-child) .card-img-bottom,.card-group>.card:not(:first-child) .card-footer{border-bottom-left-radius:0}}.card-columns .card{margin-bottom:0.75rem}@media (min-width: 576px){.card-columns{-webkit-column-count:3;column-count:3;-webkit-column-gap:1.25rem;column-gap:1.25rem;orphans:1;widows:1}.card-columns .card{display:inline-block;width:100%}}.accordion>.card{overflow:hidden}.accordion>.card:not(:last-of-type){border-bottom:0;border-bottom-right-radius:0;border-bottom-left-radius:0}.accordion>.card:not(:first-of-type){border-top-left-radius:0;border-top-right-radius:0}.accordion>.card>.card-header{border-radius:0;margin-bottom:-1px}.breadcrumb{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;padding:0.75rem 1rem;margin-bottom:1rem;list-style:none;background-color:#e9ecef;border-radius:0.25rem}.breadcrumb-item+.breadcrumb-item{padding-left:0.5rem}.breadcrumb-item+.breadcrumb-item::before{display:inline-block;padding-right:0.5rem;color:#7A8288;content:"/"}.breadcrumb-item+.breadcrumb-item:hover::before{text-decoration:underline}.breadcrumb-item+.breadcrumb-item:hover::before{text-decoration:none}.breadcrumb-item.active{color:#999}.pagination{display:-webkit-box;display:-ms-flexbox;display:flex;padding-left:0;list-style:none;border-radius:0.25rem}.page-link{position:relative;display:block;padding:0.5rem 0.75rem;margin-left:-1px;line-height:1.25;color:#fff;background-color:transparent;border:1px solid rgba(0,0,0,0.6)}.page-link:hover{z-index:2;color:#fff;text-decoration:none;background-color:transparent;border-color:rgba(0,0,0,0.6)}.page-link:focus{z-index:3;outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.25)}.page-item:first-child .page-link{margin-left:0;border-top-left-radius:0.25rem;border-bottom-left-radius:0.25rem}.page-item:last-child .page-link{border-top-right-radius:0.25rem;border-bottom-right-radius:0.25rem}.page-item.active .page-link{z-index:3;color:#fff;background-color:transparent;border-color:rgba(0,0,0,0.6)}.page-item.disabled .page-link{color:#7A8288;pointer-events:none;cursor:auto;background-color:transparent;border-color:rgba(0,0,0,0.6)}.pagination-lg .page-link{padding:0.75rem 1.5rem;font-size:1.171875rem;line-height:1.5}.pagination-lg .page-item:first-child .page-link{border-top-left-radius:0.3rem;border-bottom-left-radius:0.3rem}.pagination-lg .page-item:last-child .page-link{border-top-right-radius:0.3rem;border-bottom-right-radius:0.3rem}.pagination-sm .page-link{padding:0.25rem 0.5rem;font-size:0.8203125rem;line-height:1.5}.pagination-sm .page-item:first-child .page-link{border-top-left-radius:0.2rem;border-bottom-left-radius:0.2rem}.pagination-sm .page-item:last-child .page-link{border-top-right-radius:0.2rem;border-bottom-right-radius:0.2rem}.badge{display:inline-block;padding:0.25em 0.4em;font-size:75%;font-weight:700;line-height:1;text-align:center;white-space:nowrap;vertical-align:baseline;border-radius:0.25rem;-webkit-transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;transition:color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out}@media (prefers-reduced-motion: reduce){.badge{-webkit-transition:none;transition:none}}a.badge:hover,a.badge:focus{text-decoration:none}.badge:empty{display:none}.btn .badge{position:relative;top:-1px}.badge-pill{padding-right:0.6em;padding-left:0.6em;border-radius:10rem}.badge-primary{color:#fff;background-color:#3A3F44}a.badge-primary:hover,a.badge-primary:focus{color:#fff;background-color:#232628}a.badge-primary:focus,a.badge-primary.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5);box-shadow:0 0 0 0.2rem rgba(58,63,68,0.5)}.badge-secondary{color:#fff;background-color:#7A8288}a.badge-secondary:hover,a.badge-secondary:focus{color:#fff;background-color:#62686d}a.badge-secondary:focus,a.badge-secondary.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5);box-shadow:0 0 0 0.2rem rgba(122,130,136,0.5)}.badge-success{color:#fff;background-color:#62c462}a.badge-success:hover,a.badge-success:focus{color:#fff;background-color:#42b142}a.badge-success:focus,a.badge-success.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5);box-shadow:0 0 0 0.2rem rgba(98,196,98,0.5)}.badge-info{color:#fff;background-color:#5bc0de}a.badge-info:hover,a.badge-info:focus{color:#fff;background-color:#31b0d5}a.badge-info:focus,a.badge-info.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5);box-shadow:0 0 0 0.2rem rgba(91,192,222,0.5)}.badge-warning{color:#fff;background-color:#f89406}a.badge-warning:hover,a.badge-warning:focus{color:#fff;background-color:#c67605}a.badge-warning:focus,a.badge-warning.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5);box-shadow:0 0 0 0.2rem rgba(248,148,6,0.5)}.badge-danger{color:#fff;background-color:#ee5f5b}a.badge-danger:hover,a.badge-danger:focus{color:#fff;background-color:#e9322d}a.badge-danger:focus,a.badge-danger.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5);box-shadow:0 0 0 0.2rem rgba(238,95,91,0.5)}.badge-light{color:#272B30;background-color:#e9ecef}a.badge-light:hover,a.badge-light:focus{color:#272B30;background-color:#cbd3da}a.badge-light:focus,a.badge-light.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5);box-shadow:0 0 0 0.2rem rgba(233,236,239,0.5)}.badge-dark{color:#fff;background-color:#272B30}a.badge-dark:hover,a.badge-dark:focus{color:#fff;background-color:#101214}a.badge-dark:focus,a.badge-dark.focus{outline:0;-webkit-box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5);box-shadow:0 0 0 0.2rem rgba(39,43,48,0.5)}.jumbotron{padding:2rem 1rem;margin-bottom:2rem;background-color:#1c1e22;border-radius:0.3rem}@media (min-width: 576px){.jumbotron{padding:4rem 2rem}}.jumbotron-fluid{padding-right:0;padding-left:0;border-radius:0}.alert{position:relative;padding:0.75rem 1.25rem;margin-bottom:1rem;border:1px solid transparent;border-radius:0.25rem}.alert-heading{color:inherit}.alert-link{font-weight:700}.alert-dismissible{padding-right:3.90625rem}.alert-dismissible .close{position:absolute;top:0;right:0;padding:0.75rem 1.25rem;color:inherit}.alert-primary{color:#1e2123;background-color:#d8d9da;border-color:#c8c9cb}.alert-primary hr{border-top-color:#bbbcbf}.alert-primary .alert-link{color:#060708}.alert-secondary{color:#3f4447;background-color:#e4e6e7;border-color:#dadcde}.alert-secondary hr{border-top-color:#cdcfd2}.alert-secondary .alert-link{color:#272a2c}.alert-success{color:#336633;background-color:#e0f3e0;border-color:#d3eed3}.alert-success hr{border-top-color:#c1e7c1}.alert-success .alert-link{color:#224422}.alert-info{color:#2f6473;background-color:#def2f8;border-color:#d1edf6}.alert-info hr{border-top-color:#bce5f2}.alert-info .alert-link{color:#20454f}.alert-warning{color:#814d03;background-color:#feeacd;border-color:#fde1b9}.alert-warning hr{border-top-color:#fcd6a0}.alert-warning .alert-link{color:#4f2f02}.alert-danger{color:#7c312f;background-color:#fcdfde;border-color:#fad2d1}.alert-danger hr{border-top-color:#f8bcba}.alert-danger .alert-link{color:#572221}.alert-light{color:#797b7c;background-color:#fbfbfc;border-color:#f9fafb}.alert-light hr{border-top-color:#eaedf1}.alert-light .alert-link{color:#606162}.alert-dark{color:#141619;background-color:#d4d5d6;border-color:#c3c4c5}.alert-dark hr{border-top-color:#b6b7b8}.alert-dark .alert-link{color:black}@-webkit-keyframes progress-bar-stripes{from{background-position:1rem 0}to{background-position:0 0}}@keyframes progress-bar-stripes{from{background-position:1rem 0}to{background-position:0 0}}.progress{display:-webkit-box;display:-ms-flexbox;display:flex;height:1rem;overflow:hidden;font-size:0.703125rem;background-color:#1c1e22;border-radius:0.25rem}.progress-bar{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;overflow:hidden;color:#7A8288;text-align:center;white-space:nowrap;background-color:#3A3F44;-webkit-transition:width 0.6s ease;transition:width 0.6s ease}@media (prefers-reduced-motion: reduce){.progress-bar{-webkit-transition:none;transition:none}}.progress-bar-striped{background-image:linear-gradient(45deg, rgba(255,255,255,0.15) 25%, transparent 25%, transparent 50%, rgba(255,255,255,0.15) 50%, rgba(255,255,255,0.15) 75%, transparent 75%, transparent);background-size:1rem 1rem}.progress-bar-animated{-webkit-animation:progress-bar-stripes 1s linear infinite;animation:progress-bar-stripes 1s linear infinite}@media (prefers-reduced-motion: reduce){.progress-bar-animated{-webkit-animation:none;animation:none}}.media{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:start;-ms-flex-align:start;align-items:flex-start}.media-body{-webkit-box-flex:1;-ms-flex:1;flex:1}.list-group{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;padding-left:0;margin-bottom:0}.list-group-item-action{width:100%;color:#fff;text-align:inherit}.list-group-item-action:hover,.list-group-item-action:focus{z-index:1;color:#fff;text-decoration:none;background-color:#3e444c}.list-group-item-action:active{color:#aaa;background-color:#e9ecef}.list-group-item{position:relative;display:block;padding:0.75rem 1.25rem;background-color:#32383e;border:1px solid rgba(0,0,0,0.6)}.list-group-item:first-child{border-top-left-radius:0.25rem;border-top-right-radius:0.25rem}.list-group-item:last-child{border-bottom-right-radius:0.25rem;border-bottom-left-radius:0.25rem}.list-group-item.disabled,.list-group-item:disabled{color:#52575C;pointer-events:none;background-color:#32383e}.list-group-item.active{z-index:2;color:#fff;background-color:#3e444c;border-color:rgba(0,0,0,0.6)}.list-group-item+.list-group-item{border-top-width:0}.list-group-item+.list-group-item.active{margin-top:-1px;border-top-width:1px}.list-group-horizontal{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.list-group-horizontal .list-group-item:first-child{border-bottom-left-radius:0.25rem;border-top-right-radius:0}.list-group-horizontal .list-group-item:last-child{border-top-right-radius:0.25rem;border-bottom-left-radius:0}.list-group-horizontal .list-group-item.active{margin-top:0}.list-group-horizontal .list-group-item+.list-group-item{border-top-width:1px;border-left-width:0}.list-group-horizontal .list-group-item+.list-group-item.active{margin-left:-1px;border-left-width:1px}@media (min-width: 576px){.list-group-horizontal-sm{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.list-group-horizontal-sm .list-group-item:first-child{border-bottom-left-radius:0.25rem;border-top-right-radius:0}.list-group-horizontal-sm .list-group-item:last-child{border-top-right-radius:0.25rem;border-bottom-left-radius:0}.list-group-horizontal-sm .list-group-item.active{margin-top:0}.list-group-horizontal-sm .list-group-item+.list-group-item{border-top-width:1px;border-left-width:0}.list-group-horizontal-sm .list-group-item+.list-group-item.active{margin-left:-1px;border-left-width:1px}}@media (min-width: 768px){.list-group-horizontal-md{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.list-group-horizontal-md .list-group-item:first-child{border-bottom-left-radius:0.25rem;border-top-right-radius:0}.list-group-horizontal-md .list-group-item:last-child{border-top-right-radius:0.25rem;border-bottom-left-radius:0}.list-group-horizontal-md .list-group-item.active{margin-top:0}.list-group-horizontal-md .list-group-item+.list-group-item{border-top-width:1px;border-left-width:0}.list-group-horizontal-md .list-group-item+.list-group-item.active{margin-left:-1px;border-left-width:1px}}@media (min-width: 992px){.list-group-horizontal-lg{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.list-group-horizontal-lg .list-group-item:first-child{border-bottom-left-radius:0.25rem;border-top-right-radius:0}.list-group-horizontal-lg .list-group-item:last-child{border-top-right-radius:0.25rem;border-bottom-left-radius:0}.list-group-horizontal-lg .list-group-item.active{margin-top:0}.list-group-horizontal-lg .list-group-item+.list-group-item{border-top-width:1px;border-left-width:0}.list-group-horizontal-lg .list-group-item+.list-group-item.active{margin-left:-1px;border-left-width:1px}}@media (min-width: 1200px){.list-group-horizontal-xl{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row}.list-group-horizontal-xl .list-group-item:first-child{border-bottom-left-radius:0.25rem;border-top-right-radius:0}.list-group-horizontal-xl .list-group-item:last-child{border-top-right-radius:0.25rem;border-bottom-left-radius:0}.list-group-horizontal-xl .list-group-item.active{margin-top:0}.list-group-horizontal-xl .list-group-item+.list-group-item{border-top-width:1px;border-left-width:0}.list-group-horizontal-xl .list-group-item+.list-group-item.active{margin-left:-1px;border-left-width:1px}}.list-group-flush .list-group-item{border-right-width:0;border-left-width:0;border-radius:0}.list-group-flush .list-group-item:first-child{border-top-width:0}.list-group-flush:last-child .list-group-item:last-child{border-bottom-width:0}.list-group-item-primary{color:#1e2123;background-color:#c8c9cb}.list-group-item-primary.list-group-item-action:hover,.list-group-item-primary.list-group-item-action:focus{color:#1e2123;background-color:#bbbcbf}.list-group-item-primary.list-group-item-action.active{color:#fff;background-color:#1e2123;border-color:#1e2123}.list-group-item-secondary{color:#3f4447;background-color:#dadcde}.list-group-item-secondary.list-group-item-action:hover,.list-group-item-secondary.list-group-item-action:focus{color:#3f4447;background-color:#cdcfd2}.list-group-item-secondary.list-group-item-action.active{color:#fff;background-color:#3f4447;border-color:#3f4447}.list-group-item-success{color:#336633;background-color:#d3eed3}.list-group-item-success.list-group-item-action:hover,.list-group-item-success.list-group-item-action:focus{color:#336633;background-color:#c1e7c1}.list-group-item-success.list-group-item-action.active{color:#fff;background-color:#336633;border-color:#336633}.list-group-item-info{color:#2f6473;background-color:#d1edf6}.list-group-item-info.list-group-item-action:hover,.list-group-item-info.list-group-item-action:focus{color:#2f6473;background-color:#bce5f2}.list-group-item-info.list-group-item-action.active{color:#fff;background-color:#2f6473;border-color:#2f6473}.list-group-item-warning{color:#814d03;background-color:#fde1b9}.list-group-item-warning.list-group-item-action:hover,.list-group-item-warning.list-group-item-action:focus{color:#814d03;background-color:#fcd6a0}.list-group-item-warning.list-group-item-action.active{color:#fff;background-color:#814d03;border-color:#814d03}.list-group-item-danger{color:#7c312f;background-color:#fad2d1}.list-group-item-danger.list-group-item-action:hover,.list-group-item-danger.list-group-item-action:focus{color:#7c312f;background-color:#f8bcba}.list-group-item-danger.list-group-item-action.active{color:#fff;background-color:#7c312f;border-color:#7c312f}.list-group-item-light{color:#797b7c;background-color:#f9fafb}.list-group-item-light.list-group-item-action:hover,.list-group-item-light.list-group-item-action:focus{color:#797b7c;background-color:#eaedf1}.list-group-item-light.list-group-item-action.active{color:#fff;background-color:#797b7c;border-color:#797b7c}.list-group-item-dark{color:#141619;background-color:#c3c4c5}.list-group-item-dark.list-group-item-action:hover,.list-group-item-dark.list-group-item-action:focus{color:#141619;background-color:#b6b7b8}.list-group-item-dark.list-group-item-action.active{color:#fff;background-color:#141619;border-color:#141619}.close{float:right;font-size:1.40625rem;font-weight:700;line-height:1;color:#000;text-shadow:0 1px 0 #fff;opacity:.5}.close:hover{color:#000;text-decoration:none}.close:not(:disabled):not(.disabled):hover,.close:not(:disabled):not(.disabled):focus{opacity:.75}button.close{padding:0;background-color:transparent;border:0;-webkit-appearance:none;-moz-appearance:none;appearance:none}a.close.disabled{pointer-events:none}.toast{max-width:350px;overflow:hidden;font-size:0.875rem;background-color:#32383e;background-clip:padding-box;border:1px solid rgba(0,0,0,0.2);-webkit-box-shadow:0 0.25rem 0.75rem rgba(0,0,0,0.1);box-shadow:0 0.25rem 0.75rem rgba(0,0,0,0.1);-webkit-backdrop-filter:blur(10px);backdrop-filter:blur(10px);opacity:0;border-radius:0.25rem}.toast:not(:last-child){margin-bottom:0.75rem}.toast.showing{opacity:1}.toast.show{display:block;opacity:1}.toast.hide{display:none}.toast-header{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding:0.25rem 0.75rem;color:#aaa;background-color:#32383e;background-clip:padding-box;border-bottom:1px solid rgba(0,0,0,0.2)}.toast-body{padding:0.75rem}.modal-open{overflow:hidden}.modal-open .modal{overflow-x:hidden;overflow-y:auto}.modal{position:fixed;top:0;left:0;z-index:1050;display:none;width:100%;height:100%;overflow:hidden;outline:0}.modal-dialog{position:relative;width:auto;margin:0.5rem;pointer-events:none}.modal.fade .modal-dialog{-webkit-transition:-webkit-transform 0.3s ease-out;transition:-webkit-transform 0.3s ease-out;transition:transform 0.3s ease-out;transition:transform 0.3s ease-out, -webkit-transform 0.3s ease-out;-webkit-transform:translate(0, -50px);transform:translate(0, -50px)}@media (prefers-reduced-motion: reduce){.modal.fade .modal-dialog{-webkit-transition:none;transition:none}}.modal.show .modal-dialog{-webkit-transform:none;transform:none}.modal.modal-static .modal-dialog{-webkit-transform:scale(1.02);transform:scale(1.02)}.modal-dialog-scrollable{display:-webkit-box;display:-ms-flexbox;display:flex;max-height:calc(100% - 1rem)}.modal-dialog-scrollable .modal-content{max-height:calc(100vh - 1rem);overflow:hidden}.modal-dialog-scrollable .modal-header,.modal-dialog-scrollable .modal-footer{-ms-flex-negative:0;flex-shrink:0}.modal-dialog-scrollable .modal-body{overflow-y:auto}.modal-dialog-centered{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;min-height:calc(100% - 1rem)}.modal-dialog-centered::before{display:block;height:calc(100vh - 1rem);content:""}.modal-dialog-centered.modal-dialog-scrollable{-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;height:100%}.modal-dialog-centered.modal-dialog-scrollable .modal-content{max-height:none}.modal-dialog-centered.modal-dialog-scrollable::before{content:none}.modal-content{position:relative;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;width:100%;pointer-events:auto;background-color:#32383e;background-clip:padding-box;border:1px solid rgba(0,0,0,0.2);border-radius:0.3rem;outline:0}.modal-backdrop{position:fixed;top:0;left:0;z-index:1040;width:100vw;height:100vh;background-color:#000}.modal-backdrop.fade{opacity:0}.modal-backdrop.show{opacity:0.5}.modal-header{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:start;-ms-flex-align:start;align-items:flex-start;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between;padding:1rem 1rem;border-bottom:1px solid rgba(0,0,0,0.2);border-top-left-radius:calc(0.3rem - 1px);border-top-right-radius:calc(0.3rem - 1px)}.modal-header .close{padding:1rem 1rem;margin:-1rem -1rem -1rem auto}.modal-title{margin-bottom:0;line-height:1.5}.modal-body{position:relative;-webkit-box-flex:1;-ms-flex:1 1 auto;flex:1 1 auto;padding:1rem}.modal-footer{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:end;-ms-flex-pack:end;justify-content:flex-end;padding:0.75rem;border-top:1px solid rgba(0,0,0,0.2);border-bottom-right-radius:calc(0.3rem - 1px);border-bottom-left-radius:calc(0.3rem - 1px)}.modal-footer>*{margin:0.25rem}.modal-scrollbar-measure{position:absolute;top:-9999px;width:50px;height:50px;overflow:scroll}@media (min-width: 576px){.modal-dialog{max-width:500px;margin:1.75rem auto}.modal-dialog-scrollable{max-height:calc(100% - 3.5rem)}.modal-dialog-scrollable .modal-content{max-height:calc(100vh - 3.5rem)}.modal-dialog-centered{min-height:calc(100% - 3.5rem)}.modal-dialog-centered::before{height:calc(100vh - 3.5rem)}.modal-sm{max-width:300px}}@media (min-width: 992px){.modal-lg,.modal-xl{max-width:800px}}@media (min-width: 1200px){.modal-xl{max-width:1140px}}.tooltip{position:absolute;z-index:1070;display:block;margin:0;font-family:-apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";font-style:normal;font-weight:400;line-height:1.5;text-align:left;text-align:start;text-decoration:none;text-shadow:none;text-transform:none;letter-spacing:normal;word-break:normal;word-spacing:normal;white-space:normal;line-break:auto;font-size:0.8203125rem;word-wrap:break-word;opacity:0}.tooltip.show{opacity:0.9}.tooltip .arrow{position:absolute;display:block;width:0.8rem;height:0.4rem}.tooltip .arrow::before{position:absolute;content:"";border-color:transparent;border-style:solid}.bs-tooltip-top,.bs-tooltip-auto[x-placement^="top"]{padding:0.4rem 0}.bs-tooltip-top .arrow,.bs-tooltip-auto[x-placement^="top"] .arrow{bottom:0}.bs-tooltip-top .arrow::before,.bs-tooltip-auto[x-placement^="top"] .arrow::before{top:0;border-width:0.4rem 0.4rem 0;border-top-color:#000}.bs-tooltip-right,.bs-tooltip-auto[x-placement^="right"]{padding:0 0.4rem}.bs-tooltip-right .arrow,.bs-tooltip-auto[x-placement^="right"] .arrow{left:0;width:0.4rem;height:0.8rem}.bs-tooltip-right .arrow::before,.bs-tooltip-auto[x-placement^="right"] .arrow::before{right:0;border-width:0.4rem 0.4rem 0.4rem 0;border-right-color:#000}.bs-tooltip-bottom,.bs-tooltip-auto[x-placement^="bottom"]{padding:0.4rem 0}.bs-tooltip-bottom .arrow,.bs-tooltip-auto[x-placement^="bottom"] .arrow{top:0}.bs-tooltip-bottom .arrow::before,.bs-tooltip-auto[x-placement^="bottom"] .arrow::before{bottom:0;border-width:0 0.4rem 0.4rem;border-bottom-color:#000}.bs-tooltip-left,.bs-tooltip-auto[x-placement^="left"]{padding:0 0.4rem}.bs-tooltip-left .arrow,.bs-tooltip-auto[x-placement^="left"] .arrow{right:0;width:0.4rem;height:0.8rem}.bs-tooltip-left .arrow::before,.bs-tooltip-auto[x-placement^="left"] .arrow::before{left:0;border-width:0.4rem 0 0.4rem 0.4rem;border-left-color:#000}.tooltip-inner{max-width:200px;padding:0.25rem 0.5rem;color:#fff;text-align:center;background-color:#000;border-radius:0.25rem}.popover{position:absolute;top:0;left:0;z-index:1060;display:block;max-width:276px;font-family:-apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";font-style:normal;font-weight:400;line-height:1.5;text-align:left;text-align:start;text-decoration:none;text-shadow:none;text-transform:none;letter-spacing:normal;word-break:normal;word-spacing:normal;white-space:normal;line-break:auto;font-size:0.8203125rem;word-wrap:break-word;background-color:#32383e;background-clip:padding-box;border:1px solid rgba(0,0,0,0.2);border-radius:0.3rem}.popover .arrow{position:absolute;display:block;width:1rem;height:0.5rem;margin:0 0.3rem}.popover .arrow::before,.popover .arrow::after{position:absolute;display:block;content:"";border-color:transparent;border-style:solid}.bs-popover-top,.bs-popover-auto[x-placement^="top"]{margin-bottom:0.5rem}.bs-popover-top>.arrow,.bs-popover-auto[x-placement^="top"]>.arrow{bottom:calc(-0.5rem - 1px)}.bs-popover-top>.arrow::before,.bs-popover-auto[x-placement^="top"]>.arrow::before{bottom:0;border-width:0.5rem 0.5rem 0;border-top-color:rgba(0,0,0,0.25)}.bs-popover-top>.arrow::after,.bs-popover-auto[x-placement^="top"]>.arrow::after{bottom:1px;border-width:0.5rem 0.5rem 0;border-top-color:#32383e}.bs-popover-right,.bs-popover-auto[x-placement^="right"]{margin-left:0.5rem}.bs-popover-right>.arrow,.bs-popover-auto[x-placement^="right"]>.arrow{left:calc(-0.5rem - 1px);width:0.5rem;height:1rem;margin:0.3rem 0}.bs-popover-right>.arrow::before,.bs-popover-auto[x-placement^="right"]>.arrow::before{left:0;border-width:0.5rem 0.5rem 0.5rem 0;border-right-color:rgba(0,0,0,0.25)}.bs-popover-right>.arrow::after,.bs-popover-auto[x-placement^="right"]>.arrow::after{left:1px;border-width:0.5rem 0.5rem 0.5rem 0;border-right-color:#32383e}.bs-popover-bottom,.bs-popover-auto[x-placement^="bottom"]{margin-top:0.5rem}.bs-popover-bottom>.arrow,.bs-popover-auto[x-placement^="bottom"]>.arrow{top:calc(-0.5rem - 1px)}.bs-popover-bottom>.arrow::before,.bs-popover-auto[x-placement^="bottom"]>.arrow::before{top:0;border-width:0 0.5rem 0.5rem 0.5rem;border-bottom-color:rgba(0,0,0,0.25)}.bs-popover-bottom>.arrow::after,.bs-popover-auto[x-placement^="bottom"]>.arrow::after{top:1px;border-width:0 0.5rem 0.5rem 0.5rem;border-bottom-color:#32383e}.bs-popover-bottom .popover-header::before,.bs-popover-auto[x-placement^="bottom"] .popover-header::before{position:absolute;top:0;left:50%;display:block;width:1rem;margin-left:-0.5rem;content:"";border-bottom:1px solid #2c3036}.bs-popover-left,.bs-popover-auto[x-placement^="left"]{margin-right:0.5rem}.bs-popover-left>.arrow,.bs-popover-auto[x-placement^="left"]>.arrow{right:calc(-0.5rem - 1px);width:0.5rem;height:1rem;margin:0.3rem 0}.bs-popover-left>.arrow::before,.bs-popover-auto[x-placement^="left"]>.arrow::before{right:0;border-width:0.5rem 0 0.5rem 0.5rem;border-left-color:rgba(0,0,0,0.25)}.bs-popover-left>.arrow::after,.bs-popover-auto[x-placement^="left"]>.arrow::after{right:1px;border-width:0.5rem 0 0.5rem 0.5rem;border-left-color:#32383e}.popover-header{padding:0.5rem 0.75rem;margin-bottom:0;font-size:0.9375rem;background-color:#2c3036;border-bottom:1px solid #202328;border-top-left-radius:calc(0.3rem - 1px);border-top-right-radius:calc(0.3rem - 1px)}.popover-header:empty{display:none}.popover-body{padding:0.5rem 0.75rem;color:#aaa}.carousel{position:relative}.carousel.pointer-event{-ms-touch-action:pan-y;touch-action:pan-y}.carousel-inner{position:relative;width:100%;overflow:hidden}.carousel-inner::after{display:block;clear:both;content:""}.carousel-item{position:relative;display:none;float:left;width:100%;margin-right:-100%;-webkit-backface-visibility:hidden;backface-visibility:hidden;-webkit-transition:-webkit-transform 0.6s ease-in-out;transition:-webkit-transform 0.6s ease-in-out;transition:transform 0.6s ease-in-out;transition:transform 0.6s ease-in-out, -webkit-transform 0.6s ease-in-out}@media (prefers-reduced-motion: reduce){.carousel-item{-webkit-transition:none;transition:none}}.carousel-item.active,.carousel-item-next,.carousel-item-prev{display:block}.carousel-item-next:not(.carousel-item-left),.active.carousel-item-right{-webkit-transform:translateX(100%);transform:translateX(100%)}.carousel-item-prev:not(.carousel-item-right),.active.carousel-item-left{-webkit-transform:translateX(-100%);transform:translateX(-100%)}.carousel-fade .carousel-item{opacity:0;-webkit-transition-property:opacity;transition-property:opacity;-webkit-transform:none;transform:none}.carousel-fade .carousel-item.active,.carousel-fade .carousel-item-next.carousel-item-left,.carousel-fade .carousel-item-prev.carousel-item-right{z-index:1;opacity:1}.carousel-fade .active.carousel-item-left,.carousel-fade .active.carousel-item-right{z-index:0;opacity:0;-webkit-transition:opacity 0s 0.6s;transition:opacity 0s 0.6s}@media (prefers-reduced-motion: reduce){.carousel-fade .active.carousel-item-left,.carousel-fade .active.carousel-item-right{-webkit-transition:none;transition:none}}.carousel-control-prev,.carousel-control-next{position:absolute;top:0;bottom:0;z-index:1;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;width:15%;color:#fff;text-align:center;opacity:0.5;-webkit-transition:opacity 0.15s ease;transition:opacity 0.15s ease}@media (prefers-reduced-motion: reduce){.carousel-control-prev,.carousel-control-next{-webkit-transition:none;transition:none}}.carousel-control-prev:hover,.carousel-control-prev:focus,.carousel-control-next:hover,.carousel-control-next:focus{color:#fff;text-decoration:none;outline:0;opacity:0.9}.carousel-control-prev{left:0}.carousel-control-next{right:0}.carousel-control-prev-icon,.carousel-control-next-icon{display:inline-block;width:20px;height:20px;background:no-repeat 50% / 100% 100%}.carousel-control-prev-icon{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='%23fff' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath d='M5.25 0l-4 4 4 4 1.5-1.5L4.25 4l2.5-2.5L5.25 0z'/%3e%3c/svg%3e")}.carousel-control-next-icon{background-image:url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='%23fff' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath d='M2.75 0l-1.5 1.5L3.75 4l-2.5 2.5L2.75 8l4-4-4-4z'/%3e%3c/svg%3e")}.carousel-indicators{position:absolute;right:0;bottom:0;left:0;z-index:15;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;padding-left:0;margin-right:15%;margin-left:15%;list-style:none}.carousel-indicators li{-webkit-box-sizing:content-box;box-sizing:content-box;-webkit-box-flex:0;-ms-flex:0 1 auto;flex:0 1 auto;width:30px;height:3px;margin-right:3px;margin-left:3px;text-indent:-999px;cursor:pointer;background-color:#fff;background-clip:padding-box;border-top:10px solid transparent;border-bottom:10px solid transparent;opacity:.5;-webkit-transition:opacity 0.6s ease;transition:opacity 0.6s ease}@media (prefers-reduced-motion: reduce){.carousel-indicators li{-webkit-transition:none;transition:none}}.carousel-indicators .active{opacity:1}.carousel-caption{position:absolute;right:15%;bottom:20px;left:15%;z-index:10;padding-top:20px;padding-bottom:20px;color:#fff;text-align:center}@-webkit-keyframes spinner-border{to{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}@keyframes spinner-border{to{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}.spinner-border{display:inline-block;width:2rem;height:2rem;vertical-align:text-bottom;border:0.25em solid currentColor;border-right-color:transparent;border-radius:50%;-webkit-animation:spinner-border .75s linear infinite;animation:spinner-border .75s linear infinite}.spinner-border-sm{width:1rem;height:1rem;border-width:0.2em}@-webkit-keyframes spinner-grow{0%{-webkit-transform:scale(0);transform:scale(0)}50%{opacity:1}}@keyframes spinner-grow{0%{-webkit-transform:scale(0);transform:scale(0)}50%{opacity:1}}.spinner-grow{display:inline-block;width:2rem;height:2rem;vertical-align:text-bottom;background-color:currentColor;border-radius:50%;opacity:0;-webkit-animation:spinner-grow .75s linear infinite;animation:spinner-grow .75s linear infinite}.spinner-grow-sm{width:1rem;height:1rem}.align-baseline{vertical-align:baseline !important}.align-top{vertical-align:top !important}.align-middle{vertical-align:middle !important}.align-bottom{vertical-align:bottom !important}.align-text-bottom{vertical-align:text-bottom !important}.align-text-top{vertical-align:text-top !important}.bg-primary{background-color:#3A3F44 !important}a.bg-primary:hover,a.bg-primary:focus,button.bg-primary:hover,button.bg-primary:focus{background-color:#232628 !important}.bg-secondary{background-color:#7A8288 !important}a.bg-secondary:hover,a.bg-secondary:focus,button.bg-secondary:hover,button.bg-secondary:focus{background-color:#62686d !important}.bg-success{background-color:#62c462 !important}a.bg-success:hover,a.bg-success:focus,button.bg-success:hover,button.bg-success:focus{background-color:#42b142 !important}.bg-info{background-color:#5bc0de !important}a.bg-info:hover,a.bg-info:focus,button.bg-info:hover,button.bg-info:focus{background-color:#31b0d5 !important}.bg-warning{background-color:#f89406 !important}a.bg-warning:hover,a.bg-warning:focus,button.bg-warning:hover,button.bg-warning:focus{background-color:#c67605 !important}.bg-danger{background-color:#ee5f5b !important}a.bg-danger:hover,a.bg-danger:focus,button.bg-danger:hover,button.bg-danger:focus{background-color:#e9322d !important}.bg-light{background-color:#e9ecef !important}a.bg-light:hover,a.bg-light:focus,button.bg-light:hover,button.bg-light:focus{background-color:#cbd3da !important}.bg-dark{background-color:#272B30 !important}a.bg-dark:hover,a.bg-dark:focus,button.bg-dark:hover,button.bg-dark:focus{background-color:#101214 !important}.bg-white{background-color:#fff !important}.bg-transparent{background-color:transparent !important}.border{border:1px solid #dee2e6 !important}.border-top{border-top:1px solid #dee2e6 !important}.border-right{border-right:1px solid #dee2e6 !important}.border-bottom{border-bottom:1px solid #dee2e6 !important}.border-left{border-left:1px solid #dee2e6 !important}.border-0{border:0 !important}.border-top-0{border-top:0 !important}.border-right-0{border-right:0 !important}.border-bottom-0{border-bottom:0 !important}.border-left-0{border-left:0 !important}.border-primary{border-color:#3A3F44 !important}.border-secondary{border-color:#7A8288 !important}.border-success{border-color:#62c462 !important}.border-info{border-color:#5bc0de !important}.border-warning{border-color:#f89406 !important}.border-danger{border-color:#ee5f5b !important}.border-light{border-color:#e9ecef !important}.border-dark{border-color:#272B30 !important}.border-white{border-color:#fff !important}.rounded-sm{border-radius:0.2rem !important}.rounded{border-radius:0.25rem !important}.rounded-top{border-top-left-radius:0.25rem !important;border-top-right-radius:0.25rem !important}.rounded-right{border-top-right-radius:0.25rem !important;border-bottom-right-radius:0.25rem !important}.rounded-bottom{border-bottom-right-radius:0.25rem !important;border-bottom-left-radius:0.25rem !important}.rounded-left{border-top-left-radius:0.25rem !important;border-bottom-left-radius:0.25rem !important}.rounded-lg{border-radius:0.3rem !important}.rounded-circle{border-radius:50% !important}.rounded-pill{border-radius:50rem !important}.rounded-0{border-radius:0 !important}.clearfix::after{display:block;clear:both;content:""}.d-none{display:none !important}.d-inline{display:inline !important}.d-inline-block{display:inline-block !important}.d-block{display:block !important}.d-table{display:table !important}.d-table-row{display:table-row !important}.d-table-cell{display:table-cell !important}.d-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}@media (min-width: 576px){.d-sm-none{display:none !important}.d-sm-inline{display:inline !important}.d-sm-inline-block{display:inline-block !important}.d-sm-block{display:block !important}.d-sm-table{display:table !important}.d-sm-table-row{display:table-row !important}.d-sm-table-cell{display:table-cell !important}.d-sm-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-sm-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}}@media (min-width: 768px){.d-md-none{display:none !important}.d-md-inline{display:inline !important}.d-md-inline-block{display:inline-block !important}.d-md-block{display:block !important}.d-md-table{display:table !important}.d-md-table-row{display:table-row !important}.d-md-table-cell{display:table-cell !important}.d-md-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-md-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}}@media (min-width: 992px){.d-lg-none{display:none !important}.d-lg-inline{display:inline !important}.d-lg-inline-block{display:inline-block !important}.d-lg-block{display:block !important}.d-lg-table{display:table !important}.d-lg-table-row{display:table-row !important}.d-lg-table-cell{display:table-cell !important}.d-lg-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-lg-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}}@media (min-width: 1200px){.d-xl-none{display:none !important}.d-xl-inline{display:inline !important}.d-xl-inline-block{display:inline-block !important}.d-xl-block{display:block !important}.d-xl-table{display:table !important}.d-xl-table-row{display:table-row !important}.d-xl-table-cell{display:table-cell !important}.d-xl-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-xl-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}}@media print{.d-print-none{display:none !important}.d-print-inline{display:inline !important}.d-print-inline-block{display:inline-block !important}.d-print-block{display:block !important}.d-print-table{display:table !important}.d-print-table-row{display:table-row !important}.d-print-table-cell{display:table-cell !important}.d-print-flex{display:-webkit-box !important;display:-ms-flexbox !important;display:flex !important}.d-print-inline-flex{display:-webkit-inline-box !important;display:-ms-inline-flexbox !important;display:inline-flex !important}}.embed-responsive{position:relative;display:block;width:100%;padding:0;overflow:hidden}.embed-responsive::before{display:block;content:""}.embed-responsive .embed-responsive-item,.embed-responsive iframe,.embed-responsive embed,.embed-responsive object,.embed-responsive video{position:absolute;top:0;bottom:0;left:0;width:100%;height:100%;border:0}.embed-responsive-21by9::before{padding-top:42.8571428571%}.embed-responsive-16by9::before{padding-top:56.25%}.embed-responsive-4by3::before{padding-top:75%}.embed-responsive-1by1::before{padding-top:100%}.flex-row{-webkit-box-orient:horizontal !important;-webkit-box-direction:normal !important;-ms-flex-direction:row !important;flex-direction:row !important}.flex-column{-webkit-box-orient:vertical !important;-webkit-box-direction:normal !important;-ms-flex-direction:column !important;flex-direction:column !important}.flex-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:row-reverse !important}.flex-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:column-reverse !important;flex-direction:column-reverse !important}.flex-wrap{-ms-flex-wrap:wrap !important;flex-wrap:wrap !important}.flex-nowrap{-ms-flex-wrap:nowrap !important;flex-wrap:nowrap !important}.flex-wrap-reverse{-ms-flex-wrap:wrap-reverse !important;flex-wrap:wrap-reverse !important}.flex-fill{-webkit-box-flex:1 !important;-ms-flex:1 1 auto !important;flex:1 1 auto !important}.flex-grow-0{-webkit-box-flex:0 !important;-ms-flex-positive:0 !important;flex-grow:0 !important}.flex-grow-1{-webkit-box-flex:1 !important;-ms-flex-positive:1 !important;flex-grow:1 !important}.flex-shrink-0{-ms-flex-negative:0 !important;flex-shrink:0 !important}.flex-shrink-1{-ms-flex-negative:1 !important;flex-shrink:1 !important}.justify-content-start{-webkit-box-pack:start !important;-ms-flex-pack:start !important;justify-content:flex-start !important}.justify-content-end{-webkit-box-pack:end !important;-ms-flex-pack:end !important;justify-content:flex-end !important}.justify-content-center{-webkit-box-pack:center !important;-ms-flex-pack:center !important;justify-content:center !important}.justify-content-between{-webkit-box-pack:justify !important;-ms-flex-pack:justify !important;justify-content:space-between !important}.justify-content-around{-ms-flex-pack:distribute !important;justify-content:space-around !important}.align-items-start{-webkit-box-align:start !important;-ms-flex-align:start !important;align-items:flex-start !important}.align-items-end{-webkit-box-align:end !important;-ms-flex-align:end !important;align-items:flex-end !important}.align-items-center{-webkit-box-align:center !important;-ms-flex-align:center !important;align-items:center !important}.align-items-baseline{-webkit-box-align:baseline !important;-ms-flex-align:baseline !important;align-items:baseline !important}.align-items-stretch{-webkit-box-align:stretch !important;-ms-flex-align:stretch !important;align-items:stretch !important}.align-content-start{-ms-flex-line-pack:start !important;align-content:flex-start !important}.align-content-end{-ms-flex-line-pack:end !important;align-content:flex-end !important}.align-content-center{-ms-flex-line-pack:center !important;align-content:center !important}.align-content-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-stretch{-ms-flex-line-pack:stretch !important;align-content:stretch !important}.align-self-auto{-ms-flex-item-align:auto !important;align-self:auto !important}.align-self-start{-ms-flex-item-align:start !important;align-self:flex-start !important}.align-self-end{-ms-flex-item-align:end !important;align-self:flex-end !important}.align-self-center{-ms-flex-item-align:center !important;align-self:center !important}.align-self-baseline{-ms-flex-item-align:baseline !important;align-self:baseline !important}.align-self-stretch{-ms-flex-item-align:stretch !important;align-self:stretch !important}@media (min-width: 576px){.flex-sm-row{-webkit-box-orient:horizontal !important;-webkit-box-direction:normal !important;-ms-flex-direction:row !important;flex-direction:row !important}.flex-sm-column{-webkit-box-orient:vertical !important;-webkit-box-direction:normal !important;-ms-flex-direction:column !important;flex-direction:column !important}.flex-sm-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:row-reverse !important}.flex-sm-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:column-reverse !important;flex-direction:column-reverse !important}.flex-sm-wrap{-ms-flex-wrap:wrap !important;flex-wrap:wrap !important}.flex-sm-nowrap{-ms-flex-wrap:nowrap !important;flex-wrap:nowrap !important}.flex-sm-wrap-reverse{-ms-flex-wrap:wrap-reverse !important;flex-wrap:wrap-reverse !important}.flex-sm-fill{-webkit-box-flex:1 !important;-ms-flex:1 1 auto !important;flex:1 1 auto !important}.flex-sm-grow-0{-webkit-box-flex:0 !important;-ms-flex-positive:0 !important;flex-grow:0 !important}.flex-sm-grow-1{-webkit-box-flex:1 !important;-ms-flex-positive:1 !important;flex-grow:1 !important}.flex-sm-shrink-0{-ms-flex-negative:0 !important;flex-shrink:0 !important}.flex-sm-shrink-1{-ms-flex-negative:1 !important;flex-shrink:1 !important}.justify-content-sm-start{-webkit-box-pack:start !important;-ms-flex-pack:start !important;justify-content:flex-start !important}.justify-content-sm-end{-webkit-box-pack:end !important;-ms-flex-pack:end !important;justify-content:flex-end !important}.justify-content-sm-center{-webkit-box-pack:center !important;-ms-flex-pack:center !important;justify-content:center !important}.justify-content-sm-between{-webkit-box-pack:justify !important;-ms-flex-pack:justify !important;justify-content:space-between !important}.justify-content-sm-around{-ms-flex-pack:distribute !important;justify-content:space-around !important}.align-items-sm-start{-webkit-box-align:start !important;-ms-flex-align:start !important;align-items:flex-start !important}.align-items-sm-end{-webkit-box-align:end !important;-ms-flex-align:end !important;align-items:flex-end !important}.align-items-sm-center{-webkit-box-align:center !important;-ms-flex-align:center !important;align-items:center !important}.align-items-sm-baseline{-webkit-box-align:baseline !important;-ms-flex-align:baseline !important;align-items:baseline !important}.align-items-sm-stretch{-webkit-box-align:stretch !important;-ms-flex-align:stretch !important;align-items:stretch !important}.align-content-sm-start{-ms-flex-line-pack:start !important;align-content:flex-start !important}.align-content-sm-end{-ms-flex-line-pack:end !important;align-content:flex-end !important}.align-content-sm-center{-ms-flex-line-pack:center !important;align-content:center !important}.align-content-sm-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-sm-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-sm-stretch{-ms-flex-line-pack:stretch !important;align-content:stretch !important}.align-self-sm-auto{-ms-flex-item-align:auto !important;align-self:auto !important}.align-self-sm-start{-ms-flex-item-align:start !important;align-self:flex-start !important}.align-self-sm-end{-ms-flex-item-align:end !important;align-self:flex-end !important}.align-self-sm-center{-ms-flex-item-align:center !important;align-self:center !important}.align-self-sm-baseline{-ms-flex-item-align:baseline !important;align-self:baseline !important}.align-self-sm-stretch{-ms-flex-item-align:stretch !important;align-self:stretch !important}}@media (min-width: 768px){.flex-md-row{-webkit-box-orient:horizontal !important;-webkit-box-direction:normal !important;-ms-flex-direction:row !important;flex-direction:row !important}.flex-md-column{-webkit-box-orient:vertical !important;-webkit-box-direction:normal !important;-ms-flex-direction:column !important;flex-direction:column !important}.flex-md-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:row-reverse !important}.flex-md-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:column-reverse !important;flex-direction:column-reverse !important}.flex-md-wrap{-ms-flex-wrap:wrap !important;flex-wrap:wrap !important}.flex-md-nowrap{-ms-flex-wrap:nowrap !important;flex-wrap:nowrap !important}.flex-md-wrap-reverse{-ms-flex-wrap:wrap-reverse !important;flex-wrap:wrap-reverse !important}.flex-md-fill{-webkit-box-flex:1 !important;-ms-flex:1 1 auto !important;flex:1 1 auto !important}.flex-md-grow-0{-webkit-box-flex:0 !important;-ms-flex-positive:0 !important;flex-grow:0 !important}.flex-md-grow-1{-webkit-box-flex:1 !important;-ms-flex-positive:1 !important;flex-grow:1 !important}.flex-md-shrink-0{-ms-flex-negative:0 !important;flex-shrink:0 !important}.flex-md-shrink-1{-ms-flex-negative:1 !important;flex-shrink:1 !important}.justify-content-md-start{-webkit-box-pack:start !important;-ms-flex-pack:start !important;justify-content:flex-start !important}.justify-content-md-end{-webkit-box-pack:end !important;-ms-flex-pack:end !important;justify-content:flex-end !important}.justify-content-md-center{-webkit-box-pack:center !important;-ms-flex-pack:center !important;justify-content:center !important}.justify-content-md-between{-webkit-box-pack:justify !important;-ms-flex-pack:justify !important;justify-content:space-between !important}.justify-content-md-around{-ms-flex-pack:distribute !important;justify-content:space-around !important}.align-items-md-start{-webkit-box-align:start !important;-ms-flex-align:start !important;align-items:flex-start !important}.align-items-md-end{-webkit-box-align:end !important;-ms-flex-align:end !important;align-items:flex-end !important}.align-items-md-center{-webkit-box-align:center !important;-ms-flex-align:center !important;align-items:center !important}.align-items-md-baseline{-webkit-box-align:baseline !important;-ms-flex-align:baseline !important;align-items:baseline !important}.align-items-md-stretch{-webkit-box-align:stretch !important;-ms-flex-align:stretch !important;align-items:stretch !important}.align-content-md-start{-ms-flex-line-pack:start !important;align-content:flex-start !important}.align-content-md-end{-ms-flex-line-pack:end !important;align-content:flex-end !important}.align-content-md-center{-ms-flex-line-pack:center !important;align-content:center !important}.align-content-md-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-md-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-md-stretch{-ms-flex-line-pack:stretch !important;align-content:stretch !important}.align-self-md-auto{-ms-flex-item-align:auto !important;align-self:auto !important}.align-self-md-start{-ms-flex-item-align:start !important;align-self:flex-start !important}.align-self-md-end{-ms-flex-item-align:end !important;align-self:flex-end !important}.align-self-md-center{-ms-flex-item-align:center !important;align-self:center !important}.align-self-md-baseline{-ms-flex-item-align:baseline !important;align-self:baseline !important}.align-self-md-stretch{-ms-flex-item-align:stretch !important;align-self:stretch !important}}@media (min-width: 992px){.flex-lg-row{-webkit-box-orient:horizontal !important;-webkit-box-direction:normal !important;-ms-flex-direction:row !important;flex-direction:row !important}.flex-lg-column{-webkit-box-orient:vertical !important;-webkit-box-direction:normal !important;-ms-flex-direction:column !important;flex-direction:column !important}.flex-lg-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:row-reverse !important}.flex-lg-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:column-reverse !important;flex-direction:column-reverse !important}.flex-lg-wrap{-ms-flex-wrap:wrap !important;flex-wrap:wrap !important}.flex-lg-nowrap{-ms-flex-wrap:nowrap !important;flex-wrap:nowrap !important}.flex-lg-wrap-reverse{-ms-flex-wrap:wrap-reverse !important;flex-wrap:wrap-reverse !important}.flex-lg-fill{-webkit-box-flex:1 !important;-ms-flex:1 1 auto !important;flex:1 1 auto !important}.flex-lg-grow-0{-webkit-box-flex:0 !important;-ms-flex-positive:0 !important;flex-grow:0 !important}.flex-lg-grow-1{-webkit-box-flex:1 !important;-ms-flex-positive:1 !important;flex-grow:1 !important}.flex-lg-shrink-0{-ms-flex-negative:0 !important;flex-shrink:0 !important}.flex-lg-shrink-1{-ms-flex-negative:1 !important;flex-shrink:1 !important}.justify-content-lg-start{-webkit-box-pack:start !important;-ms-flex-pack:start !important;justify-content:flex-start !important}.justify-content-lg-end{-webkit-box-pack:end !important;-ms-flex-pack:end !important;justify-content:flex-end !important}.justify-content-lg-center{-webkit-box-pack:center !important;-ms-flex-pack:center !important;justify-content:center !important}.justify-content-lg-between{-webkit-box-pack:justify !important;-ms-flex-pack:justify !important;justify-content:space-between !important}.justify-content-lg-around{-ms-flex-pack:distribute !important;justify-content:space-around !important}.align-items-lg-start{-webkit-box-align:start !important;-ms-flex-align:start !important;align-items:flex-start !important}.align-items-lg-end{-webkit-box-align:end !important;-ms-flex-align:end !important;align-items:flex-end !important}.align-items-lg-center{-webkit-box-align:center !important;-ms-flex-align:center !important;align-items:center !important}.align-items-lg-baseline{-webkit-box-align:baseline !important;-ms-flex-align:baseline !important;align-items:baseline !important}.align-items-lg-stretch{-webkit-box-align:stretch !important;-ms-flex-align:stretch !important;align-items:stretch !important}.align-content-lg-start{-ms-flex-line-pack:start !important;align-content:flex-start !important}.align-content-lg-end{-ms-flex-line-pack:end !important;align-content:flex-end !important}.align-content-lg-center{-ms-flex-line-pack:center !important;align-content:center !important}.align-content-lg-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-lg-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-lg-stretch{-ms-flex-line-pack:stretch !important;align-content:stretch !important}.align-self-lg-auto{-ms-flex-item-align:auto !important;align-self:auto !important}.align-self-lg-start{-ms-flex-item-align:start !important;align-self:flex-start !important}.align-self-lg-end{-ms-flex-item-align:end !important;align-self:flex-end !important}.align-self-lg-center{-ms-flex-item-align:center !important;align-self:center !important}.align-self-lg-baseline{-ms-flex-item-align:baseline !important;align-self:baseline !important}.align-self-lg-stretch{-ms-flex-item-align:stretch !important;align-self:stretch !important}}@media (min-width: 1200px){.flex-xl-row{-webkit-box-orient:horizontal !important;-webkit-box-direction:normal !important;-ms-flex-direction:row !important;flex-direction:row !important}.flex-xl-column{-webkit-box-orient:vertical !important;-webkit-box-direction:normal !important;-ms-flex-direction:column !important;flex-direction:column !important}.flex-xl-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:row-reverse !important}.flex-xl-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:column-reverse !important;flex-direction:column-reverse !important}.flex-xl-wrap{-ms-flex-wrap:wrap !important;flex-wrap:wrap !important}.flex-xl-nowrap{-ms-flex-wrap:nowrap !important;flex-wrap:nowrap !important}.flex-xl-wrap-reverse{-ms-flex-wrap:wrap-reverse !important;flex-wrap:wrap-reverse !important}.flex-xl-fill{-webkit-box-flex:1 !important;-ms-flex:1 1 auto !important;flex:1 1 auto !important}.flex-xl-grow-0{-webkit-box-flex:0 !important;-ms-flex-positive:0 !important;flex-grow:0 !important}.flex-xl-grow-1{-webkit-box-flex:1 !important;-ms-flex-positive:1 !important;flex-grow:1 !important}.flex-xl-shrink-0{-ms-flex-negative:0 !important;flex-shrink:0 !important}.flex-xl-shrink-1{-ms-flex-negative:1 !important;flex-shrink:1 !important}.justify-content-xl-start{-webkit-box-pack:start !important;-ms-flex-pack:start !important;justify-content:flex-start !important}.justify-content-xl-end{-webkit-box-pack:end !important;-ms-flex-pack:end !important;justify-content:flex-end !important}.justify-content-xl-center{-webkit-box-pack:center !important;-ms-flex-pack:center !important;justify-content:center !important}.justify-content-xl-between{-webkit-box-pack:justify !important;-ms-flex-pack:justify !important;justify-content:space-between !important}.justify-content-xl-around{-ms-flex-pack:distribute !important;justify-content:space-around !important}.align-items-xl-start{-webkit-box-align:start !important;-ms-flex-align:start !important;align-items:flex-start !important}.align-items-xl-end{-webkit-box-align:end !important;-ms-flex-align:end !important;align-items:flex-end !important}.align-items-xl-center{-webkit-box-align:center !important;-ms-flex-align:center !important;align-items:center !important}.align-items-xl-baseline{-webkit-box-align:baseline !important;-ms-flex-align:baseline !important;align-items:baseline !important}.align-items-xl-stretch{-webkit-box-align:stretch !important;-ms-flex-align:stretch !important;align-items:stretch !important}.align-content-xl-start{-ms-flex-line-pack:start !important;align-content:flex-start !important}.align-content-xl-end{-ms-flex-line-pack:end !important;align-content:flex-end !important}.align-content-xl-center{-ms-flex-line-pack:center !important;align-content:center !important}.align-content-xl-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-xl-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-xl-stretch{-ms-flex-line-pack:stretch !important;align-content:stretch !important}.align-self-xl-auto{-ms-flex-item-align:auto !important;align-self:auto !important}.align-self-xl-start{-ms-flex-item-align:start !important;align-self:flex-start !important}.align-self-xl-end{-ms-flex-item-align:end !important;align-self:flex-end !important}.align-self-xl-center{-ms-flex-item-align:center !important;align-self:center !important}.align-self-xl-baseline{-ms-flex-item-align:baseline !important;align-self:baseline !important}.align-self-xl-stretch{-ms-flex-item-align:stretch !important;align-self:stretch !important}}.float-left{float:left !important}.float-right{float:right !important}.float-none{float:none !important}@media (min-width: 576px){.float-sm-left{float:left !important}.float-sm-right{float:right !important}.float-sm-none{float:none !important}}@media (min-width: 768px){.float-md-left{float:left !important}.float-md-right{float:right !important}.float-md-none{float:none !important}}@media (min-width: 992px){.float-lg-left{float:left !important}.float-lg-right{float:right !important}.float-lg-none{float:none !important}}@media (min-width: 1200px){.float-xl-left{float:left !important}.float-xl-right{float:right !important}.float-xl-none{float:none !important}}.overflow-auto{overflow:auto !important}.overflow-hidden{overflow:hidden !important}.position-static{position:static !important}.position-relative{position:relative !important}.position-absolute{position:absolute !important}.position-fixed{position:fixed !important}.position-sticky{position:-webkit-sticky !important;position:sticky !important}.fixed-top{position:fixed;top:0;right:0;left:0;z-index:1030}.fixed-bottom{position:fixed;right:0;bottom:0;left:0;z-index:1030}@supports (position: -webkit-sticky) or (position: sticky){.sticky-top{position:-webkit-sticky;position:sticky;top:0;z-index:1020}}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0, 0, 0, 0);white-space:nowrap;border:0}.sr-only-focusable:active,.sr-only-focusable:focus{position:static;width:auto;height:auto;overflow:visible;clip:auto;white-space:normal}.shadow-sm{-webkit-box-shadow:0 0.125rem 0.25rem rgba(0,0,0,0.075) !important;box-shadow:0 0.125rem 0.25rem rgba(0,0,0,0.075) !important}.shadow{-webkit-box-shadow:0 0.5rem 1rem rgba(0,0,0,0.15) !important;box-shadow:0 0.5rem 1rem rgba(0,0,0,0.15) !important}.shadow-lg{-webkit-box-shadow:0 1rem 3rem rgba(0,0,0,0.175) !important;box-shadow:0 1rem 3rem rgba(0,0,0,0.175) !important}.shadow-none{-webkit-box-shadow:none !important;box-shadow:none !important}.w-25{width:25% !important}.w-50{width:50% !important}.w-75{width:75% !important}.w-100{width:100% !important}.w-auto{width:auto !important}.h-25{height:25% !important}.h-50{height:50% !important}.h-75{height:75% !important}.h-100{height:100% !important}.h-auto{height:auto !important}.mw-100{max-width:100% !important}.mh-100{max-height:100% !important}.min-vw-100{min-width:100vw !important}.min-vh-100{min-height:100vh !important}.vw-100{width:100vw !important}.vh-100{height:100vh !important}.stretched-link::after{position:absolute;top:0;right:0;bottom:0;left:0;z-index:1;pointer-events:auto;content:"";background-color:rgba(0,0,0,0)}.m-0{margin:0 !important}.mt-0,.my-0{margin-top:0 !important}.mr-0,.mx-0{margin-right:0 !important}.mb-0,.my-0{margin-bottom:0 !important}.ml-0,.mx-0{margin-left:0 !important}.m-1{margin:0.25rem !important}.mt-1,.my-1{margin-top:0.25rem !important}.mr-1,.mx-1{margin-right:0.25rem !important}.mb-1,.my-1{margin-bottom:0.25rem !important}.ml-1,.mx-1{margin-left:0.25rem !important}.m-2{margin:0.5rem !important}.mt-2,.my-2{margin-top:0.5rem !important}.mr-2,.mx-2{margin-right:0.5rem !important}.mb-2,.my-2{margin-bottom:0.5rem !important}.ml-2,.mx-2{margin-left:0.5rem !important}.m-3{margin:1rem !important}.mt-3,.my-3{margin-top:1rem !important}.mr-3,.mx-3{margin-right:1rem !important}.mb-3,.my-3{margin-bottom:1rem !important}.ml-3,.mx-3{margin-left:1rem !important}.m-4{margin:1.5rem !important}.mt-4,.my-4{margin-top:1.5rem !important}.mr-4,.mx-4{margin-right:1.5rem !important}.mb-4,.my-4{margin-bottom:1.5rem !important}.ml-4,.mx-4{margin-left:1.5rem !important}.m-5{margin:3rem !important}.mt-5,.my-5{margin-top:3rem !important}.mr-5,.mx-5{margin-right:3rem !important}.mb-5,.my-5{margin-bottom:3rem !important}.ml-5,.mx-5{margin-left:3rem !important}.p-0{padding:0 !important}.pt-0,.py-0{padding-top:0 !important}.pr-0,.px-0{padding-right:0 !important}.pb-0,.py-0{padding-bottom:0 !important}.pl-0,.px-0{padding-left:0 !important}.p-1{padding:0.25rem !important}.pt-1,.py-1{padding-top:0.25rem !important}.pr-1,.px-1{padding-right:0.25rem !important}.pb-1,.py-1{padding-bottom:0.25rem !important}.pl-1,.px-1{padding-left:0.25rem !important}.p-2{padding:0.5rem !important}.pt-2,.py-2{padding-top:0.5rem !important}.pr-2,.px-2{padding-right:0.5rem !important}.pb-2,.py-2{padding-bottom:0.5rem !important}.pl-2,.px-2{padding-left:0.5rem !important}.p-3{padding:1rem !important}.pt-3,.py-3{padding-top:1rem !important}.pr-3,.px-3{padding-right:1rem !important}.pb-3,.py-3{padding-bottom:1rem !important}.pl-3,.px-3{padding-left:1rem !important}.p-4{padding:1.5rem !important}.pt-4,.py-4{padding-top:1.5rem !important}.pr-4,.px-4{padding-right:1.5rem !important}.pb-4,.py-4{padding-bottom:1.5rem !important}.pl-4,.px-4{padding-left:1.5rem !important}.p-5{padding:3rem !important}.pt-5,.py-5{padding-top:3rem !important}.pr-5,.px-5{padding-right:3rem !important}.pb-5,.py-5{padding-bottom:3rem !important}.pl-5,.px-5{padding-left:3rem !important}.m-n1{margin:-0.25rem !important}.mt-n1,.my-n1{margin-top:-0.25rem !important}.mr-n1,.mx-n1{margin-right:-0.25rem !important}.mb-n1,.my-n1{margin-bottom:-0.25rem !important}.ml-n1,.mx-n1{margin-left:-0.25rem !important}.m-n2{margin:-0.5rem !important}.mt-n2,.my-n2{margin-top:-0.5rem !important}.mr-n2,.mx-n2{margin-right:-0.5rem !important}.mb-n2,.my-n2{margin-bottom:-0.5rem !important}.ml-n2,.mx-n2{margin-left:-0.5rem !important}.m-n3{margin:-1rem !important}.mt-n3,.my-n3{margin-top:-1rem !important}.mr-n3,.mx-n3{margin-right:-1rem !important}.mb-n3,.my-n3{margin-bottom:-1rem !important}.ml-n3,.mx-n3{margin-left:-1rem !important}.m-n4{margin:-1.5rem !important}.mt-n4,.my-n4{margin-top:-1.5rem !important}.mr-n4,.mx-n4{margin-right:-1.5rem !important}.mb-n4,.my-n4{margin-bottom:-1.5rem !important}.ml-n4,.mx-n4{margin-left:-1.5rem !important}.m-n5{margin:-3rem !important}.mt-n5,.my-n5{margin-top:-3rem !important}.mr-n5,.mx-n5{margin-right:-3rem !important}.mb-n5,.my-n5{margin-bottom:-3rem !important}.ml-n5,.mx-n5{margin-left:-3rem !important}.m-auto{margin:auto !important}.mt-auto,.my-auto{margin-top:auto !important}.mr-auto,.mx-auto{margin-right:auto !important}.mb-auto,.my-auto{margin-bottom:auto !important}.ml-auto,.mx-auto{margin-left:auto !important}@media (min-width: 576px){.m-sm-0{margin:0 !important}.mt-sm-0,.my-sm-0{margin-top:0 !important}.mr-sm-0,.mx-sm-0{margin-right:0 !important}.mb-sm-0,.my-sm-0{margin-bottom:0 !important}.ml-sm-0,.mx-sm-0{margin-left:0 !important}.m-sm-1{margin:0.25rem !important}.mt-sm-1,.my-sm-1{margin-top:0.25rem !important}.mr-sm-1,.mx-sm-1{margin-right:0.25rem !important}.mb-sm-1,.my-sm-1{margin-bottom:0.25rem !important}.ml-sm-1,.mx-sm-1{margin-left:0.25rem !important}.m-sm-2{margin:0.5rem !important}.mt-sm-2,.my-sm-2{margin-top:0.5rem !important}.mr-sm-2,.mx-sm-2{margin-right:0.5rem !important}.mb-sm-2,.my-sm-2{margin-bottom:0.5rem !important}.ml-sm-2,.mx-sm-2{margin-left:0.5rem !important}.m-sm-3{margin:1rem !important}.mt-sm-3,.my-sm-3{margin-top:1rem !important}.mr-sm-3,.mx-sm-3{margin-right:1rem !important}.mb-sm-3,.my-sm-3{margin-bottom:1rem !important}.ml-sm-3,.mx-sm-3{margin-left:1rem !important}.m-sm-4{margin:1.5rem !important}.mt-sm-4,.my-sm-4{margin-top:1.5rem !important}.mr-sm-4,.mx-sm-4{margin-right:1.5rem !important}.mb-sm-4,.my-sm-4{margin-bottom:1.5rem !important}.ml-sm-4,.mx-sm-4{margin-left:1.5rem !important}.m-sm-5{margin:3rem !important}.mt-sm-5,.my-sm-5{margin-top:3rem !important}.mr-sm-5,.mx-sm-5{margin-right:3rem !important}.mb-sm-5,.my-sm-5{margin-bottom:3rem !important}.ml-sm-5,.mx-sm-5{margin-left:3rem !important}.p-sm-0{padding:0 !important}.pt-sm-0,.py-sm-0{padding-top:0 !important}.pr-sm-0,.px-sm-0{padding-right:0 !important}.pb-sm-0,.py-sm-0{padding-bottom:0 !important}.pl-sm-0,.px-sm-0{padding-left:0 !important}.p-sm-1{padding:0.25rem !important}.pt-sm-1,.py-sm-1{padding-top:0.25rem !important}.pr-sm-1,.px-sm-1{padding-right:0.25rem !important}.pb-sm-1,.py-sm-1{padding-bottom:0.25rem !important}.pl-sm-1,.px-sm-1{padding-left:0.25rem !important}.p-sm-2{padding:0.5rem !important}.pt-sm-2,.py-sm-2{padding-top:0.5rem !important}.pr-sm-2,.px-sm-2{padding-right:0.5rem !important}.pb-sm-2,.py-sm-2{padding-bottom:0.5rem !important}.pl-sm-2,.px-sm-2{padding-left:0.5rem !important}.p-sm-3{padding:1rem !important}.pt-sm-3,.py-sm-3{padding-top:1rem !important}.pr-sm-3,.px-sm-3{padding-right:1rem !important}.pb-sm-3,.py-sm-3{padding-bottom:1rem !important}.pl-sm-3,.px-sm-3{padding-left:1rem !important}.p-sm-4{padding:1.5rem !important}.pt-sm-4,.py-sm-4{padding-top:1.5rem !important}.pr-sm-4,.px-sm-4{padding-right:1.5rem !important}.pb-sm-4,.py-sm-4{padding-bottom:1.5rem !important}.pl-sm-4,.px-sm-4{padding-left:1.5rem !important}.p-sm-5{padding:3rem !important}.pt-sm-5,.py-sm-5{padding-top:3rem !important}.pr-sm-5,.px-sm-5{padding-right:3rem !important}.pb-sm-5,.py-sm-5{padding-bottom:3rem !important}.pl-sm-5,.px-sm-5{padding-left:3rem !important}.m-sm-n1{margin:-0.25rem !important}.mt-sm-n1,.my-sm-n1{margin-top:-0.25rem !important}.mr-sm-n1,.mx-sm-n1{margin-right:-0.25rem !important}.mb-sm-n1,.my-sm-n1{margin-bottom:-0.25rem !important}.ml-sm-n1,.mx-sm-n1{margin-left:-0.25rem !important}.m-sm-n2{margin:-0.5rem !important}.mt-sm-n2,.my-sm-n2{margin-top:-0.5rem !important}.mr-sm-n2,.mx-sm-n2{margin-right:-0.5rem !important}.mb-sm-n2,.my-sm-n2{margin-bottom:-0.5rem !important}.ml-sm-n2,.mx-sm-n2{margin-left:-0.5rem !important}.m-sm-n3{margin:-1rem !important}.mt-sm-n3,.my-sm-n3{margin-top:-1rem !important}.mr-sm-n3,.mx-sm-n3{margin-right:-1rem !important}.mb-sm-n3,.my-sm-n3{margin-bottom:-1rem !important}.ml-sm-n3,.mx-sm-n3{margin-left:-1rem !important}.m-sm-n4{margin:-1.5rem !important}.mt-sm-n4,.my-sm-n4{margin-top:-1.5rem !important}.mr-sm-n4,.mx-sm-n4{margin-right:-1.5rem !important}.mb-sm-n4,.my-sm-n4{margin-bottom:-1.5rem !important}.ml-sm-n4,.mx-sm-n4{margin-left:-1.5rem !important}.m-sm-n5{margin:-3rem !important}.mt-sm-n5,.my-sm-n5{margin-top:-3rem !important}.mr-sm-n5,.mx-sm-n5{margin-right:-3rem !important}.mb-sm-n5,.my-sm-n5{margin-bottom:-3rem !important}.ml-sm-n5,.mx-sm-n5{margin-left:-3rem !important}.m-sm-auto{margin:auto !important}.mt-sm-auto,.my-sm-auto{margin-top:auto !important}.mr-sm-auto,.mx-sm-auto{margin-right:auto !important}.mb-sm-auto,.my-sm-auto{margin-bottom:auto !important}.ml-sm-auto,.mx-sm-auto{margin-left:auto !important}}@media (min-width: 768px){.m-md-0{margin:0 !important}.mt-md-0,.my-md-0{margin-top:0 !important}.mr-md-0,.mx-md-0{margin-right:0 !important}.mb-md-0,.my-md-0{margin-bottom:0 !important}.ml-md-0,.mx-md-0{margin-left:0 !important}.m-md-1{margin:0.25rem !important}.mt-md-1,.my-md-1{margin-top:0.25rem !important}.mr-md-1,.mx-md-1{margin-right:0.25rem !important}.mb-md-1,.my-md-1{margin-bottom:0.25rem !important}.ml-md-1,.mx-md-1{margin-left:0.25rem !important}.m-md-2{margin:0.5rem !important}.mt-md-2,.my-md-2{margin-top:0.5rem !important}.mr-md-2,.mx-md-2{margin-right:0.5rem !important}.mb-md-2,.my-md-2{margin-bottom:0.5rem !important}.ml-md-2,.mx-md-2{margin-left:0.5rem !important}.m-md-3{margin:1rem !important}.mt-md-3,.my-md-3{margin-top:1rem !important}.mr-md-3,.mx-md-3{margin-right:1rem !important}.mb-md-3,.my-md-3{margin-bottom:1rem !important}.ml-md-3,.mx-md-3{margin-left:1rem !important}.m-md-4{margin:1.5rem !important}.mt-md-4,.my-md-4{margin-top:1.5rem !important}.mr-md-4,.mx-md-4{margin-right:1.5rem !important}.mb-md-4,.my-md-4{margin-bottom:1.5rem !important}.ml-md-4,.mx-md-4{margin-left:1.5rem !important}.m-md-5{margin:3rem !important}.mt-md-5,.my-md-5{margin-top:3rem !important}.mr-md-5,.mx-md-5{margin-right:3rem !important}.mb-md-5,.my-md-5{margin-bottom:3rem !important}.ml-md-5,.mx-md-5{margin-left:3rem !important}.p-md-0{padding:0 !important}.pt-md-0,.py-md-0{padding-top:0 !important}.pr-md-0,.px-md-0{padding-right:0 !important}.pb-md-0,.py-md-0{padding-bottom:0 !important}.pl-md-0,.px-md-0{padding-left:0 !important}.p-md-1{padding:0.25rem !important}.pt-md-1,.py-md-1{padding-top:0.25rem !important}.pr-md-1,.px-md-1{padding-right:0.25rem !important}.pb-md-1,.py-md-1{padding-bottom:0.25rem !important}.pl-md-1,.px-md-1{padding-left:0.25rem !important}.p-md-2{padding:0.5rem !important}.pt-md-2,.py-md-2{padding-top:0.5rem !important}.pr-md-2,.px-md-2{padding-right:0.5rem !important}.pb-md-2,.py-md-2{padding-bottom:0.5rem !important}.pl-md-2,.px-md-2{padding-left:0.5rem !important}.p-md-3{padding:1rem !important}.pt-md-3,.py-md-3{padding-top:1rem !important}.pr-md-3,.px-md-3{padding-right:1rem !important}.pb-md-3,.py-md-3{padding-bottom:1rem !important}.pl-md-3,.px-md-3{padding-left:1rem !important}.p-md-4{padding:1.5rem !important}.pt-md-4,.py-md-4{padding-top:1.5rem !important}.pr-md-4,.px-md-4{padding-right:1.5rem !important}.pb-md-4,.py-md-4{padding-bottom:1.5rem !important}.pl-md-4,.px-md-4{padding-left:1.5rem !important}.p-md-5{padding:3rem !important}.pt-md-5,.py-md-5{padding-top:3rem !important}.pr-md-5,.px-md-5{padding-right:3rem !important}.pb-md-5,.py-md-5{padding-bottom:3rem !important}.pl-md-5,.px-md-5{padding-left:3rem !important}.m-md-n1{margin:-0.25rem !important}.mt-md-n1,.my-md-n1{margin-top:-0.25rem !important}.mr-md-n1,.mx-md-n1{margin-right:-0.25rem !important}.mb-md-n1,.my-md-n1{margin-bottom:-0.25rem !important}.ml-md-n1,.mx-md-n1{margin-left:-0.25rem !important}.m-md-n2{margin:-0.5rem !important}.mt-md-n2,.my-md-n2{margin-top:-0.5rem !important}.mr-md-n2,.mx-md-n2{margin-right:-0.5rem !important}.mb-md-n2,.my-md-n2{margin-bottom:-0.5rem !important}.ml-md-n2,.mx-md-n2{margin-left:-0.5rem !important}.m-md-n3{margin:-1rem !important}.mt-md-n3,.my-md-n3{margin-top:-1rem !important}.mr-md-n3,.mx-md-n3{margin-right:-1rem !important}.mb-md-n3,.my-md-n3{margin-bottom:-1rem !important}.ml-md-n3,.mx-md-n3{margin-left:-1rem !important}.m-md-n4{margin:-1.5rem !important}.mt-md-n4,.my-md-n4{margin-top:-1.5rem !important}.mr-md-n4,.mx-md-n4{margin-right:-1.5rem !important}.mb-md-n4,.my-md-n4{margin-bottom:-1.5rem !important}.ml-md-n4,.mx-md-n4{margin-left:-1.5rem !important}.m-md-n5{margin:-3rem !important}.mt-md-n5,.my-md-n5{margin-top:-3rem !important}.mr-md-n5,.mx-md-n5{margin-right:-3rem !important}.mb-md-n5,.my-md-n5{margin-bottom:-3rem !important}.ml-md-n5,.mx-md-n5{margin-left:-3rem !important}.m-md-auto{margin:auto !important}.mt-md-auto,.my-md-auto{margin-top:auto !important}.mr-md-auto,.mx-md-auto{margin-right:auto !important}.mb-md-auto,.my-md-auto{margin-bottom:auto !important}.ml-md-auto,.mx-md-auto{margin-left:auto !important}}@media (min-width: 992px){.m-lg-0{margin:0 !important}.mt-lg-0,.my-lg-0{margin-top:0 !important}.mr-lg-0,.mx-lg-0{margin-right:0 !important}.mb-lg-0,.my-lg-0{margin-bottom:0 !important}.ml-lg-0,.mx-lg-0{margin-left:0 !important}.m-lg-1{margin:0.25rem !important}.mt-lg-1,.my-lg-1{margin-top:0.25rem !important}.mr-lg-1,.mx-lg-1{margin-right:0.25rem !important}.mb-lg-1,.my-lg-1{margin-bottom:0.25rem !important}.ml-lg-1,.mx-lg-1{margin-left:0.25rem !important}.m-lg-2{margin:0.5rem !important}.mt-lg-2,.my-lg-2{margin-top:0.5rem !important}.mr-lg-2,.mx-lg-2{margin-right:0.5rem !important}.mb-lg-2,.my-lg-2{margin-bottom:0.5rem !important}.ml-lg-2,.mx-lg-2{margin-left:0.5rem !important}.m-lg-3{margin:1rem !important}.mt-lg-3,.my-lg-3{margin-top:1rem !important}.mr-lg-3,.mx-lg-3{margin-right:1rem !important}.mb-lg-3,.my-lg-3{margin-bottom:1rem !important}.ml-lg-3,.mx-lg-3{margin-left:1rem !important}.m-lg-4{margin:1.5rem !important}.mt-lg-4,.my-lg-4{margin-top:1.5rem !important}.mr-lg-4,.mx-lg-4{margin-right:1.5rem !important}.mb-lg-4,.my-lg-4{margin-bottom:1.5rem !important}.ml-lg-4,.mx-lg-4{margin-left:1.5rem !important}.m-lg-5{margin:3rem !important}.mt-lg-5,.my-lg-5{margin-top:3rem !important}.mr-lg-5,.mx-lg-5{margin-right:3rem !important}.mb-lg-5,.my-lg-5{margin-bottom:3rem !important}.ml-lg-5,.mx-lg-5{margin-left:3rem !important}.p-lg-0{padding:0 !important}.pt-lg-0,.py-lg-0{padding-top:0 !important}.pr-lg-0,.px-lg-0{padding-right:0 !important}.pb-lg-0,.py-lg-0{padding-bottom:0 !important}.pl-lg-0,.px-lg-0{padding-left:0 !important}.p-lg-1{padding:0.25rem !important}.pt-lg-1,.py-lg-1{padding-top:0.25rem !important}.pr-lg-1,.px-lg-1{padding-right:0.25rem !important}.pb-lg-1,.py-lg-1{padding-bottom:0.25rem !important}.pl-lg-1,.px-lg-1{padding-left:0.25rem !important}.p-lg-2{padding:0.5rem !important}.pt-lg-2,.py-lg-2{padding-top:0.5rem !important}.pr-lg-2,.px-lg-2{padding-right:0.5rem !important}.pb-lg-2,.py-lg-2{padding-bottom:0.5rem !important}.pl-lg-2,.px-lg-2{padding-left:0.5rem !important}.p-lg-3{padding:1rem !important}.pt-lg-3,.py-lg-3{padding-top:1rem !important}.pr-lg-3,.px-lg-3{padding-right:1rem !important}.pb-lg-3,.py-lg-3{padding-bottom:1rem !important}.pl-lg-3,.px-lg-3{padding-left:1rem !important}.p-lg-4{padding:1.5rem !important}.pt-lg-4,.py-lg-4{padding-top:1.5rem !important}.pr-lg-4,.px-lg-4{padding-right:1.5rem !important}.pb-lg-4,.py-lg-4{padding-bottom:1.5rem !important}.pl-lg-4,.px-lg-4{padding-left:1.5rem !important}.p-lg-5{padding:3rem !important}.pt-lg-5,.py-lg-5{padding-top:3rem !important}.pr-lg-5,.px-lg-5{padding-right:3rem !important}.pb-lg-5,.py-lg-5{padding-bottom:3rem !important}.pl-lg-5,.px-lg-5{padding-left:3rem !important}.m-lg-n1{margin:-0.25rem !important}.mt-lg-n1,.my-lg-n1{margin-top:-0.25rem !important}.mr-lg-n1,.mx-lg-n1{margin-right:-0.25rem !important}.mb-lg-n1,.my-lg-n1{margin-bottom:-0.25rem !important}.ml-lg-n1,.mx-lg-n1{margin-left:-0.25rem !important}.m-lg-n2{margin:-0.5rem !important}.mt-lg-n2,.my-lg-n2{margin-top:-0.5rem !important}.mr-lg-n2,.mx-lg-n2{margin-right:-0.5rem !important}.mb-lg-n2,.my-lg-n2{margin-bottom:-0.5rem !important}.ml-lg-n2,.mx-lg-n2{margin-left:-0.5rem !important}.m-lg-n3{margin:-1rem !important}.mt-lg-n3,.my-lg-n3{margin-top:-1rem !important}.mr-lg-n3,.mx-lg-n3{margin-right:-1rem !important}.mb-lg-n3,.my-lg-n3{margin-bottom:-1rem !important}.ml-lg-n3,.mx-lg-n3{margin-left:-1rem !important}.m-lg-n4{margin:-1.5rem !important}.mt-lg-n4,.my-lg-n4{margin-top:-1.5rem !important}.mr-lg-n4,.mx-lg-n4{margin-right:-1.5rem !important}.mb-lg-n4,.my-lg-n4{margin-bottom:-1.5rem !important}.ml-lg-n4,.mx-lg-n4{margin-left:-1.5rem !important}.m-lg-n5{margin:-3rem !important}.mt-lg-n5,.my-lg-n5{margin-top:-3rem !important}.mr-lg-n5,.mx-lg-n5{margin-right:-3rem !important}.mb-lg-n5,.my-lg-n5{margin-bottom:-3rem !important}.ml-lg-n5,.mx-lg-n5{margin-left:-3rem !important}.m-lg-auto{margin:auto !important}.mt-lg-auto,.my-lg-auto{margin-top:auto !important}.mr-lg-auto,.mx-lg-auto{margin-right:auto !important}.mb-lg-auto,.my-lg-auto{margin-bottom:auto !important}.ml-lg-auto,.mx-lg-auto{margin-left:auto !important}}@media (min-width: 1200px){.m-xl-0{margin:0 !important}.mt-xl-0,.my-xl-0{margin-top:0 !important}.mr-xl-0,.mx-xl-0{margin-right:0 !important}.mb-xl-0,.my-xl-0{margin-bottom:0 !important}.ml-xl-0,.mx-xl-0{margin-left:0 !important}.m-xl-1{margin:0.25rem !important}.mt-xl-1,.my-xl-1{margin-top:0.25rem !important}.mr-xl-1,.mx-xl-1{margin-right:0.25rem !important}.mb-xl-1,.my-xl-1{margin-bottom:0.25rem !important}.ml-xl-1,.mx-xl-1{margin-left:0.25rem !important}.m-xl-2{margin:0.5rem !important}.mt-xl-2,.my-xl-2{margin-top:0.5rem !important}.mr-xl-2,.mx-xl-2{margin-right:0.5rem !important}.mb-xl-2,.my-xl-2{margin-bottom:0.5rem !important}.ml-xl-2,.mx-xl-2{margin-left:0.5rem !important}.m-xl-3{margin:1rem !important}.mt-xl-3,.my-xl-3{margin-top:1rem !important}.mr-xl-3,.mx-xl-3{margin-right:1rem !important}.mb-xl-3,.my-xl-3{margin-bottom:1rem !important}.ml-xl-3,.mx-xl-3{margin-left:1rem !important}.m-xl-4{margin:1.5rem !important}.mt-xl-4,.my-xl-4{margin-top:1.5rem !important}.mr-xl-4,.mx-xl-4{margin-right:1.5rem !important}.mb-xl-4,.my-xl-4{margin-bottom:1.5rem !important}.ml-xl-4,.mx-xl-4{margin-left:1.5rem !important}.m-xl-5{margin:3rem !important}.mt-xl-5,.my-xl-5{margin-top:3rem !important}.mr-xl-5,.mx-xl-5{margin-right:3rem !important}.mb-xl-5,.my-xl-5{margin-bottom:3rem !important}.ml-xl-5,.mx-xl-5{margin-left:3rem !important}.p-xl-0{padding:0 !important}.pt-xl-0,.py-xl-0{padding-top:0 !important}.pr-xl-0,.px-xl-0{padding-right:0 !important}.pb-xl-0,.py-xl-0{padding-bottom:0 !important}.pl-xl-0,.px-xl-0{padding-left:0 !important}.p-xl-1{padding:0.25rem !important}.pt-xl-1,.py-xl-1{padding-top:0.25rem !important}.pr-xl-1,.px-xl-1{padding-right:0.25rem !important}.pb-xl-1,.py-xl-1{padding-bottom:0.25rem !important}.pl-xl-1,.px-xl-1{padding-left:0.25rem !important}.p-xl-2{padding:0.5rem !important}.pt-xl-2,.py-xl-2{padding-top:0.5rem !important}.pr-xl-2,.px-xl-2{padding-right:0.5rem !important}.pb-xl-2,.py-xl-2{padding-bottom:0.5rem !important}.pl-xl-2,.px-xl-2{padding-left:0.5rem !important}.p-xl-3{padding:1rem !important}.pt-xl-3,.py-xl-3{padding-top:1rem !important}.pr-xl-3,.px-xl-3{padding-right:1rem !important}.pb-xl-3,.py-xl-3{padding-bottom:1rem !important}.pl-xl-3,.px-xl-3{padding-left:1rem !important}.p-xl-4{padding:1.5rem !important}.pt-xl-4,.py-xl-4{padding-top:1.5rem !important}.pr-xl-4,.px-xl-4{padding-right:1.5rem !important}.pb-xl-4,.py-xl-4{padding-bottom:1.5rem !important}.pl-xl-4,.px-xl-4{padding-left:1.5rem !important}.p-xl-5{padding:3rem !important}.pt-xl-5,.py-xl-5{padding-top:3rem !important}.pr-xl-5,.px-xl-5{padding-right:3rem !important}.pb-xl-5,.py-xl-5{padding-bottom:3rem !important}.pl-xl-5,.px-xl-5{padding-left:3rem !important}.m-xl-n1{margin:-0.25rem !important}.mt-xl-n1,.my-xl-n1{margin-top:-0.25rem !important}.mr-xl-n1,.mx-xl-n1{margin-right:-0.25rem !important}.mb-xl-n1,.my-xl-n1{margin-bottom:-0.25rem !important}.ml-xl-n1,.mx-xl-n1{margin-left:-0.25rem !important}.m-xl-n2{margin:-0.5rem !important}.mt-xl-n2,.my-xl-n2{margin-top:-0.5rem !important}.mr-xl-n2,.mx-xl-n2{margin-right:-0.5rem !important}.mb-xl-n2,.my-xl-n2{margin-bottom:-0.5rem !important}.ml-xl-n2,.mx-xl-n2{margin-left:-0.5rem !important}.m-xl-n3{margin:-1rem !important}.mt-xl-n3,.my-xl-n3{margin-top:-1rem !important}.mr-xl-n3,.mx-xl-n3{margin-right:-1rem !important}.mb-xl-n3,.my-xl-n3{margin-bottom:-1rem !important}.ml-xl-n3,.mx-xl-n3{margin-left:-1rem !important}.m-xl-n4{margin:-1.5rem !important}.mt-xl-n4,.my-xl-n4{margin-top:-1.5rem !important}.mr-xl-n4,.mx-xl-n4{margin-right:-1.5rem !important}.mb-xl-n4,.my-xl-n4{margin-bottom:-1.5rem !important}.ml-xl-n4,.mx-xl-n4{margin-left:-1.5rem !important}.m-xl-n5{margin:-3rem !important}.mt-xl-n5,.my-xl-n5{margin-top:-3rem !important}.mr-xl-n5,.mx-xl-n5{margin-right:-3rem !important}.mb-xl-n5,.my-xl-n5{margin-bottom:-3rem !important}.ml-xl-n5,.mx-xl-n5{margin-left:-3rem !important}.m-xl-auto{margin:auto !important}.mt-xl-auto,.my-xl-auto{margin-top:auto !important}.mr-xl-auto,.mx-xl-auto{margin-right:auto !important}.mb-xl-auto,.my-xl-auto{margin-bottom:auto !important}.ml-xl-auto,.mx-xl-auto{margin-left:auto !important}}.text-monospace{font-family:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace !important}.text-justify{text-align:justify !important}.text-wrap{white-space:normal !important}.text-nowrap{white-space:nowrap !important}.text-truncate{overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.text-left{text-align:left !important}.text-right{text-align:right !important}.text-center{text-align:center !important}@media (min-width: 576px){.text-sm-left{text-align:left !important}.text-sm-right{text-align:right !important}.text-sm-center{text-align:center !important}}@media (min-width: 768px){.text-md-left{text-align:left !important}.text-md-right{text-align:right !important}.text-md-center{text-align:center !important}}@media (min-width: 992px){.text-lg-left{text-align:left !important}.text-lg-right{text-align:right !important}.text-lg-center{text-align:center !important}}@media (min-width: 1200px){.text-xl-left{text-align:left !important}.text-xl-right{text-align:right !important}.text-xl-center{text-align:center !important}}.text-lowercase{text-transform:lowercase !important}.text-uppercase{text-transform:uppercase !important}.text-capitalize{text-transform:capitalize !important}.font-weight-light{font-weight:300 !important}.font-weight-lighter{font-weight:lighter !important}.font-weight-normal{font-weight:400 !important}.font-weight-bold{font-weight:700 !important}.font-weight-bolder{font-weight:bolder !important}.font-italic{font-style:italic !important}.text-white{color:#fff !important}.text-primary{color:#3A3F44 !important}a.text-primary:hover,a.text-primary:focus{color:#17191b !important}.text-secondary{color:#7A8288 !important}a.text-secondary:hover,a.text-secondary:focus{color:#565b60 !important}.text-success{color:#62c462 !important}a.text-success:hover,a.text-success:focus{color:#3b9e3b !important}.text-info{color:#5bc0de !important}a.text-info:hover,a.text-info:focus{color:#28a1c5 !important}.text-warning{color:#f89406 !important}a.text-warning:hover,a.text-warning:focus{color:#ad6704 !important}.text-danger{color:#ee5f5b !important}a.text-danger:hover,a.text-danger:focus{color:#e51d18 !important}.text-light{color:#e9ecef !important}a.text-light:hover,a.text-light:focus{color:#bdc6cf !important}.text-dark{color:#272B30 !important}a.text-dark:hover,a.text-dark:focus{color:#050506 !important}.text-body{color:#aaa !important}.text-muted{color:#7A8288 !important}.text-black-50{color:rgba(0,0,0,0.5) !important}.text-white-50{color:rgba(255,255,255,0.5) !important}.text-hide{font:0/0 a;color:transparent;text-shadow:none;background-color:transparent;border:0}.text-decoration-none{text-decoration:none !important}.text-break{word-break:break-word !important;overflow-wrap:break-word !important}.text-reset{color:inherit !important}.visible{visibility:visible !important}.invisible{visibility:hidden !important}@media print{*,*::before,*::after{text-shadow:none !important;-webkit-box-shadow:none !important;box-shadow:none !important}a:not(.btn){text-decoration:underline}abbr[title]::after{content:" (" attr(title) ")"}pre{white-space:pre-wrap !important}pre,blockquote{border:1px solid #999;page-break-inside:avoid}thead{display:table-header-group}tr,img{page-break-inside:avoid}p,h2,h3{orphans:3;widows:3}h2,h3{page-break-after:avoid}@page{size:a3}body{min-width:992px !important}.container{min-width:992px !important}.navbar{display:none}.badge{border:1px solid #000}.table{border-collapse:collapse !important}.table td,.table th{background-color:#fff !important}.table-bordered th,.table-bordered td{border:1px solid #dee2e6 !important}.table-dark{color:inherit}.table-dark th,.table-dark td,.table-dark thead th,.table-dark tbody+tbody{border-color:rgba(0,0,0,0.6)}.table .thead-dark th{color:inherit;border-color:rgba(0,0,0,0.6)}}.navbar{border:1px solid rgba(0,0,0,0.6);text-shadow:1px 1px 1px rgba(0,0,0,0.3)}.navbar .container{padding:0}.navbar .navbar-toggler{border-color:rgba(0,0,0,0.6)}.navbar-fixed-top{border-width:0 0 1px 0}.navbar-fixed-bottom{border-width:1px 0 0 0}.navbar .nav-link{padding:1rem;border-left:1px solid rgba(255,255,255,0.1);border-right:1px solid rgba(0,0,0,0.2)}.navbar .nav-link:hover,.navbar .nav-link:focus{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none;border-left:1px solid rgba(0,0,0,0.2)}.navbar-brand{padding:0.75rem 1rem calc(54px - 0.75rem - 30px);margin-right:0;border-right:1px solid rgba(0,0,0,0.2)}.navbar .nav-item.active .nav-link{background-color:rgba(0,0,0,0.3);border-left:1px solid rgba(0,0,0,0.2)}.navbar-nav .nav-item+.nav-item{margin-left:0}.navbar.bg-light{text-shadow:1px 1px 1px rgba(0,0,0,0.1)}.navbar.bg-light .nav-link:hover,.navbar.bg-light .nav-link:focus{background-image:-webkit-gradient(linear, left top, left bottom, from(#4e5458), color-stop(40%, #565b60), to(#5b6165));background-image:linear-gradient(#4e5458, #565b60 40%, #5b6165);background-repeat:no-repeat;-webkit-filter:none;filter:none;border-left:1px solid rgba(0,0,0,0.2)}@media (max-width: 576px){.navbar-expand-sm .navbar-brand,.navbar-expand-sm .nav-link{border:none !important}}@media (max-width: 768px){.navbar-expand-md .navbar-brand,.navbar-expand-md .nav-link{border:none !important}}@media (max-width: 992px){.navbar-expand-lg .navbar-brand,.navbar-expand-lg .nav-link{border:none !important}}.btn{border-color:rgba(0,0,0,0.6);text-shadow:1px 1px 1px rgba(0,0,0,0.3)}.btn:not([disabled]):not(.disabled).active,.btn.disabled{border-color:rgba(0,0,0,0.6);-webkit-box-shadow:none;box-shadow:none}.btn:hover,.btn:focus,.btn:not([disabled]):not(.disabled):active,.btn:not([disabled]):not(.disabled):active:hover,.btn:not([disabled]):not(.disabled).active:hover{border-color:rgba(0,0,0,0.6)}.btn-primary{background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-primary:not([disabled]):not(.disabled):hover,.btn-primary:not([disabled]):not(.disabled):focus,.btn-primary:not([disabled]):not(.disabled):active:hover,.btn-primary:not([disabled]):not(.disabled).active:hover{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-secondary{background-image:-webkit-gradient(linear, left top, left bottom, from(#8a9196), color-stop(60%, #7A8288), to(#70787d));background-image:linear-gradient(#8a9196, #7A8288 60%, #70787d);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-secondary:not([disabled]):not(.disabled):hover,.btn-secondary:not([disabled]):not(.disabled):focus,.btn-secondary:not([disabled]):not(.disabled):active,.btn-secondary:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#4e5458), color-stop(40%, #565b60), to(#5b6165));background-image:linear-gradient(#4e5458, #565b60 40%, #5b6165);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-success{background-image:-webkit-gradient(linear, left top, left bottom, from(#78cc78), color-stop(60%, #62c462), to(#53be53));background-image:linear-gradient(#78cc78, #62c462 60%, #53be53);background-repeat:no-repeat;-webkit-filter:none;filter:none;color:#fff}.btn-success:not([disabled]):not(.disabled):hover,.btn-success:not([disabled]):not(.disabled):focus,.btn-success:not([disabled]):not(.disabled):active,.btn-success:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#379337), color-stop(40%, #3b9e3b), to(#3ea63e));background-image:linear-gradient(#379337, #3b9e3b 40%, #3ea63e);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-info{background-image:-webkit-gradient(linear, left top, left bottom, from(#74cae3), color-stop(60%, #5bc0de), to(#4ab9db));background-image:linear-gradient(#74cae3, #5bc0de 60%, #4ab9db);background-repeat:no-repeat;-webkit-filter:none;filter:none;color:#fff}.btn-info:not([disabled]):not(.disabled):hover,.btn-info:not([disabled]):not(.disabled):focus,.btn-info:not([disabled]):not(.disabled):active,.btn-info:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#2596b8), color-stop(40%, #28a1c5), to(#29a8cd));background-image:linear-gradient(#2596b8, #28a1c5 40%, #29a8cd);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-warning{background-image:-webkit-gradient(linear, left top, left bottom, from(#faa123), color-stop(60%, #f89406), to(#e48806));background-image:linear-gradient(#faa123, #f89406 60%, #e48806);background-repeat:no-repeat;-webkit-filter:none;filter:none;color:#fff}.btn-warning:not([disabled]):not(.disabled):hover,.btn-warning:not([disabled]):not(.disabled):focus,.btn-warning:not([disabled]):not(.disabled):active,.btn-warning:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#9e5f04), color-stop(40%, #ad6704), to(#b76d04));background-image:linear-gradient(#9e5f04, #ad6704 40%, #b76d04);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-danger{background-image:-webkit-gradient(linear, left top, left bottom, from(#f17a77), color-stop(60%, #ee5f5b), to(#ec4d49));background-image:linear-gradient(#f17a77, #ee5f5b 60%, #ec4d49);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-danger:not([disabled]):not(.disabled):hover,.btn-danger:not([disabled]):not(.disabled):focus,.btn-danger:not([disabled]):not(.disabled):active,.btn-danger:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#d71c16), color-stop(40%, #e51d18), to(#e8241f));background-image:linear-gradient(#d71c16, #e51d18 40%, #e8241f);background-repeat:no-repeat;-webkit-filter:none;filter:none}.btn-link,.btn-link:hover{border-color:transparent}.btn-group .btn.active,.btn-group-vertical .btn.active{border-color:rgba(0,0,0,0.6)}h1,h2,h3,h4,h5,h6{text-shadow:-1px -1px 0 rgba(0,0,0,0.3)}.table-primary,.table-secondary,.table-success,.table-info,.table-warning,.table-danger{color:#fff}.table-primary,.table-primary>th,.table-primary>td{background-color:#3A3F44}.table-secondary,.table-secondary>th,.table-secondary>td{background-color:#7A8288}.table-light,.table-light>th,.table-light>td{background-color:#e9ecef}.table-dark,.table-dark>th,.table-dark>td{background-color:#272B30}.table-success,.table-success>th,.table-success>td{background-color:#62c462}.table-info,.table-info>th,.table-info>td{background-color:#5bc0de}.table-danger,.table-danger>th,.table-danger>td{background-color:#ee5f5b}.table-warning,.table-warning>th,.table-warning>td{background-color:#f89406}.table-active,.table-active>th,.table-active>td{background-color:rgba(255,255,255,0.075)}.table-hover .table-primary:hover,.table-hover .table-primary:hover>th,.table-hover .table-primary:hover>td{background-color:#2e3236}.table-hover .table-secondary:hover,.table-hover .table-secondary:hover>th,.table-hover .table-secondary:hover>td{background-color:#6e757b}.table-hover .table-light:hover,.table-hover .table-light:hover>th,.table-hover .table-light:hover>td{background-color:#dadfe4}.table-hover .table-dark:hover,.table-hover .table-dark:hover>th,.table-hover .table-dark:hover>td{background-color:#1c1e22}.table-hover .table-success:hover,.table-hover .table-success:hover>th,.table-hover .table-success:hover>td{background-color:#4fbd4f}.table-hover .table-info:hover,.table-hover .table-info:hover>th,.table-hover .table-info:hover>td{background-color:#46b8da}.table-hover .table-danger:hover,.table-hover .table-danger:hover>th,.table-hover .table-danger:hover>td{background-color:#ec4844}.table-hover .table-warning:hover,.table-hover .table-warning:hover>th,.table-hover .table-warning:hover>td{background-color:#df8505}.table-hover .table-active:hover,.table-hover .table-active:hover>th,.table-hover .table-active:hover>td{background-color:rgba(255,255,255,0.075)}legend{color:#fff}.input-group-addon{background-image:-webkit-gradient(linear, left top, left bottom, from(#8a9196), color-stop(60%, #7A8288), to(#70787d));background-image:linear-gradient(#8a9196, #7A8288 60%, #70787d);background-repeat:no-repeat;-webkit-filter:none;filter:none;text-shadow:1px 1px 1px rgba(0,0,0,0.3);color:#fff}.nav-tabs .nav-link{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none;border:1px solid rgba(0,0,0,0.6)}.nav-tabs .nav-link:not([disabled]):not(.disabled):hover,.nav-tabs .nav-link:not([disabled]):not(.disabled):focus,.nav-tabs .nav-link:not([disabled]):not(.disabled):active,.nav-tabs .nav-link:not([disabled]):not(.disabled).active{background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none}.nav-tabs .nav-link.disabled{border:1px solid rgba(0,0,0,0.6)}.nav-tabs .nav-link,.nav-tabs .nav-link:hover{color:#fff}.nav-pills .nav-link{background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none;border:1px solid rgba(0,0,0,0.6);text-shadow:1px 1px 1px rgba(0,0,0,0.3);color:#fff}.nav-pills .nav-link:hover{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none;border:1px solid rgba(0,0,0,0.6)}.nav-pills .nav-link.active,.nav-pills .nav-link:hover{background-color:transparent;background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none;border:1px solid rgba(0,0,0,0.6)}.nav-pills .nav-link.disabled,.nav-pills .nav-link.disabled:hover{background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none;color:#7A8288}.pagination .page-link{text-shadow:1px 1px 1px rgba(0,0,0,0.3);background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none}.pagination .page-link:hover{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none;text-decoration:none}.pagination .page-item.active .page-link{background-image:-webkit-gradient(linear, left top, left bottom, from(#101112), color-stop(40%, #17191b), to(#1b1e20));background-image:linear-gradient(#101112, #17191b 40%, #1b1e20);background-repeat:no-repeat;-webkit-filter:none;filter:none}.pagination .page-item.disabled .page-link{background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none}.breadcrumb{border:1px solid rgba(0,0,0,0.6);text-shadow:1px 1px 1px rgba(0,0,0,0.3);background-color:transparent;background-image:-webkit-gradient(linear, left top, left bottom, from(#484e55), color-stop(60%, #3A3F44), to(#313539));background-image:linear-gradient(#484e55, #3A3F44 60%, #313539);background-repeat:no-repeat;-webkit-filter:none;filter:none}.breadcrumb a,.breadcrumb a:hover{color:#fff}.alert .close{color:#000;text-decoration:none}.alert{border:none;color:#fff}.alert a,.alert .alert-link{color:#fff;text-decoration:underline}.alert-primary{background-color:#3A3F44}.alert-secondary{background-color:#7A8288}.alert-success{background-color:#62c462}.alert-info{background-color:#5bc0de}.alert-warning{background-color:#f89406}.alert-danger{background-color:#ee5f5b}.alert-light{background-color:#e9ecef}.alert-dark{background-color:#272B30}.alert-light,.alert-light a:not(.btn),.alert-light .alert-link{color:#272B30}.badge-success,.badge-warning,.badge-info{color:#fff}.jumbotron{border:1px solid rgba(0,0,0,0.6)}.list-group-item:hover{background-color:#1c1e22}
diff --git a/file-upload/jquery-file-upload/index.html b/file-upload/jquery-file-upload/index.html
index 40245be48..aa95a3d09 100644
--- a/file-upload/jquery-file-upload/index.html
+++ b/file-upload/jquery-file-upload/index.html
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML>
-<!-- Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved. -->
+<!-- Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved. -->
 <html lang="en">
 <head>
 <!-- Force latest IE rendering engine or ChromeFrame if installed -->
@@ -10,9 +10,9 @@
 <title>%SITE_NAME%</title>
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 <!-- Bootstrap styles -->
-<link rel="stylesheet" href="bower_components/bootstrap/dist/css/bootstrap.min.css">
+<link rel="stylesheet" href="upload/bower_components/bootstrap/dist/css/bootstrap.min.css">
 <!-- bootstrap-tagsinput styles -->
-<link rel="stylesheet" href="bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.css">
+<link rel="stylesheet" href="upload/bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.css">
 <style media="screen" type="text/css">
 .bootstrap-tagsinput {
   width: 90%;
@@ -20,8 +20,21 @@
 .bootstrap-tagsinput .tag {
   margin-right: 2px;
   margin-left: 2px;
-  color: white;
-  background-color: #6A5ACD;
+  color: #fff;
+  background-image: linear-gradient(#78cc78, #62c462 60%, #53be53);
+  background-repeat: no-repeat;
+}
+.label {
+  display: inline;
+  padding: .2em .6em .3em;
+  font-size: 100%;
+  font-weight: 700;
+  line-height: 1;
+  color: #fff;
+  text-align: center;
+  white-space: nowrap;
+  vertical-align: baseline;
+  border-radius: .25em;
 }
 .center {
   text-align: center;
@@ -35,15 +48,15 @@
 }
 </style>
 <!-- Generic page styles -->
-<link rel="stylesheet" href="css/style.css">
+<link rel="stylesheet" href="upload/css/style.css">
 <!-- blueimp Gallery styles -->
-<link rel="stylesheet" href="bower_components/blueimp-gallery/css/blueimp-gallery.min.css">
+<link rel="stylesheet" href="upload/bower_components/blueimp-gallery/css/blueimp-gallery.min.css">
 <!-- CSS to style the file input field as button and adjust the Bootstrap progress bars -->
-<link rel="stylesheet" href="css/jquery.fileupload.css">
-<link rel="stylesheet" href="css/jquery.fileupload-ui.css">
+<link rel="stylesheet" href="upload/css/jquery.fileupload.css">
+<link rel="stylesheet" href="upload/css/jquery.fileupload-ui.css">
 <!-- CSS adjustments for browsers with JavaScript disabled -->
-<noscript><link rel="stylesheet" href="css/jquery.fileupload-noscript.css"></noscript>
-<noscript><link rel="stylesheet" href="css/jquery.fileupload-ui-noscript.css"></noscript>
+<noscript><link rel="stylesheet" href="upload/css/jquery.fileupload-noscript.css"></noscript>
+<noscript><link rel="stylesheet" href="upload/css/jquery.fileupload-ui-noscript.css"></noscript>
 <script>
 function toggle(checkboxID, toggleSelectID) {
     var checkbox = document.getElementById(checkboxID);
@@ -59,7 +72,7 @@
 </head>
 <body>
 <div class="container">
-    <img class="imgcenter" src="Malcolm_banner.png" alt="%SITE_NAME%">
+    <img class="imgcenter" src="upload/Malcolm_banner.png" alt="%SITE_NAME%">
     <div class="panel panel-default">
       <div class="panel-heading">
         <h3 class="panel-title center">%SITE_NAME%</h3>
@@ -68,21 +81,21 @@ <h3 class="panel-title center">%SITE_NAME%</h3>
     <br>
     <br>
     <!-- The file upload form used as target for the file upload widget -->
-    <form id="fileupload" action="/" method="POST" enctype="multipart/form-data">
+    <form id="fileupload" action="" method="POST" enctype="multipart/form-data">
         <!-- The fileupload-buttonbar contains buttons to add files and start/cancel the upload -->
         <div class="row fileupload-buttonbar">
             <div class="col-lg-7">
                 <!-- The fileinput-button span is used to style the file input field as button -->
-                <span class="btn btn-success fileinput-button">
+                <span class="btn btn-info fileinput-button">
                     <i class="glyphicon glyphicon-plus"></i>
                     <span>Add files...</span>
                     <input type="file" name="files[]" multiple>
                 </span>
-                <button type="submit" class="btn btn-primary start">
+                <button type="submit" class="btn btn-success start">
                     <i class="glyphicon glyphicon-upload"></i>
                     <span>Start upload</span>
                 </button>
-                <button type="reset" class="btn btn-warning cancel">
+                <button type="reset" class="btn btn-danger cancel">
                     <i class="glyphicon glyphicon-ban-circle"></i>
                     <span>Cancel upload</span>
                 </button>&nbsp;&nbsp;
@@ -149,13 +162,13 @@ <h3 class="title"></h3>
         </td>
         <td>
             {% if (!i && !o.options.autoUpload) { %}
-                <button class="btn btn-primary start" disabled>
+                <button class="btn btn-success start" disabled>
                     <i class="glyphicon glyphicon-upload"></i>
                     <span>Start</span>
                 </button>
             {% } %}
             {% if (!i) { %}
-                <button class="btn btn-warning cancel">
+                <button class="btn btn-danger cancel">
                     <i class="glyphicon glyphicon-ban-circle"></i>
                     <span>Cancel</span>
                 </button>
@@ -170,30 +183,30 @@ <h3 class="title"></h3>
     <tr class="template-download"/>
 {% } %}
 </script>
-<script src="bower_components/jquery/dist/jquery.min.js"></script>
+<script src="upload/bower_components/jquery/dist/jquery.min.js"></script>
 <!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
-<script src="js/vendor/jquery.ui.widget.js"></script>
+<script src="upload/js/vendor/jquery.ui.widget.js"></script>
 <!-- The Templates plugin is included to render the upload/download listings -->
-<script src="bower_components/blueimp-tmpl/js/tmpl.min.js"></script>
+<script src="upload/bower_components/blueimp-tmpl/js/tmpl.min.js"></script>
 <!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
+<script src="upload/bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
 <!-- blueimp Gallery script -->
-<script src="bower_components/blueimp-gallery/js/jquery.blueimp-gallery.min.js"></script>
+<script src="upload/bower_components/blueimp-gallery/js/jquery.blueimp-gallery.min.js"></script>
 <!-- bootstrap-tagsinput script -->
-<script src="bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.min.js"></script>
+<script src="upload/bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.min.js"></script>
 <!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
-<script src="js/jquery.iframe-transport.js"></script>
+<script src="upload/js/jquery.iframe-transport.js"></script>
 <!-- The basic File Upload plugin -->
-<script src="js/jquery.fileupload.js"></script>
+<script src="upload/js/jquery.fileupload.js"></script>
 <!-- The File Upload processing plugin -->
-<script src="js/jquery.fileupload-process.js"></script>
+<script src="upload/js/jquery.fileupload-process.js"></script>
 <!-- The File Upload user interface plugin -->
-<script src="js/jquery.fileupload-ui.js"></script>
+<script src="upload/js/jquery.fileupload-ui.js"></script>
 <!-- The main application script -->
-<script src="js/main.js"></script>
+<script src="upload/js/main.js"></script>
 <!-- The XDomainRequest Transport is included for cross-domain file deletion for IE 8 and IE 9 -->
 <!--[if (gte IE 8)&(lt IE 10)]>
-<script src="js/cors/jquery.xdr-transport.js"></script>
+<script src="upload/js/cors/jquery.xdr-transport.js"></script>
 <![endif]-->
 </body>
 </html>
diff --git a/file-upload/jquery-file-upload/index.php b/file-upload/jquery-file-upload/index.php
index ca9a3aa18..725a522f2 100644
--- a/file-upload/jquery-file-upload/index.php
+++ b/file-upload/jquery-file-upload/index.php
@@ -1,5 +1,5 @@
 <?php
-// Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+// Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 error_reporting(E_ALL | E_STRICT);
 require('UploadHandler.php');
 class CustomUploadHandler extends UploadHandler {
diff --git a/file-upload/nginx/sites-available/default b/file-upload/nginx/sites-available/default
index 72cf4e215..ac487a0de 100644
--- a/file-upload/nginx/sites-available/default
+++ b/file-upload/nginx/sites-available/default
@@ -3,23 +3,19 @@ server {
 
     sendfile on;
     client_max_body_size 20G;
-
-    proxy_buffer_size 128k;
-    proxy_buffers 4 256k;
-    proxy_busy_buffers_size 256k;
+    client_body_buffer_size 4M;
 
     root /var/www/upload;
     index index.php index.html index.htm;
 
-    server_name upload.malcolm.local;
-
-    location / {
-        try_files $uri $uri/ =404;
-    }
-
     location ~ \.php$ {
         include snippets/fastcgi-php.conf;
-        fastcgi_read_timeout 300;
+        fastcgi_buffers 16 64k;
+        fastcgi_buffer_size 256k;
+        fastcgi_read_timeout 300s;
+        fastcgi_send_timeout 300s;
+        fastcgi_busy_buffers_size 384k;
+        fastcgi_request_buffering off;
         fastcgi_pass unix:/run/php/php7.3-fpm.sock;
     }
 
diff --git a/file-upload/php/php.ini b/file-upload/php/php.ini
index 04cbf1cfb..7680c9be2 100644
--- a/file-upload/php/php.ini
+++ b/file-upload/php/php.ini
@@ -17,8 +17,8 @@ disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexi
 disable_classes =
 zend.enable_gc = On
 expose_php = Off
-max_execution_time = 600
-max_input_time = 600
+max_execution_time = 900
+max_input_time = 900
 memory_limit = 128M
 error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
 display_errors = Off
@@ -44,10 +44,10 @@ user_dir =
 enable_dl = Off
 file_uploads = On
 upload_max_filesize = 20G
-max_file_uploads = 20
+max_file_uploads = 8
 allow_url_fopen = On
 allow_url_include = Off
-default_socket_timeout = 60
+default_socket_timeout = 180
 
 [CLI Server]
 cli_server.color = On
diff --git a/file-upload/supervisord.conf b/file-upload/supervisord.conf
index d507b5683..ff0d303a2 100644
--- a/file-upload/supervisord.conf
+++ b/file-upload/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/filebeat/filebeat-nginx.yml b/filebeat/filebeat-nginx.yml
new file mode 100644
index 000000000..cb9df4e72
--- /dev/null
+++ b/filebeat/filebeat-nginx.yml
@@ -0,0 +1,40 @@
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+#================================ Modules ======================================
+filebeat.modules:
+- module: nginx
+  access:
+    enabled: true
+    var.paths: ["${FILEBEAT_NGINX_LOG_PATH:/data/nginx}/access.log*"]
+  error:
+    enabled: true
+    var.paths: ["${FILEBEAT_NGINX_LOG_PATH:/data/nginx}/error.log*"]
+
+#================================ Outputs ======================================
+
+#-------------------------- Elasticsearch output -------------------------------
+output.elasticsearch:
+  enabled: true
+  hosts: ["elasticsearch:9200"]
+  indices:
+    - index: "filebeat-%{[agent.version]}-nginx-%{+yyyy.MM.dd}"
+      when.equals:
+        event.module: "nginx"
+
+setup.template.enabled: true
+setup.template.overwrite: false
+setup.template.settings:
+  index.number_of_shards: 1
+  index.number_of_replicas: 0
+
+#============================== Dashboards =====================================
+setup.dashboards.enabled: true
+setup.dashboards.directory: "/usr/share/filebeat/kibana"
+
+#============================== Kibana =====================================
+setup.kibana:
+  host: "kibana:5601"
+  path: "/kibana"
+
+#================================ Logging ======================================
+logging.metrics.enabled: false
diff --git a/filebeat/filebeat.yml b/filebeat/filebeat.yml
index 23fab4d71..7299eb2ef 100644
--- a/filebeat/filebeat.yml
+++ b/filebeat/filebeat.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 logging.metrics.enabled: false
 
diff --git a/filebeat/scripts/filebeat-clean-zeeklogs-processed-folder.py b/filebeat/scripts/filebeat-clean-zeeklogs-processed-folder.py
index 395bf26cc..ddc5b1620 100755
--- a/filebeat/scripts/filebeat-clean-zeeklogs-processed-folder.py
+++ b/filebeat/scripts/filebeat-clean-zeeklogs-processed-folder.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 from __future__ import print_function
diff --git a/filebeat/scripts/filebeat-process-zeek-folder-functions.sh b/filebeat/scripts/filebeat-process-zeek-folder-functions.sh
index 6be174904..ab350ed03 100755
--- a/filebeat/scripts/filebeat-process-zeek-folder-functions.sh
+++ b/filebeat/scripts/filebeat-process-zeek-folder-functions.sh
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 function in_array() {
   local haystack="${1}[@]"
diff --git a/filebeat/scripts/filebeat-process-zeek-folder.sh b/filebeat/scripts/filebeat-process-zeek-folder.sh
index 83d62cc90..784ee2c06 100755
--- a/filebeat/scripts/filebeat-process-zeek-folder.sh
+++ b/filebeat/scripts/filebeat-process-zeek-folder.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 # for files (sort -V (natural)) under /data/zeek that:
@@ -10,8 +10,6 @@
 # 1. move file to processed/ (preserving original subdirectory heirarchy, if any)
 # 2. calculate tags based on splitting the file path and filename (splitting on
 #    on [, -/_])
-# 3. TODO: create symlinks in /data/zeek/current/ so that filebeat can find and process them
-# 4. TODO: who cleans them up later?
 
 FILEBEAT_PREPARE_PROCESS_COUNT=1
 
diff --git a/filebeat/scripts/filebeat-watch-zeeklogs-uploads-folder.sh b/filebeat/scripts/filebeat-watch-zeeklogs-uploads-folder.sh
index 6466517e8..df3c993e4 100755
--- a/filebeat/scripts/filebeat-watch-zeeklogs-uploads-folder.sh
+++ b/filebeat/scripts/filebeat-watch-zeeklogs-uploads-folder.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 PROCESS_DIR=${FILEBEAT_ZEEK_DIR:-/data/zeek/}
diff --git a/filebeat/scripts/zeek-log-field-bitmap.py b/filebeat/scripts/zeek-log-field-bitmap.py
index fa0bb4dfb..0e6a6ff7c 100755
--- a/filebeat/scripts/zeek-log-field-bitmap.py
+++ b/filebeat/scripts/zeek-log-field-bitmap.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # parse the fields names from the header of of the log file and compare them to the
diff --git a/filebeat/supervisord.conf b/filebeat/supervisord.conf
index 573846daf..2650ded0e 100644
--- a/filebeat/supervisord.conf
+++ b/filebeat/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
@@ -28,6 +28,24 @@ stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 redirect_stderr=true
 
+[program:filebeat-nginx]
+command=bash -c "/data/elastic_search_status.sh && /usr/local/bin/docker-entrypoint -e --strict.perms=false \
+  --path.home /usr/share/filebeat-nginx \
+  --path.config /usr/share/filebeat-nginx \
+  --path.data /usr/share/filebeat-nginx/data \
+  -c /usr/share/filebeat-nginx/filebeat-nginx.yml \
+  --modules nginx"
+user=filebeat
+autostart=%(ENV_NGINX_LOG_ACCESS_AND_ERRORS)s
+startsecs=30
+startretries=2000000000
+stopasgroup=true
+killasgroup=true
+directory=/usr/share/filebeat-nginx
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
 [program:watch-upload]
 command=/bin/bash -c "sleep 30 && /data/filebeat-watch-zeeklogs-uploads-folder.sh"
 startsecs=35
diff --git a/freq-server/supervisord.conf b/freq-server/supervisord.conf
new file mode 100644
index 000000000..af652db7b
--- /dev/null
+++ b/freq-server/supervisord.conf
@@ -0,0 +1,29 @@
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+[unix_http_server]
+file=/var/run/supervisor.sock   ; (the path to the socket file)
+chmod=0700
+
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+pidfile=/var/run/supervisord.pid
+childlogdir=/var/log/supervisor
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///var/run/supervisor.sock
+
+[program:freq]
+command=/usr/bin/python3 /opt/freq_server/freq_server.py -ip 0.0.0.0 %(ENV_FREQ_PORT)s /opt/freq_server/freq_table.freq
+user=%(ENV_FREQ_USER)s
+autostart=%(ENV_FREQ_LOOKUP)s
+startsecs=5
+startretries=2000000000
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
diff --git a/host-map.txt b/host-map.txt
index 0cdd628e0..3e30e5a5e 100644
--- a/host-map.txt
+++ b/host-map.txt
@@ -10,3 +10,5 @@
 #   required tag (optional): only check match and apply host name if the event
 #                            contains this tag
 #
+#  Alternatively, as of Malcolm v2.0 there is a web UI editor for defining address
+#  to host name maps, located at https://<Malcolm IP>/name-map-ui.
\ No newline at end of file
diff --git a/htadmin/docker-entrypoint.sh b/htadmin/docker-entrypoint.sh
deleted file mode 100755
index b15497a7d..000000000
--- a/htadmin/docker-entrypoint.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-
-if [[ -z $SITE_NAME || -z $MALCOLM_USERNAME || -z $MALCOLM_PASSWORD ]]
-then
-  echo "Please set the site name, username and (openssl-encrypted) password by adding the following arguments to docker run/create:"
-  echo "  -e SITE_NAME='...'"
-  echo "  -e MALCOLM_USERNAME='...'"
-  echo "  -e MALCOLM_PASSWORD='...'"
-  exit 1
-fi
-
-if ! getent passwd "$MALCOLM_USERNAME" >/dev/null
-then
-  # Make sure every container gets its own SSH host keys the first time around
-  rm -f /etc/ssh/ssh_host_*
-  dpkg-reconfigure openssh-server
-
-  useradd -g www-data -d /var/www/upload/server/php/chroot -s /sbin/nologin "$MALCOLM_USERNAME"
-  usermod --password "$MALCOLM_PASSWORD" "$MALCOLM_USERNAME"
-  chown "$MALCOLM_USERNAME:www-data" /var/www/upload/server/php/chroot/files
-  chmod 775 /var/www/upload/server/php/chroot/files
-
-  # This will break if $SITE_NAME contains a slash...
-  sed -i 's/%SITE_NAME%/'"$SITE_NAME"'/g' /var/www/upload/index.html
-
-else
-  echo "skipping one-time setup tasks" 1>&2
-fi
-
-exec "$@"
diff --git a/htadmin/supervisord.conf b/htadmin/supervisord.conf
index 984807c7a..c81749341 100644
--- a/htadmin/supervisord.conf
+++ b/htadmin/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/kibana/dashboards/024062a6-48d6-498f-a91a-3bf2da3a3cd3.json b/kibana/dashboards/024062a6-48d6-498f-a91a-3bf2da3a3cd3.json
index 383df668a..d03881149 100644
--- a/kibana/dashboards/024062a6-48d6-498f-a91a-3bf2da3a3cd3.json
+++ b/kibana/dashboards/024062a6-48d6-498f-a91a-3bf2da3a3cd3.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "024062a6-48d6-498f-a91a-3bf2da3a3cd3",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzEyLDFd",
+      "updated_at": "2020-02-13T20:18:00.229Z",
+      "version": "Wzg4NCwxXQ==",
       "attributes": {
         "title": "X.509",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"4\",\"gridData\":{\"w\":48,\"h\":68,\"x\":0,\"y\":96,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"zeek_x509.certificate_subject_full\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"7\",\"gridData\":{\"w\":20,\"h\":20,\"x\":8,\"y\":8,\"i\":\"7\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{}},{\"panelIndex\":\"8\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":48,\"i\":\"8\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":72,\"i\":\"9\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":20,\"h\":20,\"x\":28,\"y\":8,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"panelIndex\":\"11\",\"gridData\":{\"w\":40,\"h\":20,\"x\":8,\"y\":28,\"i\":\"11\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"12\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"12\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":17,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":48,\"w\":48,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":67,\"w\":48,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":25,\"y\":8,\"w\":23,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":25,\"y\":28,\"w\":23,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":28,\"w\":17,\"h\":20,\"i\":\"aa7075cb-f9ef-4453-8c5f-90eccc6883c7\"},\"panelIndex\":\"aa7075cb-f9ef-4453-8c5f-90eccc6883c7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":86,\"w\":48,\"h\":39,\"i\":\"2a9de8ad-b593-4bf3-9fc4-703580b95500\"},\"panelIndex\":\"2a9de8ad-b593-4bf3-9fc4-703580b95500\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}},\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,38 +31,43 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "858102a3-eec0-4ab3-82bb-a791e4eb364b"
+          "type": "visualization",
+          "id": "23d08a2e-2fa2-42df-bf75-dc5f3e5a79e7"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "23d08a2e-2fa2-42df-bf75-dc5f3e5a79e7"
+          "id": "d608f7dd-efea-49c4-b61d-a09d2a29148c"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "d608f7dd-efea-49c4-b61d-a09d2a29148c"
+          "id": "fabba18b-a1ed-4a90-a27c-bdcfed98eae1"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "fabba18b-a1ed-4a90-a27c-bdcfed98eae1"
+          "id": "193088ad-5112-435f-9e9f-ec9127ff8665"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "193088ad-5112-435f-9e9f-ec9127ff8665"
+          "id": "34d702ec-63e9-475d-ab0a-07d97ed4bd66"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "34d702ec-63e9-475d-ab0a-07d97ed4bd66"
+          "id": "AWDHGklsxQT5EBNmq4wG"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHGklsxQT5EBNmq4wG"
+          "id": "fa696510-4e9b-11ea-b504-97aa449f6abc"
+        },
+        {
+          "name": "panel_9",
+          "type": "search",
+          "id": "858102a3-eec0-4ab3-82bb-a791e4eb364b"
         }
       ],
       "migrationVersion": {
@@ -72,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T19:05:04.060Z",
+      "version": "WzgwMCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -92,8 +97,8 @@
     {
       "id": "0ce14883-eb54-4b30-aba0-b8b13021da11",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzQsMV0=",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"X.509 - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -116,50 +121,14 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "858102a3-eec0-4ab3-82bb-a791e4eb364b",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzUsMV0=",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "X.509 - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:x509\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "host",
-          "zeek_x509.certificate_subject_full",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "23d08a2e-2fa2-42df-bf75-dc5f3e5a79e7",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzYsMV0=",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3MSwxXQ==",
       "attributes": {
         "title": "X.509 - Certificate Signing Algorithm",
-        "visState": "{\"title\":\"X.509 - Certificate Signing Algorithm\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_x509.certificate_sig_alg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Algorithm\"}}]}",
+        "visState": "{\"title\":\"X.509 - Certificate Signing Algorithm\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Algorithm\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_x509.certificate_sig_alg\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Algorithm\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -170,8 +139,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "858102a3-eec0-4ab3-82bb-a791e4eb364b"
         }
       ],
@@ -182,8 +151,8 @@
     {
       "id": "d608f7dd-efea-49c4-b61d-a09d2a29148c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzcsMV0=",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"X.509 - Certificate Subject\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_x509.certificate_subject_full\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Subject\"}}],\"listeners\":{}}",
         "description": "",
@@ -209,8 +178,8 @@
     {
       "id": "fabba18b-a1ed-4a90-a27c-bdcfed98eae1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzgsMV0=",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"X.509 - Certificate Issuer\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_x509.certificate_issuer_full\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Issuer\"}}],\"listeners\":{}}",
         "description": "",
@@ -236,8 +205,8 @@
     {
       "id": "193088ad-5112-435f-9e9f-ec9127ff8665",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzksMV0=",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"X.509 - Certificate Key Length\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"Key Length\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_x509.certificate_key_length\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Key Length\"}}],\"listeners\":{}}",
         "description": "",
@@ -263,8 +232,8 @@
     {
       "id": "34d702ec-63e9-475d-ab0a-07d97ed4bd66",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzEwLDFd",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3NSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"X.509 - Certificate Key Algorithm\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_x509.certificate_key_alg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Algorithm\"}}],\"listeners\":{}}",
         "description": "",
@@ -290,8 +259,8 @@
     {
       "id": "AWDHGklsxQT5EBNmq4wG",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:03.894Z",
-      "version": "WzExLDFd",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3NiwxXQ==",
       "attributes": {
         "title": "X.509 - Log Count",
         "visState": "{\"title\":\"X.509 - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -313,6 +282,109 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "fa696510-4e9b-11ea-b504-97aa449f6abc",
+      "type": "visualization",
+      "updated_at": "2020-02-13T20:04:01.633Z",
+      "version": "Wzg3MiwxXQ==",
+      "attributes": {
+        "title": "SSL - Relevant Notices",
+        "visState": "{\"title\":\"SSL - Relevant Notices\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Subcategory\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"1\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Subcategory\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"zeek_notice.category:(SSL OR CVE_2020_0601)\",\"language\":\"lucene\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "858102a3-eec0-4ab3-82bb-a791e4eb364b",
+      "type": "search",
+      "updated_at": "2020-02-13T19:04:04.463Z",
+      "version": "WzE3NywxXQ==",
+      "attributes": {
+        "title": "X.509 - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_x509.certificate_issuer.CN",
+          "zeek_x509.certificate_subject.CN",
+          "zeek_x509.certificate_sig_alg",
+          "zeek_x509.certificate_version",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:x509\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
+      "type": "search",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3NiwxXQ==",
+      "attributes": {
+        "title": "Notices - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_notice.category",
+          "zeek_notice.sub_category",
+          "srcIp",
+          "dstIp",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/05e3e000-f118-11e9-acda-83a8e29e1a24.json b/kibana/dashboards/05e3e000-f118-11e9-acda-83a8e29e1a24.json
index a0b5fb65e..633b2cfc5 100644
--- a/kibana/dashboards/05e3e000-f118-11e9-acda-83a8e29e1a24.json
+++ b/kibana/dashboards/05e3e000-f118-11e9-acda-83a8e29e1a24.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "05e3e000-f118-11e9-acda-83a8e29e1a24",
@@ -10,7 +10,7 @@
         "title": "LDAP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":27,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":54,\"w\":48,\"h\":21,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":18,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":26,\"y\":8,\"w\":22,\"h\":19,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":27,\"w\":25,\"h\":27,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"gridData\":{\"x\":25,\"y\":27,\"w\":23,\"h\":27,\"i\":\"9\"},\"version\":\"7.5.1\",\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":27,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":54,\"w\":48,\"h\":21,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":18,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":26,\"y\":8,\"w\":22,\"h\":19,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":27,\"w\":25,\"h\":27,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"gridData\":{\"x\":25,\"y\":27,\"w\":23,\"h\":27,\"i\":\"9\"},\"version\":\"7.6.2\",\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -71,7 +71,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b.json b/kibana/dashboards/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b.json
index 0bb32110f..b3d27d4d0 100644
--- a/kibana/dashboards/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b.json
+++ b/kibana/dashboards/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzM0LDFd",
+      "updated_at": "2020-02-12T16:36:54.266Z",
+      "version": "WzkxNCwxXQ==",
       "attributes": {
         "title": "FTP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"2\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":16,\"h\":24,\"x\":20,\"y\":8,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":32,\"i\":\"8\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":12,\"h\":24,\"x\":36,\"y\":8,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{}},{\"panelIndex\":\"10\",\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":56,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":56,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"12\",\"gridData\":{\"w\":16,\"h\":24,\"x\":8,\"y\":32,\"i\":\"12\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":80,\"i\":\"13\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"zeek_ftp.fuid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"14\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":56,\"i\":\"14\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"15\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"15\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":12,\"h\":24,\"x\":8,\"y\":8,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":47,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":8,\"w\":16,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":27,\"w\":24,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":8,\"w\":12,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":47,\"w\":16,\"h\":21,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":47,\"w\":16,\"h\":21,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":16,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":47,\"w\":16,\"h\":21,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":12,\"h\":19,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":68,\"w\":48,\"h\":37,\"i\":\"8a83e818-c814-4c25-8740-932d60d2457d\"},\"panelIndex\":\"8a83e818-c814-4c25-8740-932d60d2457d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -61,23 +61,23 @@
         },
         {
           "name": "panel_8",
-          "type": "search",
-          "id": "16375cb7-a30d-466c-a936-f0a3651f9adb"
+          "type": "visualization",
+          "id": "c5fd6f1b-20d7-4b10-bf12-0647e7f90e31"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "c5fd6f1b-20d7-4b10-bf12-0647e7f90e31"
+          "id": "AWDG9sT_xQT5EBNmq4DI"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "AWDG9sT_xQT5EBNmq4DI"
+          "id": "de354920-cb6d-4f9c-9527-d24d314f7681"
         },
         {
           "name": "panel_11",
-          "type": "visualization",
-          "id": "de354920-cb6d-4f9c-9527-d24d314f7681"
+          "type": "search",
+          "id": "16375cb7-a30d-466c-a936-f0a3651f9adb"
         }
       ],
       "migrationVersion": {
@@ -87,11 +87,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -107,8 +107,8 @@
     {
       "id": "baba321a-1dff-4c11-a8e3-27a473aa89c2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzIzLDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "Wzk3LDFd",
       "attributes": {
         "visState": "{\"title\":\"FTP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -134,8 +134,8 @@
     {
       "id": "f62bf46a-59d2-4e7d-9916-a93b09ffb198",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI0LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "Wzk4LDFd",
       "attributes": {
         "visState": "{\"title\":\"FTP - Argument\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ftp.arg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Argument\"}}],\"listeners\":{}}",
         "description": "",
@@ -161,8 +161,8 @@
     {
       "id": "0c8976ab-d720-43b0-ba40-c5f1abdc86aa",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI1LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "Wzk5LDFd",
       "attributes": {
         "visState": "{\"title\":\"FTP - Reply Message\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ftp.reply_msg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Reply Message\"}}],\"listeners\":{}}",
         "description": "",
@@ -188,8 +188,8 @@
     {
       "id": "d77cf99c-45b3-4d2f-b348-dc08331ea6c1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI2LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwMCwxXQ==",
       "attributes": {
         "title": "FTP - Reply Code",
         "visState": "{\"title\":\"FTP - Reply Code\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ftp.reply_code\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -215,8 +215,8 @@
     {
       "id": "2c30d743-052f-44bb-847c-dede4126a71d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI3LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FTP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -242,8 +242,8 @@
     {
       "id": "cf6a7cf7-0105-42d4-9e0c-c732361a7de9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI4LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FTP - Destination Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -269,8 +269,8 @@
     {
       "id": "9fe8ac77-cf19-473d-81cd-5fde544abed6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzI5LDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FTP - Username\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.user\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}}],\"listeners\":{}}",
         "description": "",
@@ -293,50 +293,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "16375cb7-a30d-466c-a936-f0a3651f9adb",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzMwLDFd",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "FTP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ftp\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "zeek_ftp.fuid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "c5fd6f1b-20d7-4b10-bf12-0647e7f90e31",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzMxLDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FTP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -362,8 +323,8 @@
     {
       "id": "AWDG9sT_xQT5EBNmq4DI",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzMyLDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwNiwxXQ==",
       "attributes": {
         "title": "FTP - Log Count",
         "visState": "{\"title\":\"FTP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -389,8 +350,8 @@
     {
       "id": "de354920-cb6d-4f9c-9527-d24d314f7681",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:05.966Z",
-      "version": "WzMzLDFd",
+      "updated_at": "2020-02-12T15:00:06.636Z",
+      "version": "WzEwNywxXQ==",
       "attributes": {
         "title": "FTP - Command",
         "visState": "{\"title\":\"FTP - Command\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ftp.command\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Command\"}}]}",
@@ -412,6 +373,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "16375cb7-a30d-466c-a936-f0a3651f9adb",
+      "type": "search",
+      "updated_at": "2020-02-12T16:36:18.461Z",
+      "version": "WzkxMiwxXQ==",
+      "attributes": {
+        "title": "FTP - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_ftp.command",
+          "zeek_ftp.reply_code",
+          "zeek.uid",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:ftp\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/0a490422-0ce9-44bf-9a2d-19329ddde8c3.json b/kibana/dashboards/0a490422-0ce9-44bf-9a2d-19329ddde8c3.json
index 4241db2c8..4313edb07 100644
--- a/kibana/dashboards/0a490422-0ce9-44bf-9a2d-19329ddde8c3.json
+++ b/kibana/dashboards/0a490422-0ce9-44bf-9a2d-19329ddde8c3.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "0a490422-0ce9-44bf-9a2d-19329ddde8c3",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzQzLDFd",
+      "updated_at": "2020-02-12T15:44:07.661Z",
+      "version": "Wzg1MSwxXQ==",
       "attributes": {
         "title": "PE",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":28,\"y\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":20,\"h\":16,\"x\":8,\"y\":8,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":48,\"h\":28,\"x\":0,\"y\":48,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{\"columns\":[\"zeek_pe.fuid\",\"zeek_pe.machine\",\"zeek_pe.is_exe\",\"zeek_pe.is_64bit\",\"zeek_pe.subsystem\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":24,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":24,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":43,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":16,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":16,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":24,\"w\":20,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":24,\"w\":20,\"h\":19,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":43,\"w\":48,\"h\":39,\"i\":\"7a770e13-2143-46e8-8e54-ae3cf477c4c4\"},\"panelIndex\":\"7a770e13-2143-46e8-8e54-ae3cf477c4c4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"}]",
         "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -41,23 +41,23 @@
         },
         {
           "name": "panel_4",
-          "type": "search",
-          "id": "13f6cda1-6b4d-4a7d-b72e-25eeabec8768"
+          "type": "visualization",
+          "id": "7c810b56-5297-4aed-abac-cff41dfa5c77"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "7c810b56-5297-4aed-abac-cff41dfa5c77"
+          "id": "0b774699-b798-40ae-ae92-2ac2a619eeb9"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "0b774699-b798-40ae-ae92-2ac2a619eeb9"
+          "id": "AWDHCUeZxQT5EBNmq4Xy"
         },
         {
           "name": "panel_7",
-          "type": "visualization",
-          "id": "AWDHCUeZxQT5EBNmq4Xy"
+          "type": "search",
+          "id": "13f6cda1-6b4d-4a7d-b72e-25eeabec8768"
         }
       ],
       "migrationVersion": {
@@ -67,11 +67,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -87,8 +87,8 @@
     {
       "id": "a44daac6-37e2-4fef-8b78-32232c4f32e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzM2LDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzExOCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"PE - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -114,8 +114,8 @@
     {
       "id": "6b1bf8b4-399b-4ef2-baeb-7f9b1740b657",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzM3LDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzExOSwxXQ==",
       "attributes": {
         "title": "PE - OS",
         "visState": "{\"title\":\"PE - OS\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_pe.os\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -141,8 +141,8 @@
     {
       "id": "59b3dd10-2de5-40d2-88ea-caf2bd3da549",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzM4LDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzEyMCwxXQ==",
       "attributes": {
         "title": "PE - Subsystem",
         "visState": "{\"title\":\"PE - Subsystem\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_pe.subsystem\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -165,47 +165,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "13f6cda1-6b4d-4a7d-b72e-25eeabec8768",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzM5LDFd",
-      "attributes": {
-        "sort": [
-          [
-            "@timestamp",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "PE - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:pe\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "zeek_pe.machine",
-          "zeek_pe.fuid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "7c810b56-5297-4aed-abac-cff41dfa5c77",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzQwLDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzEyMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"PE - Section Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_pe.section_names\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
         "description": "",
@@ -231,8 +195,8 @@
     {
       "id": "0b774699-b798-40ae-ae92-2ac2a619eeb9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzQxLDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzEyMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"PE - Machine\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_pe.machine\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Machine\"}}],\"listeners\":{}}",
         "description": "",
@@ -258,8 +222,8 @@
     {
       "id": "AWDHCUeZxQT5EBNmq4Xy",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:07.007Z",
-      "version": "WzQyLDFd",
+      "updated_at": "2020-02-12T15:00:07.665Z",
+      "version": "WzEyNCwxXQ==",
       "attributes": {
         "title": "PE - Log Count",
         "visState": "{\"title\":\"PE - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -281,6 +245,43 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "13f6cda1-6b4d-4a7d-b72e-25eeabec8768",
+      "type": "search",
+      "updated_at": "2020-02-12T15:43:23.994Z",
+      "version": "Wzg1MCwxXQ==",
+      "attributes": {
+        "title": "PE - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_pe.machine",
+          "zeek_pe.os",
+          "zeek_pe.subsystem",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "@timestamp",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:pe\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/0ad3d7c2-3441-485e-9dfe-dbb22e84e576.json b/kibana/dashboards/0ad3d7c2-3441-485e-9dfe-dbb22e84e576.json
index 38a9ecabf..14af99a28 100644
--- a/kibana/dashboards/0ad3d7c2-3441-485e-9dfe-dbb22e84e576.json
+++ b/kibana/dashboards/0ad3d7c2-3441-485e-9dfe-dbb22e84e576.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "0ad3d7c2-3441-485e-9dfe-dbb22e84e576",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzU0LDFd",
+      "updated_at": "2020-02-04T14:45:22.131Z",
+      "version": "WzgxMiwxXQ==",
       "attributes": {
         "title": "Overview",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":32,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"8\",\"gridData\":{\"w\":48,\"h\":64,\"x\":0,\"y\":132,\"i\":\"8\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"12\",\"gridData\":{\"w\":28,\"h\":8,\"x\":20,\"y\":0,\"i\":\"12\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"19\",\"gridData\":{\"w\":48,\"h\":16,\"x\":0,\"y\":56,\"i\":\"19\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"21\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":8,\"i\":\"21\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"43\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":8,\"i\":\"43\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"32\",\"gridData\":{\"w\":12,\"h\":8,\"x\":8,\"y\":0,\"i\":\"32\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":26,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":19,\"y\":0,\"w\":29,\"h\":8,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":26,\"w\":36,\"h\":18,\"i\":\"19\"},\"panelIndex\":\"19\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":11,\"h\":18,\"i\":\"21\"},\"panelIndex\":\"21\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":11,\"h\":8,\"i\":\"32\"},\"panelIndex\":\"32\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":26,\"w\":12,\"h\":18,\"i\":\"43\"},\"panelIndex\":\"43\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":19,\"y\":8,\"w\":13,\"h\":18,\"i\":\"2aab2ae5-2520-4b78-9735-04c32b22b71e\"},\"panelIndex\":\"2aab2ae5-2520-4b78-9735-04c32b22b71e\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":8,\"w\":16,\"h\":18,\"i\":\"e25371b4-5477-4d3f-9f68-df3399d1ef6a\"},\"panelIndex\":\"e25371b4-5477-4d3f-9f68-df3399d1ef6a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":44,\"w\":48,\"h\":27,\"i\":\"4c077648-488a-4fd8-9fcd-3042ec1bfa4d\"},\"panelIndex\":\"4c077648-488a-4fd8-9fcd-3042ec1bfa4d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -26,23 +26,23 @@
         },
         {
           "name": "panel_1",
-          "type": "search",
-          "id": "c97bc964-5319-41e7-ad22-db28156a2ac1"
+          "type": "visualization",
+          "id": "470c6648-d66f-4fae-99af-061cab27065a"
         },
         {
           "name": "panel_2",
           "type": "visualization",
-          "id": "470c6648-d66f-4fae-99af-061cab27065a"
+          "id": "3da52536-9455-4f8f-931a-14f4c04c636b"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "3da52536-9455-4f8f-931a-14f4c04c636b"
+          "id": "f7aba7a6-4b09-4efe-ae42-68d5637212ce"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "f7aba7a6-4b09-4efe-ae42-68d5637212ce"
+          "id": "AWDGyaGxxQT5EBNmq3K9"
         },
         {
           "name": "panel_5",
@@ -52,7 +52,17 @@
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "AWDGyaGxxQT5EBNmq3K9"
+          "id": "750367f0-41f2-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_7",
+          "type": "visualization",
+          "id": "77bd1870-46ce-11ea-91c3-61991161aaaf"
+        },
+        {
+          "name": "panel_8",
+          "type": "search",
+          "id": "c97bc964-5319-41e7-ad22-db28156a2ac1"
         }
       ],
       "migrationVersion": {
@@ -62,11 +72,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-04T14:21:03.422Z",
+      "version": "Wzc4MCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -79,50 +89,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "c97bc964-5319-41e7-ad22-db28156a2ac1",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "All Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "470c6648-d66f-4fae-99af-061cab27065a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzQ2LDFd",
+      "updated_at": "2020-02-04T14:20:08.110Z",
+      "version": "WzIxMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Total Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 30 seconds\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -148,11 +119,11 @@
     {
       "id": "3da52536-9455-4f8f-931a-14f4c04c636b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzQ3LDFd",
+      "updated_at": "2020-02-04T14:40:30.216Z",
+      "version": "WzgwNiwxXQ==",
       "attributes": {
         "title": "Connections - Service By Destination Country",
-        "visState": "{\"title\":\"Connections - Service By Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\",\"row\":false}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.service\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Service\"}}]}",
+        "visState": "{\"title\":\"Connections - Service By Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":3,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}],\"splitColumn\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":8,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\",\"row\":false}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Service\"}}]}",
         "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
@@ -163,8 +134,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -175,8 +146,8 @@
     {
       "id": "f7aba7a6-4b09-4efe-ae42-68d5637212ce",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzQ4LDFd",
+      "updated_at": "2020-02-04T14:20:08.110Z",
+      "version": "WzIxNCwxXQ==",
       "attributes": {
         "title": "Log Type",
         "visState": "{\"title\":\"Log Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.logType\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Log Type(s)\"}}]}",
@@ -199,11 +170,37 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "AWDGyaGxxQT5EBNmq3K9",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:08.110Z",
+      "version": "WzIxNSwxXQ==",
+      "attributes": {
+        "title": "Total Number of Logs",
+        "visState": "{\"title\":\"Total Number of Logs\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Total Number of Logs\"}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"match_all\":{}},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "6ec2abe4-c3b1-4cc1-8674-e80f8aee7ec5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzQ5LDFd",
+      "updated_at": "2020-02-04T14:20:08.110Z",
+      "version": "WzIxNiwxXQ==",
       "attributes": {
         "title": "DNS - Queries",
         "visState": "{\"title\":\"DNS - Queries\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.query\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query\"}}]}",
@@ -219,7 +216,7 @@
         {
           "type": "search",
           "name": "search_0",
-          "id": "6b8b8d7e-49eb-46b6-8bbf-cdbf295bccbd"
+          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
         }
       ],
       "migrationVersion": {
@@ -227,18 +224,18 @@
       }
     },
     {
-      "id": "AWDGyaGxxQT5EBNmq3K9",
+      "id": "750367f0-41f2-11ea-88fa-7151df485405",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzUwLDFd",
+      "updated_at": "2020-02-04T14:37:31.909Z",
+      "version": "WzgwMywxXQ==",
       "attributes": {
-        "title": "Total Number of Logs",
-        "visState": "{\"title\":\"Total Number of Logs\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Total Number of Logs\"}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "Application Protocol by Version",
+        "visState": "{\"title\":\"Application Protocol by Version\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":0,\"direction\":\"asc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Application Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service_version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol Version\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":0,\"direction\":\"asc\"}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"query\":{\"match_all\":{}},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
         }
       },
       "references": [
@@ -253,32 +250,100 @@
       }
     },
     {
-      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
+      "id": "77bd1870-46ce-11ea-91c3-61991161aaaf",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:08.110Z",
+      "version": "WzIxNywxXQ==",
+      "attributes": {
+        "title": "Actions",
+        "visState": "{\"title\":\"Actions\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Protocol\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.action\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Action\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "c97bc964-5319-41e7-ad22-db28156a2ac1",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-04T14:44:15.353Z",
+      "version": "WzgwOSwxXQ==",
       "attributes": {
+        "title": "All Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.logType",
+          "zeek.service",
+          "zeek.action",
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":\"zeek.logType:*\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
+      "type": "search",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
+      "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
         "columns": [
+          "zeek.proto",
+          "zeek.service",
           "srcIp",
           "srcPort",
           "dstIp",
           "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "totBytes",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
@@ -292,32 +357,31 @@
       }
     },
     {
-      "id": "6b8b8d7e-49eb-46b6-8bbf-cdbf295bccbd",
+      "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:08.051Z",
-      "version": "WzUzLDFd",
+      "updated_at": "2020-02-12T16:25:47.761Z",
+      "version": "WzkwMywxXQ==",
       "attributes": {
+        "title": "DNS - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "zeek_dns.query",
+          "zeek_dns.answers",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "DNS - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dns\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:dns\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0.json b/kibana/dashboards/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0.json
index ed3430204..e43b08ee1 100644
--- a/kibana/dashboards/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0.json
+++ b/kibana/dashboards/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:09.090Z",
-      "version": "WzU4LDFd",
+      "updated_at": "2020-02-13T15:36:58.939Z",
+      "version": "WzkzMiwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Top Connection Duration",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{\"mapCenter\":[39.639537564366684,0.17578125],\"mapZoom\":2}},{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":null},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"2e33c0bf-ffb8-408b-ab32-0c6539074ea6\"},\"panelIndex\":\"2e33c0bf-ffb8-408b-ab32-0c6539074ea6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"92ba4d29-ba43-4806-b545-79f60788c795\"},\"panelIndex\":\"92ba4d29-ba43-4806-b545-79f60788c795\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,8 +47,8 @@
     {
       "id": "53854a54-2b8b-474e-a36c-bce80276004e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:09.090Z",
-      "version": "WzU1LDFd",
+      "updated_at": "2020-02-13T14:16:09.737Z",
+      "version": "WzEyMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Destination - Top Connection Duration\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -64,11 +74,67 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -84,30 +150,32 @@
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa.json b/kibana/dashboards/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa.json
index a0c443d45..598fe93ec 100644
--- a/kibana/dashboards/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa.json
+++ b/kibana/dashboards/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "Wzc0LDFd",
+      "updated_at": "2020-02-12T19:07:43.219Z",
+      "version": "WzExMDAsMV0=",
       "attributes": {
         "title": "SIP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":0,\"y\":72,\"w\":16,\"h\":24,\"i\":\"5\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":16,\"y\":72,\"w\":16,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":20,\"y\":8,\"w\":12,\"h\":16,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{}},{\"panelIndex\":\"11\",\"gridData\":{\"x\":0,\"y\":96,\"w\":48,\"h\":24,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"13\",\"gridData\":{\"x\":20,\"y\":48,\"w\":28,\"h\":24,\"i\":\"13\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":32,\"y\":24,\"w\":16,\"h\":24,\"i\":\"14\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":48,\"w\":20,\"h\":24,\"i\":\"15\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":8,\"y\":8,\"w\":12,\"h\":16,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":120,\"w\":48,\"h\":30,\"i\":\"17\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"18\",\"gridData\":{\"x\":32,\"y\":8,\"w\":16,\"h\":16,\"i\":\"18\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"panelIndex\":\"19\",\"gridData\":{\"x\":32,\"y\":72,\"w\":16,\"h\":24,\"i\":\"19\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"},{\"panelIndex\":\"20\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"20\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\"},{\"panelIndex\":\"21\",\"gridData\":{\"x\":8,\"y\":24,\"w\":24,\"h\":24,\"i\":\"21\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_14\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":63,\"w\":17,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":17,\"y\":63,\"w\":17,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":8,\"w\":12,\"h\":16,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":44,\"w\":23,\"h\":19,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":23,\"y\":44,\"w\":25,\"h\":19,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":25,\"y\":24,\"w\":23,\"h\":20,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":12,\"h\":16,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":8,\"w\":16,\"h\":16,\"i\":\"18\"},\"panelIndex\":\"18\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":34,\"y\":63,\"w\":14,\"h\":19,\"i\":\"19\"},\"panelIndex\":\"19\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"20\"},\"panelIndex\":\"20\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":24,\"w\":17,\"h\":20,\"i\":\"21\"},\"panelIndex\":\"21\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":82,\"w\":48,\"h\":32,\"i\":\"986e38d3-b2fb-44cb-b4b3-efaa2d46ff62\"},\"panelIndex\":\"986e38d3-b2fb-44cb-b4b3-efaa2d46ff62\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -62,37 +62,32 @@
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "c0520b7a-6fb5-4f07-aebc-56dcb406c7e3"
+          "id": "068db209-7174-4082-a758-68c6b09224c6"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "068db209-7174-4082-a758-68c6b09224c6"
+          "id": "07d161d5-c6b3-4a51-bef7-d53a325e945a"
         },
         {
           "name": "panel_10",
-          "type": "search",
-          "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3"
+          "type": "visualization",
+          "id": "46d7e33f-ec02-41ab-977c-7e164c80f6ef"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "07d161d5-c6b3-4a51-bef7-d53a325e945a"
+          "id": "AWDHDNS4xQT5EBNmq4dF"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "46d7e33f-ec02-41ab-977c-7e164c80f6ef"
+          "id": "fff2c100-32e4-402c-98cc-4a977010a427"
         },
         {
           "name": "panel_13",
-          "type": "visualization",
-          "id": "AWDHDNS4xQT5EBNmq4dF"
-        },
-        {
-          "name": "panel_14",
-          "type": "visualization",
-          "id": "fff2c100-32e4-402c-98cc-4a977010a427"
+          "type": "search",
+          "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3"
         }
       ],
       "migrationVersion": {
@@ -102,11 +97,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -122,8 +117,8 @@
     {
       "id": "00051443-ad3a-4c91-81a8-928096b8d5c2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzYwLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE2OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -149,8 +144,8 @@
     {
       "id": "2a9cf114-30d2-4b27-a71b-cde90dc26c9a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzYxLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE2OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -176,8 +171,8 @@
     {
       "id": "d5c39a42-e7c1-447c-afce-53fea7e5d971",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzYyLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -203,11 +198,11 @@
     {
       "id": "72cf657f-b027-4d0b-814d-9bb3ebada4f6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzYzLDFd",
+      "updated_at": "2020-02-12T18:51:05.966Z",
+      "version": "WzEwODMsMV0=",
       "attributes": {
         "title": "SIP - Destination Country",
-        "visState": "{\"title\":\"SIP - Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
+        "visState": "{\"title\":\"SIP - Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek.destination_geo.country_name: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -218,8 +213,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3"
         }
       ],
@@ -230,8 +225,8 @@
     {
       "id": "1968f84a-1b85-44ea-b9ba-c6af98aeb8bb",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY0LDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Request Path\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.request_path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Request Path\"}}],\"listeners\":{}}",
         "description": "",
@@ -257,8 +252,8 @@
     {
       "id": "7eb073ce-5c1f-4319-9eb8-1bf25399dcd9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY1LDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - URI\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.uri\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"URI\"}}],\"listeners\":{}}",
         "description": "",
@@ -284,8 +279,8 @@
     {
       "id": "f39d0316-33cd-4dc3-ad9d-bdf488f4e80c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY2LDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - User Agent\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.user_agent\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"User Agent\"}}],\"listeners\":{}}",
         "description": "",
@@ -308,41 +303,14 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "c0520b7a-6fb5-4f07-aebc-56dcb406c7e3",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY3LDFd",
-      "attributes": {
-        "visState": "{\"title\":\"SIP - Content Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.content_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Content Type\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "SIP - Content Type",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
     {
       "id": "068db209-7174-4082-a758-68c6b09224c6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY4LDFd",
+      "updated_at": "2020-02-12T18:55:56.702Z",
+      "version": "WzEwODgsMV0=",
       "attributes": {
         "title": "SIP - Content Type",
-        "visState": "{\"title\":\"SIP - Content Type\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_sip.content_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
+        "visState": "{\"title\":\"SIP - Content Type\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_sip.content_type: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_sip.content_type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Content Type\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -353,8 +321,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3"
         }
       ],
@@ -362,50 +330,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzY5LDFd",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SIP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:sip\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "07d161d5-c6b3-4a51-bef7-d53a325e945a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzcwLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Method\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_sip.method\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Method\"}}],\"listeners\":{}}",
         "description": "",
@@ -431,8 +360,8 @@
     {
       "id": "46d7e33f-ec02-41ab-977c-7e164c80f6ef",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzcxLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE3OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SIP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
         "description": "",
@@ -458,8 +387,8 @@
     {
       "id": "AWDHDNS4xQT5EBNmq4dF",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzcyLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE4MCwxXQ==",
       "attributes": {
         "title": "SIP - Log Count",
         "visState": "{\"title\":\"SIP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -485,8 +414,8 @@
     {
       "id": "fff2c100-32e4-402c-98cc-4a977010a427",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:10.133Z",
-      "version": "WzczLDFd",
+      "updated_at": "2020-02-12T15:00:10.763Z",
+      "version": "WzE4MSwxXQ==",
       "attributes": {
         "title": "SIP - Status",
         "visState": "{\"title\":\"SIP - Status\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.status_code\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Code\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_sip.status_msg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Message\"}}]}",
@@ -508,6 +437,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "78fb078f-c0fe-4462-b72c-bccfd8329ca3",
+      "type": "search",
+      "updated_at": "2020-02-12T19:06:32.821Z",
+      "version": "WzEwOTksMV0=",
+      "attributes": {
+        "title": "SIP - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_sip.method",
+          "zeek_sip.content_type",
+          "zeek_sip.status_msg",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:sip\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/11be6381-beef-40a7-bdce-88c5398392fc.json b/kibana/dashboards/11be6381-beef-40a7-bdce-88c5398392fc.json
index 4068721e5..9e69559de 100644
--- a/kibana/dashboards/11be6381-beef-40a7-bdce-88c5398392fc.json
+++ b/kibana/dashboards/11be6381-beef-40a7-bdce-88c5398392fc.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "11be6381-beef-40a7-bdce-88c5398392fc",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzg1LDFd",
+      "updated_at": "2020-02-12T21:18:49.326Z",
+      "version": "WzEyNzAsMV0=",
       "attributes": {
         "title": "Tunnels",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":20,\"h\":20,\"x\":28,\"y\":8,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":48,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":48,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":72,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"gridData\":{\"w\":20,\"h\":20,\"x\":8,\"y\":8,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":40,\"h\":20,\"x\":8,\"y\":28,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":48,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":31,\"y\":8,\"w\":17,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":18,\"y\":48,\"w\":18,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":48,\"w\":18,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":23,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":28,\"w\":40,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":48,\"w\":12,\"h\":19,\"i\":\"bf1d77e6-2814-479a-8abc-6854aaba0d6d\"},\"panelIndex\":\"bf1d77e6-2814-479a-8abc-6854aaba0d6d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":67,\"w\":48,\"h\":36,\"i\":\"4c91cf0e-8f00-4682-88e9-e7a4da9cb818\"},\"panelIndex\":\"4c91cf0e-8f00-4682-88e9-e7a4da9cb818\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -46,18 +46,18 @@
         },
         {
           "name": "panel_5",
-          "type": "search",
-          "id": "f166f708-f838-4c50-84cc-1fb99f7d7060"
+          "type": "visualization",
+          "id": "7b5a1e84-eb4d-4a4f-9b8b-e325ff81d89a"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "7b5a1e84-eb4d-4a4f-9b8b-e325ff81d89a"
+          "id": "56a5dece-0790-4acc-b166-6628cf10a596"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "56a5dece-0790-4acc-b166-6628cf10a596"
+          "id": "AWDHFYrqxQT5EBNmq4qT"
         },
         {
           "name": "panel_8",
@@ -66,8 +66,8 @@
         },
         {
           "name": "panel_9",
-          "type": "visualization",
-          "id": "AWDHFYrqxQT5EBNmq4qT"
+          "type": "search",
+          "id": "f166f708-f838-4c50-84cc-1fb99f7d7060"
         }
       ],
       "migrationVersion": {
@@ -77,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +97,8 @@
     {
       "id": "ea729cd0-2c77-4c5a-8ffa-11ff19d1e369",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzc2LDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzE5NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Tunnels - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -124,8 +124,8 @@
     {
       "id": "ab721f9e-240e-4343-b71c-9c04d2d704f5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzc3LDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzE5NSwxXQ==",
       "attributes": {
         "title": "Tunnels - Type",
         "visState": "{\"title\":\"Tunnels - Type\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_tunnel.tunnel_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -151,8 +151,8 @@
     {
       "id": "018337e2-9178-4021-a36f-a1e7098b9b86",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzc4LDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzE5NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Tunnels - Destination Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -178,8 +178,8 @@
     {
       "id": "8eb2b344-150b-4163-b6c1-e686bb7027d5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzc5LDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzE5NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Tunnels - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -202,50 +202,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "f166f708-f838-4c50-84cc-1fb99f7d7060",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "WzgwLDFd",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "Tunnels - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:tunnel\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "7b5a1e84-eb4d-4a4f-9b8b-e325ff81d89a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "WzgxLDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzE5OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Tunnels - Country\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"Country\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}",
         "description": "",
@@ -271,8 +232,8 @@
     {
       "id": "56a5dece-0790-4acc-b166-6628cf10a596",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "WzgyLDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzIwMCwxXQ==",
       "attributes": {
         "title": "Tunnels - Action",
         "visState": "{\"title\":\"Tunnels - Action\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_tunnel.action\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Action\"}}]}",
@@ -296,15 +257,15 @@
       }
     },
     {
-      "id": "f408c64e-1950-42b2-904a-cac7c4f11bc6",
+      "id": "AWDHFYrqxQT5EBNmq4qT",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "WzgzLDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzIwMiwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Tunnels - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
+        "title": "Tunnels - Log Count",
+        "visState": "{\"title\":\"Tunnels - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "Tunnels - Destination Port",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -323,15 +284,15 @@
       }
     },
     {
-      "id": "AWDHFYrqxQT5EBNmq4qT",
+      "id": "f408c64e-1950-42b2-904a-cac7c4f11bc6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:11.180Z",
-      "version": "Wzg0LDFd",
+      "updated_at": "2020-02-12T15:00:11.808Z",
+      "version": "WzIwMSwxXQ==",
       "attributes": {
-        "title": "Tunnels - Log Count",
-        "visState": "{\"title\":\"Tunnels - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "visState": "{\"title\":\"Tunnels - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
+        "title": "Tunnels - Destination Port",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -348,6 +309,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "f166f708-f838-4c50-84cc-1fb99f7d7060",
+      "type": "search",
+      "updated_at": "2020-02-12T21:17:37.122Z",
+      "version": "WzEyNjgsMV0=",
+      "attributes": {
+        "title": "Tunnels - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "zeek_tunnel.action",
+          "zeek_tunnel.tunnel_type",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:tunnel\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/11ddd980-e388-11e9-b568-cf17de8e860c.json b/kibana/dashboards/11ddd980-e388-11e9-b568-cf17de8e860c.json
index b7166dee4..924a764d4 100644
--- a/kibana/dashboards/11ddd980-e388-11e9-b568-cf17de8e860c.json
+++ b/kibana/dashboards/11ddd980-e388-11e9-b568-cf17de8e860c.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "11ddd980-e388-11e9-b568-cf17de8e860c",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzk2LDFd",
+      "updated_at": "2020-02-12T18:05:52.591Z",
+      "version": "WzEwMDYsMV0=",
       "attributes": {
         "title": "QUIC",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"h\":56,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"15\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"15\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":23,\"i\":\"16\",\"w\":48,\"x\":0,\"y\":69},\"panelIndex\":\"16\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"17\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"17\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":21,\"i\":\"18\",\"w\":20,\"x\":8,\"y\":8},\"panelIndex\":\"18\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":21,\"i\":\"19\",\"w\":20,\"x\":28,\"y\":8},\"panelIndex\":\"19\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"20\",\"w\":20,\"x\":8,\"y\":29},\"panelIndex\":\"20\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"21\",\"w\":20,\"x\":28,\"y\":29},\"panelIndex\":\"21\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"22\",\"w\":40,\"x\":8,\"y\":49},\"panelIndex\":\"22\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":13,\"i\":\"23\",\"w\":8,\"x\":0,\"y\":56},\"panelIndex\":\"23\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":36,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":9,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":68,\"w\":48,\"h\":23,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":9,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":9,\"w\":20,\"h\":21,\"i\":\"18\"},\"panelIndex\":\"18\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":9,\"w\":20,\"h\":21,\"i\":\"19\"},\"panelIndex\":\"19\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":30,\"w\":20,\"h\":19,\"i\":\"20\"},\"panelIndex\":\"20\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":30,\"w\":20,\"h\":19,\"i\":\"21\"},\"panelIndex\":\"21\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":49,\"w\":48,\"h\":19,\"i\":\"22\"},\"panelIndex\":\"22\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":36,\"w\":8,\"h\":13,\"i\":\"23\"},\"panelIndex\":\"23\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -77,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +97,8 @@
     {
       "id": "a9a94150-e388-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzg3LDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxMSwxXQ==",
       "attributes": {
         "title": "QUIC - Log Count",
         "visState": "{\"title\":\"QUIC - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":false},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}]}",
@@ -124,8 +124,8 @@
     {
       "id": "69939d90-e388-11e9-b568-cf17de8e860c",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzg4LDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxMiwxXQ==",
       "attributes": {
         "title": "QUIC - Logs",
         "description": "",
@@ -163,8 +163,8 @@
     {
       "id": "42fea480-e389-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzg5LDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxMywxXQ==",
       "attributes": {
         "title": "QUIC - Log Count Over Time",
         "visState": "{\"title\":\"QUIC - Log Count Over Time\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-25y\",\"to\":\"now\",\"mode\":\"relative\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"quic.version\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"QUIC Version\"}}]}",
@@ -190,8 +190,8 @@
     {
       "id": "2648ad80-e38a-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "WzkwLDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxNCwxXQ==",
       "attributes": {
         "title": "QUIC - Source IP Address",
         "visState": "{\"title\":\"QUIC - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"IP Address\"}}]}",
@@ -217,8 +217,8 @@
     {
       "id": "49d13470-e38a-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "WzkxLDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxNSwxXQ==",
       "attributes": {
         "title": "QUIC - Destination IP Address",
         "visState": "{\"title\":\"QUIC - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"IP Address\"}}]}",
@@ -244,8 +244,8 @@
     {
       "id": "919cb8b0-e38a-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "WzkyLDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxNiwxXQ==",
       "attributes": {
         "title": "QUIC - User Agent",
         "visState": "{\"title\":\"QUIC - User Agent\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"quic.useragent\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"User Agent\"}}]}",
@@ -271,8 +271,8 @@
     {
       "id": "be8b4120-e38a-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "WzkzLDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxNywxXQ==",
       "attributes": {
         "title": "QUIC - Server Name",
         "visState": "{\"title\":\"QUIC - Server Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"quic.host\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Server Name\"}}]}",
@@ -298,8 +298,8 @@
     {
       "id": "2e6549a0-e38b-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzk0LDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxOCwxXQ==",
       "attributes": {
         "title": "QUIC - CYU Fingerprint",
         "visState": "{\"title\":\"QUIC - CYU Fingerprint\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_gquic.cyutags\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"CYU Fingerprint Tags\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_gquic.cyu\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"CYU Fingerprint MD5\"}}]}",
@@ -325,8 +325,8 @@
     {
       "id": "7a6b6a50-e38b-11e9-b568-cf17de8e860c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:12.222Z",
-      "version": "Wzk1LDFd",
+      "updated_at": "2020-02-12T15:00:12.835Z",
+      "version": "WzIxOSwxXQ==",
       "attributes": {
         "title": "QUIC - Version",
         "visState": "{\"title\":\"QUIC - Version\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"quic.version\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"QUIC Version\"}}]}",
diff --git a/kibana/dashboards/152f29dc-51a2-4f53-93e9-6e92765567b8.json b/kibana/dashboards/152f29dc-51a2-4f53-93e9-6e92765567b8.json
index e74245e43..8057cd32d 100644
--- a/kibana/dashboards/152f29dc-51a2-4f53-93e9-6e92765567b8.json
+++ b/kibana/dashboards/152f29dc-51a2-4f53-93e9-6e92765567b8.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "152f29dc-51a2-4f53-93e9-6e92765567b8",
@@ -10,7 +10,7 @@
         "title": "Modbus",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"h\":53,\"i\":\"2\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"h\":20,\"i\":\"11\",\"w\":20,\"x\":8,\"y\":33},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":13,\"i\":\"12\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"12\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":13,\"i\":\"13\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"13\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":29,\"i\":\"14\",\"w\":48,\"x\":0,\"y\":73},\"panelIndex\":\"14\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"15\",\"w\":17,\"x\":8,\"y\":13},\"panelIndex\":\"15\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"16\",\"w\":23,\"x\":25,\"y\":13},\"panelIndex\":\"16\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"17\",\"w\":20,\"x\":28,\"y\":33},\"panelIndex\":\"17\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"18\",\"w\":27,\"x\":0,\"y\":53},\"panelIndex\":\"18\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"19\",\"w\":21,\"x\":27,\"y\":53},\"panelIndex\":\"19\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"gridData\":{\"h\":53,\"i\":\"2\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"h\":20,\"i\":\"11\",\"w\":20,\"x\":8,\"y\":33},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":13,\"i\":\"12\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":13,\"i\":\"13\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"13\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":29,\"i\":\"14\",\"w\":48,\"x\":0,\"y\":73},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"15\",\"w\":17,\"x\":8,\"y\":13},\"panelIndex\":\"15\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"16\",\"w\":23,\"x\":25,\"y\":13},\"panelIndex\":\"16\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"17\",\"w\":20,\"x\":28,\"y\":33},\"panelIndex\":\"17\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"18\",\"w\":27,\"x\":0,\"y\":53},\"panelIndex\":\"18\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"19\",\"w\":21,\"x\":27,\"y\":53},\"panelIndex\":\"19\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -81,7 +81,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/1ce42250-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/1ce42250-3f99-11e9-a58e-8bdedb0915e8.json
index 9b664c906..8cabf76fe 100644
--- a/kibana/dashboards/1ce42250-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/1ce42250-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "1ce42250-3f99-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:14.289Z",
-      "version": "WzExNCwxXQ==",
+      "updated_at": "2020-02-13T15:37:31.784Z",
+      "version": "WzkzNSwxXQ==",
       "attributes": {
         "title": "Connections - Source - Sum of Total Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"5cf06729-4907-4824-a561-a3c50a23136c\"},\"panelIndex\":\"5cf06729-4907-4824-a561-a3c50a23136c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"b397c221-819d-4fdd-b3e1-3a424d643ef0\"},\"panelIndex\":\"b397c221-819d-4fdd-b3e1-3a424d643ef0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "997269c0-3f95-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,12 +67,12 @@
     {
       "id": "997269c0-3f95-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:14.289Z",
-      "version": "WzExMiwxXQ==",
+      "updated_at": "2020-02-13T14:48:48.478Z",
+      "version": "Wzg3OCwxXQ==",
       "attributes": {
         "title": "Connections - Source - Sum of Total Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Source - Sum of Total Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
-        "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
+        "visState": "{\"title\":\"Connections - Source - Sum of Total Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\"}},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"sum\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Originator Country\",\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
+        "uiStateJSON": "{\"mapCenter\":[37.87063517566466,16.347656250000004],\"mapZoom\":3}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -72,8 +82,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/1fff49f6-0199-4a0f-820b-721aff9ff1f1.json b/kibana/dashboards/1fff49f6-0199-4a0f-820b-721aff9ff1f1.json
index 2cec97baf..baf63c89c 100644
--- a/kibana/dashboards/1fff49f6-0199-4a0f-820b-721aff9ff1f1.json
+++ b/kibana/dashboards/1fff49f6-0199-4a0f-820b-721aff9ff1f1.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "1fff49f6-0199-4a0f-820b-721aff9ff1f1",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyNSwxXQ==",
+      "updated_at": "2020-02-12T15:51:03.953Z",
+      "version": "Wzg2NCwxXQ==",
       "attributes": {
         "title": "Weird",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":80,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":8,\"y\":32,\"w\":14,\"h\":24,\"i\":\"5\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":22,\"y\":32,\"w\":14,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":8,\"y\":8,\"w\":16,\"h\":24,\"i\":\"8\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{}},{\"panelIndex\":\"9\",\"gridData\":{\"x\":0,\"y\":80,\"w\":48,\"h\":24,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"10\",\"gridData\":{\"x\":8,\"y\":56,\"w\":40,\"h\":24,\"i\":\"10\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":36,\"y\":32,\"w\":12,\"h\":24,\"i\":\"12\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"13\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"13\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":24,\"y\":8,\"w\":24,\"h\":24,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":66,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":14,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":27,\"w\":14,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":16,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":47,\"w\":40,\"h\":19,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":27,\"w\":12,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":8,\"w\":24,\"h\":19,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":66,\"w\":48,\"h\":35,\"i\":\"781c60c8-791a-4f33-9f08-85820f16f4d1\"},\"panelIndex\":\"781c60c8-791a-4f33-9f08-85820f16f4d1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -46,28 +46,28 @@
         },
         {
           "name": "panel_5",
-          "type": "search",
-          "id": "17236484-ab93-4497-8b85-bc7dfaeb2d71"
+          "type": "visualization",
+          "id": "a827f658-2190-4ec4-b330-96cdb93d97ed"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "a827f658-2190-4ec4-b330-96cdb93d97ed"
+          "id": "64ffd0d9-a0d7-4db6-bce0-c69b48ff0da6"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "64ffd0d9-a0d7-4db6-bce0-c69b48ff0da6"
+          "id": "AWDHGXk-xQT5EBNmq4uf"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHGXk-xQT5EBNmq4uf"
+          "id": "429d2522-67c6-44f5-aae8-f464d5815195"
         },
         {
           "name": "panel_9",
-          "type": "visualization",
-          "id": "429d2522-67c6-44f5-aae8-f464d5815195"
+          "type": "search",
+          "id": "17236484-ab93-4497-8b85-bc7dfaeb2d71"
         }
       ],
       "migrationVersion": {
@@ -77,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +97,8 @@
     {
       "id": "2789890f-3187-449c-b0d7-a351975cbe13",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzExNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2MCwxXQ==",
       "attributes": {
         "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"firstPacket per 12 hours\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"title\":\"Weird - Log Count Over Time\",\"type\":\"line\"}",
         "description": "",
@@ -124,8 +124,8 @@
     {
       "id": "259fa46e-2fde-41bb-b028-063a12cb4621",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzExNywxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Weird - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -151,8 +151,8 @@
     {
       "id": "84786f08-b68a-4524-8d2d-d44221f99060",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzExOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Weird - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -178,13 +178,13 @@
     {
       "id": "c7fbd190-02fa-4eb5-ac5a-a4ad421a6a3b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzExOSwxXQ==",
+      "updated_at": "2020-02-12T15:48:10.480Z",
+      "version": "Wzg1NywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Weird - Notice Generated\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_weird.notice\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Weird - Notice Generated",
+        "visState": "{\"title\":\"Weird - Notice Generated\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_weird.notice: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_weird.notice\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -193,8 +193,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "17236484-ab93-4497-8b85-bc7dfaeb2d71"
         }
       ],
@@ -202,50 +202,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "17236484-ab93-4497-8b85-bc7dfaeb2d71",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyMCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "Weird - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:weird\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "a827f658-2190-4ec4-b330-96cdb93d97ed",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2NSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Weird - Summary\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_weird.name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -271,8 +232,8 @@
     {
       "id": "64ffd0d9-a0d7-4db6-bce0-c69b48ff0da6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Weird - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -298,8 +259,8 @@
     {
       "id": "AWDHGXk-xQT5EBNmq4uf",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyMywxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2NywxXQ==",
       "attributes": {
         "title": "Weird - Log Count",
         "visState": "{\"title\":\"Weird - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -325,8 +286,8 @@
     {
       "id": "429d2522-67c6-44f5-aae8-f464d5815195",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:15.324Z",
-      "version": "WzEyNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:15.936Z",
+      "version": "WzI2OCwxXQ==",
       "attributes": {
         "title": "Weird - Name",
         "visState": "{\"title\":\"Weird - Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_weird.name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Name\"}}]}",
@@ -348,6 +309,45 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "17236484-ab93-4497-8b85-bc7dfaeb2d71",
+      "type": "search",
+      "updated_at": "2020-02-12T15:50:09.109Z",
+      "version": "Wzg2MiwxXQ==",
+      "attributes": {
+        "title": "Weird - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "zeek_weird.name",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:weird\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/29a1b290-eb98-11e9-a384-0fcf32210194.json b/kibana/dashboards/29a1b290-eb98-11e9-a384-0fcf32210194.json
index 195bf3e2e..855e956eb 100644
--- a/kibana/dashboards/29a1b290-eb98-11e9-a384-0fcf32210194.json
+++ b/kibana/dashboards/29a1b290-eb98-11e9-a384-0fcf32210194.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "29a1b290-eb98-11e9-a384-0fcf32210194",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzOSwxXQ==",
+      "updated_at": "2020-02-12T21:30:25.616Z",
+      "version": "WzEyODcsMV0=",
       "attributes": {
         "title": "EtherNet/IP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":74,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":15,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":15,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":74,\"w\":48,\"h\":24,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":30,\"y\":15,\"w\":18,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":15,\"w\":22,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":30,\"y\":34,\"w\":18,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":34,\"w\":22,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"gridData\":{\"x\":8,\"y\":54,\"w\":22,\"h\":20,\"i\":\"9\"},\"version\":\"7.5.1\",\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"gridData\":{\"x\":30,\"y\":54,\"w\":18,\"h\":20,\"i\":\"10\"},\"version\":\"7.5.1\",\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":34,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":15,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":15,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":77,\"w\":48,\"h\":24,\"i\":\"4\"},\"panelIndex\":\"4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":30,\"y\":15,\"w\":18,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":15,\"w\":22,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":31,\"y\":34,\"w\":17,\"h\":22,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":34,\"w\":31,\"h\":22,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":56,\"w\":13,\"h\":21,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":13,\"y\":56,\"w\":18,\"h\":21,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":31,\"y\":56,\"w\":17,\"h\":21,\"i\":\"5c779394-cda6-4315-9bac-00c25d6c08a2\"},\"panelIndex\":\"5c779394-cda6-4315-9bac-00c25d6c08a2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"}}"
         }
       },
       "references": [
@@ -68,6 +68,11 @@
           "name": "panel_9",
           "type": "visualization",
           "id": "28722f10-eb9f-11e9-a384-0fcf32210194"
+        },
+        {
+          "name": "panel_10",
+          "type": "visualization",
+          "id": "b65629c0-4dde-11ea-8336-d3388483188b"
         }
       ],
       "migrationVersion": {
@@ -77,11 +82,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +102,8 @@
     {
       "id": "b2548270-eb98-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEyNywxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI3OSwxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Log Count",
         "visState": "{\"title\":\"EtherNet/IP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":36}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Log Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.logType\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Log Type\"}}]}",
@@ -128,8 +133,8 @@
     {
       "id": "3c2b11d0-eb99-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEyOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4MCwxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Logs Over Time",
         "visState": "{\"title\":\"EtherNet/IP - Logs Over Time\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-25y\",\"to\":\"now\",\"mode\":\"relative\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.logType\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Log Type\"}}]}",
@@ -159,8 +164,8 @@
     {
       "id": "dbcc6540-eb99-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEyOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4MSwxXQ==",
       "attributes": {
         "title": "EtherNet/IP and Related - Logs",
         "description": "",
@@ -198,8 +203,8 @@
     {
       "id": "9f3c4950-eb9a-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzMCwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4MiwxXQ==",
       "attributes": {
         "title": "Common Industrial Protocol - Service",
         "visState": "{\"title\":\"Common Industrial Protocol - Service\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_cip.cip_service\",\"size\":200,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"CIP Service\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_cip.status\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Status\"}}]}",
@@ -225,8 +230,8 @@
     {
       "id": "7199bdb0-eb9b-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4MywxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Product",
         "visState": "{\"title\":\"EtherNet/IP - Product\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_enip_list_identity.vendor\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Vendor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_enip_list_identity.product_name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Product\"}}]}",
@@ -252,8 +257,8 @@
     {
       "id": "f587d990-eb9b-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4NCwxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Command",
         "visState": "{\"title\":\"EtherNet/IP - Command\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_enip.command\",\"size\":200,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Command\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_enip.status\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Status\"}}]}",
@@ -279,8 +284,8 @@
     {
       "id": "a0ef3e90-eb9c-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzMywxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4NSwxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Product Revision",
         "visState": "{\"title\":\"EtherNet/IP - Product Revision\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_enip_list_identity.vendor\",\"size\":200,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Vendor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_enip_list_identity.product_name\",\"size\":200,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Product\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_enip_list_identity.revision\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Revision\"}}]}",
@@ -306,11 +311,11 @@
     {
       "id": "0165b180-eb9f-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzNCwxXQ==",
+      "updated_at": "2020-02-12T21:27:05.859Z",
+      "version": "WzEyODIsMV0=",
       "attributes": {
         "title": "EtherNet/IP - Source IP",
-        "visState": "{\"title\":\"EtherNet/IP - Source IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcPort\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source Port\"}}]}",
+        "visState": "{\"title\":\"EtherNet/IP - Source IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source Port\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
         "description": "",
         "version": 1,
@@ -321,8 +326,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "dbcc6540-eb99-11e9-a384-0fcf32210194"
         }
       ],
@@ -333,8 +338,8 @@
     {
       "id": "28722f10-eb9f-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4NywxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Destination IP",
         "visState": "{\"title\":\"EtherNet/IP - Destination IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}}]}",
@@ -357,11 +362,38 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "b65629c0-4dde-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-12T21:29:12.540Z",
+      "version": "WzEyODUsMV0=",
+      "attributes": {
+        "title": "EtherNet/IP - Status",
+        "visState": "{\"title\":\"EtherNet/IP - Status\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Status\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_enip.status\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":8,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Status\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "dbcc6540-eb99-11e9-a384-0fcf32210194"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "4c265380-eb97-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4OCwxXQ==",
       "attributes": {
         "title": "Common Industrial Protocol - Logs",
         "description": "",
@@ -398,8 +430,8 @@
     {
       "id": "c0c732e0-eb97-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzNywxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI4OSwxXQ==",
       "attributes": {
         "title": "EtherNet/IP List Identity - Logs",
         "description": "",
@@ -437,8 +469,8 @@
     {
       "id": "7009cbb0-eb97-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:16.354Z",
-      "version": "WzEzOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:16.963Z",
+      "version": "WzI5MCwxXQ==",
       "attributes": {
         "title": "EtherNet/IP - Logs",
         "description": "",
diff --git a/kibana/dashboards/2bec1490-eb94-11e9-a384-0fcf32210194.json b/kibana/dashboards/2bec1490-eb94-11e9-a384-0fcf32210194.json
index e8ab6848c..17a3da557 100644
--- a/kibana/dashboards/2bec1490-eb94-11e9-a384-0fcf32210194.json
+++ b/kibana/dashboards/2bec1490-eb94-11e9-a384-0fcf32210194.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "2bec1490-eb94-11e9-a384-0fcf32210194",
@@ -10,7 +10,7 @@
         "title": "BACnet",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":73,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":73,\"w\":48,\"h\":19,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":35,\"y\":8,\"w\":13,\"h\":25,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":14,\"h\":25,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":22,\"y\":8,\"w\":13,\"h\":25,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":53,\"w\":40,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":33,\"w\":20,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":33,\"w\":20,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":73,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":73,\"w\":48,\"h\":19,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":35,\"y\":8,\"w\":13,\"h\":25,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":14,\"h\":25,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":22,\"y\":8,\"w\":13,\"h\":25,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":53,\"w\":40,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":33,\"w\":20,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":33,\"w\":20,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -81,7 +81,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9.json b/kibana/dashboards/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9.json
index 4fe6a2dc5..9b43021bf 100644
--- a/kibana/dashboards/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9.json
+++ b/kibana/dashboards/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "2cf94cd0-ecab-40a5-95a7-8419f3a39cd9",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2NSwxXQ==",
+      "updated_at": "2020-02-12T16:29:41.134Z",
+      "version": "WzkwOSwxXQ==",
       "attributes": {
         "title": "DNS",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":68,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"5\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":44,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":44,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"7\",\"gridData\":{\"w\":20,\"h\":12,\"x\":8,\"y\":8,\"i\":\"7\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{}},{\"panelIndex\":\"10\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":92,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"13\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":48,\"h\":64,\"x\":0,\"y\":116,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"17\",\"gridData\":{\"w\":20,\"h\":12,\"x\":28,\"y\":8,\"i\":\"17\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"23\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"23\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"24\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":68,\"i\":\"24\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}},{\"panelIndex\":\"25\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":68,\"i\":\"25\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}},{\"panelIndex\":\"26\",\"gridData\":{\"w\":12,\"h\":24,\"x\":20,\"y\":20,\"i\":\"26\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"panelIndex\":\"27\",\"gridData\":{\"w\":12,\"h\":24,\"x\":8,\"y\":20,\"i\":\"27\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\",\"embeddableConfig\":{}},{\"panelIndex\":\"28\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":20,\"i\":\"28\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":60,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":40,\"w\":20,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":40,\"w\":20,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":12,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":79,\"w\":48,\"h\":18,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":12,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"23\"},\"panelIndex\":\"23\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":31,\"y\":60,\"w\":17,\"h\":19,\"i\":\"25\"},\"panelIndex\":\"25\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":20,\"w\":12,\"h\":20,\"i\":\"26\"},\"panelIndex\":\"26\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":20,\"w\":12,\"h\":20,\"i\":\"27\"},\"panelIndex\":\"27\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":20,\"w\":16,\"h\":20,\"i\":\"28\"},\"panelIndex\":\"28\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":60,\"w\":31,\"h\":19,\"i\":\"df0ca665-47a8-45ea-b2a1-739badb538dc\"},\"panelIndex\":\"df0ca665-47a8-45ea-b2a1-739badb538dc\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}},\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"asc\"}}},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":97,\"w\":48,\"h\":41,\"i\":\"0b6ca6c5-38c1-4811-b40d-d1cd8229bb1f\"},\"panelIndex\":\"0b6ca6c5-38c1-4811-b40d-d1cd8229bb1f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -51,43 +51,43 @@
         },
         {
           "name": "panel_6",
-          "type": "search",
-          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
+          "type": "visualization",
+          "id": "2699477d-e158-4174-97ee-e1438fed0fee"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "2699477d-e158-4174-97ee-e1438fed0fee"
+          "id": "AWDG9Qx0xQT5EBNmq3_2"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDG9Qx0xQT5EBNmq3_2"
+          "id": "240930b9-d4ad-40b6-ae9f-f7c64ea9d0f7"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "a9504c4e-ac9e-4a43-9499-982f883604b1"
+          "id": "4b82b26a-3ceb-41a0-b0b5-6fb6e876b1c8"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "240930b9-d4ad-40b6-ae9f-f7c64ea9d0f7"
+          "id": "9d1204c9-7e26-44d3-a9be-eff725bf3f5b"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "4b82b26a-3ceb-41a0-b0b5-6fb6e876b1c8"
+          "id": "7dbb6c65-f197-4237-825c-fd102163a3bf"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "9d1204c9-7e26-44d3-a9be-eff725bf3f5b"
+          "id": "69241a80-421d-11ea-9084-41ab7c5fff2e"
         },
         {
           "name": "panel_13",
-          "type": "visualization",
-          "id": "7dbb6c65-f197-4237-825c-fd102163a3bf"
+          "type": "search",
+          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
         }
       ],
       "migrationVersion": {
@@ -97,11 +97,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -117,8 +117,8 @@
     {
       "id": "a3d7ae56-264b-4e8f-9c45-242bff74179d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcyMywxXQ==",
       "attributes": {
         "title": "DNS - Server",
         "visState": "{\"title\":\"DNS - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
@@ -144,8 +144,8 @@
     {
       "id": "6d4ea29d-53c8-472b-acc3-c9257a7f0e91",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE1MywxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNS - Client\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client\"}}],\"listeners\":{}}",
         "description": "",
@@ -171,11 +171,11 @@
     {
       "id": "727d7b36-4153-4c51-b723-2700a3c815f1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxOSwxXQ==",
+      "updated_at": "2020-02-12T16:19:22.378Z",
+      "version": "Wzg5NiwxXQ==",
       "attributes": {
         "title": "DNS - Query Class",
-        "visState": "{\"title\":\"DNS - Query Class\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_dns.qclass_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Class\"}}]}",
+        "visState": "{\"title\":\"DNS - Query Class\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Query Class\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_dns.qclass_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Query Class\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -186,8 +186,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
         }
       ],
@@ -198,8 +198,8 @@
     {
       "id": "8a3a0bd6-555d-45c6-bf3d-d2b8598e9926",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxMywxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcxMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNS - Query/Answer\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.query\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.answers\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Answer\"}}],\"listeners\":{}}",
         "description": "",
@@ -225,8 +225,8 @@
     {
       "id": "adb769dc-8ac5-46fa-abb3-d16c638d8279",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE1NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNS - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 30 minutes\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -249,50 +249,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "DNS - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dns\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "2699477d-e158-4174-97ee-e1438fed0fee",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE1OCwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNS - Destination Port\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\"}}],\"listeners\":{}}",
         "description": "",
@@ -318,8 +279,8 @@
     {
       "id": "AWDG9Qx0xQT5EBNmq3_2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE1OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyNiwxXQ==",
       "attributes": {
         "title": "DNS - Log Count",
         "visState": "{\"title\":\"DNS - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -343,13 +304,13 @@
       }
     },
     {
-      "id": "a9504c4e-ac9e-4a43-9499-982f883604b1",
+      "id": "240930b9-d4ad-40b6-ae9f-f7c64ea9d0f7",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyOCwxXQ==",
       "attributes": {
-        "title": "DNS - Queries",
-        "visState": "{\"title\":\"DNS - Queries\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.query\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query\"}}]}",
+        "title": "DNS - Answers",
+        "visState": "{\"title\":\"DNS - Answers\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.answers\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Answer\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
@@ -370,13 +331,13 @@
       }
     },
     {
-      "id": "240930b9-d4ad-40b6-ae9f-f7c64ea9d0f7",
+      "id": "4b82b26a-3ceb-41a0-b0b5-6fb6e876b1c8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMyOSwxXQ==",
       "attributes": {
-        "title": "DNS - Answers",
-        "visState": "{\"title\":\"DNS - Answers\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.answers\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Answer\"}}]}",
+        "title": "DNS - Response Code (Name)",
+        "visState": "{\"title\":\"DNS - Response Code (Name)\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.rcode_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Response Code (Name)\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
@@ -397,13 +358,13 @@
       }
     },
     {
-      "id": "4b82b26a-3ceb-41a0-b0b5-6fb6e876b1c8",
+      "id": "9d1204c9-7e26-44d3-a9be-eff725bf3f5b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:19.037Z",
+      "version": "WzMzMCwxXQ==",
       "attributes": {
-        "title": "DNS - Response Code (Name)",
-        "visState": "{\"title\":\"DNS - Response Code (Name)\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.rcode_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Response Code (Name)\"}}]}",
+        "title": "DNS - Query Type",
+        "visState": "{\"title\":\"DNS - Query Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.qtype_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Type\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
@@ -424,14 +385,14 @@
       }
     },
     {
-      "id": "9d1204c9-7e26-44d3-a9be-eff725bf3f5b",
+      "id": "7dbb6c65-f197-4237-825c-fd102163a3bf",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2MywxXQ==",
+      "updated_at": "2020-02-12T16:18:56.439Z",
+      "version": "Wzg5NSwxXQ==",
       "attributes": {
-        "title": "DNS - Query Type",
-        "visState": "{\"title\":\"DNS - Query Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.qtype_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Type\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "title": "DNS - Protocol",
+        "visState": "{\"title\":\"DNS - Protocol\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Protocol\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.proto\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -441,8 +402,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
         }
       ],
@@ -451,31 +412,69 @@
       }
     },
     {
-      "id": "7dbb6c65-f197-4237-825c-fd102163a3bf",
+      "id": "69241a80-421d-11ea-9084-41ab7c5fff2e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:18.416Z",
-      "version": "WzE2NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:43.723Z",
+      "version": "WzU3OSwxXQ==",
       "attributes": {
-        "title": "DNS - Protocol",
-        "visState": "{\"title\":\"DNS - Protocol\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.proto\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}]}",
-        "uiStateJSON": "{}",
+        "title": "DNS Queries by Randomness",
+        "visState": "{\"title\":\"DNS Queries by Randomness\",\"type\":\"table\",\"params\":{\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}},{\"accessor\":1,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metrics\":[{\"accessor\":2,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}]},\"perPage\":10,\"percentageCol\":\"\",\"showMetricsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dns.host\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"DNS Query\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v1\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Randomness Score (method 1)\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v2\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Randomness Score (method 2)\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e",
+      "type": "search",
+      "updated_at": "2020-02-12T16:25:47.761Z",
+      "version": "WzkwMywxXQ==",
+      "attributes": {
+        "title": "DNS - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "zeek_dns.query",
+          "zeek_dns.answers",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:dns\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/2d98bb8e-214c-4374-837b-20e1bcd63a5e.json b/kibana/dashboards/2d98bb8e-214c-4374-837b-20e1bcd63a5e.json
index 86f1a27ff..cf817918d 100644
--- a/kibana/dashboards/2d98bb8e-214c-4374-837b-20e1bcd63a5e.json
+++ b/kibana/dashboards/2d98bb8e-214c-4374-837b-20e1bcd63a5e.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "2d98bb8e-214c-4374-837b-20e1bcd63a5e",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE3NCwxXQ==",
+      "updated_at": "2020-02-12T16:15:28.816Z",
+      "version": "Wzg5MiwxXQ==",
       "attributes": {
         "title": "DHCP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"2\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"panelIndex\":\"3\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":60,\"i\":\"3\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"x\":0,\"y\":60,\"w\":48,\"h\":24,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"6\",\"gridData\":{\"x\":22,\"y\":36,\"w\":14,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":8,\"y\":36,\"w\":14,\"h\":24,\"i\":\"7\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":36,\"y\":36,\"w\":12,\"h\":24,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"9\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":8,\"y\":8,\"w\":40,\"h\":28,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":49,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":28,\"w\":14,\"h\":21,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":28,\"w\":14,\"h\":21,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":28,\"w\":12,\"h\":21,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":40,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":49,\"w\":48,\"h\":32,\"i\":\"6c78964f-d1c8-4790-bda7-8802a7ea8986\"},\"panelIndex\":\"6c78964f-d1c8-4790-bda7-8802a7ea8986\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,33 +31,33 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "20ff62a1-06d6-4738-b611-945628d80305"
+          "type": "visualization",
+          "id": "82fff513-b971-452e-a0fb-492c3091b771"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "82fff513-b971-452e-a0fb-492c3091b771"
+          "id": "78b8c460-7dc9-4b76-9bc4-ea831c0d7802"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "78b8c460-7dc9-4b76-9bc4-ea831c0d7802"
+          "id": "23975603-24ed-40f6-bb45-0780f4645d92"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "23975603-24ed-40f6-bb45-0780f4645d92"
+          "id": "AWDG80RwxQT5EBNmq38x"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "AWDG80RwxQT5EBNmq38x"
+          "id": "1d178ca4-f067-4f46-bbc7-777a3fd69d47"
         },
         {
           "name": "panel_7",
-          "type": "visualization",
-          "id": "1d178ca4-f067-4f46-bbc7-777a3fd69d47"
+          "type": "search",
+          "id": "20ff62a1-06d6-4738-b611-945628d80305"
         }
       ],
       "migrationVersion": {
@@ -67,8 +67,8 @@
     {
       "id": "1c337cf4-8030-4760-9828-7c0f5305c5bb",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE2NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzMzMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DHCP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -94,11 +94,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -111,50 +111,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "20ff62a1-06d6-4738-b611-945628d80305",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE2OCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "DHCP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dhcp\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "82fff513-b971-452e-a0fb-492c3091b771",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE2OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzMzNiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DHCP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -180,8 +141,8 @@
     {
       "id": "78b8c460-7dc9-4b76-9bc4-ea831c0d7802",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE3MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzMzNywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DHCP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -207,8 +168,8 @@
     {
       "id": "23975603-24ed-40f6-bb45-0780f4645d92",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE3MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzMzOCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DHCP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -234,8 +195,8 @@
     {
       "id": "AWDG80RwxQT5EBNmq38x",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE3MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzMzOSwxXQ==",
       "attributes": {
         "title": "DHCP - Log Count",
         "visState": "{\"title\":\"DHCP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -261,8 +222,8 @@
     {
       "id": "1d178ca4-f067-4f46-bbc7-777a3fd69d47",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:19.440Z",
-      "version": "WzE3MywxXQ==",
+      "updated_at": "2020-02-12T15:00:20.062Z",
+      "version": "WzM0MCwxXQ==",
       "attributes": {
         "title": "DHCP - IP to MAC Assignment",
         "visState": "{\"title\":\"DHCP - IP to MAC Assignment\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dhcp.assigned_ip\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Assigned IP Address\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dhcp.mac\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MAC Address\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}]}",
@@ -284,6 +245,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "20ff62a1-06d6-4738-b611-945628d80305",
+      "type": "search",
+      "updated_at": "2020-02-12T16:14:50.059Z",
+      "version": "Wzg5MSwxXQ==",
+      "attributes": {
+        "title": "DHCP - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_dhcp.mac",
+          "zeek_dhcp.assigned_ip",
+          "dstIp",
+          "zeek_dhcp.host_name",
+          "zeek_dhcp.domain",
+          "zeek_dhcp.msg_types",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:dhcp\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/32587740-ef88-11e9-b38a-2db3ee640e88.json b/kibana/dashboards/32587740-ef88-11e9-b38a-2db3ee640e88.json
index 77bb347ea..8bb872f9b 100644
--- a/kibana/dashboards/32587740-ef88-11e9-b38a-2db3ee640e88.json
+++ b/kibana/dashboards/32587740-ef88-11e9-b38a-2db3ee640e88.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "32587740-ef88-11e9-b38a-2db3ee640e88",
@@ -10,7 +10,7 @@
         "title": "Tabular Data Stream - RPC",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":48,\"w\":48,\"h\":29,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":27,\"w\":40,\"h\":21,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":16,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"x\":24,\"y\":8,\"w\":24,\"h\":19,\"i\":\"7\"},\"version\":\"7.5.1\",\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":48,\"w\":48,\"h\":29,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":27,\"w\":40,\"h\":21,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":16,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"x\":24,\"y\":8,\"w\":24,\"h\":19,\"i\":\"7\"},\"version\":\"7.6.2\",\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -66,7 +66,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json b/kibana/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json
index 3f1afddfc..2704a75fb 100644
--- a/kibana/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json
+++ b/kibana/dashboards/36ed695f-edcc-47c1-b0ec-50d20c93ce0f.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "36ed695f-edcc-47c1-b0ec-50d20c93ce0f",
@@ -10,7 +10,7 @@
         "title": "Intel",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":8,\"y\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":24,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":72,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":72,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":24,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":28,\"h\":24,\"x\":20,\"y\":48,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":0,\"y\":48,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":96,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"zeek_intel.fuid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":72,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":28,\"y\":8,\"i\":\"16\"},\"panelIndex\":\"16\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"17\"},\"panelIndex\":\"17\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"}]",
+        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":8,\"y\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":24,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":72,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":72,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":24,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":28,\"h\":24,\"x\":20,\"y\":48,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":0,\"y\":48,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":96,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"zeek.fuid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":72,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":28,\"y\":8,\"i\":\"16\"},\"panelIndex\":\"16\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"17\"},\"panelIndex\":\"17\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -96,7 +96,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -349,7 +349,7 @@
           "dstIp",
           "dstPort",
           "zeek.uid",
-          "zeek_intel.fuid",
+          "zeek.fuid",
           "_id"
         ]
       },
diff --git a/kibana/dashboards/37041ee1-79c0-4684-a436-3173b0e89876.json b/kibana/dashboards/37041ee1-79c0-4684-a436-3173b0e89876.json
index 85e63de5f..4f69a93fe 100644
--- a/kibana/dashboards/37041ee1-79c0-4684-a436-3173b0e89876.json
+++ b/kibana/dashboards/37041ee1-79c0-4684-a436-3173b0e89876.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "37041ee1-79c0-4684-a436-3173b0e89876",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIxMiwxXQ==",
+      "updated_at": "2020-02-12T17:05:15.892Z",
+      "version": "WzkzNiwxXQ==",
       "attributes": {
         "title": "HTTP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":52,\"i\":\"2\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":0,\"y\":88,\"w\":48,\"h\":24,\"i\":\"5\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":0,\"y\":112,\"w\":48,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":0,\"y\":136,\"w\":48,\"h\":24,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":0,\"y\":216,\"w\":48,\"h\":36,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek_http.resp_fuids\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"14\",\"gridData\":{\"x\":0,\"y\":52,\"w\":24,\"h\":24,\"i\":\"14\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":24,\"y\":52,\"w\":24,\"h\":24,\"i\":\"15\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":0,\"y\":188,\"w\":48,\"h\":28,\"i\":\"16\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":160,\"w\":48,\"h\":28,\"i\":\"17\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"19\",\"gridData\":{\"x\":0,\"y\":76,\"w\":48,\"h\":12,\"i\":\"19\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}},{\"panelIndex\":\"20\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":20,\"i\":\"20\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"panelIndex\":\"21\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":20,\"i\":\"21\"},\"embeddableConfig\":{\"vis\":{\"colors\":{\"Count\":\"#629E51\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"},{\"panelIndex\":\"23\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"23\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\"},{\"panelIndex\":\"24\",\"gridData\":{\"x\":8,\"y\":28,\"w\":40,\"h\":24,\"i\":\"24\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_14\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":58,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":19,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":90,\"w\":24,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":90,\"w\":24,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":130,\"w\":48,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":58,\"w\":24,\"h\":20,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":58,\"w\":24,\"h\":20,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":110,\"w\":48,\"h\":20,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":150,\"w\":48,\"h\":22,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":78,\"w\":48,\"h\":12,\"i\":\"19\"},\"panelIndex\":\"19\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":19,\"w\":20,\"h\":20,\"i\":\"20\"},\"panelIndex\":\"20\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":19,\"w\":20,\"h\":20,\"i\":\"21\"},\"panelIndex\":\"21\",\"embeddableConfig\":{\"vis\":{\"colors\":{\"Count\":\"#629E51\"}}},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":7,\"i\":\"23\"},\"panelIndex\":\"23\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":39,\"w\":40,\"h\":19,\"i\":\"24\"},\"panelIndex\":\"24\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":7,\"w\":8,\"h\":12,\"i\":\"70661228-52d4-4ecf-a5a4-139d0ecdd662\"},\"panelIndex\":\"70661228-52d4-4ecf-a5a4-139d0ecdd662\",\"embeddableConfig\":{},\"panelRefName\":\"panel_14\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":172,\"w\":48,\"h\":42,\"i\":\"7337ff11-23e0-4f6e-981f-a043f15e60cf\"},\"panelIndex\":\"7337ff11-23e0-4f6e-981f-a043f15e60cf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_15\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -46,53 +46,58 @@
         },
         {
           "name": "panel_5",
-          "type": "search",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
+          "type": "visualization",
+          "id": "2c18f5be-4023-40fb-8de6-7b490045520b"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "2c18f5be-4023-40fb-8de6-7b490045520b"
+          "id": "44d6d5ce-bdf6-46d3-ad97-a30ebda437fa"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "44d6d5ce-bdf6-46d3-ad97-a30ebda437fa"
+          "id": "3c7d9915-8fea-4423-82b6-44499820de71"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "3c7d9915-8fea-4423-82b6-44499820de71"
+          "id": "30bb6fc3-d33e-4aaf-b805-b8e10008e98b"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "30bb6fc3-d33e-4aaf-b805-b8e10008e98b"
+          "id": "e22ccafa-aad2-4897-8a15-ca114f31464c"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "e22ccafa-aad2-4897-8a15-ca114f31464c"
+          "id": "a6cacf2a-7cf5-4991-be10-474429651b51"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "a6cacf2a-7cf5-4991-be10-474429651b51"
+          "id": "054326f5-92f3-4202-a7cf-cc0d3eb92ad4"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "054326f5-92f3-4202-a7cf-cc0d3eb92ad4"
+          "id": "AWDG97t7xQT5EBNmq4E1"
         },
         {
           "name": "panel_13",
           "type": "visualization",
-          "id": "AWDG97t7xQT5EBNmq4E1"
+          "id": "eedbcaaf-1713-4ec2-acbd-b1e32a34579a"
         },
         {
           "name": "panel_14",
           "type": "visualization",
-          "id": "eedbcaaf-1713-4ec2-acbd-b1e32a34579a"
+          "id": "aa4a78f0-4db8-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_15",
+          "type": "search",
+          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
         }
       ],
       "migrationVersion": {
@@ -102,11 +107,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -122,13 +127,13 @@
     {
       "id": "3b8fee79-8f9d-450a-8362-024c84656efb",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzE5OCwxXQ==",
+      "updated_at": "2020-02-12T16:59:25.302Z",
+      "version": "WzkzMSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"HTTP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - Log Count Over Time",
+        "title": "HTTP - Status Over Time",
+        "visState": "{\"title\":\"HTTP - Status Over Time\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"firstPacket per 12 hours\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD\"}},\"params\":{\"date\":true,\"interval\":\"P30D\",\"intervalESValue\":30,\"intervalESUnit\":\"d\",\"format\":\"YYYY-MM-DD\",\"bounds\":{\"min\":\"1976-02-12T16:47:29.688Z\",\"max\":\"2020-02-12T16:47:29.689Z\"}},\"label\":\"firstPacket per 30 days\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Status Code\",\"aggType\":\"terms\"}]},\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"labels\":{},\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"stacked\",\"show\":true,\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"thresholdLine\":{\"color\":\"#E7664C\",\"show\":false,\"style\":\"full\",\"value\":10,\"width\":1},\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-44y\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_http.status_code\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Status Code\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -137,8 +142,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
         }
       ],
@@ -149,8 +154,8 @@
     {
       "id": "c3c266ad-58c5-45f4-a463-180b531bd96e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcxNCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - Sites\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Site\"}}],\"listeners\":{}}",
         "description": "",
@@ -176,8 +181,8 @@
     {
       "id": "be7d9516-7555-407f-9971-0394c7e822e4",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNywxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcxNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - Sites Hosting EXEs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Site\"}}],\"listeners\":{}}",
         "description": "",
@@ -202,8 +207,8 @@
     {
       "id": "9197cd63-7fe4-4c87-8fab-f7eaa8ca6252",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIwMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM2OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - URIs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.uri\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"URI\"}}],\"listeners\":{}}",
         "description": "",
@@ -226,50 +231,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "HTTP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:http\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "dstIp",
-          "dstPort",
-          "zeek_http.resp_fuids",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "2c18f5be-4023-40fb-8de6-7b490045520b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcxMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -295,8 +261,8 @@
     {
       "id": "44d6d5ce-bdf6-46d3-ad97-a30ebda437fa",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcxMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -322,8 +288,8 @@
     {
       "id": "3c7d9915-8fea-4423-82b6-44499820de71",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIwNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM3MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - User Agent\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.user_agent\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"User Agent\"}}],\"listeners\":{}}",
         "description": "",
@@ -349,8 +315,8 @@
     {
       "id": "30bb6fc3-d33e-4aaf-b805-b8e10008e98b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIwNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM3MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - Referrer\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.referrer\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
         "description": "",
@@ -376,8 +342,8 @@
     {
       "id": "e22ccafa-aad2-4897-8a15-ca114f31464c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcyMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"HTTP - MIME Type\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":14,\"maxFontSize\":40},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_http.resp_mime_types\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MIME Type\"}}],\"listeners\":{}}",
         "description": "",
@@ -403,8 +369,8 @@
     {
       "id": "a6cacf2a-7cf5-4991-be10-474429651b51",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMywxXQ==",
+      "updated_at": "2020-02-12T15:00:56.057Z",
+      "version": "WzcyMSwxXQ==",
       "attributes": {
         "title": "HTTP - Destination Port",
         "visState": "{\"title\":\"HTTP - Destination Port\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":75},\"title\":{\"text\":\"Port\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}]}",
@@ -430,8 +396,8 @@
     {
       "id": "054326f5-92f3-4202-a7cf-cc0d3eb92ad4",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIwOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM3NiwxXQ==",
       "attributes": {
         "title": "HTTP - Destination Country",
         "visState": "{\"title\":\"HTTP - Destination Country\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Country\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":false,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}]}",
@@ -457,8 +423,8 @@
     {
       "id": "AWDG97t7xQT5EBNmq4E1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIxMCwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM3NywxXQ==",
       "attributes": {
         "title": "HTTP - Log Count",
         "visState": "{\"title\":\"HTTP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -484,8 +450,8 @@
     {
       "id": "eedbcaaf-1713-4ec2-acbd-b1e32a34579a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:22.627Z",
-      "version": "WzIxMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:23.157Z",
+      "version": "WzM3OCwxXQ==",
       "attributes": {
         "title": "HTTP  - Status and Method",
         "visState": "{\"title\":\"HTTP  - Status and Method\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.status_msg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Status Message\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.method\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Method\"}}]}",
@@ -507,6 +473,73 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "aa4a78f0-4db8-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-12T16:57:54.485Z",
+      "version": "WzkyOSwxXQ==",
+      "attributes": {
+        "title": "HTTP - Unique Usernames and Passwords",
+        "visState": "{\"title\":\"HTTP - Unique Usernames and Passwords\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":48}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"number\",\"params\":{}}},{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{}}}]},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek.user\",\"customLabel\":\"Unique Usernames\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek.password\",\"customLabel\":\"Unique Cleartext Passwords\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381",
+      "type": "search",
+      "updated_at": "2020-02-12T17:03:57.675Z",
+      "version": "WzkzNSwxXQ==",
+      "attributes": {
+        "title": "HTTP - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_http.host",
+          "zeek_http.status_msg",
+          "zeek.uid",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:http\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/39abfe30-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/39abfe30-3f99-11e9-a58e-8bdedb0915e8.json
index a035eaa8d..c35f56924 100644
--- a/kibana/dashboards/39abfe30-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/39abfe30-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "39abfe30-3f99-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:23.645Z",
-      "version": "WzIxNiwxXQ==",
+      "updated_at": "2020-02-13T15:37:58.499Z",
+      "version": "WzkzNywxXQ==",
       "attributes": {
         "title": "Connections - Source - Top Connection Duration (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"2ed3d708-31cc-4504-87da-63a315c76e76\"},\"panelIndex\":\"2ed3d708-31cc-4504-87da-63a315c76e76\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"35ff09b6-1039-4b4e-9469-296245630598\"},\"panelIndex\":\"35ff09b6-1039-4b4e-9469-296245630598\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "af00a490-3f96-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,12 +67,12 @@
     {
       "id": "af00a490-3f96-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:23.645Z",
-      "version": "WzIxNCwxXQ==",
+      "updated_at": "2020-02-13T14:47:44.795Z",
+      "version": "Wzg3NCwxXQ==",
       "attributes": {
         "title": "Connections - Source - Top Connection Duration (region map)",
-        "visState": "{\"title\":\"Connections - Source - Top Connection Duration (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\",\"customLabel\":\"Longest Session (seconds)\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
-        "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
+        "visState": "{\"title\":\"Connections - Source - Top Connection Duration (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\"}},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Longest Session (seconds)\",\"aggType\":\"max\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Originator Country\",\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\",\"customLabel\":\"Longest Session (seconds)\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
+        "uiStateJSON": "{\"mapCenter\":[37.17328344112096,15.644531250000002],\"mapZoom\":3}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -72,8 +82,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/42e831b9-41a9-4f35-8b7d-e1566d368773.json b/kibana/dashboards/42e831b9-41a9-4f35-8b7d-e1566d368773.json
index 15d8430fb..5666edf9c 100644
--- a/kibana/dashboards/42e831b9-41a9-4f35-8b7d-e1566d368773.json
+++ b/kibana/dashboards/42e831b9-41a9-4f35-8b7d-e1566d368773.json
@@ -1,131 +1,102 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "42e831b9-41a9-4f35-8b7d-e1566d368773",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyOCwxXQ==",
+      "updated_at": "2020-02-13T19:57:16.243Z",
+      "version": "Wzg2OCwxXQ==",
       "attributes": {
         "title": "SMB",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":104,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"4\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":56,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":56,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":8,\"i\":\"8\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{}},{\"panelIndex\":\"9\",\"gridData\":{\"w\":24,\"h\":24,\"x\":8,\"y\":32,\"i\":\"9\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":24,\"h\":24,\"x\":8,\"y\":8,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":80,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"13\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"14\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":32,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":32,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":13,\"i\":\"4\"},\"panelIndex\":\"4\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":51,\"w\":24,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":51,\"w\":24,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":21,\"y\":13,\"w\":12,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":32,\"w\":20,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":32,\"w\":20,\"h\":19,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":70,\"w\":48,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":13,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":32,\"w\":8,\"h\":19,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":13,\"w\":13,\"h\":19,\"i\":\"c9b45e56-7e2e-4949-ad5f-05504515cc70\"},\"panelIndex\":\"c9b45e56-7e2e-4949-ad5f-05504515cc70\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":33,\"y\":13,\"w\":15,\"h\":19,\"i\":\"67e0e34e-49ae-46da-a9a3-83ca7676bee0\"},\"panelIndex\":\"67e0e34e-49ae-46da-a9a3-83ca7676bee0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":90,\"w\":48,\"h\":42,\"i\":\"cf75e7f0-cce1-449c-a40d-15e8fa40325d\"},\"panelIndex\":\"cf75e7f0-cce1-449c-a40d-15e8fa40325d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"}}"
         }
       },
       "references": [
         {
           "name": "panel_0",
-          "type": "search",
-          "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
+          "type": "visualization",
+          "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
         },
         {
           "name": "panel_1",
           "type": "visualization",
-          "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
+          "id": "c4829cb4-ed05-4154-ab6c-9240f0ea0b04"
         },
         {
           "name": "panel_2",
           "type": "visualization",
-          "id": "c4829cb4-ed05-4154-ab6c-9240f0ea0b04"
+          "id": "3b82d24e-d3dd-48fa-a539-98a46ccbfd49"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "3b82d24e-d3dd-48fa-a539-98a46ccbfd49"
+          "id": "974779e2-ab49-4fe8-88db-bf5321664f1a"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "974779e2-ab49-4fe8-88db-bf5321664f1a"
+          "id": "3282a033-fff4-41cb-abe6-d896b4a2e03d"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "3282a033-fff4-41cb-abe6-d896b4a2e03d"
+          "id": "02359f84-0114-4d9d-8731-2b6820722e32"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "02359f84-0114-4d9d-8731-2b6820722e32"
+          "id": "c8f1ff18-93e9-4ce9-a188-c947f7dadc05"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "c8f1ff18-93e9-4ce9-a188-c947f7dadc05"
+          "id": "24b9dbff-7362-4982-9ce7-660001594ff9"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "24b9dbff-7362-4982-9ce7-660001594ff9"
+          "id": "AWDHDfDkxQT5EBNmq4fQ"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "AWDHDfDkxQT5EBNmq4fQ"
+          "id": "0fa8205d-717f-4385-a031-d15e5f1b6c08"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "0fa8205d-717f-4385-a031-d15e5f1b6c08"
-        }
-      ],
-      "migrationVersion": {
-        "dashboard": "7.3.0"
-      }
-    },
-    {
-      "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIxNywxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SMB - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query_string\":{\"query\":\"(zeek.logType:smb_mapping OR zeek.logType:smb_files)\",\"analyze_wildcard\":true}},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+          "id": "b9aaa580-4e9a-11ea-b504-97aa449f6abc"
         },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
         {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
+          "name": "panel_11",
+          "type": "visualization",
+          "id": "b74e39c0-49ca-11ea-812f-2bc51df4ea1e"
+        },
+        {
+          "name": "panel_12",
+          "type": "search",
+          "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
         }
       ],
       "migrationVersion": {
-        "search": "7.4.0"
+        "dashboard": "7.3.0"
       }
     },
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T19:05:04.060Z",
+      "version": "WzgwMCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -141,8 +112,8 @@
     {
       "id": "c4829cb4-ed05-4154-ab6c-9240f0ea0b04",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIxOSwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMB - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per minute\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -168,8 +139,8 @@
     {
       "id": "3b82d24e-d3dd-48fa-a539-98a46ccbfd49",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyMCwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMB - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -195,8 +166,8 @@
     {
       "id": "974779e2-ab49-4fe8-88db-bf5321664f1a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyMSwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMB - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -222,12 +193,12 @@
     {
       "id": "3282a033-fff4-41cb-abe6-d896b4a2e03d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyMiwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5NSwxXQ==",
       "attributes": {
-        "title": "SMB - Action",
-        "visState": "{\"title\":\"SMB - Action\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_smb_files.action\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
-        "uiStateJSON": "{}",
+        "title": "SMB - Version",
+        "visState": "{\"title\":\"SMB - Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"SMB Version\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.service_version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SMB Version\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -237,8 +208,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
         }
       ],
@@ -249,8 +220,8 @@
     {
       "id": "02359f84-0114-4d9d-8731-2b6820722e32",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyMywxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMB - File Path\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"File Path\"}}],\"listeners\":{}}",
         "description": "",
@@ -276,8 +247,8 @@
     {
       "id": "c8f1ff18-93e9-4ce9-a188-c947f7dadc05",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyNCwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMB - File Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"File Name\"}}],\"listeners\":{}}",
         "description": "",
@@ -303,10 +274,10 @@
     {
       "id": "24b9dbff-7362-4982-9ce7-660001594ff9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyNSwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5OCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SMB - File/Path Summary\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"File Path\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"File Name\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.action\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Action\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"SMB - File/Path Summary\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"File Path\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smb_files.name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"File Name\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.action\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Action\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}],\"listeners\":{}}",
         "description": "",
         "title": "SMB - File/Path Summary",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":5,\"direction\":\"desc\"}}}}",
@@ -330,11 +301,11 @@
     {
       "id": "AWDHDfDkxQT5EBNmq4fQ",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyNiwxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzM5OSwxXQ==",
       "attributes": {
         "title": "SMB - Log Count",
-        "visState": "{\"title\":\"SMB - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"SMB - Log Count\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":100}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#FB9E00\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":30}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{}}}],\"bucket\":{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}}}},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.logType\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SMB Log Type\"}}]}",
         "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
         "version": 1,
@@ -345,8 +316,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
         }
       ],
@@ -357,11 +328,11 @@
     {
       "id": "0fa8205d-717f-4385-a031-d15e5f1b6c08",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:24.676Z",
-      "version": "WzIyNywxXQ==",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzQwMCwxXQ==",
       "attributes": {
         "title": "SMB - Destination Port",
-        "visState": "{\"title\":\"SMB - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}]}",
+        "visState": "{\"title\":\"SMB - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":5,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
@@ -372,14 +343,146 @@
       },
       "references": [
         {
+          "name": "search_0",
           "type": "search",
+          "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "b9aaa580-4e9a-11ea-b504-97aa449f6abc",
+      "type": "visualization",
+      "updated_at": "2020-02-13T19:55:03.507Z",
+      "version": "Wzg2NCwxXQ==",
+      "attributes": {
+        "title": "SMB - Relevant Notices",
+        "visState": "{\"title\":\"SMB - Relevant Notices\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Subcategory\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"1\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Subcategory\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"zeek_notice.category:(EternalSafety OR SMB OR ATTACK)\",\"language\":\"lucene\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
           "name": "search_0",
+          "type": "search",
+          "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "b74e39c0-49ca-11ea-812f-2bc51df4ea1e",
+      "type": "visualization",
+      "updated_at": "2020-02-13T19:56:04.804Z",
+      "version": "Wzg2NiwxXQ==",
+      "attributes": {
+        "title": "SMB Action",
+        "visState": "{\"title\":\"SMB Action\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek.action: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.action\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
           "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "e0cefef5-911e-4e38-a1ea-e67c982cb7c7",
+      "type": "search",
+      "updated_at": "2020-02-13T19:04:25.042Z",
+      "version": "WzQwMiwxXQ==",
+      "attributes": {
+        "title": "SMB - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.logType",
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek.service_version",
+          "zeek.action",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"zeek.logType:smb*\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
+      "type": "search",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3NiwxXQ==",
+      "attributes": {
+        "title": "Notices - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_notice.category",
+          "zeek_notice.sub_category",
+          "srcIp",
+          "dstIp",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/432af556-c5c0-4cc3-8166-b274b4e3a406.json b/kibana/dashboards/432af556-c5c0-4cc3-8166-b274b4e3a406.json
index 15a302270..1d6ebd658 100644
--- a/kibana/dashboards/432af556-c5c0-4cc3-8166-b274b4e3a406.json
+++ b/kibana/dashboards/432af556-c5c0-4cc3-8166-b274b4e3a406.json
@@ -1,136 +1,97 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "432af556-c5c0-4cc3-8166-b274b4e3a406",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzI0MSwxXQ==",
+      "updated_at": "2020-02-12T16:06:03.870Z",
+      "version": "Wzg4MCwxXQ==",
       "attributes": {
         "title": "DCE/RPC",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":104,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"4\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":32,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":32,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":56,\"i\":\"8\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":56,\"i\":\"9\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":8,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":80,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"14\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"14\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":8,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}},{\"panelIndex\":\"17\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":80,\"i\":\"17\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":28,\"w\":20,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":28,\"w\":20,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":48,\"w\":24,\"h\":21,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":48,\"w\":24,\"h\":21,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":69,\"w\":24,\"h\":21,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":20,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":69,\"w\":24,\"h\":21,\"i\":\"17\"},\"panelIndex\":\"17\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":90,\"w\":48,\"h\":41,\"i\":\"b3cbd28a-4659-4e23-bf69-106fad9d565c\"},\"panelIndex\":\"b3cbd28a-4659-4e23-bf69-106fad9d565c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
         {
           "name": "panel_0",
-          "type": "search",
-          "id": "bc940221-83d5-416e-a353-dc8fc2f84141"
-        },
-        {
-          "name": "panel_1",
           "type": "visualization",
           "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
         },
         {
-          "name": "panel_2",
+          "name": "panel_1",
           "type": "visualization",
           "id": "64e82156-689a-41fc-974f-efe021d73dc0"
         },
         {
-          "name": "panel_3",
+          "name": "panel_2",
           "type": "visualization",
           "id": "ea6fd4c1-04f0-450a-9b4b-ecb9db0117dc"
         },
         {
-          "name": "panel_4",
+          "name": "panel_3",
           "type": "visualization",
           "id": "6f4a3352-abb1-4a5e-8665-ab86954aed7d"
         },
         {
-          "name": "panel_5",
+          "name": "panel_4",
           "type": "visualization",
           "id": "8d57876a-ee4d-4843-8148-9ac644ce5b45"
         },
         {
-          "name": "panel_6",
+          "name": "panel_5",
           "type": "visualization",
           "id": "d3858962-fc17-4d6f-b933-e94f7ffc9ae3"
         },
         {
-          "name": "panel_7",
+          "name": "panel_6",
           "type": "visualization",
           "id": "52727beb-0e12-4ee5-a3d4-eebd93ee2dd3"
         },
         {
-          "name": "panel_8",
+          "name": "panel_7",
           "type": "visualization",
           "id": "b57e74bf-8024-44cd-b755-7d73e19588c2"
         },
         {
-          "name": "panel_9",
+          "name": "panel_8",
           "type": "visualization",
           "id": "AWDG8k4OxQT5EBNmq37a"
         },
         {
-          "name": "panel_10",
+          "name": "panel_9",
           "type": "visualization",
           "id": "30c677f4-d593-440c-b420-56532602853b"
         },
         {
-          "name": "panel_11",
+          "name": "panel_10",
           "type": "visualization",
           "id": "6b6bcbc1-6753-409f-86dd-f552195ccf03"
-        }
-      ],
-      "migrationVersion": {
-        "dashboard": "7.3.0"
-      }
-    },
-    {
-      "id": "bc940221-83d5-416e-a353-dc8fc2f84141",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIyOSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "DCE/RPC - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dce_rpc\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
         },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
         {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
+          "name": "panel_11",
+          "type": "search",
+          "id": "bc940221-83d5-416e-a353-dc8fc2f84141"
         }
       ],
       "migrationVersion": {
-        "search": "7.4.0"
+        "dashboard": "7.3.0"
       }
     },
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -146,8 +107,8 @@
     {
       "id": "64e82156-689a-41fc-974f-efe021d73dc0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzM5OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 30 minutes\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -173,8 +134,8 @@
     {
       "id": "ea6fd4c1-04f0-450a-9b4b-ecb9db0117dc",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -200,8 +161,8 @@
     {
       "id": "6f4a3352-abb1-4a5e-8665-ab86954aed7d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzMywxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -227,8 +188,8 @@
     {
       "id": "8d57876a-ee4d-4843-8148-9ac644ce5b45",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Endpoint\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.endpoint\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Endpoint\"}}],\"listeners\":{}}",
         "description": "",
@@ -254,8 +215,8 @@
     {
       "id": "d3858962-fc17-4d6f-b933-e94f7ffc9ae3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Named Pipe\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.named_pipe\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Named Pipe\"}}],\"listeners\":{}}",
         "description": "",
@@ -281,8 +242,8 @@
     {
       "id": "52727beb-0e12-4ee5-a3d4-eebd93ee2dd3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwNCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DCE/RPC - Operation\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.operation\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Operation\"}}],\"listeners\":{}}",
         "description": "",
@@ -308,8 +269,8 @@
     {
       "id": "b57e74bf-8024-44cd-b755-7d73e19588c2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzNywxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwNSwxXQ==",
       "attributes": {
         "title": "DCE/RPC - Round Trip Time",
         "visState": "{\"title\":\"DCE/RPC - Round Trip Time\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.rtt\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Round Trip Time\"}}]}",
@@ -335,8 +296,8 @@
     {
       "id": "AWDG8k4OxQT5EBNmq37a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwNiwxXQ==",
       "attributes": {
         "title": "DCE/RPC - Log Count",
         "visState": "{\"title\":\"DCE/RPC - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -362,8 +323,8 @@
     {
       "id": "30c677f4-d593-440c-b420-56532602853b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzIzOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwNywxXQ==",
       "attributes": {
         "title": "DCE/RPC - Destination Port",
         "visState": "{\"title\":\"DCE/RPC - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}]}",
@@ -389,8 +350,8 @@
     {
       "id": "6b6bcbc1-6753-409f-86dd-f552195ccf03",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:25.704Z",
-      "version": "WzI0MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:26.285Z",
+      "version": "WzQwOCwxXQ==",
       "attributes": {
         "title": "DCE/RPC - Summary",
         "visState": "{\"title\":\"DCE/RPC - Summary\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.endpoint\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Endpoint\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.operation\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Operation\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dce_rpc.named_pipe\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Named Pipe\"}}]}",
@@ -412,6 +373,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "bc940221-83d5-416e-a353-dc8fc2f84141",
+      "type": "search",
+      "updated_at": "2020-02-12T16:05:11.823Z",
+      "version": "Wzg3OCwxXQ==",
+      "attributes": {
+        "title": "DCE/RPC - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "zeek_dce_rpc.operation",
+          "zeek_dce_rpc.endpoint",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":\"zeek.logType:dce_rpc\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/4a4bde20-4760-11ea-949c-bbb5a9feecbf.json b/kibana/dashboards/4a4bde20-4760-11ea-949c-bbb5a9feecbf.json
new file mode 100644
index 000000000..5bbed629a
--- /dev/null
+++ b/kibana/dashboards/4a4bde20-4760-11ea-949c-bbb5a9feecbf.json
@@ -0,0 +1,465 @@
+{
+  "version": "7.6.2",
+  "objects": [
+    {
+      "id": "4a4bde20-4760-11ea-949c-bbb5a9feecbf",
+      "type": "dashboard",
+      "updated_at": "2020-02-07T16:34:48.441Z",
+      "version": "WzgxNCwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Security Overview",
+        "hits": 0,
+        "description": "",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":34,\"i\":\"02fde066-221d-4262-ae35-742f7bb8933c\"},\"panelIndex\":\"02fde066-221d-4262-ae35-742f7bb8933c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":16,\"i\":\"d94eb348-e32a-4aa9-a987-4c5b39b4b08a\"},\"panelIndex\":\"d94eb348-e32a-4aa9-a987-4c5b39b4b08a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":16,\"w\":32,\"h\":18,\"i\":\"ed7f0280-cb4d-4c30-95e0-e160269de2fb\"},\"panelIndex\":\"ed7f0280-cb4d-4c30-95e0-e160269de2fb\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":5,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":5,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":11,\"i\":\"7077f7b2-0f10-4d3d-ad63-9611144c1edb\"},\"panelIndex\":\"7077f7b2-0f10-4d3d-ad63-9611144c1edb\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":34,\"w\":16,\"h\":18,\"i\":\"f339fb9a-7660-4b97-9245-14116c969ec9\"},\"panelIndex\":\"f339fb9a-7660-4b97-9245-14116c969ec9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":34,\"w\":20,\"h\":37,\"i\":\"ab1a666c-19f2-4954-81b7-18554a95818f\"},\"panelIndex\":\"ab1a666c-19f2-4954-81b7-18554a95818f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":34,\"w\":12,\"h\":18,\"i\":\"a56f7751-0030-44e1-8e62-3fb1018f4a7e\"},\"panelIndex\":\"a56f7751-0030-44e1-8e62-3fb1018f4a7e\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":52,\"w\":16,\"h\":19,\"i\":\"218c8873-ec71-4a2c-9c8d-5fa62afa2de1\"},\"panelIndex\":\"218c8873-ec71-4a2c-9c8d-5fa62afa2de1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":52,\"w\":12,\"h\":19,\"i\":\"14a8b2bb-ca81-42a5-90aa-e70b5bd81d89\"},\"panelIndex\":\"14a8b2bb-ca81-42a5-90aa-e70b5bd81d89\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":27,\"i\":\"26e11cb0-ce55-4980-9fba-be104eda38a7\"},\"panelIndex\":\"26e11cb0-ce55-4980-9fba-be104eda38a7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"}]",
+        "optionsJSON": "{\"useMargins\":true}",
+        "version": 1,
+        "timeRestore": false,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
+        }
+      },
+      "references": [
+        {
+          "name": "panel_0",
+          "type": "visualization",
+          "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
+        },
+        {
+          "name": "panel_1",
+          "type": "visualization",
+          "id": "31e06210-4761-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "b614fcd0-4761-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "71d832b0-4763-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_4",
+          "type": "visualization",
+          "id": "adc09360-49c7-11ea-812f-2bc51df4ea1e"
+        },
+        {
+          "name": "panel_5",
+          "type": "visualization",
+          "id": "f17fab90-4760-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_6",
+          "type": "visualization",
+          "id": "0db533e0-47a0-11ea-86b0-e3b81eb90684"
+        },
+        {
+          "name": "panel_7",
+          "type": "visualization",
+          "id": "60e83820-4762-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_8",
+          "type": "visualization",
+          "id": "1c681a40-47a2-11ea-86b0-e3b81eb90684"
+        },
+        {
+          "name": "panel_9",
+          "type": "visualization",
+          "id": "8253ab70-4762-11ea-949c-bbb5a9feecbf"
+        },
+        {
+          "name": "panel_10",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "dashboard": "7.3.0"
+      }
+    },
+    {
+      "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:19:05.328Z",
+      "version": "Wzc5NCwxXQ==",
+      "attributes": {
+        "title": "Zeek Logs",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "31e06210-4761-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxMCwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Log Counts",
+        "visState": "{\"title\":\"ICS/IoT Log Counts\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":36}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{}}}],\"bucket\":{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}}}},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "b614fcd0-4761-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxMSwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Traffic Over Time",
+        "visState": "{\"title\":\"ICS/IoT Traffic Over Time\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD\"}},\"params\":{\"date\":true,\"interval\":\"P30D\",\"intervalESValue\":30,\"intervalESUnit\":\"d\",\"format\":\"YYYY-MM-DD\",\"bounds\":{\"min\":\"1976-02-04T15:18:33.141Z\",\"max\":\"2020-02-04T15:18:33.141Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-44y\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "71d832b0-4763-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxMiwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT External Traffic",
+        "visState": "{\"title\":\"ICS/IoT External Traffic\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":5,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":4,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Destination Country\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":499,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.source_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Source Country\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Destination Country\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Destination Country\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"tags:(external_source OR external_destination)\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "adc09360-49c7-11ea-812f-2bc51df4ea1e",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:34:15.061Z",
+      "version": "WzgxMywxXQ==",
+      "attributes": {
+        "title": "Network Layer",
+        "visState": "{\"title\":\"Network Layer\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"network.type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Network Layer\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "f17fab90-4760-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxNCwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Actions",
+        "visState": "{\"title\":\"ICS/IoT Actions\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.action\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"-\",\"customLabel\":\"Action\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "0db533e0-47a0-11ea-86b0-e3b81eb90684",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxNSwxXQ==",
+      "attributes": {
+        "title": "Non-ICS/IoT Protocols Observed",
+        "visState": "{\"title\":\"Non-ICS/IoT Protocols Observed\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":30,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"NOT zeek.service:(bacnet OR cip OR dnp3* OR enip OR cotp OR modbus OR mqtt OR profinet* OR s7comm)\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "60e83820-4762-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxNiwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Source IP",
+        "visState": "{\"title\":\"ICS/IoT Source IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"-\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "1c681a40-47a2-11ea-86b0-e3b81eb90684",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxNywxXQ==",
+      "attributes": {
+        "title": "File Types by Transport",
+        "visState": "{\"title\":\"File Types by Transport\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.filetype\",\"orderBy\":\"_key\",\"order\":\"desc\",\"size\":500,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"File Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_files.source\",\"orderBy\":\"_key\",\"order\":\"desc\",\"size\":50,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Transport\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "8253ab70-4762-11ea-949c-bbb5a9feecbf",
+      "type": "visualization",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxOCwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Destination IP",
+        "visState": "{\"title\":\"ICS/IoT Destination IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"-\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "1dc3dfb0-4760-11ea-949c-bbb5a9feecbf",
+      "type": "search",
+      "updated_at": "2020-02-07T16:18:27.234Z",
+      "version": "WzQxOSwxXQ==",
+      "attributes": {
+        "title": "ICS/IoT Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "zeek.action",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"zeek.logType:(bacnet OR cip OR dnp3 OR enip* OR iso_cotp OR *modbus* OR mqtt* OR profinet* OR s7comm)\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
+      "type": "search",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
+      "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459",
+      "type": "search",
+      "updated_at": "2020-02-07T16:18:44.769Z",
+      "version": "WzU4NywxXQ==",
+      "attributes": {
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "hits": 0,
+        "description": "",
+        "title": "Files - Logs",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:files\"}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        },
+        "columns": [
+          "zeek_files.tx_hosts",
+          "dstIp",
+          "zeek_files.source",
+          "zeek.uid",
+          "zeek.fuid",
+          "_id"
+        ]
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/kibana/dashboards/4e5f106e-c60a-4226-8f64-d534abb912ab.json b/kibana/dashboards/4e5f106e-c60a-4226-8f64-d534abb912ab.json
index d8e76e6f8..f6334c8ed 100644
--- a/kibana/dashboards/4e5f106e-c60a-4226-8f64-d534abb912ab.json
+++ b/kibana/dashboards/4e5f106e-c60a-4226-8f64-d534abb912ab.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "4e5f106e-c60a-4226-8f64-d534abb912ab",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI1MiwxXQ==",
+      "updated_at": "2020-02-12T19:47:20.532Z",
+      "version": "WzExNjIsMV0=",
       "attributes": {
         "title": "SNMP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":16,\"h\":24,\"x\":8,\"y\":32,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":12,\"h\":24,\"x\":24,\"y\":32,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":8,\"i\":\"9\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":12,\"h\":24,\"x\":8,\"y\":8,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{}},{\"panelIndex\":\"11\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":56,\"i\":\"11\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"12\",\"gridData\":{\"w\":12,\"h\":24,\"x\":36,\"y\":32,\"i\":\"12\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"13\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"14\",\"gridData\":{\"w\":12,\"h\":24,\"x\":20,\"y\":8,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":14,\"h\":21,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":27,\"w\":14,\"h\":21,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":37,\"y\":8,\"w\":11,\"h\":19,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":14,\"h\":19,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":27,\"w\":12,\"h\":21,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":8,\"w\":15,\"h\":19,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":48,\"w\":48,\"h\":39,\"i\":\"3c17aeed-cffb-4aaf-a3b3-710de42d206c\"},\"panelIndex\":\"3c17aeed-cffb-4aaf-a3b3-710de42d206c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -51,23 +51,23 @@
         },
         {
           "name": "panel_6",
-          "type": "search",
-          "id": "a7b5dae1-2f35-47c9-91ba-c8e8e66d10c8"
+          "type": "visualization",
+          "id": "9d7d51d5-9d5f-4fc1-a0fe-bffa6c7548a9"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "9d7d51d5-9d5f-4fc1-a0fe-bffa6c7548a9"
+          "id": "AWDHD-LfxQT5EBNmq4iB"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHD-LfxQT5EBNmq4iB"
+          "id": "72341dff-ce1a-4f9c-bf4b-5675409476a1"
         },
         {
           "name": "panel_9",
-          "type": "visualization",
-          "id": "72341dff-ce1a-4f9c-bf4b-5675409476a1"
+          "type": "search",
+          "id": "a7b5dae1-2f35-47c9-91ba-c8e8e66d10c8"
         }
       ],
       "migrationVersion": {
@@ -77,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +97,8 @@
     {
       "id": "96dc7277-2123-4a0d-9311-571a6dd9bb0a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0MywxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQyNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SNMP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -124,8 +124,8 @@
     {
       "id": "272670ef-2b43-45dc-b8ae-c7f2ead10348",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQyNiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SNMP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -151,8 +151,8 @@
     {
       "id": "cf0c69f3-7cc6-4c70-a33a-154e77ca547a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQyNywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SNMP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -178,8 +178,8 @@
     {
       "id": "f95dd65c-c240-4144-bd27-ff5692843e25",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQyOCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SNMP - Session Duration\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_snmp.duration\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Duration\"}}],\"listeners\":{}}",
         "description": "",
@@ -205,13 +205,13 @@
     {
       "id": "14a4ae12-fc79-45a8-ad86-2c08a5118e37",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0NywxXQ==",
+      "updated_at": "2020-02-12T19:43:33.030Z",
+      "version": "WzExNDksMV0=",
       "attributes": {
-        "visState": "{\"title\":\"SNMP - Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_snmp.version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "SNMP - Version",
-        "uiStateJSON": "{}",
+        "visState": "{\"title\":\"SNMP - Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_snmp.version: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_snmp.version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SNMP Version\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -220,8 +220,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "a7b5dae1-2f35-47c9-91ba-c8e8e66d10c8"
         }
       ],
@@ -229,50 +229,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "a7b5dae1-2f35-47c9-91ba-c8e8e66d10c8",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0OCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SNMP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:snmp\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "9d7d51d5-9d5f-4fc1-a0fe-bffa6c7548a9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI0OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQzMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SNMP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -298,8 +259,8 @@
     {
       "id": "AWDHD-LfxQT5EBNmq4iB",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI1MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQzMiwxXQ==",
       "attributes": {
         "title": "SNMP - Log Count",
         "visState": "{\"title\":\"SNMP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -325,8 +286,8 @@
     {
       "id": "72341dff-ce1a-4f9c-bf4b-5675409476a1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:26.725Z",
-      "version": "WzI1MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:28.340Z",
+      "version": "WzQzMywxXQ==",
       "attributes": {
         "title": "SNMP - Community String",
         "visState": "{\"title\":\"SNMP - Community String\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_snmp.community\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Community String\"}}]}",
@@ -348,6 +309,45 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "a7b5dae1-2f35-47c9-91ba-c8e8e66d10c8",
+      "type": "search",
+      "updated_at": "2020-02-12T19:46:48.081Z",
+      "version": "WzExNjAsMV0=",
+      "attributes": {
+        "title": "SNMP - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_snmp.version",
+          "zeek_snmp.community",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:snmp\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/50ced171-1b10-4c3f-8b67-2db9635661a6.json b/kibana/dashboards/50ced171-1b10-4c3f-8b67-2db9635661a6.json
index 048619661..f8751aa08 100644
--- a/kibana/dashboards/50ced171-1b10-4c3f-8b67-2db9635661a6.json
+++ b/kibana/dashboards/50ced171-1b10-4c3f-8b67-2db9635661a6.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "50ced171-1b10-4c3f-8b67-2db9635661a6",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI2MCwxXQ==",
+      "updated_at": "2020-02-12T17:54:05.240Z",
+      "version": "Wzk4MiwxXQ==",
       "attributes": {
         "title": "MySQL",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":40,\"h\":24,\"x\":8,\"y\":32,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":56,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":8,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":16,\"h\":24,\"x\":8,\"y\":8,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":24,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":true},\"legendOpen\":false},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":24,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":9,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":9,\"w\":8,\"h\":15,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":24,\"w\":48,\"h\":32,\"i\":\"04e96790-2a76-4656-956b-bdf780792c40\"},\"panelIndex\":\"04e96790-2a76-4656-956b-bdf780792c40\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":56,\"w\":48,\"h\":26,\"i\":\"27a5666b-5633-4982-b276-ecafa4a38b74\"},\"panelIndex\":\"27a5666b-5633-4982-b276-ecafa4a38b74\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -32,27 +32,22 @@
         {
           "name": "panel_2",
           "type": "visualization",
-          "id": "0229ca49-719d-4668-8fa0-a5b0777be627"
+          "id": "AWDHBRrrxQT5EBNmq4TI"
         },
         {
           "name": "panel_3",
-          "type": "search",
-          "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
+          "type": "visualization",
+          "id": "3bfe2a4c-d202-49e0-8ebc-484e542f910f"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "AWDHBRrrxQT5EBNmq4TI"
+          "id": "f82136c0-4dbf-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_5",
-          "type": "visualization",
-          "id": "e2396df9-49c7-445a-bb80-3ff4c1432912"
-        },
-        {
-          "name": "panel_6",
-          "type": "visualization",
-          "id": "3bfe2a4c-d202-49e0-8ebc-484e542f910f"
+          "type": "search",
+          "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
         }
       ],
       "migrationVersion": {
@@ -62,13 +57,13 @@
     {
       "id": "a2e900c8-9dd9-490b-9043-a9b5034424b5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1MywxXQ==",
+      "updated_at": "2020-02-12T17:52:54.897Z",
+      "version": "Wzk4MCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"MySQL - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
-        "description": "",
         "title": "MySQL - Log Count Over Time",
+        "visState": "{\"title\":\"MySQL - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"stacked\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"type\":\"line\",\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD\"}},\"params\":{\"date\":true,\"interval\":\"P30D\",\"intervalESValue\":30,\"intervalESUnit\":\"d\",\"format\":\"YYYY-MM-DD\",\"bounds\":{\"min\":\"1976-02-12T17:52:43.825Z\",\"max\":\"2020-02-12T17:52:43.825Z\"}},\"label\":\"firstPacket per 30 days\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Command\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-44y\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_mysql.cmd\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Command\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -77,8 +72,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
         }
       ],
@@ -89,11 +84,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -107,15 +102,15 @@
       }
     },
     {
-      "id": "0229ca49-719d-4668-8fa0-a5b0777be627",
+      "id": "AWDHBRrrxQT5EBNmq4TI",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:29.369Z",
+      "version": "WzQzOSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"MySQL - Command/Argument\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.command\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Command\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.arg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Argument\"}}],\"listeners\":{}}",
+        "title": "MySQL - Log Count",
+        "visState": "{\"title\":\"MySQL - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "MySQL - Command/Argument",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -134,64 +129,25 @@
       }
     },
     {
-      "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1NiwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "MySQL - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:mysql\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "AWDHBRrrxQT5EBNmq4TI",
+      "id": "3bfe2a4c-d202-49e0-8ebc-484e542f910f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1NywxXQ==",
+      "updated_at": "2020-02-12T17:37:49.986Z",
+      "version": "Wzk2NiwxXQ==",
       "attributes": {
-        "title": "MySQL - Log Count",
-        "visState": "{\"title\":\"MySQL - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "MySQL - Success",
+        "visState": "{\"title\":\"MySQL - Success\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_mysql.success: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_mysql.success\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
         }
       ],
@@ -200,25 +156,25 @@
       }
     },
     {
-      "id": "e2396df9-49c7-445a-bb80-3ff4c1432912",
+      "id": "f82136c0-4dbf-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1OCwxXQ==",
+      "updated_at": "2020-02-12T17:50:55.881Z",
+      "version": "Wzk3OCwxXQ==",
       "attributes": {
-        "title": "MySQL - Response",
-        "visState": "{\"title\":\"MySQL - Response\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.response\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Response\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "title": "MySQL - Commands",
+        "visState": "{\"title\":\"MySQL - Commands\",\"type\":\"table\",\"params\":{\"perPage\":20,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Command\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Argument\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Response\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Success\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.cmd\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Command\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.arg\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Argument\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.response\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Response\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_mysql.success\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Success\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
         }
       ],
@@ -227,30 +183,42 @@
       }
     },
     {
-      "id": "3bfe2a4c-d202-49e0-8ebc-484e542f910f",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:27.758Z",
-      "version": "WzI1OSwxXQ==",
+      "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a",
+      "type": "search",
+      "updated_at": "2020-02-12T17:43:24.227Z",
+      "version": "Wzk3MCwxXQ==",
       "attributes": {
-        "title": "MySQL - Success",
-        "visState": "{\"title\":\"MySQL - Success\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_mysql.success\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
-        "uiStateJSON": "{}",
+        "title": "MySQL - Logs",
         "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_mysql.cmd",
+          "zeek_mysql.success",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
-        },
-        "savedSearchRefName": "search_0"
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:mysql\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
-          "type": "search",
-          "name": "search_0",
-          "id": "f4ad663c-8222-4f64-9f66-d4fa8b04c20a"
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
         }
       ],
       "migrationVersion": {
-        "visualization": "7.4.2"
+        "search": "7.4.0"
       }
     }
   ]
diff --git a/kibana/dashboards/543118a9-02d7-43fe-b669-b8652177fc37.json b/kibana/dashboards/543118a9-02d7-43fe-b669-b8652177fc37.json
index 7b62e8ebf..4800d81b4 100644
--- a/kibana/dashboards/543118a9-02d7-43fe-b669-b8652177fc37.json
+++ b/kibana/dashboards/543118a9-02d7-43fe-b669-b8652177fc37.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "543118a9-02d7-43fe-b669-b8652177fc37",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI3MywxXQ==",
+      "updated_at": "2020-02-12T18:02:40.275Z",
+      "version": "WzEwMDAsMV0=",
       "attributes": {
         "title": "NTLM",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":60,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"4\",\"gridData\":{\"x\":0,\"y\":84,\"w\":48,\"h\":24,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"5\",\"gridData\":{\"x\":32,\"y\":32,\"w\":16,\"h\":28,\"i\":\"5\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":8,\"y\":32,\"w\":12,\"h\":28,\"i\":\"7\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":20,\"y\":32,\"w\":12,\"h\":28,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":16,\"y\":60,\"w\":16,\"h\":24,\"i\":\"10\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"11\",\"gridData\":{\"x\":0,\"y\":60,\"w\":16,\"h\":24,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"13\",\"gridData\":{\"x\":32,\"y\":60,\"w\":16,\"h\":24,\"i\":\"13\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":32,\"y\":8,\"w\":16,\"h\":24,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}},{\"panelIndex\":\"15\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"15\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":8,\"y\":8,\"w\":24,\"h\":24,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":47,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":23,\"w\":16,\"h\":24,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":12,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":27,\"w\":12,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":47,\"w\":16,\"h\":24,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":47,\"w\":16,\"h\":24,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":47,\"w\":16,\"h\":24,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":24,\"h\":19,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":8,\"w\":16,\"h\":15,\"i\":\"810e5272-b5cd-4e76-b0cf-32cc7a3f57e8\"},\"panelIndex\":\"810e5272-b5cd-4e76-b0cf-32cc7a3f57e8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":40,\"i\":\"cac38fd6-65a1-4041-83e4-f95e0d136537\"},\"panelIndex\":\"cac38fd6-65a1-4041-83e4-f95e0d136537\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek_ntlm.host\",\"zeek_ntlm.domain\",\"zeek_ntlm.server_nb_computer\",\"zeek_ntlm.server_dns_computer\",\"zeek_ntlm.server_tree\",\"zeek.uid\"]},\"panelRefName\":\"panel_11\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,53 +31,53 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "40c651a5-3e02-47b4-8d6b-8628a351007c"
+          "type": "visualization",
+          "id": "9500b522-519f-4219-8ba3-8f5fa5bc1452"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "9500b522-519f-4219-8ba3-8f5fa5bc1452"
+          "id": "cc045686-66be-4450-8d8a-90927323968d"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "cc045686-66be-4450-8d8a-90927323968d"
+          "id": "9e559bef-866f-4934-b1b5-4db5bf213664"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "9e559bef-866f-4934-b1b5-4db5bf213664"
+          "id": "706e217b-6d5c-4c74-b340-a34c9801e2dc"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "706e217b-6d5c-4c74-b340-a34c9801e2dc"
+          "id": "97f78ed5-c786-4e8d-924e-3c69f09cd79f"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "97f78ed5-c786-4e8d-924e-3c69f09cd79f"
+          "id": "03592efa-6618-4b50-8071-21accd137e30"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "03592efa-6618-4b50-8071-21accd137e30"
+          "id": "AWDHCEx7xQT5EBNmq4Vf"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "96ae9f6a-7b69-4bcb-afa8-96c34fb0aa80"
+          "id": "319e9e0b-b12e-4401-8833-3c62de2df7da"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "AWDHCEx7xQT5EBNmq4Vf"
+          "id": "110b46c0-4dc1-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_11",
-          "type": "visualization",
-          "id": "319e9e0b-b12e-4401-8833-3c62de2df7da"
+          "type": "search",
+          "id": "40c651a5-3e02-47b4-8d6b-8628a351007c"
         }
       ],
       "migrationVersion": {
@@ -87,11 +87,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -107,8 +107,8 @@
     {
       "id": "7be3afad-a0db-466b-8dd1-3e04d5acea6b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ0NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per minute\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -131,55 +131,16 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "40c651a5-3e02-47b4-8d6b-8628a351007c",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2MywxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "NTLM - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ntlm\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "9500b522-519f-4219-8ba3-8f5fa5bc1452",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2NCwxXQ==",
+      "updated_at": "2020-02-12T17:58:15.812Z",
+      "version": "Wzk4NywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"NTLM - Hostname\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Hostname\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "NTLM - Hostname",
+        "visState": "{\"title\":\"NTLM - Hostname\",\"type\":\"table\",\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Hostname\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.host\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Hostname\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -188,8 +149,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "40c651a5-3e02-47b4-8d6b-8628a351007c"
         }
       ],
@@ -200,8 +161,8 @@
     {
       "id": "cc045686-66be-4450-8d8a-90927323968d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ0NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Domain Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.domain\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Domain\"}}],\"listeners\":{}}",
         "description": "",
@@ -227,8 +188,8 @@
     {
       "id": "9e559bef-866f-4934-b1b5-4db5bf213664",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ0OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Username\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.user\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}}],\"listeners\":{}}",
         "description": "",
@@ -254,8 +215,8 @@
     {
       "id": "706e217b-6d5c-4c74-b340-a34c9801e2dc",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2NywxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ0OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -281,8 +242,8 @@
     {
       "id": "97f78ed5-c786-4e8d-924e-3c69f09cd79f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2OCwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ1MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -308,8 +269,8 @@
     {
       "id": "03592efa-6618-4b50-8071-21accd137e30",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI2OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ1MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"NTLM - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -333,15 +294,15 @@
       }
     },
     {
-      "id": "96ae9f6a-7b69-4bcb-afa8-96c34fb0aa80",
+      "id": "AWDHCEx7xQT5EBNmq4Vf",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI3MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ1MywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"NTLM - Status\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Status\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ntlm.status\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Status\"}}],\"listeners\":{}}",
+        "title": "NTLM - Log Count",
+        "visState": "{\"title\":\"NTLM - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "NTLM - Status",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -360,18 +321,18 @@
       }
     },
     {
-      "id": "AWDHCEx7xQT5EBNmq4Vf",
+      "id": "319e9e0b-b12e-4401-8833-3c62de2df7da",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI3MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:30.401Z",
+      "version": "WzQ1NCwxXQ==",
       "attributes": {
-        "title": "NTLM - Log Count",
-        "visState": "{\"title\":\"NTLM - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "NTLM - Hostname to Username",
+        "visState": "{\"title\":\"NTLM - Hostname to Username\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Hostname\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.user\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.domain\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Domain\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
         },
         "savedSearchRefName": "search_0"
       },
@@ -387,31 +348,73 @@
       }
     },
     {
-      "id": "319e9e0b-b12e-4401-8833-3c62de2df7da",
+      "id": "110b46c0-4dc1-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:28.779Z",
-      "version": "WzI3MiwxXQ==",
+      "updated_at": "2020-02-12T17:56:59.820Z",
+      "version": "Wzk4NCwxXQ==",
       "attributes": {
-        "title": "NTLM - Hostname to Username",
-        "visState": "{\"title\":\"NTLM - Hostname to Username\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Hostname\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.user\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ntlm.domain\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Domain\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "title": "NTLM - Success",
+        "visState": "{\"title\":\"NTLM - Success\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Success\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ntlm.success\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Success\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "40c651a5-3e02-47b4-8d6b-8628a351007c"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "40c651a5-3e02-47b4-8d6b-8628a351007c",
+      "type": "search",
+      "updated_at": "2020-02-12T18:02:58.042Z",
+      "version": "WzEwMDIsMV0=",
+      "attributes": {
+        "title": "NTLM - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_ntlm.host",
+          "zeek_ntlm.domain",
+          "zeek_ntlm.server_nb_computer",
+          "zeek_ntlm.server_dns_computer",
+          "zeek_ntlm.server_tree",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:ntlm\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/55e332d0-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/55e332d0-3f99-11e9-a58e-8bdedb0915e8.json
index 45c9c6e7a..04781d79e 100644
--- a/kibana/dashboards/55e332d0-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/55e332d0-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "55e332d0-3f99-11e9-a58e-8bdedb0915e8",
@@ -10,7 +10,7 @@
         "title": "Connections - Destination - Originator Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.6.2\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -41,7 +41,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -61,7 +61,7 @@
       "version": "WzI3NSwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Originator Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Destination - Originator Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.orig_bytes\",\"customLabel\":\"Originator Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
+        "visState": "{\"title\":\"Connections - Destination - Originator Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.orig_bytes\",\"customLabel\":\"Originator Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
         "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
         "description": "",
         "version": 1,
@@ -84,30 +84,32 @@
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/60d78fbd-471c-4f59-a9e3-189b33a13644.json b/kibana/dashboards/60d78fbd-471c-4f59-a9e3-189b33a13644.json
index abd234a92..ef1b780e4 100644
--- a/kibana/dashboards/60d78fbd-471c-4f59-a9e3-189b33a13644.json
+++ b/kibana/dashboards/60d78fbd-471c-4f59-a9e3-189b33a13644.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "60d78fbd-471c-4f59-a9e3-189b33a13644",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:30.834Z",
-      "version": "WzI4MSwxXQ==",
+      "updated_at": "2020-02-13T15:36:32.331Z",
+      "version": "WzkzMCwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Sum of Total Bytes",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{\"mapCenter\":[24.846565348219734,0.087890625],\"mapZoom\":2}},{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":39,\"h\":50,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":null},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"185e3f31-3f18-4df8-93c1-617c0323f051\"},\"panelIndex\":\"185e3f31-3f18-4df8-93c1-617c0323f051\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"887a57e9-3078-4fe1-9ea9-0ee63abe554f\"},\"panelIndex\":\"887a57e9-3078-4fe1-9ea9-0ee63abe554f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,8 +47,8 @@
     {
       "id": "7fe0a885-b172-48b9-ac34-0c8e8d5c2f82",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:30.834Z",
-      "version": "WzI3OCwxXQ==",
+      "updated_at": "2020-02-13T14:16:32.344Z",
+      "version": "WzQ2MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Destination - Sum of Total Bytes\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -64,11 +74,67 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -84,30 +150,32 @@
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/665d1610-523d-11e9-a30e-e3576242f3ed.json b/kibana/dashboards/665d1610-523d-11e9-a30e-e3576242f3ed.json
index 662d538a7..89547d7a6 100644
--- a/kibana/dashboards/665d1610-523d-11e9-a30e-e3576242f3ed.json
+++ b/kibana/dashboards/665d1610-523d-11e9-a30e-e3576242f3ed.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "665d1610-523d-11e9-a30e-e3576242f3ed",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4OCwxXQ==",
+      "updated_at": "2020-02-12T15:53:37.316Z",
+      "version": "Wzg2NSwxXQ==",
       "attributes": {
         "title": "Signatures",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"h\":56,\"i\":\"2\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"9\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"10\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"10\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":48,\"i\":\"11\",\"w\":40,\"x\":8,\"y\":32},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":24,\"i\":\"12\",\"w\":20,\"x\":8,\"y\":8},\"panelIndex\":\"12\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":24,\"i\":\"13\",\"w\":20,\"x\":28,\"y\":8},\"panelIndex\":\"13\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":32,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":32,\"w\":48,\"h\":48,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":24,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":24,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -57,11 +57,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -77,8 +77,8 @@
     {
       "id": "0927a2fa-f94e-4f68-a23b-5054ed2e171a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4MywxXQ==",
+      "updated_at": "2020-02-12T15:00:33.475Z",
+      "version": "WzQ2NSwxXQ==",
       "attributes": {
         "title": "Signatures - Log Count Over Time",
         "visState": "{\"title\":\"Signatures - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}",
@@ -103,8 +103,8 @@
     {
       "id": "8356c570-523f-11e9-a30e-e3576242f3ed",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:33.475Z",
+      "version": "WzQ2NiwxXQ==",
       "attributes": {
         "title": "Signatures - Log Count",
         "visState": "{\"title\":\"Signatures - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":false},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}}]}",
@@ -130,8 +130,8 @@
     {
       "id": "34dd33c0-523f-11e9-a30e-e3576242f3ed",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:43.723Z",
+      "version": "WzU4MywxXQ==",
       "attributes": {
         "title": "Signatures - Logs",
         "description": "",
@@ -167,8 +167,8 @@
     {
       "id": "0e9b1a00-525e-11e9-9bd7-13d6d1bafa75",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:43.723Z",
+      "version": "WzU3MywxXQ==",
       "attributes": {
         "title": "Signatures - Signature IDs",
         "visState": "{\"title\":\"Signatures - Signature IDs\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_signatures.signature_id\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature ID\"}}]}",
@@ -194,8 +194,8 @@
     {
       "id": "39073d50-525e-11e9-9bd7-13d6d1bafa75",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:31.866Z",
-      "version": "WzI4NywxXQ==",
+      "updated_at": "2020-02-12T15:00:33.475Z",
+      "version": "WzQ2OSwxXQ==",
       "attributes": {
         "title": "Signatures - Engines",
         "visState": "{\"title\":\"Signatures - Engines\",\"type\":\"horizontal_bar\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":200},\"position\":\"left\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"bottom\",\"orderBucketsBySum\":false,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":true,\"rotate\":75,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"bottom\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_signatures.engine\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Engines\"}}]}",
diff --git a/kibana/dashboards/76f2f912-80da-44cd-ab66-6a73c8344cc3.json b/kibana/dashboards/76f2f912-80da-44cd-ab66-6a73c8344cc3.json
index ce199c1d1..dd0de2a58 100644
--- a/kibana/dashboards/76f2f912-80da-44cd-ab66-6a73c8344cc3.json
+++ b/kibana/dashboards/76f2f912-80da-44cd-ab66-6a73c8344cc3.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "76f2f912-80da-44cd-ab66-6a73c8344cc3",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5OCwxXQ==",
+      "updated_at": "2020-02-12T17:13:26.938Z",
+      "version": "Wzk0NCwxXQ==",
       "attributes": {
         "title": "IRC",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"2\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"4\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":12,\"h\":24,\"x\":20,\"y\":32,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":12,\"h\":24,\"x\":8,\"y\":32,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":56,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"11\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":32,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"12\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"12\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":8,\"i\":\"13\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"15\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":8,\"i\":\"15\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":47,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":27,\"w\":12,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":12,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":27,\"w\":16,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":19,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":19,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":47,\"w\":48,\"h\":37,\"i\":\"d32001ad-b1a2-4fde-8feb-c06e3a7b1f91\"},\"panelIndex\":\"d32001ad-b1a2-4fde-8feb-c06e3a7b1f91\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -41,28 +41,28 @@
         },
         {
           "name": "panel_4",
-          "type": "search",
-          "id": "5486b4b2-714d-45d1-b347-ab274894de1f"
+          "type": "visualization",
+          "id": "6544edd6-ae35-4e10-be83-ede9cb2a5fa2"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "6544edd6-ae35-4e10-be83-ede9cb2a5fa2"
+          "id": "AWDG_HoKxQT5EBNmq4KN"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "AWDG_HoKxQT5EBNmq4KN"
+          "id": "7a04aa5c-8e7f-4405-9291-2fa3ce1b6c7a"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "7a04aa5c-8e7f-4405-9291-2fa3ce1b6c7a"
+          "id": "91a1e5ab-35e4-4a8a-a26f-4b4c1b9bb8ec"
         },
         {
           "name": "panel_8",
-          "type": "visualization",
-          "id": "91a1e5ab-35e4-4a8a-a26f-4b4c1b9bb8ec"
+          "type": "search",
+          "id": "5486b4b2-714d-45d1-b347-ab274894de1f"
         }
       ],
       "migrationVersion": {
@@ -72,11 +72,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -92,8 +92,8 @@
     {
       "id": "97e59b5d-86f2-42e6-9dbb-67336dd6c38a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"IRC - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -119,8 +119,8 @@
     {
       "id": "46ada5c4-3522-4a0c-a2dd-279d59e23160",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"IRC - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -146,8 +146,8 @@
     {
       "id": "3e7fcb65-15e8-4a05-92de-ee924c08d85c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"IRC - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -170,50 +170,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "5486b4b2-714d-45d1-b347-ab274894de1f",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5MywxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "IRC - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:irc\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "6544edd6-ae35-4e10-be83-ede9cb2a5fa2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3NiwxXQ==",
       "attributes": {
         "title": "IRC - Destination Port",
         "visState": "{\"title\":\"IRC - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}]}",
@@ -239,8 +200,8 @@
     {
       "id": "AWDG_HoKxQT5EBNmq4KN",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3NywxXQ==",
       "attributes": {
         "title": "IRC - Log Count",
         "visState": "{\"title\":\"IRC - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -266,8 +227,8 @@
     {
       "id": "7a04aa5c-8e7f-4405-9291-2fa3ce1b6c7a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3OCwxXQ==",
       "attributes": {
         "title": "IRC - Destination Country",
         "visState": "{\"title\":\"IRC - Destination Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Country\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.city_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination City\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}]}",
@@ -293,8 +254,8 @@
     {
       "id": "91a1e5ab-35e4-4a8a-a26f-4b4c1b9bb8ec",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:32.890Z",
-      "version": "WzI5NywxXQ==",
+      "updated_at": "2020-02-12T15:00:34.504Z",
+      "version": "WzQ3OSwxXQ==",
       "attributes": {
         "title": "IRC - Command",
         "visState": "{\"title\":\"IRC - Command\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_irc.command\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Command\"}}]}",
@@ -316,6 +277,46 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "5486b4b2-714d-45d1-b347-ab274894de1f",
+      "type": "search",
+      "updated_at": "2020-02-12T17:12:29.165Z",
+      "version": "Wzk0MiwxXQ==",
+      "attributes": {
+        "title": "IRC - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_irc.nick",
+          "zeek_irc.command",
+          "zeek_irc.value",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:irc\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/77fc9960-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/77fc9960-3f99-11e9-a58e-8bdedb0915e8.json
index 34861ea02..00bf1ba9d 100644
--- a/kibana/dashboards/77fc9960-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/77fc9960-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "77fc9960-3f99-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:33.914Z",
-      "version": "WzMwMiwxXQ==",
+      "updated_at": "2020-02-13T15:37:23.331Z",
+      "version": "WzkzNCwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Responder Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"18ef74a3-0457-4cdd-acdc-2c0d967c4b7c\"},\"panelIndex\":\"18ef74a3-0457-4cdd-acdc-2c0d967c4b7c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"bf8d1e0a-e6dd-4ea2-8466-220565d99081\"},\"panelIndex\":\"bf8d1e0a-e6dd-4ea2-8466-220565d99081\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "54431ec0-3f96-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,11 +67,11 @@
     {
       "id": "54431ec0-3f96-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:33.914Z",
-      "version": "WzMwMCwxXQ==",
+      "updated_at": "2020-02-13T14:16:35.430Z",
+      "version": "WzQ4MiwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Responder Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Destination - Responder Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.resp_bytes\",\"customLabel\":\"Responder Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
+        "visState": "{\"title\":\"Connections - Destination - Responder Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.resp_bytes\",\"customLabel\":\"Responder Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
         "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
         "description": "",
         "version": 1,
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/7f41913f-cba8-43f5-82a8-241b7ead03e0.json b/kibana/dashboards/7f41913f-cba8-43f5-82a8-241b7ead03e0.json
index f1c2d9208..403b2de17 100644
--- a/kibana/dashboards/7f41913f-cba8-43f5-82a8-241b7ead03e0.json
+++ b/kibana/dashboards/7f41913f-cba8-43f5-82a8-241b7ead03e0.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "7f41913f-cba8-43f5-82a8-241b7ead03e0",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxNiwxXQ==",
+      "updated_at": "2020-02-12T18:38:06.748Z",
+      "version": "WzEwNjEsMV0=",
       "attributes": {
         "title": "RDP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":80,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":32,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":32,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"gridData\":{\"w\":12,\"h\":12,\"x\":36,\"y\":8,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":56,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":56,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":12,\"h\":12,\"x\":8,\"y\":8,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"w\":16,\"h\":12,\"x\":20,\"y\":8,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":20,\"h\":12,\"x\":8,\"y\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":20,\"h\":12,\"x\":28,\"y\":20,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"}]",
+        "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":40,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"5\",\"w\":15,\"x\":0,\"y\":40},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"6\",\"w\":16,\"x\":15,\"y\":40},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"7\",\"w\":11,\"x\":37,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"9\",\"w\":17,\"x\":31,\"y\":40},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":12,\"i\":\"10\",\"w\":15,\"x\":8,\"y\":8},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":12,\"i\":\"11\",\"w\":14,\"x\":23,\"y\":8},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"12\",\"w\":20,\"x\":8,\"y\":20},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"14\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"17548109-6b40-41e7-997f-17290b9759ac\",\"w\":20,\"x\":28,\"y\":20},\"panelIndex\":\"17548109-6b40-41e7-997f-17290b9759ac\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":36,\"i\":\"c76b082d-e205-42f7-8c7a-46be60fccb19\",\"w\":48,\"x\":0,\"y\":62},\"panelIndex\":\"c76b082d-e205-42f7-8c7a-46be60fccb19\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_11\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,58 +31,53 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
+          "type": "visualization",
+          "id": "171c1475-1288-4dab-b5f4-f2105c7167a5"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "171c1475-1288-4dab-b5f4-f2105c7167a5"
+          "id": "0a4694d9-2c36-48f3-979e-22548fff8fda"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "0a4694d9-2c36-48f3-979e-22548fff8fda"
+          "id": "7bb9def4-0e06-49ba-a83a-8223f34d7331"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "7bb9def4-0e06-49ba-a83a-8223f34d7331"
+          "id": "890ddd12-deb4-4608-890c-f0290dea3566"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "0f8faebc-f66b-45b0-9015-6fa5a4d8258a"
+          "id": "874675b5-bc49-4a3a-8d6e-a7efd713919e"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "890ddd12-deb4-4608-890c-f0290dea3566"
+          "id": "088c8f99-a90e-4a1e-b1a4-afd93ff076da"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "874675b5-bc49-4a3a-8d6e-a7efd713919e"
+          "id": "b4d98d1f-dad9-4883-95ff-f8edc0b23b34"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "088c8f99-a90e-4a1e-b1a4-afd93ff076da"
+          "id": "AWDHCvBexQT5EBNmq4aK"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "b4d98d1f-dad9-4883-95ff-f8edc0b23b34"
+          "id": "93df26c0-4dc6-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_11",
-          "type": "visualization",
-          "id": "29c1e2ac-9a73-4a64-944d-d76135f41f30"
-        },
-        {
-          "name": "panel_12",
-          "type": "visualization",
-          "id": "AWDHCvBexQT5EBNmq4aK"
+          "type": "search",
+          "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
         }
       ],
       "migrationVersion": {
@@ -92,11 +87,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -112,8 +107,8 @@
     {
       "id": "b4e1f8d3-fdd9-4a86-b907-0e432b1a6049",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ4NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RDP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -136,50 +131,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwNSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "RDP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:rdp\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "171c1475-1288-4dab-b5f4-f2105c7167a5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ4OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RDP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -205,8 +161,8 @@
     {
       "id": "0a4694d9-2c36-48f3-979e-22548fff8fda",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwNywxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ4OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RDP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -232,8 +188,8 @@
     {
       "id": "7bb9def4-0e06-49ba-a83a-8223f34d7331",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ5MCwxXQ==",
       "attributes": {
         "title": "RDP - Destination Port",
         "visState": "{\"title\":\"RDP - Destination Port\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -257,14 +213,14 @@
       }
     },
     {
-      "id": "0f8faebc-f66b-45b0-9015-6fa5a4d8258a",
+      "id": "890ddd12-deb4-4608-890c-f0290dea3566",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMwOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ5MiwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"RDP - Client\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rdp.client_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client\"}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"RDP - Cookie\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rdp.cookie\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Cookie\"}}],\"listeners\":{}}",
         "description": "",
-        "title": "RDP - Client",
+        "title": "RDP - Cookie",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -284,25 +240,25 @@
       }
     },
     {
-      "id": "890ddd12-deb4-4608-890c-f0290dea3566",
+      "id": "874675b5-bc49-4a3a-8d6e-a7efd713919e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxMCwxXQ==",
+      "updated_at": "2020-02-12T18:37:47.020Z",
+      "version": "WzEwNTksMV0=",
       "attributes": {
-        "visState": "{\"title\":\"RDP - Cookie\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rdp.cookie\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Cookie\"}}],\"listeners\":{}}",
+        "title": "RDP - Result",
+        "visState": "{\"title\":\"RDP - Result\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Result\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.result\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Result\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}",
         "description": "",
-        "title": "RDP - Cookie",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
         }
       ],
@@ -311,13 +267,13 @@
       }
     },
     {
-      "id": "874675b5-bc49-4a3a-8d6e-a7efd713919e",
+      "id": "088c8f99-a90e-4a1e-b1a4-afd93ff076da",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ5NCwxXQ==",
       "attributes": {
-        "title": "RDP - Client Build",
-        "visState": "{\"title\":\"RDP - Client Build\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.client_build\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client Build\"}}]}",
+        "title": "RDP - Keyboard Layout",
+        "visState": "{\"title\":\"RDP - Keyboard Layout\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.keyboard_layout\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Keyboard Layout\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -338,13 +294,13 @@
       }
     },
     {
-      "id": "088c8f99-a90e-4a1e-b1a4-afd93ff076da",
+      "id": "b4d98d1f-dad9-4883-95ff-f8edc0b23b34",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxMiwxXQ==",
+      "updated_at": "2020-02-12T18:26:24.737Z",
+      "version": "WzEwMzAsMV0=",
       "attributes": {
-        "title": "RDP - Keyboard Layout",
-        "visState": "{\"title\":\"RDP - Keyboard Layout\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.keyboard_layout\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Keyboard Layout\"}}]}",
+        "title": "RDP - Client Version",
+        "visState": "{\"title\":\"RDP - Client Version\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Client\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_rdp.client_build\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Client\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -355,8 +311,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
         }
       ],
@@ -365,18 +321,18 @@
       }
     },
     {
-      "id": "b4d98d1f-dad9-4883-95ff-f8edc0b23b34",
+      "id": "AWDHCvBexQT5EBNmq4aK",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxMywxXQ==",
+      "updated_at": "2020-02-12T15:00:36.543Z",
+      "version": "WzQ5NywxXQ==",
       "attributes": {
-        "title": "RDP - Result",
-        "visState": "{\"title\":\"RDP - Result\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_rdp.result\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Result\"}}]}",
-        "uiStateJSON": "{}",
+        "title": "RDP - Log Count",
+        "visState": "{\"title\":\"RDP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"filter\":[]}"
         },
         "savedSearchRefName": "search_0"
       },
@@ -392,25 +348,25 @@
       }
     },
     {
-      "id": "29c1e2ac-9a73-4a64-944d-d76135f41f30",
+      "id": "93df26c0-4dc6-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxNCwxXQ==",
+      "updated_at": "2020-02-12T18:36:26.796Z",
+      "version": "WzEwNTYsMV0=",
       "attributes": {
-        "title": "RDP - Encryption Level",
-        "visState": "{\"title\":\"RDP - Encryption Level\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"Encryption Level\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.encryption_level\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Encryption Level\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "title": "RDP - Encryption",
+        "visState": "{\"title\":\"RDP - Encryption\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Encryption Level\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Encryption Method\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.encryption_level\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Encryption Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rdp.encryption_method\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Encryption Method\"}}]}",
+        "uiStateJSON": "{}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
         }
       ],
@@ -419,30 +375,45 @@
       }
     },
     {
-      "id": "AWDHCvBexQT5EBNmq4aK",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:34.939Z",
-      "version": "WzMxNSwxXQ==",
+      "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3",
+      "type": "search",
+      "updated_at": "2020-02-12T18:31:03.976Z",
+      "version": "WzEwNDcsMV0=",
       "attributes": {
-        "title": "RDP - Log Count",
-        "visState": "{\"title\":\"RDP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "RDP - Logs",
         "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_rdp.client_build",
+          "zeek_rdp.keyboard_layout",
+          "zeek_rdp.security_protocol",
+          "zeek_rdp.encryption_method",
+          "zeek_rdp.result",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:rdp\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
-          "type": "search",
-          "name": "search_0",
-          "id": "5697fae3-8fed-45cd-82e1-ba6f86a99bd3"
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
         }
       ],
       "migrationVersion": {
-        "visualization": "7.4.2"
+        "search": "7.4.0"
       }
     }
   ]
diff --git a/kibana/dashboards/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb.json b/kibana/dashboards/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb.json
index c57632be4..0e881b37d 100644
--- a/kibana/dashboards/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb.json
+++ b/kibana/dashboards/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMzMiwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxMSwxXQ==",
       "attributes": {
         "title": "SSL",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":56,\"i\":\"1\"},\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":0,\"y\":80,\"w\":48,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":24,\"y\":8,\"w\":24,\"h\":24,\"i\":\"7\"},\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":0,\"y\":124,\"w\":16,\"h\":24,\"i\":\"9\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":36,\"y\":124,\"w\":12,\"h\":24,\"i\":\"10\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"11\",\"gridData\":{\"x\":16,\"y\":124,\"w\":20,\"h\":24,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":0,\"y\":56,\"w\":24,\"h\":24,\"i\":\"12\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":8,\"y\":8,\"w\":16,\"h\":24,\"i\":\"14\"},\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":148,\"w\":48,\"h\":72,\"i\":\"15\"},\"version\":\"7.5.1\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]},\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"19\",\"gridData\":{\"x\":24,\"y\":56,\"w\":24,\"h\":24,\"i\":\"19\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_10\"},{\"panelIndex\":\"20\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"20\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_11\"},{\"panelIndex\":\"21\",\"gridData\":{\"x\":8,\"y\":32,\"w\":40,\"h\":24,\"i\":\"21\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":null}}}},\"version\":\"7.5.1\",\"panelRefName\":\"panel_12\"},{\"gridData\":{\"x\":0,\"y\":104,\"w\":24,\"h\":20,\"i\":\"22\"},\"version\":\"7.5.1\",\"panelIndex\":\"22\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"},{\"gridData\":{\"x\":24,\"y\":104,\"w\":24,\"h\":20,\"i\":\"23\"},\"version\":\"7.5.1\",\"panelIndex\":\"23\",\"embeddableConfig\":{},\"panelRefName\":\"panel_14\"}]",
+        "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":27,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"6\",\"w\":30,\"x\":0,\"y\":64},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"7\",\"w\":11,\"x\":37,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"9\",\"w\":13,\"x\":0,\"y\":103},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"10\",\"w\":9,\"x\":27,\"y\":103},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"11\",\"w\":14,\"x\":13,\"y\":103},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"12\",\"w\":29,\"x\":19,\"y\":45},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"14\",\"w\":16,\"x\":8,\"y\":8},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":19,\"i\":\"19\",\"w\":19,\"x\":0,\"y\":45},\"panelIndex\":\"19\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":8,\"i\":\"20\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"20\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":null}}}},\"gridData\":{\"h\":18,\"i\":\"21\",\"w\":38,\"x\":10,\"y\":27},\"panelIndex\":\"21\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_11\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"22\",\"w\":24,\"x\":0,\"y\":83},\"panelIndex\":\"22\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_12\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"23\",\"w\":24,\"x\":24,\"y\":83},\"panelIndex\":\"23\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_13\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"e57b69c8-34a0-4b5a-9146-f81034ce74fe\",\"w\":13,\"x\":24,\"y\":8},\"panelIndex\":\"e57b69c8-34a0-4b5a-9146-f81034ce74fe\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_14\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":18,\"i\":\"078aaedd-22fb-4a22-ad5b-b81403587fde\",\"w\":10,\"x\":0,\"y\":27},\"panelIndex\":\"078aaedd-22fb-4a22-ad5b-b81403587fde\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_15\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":19,\"i\":\"c151c3a5-c079-4d3b-8a31-da338b974e44\",\"w\":18,\"x\":30,\"y\":64},\"panelIndex\":\"c151c3a5-c079-4d3b-8a31-da338b974e44\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_16\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"cd6004c4-d604-4503-a4a2-d1c38e852279\",\"w\":12,\"x\":36,\"y\":103},\"panelIndex\":\"cd6004c4-d604-4503-a4a2-d1c38e852279\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_17\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":43,\"i\":\"bbcebabc-0baf-4b15-ad17-fc7633b9b8b8\",\"w\":48,\"x\":0,\"y\":122},\"panelIndex\":\"bbcebabc-0baf-4b15-ad17-fc7633b9b8b8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_18\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -66,33 +66,53 @@
         },
         {
           "name": "panel_9",
-          "type": "search",
-          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
+          "type": "visualization",
+          "id": "f821c7fe-0dd3-4c3c-b5df-77b926f4007a"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "f821c7fe-0dd3-4c3c-b5df-77b926f4007a"
+          "id": "AWDHElRWxQT5EBNmq4lz"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "AWDHElRWxQT5EBNmq4lz"
+          "id": "1567ea7f-8d0e-470b-adbf-f605dd68bdce"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "1567ea7f-8d0e-470b-adbf-f605dd68bdce"
+          "id": "371b06d0-72a1-11e9-b0f3-590266f42743"
         },
         {
           "name": "panel_13",
           "type": "visualization",
-          "id": "371b06d0-72a1-11e9-b0f3-590266f42743"
+          "id": "bdda87a0-72a0-11e9-b0f3-590266f42743"
         },
         {
           "name": "panel_14",
           "type": "visualization",
-          "id": "bdda87a0-72a0-11e9-b0f3-590266f42743"
+          "id": "fa696510-4e9b-11ea-b504-97aa449f6abc"
+        },
+        {
+          "name": "panel_15",
+          "type": "visualization",
+          "id": "41325860-4dd6-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_16",
+          "type": "visualization",
+          "id": "9c20d940-4dd6-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_17",
+          "type": "visualization",
+          "id": "f13ba720-4dd6-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_18",
+          "type": "search",
+          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
         }
       ],
       "migrationVersion": {
@@ -102,11 +122,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T20:45:03.886Z",
+      "version": "WzgwNiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -122,8 +142,8 @@
     {
       "id": "dc0b1b11-52da-4cc0-bddf-db127bd6cfee",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMxOCwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -149,8 +169,8 @@
     {
       "id": "d988522e-b3a8-4d74-98d4-96aff3e0f3f9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMxOSwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxNCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Certificate Subject\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.subject_full\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Subject\"}}],\"listeners\":{}}",
         "description": "",
@@ -176,11 +196,11 @@
     {
       "id": "20fa1fd0-f204-499d-996f-e41e1ee3d40f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyMCwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxNSwxXQ==",
       "attributes": {
         "title": "SSL - Version",
-        "visState": "{\"title\":\"SSL - Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssl.ssl_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
+        "visState": "{\"title\":\"SSL - Version\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_ssl.ssl_version: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssl.ssl_version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -191,8 +211,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
         }
       ],
@@ -203,8 +223,8 @@
     {
       "id": "df8bd09c-064c-45b3-8d54-9797ccb58d74",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyMSwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxNiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -230,8 +250,8 @@
     {
       "id": "f81fe18d-c2ff-4757-9de3-8b943a759169",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyMiwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxNywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -257,8 +277,8 @@
     {
       "id": "b50ee1a8-d83d-46bf-9ba2-419d089d4797",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyMywxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUxOCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Destination Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -284,13 +304,13 @@
     {
       "id": "8486949c-3592-4831-9020-59bfd968ccfa",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyNCwxXQ==",
+      "updated_at": "2020-02-13T20:54:48.292Z",
+      "version": "WzgyNSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SSL - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.server_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "SSL - Server",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "visState": "{\"title\":\"SSL - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Server\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Randomness Score (method 1)\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.server_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Server\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v1\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Randomness Score (method 1)\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v2\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Randomness Score (method 2)\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -299,8 +319,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
         }
       ],
@@ -311,8 +331,8 @@
     {
       "id": "d7a673bc-4a11-423b-acd3-a446425551c1",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyNSwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyMCwxXQ==",
       "attributes": {
         "title": "SSL - Destination Country",
         "visState": "{\"title\":\"SSL - Destination Country\",\"type\":\"histogram\",\"params\":{\"addLegend\":false,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"zeek.destination_geo.country_name: Descending\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}],\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -335,50 +355,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "b945a684-0841-4e86-87aa-0f1af6fb6579",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMywxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SSL - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ssl\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "f821c7fe-0dd3-4c3c-b5df-77b926f4007a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyNywxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSL - Validation Status\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.validation_status\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Validation Status\"}}],\"listeners\":{}}",
         "description": "",
@@ -404,8 +385,8 @@
     {
       "id": "AWDHElRWxQT5EBNmq4lz",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyOCwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyMiwxXQ==",
       "attributes": {
         "title": "SSL - Log Count",
         "visState": "{\"title\":\"SSL - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -431,8 +412,8 @@
     {
       "id": "1567ea7f-8d0e-470b-adbf-f605dd68bdce",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMyOSwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyMywxXQ==",
       "attributes": {
         "title": "SSL - Summary",
         "visState": "{\"title\":\"SSL - Summary\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.server_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server Name\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.subject.CN\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Common Name\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.validation_status\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Validation Status\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.ssl_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TLS Version\"}}]}",
@@ -458,8 +439,8 @@
     {
       "id": "371b06d0-72a1-11e9-b0f3-590266f42743",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMzMCwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyNCwxXQ==",
       "attributes": {
         "title": "SSL - Client JA3 Lookup",
         "visState": "{\"title\":\"SSL - Client JA3 Lookup\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.ja3_desc\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Client JA3 Lookup\"}}]}",
@@ -485,8 +466,8 @@
     {
       "id": "bdda87a0-72a0-11e9-b0f3-590266f42743",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:35.964Z",
-      "version": "WzMzMSwxXQ==",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyNSwxXQ==",
       "attributes": {
         "title": "SSL - Server JA3 Lookup",
         "visState": "{\"title\":\"SSL - Server JA3 Lookup\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.ja3s_desc\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Server JA3 Lookup\"}}]}",
@@ -508,6 +489,192 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "fa696510-4e9b-11ea-b504-97aa449f6abc",
+      "type": "visualization",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyNiwxXQ==",
+      "attributes": {
+        "title": "SSL - Relevant Notices",
+        "visState": "{\"title\":\"SSL - Relevant Notices\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Subcategory\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"1\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Subcategory\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"zeek_notice.category:(SSL OR CVE_2020_0601)\",\"language\":\"lucene\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "41325860-4dd6-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyNywxXQ==",
+      "attributes": {
+        "title": "SSL - Connection Established",
+        "visState": "{\"title\":\"SSL - Connection Established\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Established\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssl.established\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Established\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "9c20d940-4dd6-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyOCwxXQ==",
+      "attributes": {
+        "title": "SSL - Elliptic Curve",
+        "visState": "{\"title\":\"SSL - Elliptic Curve\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Elliptic Curve\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssl.curve\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Elliptic Curve\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "f13ba720-4dd6-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUyOSwxXQ==",
+      "attributes": {
+        "title": "SSL - Next Protocol",
+        "visState": "{\"title\":\"SSL - Next Protocol\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.next_protocol\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Next Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "b945a684-0841-4e86-87aa-0f1af6fb6579",
+      "type": "search",
+      "updated_at": "2020-02-13T20:44:37.133Z",
+      "version": "WzUzMCwxXQ==",
+      "attributes": {
+        "title": "SSL - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_ssl.server_name",
+          "zeek_ssl.validation_status",
+          "zeek_ssl.established",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:ssl\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
+      "type": "search",
+      "updated_at": "2020-02-13T20:45:00.802Z",
+      "version": "Wzc4MiwxXQ==",
+      "attributes": {
+        "title": "Notices - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_notice.category",
+          "zeek_notice.sub_category",
+          "srcIp",
+          "dstIp",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/82da3101-2a9c-4ae2-bb61-d447a3fbe673.json b/kibana/dashboards/82da3101-2a9c-4ae2-bb61-d447a3fbe673.json
index 976898082..f837e057b 100644
--- a/kibana/dashboards/82da3101-2a9c-4ae2-bb61-d447a3fbe673.json
+++ b/kibana/dashboards/82da3101-2a9c-4ae2-bb61-d447a3fbe673.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "82da3101-2a9c-4ae2-bb61-d447a3fbe673",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0NywxXQ==",
+      "updated_at": "2020-02-12T17:35:19.152Z",
+      "version": "Wzk2MiwxXQ==",
       "attributes": {
         "title": "Kerberos",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":120,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek_kerberos.request_type\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":48,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":28,\"y\":8,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":48,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"w\":20,\"h\":16,\"x\":8,\"y\":8,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":96,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":96,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":96,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":28,\"h\":24,\"x\":0,\"y\":72,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"gridData\":{\"w\":40,\"h\":24,\"x\":8,\"y\":24,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":72,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"16\"},\"panelIndex\":\"16\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":25,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":25,\"w\":19,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":8,\"w\":12,\"h\":17,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":19,\"y\":25,\"w\":19,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":15,\"h\":17,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":45,\"w\":24,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":45,\"w\":24,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":65,\"w\":28,\"h\":25,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":23,\"y\":8,\"w\":13,\"h\":17,\"i\":\"7d02cf7a-cad4-4b2c-822d-a255de92ce23\"},\"panelIndex\":\"7d02cf7a-cad4-4b2c-822d-a255de92ce23\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":38,\"y\":25,\"w\":10,\"h\":20,\"i\":\"defd333f-2642-4357-822f-9fa6f09a9356\"},\"panelIndex\":\"defd333f-2642-4357-822f-9fa6f09a9356\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":65,\"w\":20,\"h\":25,\"i\":\"6f759830-50a0-41d2-a383-b8e307be3ba3\"},\"panelIndex\":\"6f759830-50a0-41d2-a383-b8e307be3ba3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":90,\"w\":48,\"h\":30,\"i\":\"f0a6a77c-c3fe-48e1-aa26-870211f54ecf\"},\"panelIndex\":\"f0a6a77c-c3fe-48e1-aa26-870211f54ecf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,63 +31,63 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
+          "type": "visualization",
+          "id": "5a8ab6ad-ea8c-4d52-935e-82fbd2445ec3"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "5a8ab6ad-ea8c-4d52-935e-82fbd2445ec3"
+          "id": "0319fd42-76c4-4894-b7d8-2540537705ff"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "0319fd42-76c4-4894-b7d8-2540537705ff"
+          "id": "334efe47-3d71-4995-8f73-8945969c6879"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "334efe47-3d71-4995-8f73-8945969c6879"
+          "id": "8fdb77a7-748c-47a6-a1f9-31c4583f354d"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "8fdb77a7-748c-47a6-a1f9-31c4583f354d"
+          "id": "62d29d31-59dd-4339-9793-5df6bd4cde91"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "62d29d31-59dd-4339-9793-5df6bd4cde91"
+          "id": "2805b0f5-d7cf-4cbc-8ffe-d6b087fadb82"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "2805b0f5-d7cf-4cbc-8ffe-d6b087fadb82"
+          "id": "626b7405-7acb-4b43-a0de-44e1d92c7fbf"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "c0fc173f-0d69-4e8d-9f3a-1cbf5992df1b"
+          "id": "AWDG_UbkxQT5EBNmq4Lg"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "626b7405-7acb-4b43-a0de-44e1d92c7fbf"
+          "id": "2bf924c0-4dbc-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "4767e016-b8e7-48e2-be2c-d4b3d958879f"
+          "id": "c8180830-4dbc-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "d8e847de-d2f5-4585-9e9e-b9f172c16134"
+          "id": "51e6a850-4dbd-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_13",
-          "type": "visualization",
-          "id": "AWDG_UbkxQT5EBNmq4Lg"
+          "type": "search",
+          "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
       "migrationVersion": {
@@ -97,11 +97,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -117,8 +117,8 @@
     {
       "id": "aaf2aff1-0941-4df3-9668-329601e90ea3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUxNiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Kerberos - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -141,51 +141,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "e1bfade1-72ee-4093-9257-5d1921c71041",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzNSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "Kerberos - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:kerberos\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek_kerberos.request_type",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "5a8ab6ad-ea8c-4d52-935e-82fbd2445ec3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUxOCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Kerberos - Client\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_kerberos.cname\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client\"}}],\"listeners\":{}}",
         "description": "",
@@ -211,12 +171,12 @@
     {
       "id": "0319fd42-76c4-4894-b7d8-2540537705ff",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzNywxXQ==",
+      "updated_at": "2020-02-12T17:15:35.671Z",
+      "version": "Wzk0NiwxXQ==",
       "attributes": {
         "title": "Kerberos - Success Status",
-        "visState": "{\"title\":\"Kerberos - Success Status\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_kerberos.success\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
-        "uiStateJSON": "{}",
+        "visState": "{\"title\":\"Kerberos - Success Status\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_kerberos.success: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_kerberos.success\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -226,8 +186,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
@@ -238,8 +198,8 @@
     {
       "id": "334efe47-3d71-4995-8f73-8945969c6879",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUyMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Kerberos - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_kerberos.sname\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
         "description": "",
@@ -265,8 +225,8 @@
     {
       "id": "8fdb77a7-748c-47a6-a1f9-31c4583f354d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzMzOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUyMSwxXQ==",
       "attributes": {
         "title": "Kerberos - Cipher",
         "visState": "{\"title\":\"Kerberos - Cipher\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_kerberos.cipher\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -292,8 +252,8 @@
     {
       "id": "62d29d31-59dd-4339-9793-5df6bd4cde91",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUyMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Kerberos - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -319,8 +279,8 @@
     {
       "id": "2805b0f5-d7cf-4cbc-8ffe-d6b087fadb82",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUyMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Kerberos - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -344,15 +304,15 @@
       }
     },
     {
-      "id": "c0fc173f-0d69-4e8d-9f3a-1cbf5992df1b",
+      "id": "626b7405-7acb-4b43-a0de-44e1d92c7fbf",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0MiwxXQ==",
+      "updated_at": "2020-02-12T17:31:02.545Z",
+      "version": "Wzk1OCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Kerberos - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "Kerberos - Destination Port",
+        "title": "Kerberos - Service",
+        "visState": "{\"title\":\"Kerberos - Service\",\"type\":\"table\",\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Service\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_kerberos.sname\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Service\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -361,8 +321,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
@@ -371,15 +331,15 @@
       }
     },
     {
-      "id": "626b7405-7acb-4b43-a0de-44e1d92c7fbf",
+      "id": "AWDG_UbkxQT5EBNmq4Lg",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0MywxXQ==",
+      "updated_at": "2020-02-12T15:00:38.595Z",
+      "version": "WzUyOCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Kerberos - Service\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_kerberos.sname\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Service\"}}],\"listeners\":{}}",
+        "title": "Kerberos - Log Count",
+        "visState": "{\"title\":\"Kerberos - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "Kerberos - Service",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -398,25 +358,25 @@
       }
     },
     {
-      "id": "4767e016-b8e7-48e2-be2c-d4b3d958879f",
+      "id": "2bf924c0-4dbc-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0NCwxXQ==",
+      "updated_at": "2020-02-12T17:21:57.516Z",
+      "version": "Wzk1MSwxXQ==",
       "attributes": {
-        "title": "Kerberos - Request Type",
-        "visState": "{\"title\":\"Kerberos - Request Type\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_kerberos.request_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Request Type\"}}]}",
-        "uiStateJSON": "{}",
+        "title": "Kerberos - Request Types",
+        "visState": "{\"title\":\"Kerberos - Request Types\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Request Type\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_kerberos.request_type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Request Type\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
@@ -425,25 +385,25 @@
       }
     },
     {
-      "id": "d8e847de-d2f5-4585-9e9e-b9f172c16134",
+      "id": "c8180830-4dbc-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0NSwxXQ==",
+      "updated_at": "2020-02-12T17:26:19.442Z",
+      "version": "Wzk1NCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Kerberos - Renewable\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_kerberos.renewable\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Renewable\"}}],\"listeners\":{}}",
+        "title": "Kerberos - Renewable Ticket Requested",
+        "visState": "{\"title\":\"Kerberos - Renewable Ticket Requested\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Renewable ticket requested\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_kerberos.renewable\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Renewable ticket requested\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
-        "title": "Kerberos - Renewable",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
@@ -452,31 +412,71 @@
       }
     },
     {
-      "id": "AWDG_UbkxQT5EBNmq4Lg",
+      "id": "51e6a850-4dbd-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:36.982Z",
-      "version": "WzM0NiwxXQ==",
+      "updated_at": "2020-02-12T17:30:10.645Z",
+      "version": "Wzk1NywxXQ==",
       "attributes": {
-        "title": "Kerberos - Log Count",
-        "visState": "{\"title\":\"Kerberos - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "Kerberos - Destination Ports",
+        "visState": "{\"title\":\"Kerberos - Destination Ports\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"log\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination Port\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "e1bfade1-72ee-4093-9257-5d1921c71041"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "e1bfade1-72ee-4093-9257-5d1921c71041",
+      "type": "search",
+      "updated_at": "2020-02-12T17:34:34.569Z",
+      "version": "Wzk2MSwxXQ==",
+      "attributes": {
+        "title": "Kerberos - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_kerberos.request_type",
+          "zeek_kerberos.success",
+          "zeek_kerberos.error_msg",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:kerberos\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/870a5862-6c26-4a08-99fd-0c06cda85ba3.json b/kibana/dashboards/870a5862-6c26-4a08-99fd-0c06cda85ba3.json
index b29ab8dbf..32553570d 100644
--- a/kibana/dashboards/870a5862-6c26-4a08-99fd-0c06cda85ba3.json
+++ b/kibana/dashboards/870a5862-6c26-4a08-99fd-0c06cda85ba3.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "870a5862-6c26-4a08-99fd-0c06cda85ba3",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1NywxXQ==",
+      "updated_at": "2020-02-12T21:24:41.208Z",
+      "version": "WzEyNzksMV0=",
       "attributes": {
         "title": "DNP3",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":56,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":8,\"y\":32,\"w\":12,\"h\":24,\"i\":\"7\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":20,\"y\":32,\"w\":12,\"h\":24,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":0,\"y\":56,\"w\":48,\"h\":24,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"11\",\"gridData\":{\"x\":32,\"y\":32,\"w\":16,\"h\":24,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"12\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"13\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":24,\"i\":\"13\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"14\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":24,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":47,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":14,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":27,\"w\":14,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":27,\"w\":12,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":19,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":19,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":47,\"w\":48,\"h\":37,\"i\":\"20bab908-6058-4f9a-819b-de9011dd65b0\"},\"panelIndex\":\"20bab908-6058-4f9a-819b-de9011dd65b0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -41,28 +41,28 @@
         },
         {
           "name": "panel_4",
-          "type": "search",
-          "id": "cc135a63-3e30-4703-bc31-f7ac09c1d21a"
+          "type": "visualization",
+          "id": "5dec50f8-81f2-46f0-affd-2f945b6b7475"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "5dec50f8-81f2-46f0-affd-2f945b6b7475"
+          "id": "AWDG9DWvxQT5EBNmq3-m"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "AWDG9DWvxQT5EBNmq3-m"
+          "id": "46cd2e4c-ecfb-4fe9-ae51-28c2fecbffc0"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "46cd2e4c-ecfb-4fe9-ae51-28c2fecbffc0"
+          "id": "9422ff81-b007-4eef-aca1-1af16509ab8c"
         },
         {
           "name": "panel_8",
-          "type": "visualization",
-          "id": "9422ff81-b007-4eef-aca1-1af16509ab8c"
+          "type": "search",
+          "id": "cc135a63-3e30-4703-bc31-f7ac09c1d21a"
         }
       ],
       "migrationVersion": {
@@ -72,11 +72,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -92,8 +92,8 @@
     {
       "id": "ab886b44-653f-401f-aca3-a6edb990dff7",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM0OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNP3 - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 30 minutes\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -119,8 +119,8 @@
     {
       "id": "d34dd3b3-3861-4b9b-ba39-4ca7e15b3bdd",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNP3 - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -146,8 +146,8 @@
     {
       "id": "131198e7-afc4-40be-bedd-2a3a3a2d511e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNP3 - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -170,49 +170,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "cc135a63-3e30-4703-bc31-f7ac09c1d21a",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1MiwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "DNP3 - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dnp3\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "5dec50f8-81f2-46f0-affd-2f945b6b7475",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1MywxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"DNP3 - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -238,8 +200,8 @@
     {
       "id": "AWDG9DWvxQT5EBNmq3-m",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzNiwxXQ==",
       "attributes": {
         "title": "DNP3 - Log Count",
         "visState": "{\"title\":\"DNP3 - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -265,8 +227,8 @@
     {
       "id": "46cd2e4c-ecfb-4fe9-ae51-28c2fecbffc0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzNywxXQ==",
       "attributes": {
         "title": "DNP3 - Function Request",
         "visState": "{\"title\":\"DNP3 - Function Request\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dnp3.fc_request\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Request\"}}]}",
@@ -292,8 +254,8 @@
     {
       "id": "9422ff81-b007-4eef-aca1-1af16509ab8c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:38.006Z",
-      "version": "WzM1NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:39.630Z",
+      "version": "WzUzOCwxXQ==",
       "attributes": {
         "title": "DNP3 - Function Reply",
         "visState": "{\"title\":\"DNP3 - Function Reply\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dnp3.fc_reply\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Reply\"}}]}",
@@ -315,6 +277,45 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "cc135a63-3e30-4703-bc31-f7ac09c1d21a",
+      "type": "search",
+      "updated_at": "2020-02-12T21:24:03.851Z",
+      "version": "WzEyNzgsMV0=",
+      "attributes": {
+        "title": "DNP3 - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_dnp3.fc_request",
+          "zeek_dnp3.fc_reply",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:dnp3\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/87a32f90-ef58-11e9-974e-9d600036d105.json b/kibana/dashboards/87a32f90-ef58-11e9-974e-9d600036d105.json
index b29bc391d..b34b173cc 100644
--- a/kibana/dashboards/87a32f90-ef58-11e9-974e-9d600036d105.json
+++ b/kibana/dashboards/87a32f90-ef58-11e9-974e-9d600036d105.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "87a32f90-ef58-11e9-974e-9d600036d105",
@@ -10,7 +10,7 @@
         "title": "MQTT",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":33,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":14,\"w\":24,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":33,\"w\":15,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":15,\"y\":33,\"w\":17,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":32,\"y\":33,\"w\":16,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":53,\"w\":16,\"h\":21,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"gridData\":{\"x\":16,\"y\":53,\"w\":32,\"h\":21,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"},{\"gridData\":{\"x\":0,\"y\":74,\"w\":48,\"h\":25,\"i\":\"12\"},\"version\":\"7.5.1\",\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":33,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":14,\"w\":24,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":33,\"w\":15,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":15,\"y\":33,\"w\":17,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":32,\"y\":33,\"w\":16,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":53,\"w\":16,\"h\":21,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}},\"gridData\":{\"x\":16,\"y\":53,\"w\":32,\"h\":21,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"gridData\":{\"x\":0,\"y\":74,\"w\":48,\"h\":25,\"i\":\"12\"},\"version\":\"7.6.2\",\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -86,7 +86,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85.json b/kibana/dashboards/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85.json
index 452bebb42..08643b886 100644
--- a/kibana/dashboards/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85.json
+++ b/kibana/dashboards/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "87d990cc-9e0b-41e5-b8fe-b10ae1da0c85",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:40.052Z",
-      "version": "WzM3OSwxXQ==",
+      "updated_at": "2020-02-20T20:23:48.015Z",
+      "version": "WzExNzUsMV0=",
       "attributes": {
         "title": "Software",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":48,\"h\":40,\"x\":0,\"y\":44,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"zeek_software.name\",\"zeek_software.software_type\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"10\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":40,\"h\":36,\"x\":8,\"y\":8,\"i\":\"11\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":40,\"h\":36,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":44,\"w\":48,\"h\":36,\"i\":\"f99c68bd-2da6-41d5-bbd1-45f85e79526c\"},\"panelIndex\":\"f99c68bd-2da6-41d5-bbd1-45f85e79526c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,18 +31,18 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "7d54b196-5c2b-485e-9798-f116fb668413"
+          "type": "visualization",
+          "id": "AWDHEKJUxQT5EBNmq4jW"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "AWDHEKJUxQT5EBNmq4jW"
+          "id": "bb882862-2f74-440a-bb62-41a9dca2b463"
         },
         {
           "name": "panel_4",
-          "type": "visualization",
-          "id": "bb882862-2f74-440a-bb62-41a9dca2b463"
+          "type": "search",
+          "id": "7d54b196-5c2b-485e-9798-f116fb668413"
         }
       ],
       "migrationVersion": {
@@ -52,11 +52,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-20T19:39:06.465Z",
+      "version": "WzY0MSwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -72,8 +72,8 @@
     {
       "id": "097640cc-167e-453d-bf5a-0e92ac1347fc",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:40.052Z",
-      "version": "WzM3NCwxXQ==",
+      "updated_at": "2020-02-20T19:38:43.667Z",
+      "version": "WzQwOSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Software - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -96,47 +96,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "7d54b196-5c2b-485e-9798-f116fb668413",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:40.052Z",
-      "version": "WzM3NSwxXQ==",
-      "attributes": {
-        "title": "Software - Logs",
-        "description": "",
-        "hits": 0,
-        "columns": [
-          "srcIp",
-          "zeek_software.name",
-          "zeek_software.software_type"
-        ],
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:software\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        }
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "AWDHEKJUxQT5EBNmq4jW",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:40.052Z",
-      "version": "WzM3NiwxXQ==",
+      "updated_at": "2020-02-20T19:38:43.667Z",
+      "version": "WzQxMSwxXQ==",
       "attributes": {
         "title": "Software - Log Count",
         "visState": "{\"title\":\"Software - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -162,8 +126,8 @@
     {
       "id": "bb882862-2f74-440a-bb62-41a9dca2b463",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:40.052Z",
-      "version": "WzM3OCwxXQ==",
+      "updated_at": "2020-02-20T19:38:43.667Z",
+      "version": "WzQxMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Software - Summary\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_software.software_type\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_software.name\",\"otherBucket\":false,\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Name\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_software.version_major\",\"otherBucket\":false,\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Major Version\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_software.version_minor\",\"otherBucket\":false,\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Minor Version\"}}],\"listeners\":{}}",
         "description": "",
@@ -185,6 +149,43 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "7d54b196-5c2b-485e-9798-f116fb668413",
+      "type": "search",
+      "updated_at": "2020-02-20T20:23:14.902Z",
+      "version": "WzExNzMsMV0=",
+      "attributes": {
+        "title": "Software - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "zeek_software.software_type",
+          "zeek_software.name",
+          "zeek_software.unparsed_version"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:software\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/92985909-dc29-4533-9e80-d3182a0ecf1d.json b/kibana/dashboards/92985909-dc29-4533-9e80-d3182a0ecf1d.json
index 4152357e1..7f1b6e1d7 100644
--- a/kibana/dashboards/92985909-dc29-4533-9e80-d3182a0ecf1d.json
+++ b/kibana/dashboards/92985909-dc29-4533-9e80-d3182a0ecf1d.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "92985909-dc29-4533-9e80-d3182a0ecf1d",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4OSwxXQ==",
+      "updated_at": "2020-02-12T21:10:50.462Z",
+      "version": "WzEyNjQsMV0=",
       "attributes": {
         "title": "Syslog",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":56,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"5\",\"gridData\":{\"w\":12,\"h\":24,\"x\":8,\"y\":32,\"i\":\"5\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}},{\"panelIndex\":\"6\",\"gridData\":{\"w\":12,\"h\":24,\"x\":20,\"y\":32,\"i\":\"6\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}},{\"panelIndex\":\"7\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":32,\"i\":\"7\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}},{\"panelIndex\":\"8\",\"gridData\":{\"w\":12,\"h\":24,\"x\":36,\"y\":8,\"i\":\"8\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}},{\"panelIndex\":\"9\",\"gridData\":{\"w\":28,\"h\":24,\"x\":8,\"y\":8,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"10\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":34,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":34,\"w\":12,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":12,\"y\":34,\"w\":12,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":34,\"w\":12,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":13,\"h\":26,\"i\":\"d1325585-cce1-46f1-acfd-59d64a8be83a\"},\"panelIndex\":\"d1325585-cce1-46f1-acfd-59d64a8be83a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":21,\"y\":8,\"w\":27,\"h\":26,\"i\":\"2abd9c38-fd1e-44fa-b391-ead499a92787\"},\"panelIndex\":\"2abd9c38-fd1e-44fa-b391-ead499a92787\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":34,\"w\":12,\"h\":20,\"i\":\"13e3b050-3d67-4745-a182-b462852a67ef\"},\"panelIndex\":\"13e3b050-3d67-4745-a182-b462852a67ef\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":54,\"w\":48,\"h\":44,\"i\":\"59631e23-e452-40a9-a9dd-7d432278d35f\"},\"panelIndex\":\"59631e23-e452-40a9-a9dd-7d432278d35f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}},\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,38 +31,43 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
+          "type": "visualization",
+          "id": "46cba2ad-03cd-4eef-8e3a-c35ac3ac1b76"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "46cba2ad-03cd-4eef-8e3a-c35ac3ac1b76"
+          "id": "f54d6418-1499-4a14-9a8e-f706249b9962"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "f54d6418-1499-4a14-9a8e-f706249b9962"
+          "id": "6a006054-309e-447f-9371-99f119d18291"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "6a006054-309e-447f-9371-99f119d18291"
+          "id": "AWDHE-_wxQT5EBNmq4n3"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "ab31bef3-9eaf-458b-8ff8-6fba232a6a06"
+          "id": "eb455420-4dda-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "1c50098c-be32-4f8e-bdf3-d78c0bfa2c0c"
+          "id": "343952d0-4ddb-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHE-_wxQT5EBNmq4n3"
+          "id": "19044160-4dda-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_9",
+          "type": "search",
+          "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
       "migrationVersion": {
@@ -72,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -92,8 +97,8 @@
     {
       "id": "cf553dfa-f641-47cf-916d-041cf46a80c4",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:42.701Z",
+      "version": "WzU2MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Syslog - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 30 seconds\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -117,52 +122,41 @@
       }
     },
     {
-      "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4MiwxXQ==",
+      "id": "46cba2ad-03cd-4eef-8e3a-c35ac3ac1b76",
+      "type": "visualization",
+      "updated_at": "2020-02-12T15:00:42.701Z",
+      "version": "WzU2NCwxXQ==",
       "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
+        "visState": "{\"title\":\"Syslog - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
-        "title": "Syslog (Zeek) - Logs",
+        "title": "Syslog - Source IP Address",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:syslog\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+          "searchSourceJSON": "{\"filter\":[]}"
         },
-        "columns": [
-          "srcIp",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+        "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
+          "type": "search",
+          "name": "search_0",
+          "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
       "migrationVersion": {
-        "search": "7.4.0"
+        "visualization": "7.4.2"
       }
     },
     {
-      "id": "46cba2ad-03cd-4eef-8e3a-c35ac3ac1b76",
+      "id": "f54d6418-1499-4a14-9a8e-f706249b9962",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4MywxXQ==",
+      "updated_at": "2020-02-12T15:00:42.701Z",
+      "version": "WzU2NSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Syslog - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"Syslog - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
-        "title": "Syslog - Source IP Address",
+        "title": "Syslog - Destination IP Address",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -182,15 +176,15 @@
       }
     },
     {
-      "id": "f54d6418-1499-4a14-9a8e-f706249b9962",
+      "id": "6a006054-309e-447f-9371-99f119d18291",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4NCwxXQ==",
+      "updated_at": "2020-02-12T21:00:07.262Z",
+      "version": "WzEyNTMsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"Syslog - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "Syslog - Destination IP Address",
+        "title": "Syslog - Destination Port",
+        "visState": "{\"title\":\"Syslog - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Port\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -199,8 +193,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
@@ -209,15 +203,15 @@
       }
     },
     {
-      "id": "6a006054-309e-447f-9371-99f119d18291",
+      "id": "AWDHE-_wxQT5EBNmq4n3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:42.701Z",
+      "version": "WzU2OSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Syslog - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
+        "title": "Syslog - Log Count",
+        "visState": "{\"title\":\"Syslog - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "Syslog - Destination Port",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -236,25 +230,25 @@
       }
     },
     {
-      "id": "ab31bef3-9eaf-458b-8ff8-6fba232a6a06",
+      "id": "eb455420-4dda-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4NiwxXQ==",
+      "updated_at": "2020-02-12T21:02:03.362Z",
+      "version": "WzEyNTUsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"Syslog - Protocol\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.proto\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}}],\"listeners\":{}}",
+        "title": "Syslog - Severity",
+        "visState": "{\"title\":\"Syslog - Severity\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Severity\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_syslog.severity\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Severity\"}}]}",
+        "uiStateJSON": "{}",
         "description": "",
-        "title": "Syslog - Protocol",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
@@ -263,25 +257,25 @@
       }
     },
     {
-      "id": "1c50098c-be32-4f8e-bdf3-d78c0bfa2c0c",
+      "id": "343952d0-4ddb-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4NywxXQ==",
+      "updated_at": "2020-02-12T21:08:28.776Z",
+      "version": "WzEyNjIsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"Syslog - Severity\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Severity\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_syslog.severity\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Severity\"}}],\"listeners\":{}}",
+        "title": "Syslog - Facility",
+        "visState": "{\"title\":\"Syslog - Facility\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Facility\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_syslog.facility\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Facility\"}}]}",
+        "uiStateJSON": "{}",
         "description": "",
-        "title": "Syslog - Severity",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false},\"spy\":{\"mode\":{\"name\":null,\"fill\":false}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
@@ -290,31 +284,71 @@
       }
     },
     {
-      "id": "AWDHE-_wxQT5EBNmq4n3",
+      "id": "19044160-4dda-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:41.083Z",
-      "version": "WzM4OCwxXQ==",
+      "updated_at": "2020-02-12T20:56:10.614Z",
+      "version": "WzEyMzgsMV0=",
       "attributes": {
-        "title": "Syslog - Log Count",
-        "visState": "{\"title\":\"Syslog - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "Syslog - Protocol",
+        "visState": "{\"title\":\"Syslog - Protocol\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"IP Protocol\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.proto\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"IP Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "7d7fd24e-51be-4040-83b3-a6630e989e2d",
+      "type": "search",
+      "updated_at": "2020-02-12T20:58:39.964Z",
+      "version": "WzEyNTEsMV0=",
+      "attributes": {
+        "title": "Syslog (Zeek) - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_syslog.severity",
+          "zeek_syslog.facility",
+          "zeek_syslog.message",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:syslog\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/95479950-41f2-11ea-88fa-7151df485405.json b/kibana/dashboards/95479950-41f2-11ea-88fa-7151df485405.json
new file mode 100644
index 000000000..d2881f878
--- /dev/null
+++ b/kibana/dashboards/95479950-41f2-11ea-88fa-7151df485405.json
@@ -0,0 +1,522 @@
+{
+  "version": "7.6.2",
+  "objects": [
+    {
+      "id": "95479950-41f2-11ea-88fa-7151df485405",
+      "type": "dashboard",
+      "updated_at": "2020-02-04T14:48:41.812Z",
+      "version": "WzgxNywxXQ==",
+      "attributes": {
+        "title": "Security Overview",
+        "hits": 0,
+        "description": "",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":12,\"h\":23,\"i\":\"320b8bf0-6567-4d0b-b7d1-7402baf830d4\"},\"panelIndex\":\"320b8bf0-6567-4d0b-b7d1-7402baf830d4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":0,\"w\":15,\"h\":23,\"i\":\"8f421b7e-8ea9-4d52-a165-8e2a4fa78fd0\"},\"panelIndex\":\"8f421b7e-8ea9-4d52-a165-8e2a4fa78fd0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":35,\"y\":0,\"w\":13,\"h\":23,\"i\":\"119a8b45-c803-4c71-93b4-a9514803021a\"},\"panelIndex\":\"119a8b45-c803-4c71-93b4-a9514803021a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":15,\"h\":18,\"i\":\"1789e54a-db27-4e5e-92d3-2f44b3f9f96e\"},\"panelIndex\":\"1789e54a-db27-4e5e-92d3-2f44b3f9f96e\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":15,\"y\":23,\"w\":15,\"h\":38,\"i\":\"9df4498d-9d4d-4613-bc54-8fca34ade25c\"},\"panelIndex\":\"9df4498d-9d4d-4613-bc54-8fca34ade25c\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":null},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":30,\"y\":23,\"w\":9,\"h\":18,\"i\":\"4cdbaf8d-bb32-457f-a198-e9734168c5eb\"},\"panelIndex\":\"4cdbaf8d-bb32-457f-a198-e9734168c5eb\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":39,\"y\":23,\"w\":9,\"h\":18,\"i\":\"61f158d0-8c28-499f-af09-4df087948d42\"},\"panelIndex\":\"61f158d0-8c28-499f-af09-4df087948d42\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":41,\"w\":15,\"h\":20,\"i\":\"071a1c98-695f-4708-92c9-2c950e515131\"},\"panelIndex\":\"071a1c98-695f-4708-92c9-2c950e515131\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":null}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"asc\"}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":30,\"y\":41,\"w\":18,\"h\":20,\"i\":\"a5c3b5c2-37c3-488d-81ab-d74a89d4be84\"},\"panelIndex\":\"a5c3b5c2-37c3-488d-81ab-d74a89d4be84\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":61,\"w\":48,\"h\":19,\"i\":\"2231b6ad-9e0d-4524-a359-bdc2c8332991\"},\"panelIndex\":\"2231b6ad-9e0d-4524-a359-bdc2c8332991\",\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_10\"}]",
+        "optionsJSON": "{\"useMargins\":true}",
+        "version": 1,
+        "timeRestore": false,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"}}"
+        }
+      },
+      "references": [
+        {
+          "name": "panel_0",
+          "type": "visualization",
+          "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
+        },
+        {
+          "name": "panel_1",
+          "type": "visualization",
+          "id": "a4f6eba0-41f5-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "0e9b1a00-525e-11e9-9bd7-13d6d1bafa75"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "c5b1e590-41f3-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_4",
+          "type": "visualization",
+          "id": "e9f27fa0-41f8-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_5",
+          "type": "visualization",
+          "id": "f7b3ba60-41f7-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_6",
+          "type": "visualization",
+          "id": "0ffb5790-41f3-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_7",
+          "type": "visualization",
+          "id": "4a183420-41f3-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_8",
+          "type": "visualization",
+          "id": "69241a80-421d-11ea-9084-41ab7c5fff2e"
+        },
+        {
+          "name": "panel_9",
+          "type": "visualization",
+          "id": "10a01120-41f5-11ea-88fa-7151df485405"
+        },
+        {
+          "name": "panel_10",
+          "type": "visualization",
+          "id": "d8b8a6a0-41fe-11ea-88fa-7151df485405"
+        }
+      ],
+      "migrationVersion": {
+        "dashboard": "7.3.0"
+      }
+    },
+    {
+      "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:21:03.422Z",
+      "version": "Wzc4MCwxXQ==",
+      "attributes": {
+        "title": "Zeek Logs",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "a4f6eba0-41f5-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU1NiwxXQ==",
+      "attributes": {
+        "title": "Notices by Category",
+        "visState": "{\"title\":\"Notices by Category\",\"type\":\"table\",\"params\":{\"perPage\":15,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.note\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":200,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Notice Category\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "0e9b1a00-525e-11e9-9bd7-13d6d1bafa75",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU1NywxXQ==",
+      "attributes": {
+        "title": "Signatures - Signature IDs",
+        "visState": "{\"title\":\"Signatures - Signature IDs\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_signatures.signature_id\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature ID\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "type": "search",
+          "name": "search_0",
+          "id": "34dd33c0-523f-11e9-a30e-e3576242f3ed"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "c5b1e590-41f3-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU1OCwxXQ==",
+      "attributes": {
+        "title": "Clear-text Transmission of Passwords ",
+        "visState": "{\"title\":\"Clear-text Transmission of Passwords \",\"type\":\"table\",\"params\":{\"perPage\":15,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Application Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"user\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Username\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\\\\*password:*\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "e9f27fa0-41f8-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:51:37.130Z",
+      "version": "WzgxOCwxXQ==",
+      "attributes": {
+        "title": "Outdated/Insecure Application Protocols",
+        "visState": "{\"title\":\"Outdated/Insecure Application Protocols\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":0,\"direction\":\"asc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Application Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.service_version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Protocol Version\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":0,\"direction\":\"asc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"(NOT zeek.logType:known*) AND ((zeek.service:ssh AND zeek.service_version < 2) OR (zeek.service:smb AND zeek.service_version < 2) OR (zeek.service:tls AND NOT zeek.service_version:(*TLS*v12* OR *TLS*v13*)) OR (zeek.service:ntp AND zeek.service_version < 4) OR (zeek.service:rfb AND zeek.service_version < 3.8) OR (zeek.service:rdp AND zeek.service_version < 6.0) OR (zeek.service:snmp AND zeek.service_version < 3) OR (zeek.service:ftp))\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "f7b3ba60-41f7-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2MCwxXQ==",
+      "attributes": {
+        "title": "Connections by Destination Country (region map)",
+        "visState": "{\"title\":\"Connections by Destination Country (region map)\",\"type\":\"region_map\",\"params\":{\"legendPosition\":\"bottomright\",\"addTooltip\":true,\"colorSchema\":\"Blues\",\"emsHotLink\":\"\",\"isDisplayWarning\":false,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p><a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>\"}},\"mapZoom\":2,\"mapCenter\":[0,0],\"outlineWeight\":1,\"showAllShapes\":true,\"selectedLayer\":{\"name\":\"World (offline)\",\"url\":\"/world.geojson\",\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"name\":\"ISO_A2\",\"description\":\"Country Code\"},{\"name\":\"WB_A2\",\"description\":\"Country Code2\"},{\"name\":\"NAME\",\"description\":\"Country Name\"}],\"format\":{\"type\":\"geojson\"},\"meta\":{\"feature_collection_path\":\"data\"},\"layerId\":\"self_hosted.World (offline)\",\"isEMS\":false},\"selectedJoinField\":{\"name\":\"WB_A2\",\"description\":\"Country Code2\"},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Connections\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_code2\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Country\"}}]}",
+        "uiStateJSON": "{\"mapZoom\":3,\"mapCenter\":[37.16031654673677,-5.7511603125000015]}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "0ffb5790-41f3-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2MSwxXQ==",
+      "attributes": {
+        "title": "Inbound External Traffic by Country",
+        "visState": "{\"title\":\"Inbound External Traffic by Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.source_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":200,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Originating Country\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"tags:external_source AND tags:internal_destination\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4a183420-41f3-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2MiwxXQ==",
+      "attributes": {
+        "title": "Outbound Internal Traffic by Country",
+        "visState": "{\"title\":\"Outbound Internal Traffic by Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":200,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Responding Country\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"tags:internal_source AND tags:external_destination\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "69241a80-421d-11ea-9084-41ab7c5fff2e",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2MywxXQ==",
+      "attributes": {
+        "title": "DNS Queries by Randomness",
+        "visState": "{\"title\":\"DNS Queries by Randomness\",\"type\":\"table\",\"params\":{\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}},{\"accessor\":1,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metrics\":[{\"accessor\":2,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}]},\"perPage\":10,\"percentageCol\":\"\",\"showMetricsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dns.host\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"DNS Query\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v1\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Randomness Score (method 1)\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.freq_score_v2\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Randomness Score (method 2)\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "10a01120-41f5-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2NCwxXQ==",
+      "attributes": {
+        "title": "File Types Observed",
+        "visState": "{\"title\":\"File Types Observed\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"square root\",\"orientation\":\"single\",\"minFontSize\":18,\"maxFontSize\":48,\"showLabel\":false,\"metric\":{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"string\",\"params\":{}}},\"bucket\":{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.filetype\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"File Type\"}}]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "d8b8a6a0-41fe-11ea-88fa-7151df485405",
+      "type": "visualization",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2NiwxXQ==",
+      "attributes": {
+        "title": "External Remote Access Over Time",
+        "visState": "{\"title\":\"External Remote Access Over Time\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD\"}},\"params\":{\"date\":true,\"interval\":\"P30D\",\"intervalESValue\":30,\"intervalESUnit\":\"d\",\"format\":\"YYYY-MM-DD\",\"bounds\":{\"min\":\"1976-01-28T18:52:45.953Z\",\"max\":\"2020-01-28T18:52:45.953Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-44y\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.service\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"zeek.service:(ssh OR rdp OR rfb OR telnet) AND tags:(external_source OR external_destination)\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
+      "type": "search",
+      "updated_at": "2020-02-04T14:21:00.359Z",
+      "version": "Wzc1NywxXQ==",
+      "attributes": {
+        "title": "Notices - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_notice.note",
+          "srcIp",
+          "dstIp",
+          "zeek.uid",
+          "_id"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "34dd33c0-523f-11e9-a30e-e3576242f3ed",
+      "type": "search",
+      "updated_at": "2020-02-04T14:20:41.897Z",
+      "version": "WzU2OCwxXQ==",
+      "attributes": {
+        "title": "Signatures - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_signatures.note",
+          "zeek_signatures.signature_id",
+          "zeek_signatures.signature_count",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"zeek.logType:signatures\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
+      "type": "search",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
+      "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    },
+    {
+      "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e",
+      "type": "search",
+      "updated_at": "2020-02-12T16:25:47.761Z",
+      "version": "WzkwMywxXQ==",
+      "attributes": {
+        "title": "DNS - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "zeek_dns.query",
+          "zeek_dns.answers",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:dns\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/kibana/dashboards/9ee51f94-3316-4fc5-bd89-93a52af69714.json b/kibana/dashboards/9ee51f94-3316-4fc5-bd89-93a52af69714.json
index eef0b5bf1..35687e791 100644
--- a/kibana/dashboards/9ee51f94-3316-4fc5-bd89-93a52af69714.json
+++ b/kibana/dashboards/9ee51f94-3316-4fc5-bd89-93a52af69714.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "9ee51f94-3316-4fc5-bd89-93a52af69714",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzQwMCwxXQ==",
+      "updated_at": "2020-02-12T15:38:15.432Z",
+      "version": "Wzg0MSwxXQ==",
       "attributes": {
         "title": "Files",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"2\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"2\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"panelIndex\":\"3\",\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"4\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":72,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{\"columns\":[\"zeek_files.tx_hosts\",\"dstIp\",\"zeek_files.source\",\"zeek.uid\",\"zeek_files.fuid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"6\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":24,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"7\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":48,\"i\":\"7\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":48,\"i\":\"8\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":40,\"h\":16,\"x\":8,\"y\":8,\"i\":\"9\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"panelIndex\":\"10\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":48,\"i\":\"10\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"12\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":24,\"i\":\"12\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":43,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":24,\"w\":20,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":32,\"y\":43,\"w\":16,\"h\":20,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":43,\"w\":16,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":40,\"h\":16,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":43,\"w\":16,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":24,\"w\":20,\"h\":19,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":63,\"w\":48,\"h\":35,\"i\":\"8e4863be-7d69-4354-9eb4-4e30a7c983d6\"},\"panelIndex\":\"8e4863be-7d69-4354-9eb4-4e30a7c983d6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -31,43 +31,43 @@
         },
         {
           "name": "panel_2",
-          "type": "search",
-          "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459"
+          "type": "visualization",
+          "id": "66d5d357-edce-450d-b5be-a5a00190e153"
         },
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "66d5d357-edce-450d-b5be-a5a00190e153"
+          "id": "d3a0ac2e-73cf-462e-8b03-e6ff3b8612b7"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "d3a0ac2e-73cf-462e-8b03-e6ff3b8612b7"
+          "id": "9ba4473b-66f4-4aea-b19e-4309ec6534b8"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "9ba4473b-66f4-4aea-b19e-4309ec6534b8"
+          "id": "4474edda-47f0-4b74-b5d2-cbf012368c59"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "4474edda-47f0-4b74-b5d2-cbf012368c59"
+          "id": "b1cb0275-a84e-4ef3-ad40-b2b773be43ff"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "b1cb0275-a84e-4ef3-ad40-b2b773be43ff"
+          "id": "AWDG9goqxQT5EBNmq4BP"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDG9goqxQT5EBNmq4BP"
+          "id": "5a4e8261-d65c-4b36-b3f4-5c272f18990f"
         },
         {
           "name": "panel_9",
-          "type": "visualization",
-          "id": "5a4e8261-d65c-4b36-b3f4-5c272f18990f"
+          "type": "search",
+          "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459"
         }
       ],
       "migrationVersion": {
@@ -77,8 +77,8 @@
     {
       "id": "aaa4fbb0-d5fe-4ef9-be76-405b977bcd5b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU4NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Files - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -104,11 +104,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -121,50 +121,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5MiwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "Files - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:files\"}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "zeek_files.tx_hosts",
-          "dstIp",
-          "zeek_files.source",
-          "zeek.uid",
-          "zeek_files.fuid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "66d5d357-edce-450d-b5be-a5a00190e153",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5MywxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Files - Files By Size (Bytes)\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_files.seen_bytes\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Bytes Seen\"}}],\"listeners\":{}}",
         "description": "",
@@ -190,8 +151,8 @@
     {
       "id": "d3a0ac2e-73cf-462e-8b03-e6ff3b8612b7",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FIles - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -217,8 +178,8 @@
     {
       "id": "9ba4473b-66f4-4aea-b19e-4309ec6534b8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FIles - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_files.tx_hosts\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"File IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -244,8 +205,8 @@
     {
       "id": "4474edda-47f0-4b74-b5d2-cbf012368c59",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5MywxXQ==",
       "attributes": {
         "title": "Files - MIME Type",
         "visState": "{\"title\":\"Files - MIME Type\",\"type\":\"histogram\",\"params\":{\"addLegend\":false,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"rotate\":75,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"MIME Type\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}],\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_files.mime_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MIME Type\"}}]}",
@@ -271,8 +232,8 @@
     {
       "id": "b1cb0275-a84e-4ef3-ad40-b2b773be43ff",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5NywxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"FIles - MIME Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_files.mime_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MIME Type\"}}],\"listeners\":{}}",
         "description": "",
@@ -298,8 +259,8 @@
     {
       "id": "AWDG9goqxQT5EBNmq4BP",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5OCwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5NSwxXQ==",
       "attributes": {
         "title": "Files - Log Count",
         "visState": "{\"title\":\"Files - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -325,8 +286,8 @@
     {
       "id": "5a4e8261-d65c-4b36-b3f4-5c272f18990f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:42.110Z",
-      "version": "WzM5OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:44.752Z",
+      "version": "WzU5NiwxXQ==",
       "attributes": {
         "title": "Files - Source",
         "visState": "{\"title\":\"Files - Source\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_files.source\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source\"}}]}",
@@ -348,6 +309,45 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "0aca5333-3b1c-4cda-afb4-f7dd86910459",
+      "type": "search",
+      "updated_at": "2020-02-12T15:36:31.616Z",
+      "version": "Wzg0MCwxXQ==",
+      "attributes": {
+        "title": "Files - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_files.tx_hosts",
+          "dstIp",
+          "zeek_files.source",
+          "zeek_files.mime_type",
+          "zeek.uid",
+          "zeek.fuid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:files\",\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/a16110b0-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/a16110b0-3f99-11e9-a58e-8bdedb0915e8.json
index c2f3660c4..3e14a580b 100644
--- a/kibana/dashboards/a16110b0-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/a16110b0-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "a16110b0-3f99-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:43.143Z",
-      "version": "WzQwNCwxXQ==",
+      "updated_at": "2020-02-13T15:37:51.002Z",
+      "version": "WzkzNiwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Sum of Total Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"95f9b964-c2a2-416b-9903-8b969247e1ab\"},\"panelIndex\":\"95f9b964-c2a2-416b-9903-8b969247e1ab\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"7f315dd1-7809-49af-bed1-edfa12322240\"},\"panelIndex\":\"7f315dd1-7809-49af-bed1-edfa12322240\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "304de8c0-3f95-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,12 +67,12 @@
     {
       "id": "304de8c0-3f95-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:43.143Z",
-      "version": "WzQwMiwxXQ==",
+      "updated_at": "2020-02-13T14:48:28.279Z",
+      "version": "Wzg3NywxXQ==",
       "attributes": {
         "title": "Connections - Destination - Sum of Total Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Destination - Sum of Total Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":2,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
-        "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
+        "visState": "{\"title\":\"Connections - Destination - Sum of Total Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":2,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\"}},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"sum\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Responder Country\",\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
+        "uiStateJSON": "{\"mapCenter\":[38.14774734584061,16.699218750000004],\"mapZoom\":3}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -72,8 +82,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/a7514350-eba6-11e9-a384-0fcf32210194.json b/kibana/dashboards/a7514350-eba6-11e9-a384-0fcf32210194.json
index f46d049a9..34f71b5f5 100644
--- a/kibana/dashboards/a7514350-eba6-11e9-a384-0fcf32210194.json
+++ b/kibana/dashboards/a7514350-eba6-11e9-a384-0fcf32210194.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "a7514350-eba6-11e9-a384-0fcf32210194",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxNywxXQ==",
+      "updated_at": "2020-02-12T21:37:07.159Z",
+      "version": "WzEyOTIsMV0=",
       "attributes": {
         "title": "PROFINET",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":69,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":69,\"w\":48,\"h\":34,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":50,\"w\":19,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":27,\"y\":50,\"w\":20,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":19,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":14,\"w\":24,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":33,\"w\":19,\"h\":17,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"x\":27,\"y\":33,\"w\":21,\"h\":17,\"i\":\"10\"},\"version\":\"7.5.1\",\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":69,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":69,\"w\":48,\"h\":34,\"i\":\"4\"},\"panelIndex\":\"4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":50,\"w\":19,\"h\":19,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":27,\"y\":50,\"w\":21,\"h\":19,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":19,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":14,\"w\":24,\"h\":19,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":33,\"w\":19,\"h\":17,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":27,\"y\":33,\"w\":21,\"h\":17,\"i\":\"10\"},\"panelIndex\":\"10\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -77,11 +77,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +97,8 @@
     {
       "id": "bf41a680-eba6-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQwNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwMywxXQ==",
       "attributes": {
         "title": "PROFINET - Log Count",
         "visState": "{\"title\":\"PROFINET - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":36}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Log Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.logType\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Log Type\"}}]}",
@@ -128,8 +128,8 @@
     {
       "id": "fcf95d10-eba6-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQwNywxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwNCwxXQ==",
       "attributes": {
         "title": "PROFINET - Logs Over Time",
         "visState": "{\"title\":\"PROFINET - Logs Over Time\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"now-25y\",\"to\":\"now\",\"mode\":\"relative\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.logType\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Log Type\"}}]}",
@@ -159,8 +159,8 @@
     {
       "id": "a0a10870-eba5-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQwOCwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwNSwxXQ==",
       "attributes": {
         "title": "PROFINET and Related - Logs",
         "description": "",
@@ -200,8 +200,8 @@
     {
       "id": "ec42baa0-eba8-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQwOSwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwNiwxXQ==",
       "attributes": {
         "title": "PROFINET - Source IP",
         "visState": "{\"title\":\"PROFINET - Source IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcPort\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source Port\"}}]}",
@@ -227,8 +227,8 @@
     {
       "id": "0957f330-eba9-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxMCwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwNywxXQ==",
       "attributes": {
         "title": "PROFINET - Destination IP",
         "visState": "{\"title\":\"PROFINET - Destination IP\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}}]}",
@@ -254,8 +254,8 @@
     {
       "id": "41f36a70-ebaa-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwOCwxXQ==",
       "attributes": {
         "title": "PROFINET - Operation",
         "visState": "{\"title\":\"PROFINET - Operation\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.operation_type\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Operation\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.index\",\"size\":30,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Index\"}}]}",
@@ -281,8 +281,8 @@
     {
       "id": "9dccb5f0-eba9-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYwOSwxXQ==",
       "attributes": {
         "title": "PROFINET - Operation Details",
         "visState": "{\"title\":\"PROFINET - Operation Details\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.operation_type\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Operation\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.index\",\"size\":30,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Index\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.slot_number\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Slot\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_profinet.subslot_number\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Subslot\"}}]}",
@@ -308,8 +308,8 @@
     {
       "id": "17319090-ebab-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxMywxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYxMCwxXQ==",
       "attributes": {
         "title": "PROFINET DCE/RPC - Operation",
         "visState": "{\"title\":\"PROFINET DCE/RPC - Operation\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_profinet_dce_rpc.operation\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Operation\"}}]}",
@@ -335,8 +335,8 @@
     {
       "id": "8022cc90-ebab-11e9-a384-0fcf32210194",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxNCwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYxMSwxXQ==",
       "attributes": {
         "title": "PROFINET DCE/RPC - Packet Type",
         "visState": "{\"title\":\"PROFINET DCE/RPC - Packet Type\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_profinet_dce_rpc.packet_type\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Packet Type\"}}]}",
@@ -362,8 +362,8 @@
     {
       "id": "8524e670-eba5-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYxMiwxXQ==",
       "attributes": {
         "title": "PROFINET - Logs",
         "description": "",
@@ -403,8 +403,8 @@
     {
       "id": "96d31d60-eba5-11e9-a384-0fcf32210194",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:44.165Z",
-      "version": "WzQxNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:46.801Z",
+      "version": "WzYxMywxXQ==",
       "attributes": {
         "title": "PROFINET DCE/RPC - Logs",
         "description": "",
diff --git a/kibana/dashboards/abdd7550-2c7c-40dc-947e-f6d186a158c4.json b/kibana/dashboards/abdd7550-2c7c-40dc-947e-f6d186a158c4.json
index 17b697ec2..dacb3098a 100644
--- a/kibana/dashboards/abdd7550-2c7c-40dc-947e-f6d186a158c4.json
+++ b/kibana/dashboards/abdd7550-2c7c-40dc-947e-f6d186a158c4.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "abdd7550-2c7c-40dc-947e-f6d186a158c4",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQ0MywxXQ==",
+      "updated_at": "2020-02-12T23:24:16.730Z",
+      "version": "WzgzOCwxXQ==",
       "attributes": {
         "title": "Connections",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":48,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"x\":0,\"y\":98,\"w\":48,\"h\":16,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":134,\"w\":16,\"h\":21,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":16,\"y\":134,\"w\":16,\"h\":21,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":195,\"w\":16,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":16,\"y\":195,\"w\":16,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":32,\"y\":195,\"w\":16,\"h\":20,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":114,\"w\":48,\"h\":20,\"i\":\"19\"},\"panelIndex\":\"19\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":20,\"i\":\"21\"},\"panelIndex\":\"21\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"},{\"gridData\":{\"x\":28,\"y\":28,\"w\":20,\"h\":20,\"i\":\"22\"},\"panelIndex\":\"22\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_10\"},{\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":20,\"i\":\"23\"},\"panelIndex\":\"23\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_11\"},{\"gridData\":{\"x\":8,\"y\":28,\"w\":20,\"h\":20,\"i\":\"24\"},\"panelIndex\":\"24\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_12\"},{\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]},\"gridData\":{\"x\":0,\"y\":215,\"w\":48,\"h\":24,\"i\":\"25\"},\"panelIndex\":\"25\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_13\"},{\"gridData\":{\"x\":0,\"y\":91,\"w\":19,\"h\":7,\"i\":\"26\"},\"panelIndex\":\"26\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_14\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"29\"},\"panelIndex\":\"29\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_15\"},{\"gridData\":{\"x\":19,\"y\":73,\"w\":29,\"h\":25,\"i\":\"30\"},\"panelIndex\":\"30\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_16\"},{\"gridData\":{\"x\":32,\"y\":134,\"w\":16,\"h\":21,\"i\":\"31\"},\"panelIndex\":\"31\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_17\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":175,\"w\":24,\"h\":20,\"i\":\"32\"},\"panelIndex\":\"32\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_18\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":175,\"w\":24,\"h\":20,\"i\":\"33\"},\"panelIndex\":\"33\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_19\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":155,\"w\":24,\"h\":20,\"i\":\"34\"},\"panelIndex\":\"34\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_20\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":155,\"w\":24,\"h\":20,\"i\":\"35\"},\"panelIndex\":\"35\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_21\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":48,\"w\":24,\"h\":25,\"i\":\"36\"},\"panelIndex\":\"36\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_22\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":48,\"w\":24,\"h\":25,\"i\":\"37\"},\"panelIndex\":\"37\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_23\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":73,\"w\":19,\"h\":18,\"i\":\"38\"},\"panelIndex\":\"38\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_24\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"h\":24,\"i\":\"2\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":22,\"i\":\"5\",\"w\":48,\"x\":0,\"y\":61},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":21,\"i\":\"8\",\"w\":16,\"x\":0,\"y\":131},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":21,\"i\":\"9\",\"w\":16,\"x\":16,\"y\":131},\"panelIndex\":\"9\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"11\",\"w\":16,\"x\":0,\"y\":192},\"panelIndex\":\"11\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"12\",\"w\":16,\"x\":16,\"y\":192},\"panelIndex\":\"12\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"13\",\"w\":16,\"x\":32,\"y\":192},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":25,\"i\":\"19\",\"w\":25,\"x\":23,\"y\":106},\"panelIndex\":\"19\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":29,\"i\":\"21\",\"w\":19,\"x\":29,\"y\":8},\"panelIndex\":\"21\",\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":23,\"i\":\"22\",\"w\":17,\"x\":16,\"y\":83},\"panelIndex\":\"22\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":23,\"i\":\"23\",\"w\":15,\"x\":33,\"y\":83},\"panelIndex\":\"23\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":23,\"i\":\"24\",\"w\":16,\"x\":0,\"y\":83},\"panelIndex\":\"24\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":13,\"i\":\"26\",\"w\":8,\"x\":0,\"y\":24},\"panelIndex\":\"26\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":8,\"i\":\"29\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"29\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_14\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":25,\"i\":\"30\",\"w\":23,\"x\":0,\"y\":106},\"panelIndex\":\"30\",\"embeddableConfig\":{},\"panelRefName\":\"panel_15\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":21,\"i\":\"31\",\"w\":16,\"x\":32,\"y\":131},\"panelIndex\":\"31\",\"embeddableConfig\":{},\"panelRefName\":\"panel_16\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"32\",\"w\":24,\"x\":0,\"y\":172},\"panelIndex\":\"32\",\"embeddableConfig\":{},\"panelRefName\":\"panel_17\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"33\",\"w\":24,\"x\":24,\"y\":172},\"panelIndex\":\"33\",\"embeddableConfig\":{},\"panelRefName\":\"panel_18\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"34\",\"w\":24,\"x\":0,\"y\":152},\"panelIndex\":\"34\",\"embeddableConfig\":{},\"panelRefName\":\"panel_19\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":20,\"i\":\"35\",\"w\":24,\"x\":24,\"y\":152},\"panelIndex\":\"35\",\"embeddableConfig\":{},\"panelRefName\":\"panel_20\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":24,\"i\":\"36\",\"w\":24,\"x\":0,\"y\":37},\"panelIndex\":\"36\",\"embeddableConfig\":{},\"panelRefName\":\"panel_21\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":24,\"i\":\"37\",\"w\":24,\"x\":24,\"y\":37},\"panelIndex\":\"37\",\"embeddableConfig\":{},\"panelRefName\":\"panel_22\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":29,\"i\":\"38\",\"w\":12,\"x\":17,\"y\":8},\"panelIndex\":\"38\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false},\"legendOpen\":true},\"panelRefName\":\"panel_23\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":29,\"i\":\"cbba4b14-342c-4e8e-9afd-f4da9e4b8f00\",\"w\":9,\"x\":8,\"y\":8},\"panelIndex\":\"cbba4b14-342c-4e8e-9afd-f4da9e4b8f00\",\"embeddableConfig\":{},\"panelRefName\":\"panel_24\"},{\"version\":\"7.6.2\",\"gridData\":{\"h\":37,\"i\":\"82da0128-4dcd-4f8b-9275-aad74435296f\",\"w\":48,\"x\":0,\"y\":212},\"panelIndex\":\"82da0128-4dcd-4f8b-9275-aad74435296f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_25\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -86,63 +86,68 @@
         },
         {
           "name": "panel_13",
-          "type": "search",
-          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         },
         {
           "name": "panel_14",
           "type": "visualization",
-          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
+          "id": "AWDG71xFxQT5EBNmq336"
         },
         {
           "name": "panel_15",
           "type": "visualization",
-          "id": "AWDG71xFxQT5EBNmq336"
+          "id": "f7ddb5a7-32d5-4e10-b9d5-01ac0bd694c0"
         },
         {
           "name": "panel_16",
           "type": "visualization",
-          "id": "f7ddb5a7-32d5-4e10-b9d5-01ac0bd694c0"
+          "id": "568c74ff-3ef3-45ba-a178-0520633697bd"
         },
         {
           "name": "panel_17",
           "type": "visualization",
-          "id": "568c74ff-3ef3-45ba-a178-0520633697bd"
+          "id": "73df67e0-1f4b-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_18",
           "type": "visualization",
-          "id": "73df67e0-1f4b-11e9-b7cf-71e2cd3bde1b"
+          "id": "b1851d10-1f4b-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_19",
           "type": "visualization",
-          "id": "b1851d10-1f4b-11e9-b7cf-71e2cd3bde1b"
+          "id": "cf9a1cf0-1f4c-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_20",
           "type": "visualization",
-          "id": "cf9a1cf0-1f4c-11e9-b7cf-71e2cd3bde1b"
+          "id": "b9e4dcb0-1f4c-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_21",
           "type": "visualization",
-          "id": "b9e4dcb0-1f4c-11e9-b7cf-71e2cd3bde1b"
+          "id": "c513e8f0-1f4d-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_22",
           "type": "visualization",
-          "id": "c513e8f0-1f4d-11e9-b7cf-71e2cd3bde1b"
+          "id": "b04c8b20-1f4d-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_23",
           "type": "visualization",
-          "id": "b04c8b20-1f4d-11e9-b7cf-71e2cd3bde1b"
+          "id": "ede811b0-1f4e-11e9-b7cf-71e2cd3bde1b"
         },
         {
           "name": "panel_24",
           "type": "visualization",
-          "id": "ede811b0-1f4e-11e9-b7cf-71e2cd3bde1b"
+          "id": "adc09360-49c7-11ea-812f-2bc51df4ea1e"
+        },
+        {
+          "name": "panel_25",
+          "type": "search",
+          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
       "migrationVersion": {
@@ -152,11 +157,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T22:17:04.378Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -172,8 +177,8 @@
     {
       "id": "03eba854-72b5-47d0-a92a-b671a0d7ed19",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQxOSwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYxOSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -199,8 +204,8 @@
     {
       "id": "52013c7c-c554-450e-9198-dbafdc050459",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyMCwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyMCwxXQ==",
       "attributes": {
         "title": "Connections - Service By Destination Country",
         "visState": "{\"title\":\"Connections - Service By Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\",\"row\":false}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.service\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Service\"}}]}",
@@ -226,8 +231,8 @@
     {
       "id": "13f8cfbf-7b48-414b-8b34-9fc40d4fc066",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyMSwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -253,8 +258,8 @@
     {
       "id": "4ab657d5-88d3-44c0-90fd-4e731e528d60",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyMiwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyMiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -280,8 +285,8 @@
     {
       "id": "d25f4abc-24af-405e-a6f6-873277fe5771",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyMywxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyMywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Source Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.source_geo.country_code2\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}],\"listeners\":{}}",
         "description": "",
@@ -307,8 +312,8 @@
     {
       "id": "0eb7d869-bd51-4711-8ac3-f3cea41dee37",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyNCwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyNCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Responder Bytes\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_conn.resp_bytes\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Responder Bytes\"}}],\"listeners\":{}}",
         "description": "",
@@ -334,8 +339,8 @@
     {
       "id": "fccf0fdd-7e50-4dce-8b85-74141c404ef3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyNSwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYyNSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Missed Bytes\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_conn.missed_bytes\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Missed Bytes\"}}],\"listeners\":{}}",
         "description": "",
@@ -361,13 +366,13 @@
     {
       "id": "bda3ad0a-aa00-40b6-b0ed-a42b96f3343e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyNiwxXQ==",
+      "updated_at": "2020-02-12T23:15:34.955Z",
+      "version": "WzgyNSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Connections - Connection State\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_conn.conn_state_description\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Connection State Description\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Connections - Connection State",
+        "visState": "{\"title\":\"Connections - Connection State\",\"type\":\"table\",\"params\":{\"perPage\":15,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Connection State Description\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_conn.conn_state_description\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Connection State Description\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -376,8 +381,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -388,13 +393,13 @@
     {
       "id": "73528008-f11d-4faa-8f69-a5bf23507b8f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyNywxXQ==",
+      "updated_at": "2020-02-12T23:05:22.182Z",
+      "version": "WzgxNiwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Connection\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Connection ID\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"left\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.uid\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Connection ID\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.uid\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Connection ID\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Connections - Top 10 - Total Bytes By Connection",
-        "uiStateJSON": "{}",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Connection\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":false,\"truncate\":100,\"rotate\":75},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Connection ID\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Connection ID\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Connection ID\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.uid\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Connection ID\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek.uid\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Connection ID\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -403,8 +408,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -415,13 +420,13 @@
     {
       "id": "faa08629-0011-4b38-8b74-3ba86b59155f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyOCwxXQ==",
+      "updated_at": "2020-02-12T23:11:06.696Z",
+      "version": "WzgyMiwxXQ==",
       "attributes": {
-        "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Total Bytes\",\"field\":\"totBytes\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"Destination IP Address\",\"field\":\"dstIp\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":10},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"5\",\"params\":{\"customLabel\":\"Destination IP Address\",\"field\":\"dstIp\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":20},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}]},\"title\":\"Connections - Top 10 - Total Bytes By Destination IP\",\"type\":\"histogram\"}",
-        "description": "",
         "title": "Connections - Top 10 - Total Bytes By Destination IP",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Destination IP\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":75},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP Address\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP Address\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP Address\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP Address\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -430,8 +435,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -442,13 +447,13 @@
     {
       "id": "0418f791-97b5-4eb4-b644-bf91c98f9c1d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQyOSwxXQ==",
+      "updated_at": "2020-02-12T23:11:52.925Z",
+      "version": "WzgyMywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Destination Port\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination Port\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Max totBytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Connections - Top 10 - Total Bytes By Destination Port",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Destination Port\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination Port\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Max totBytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination Port\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Max totBytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination Port\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -457,8 +462,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -469,13 +474,13 @@
     {
       "id": "a76bc3ed-bbf7-429a-a936-475e9f9e0c0d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzMCwxXQ==",
+      "updated_at": "2020-02-12T23:10:07.685Z",
+      "version": "WzgxOSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Source IP\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Source IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"left\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Connections - Top 10 - Total Bytes By Source IP",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Source IP\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":75},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Source IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"left\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP Address\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP Address\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP Address\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -484,8 +489,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -493,58 +498,19 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
-      "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzMiwxXQ==",
+      "updated_at": "2020-02-12T23:18:28.303Z",
+      "version": "WzgyOCwxXQ==",
       "attributes": {
         "title": "Connections - Maps",
-        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":12,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) | [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327)   \\n[Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) | [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644)   \\n[Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) | [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) | [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8)   \\n[Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) | [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8)   \\n[Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) | [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source: Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination: Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source: Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination: Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source: Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination: Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source: Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination: Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source: Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination: Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source: Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination: Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"query\":{\"query_string\":{\"query\":\"*\"}},\"filter\":[]}"
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
         }
       },
       "references": [],
@@ -555,8 +521,8 @@
     {
       "id": "AWDG71xFxQT5EBNmq336",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzMywxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzMywxXQ==",
       "attributes": {
         "title": "Connections - Log Count",
         "visState": "{\"title\":\"Connections - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -582,8 +548,8 @@
     {
       "id": "f7ddb5a7-32d5-4e10-b9d5-01ac0bd694c0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzNCwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzNCwxXQ==",
       "attributes": {
         "title": "Connections - Total Bytes Per Source/Destination IP Pair",
         "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"Total Bytes\",\"field\":\"totBytes\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"_key\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":100},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Source IP\",\"field\":\"srcIp\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderAgg\":{\"enabled\":true,\"id\":\"2-orderAgg\",\"params\":{\"field\":\"totBytes\"},\"schema\":{\"aggFilter\":[\"!top_hits\",\"!percentiles\",\"!median\",\"!std_dev\",\"!derivative\",\"!moving_avg\",\"!serial_diff\",\"!cumulative_sum\",\"!avg_bucket\",\"!max_bucket\",\"!min_bucket\",\"!sum_bucket\"],\"deprecate\":false,\"editor\":false,\"group\":\"none\",\"hideCustomLabel\":true,\"max\":null,\"min\":0,\"name\":\"orderAgg\",\"params\":[],\"title\":\"Order Agg\"},\"type\":\"cardinality\"},\"orderBy\":\"custom\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":100},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Destination IP\",\"field\":\"dstIp\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderAgg\":{\"enabled\":true,\"id\":\"3-orderAgg\",\"params\":{\"field\":\"totBytes\"},\"schema\":{\"aggFilter\":[\"!top_hits\",\"!percentiles\",\"!median\",\"!std_dev\",\"!derivative\",\"!moving_avg\",\"!serial_diff\",\"!cumulative_sum\",\"!avg_bucket\",\"!max_bucket\",\"!min_bucket\",\"!sum_bucket\"],\"deprecate\":false,\"editor\":false,\"group\":\"none\",\"hideCustomLabel\":true,\"max\":null,\"min\":0,\"name\":\"orderAgg\",\"params\":[],\"title\":\"Order Agg\"},\"type\":\"cardinality\"},\"orderBy\":\"custom\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":100},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":15,\"showMetricsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Connections - Total Bytes Per Source/Destination IP Pair\",\"type\":\"table\"}",
@@ -609,8 +575,8 @@
     {
       "id": "568c74ff-3ef3-45ba-a178-0520633697bd",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzNSwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzNSwxXQ==",
       "attributes": {
         "title": "Connections - Destination Port",
         "visState": "{\"title\":\"Connections - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination Port\"}}]}",
@@ -636,8 +602,8 @@
     {
       "id": "73df67e0-1f4b-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzNiwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzNiwxXQ==",
       "attributes": {
         "title": "Connections - Source MAC OUI",
         "visState": "{\"title\":\"Connections - Source MAC OUI\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.orig_l2_oui\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source MAC OUI\"}}]}",
@@ -663,8 +629,8 @@
     {
       "id": "b1851d10-1f4b-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzNywxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzNywxXQ==",
       "attributes": {
         "title": "Connections - Destination MAC OUI",
         "visState": "{\"title\":\"Connections - Destination MAC OUI\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.resp_l2_oui\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination MAC OUI\"}}]}",
@@ -690,8 +656,8 @@
     {
       "id": "cf9a1cf0-1f4c-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzOCwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzOCwxXQ==",
       "attributes": {
         "title": "Connections - Source MAC Address",
         "visState": "{\"title\":\"Connections - Source MAC Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcMac\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"MAC Address\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcOui\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Organizational Unique Identifier\"}}]}",
@@ -717,8 +683,8 @@
     {
       "id": "b9e4dcb0-1f4c-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQzOSwxXQ==",
+      "updated_at": "2020-02-12T22:16:47.983Z",
+      "version": "WzYzOSwxXQ==",
       "attributes": {
         "title": "Connections - Destination MAC Address",
         "visState": "{\"title\":\"Connections - Destination MAC Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstMac\",\"size\":500,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"MAC Address\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstOui\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Organizational Unique Identifier\"}}]}",
@@ -744,11 +710,11 @@
     {
       "id": "c513e8f0-1f4d-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQ0MCwxXQ==",
+      "updated_at": "2020-02-12T23:03:16.658Z",
+      "version": "WzgxMiwxXQ==",
       "attributes": {
         "title": "Connections - Top 10 - Total Bytes By Source MAC OUI",
-        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Source MAC OUI\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcOui\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source MAC OUI\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"srcOui\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source MAC OUI\"}}]}",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Source MAC OUI\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":false,\"truncate\":100,\"rotate\":75},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source MAC OUI\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source MAC OUI\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcOui\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source MAC OUI\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"srcOui\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source MAC OUI\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -759,8 +725,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -771,11 +737,11 @@
     {
       "id": "b04c8b20-1f4d-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQ0MSwxXQ==",
+      "updated_at": "2020-02-12T23:04:08.623Z",
+      "version": "WzgxNCwxXQ==",
       "attributes": {
         "title": "Connections - Top 10 - Total Bytes By Destination MAC OUI",
-        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Destination MAC OUI\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstOui\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination MAC OUI\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstOui\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination MAC OUI\"}}]}",
+        "visState": "{\"title\":\"Connections - Top 10 - Total Bytes By Destination MAC OUI\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":false,\"truncate\":100,\"rotate\":75},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Destination IP Address\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"orderBucketsBySum\":false,\"radiusRatio\":9,\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Total Bytes\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"showCircles\":true,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Total Bytes\"},\"type\":\"value\"}],\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination MAC OUI\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Total Bytes\",\"aggType\":\"max\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination MAC OUI\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\",\"customLabel\":\"Total Bytes\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstOui\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination MAC OUI\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dstOui\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination MAC OUI\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -786,8 +752,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -798,12 +764,12 @@
     {
       "id": "ede811b0-1f4e-11e9-b7cf-71e2cd3bde1b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:45.186Z",
-      "version": "WzQ0MiwxXQ==",
+      "updated_at": "2020-02-12T23:21:45.676Z",
+      "version": "WzgzNCwxXQ==",
       "attributes": {
         "title": "Connections - Protocol",
-        "visState": "{\"title\":\"Connections - Protocol\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.proto\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
-        "uiStateJSON": "{}",
+        "visState": "{\"title\":\"Connections - Protocol\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Protocol\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.proto\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Protocol\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -813,14 +779,82 @@
       },
       "references": [
         {
+          "name": "search_0",
           "type": "search",
+          "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "adc09360-49c7-11ea-812f-2bc51df4ea1e",
+      "type": "visualization",
+      "updated_at": "2020-02-12T23:21:07.483Z",
+      "version": "WzgzMiwxXQ==",
+      "attributes": {
+        "title": "Network Layer",
+        "visState": "{\"title\":\"Network Layer\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Network Layer\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"network.type\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Network Layer\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
+      "type": "search",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
+      "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/ae79b7d1-4281-4095-b2f6-fa7eafda9970.json b/kibana/dashboards/ae79b7d1-4281-4095-b2f6-fa7eafda9970.json
index 7fa6a732e..ea73c10b9 100644
--- a/kibana/dashboards/ae79b7d1-4281-4095-b2f6-fa7eafda9970.json
+++ b/kibana/dashboards/ae79b7d1-4281-4095-b2f6-fa7eafda9970.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "ae79b7d1-4281-4095-b2f6-fa7eafda9970",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1NSwxXQ==",
+      "updated_at": "2020-02-12T18:23:50.969Z",
+      "version": "WzEwMjYsMV0=",
       "attributes": {
         "title": "RADIUS",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":56,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":8,\"y\":32,\"w\":14,\"h\":24,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":22,\"y\":32,\"w\":14,\"h\":24,\"i\":\"7\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":24,\"y\":56,\"w\":24,\"h\":24,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":0,\"y\":56,\"w\":24,\"h\":24,\"i\":\"9\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"11\",\"gridData\":{\"x\":0,\"y\":80,\"w\":48,\"h\":24,\"i\":\"11\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"12\",\"gridData\":{\"x\":36,\"y\":32,\"w\":12,\"h\":24,\"i\":\"12\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":24,\"i\":\"15\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}},{\"panelIndex\":\"16\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":24,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":49,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":27,\"w\":14,\"h\":22,\"i\":\"6\"},\"panelIndex\":\"6\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":22,\"y\":27,\"w\":14,\"h\":22,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":49,\"w\":24,\"h\":24,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":49,\"w\":24,\"h\":24,\"i\":\"9\"},\"panelIndex\":\"9\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":36,\"y\":27,\"w\":12,\"h\":22,\"i\":\"12\"},\"panelIndex\":\"12\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":28,\"y\":8,\"w\":20,\"h\":19,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":20,\"h\":19,\"i\":\"16\"},\"panelIndex\":\"16\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":73,\"w\":48,\"h\":35,\"i\":\"1422b8a5-559d-4c37-91aa-cc36a293ddff\"},\"panelIndex\":\"1422b8a5-559d-4c37-91aa-cc36a293ddff\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"}}"
         }
       },
       "references": [
@@ -51,28 +51,28 @@
         },
         {
           "name": "panel_6",
-          "type": "search",
-          "id": "33bc7949-5692-4044-9e3c-0791dc7d70c0"
+          "type": "visualization",
+          "id": "df8a9a16-7dc6-4004-91c0-337d7c7d6b4c"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "df8a9a16-7dc6-4004-91c0-337d7c7d6b4c"
+          "id": "AWDHCgWzxQT5EBNmq4Y5"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHCgWzxQT5EBNmq4Y5"
+          "id": "56f04556-a0c9-4b82-878b-8d5d9f29edd6"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "56f04556-a0c9-4b82-878b-8d5d9f29edd6"
+          "id": "0299c83a-bd6c-40e6-bd18-01ee324ae7b0"
         },
         {
           "name": "panel_10",
-          "type": "visualization",
-          "id": "0299c83a-bd6c-40e6-bd18-01ee324ae7b0"
+          "type": "search",
+          "id": "33bc7949-5692-4044-9e3c-0791dc7d70c0"
         }
       ],
       "migrationVersion": {
@@ -82,11 +82,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -102,8 +102,8 @@
     {
       "id": "4a3b4d78-6adc-4e6f-a7ae-180c6a58e49f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ0NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -129,8 +129,8 @@
     {
       "id": "799ed170-b759-4b14-8a05-8fbdb356ec0e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ0NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -156,8 +156,8 @@
     {
       "id": "6f92b5d9-82b3-477f-9cd5-a68d62a2c804",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ0NywxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0NSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -183,8 +183,8 @@
     {
       "id": "45e768b2-e4b3-4e3f-8f1f-9a9300dedce6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ0OCwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - MAC\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_radius.mac\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MAC Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -210,8 +210,8 @@
     {
       "id": "5d64df1a-dc17-475a-ac3b-99e5c4c244f6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ0OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - Connection Information\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_radius.connect_info\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Connection Info\"}}],\"listeners\":{}}",
         "description": "",
@@ -234,50 +234,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "33bc7949-5692-4044-9e3c-0791dc7d70c0",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1MCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "RADIUS - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:radius\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "df8a9a16-7dc6-4004-91c0-337d7c7d6b4c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1MSwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY0OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RADIUS - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -303,8 +264,8 @@
     {
       "id": "AWDHCgWzxQT5EBNmq4Y5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY1MCwxXQ==",
       "attributes": {
         "title": "RADIUS - Log Count",
         "visState": "{\"title\":\"RADIUS - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -330,8 +291,8 @@
     {
       "id": "56f04556-a0c9-4b82-878b-8d5d9f29edd6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1MywxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY1MSwxXQ==",
       "attributes": {
         "title": "RADIUS - Username",
         "visState": "{\"title\":\"RADIUS - Username\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.user\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}}]}",
@@ -357,8 +318,8 @@
     {
       "id": "0299c83a-bd6c-40e6-bd18-01ee324ae7b0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:46.215Z",
-      "version": "WzQ1NCwxXQ==",
+      "updated_at": "2020-02-12T15:00:48.864Z",
+      "version": "WzY1MiwxXQ==",
       "attributes": {
         "title": "RADIUS - Authentication Result",
         "visState": "{\"title\":\"RADIUS - Authentication Result\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_radius.result\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
@@ -380,6 +341,47 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "33bc7949-5692-4044-9e3c-0791dc7d70c0",
+      "type": "search",
+      "updated_at": "2020-02-12T18:23:26.526Z",
+      "version": "WzEwMjUsMV0=",
+      "attributes": {
+        "title": "RADIUS - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek.user",
+          "zeek_radius.mac",
+          "zeek_radius.framed_addr",
+          "zeek_radius.result",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:radius\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/af5df620-eeb6-11e9-bdef-65a192b7f586.json b/kibana/dashboards/af5df620-eeb6-11e9-bdef-65a192b7f586.json
index 00fde0bad..a9c09b080 100644
--- a/kibana/dashboards/af5df620-eeb6-11e9-bdef-65a192b7f586.json
+++ b/kibana/dashboards/af5df620-eeb6-11e9-bdef-65a192b7f586.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "af5df620-eeb6-11e9-bdef-65a192b7f586",
@@ -10,7 +10,7 @@
         "title": "NTP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":28,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":68,\"w\":48,\"h\":29,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":28,\"w\":24,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":19,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":27,\"y\":8,\"w\":21,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":28,\"w\":24,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":48,\"w\":24,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"x\":24,\"y\":48,\"w\":24,\"h\":20,\"i\":\"13\"},\"version\":\"7.5.1\",\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":28,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":68,\"w\":48,\"h\":29,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":28,\"w\":24,\"h\":20,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":8,\"w\":19,\"h\":20,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":27,\"y\":8,\"w\":21,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":28,\"w\":24,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":48,\"w\":24,\"h\":20,\"i\":\"12\"},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"x\":24,\"y\":48,\"w\":24,\"h\":20,\"i\":\"13\"},\"version\":\"7.6.2\",\"panelIndex\":\"13\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -81,7 +81,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/b50c8d17-6ed3-4de6-aed4-5181032810b2.json b/kibana/dashboards/b50c8d17-6ed3-4de6-aed4-5181032810b2.json
index 6e1917e34..62aec75ea 100644
--- a/kibana/dashboards/b50c8d17-6ed3-4de6-aed4-5181032810b2.json
+++ b/kibana/dashboards/b50c8d17-6ed3-4de6-aed4-5181032810b2.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "b50c8d17-6ed3-4de6-aed4-5181032810b2",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:48.251Z",
-      "version": "WzQ3MCwxXQ==",
+      "updated_at": "2020-02-13T15:35:28.915Z",
+      "version": "WzkyNywxXQ==",
       "attributes": {
         "title": "Connections - Source - Originator Bytes",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{\"mapCenter\":[25.16517336866393,0.17578125],\"mapZoom\":2}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"5a871ebe-5904-4f52-ab3a-e3da4846933d\"},\"panelIndex\":\"5a871ebe-5904-4f52-ab3a-e3da4846933d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"3b635110-907e-457a-bfdf-b86a667a8483\"},\"panelIndex\":\"3b635110-907e-457a-bfdf-b86a667a8483\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "e959f9f2-e154-417f-a530-e1d7744ab9e4"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,8 +67,8 @@
     {
       "id": "e959f9f2-e154-417f-a530-e1d7744ab9e4",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:48.251Z",
-      "version": "WzQ2OCwxXQ==",
+      "updated_at": "2020-02-13T14:16:50.828Z",
+      "version": "WzY2OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Source - Originator Bytes\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.orig_bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.source_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/b9f247c0-3f99-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/b9f247c0-3f99-11e9-a58e-8bdedb0915e8.json
index 6749c245b..8f6324f4e 100644
--- a/kibana/dashboards/b9f247c0-3f99-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/b9f247c0-3f99-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "b9f247c0-3f99-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:49.282Z",
-      "version": "WzQ3NCwxXQ==",
+      "updated_at": "2020-02-13T15:38:11.270Z",
+      "version": "WzkzOCwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Top Connection Duration (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"c96be8c5-f3a1-4d01-a747-66cc2d298318\"},\"panelIndex\":\"c96be8c5-f3a1-4d01-a747-66cc2d298318\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"266c822f-c268-4e47-a53e-90b6ecf74660\"},\"panelIndex\":\"266c822f-c268-4e47-a53e-90b6ecf74660\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "9b1b6960-3f96-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,12 +67,12 @@
     {
       "id": "9b1b6960-3f96-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:49.282Z",
-      "version": "WzQ3MiwxXQ==",
+      "updated_at": "2020-02-13T14:47:59.790Z",
+      "version": "Wzg3NSwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Top Connection Duration (region map)",
-        "visState": "{\"title\":\"Connections - Destination - Top Connection Duration (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\",\"customLabel\":\"Longest Session (seconds)\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
-        "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
+        "visState": "{\"title\":\"Connections - Destination - Top Connection Duration (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\"}},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Longest Session (seconds)\",\"aggType\":\"max\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Responder Country\",\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\",\"customLabel\":\"Longest Session (seconds)\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstGEO\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Responder Country\"}}]}",
+        "uiStateJSON": "{\"mapCenter\":[38.28591031601368,16.875000000000004],\"mapZoom\":3}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -72,8 +82,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/bb827f8e-639e-468c-93c8-9f5bc132eb8f.json b/kibana/dashboards/bb827f8e-639e-468c-93c8-9f5bc132eb8f.json
index bbcd37232..94fb63ec2 100644
--- a/kibana/dashboards/bb827f8e-639e-468c-93c8-9f5bc132eb8f.json
+++ b/kibana/dashboards/bb827f8e-639e-468c-93c8-9f5bc132eb8f.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "bb827f8e-639e-468c-93c8-9f5bc132eb8f",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ5MCwxXQ==",
+      "updated_at": "2020-02-12T19:41:07.956Z",
+      "version": "WzExNDYsMV0=",
       "attributes": {
         "title": "SMTP",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":32,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"gridData\":{\"w\":20,\"h\":12,\"x\":8,\"y\":8,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":80,\"i\":\"9\"},\"panelIndex\":\"9\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":80,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"w\":20,\"h\":12,\"x\":28,\"y\":8,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":56,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":16,\"y\":56,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"gridData\":{\"w\":48,\"h\":28,\"x\":0,\"y\":104,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"embeddableConfig\":{},\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":32,\"i\":\"16\"},\"panelIndex\":\"16\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\"},{\"gridData\":{\"w\":20,\"h\":12,\"x\":28,\"y\":20,\"i\":\"17\"},\"panelIndex\":\"17\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":20,\"h\":12,\"x\":8,\"y\":20,\"i\":\"18\"},\"panelIndex\":\"18\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"w\":12,\"h\":24,\"x\":36,\"y\":56,\"i\":\"19\"},\"panelIndex\":\"19\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\"},{\"embeddableConfig\":{},\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"20\"},\"panelIndex\":\"20\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_14\"}]",
+        "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":29,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"6\",\"w\":40,\"x\":8,\"y\":23},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"7\",\"w\":20,\"x\":8,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"9\",\"w\":24,\"x\":0,\"y\":45},\"panelIndex\":\"9\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"10\",\"w\":24,\"x\":24,\"y\":45},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"11\",\"w\":10,\"x\":28,\"y\":8},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"13\",\"w\":13,\"x\":0,\"y\":65},\"panelIndex\":\"13\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"14\",\"w\":13,\"x\":13,\"y\":65},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"16\",\"w\":22,\"x\":26,\"y\":65},\"panelIndex\":\"16\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"19\",\"w\":8,\"x\":0,\"y\":29},\"panelIndex\":\"19\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"20\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"20\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_11\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"633e2c8c-ef8e-48b1-b0a4-546a5adff4e4\",\"w\":10,\"x\":38,\"y\":8},\"panelIndex\":\"633e2c8c-ef8e-48b1-b0a4-546a5adff4e4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_12\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":40,\"i\":\"10319c5c-00bb-41a9-bbab-010e21fd4dfb\",\"w\":48,\"x\":0,\"y\":85},\"panelIndex\":\"10319c5c-00bb-41a9-bbab-010e21fd4dfb\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_13\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -66,33 +66,28 @@
         },
         {
           "name": "panel_9",
-          "type": "search",
-          "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
+          "type": "visualization",
+          "id": "d622d8f0-64ce-45a6-8d66-9b04ddea2548"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "d622d8f0-64ce-45a6-8d66-9b04ddea2548"
+          "id": "70d51476-219d-4792-b5fd-aee9992e1345"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "bb1b9db7-3932-435c-b9bb-cdeaa004019b"
+          "id": "AWDHDsr0xQT5EBNmq4gw"
         },
         {
           "name": "panel_12",
           "type": "visualization",
-          "id": "30588ef1-65cf-46e5-bca7-79112123d6b6"
+          "id": "38de7940-4dcd-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_13",
-          "type": "visualization",
-          "id": "70d51476-219d-4792-b5fd-aee9992e1345"
-        },
-        {
-          "name": "panel_14",
-          "type": "visualization",
-          "id": "AWDHDsr0xQT5EBNmq4gw"
+          "type": "search",
+          "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
         }
       ],
       "migrationVersion": {
@@ -102,11 +97,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -122,8 +117,8 @@
     {
       "id": "815aba5e-16e2-4fa1-ab37-b09c39562fe4",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ3NiwxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY3NCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -149,8 +144,8 @@
     {
       "id": "63a89f9a-274c-4baa-9336-0d7cd6851bb6",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ3NywxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY3NSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - Subject\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smtp.subject\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"SMTP\"}}],\"listeners\":{}}",
         "description": "",
@@ -176,11 +171,11 @@
     {
       "id": "7e16fa6b-1793-4dcd-a19b-ff251bbd0265",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ3OCwxXQ==",
+      "updated_at": "2020-02-12T19:21:30.644Z",
+      "version": "WzExMTksMV0=",
       "attributes": {
         "title": "SMTP  - Destination Country",
-        "visState": "{\"title\":\"SMTP  - Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Country\"}}]}",
+        "visState": "{\"title\":\"SMTP  - Destination Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Country\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Country\"}}]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -191,8 +186,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
         }
       ],
@@ -203,8 +198,8 @@
     {
       "id": "de856f53-42d1-4ffc-8182-5f275cf40006",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ3OSwxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY3NywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - \\\"From\\\" Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smtp.mailfrom\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\\\"From\\\" Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -230,8 +225,8 @@
     {
       "id": "45314b56-b8ba-4a89-9cb0-8d2a0e7ebd2e",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4MCwxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY3OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - \\\"To\\\" Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smtp.rcptto\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\\\"To\\\" Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -257,13 +252,13 @@
     {
       "id": "77e86ab5-725a-4512-8c05-5250529b4385",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4MSwxXQ==",
+      "updated_at": "2020-02-12T19:22:32.887Z",
+      "version": "WzExMjIsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"SMTP - TLS\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_smtp.tls\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "SMTP - TLS",
-        "uiStateJSON": "{}",
+        "visState": "{\"title\":\"SMTP - TLS\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Using TLS\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_smtp.tls\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Using TLS\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -272,8 +267,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
         }
       ],
@@ -284,8 +279,8 @@
     {
       "id": "ab85a06b-e513-4c8b-b80b-7283f5f1b066",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4MiwxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY4MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -311,8 +306,8 @@
     {
       "id": "ceaa93c5-1a76-469b-b3b3-bf4f9d6315c5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4MywxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY4MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -335,50 +330,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4NCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SMTP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:smtp\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "d622d8f0-64ce-45a6-8d66-9b04ddea2548",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4NSwxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY4MywxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SMTP - User Agent\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_smtp.user_agent\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
         "description": "",
@@ -402,15 +358,15 @@
       }
     },
     {
-      "id": "bb1b9db7-3932-435c-b9bb-cdeaa004019b",
+      "id": "70d51476-219d-4792-b5fd-aee9992e1345",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4NiwxXQ==",
+      "updated_at": "2020-02-12T19:26:48.647Z",
+      "version": "WzExMjgsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"SMTP - Webmail - True/False\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"Webmail\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_smtp.is_webmail\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Webmail\"}}],\"listeners\":{}}",
+        "title": "SMTP - Destination Port",
+        "visState": "{\"title\":\"SMTP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":5,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Port\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
-        "title": "SMTP - Webmail - True/False",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -419,8 +375,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
         }
       ],
@@ -429,15 +385,15 @@
       }
     },
     {
-      "id": "30588ef1-65cf-46e5-bca7-79112123d6b6",
+      "id": "AWDHDsr0xQT5EBNmq4gw",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4NywxXQ==",
+      "updated_at": "2020-02-12T15:00:52.948Z",
+      "version": "WzY4NywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SMTP - TLS - True/False\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"TLS\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_smtp.tls\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"TLS\"}}],\"listeners\":{}}",
+        "title": "SMTP - Log Count",
+        "visState": "{\"title\":\"SMTP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "SMTP - TLS - True/False",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -456,15 +412,15 @@
       }
     },
     {
-      "id": "70d51476-219d-4792-b5fd-aee9992e1345",
+      "id": "38de7940-4dcd-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4OCwxXQ==",
+      "updated_at": "2020-02-12T19:24:00.595Z",
+      "version": "WzExMjQsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"SMTP - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
+        "title": "SMTP - Webmail",
+        "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Is Webmail\",\"field\":\"zeek_smtp.is_webmail\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":20},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Unknown\",\"otherBucketLabel\":\"Other\",\"parsedUrl\":{\"basePath\":\"/kibana\",\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\"}}},\"label\":\"Using TLS\",\"params\":{}}],\"metric\":{\"accessor\":1,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"label\":\"Count\",\"params\":{}}},\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":true,\"truncate\":100,\"values\":false},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"SMTP - Webmail\",\"type\":\"pie\"}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
-        "title": "SMTP - Destination Port",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -473,8 +429,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
         }
       ],
@@ -483,30 +439,43 @@
       }
     },
     {
-      "id": "AWDHDsr0xQT5EBNmq4gw",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:50.306Z",
-      "version": "WzQ4OSwxXQ==",
+      "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff",
+      "type": "search",
+      "updated_at": "2020-02-12T19:39:39.650Z",
+      "version": "WzExNDMsMV0=",
       "attributes": {
-        "title": "SMTP - Log Count",
-        "visState": "{\"title\":\"SMTP - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "SMTP - Logs",
         "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek_smtp.x_originating_ip",
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_smtp.mailfrom",
+          "zeek_smtp.user_agent",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:smtp\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
-          "type": "search",
-          "name": "search_0",
-          "id": "c999cb1b-03c8-446e-92ea-addad33ac1ff"
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
         }
       ],
       "migrationVersion": {
-        "visualization": "7.4.2"
+        "search": "7.4.0"
       }
     }
   ]
diff --git a/kibana/dashboards/bed185a0-ef82-11e9-b38a-2db3ee640e88.json b/kibana/dashboards/bed185a0-ef82-11e9-b38a-2db3ee640e88.json
index 42259d51b..111b2b3ef 100644
--- a/kibana/dashboards/bed185a0-ef82-11e9-b38a-2db3ee640e88.json
+++ b/kibana/dashboards/bed185a0-ef82-11e9-b38a-2db3ee640e88.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "bed185a0-ef82-11e9-b38a-2db3ee640e88",
@@ -10,7 +10,7 @@
         "title": "Tabular Data Stream",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":34,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":34,\"w\":48,\"h\":30,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":7,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":15,\"y\":0,\"w\":33,\"h\":14,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":14,\"w\":11,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"x\":35,\"y\":14,\"w\":13,\"h\":20,\"i\":\"7\"},\"version\":\"7.5.1\",\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":34,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":34,\"w\":48,\"h\":30,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":7,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":15,\"y\":0,\"w\":33,\"h\":14,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":16,\"h\":20,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":14,\"w\":11,\"h\":20,\"i\":\"6\"},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"gridData\":{\"x\":35,\"y\":14,\"w\":13,\"h\":20,\"i\":\"7\"},\"version\":\"7.6.2\",\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -66,7 +66,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/caef3ade-d289-4d05-a511-149f3e97f238.json b/kibana/dashboards/caef3ade-d289-4d05-a511-149f3e97f238.json
index f50d9e94b..39c63f76b 100644
--- a/kibana/dashboards/caef3ade-d289-4d05-a511-149f3e97f238.json
+++ b/kibana/dashboards/caef3ade-d289-4d05-a511-149f3e97f238.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "caef3ade-d289-4d05-a511-149f3e97f238",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUxMCwxXQ==",
+      "updated_at": "2020-02-12T20:23:39.553Z",
+      "version": "WzExOTcsMV0=",
       "attributes": {
         "title": "SSH",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":56,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":8,\"y\":32,\"w\":14,\"h\":24,\"i\":\"7\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":22,\"y\":32,\"w\":14,\"h\":24,\"i\":\"8\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":0,\"y\":80,\"w\":48,\"h\":24,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"11\",\"gridData\":{\"x\":36,\"y\":32,\"w\":12,\"h\":24,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":36,\"y\":8,\"w\":12,\"h\":24,\"i\":\"12\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{}},{\"panelIndex\":\"13\",\"gridData\":{\"x\":0,\"y\":56,\"w\":48,\"h\":24,\"i\":\"13\"},\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":8,\"y\":8,\"w\":28,\"h\":24,\"i\":\"15\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":30,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":30,\"w\":17,\"h\":22,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":17,\"y\":30,\"w\":17,\"h\":22,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":34,\"y\":30,\"w\":14,\"h\":22,\"i\":\"11\"},\"panelIndex\":\"11\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_4\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":52,\"w\":18,\"h\":21,\"i\":\"13\"},\"panelIndex\":\"13\",\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"panelRefName\":\"panel_5\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"14\"},\"panelIndex\":\"14\",\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"panelRefName\":\"panel_6\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":20,\"y\":8,\"w\":28,\"h\":22,\"i\":\"15\"},\"panelIndex\":\"15\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":8,\"w\":12,\"h\":22,\"i\":\"1becdc6f-a3f4-46f7-b5b0-72a67a679e0f\"},\"panelIndex\":\"1becdc6f-a3f4-46f7-b5b0-72a67a679e0f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":18,\"y\":52,\"w\":15,\"h\":21,\"i\":\"68d1576b-a947-46f9-a99d-b951a09a95c7\"},\"panelIndex\":\"68d1576b-a947-46f9-a99d-b951a09a95c7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":33,\"y\":52,\"w\":15,\"h\":21,\"i\":\"4a419bd4-4f84-446b-b269-1f6f1c2c27fe\"},\"panelIndex\":\"4a419bd4-4f84-446b-b269-1f6f1c2c27fe\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":73,\"w\":24,\"h\":21,\"i\":\"db42e16c-0961-4dda-a58a-dd44b5197bcf\"},\"panelIndex\":\"db42e16c-0961-4dda-a58a-dd44b5197bcf\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":24,\"y\":73,\"w\":24,\"h\":21,\"i\":\"26424c79-7bf6-45f0-bf5c-ca687818490b\"},\"panelIndex\":\"26424c79-7bf6-45f0-bf5c-ca687818490b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_12\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":94,\"w\":48,\"h\":36,\"i\":\"4afc3dad-4ba2-4e21-9f31-87453145b668\"},\"panelIndex\":\"4afc3dad-4ba2-4e21-9f31-87453145b668\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -41,33 +41,53 @@
         },
         {
           "name": "panel_4",
-          "type": "search",
-          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
+          "type": "visualization",
+          "id": "1b6d266e-e726-4fcb-b752-6cf55322c900"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "1b6d266e-e726-4fcb-b752-6cf55322c900"
+          "id": "4d7cb8d4-9f67-4469-b3f5-74d6fb942d35"
         },
         {
           "name": "panel_6",
           "type": "visualization",
-          "id": "78fd6107-9ac0-4415-b1ff-55da745835c8"
+          "id": "AWDHEYk4xQT5EBNmq4k5"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "4d7cb8d4-9f67-4469-b3f5-74d6fb942d35"
+          "id": "35ca43f9-14cc-4266-8a55-25f859530ba2"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "AWDHEYk4xQT5EBNmq4k5"
+          "id": "eba2e900-4dd0-11ea-8336-d3388483188b"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "35ca43f9-14cc-4266-8a55-25f859530ba2"
+          "id": "baa06220-4dd4-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_10",
+          "type": "visualization",
+          "id": "90422180-4dd4-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_11",
+          "type": "visualization",
+          "id": "3760b940-4dd5-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_12",
+          "type": "visualization",
+          "id": "562d3ec0-4dd5-11ea-8336-d3388483188b"
+        },
+        {
+          "name": "panel_13",
+          "type": "search",
+          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
         }
       ],
       "migrationVersion": {
@@ -77,11 +97,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -97,8 +117,8 @@
     {
       "id": "14e6c4af-72c5-4ce3-94fc-0cb1d501af96",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwMSwxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzY5OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSH - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -124,8 +144,8 @@
     {
       "id": "17a08d5e-7ee7-43ed-b7f4-eaed153bdb7d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwMiwxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSH - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -151,8 +171,8 @@
     {
       "id": "71ef0954-81c5-4953-b455-f996b21e8f08",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwMywxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwMSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"SSH - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -176,53 +196,41 @@
       }
     },
     {
-      "id": "88a40703-9791-4f96-bc06-992f96c9b350",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwNCwxXQ==",
+      "id": "1b6d266e-e726-4fcb-b752-6cf55322c900",
+      "type": "visualization",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwMywxXQ==",
       "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
+        "visState": "{\"title\":\"SSH - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
-        "title": "SSH - Logs",
+        "title": "SSH - Destination Port",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ssh\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+          "searchSourceJSON": "{\"filter\":[]}"
         },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+        "savedSearchRefName": "search_0"
       },
       "references": [
         {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
+          "type": "search",
+          "name": "search_0",
+          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
         }
       ],
       "migrationVersion": {
-        "search": "7.4.0"
+        "visualization": "7.4.2"
       }
     },
     {
-      "id": "1b6d266e-e726-4fcb-b752-6cf55322c900",
+      "id": "4d7cb8d4-9f67-4469-b3f5-74d6fb942d35",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwNSwxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwNSwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SSH - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"SSH - Client/Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.client\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.server\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
         "description": "",
-        "title": "SSH - Destination Port",
+        "title": "SSH - Client/Server",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -242,15 +250,15 @@
       }
     },
     {
-      "id": "78fd6107-9ac0-4415-b1ff-55da745835c8",
+      "id": "AWDHEYk4xQT5EBNmq4k5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwNiwxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwNiwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SSH - Authentication Success\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{\"text\":\"Authentication Success\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssh.auth_success\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Authentication Success\"}}],\"listeners\":{}}",
+        "title": "SSH - Log Count",
+        "visState": "{\"title\":\"SSH - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
+        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
         "description": "",
-        "title": "SSH - Authentication Success",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -269,18 +277,18 @@
       }
     },
     {
-      "id": "4d7cb8d4-9f67-4469-b3f5-74d6fb942d35",
+      "id": "35ca43f9-14cc-4266-8a55-25f859530ba2",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwNywxXQ==",
+      "updated_at": "2020-02-12T15:00:55.035Z",
+      "version": "WzcwNywxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"SSH - Client/Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.client\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Client\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.server\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "SSH - Client/Server",
+        "title": "SSH -Server",
+        "visState": "{\"title\":\"SSH -Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.server\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
         },
         "savedSearchRefName": "search_0"
       },
@@ -296,25 +304,79 @@
       }
     },
     {
-      "id": "AWDHEYk4xQT5EBNmq4k5",
+      "id": "eba2e900-4dd0-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwOCwxXQ==",
+      "updated_at": "2020-02-12T19:50:29.007Z",
+      "version": "WzExNjUsMV0=",
       "attributes": {
-        "title": "SSH - Log Count",
-        "visState": "{\"title\":\"SSH - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}",
+        "title": "SSH - Version",
+        "visState": "{\"title\":\"SSH - Version\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":false,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"SSH Version\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_ssh.version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"SSH Version\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
+          "name": "search_0",
+          "type": "search",
+          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "baa06220-4dd4-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-12T20:17:44.770Z",
+      "version": "WzExODgsMV0=",
+      "attributes": {
+        "title": "SSH - Client Algorithms",
+        "visState": "{\"title\":\"SSH - Client Algorithms\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Algorithms Offered by Server\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.hasshAlgorithms\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Algorithms Offered by Client\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
+          "name": "search_0",
           "type": "search",
+          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "90422180-4dd4-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-12T20:17:00.578Z",
+      "version": "WzExODcsMV0=",
+      "attributes": {
+        "title": "SSH - Server Algorithms",
+        "visState": "{\"title\":\"SSH - Server Algorithms\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Algorithms Offered by Client\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.hasshServerAlgorithms\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Algorithms Offered by Server\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
           "name": "search_0",
+          "type": "search",
           "id": "88a40703-9791-4f96-bc06-992f96c9b350"
         }
       ],
@@ -323,31 +385,99 @@
       }
     },
     {
-      "id": "35ca43f9-14cc-4266-8a55-25f859530ba2",
+      "id": "3760b940-4dd5-11ea-8336-d3388483188b",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:52.344Z",
-      "version": "WzUwOSwxXQ==",
+      "updated_at": "2020-02-12T20:22:30.387Z",
+      "version": "WzExOTQsMV0=",
       "attributes": {
-        "title": "SSH -Server",
-        "visState": "{\"title\":\"SSH -Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.server\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}]}",
+        "title": "SSH - HASSH Client Hash",
+        "visState": "{\"title\":\"SSH - HASSH Client Hash\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"HASSH Client Hash\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.hassh\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"HASSH Client Hash\"}}]}",
         "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{}"
         },
         "savedSearchRefName": "search_0"
       },
       "references": [
         {
+          "name": "search_0",
           "type": "search",
+          "id": "88a40703-9791-4f96-bc06-992f96c9b350"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "562d3ec0-4dd5-11ea-8336-d3388483188b",
+      "type": "visualization",
+      "updated_at": "2020-02-12T20:22:05.740Z",
+      "version": "WzExOTMsMV0=",
+      "attributes": {
+        "title": "SSH - HASSH Server Hash",
+        "visState": "{\"title\":\"SSH - HASSH Server Hash\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"HASSH Client Hash\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssh.hasshServer\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"HASSH Server Hash\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{}"
+        },
+        "savedSearchRefName": "search_0"
+      },
+      "references": [
+        {
           "name": "search_0",
+          "type": "search",
           "id": "88a40703-9791-4f96-bc06-992f96c9b350"
         }
       ],
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "88a40703-9791-4f96-bc06-992f96c9b350",
+      "type": "search",
+      "updated_at": "2020-02-12T20:12:43.078Z",
+      "version": "WzExODEsMV0=",
+      "attributes": {
+        "title": "SSH - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_ssh.auth_success",
+          "zeek_ssh.sshka",
+          "zeek_ssh.cipher_alg",
+          "zeek_ssh.mac_alg",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:ssh\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/d15a9d40-5c3e-492f-8e17-67a5d6862a3a.json b/kibana/dashboards/d15a9d40-5c3e-492f-8e17-67a5d6862a3a.json
deleted file mode 100644
index 42d47b481..000000000
--- a/kibana/dashboards/d15a9d40-5c3e-492f-8e17-67a5d6862a3a.json
+++ /dev/null
@@ -1,845 +0,0 @@
-{
-  "version": "7.5.1",
-  "objects": [
-    {
-      "id": "d15a9d40-5c3e-492f-8e17-67a5d6862a3a",
-      "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzNSwxXQ==",
-      "attributes": {
-        "title": "Indicator",
-        "hits": 0,
-        "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"2\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":0,\"i\":\"2\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"4\",\"gridData\":{\"w\":32,\"h\":24,\"x\":16,\"y\":120,\"i\":\"4\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":144,\"i\":\"5\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"6\",\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":144,\"i\":\"6\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":180,\"i\":\"8\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"9\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":180,\"i\":\"9\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":20,\"h\":24,\"x\":8,\"y\":24,\"i\":\"13\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":120,\"i\":\"16\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"18\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":48,\"i\":\"18\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\",\"embeddableConfig\":{\"columns\":[\"node\",\"alert_level\",\"description\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"19\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":204,\"i\":\"19\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"20\",\"gridData\":{\"w\":48,\"h\":12,\"x\":0,\"y\":168,\"i\":\"20\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"panelIndex\":\"21\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":144,\"i\":\"21\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\",\"embeddableConfig\":{}},{\"panelIndex\":\"22\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":96,\"i\":\"22\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_13\"},{\"panelIndex\":\"23\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":96,\"i\":\"23\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_14\"},{\"panelIndex\":\"24\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":24,\"i\":\"24\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_15\"},{\"panelIndex\":\"26\",\"gridData\":{\"w\":20,\"h\":24,\"x\":28,\"y\":0,\"i\":\"26\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_16\",\"embeddableConfig\":{}},{\"panelIndex\":\"27\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":72,\"i\":\"27\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_17\",\"embeddableConfig\":{}},{\"panelIndex\":\"28\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":72,\"i\":\"28\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_18\",\"embeddableConfig\":{}}]",
-        "optionsJSON": "{\"useMargins\":true}",
-        "version": 1,
-        "timeRestore": false,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
-        }
-      },
-      "references": [
-        {
-          "name": "panel_0",
-          "type": "visualization",
-          "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3"
-        },
-        {
-          "name": "panel_1",
-          "type": "visualization",
-          "id": "4f606c47-ce70-4546-84c0-47d3fafb5751"
-        },
-        {
-          "name": "panel_2",
-          "type": "visualization",
-          "id": "8a3a0bd6-555d-45c6-bf3d-d2b8598e9926"
-        },
-        {
-          "name": "panel_3",
-          "type": "visualization",
-          "id": "2c18f5be-4023-40fb-8de6-7b490045520b"
-        },
-        {
-          "name": "panel_4",
-          "type": "visualization",
-          "id": "44d6d5ce-bdf6-46d3-ad97-a30ebda437fa"
-        },
-        {
-          "name": "panel_5",
-          "type": "visualization",
-          "id": "c3c266ad-58c5-45f4-a463-180b531bd96e"
-        },
-        {
-          "name": "panel_6",
-          "type": "visualization",
-          "id": "be7d9516-7555-407f-9971-0394c7e822e4"
-        },
-        {
-          "name": "panel_7",
-          "type": "visualization",
-          "id": "cc206fe4-dad8-4e98-8bee-648186e6f160"
-        },
-        {
-          "name": "panel_8",
-          "type": "visualization",
-          "id": "727d7b36-4153-4c51-b723-2700a3c815f1"
-        },
-        {
-          "name": "panel_9",
-          "type": "search",
-          "id": "58822c6d-5c84-4d33-a623-ce740be2c057"
-        },
-        {
-          "name": "panel_10",
-          "type": "search",
-          "id": "c97bc964-5319-41e7-ad22-db28156a2ac1"
-        },
-        {
-          "name": "panel_11",
-          "type": "visualization",
-          "id": "e22ccafa-aad2-4897-8a15-ca114f31464c"
-        },
-        {
-          "name": "panel_12",
-          "type": "visualization",
-          "id": "a6cacf2a-7cf5-4991-be10-474429651b51"
-        },
-        {
-          "name": "panel_13",
-          "type": "visualization",
-          "id": "8486949c-3592-4831-9020-59bfd968ccfa"
-        },
-        {
-          "name": "panel_14",
-          "type": "visualization",
-          "id": "a3d7ae56-264b-4e8f-9c45-242bff74179d"
-        },
-        {
-          "name": "panel_15",
-          "type": "visualization",
-          "id": "519823ff-ee5b-4051-9dd5-0467e595ab25"
-        },
-        {
-          "name": "panel_16",
-          "type": "visualization",
-          "id": "40d65c7d-c62a-4115-80dd-ba239ee74df6"
-        },
-        {
-          "name": "panel_17",
-          "type": "visualization",
-          "id": "45ccdb84-8eec-45ca-b7d3-dd8e28fa8ee7"
-        },
-        {
-          "name": "panel_18",
-          "type": "visualization",
-          "id": "cc670ed6-87d2-494e-91ee-4a84be7cadc4"
-        }
-      ],
-      "migrationVersion": {
-        "dashboard": "7.3.0"
-      }
-    },
-    {
-      "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
-      "attributes": {
-        "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
-        "uiStateJSON": "{}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
-        }
-      },
-      "references": [],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "4f606c47-ce70-4546-84c0-47d3fafb5751",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxMiwxXQ==",
-      "attributes": {
-        "title": "Data Types",
-        "visState": "{\"title\":\"Data Types\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.logType\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Data Type\"}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "c97bc964-5319-41e7-ad22-db28156a2ac1"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "8a3a0bd6-555d-45c6-bf3d-d2b8598e9926",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxMywxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"DNS - Query/Answer\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.query\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_dns.answers\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Answer\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "DNS - Query/Answer",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "2c18f5be-4023-40fb-8de6-7b490045520b",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNCwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"HTTP - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - Source IP Address",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "44d6d5ce-bdf6-46d3-ad97-a30ebda437fa",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNSwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"HTTP - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - Destination IP Address",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "c3c266ad-58c5-45f4-a463-180b531bd96e",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNiwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"HTTP - Sites\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Site\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - Sites",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "be7d9516-7555-407f-9971-0394c7e822e4",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxNywxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"HTTP - Sites Hosting EXEs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_http.host\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Site\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - Sites Hosting EXEs",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query_string\":{\"query\":\"\\\"application/x-dosexec\\\"\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        }
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "cc206fe4-dad8-4e98-8bee-648186e6f160",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxOCwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"NIDS - Alerts\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "NIDS - Alerts",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1a9147fe-9214-466e-9ae9-8e674a7a4631"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "727d7b36-4153-4c51-b723-2700a3c815f1",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUxOSwxXQ==",
-      "attributes": {
-        "title": "DNS - Query Class",
-        "visState": "{\"title\":\"DNS - Query Class\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_dns.qclass_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query Class\"}}]}",
-        "uiStateJSON": "{}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "58822c6d-5c84-4d33-a623-ce740be2c057",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "OSSEC - Alerts",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[{\"meta\":{\"negate\":false,\"key\":\"tags\",\"value\":\"alert\",\"disabled\":false,\"alias\":null,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match\":{\"tags\":{\"query\":\"alert\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ossec\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "alert_level",
-          "classification",
-          "description"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        },
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "c97bc964-5319-41e7-ad22-db28156a2ac1",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "All Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "e22ccafa-aad2-4897-8a15-ca114f31464c",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMiwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"HTTP - MIME Type\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":14,\"maxFontSize\":40},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_http.resp_mime_types\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MIME Type\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "HTTP - MIME Type",
-        "uiStateJSON": "{}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "a6cacf2a-7cf5-4991-be10-474429651b51",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyMywxXQ==",
-      "attributes": {
-        "title": "HTTP - Destination Port",
-        "visState": "{\"title\":\"HTTP - Destination Port\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":75},\"title\":{\"text\":\"Port\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}]}",
-        "uiStateJSON": "{}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "8486949c-3592-4831-9020-59bfd968ccfa",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyNCwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"SSL - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_ssl.server_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "SSL - Server",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "b945a684-0841-4e86-87aa-0f1af6fb6579"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "a3d7ae56-264b-4e8f-9c45-242bff74179d",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyNSwxXQ==",
-      "attributes": {
-        "title": "DNS - Server",
-        "visState": "{\"title\":\"DNS - Server\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Server\"}}],\"listeners\":{}}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "519823ff-ee5b-4051-9dd5-0467e595ab25",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU2OSwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"Notices - Notice Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.note\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type\"}}],\"listeners\":{}}",
-        "description": "",
-        "title": "Notices - Notice Type",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "40d65c7d-c62a-4115-80dd-ba239ee74df6",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyNywxXQ==",
-      "attributes": {
-        "title": "Sensors - Sensor and Services",
-        "visState": "{\"title\":\"Sensors - Sensor and Services\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"sensor_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Sensor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.service\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
-        "uiStateJSON": "{}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "c97bc964-5319-41e7-ad22-db28156a2ac1"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "45ccdb84-8eec-45ca-b7d3-dd8e28fa8ee7",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyOCwxXQ==",
-      "attributes": {
-        "title": "Top 50 - Source IP Address",
-        "visState": "{\"title\":\"Top 50 - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        }
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "cc670ed6-87d2-494e-91ee-4a84be7cadc4",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUyOSwxXQ==",
-      "attributes": {
-        "title": "Top 50 - Destination IP Address",
-        "visState": "{\"title\":\"Top 50 - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
-        "description": "",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        }
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "0b971165-4c39-42ed-b80d-8a8f5658a38e",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMCwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "DNS - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:dns\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "1762ad89-2039-4d70-8c2d-60b3e5a2c381",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "HTTP - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:http\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "dstIp",
-          "dstPort",
-          "zeek_http.resp_fuids",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "1a9147fe-9214-466e-9ae9-8e674a7a4631",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMiwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "NIDS - Alerts",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:snort\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "b945a684-0841-4e86-87aa-0f1af6fb6579",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:53.365Z",
-      "version": "WzUzMywxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "SSL - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:ssl\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
-    {
-      "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
-      "type": "search",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3NSwxXQ==",
-      "attributes": {
-        "title": "Notices - Logs",
-        "description": "",
-        "hits": 0,
-        "columns": [
-          "zeek_notice.note",
-          "srcIp",
-          "dstIp",
-          "zeek.uid",
-          "_id"
-        ],
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        }
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    }
-  ]
-}
\ No newline at end of file
diff --git a/kibana/dashboards/d41fe630-3f98-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/d41fe630-3f98-11e9-a58e-8bdedb0915e8.json
index 332203b06..cdff68619 100644
--- a/kibana/dashboards/d41fe630-3f98-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/d41fe630-3f98-11e9-a58e-8bdedb0915e8.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "d41fe630-3f98-11e9-a58e-8bdedb0915e8",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:54.394Z",
-      "version": "WzUzOSwxXQ==",
+      "updated_at": "2020-02-13T15:37:14.067Z",
+      "version": "WzkzMywxXQ==",
       "attributes": {
         "title": "Connections - Source - Originator Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"aa2d7102-11ce-426c-9979-82d5bd6d6d3b\"},\"panelIndex\":\"aa2d7102-11ce-426c-9979-82d5bd6d6d3b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"8519445c-b38a-4d86-bff3-e42b2b231ca4\"},\"panelIndex\":\"8519445c-b38a-4d86-bff3-e42b2b231ca4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"lucene\"}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "89122c10-3f94-11e9-a58e-8bdedb0915e8"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,12 +67,12 @@
     {
       "id": "89122c10-3f94-11e9-a58e-8bdedb0915e8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:54.394Z",
-      "version": "WzUzNywxXQ==",
+      "updated_at": "2020-02-13T14:46:55.253Z",
+      "version": "Wzg3MCwxXQ==",
       "attributes": {
         "title": "Connections - Source - Originator Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Source - Originator Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":2,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.orig_bytes\",\"customLabel\":\"Originator Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
-        "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
+        "visState": "{\"title\":\"Connections - Source - Originator Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":2,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"selectedTmsLayer\":{\"origin\":\"elastic_maps_service\",\"id\":\"road_map\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.maptiler.com\\\">MapTiler</a> | <a rel=\\\"noreferrer noopener\\\" href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a>\"}},\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Originator Bytes\",\"aggType\":\"cardinality\"},\"bucket\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Originator Country\",\"aggType\":\"terms\"}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.orig_bytes\",\"customLabel\":\"Originator Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
+        "uiStateJSON": "{\"mapCenter\":[37.73168660636539,16.171875000000004],\"mapZoom\":3}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -72,8 +82,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "52570870-e9d4-444f-a3df-e44c6757ed9f"
         }
       ],
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/d4fd6afd-15cb-42bf-8a25-03dd8e59b327.json b/kibana/dashboards/d4fd6afd-15cb-42bf-8a25-03dd8e59b327.json
index 1200e30e6..2af3415c3 100644
--- a/kibana/dashboards/d4fd6afd-15cb-42bf-8a25-03dd8e59b327.json
+++ b/kibana/dashboards/d4fd6afd-15cb-42bf-8a25-03dd8e59b327.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "d4fd6afd-15cb-42bf-8a25-03dd8e59b327",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:55.423Z",
-      "version": "WzU0MywxXQ==",
+      "updated_at": "2020-02-13T15:35:20.365Z",
+      "version": "WzkyNiwxXQ==",
       "attributes": {
         "title": "Connections - Destination - Responder Bytes",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{\"mapCenter\":[24.84656534821976,0.17578125],\"mapZoom\":2}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"d4b659f9-f6be-441e-a6c4-ea4acab7619d\"},\"panelIndex\":\"d4b659f9-f6be-441e-a6c4-ea4acab7619d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"a23bbf3d-6744-4dc7-a46a-50f450b6bff4\"},\"panelIndex\":\"a23bbf3d-6744-4dc7-a46a-50f450b6bff4\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "ba8e479e-49b0-427e-a919-72aa774cedba"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,8 +67,8 @@
     {
       "id": "ba8e479e-49b0-427e-a919-72aa774cedba",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:55.423Z",
-      "version": "WzU0MSwxXQ==",
+      "updated_at": "2020-02-13T14:16:57.026Z",
+      "version": "WzcyMCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Destination - Responder Bytes\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.resp_bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.destination_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/e09a4b86-29b5-4256-bb3b-802ac9f90404.json b/kibana/dashboards/e09a4b86-29b5-4256-bb3b-802ac9f90404.json
index 01a3383a8..55ce598cc 100644
--- a/kibana/dashboards/e09a4b86-29b5-4256-bb3b-802ac9f90404.json
+++ b/kibana/dashboards/e09a4b86-29b5-4256-bb3b-802ac9f90404.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "e09a4b86-29b5-4256-bb3b-802ac9f90404",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:56.449Z",
-      "version": "WzU0NywxXQ==",
+      "updated_at": "2020-02-13T15:36:49.938Z",
+      "version": "WzkzMSwxXQ==",
       "attributes": {
         "title": "Connections - Source - Top Connection Duration",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{\"mapCenter\":[14.604847155053898,0.17578125],\"mapZoom\":2}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":null},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"03359f20-178f-4878-b423-ec2b347e5d9a\"},\"panelIndex\":\"03359f20-178f-4878-b423-ec2b347e5d9a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"e854052a-b93b-4de5-8ae3-46cef99a54ce\"},\"panelIndex\":\"e854052a-b93b-4de5-8ae3-46cef99a54ce\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "66e7f9d4-2a90-4708-b313-ca1cc2dbd89f"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,8 +67,8 @@
     {
       "id": "66e7f9d4-2a90-4708-b313-ca1cc2dbd89f",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:56.449Z",
-      "version": "WzU0NSwxXQ==",
+      "updated_at": "2020-02-13T14:16:58.049Z",
+      "version": "WzcyNCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Source - Top Connection Duration\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.duration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.source_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/e76d05c0-eb9f-11e9-a384-0fcf32210194.json b/kibana/dashboards/e76d05c0-eb9f-11e9-a384-0fcf32210194.json
index b8fbe1d36..0b5e17bda 100644
--- a/kibana/dashboards/e76d05c0-eb9f-11e9-a384-0fcf32210194.json
+++ b/kibana/dashboards/e76d05c0-eb9f-11e9-a384-0fcf32210194.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "e76d05c0-eb9f-11e9-a384-0fcf32210194",
@@ -10,7 +10,7 @@
         "title": "S7comm",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":51,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":34,\"w\":20,\"h\":17,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":34,\"w\":20,\"h\":17,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":20,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":14,\"w\":20,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":51,\"w\":24,\"h\":20,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":51,\"w\":24,\"h\":20,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":35,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_9\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":51,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":16,\"y\":0,\"w\":32,\"h\":14,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":34,\"w\":20,\"h\":17,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":34,\"w\":20,\"h\":17,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":8,\"y\":14,\"w\":20,\"h\":20,\"i\":\"10\"},\"panelIndex\":\"10\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":28,\"y\":14,\"w\":20,\"h\":20,\"i\":\"11\"},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":51,\"w\":24,\"h\":20,\"i\":\"13\"},\"panelIndex\":\"13\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":51,\"w\":24,\"h\":20,\"i\":\"14\"},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":71,\"w\":48,\"h\":35,\"i\":\"15\"},\"panelIndex\":\"15\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -81,7 +81,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/dashboards/ed8a6640-3f98-11e9-a58e-8bdedb0915e8.json b/kibana/dashboards/ed8a6640-3f98-11e9-a58e-8bdedb0915e8.json
index 679477fcd..44b86efc3 100644
--- a/kibana/dashboards/ed8a6640-3f98-11e9-a58e-8bdedb0915e8.json
+++ b/kibana/dashboards/ed8a6640-3f98-11e9-a58e-8bdedb0915e8.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "ed8a6640-3f98-11e9-a58e-8bdedb0915e8",
@@ -10,7 +10,7 @@
         "title": "Connections - Source - Responder Bytes (region map)",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.5.1\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
+        "panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":44,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":40,\"i\":\"3\"},\"version\":\"7.6.2\",\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":[0,0],\"mapZoom\":3},\"panelRefName\":\"panel_1\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -41,7 +41,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -61,7 +61,7 @@
       "version": "WzU2MiwxXQ==",
       "attributes": {
         "title": "Connections - Source - Responder Bytes (region map)",
-        "visState": "{\"title\":\"Connections - Source - Responder Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"http://localhost:28991/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.resp_bytes\",\"customLabel\":\"Responder Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
+        "visState": "{\"title\":\"Connections - Source - Responder Bytes (region map)\",\"type\":\"region_map\",\"params\":{\"addTooltip\":true,\"colorSchema\":\"Green to Red\",\"emsHotLink\":null,\"isDisplayWarning\":false,\"legendPosition\":\"bottomright\",\"mapCenter\":[0,0],\"mapZoom\":3,\"outlineWeight\":1,\"selectedJoinField\":{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},\"selectedLayer\":{\"attribution\":\"https://exploratory.io/maps\",\"fields\":[{\"description\":\"Country Code\",\"name\":\"ISO_A2\"},{\"description\":\"Country Code2\",\"name\":\"WB_A2\"},{\"description\":\"Country Name\",\"name\":\"NAME\"}],\"format\":{\"type\":\"geojson\"},\"isEMS\":false,\"layerId\":\"self_hosted.World (offline)\",\"meta\":{\"feature_collection_path\":\"data\"},\"name\":\"World (offline)\",\"url\":\"/world.geojson\"},\"showAllShapes\":true,\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"zeek_conn.resp_bytes\",\"customLabel\":\"Responder Bytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"srcGEO\",\"size\":250,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Originator Country\"}}]}",
         "uiStateJSON": "{\"mapCenter\":[0,0],\"mapZoom\":3}",
         "description": "",
         "version": 1,
@@ -84,30 +84,32 @@
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-12T22:48:55.398Z",
+      "version": "WzgwMiwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/f1f09567-fc7f-450b-a341-19d2f2bb468b.json b/kibana/dashboards/f1f09567-fc7f-450b-a341-19d2f2bb468b.json
index c862ddd67..58252c53d 100644
--- a/kibana/dashboards/f1f09567-fc7f-450b-a341-19d2f2bb468b.json
+++ b/kibana/dashboards/f1f09567-fc7f-450b-a341-19d2f2bb468b.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "f1f09567-fc7f-450b-a341-19d2f2bb468b",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3OCwxXQ==",
+      "updated_at": "2020-02-13T19:30:36.016Z",
+      "version": "WzgzNSwxXQ==",
       "attributes": {
         "title": "Notices",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"4\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"4\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":8,\"h\":48,\"x\":0,\"y\":0,\"i\":\"5\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{}},{\"panelIndex\":\"7\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":48,\"i\":\"7\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":48,\"i\":\"8\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"11\",\"gridData\":{\"w\":24,\"h\":24,\"x\":0,\"y\":72,\"i\":\"11\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"12\",\"gridData\":{\"w\":24,\"h\":24,\"x\":24,\"y\":72,\"i\":\"12\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":136,\"i\":\"13\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\"},{\"panelIndex\":\"14\",\"gridData\":{\"w\":40,\"h\":16,\"x\":8,\"y\":32,\"i\":\"14\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_7\",\"embeddableConfig\":{}},{\"panelIndex\":\"15\",\"gridData\":{\"w\":48,\"h\":40,\"x\":0,\"y\":96,\"i\":\"15\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"16\"},\"embeddableConfig\":{},\"version\":\"7.3.0\",\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"17\",\"gridData\":{\"w\":48,\"h\":24,\"x\":0,\"y\":160,\"i\":\"17\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_10\",\"embeddableConfig\":{}},{\"panelIndex\":\"18\",\"gridData\":{\"w\":24,\"h\":24,\"x\":8,\"y\":8,\"i\":\"18\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_11\",\"embeddableConfig\":{}},{\"panelIndex\":\"19\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":8,\"i\":\"19\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\",\"embeddableConfig\":{}}]",
+        "panelsJSON": "[{\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":11,\"i\":\"4\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":30,\"i\":\"5\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"7\",\"w\":13,\"x\":0,\"y\":30},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"8\",\"w\":13,\"x\":13,\"y\":30},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"11\",\"w\":17,\"x\":8,\"y\":11},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"12\",\"w\":24,\"x\":24,\"y\":67},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"13\",\"w\":24,\"x\":0,\"y\":67},\"panelIndex\":\"13\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"14\",\"w\":11,\"x\":25,\"y\":11},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"}}}},\"gridData\":{\"h\":18,\"i\":\"15\",\"w\":48,\"x\":0,\"y\":49},\"panelIndex\":\"15\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":11,\"i\":\"16\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"16\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":24,\"i\":\"17\",\"w\":48,\"x\":0,\"y\":86},\"panelIndex\":\"17\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"18\",\"w\":22,\"x\":26,\"y\":30},\"panelIndex\":\"18\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_11\"},{\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}},\"gridData\":{\"h\":19,\"i\":\"19\",\"w\":12,\"x\":36,\"y\":11},\"panelIndex\":\"19\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_12\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"*\"}}"
         }
       },
       "references": [
@@ -92,13 +92,13 @@
     {
       "id": "0455b814-9b8e-4895-985d-c0d484bb025c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU2NSwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc2NiwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Notices - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
-        "description": "",
         "title": "Notices - Log Count Over Time",
+        "visState": "{\"title\":\"Notices - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"stacked\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"type\":\"line\",\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm:ss\"}},\"params\":{\"date\":true,\"interval\":\"PT1S\",\"intervalESValue\":1,\"intervalESUnit\":\"s\",\"format\":\"HH:mm:ss\",\"bounds\":{\"min\":\"2017-04-16T17:22:12.510Z\",\"max\":\"2017-04-16T17:23:40.195Z\"}},\"label\":\"firstPacket per second\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"timeRange\":{\"from\":\"2017-04-16T17:22:12.510Z\",\"to\":\"2017-04-16T17:23:40.195Z\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -107,8 +107,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
@@ -119,11 +119,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T19:05:04.060Z",
+      "version": "WzgwMCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -139,8 +139,8 @@
     {
       "id": "abb2c718-e1f5-4b59-9c3d-54082ee3a407",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU2NywxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc2OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Notices - Source IP Addresses\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -166,8 +166,8 @@
     {
       "id": "af961658-7f3d-4f88-b35f-76d1b6f49002",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU2OCwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc2OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Notices - Destination IP Addresses\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -193,13 +193,13 @@
     {
       "id": "519823ff-ee5b-4051-9dd5-0467e595ab25",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU2OSwxXQ==",
+      "updated_at": "2020-02-13T19:11:54.959Z",
+      "version": "WzgyMCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Notices - Notice Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.note\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Type\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "Notices - Notice Type",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "visState": "{\"title\":\"Notices - Notice Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Subcategory\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":\"desc\"}}}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -208,8 +208,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
@@ -220,8 +220,8 @@
     {
       "id": "8f4a6c67-6833-4c53-b874-4341df5f181d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3MCwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Notices - File MIME Type\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.file_mime_type\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"MIME Type\"}}],\"listeners\":{}}",
         "description": "",
@@ -247,8 +247,8 @@
     {
       "id": "47adad3a-a0d2-46eb-a957-1886abd4472d",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3MSwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Notices - File Description\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.file_desc\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Description\"}}],\"listeners\":{}}",
         "description": "",
@@ -274,11 +274,11 @@
     {
       "id": "8a911a83-3962-44b8-be39-b54532f51b46",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3MiwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3MywxXQ==",
       "attributes": {
         "title": "Notice - Destination Port",
-        "visState": "{\"title\":\"Notice - Destination Port\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Port\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}]}",
+        "visState": "{\"title\":\"Notice - Destination Port\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Port\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Port\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dstPort\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}}]}",
         "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
         "version": 1,
@@ -289,8 +289,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
@@ -301,13 +301,13 @@
     {
       "id": "8da041f0-ea80-4841-aabc-ae32c40f20c5",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3MywxXQ==",
+      "updated_at": "2020-02-13T19:18:14.196Z",
+      "version": "WzgyNCwxXQ==",
       "attributes": {
-        "visState": "{\"title\":\"Notice - Message/Sub-Message\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.msg\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Message\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Sub-Message\"}}],\"listeners\":{}}",
+        "title": "Notice - Message Details",
+        "visState": "{\"title\":\"Notice - Message Details\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Category\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Message\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Sub-Message\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Subcategory\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Category\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Subcategory\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.msg\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Message\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Sub-Message\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"}}}}",
         "description": "",
-        "title": "Notice - Message/Sub-Message",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -316,8 +316,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
@@ -328,8 +328,8 @@
     {
       "id": "AWDG1uC-xQT5EBNmq3dP",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3NCwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3NSwxXQ==",
       "attributes": {
         "title": "Notices - Log Count",
         "visState": "{\"title\":\"Notices - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -355,18 +355,18 @@
     {
       "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c",
       "type": "search",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3NSwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Notices - Logs",
         "description": "",
         "hits": 0,
         "columns": [
-          "zeek_notice.note",
+          "zeek_notice.category",
+          "zeek_notice.sub_category",
           "srcIp",
           "dstIp",
-          "zeek.uid",
-          "_id"
+          "zeek.uid"
         ],
         "sort": [
           [
@@ -376,7 +376,7 @@
         ],
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:notice\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
         }
       },
       "references": [
@@ -393,12 +393,12 @@
     {
       "id": "cd33ef1d-d5b8-43aa-8ae1-2534f0b79759",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3NiwxXQ==",
+      "updated_at": "2020-02-13T19:05:00.984Z",
+      "version": "Wzc3NywxXQ==",
       "attributes": {
-        "title": "Notices - Notice Types",
-        "visState": "{\"title\":\"Notices - Notice Types\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.note\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Note\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Destination IP Address\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "title": "Notices - Notice Types by Source and Destination",
+        "visState": "{\"title\":\"Notices - Notice Types by Source and Destination\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Note\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Source IP Address\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"ip\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination IP Address\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"-\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Notice Category\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Category\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_notice.sub_category\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":250,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"-\",\"customLabel\":\"Notice Subcategory\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP Address\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination IP Address\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":4,\"direction\":\"desc\"}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -408,8 +408,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
@@ -420,12 +420,12 @@
     {
       "id": "559cf002-6086-4655-908e-d1f757cd58a9",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:20:59.520Z",
-      "version": "WzU3NywxXQ==",
+      "updated_at": "2020-02-13T19:30:22.862Z",
+      "version": "WzgzNCwxXQ==",
       "attributes": {
         "title": "Notices - Destination Country",
-        "visState": "{\"title\":\"Notices - Destination Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
+        "visState": "{\"title\":\"Notices - Destination Country\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false,\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Destination Country\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek.destination_geo.country_name\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Country\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"desc\"}}}}",
         "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
@@ -435,8 +435,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "8f003748-a6f8-4244-9d4e-e38e4a48da4c"
         }
       ],
diff --git a/kibana/dashboards/f394057d-1b16-4174-b994-7045f423a416.json b/kibana/dashboards/f394057d-1b16-4174-b994-7045f423a416.json
index 2b72cb10c..b5454a926 100644
--- a/kibana/dashboards/f394057d-1b16-4174-b994-7045f423a416.json
+++ b/kibana/dashboards/f394057d-1b16-4174-b994-7045f423a416.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "f394057d-1b16-4174-b994-7045f423a416",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MiwxXQ==",
+      "updated_at": "2020-02-13T15:36:21.456Z",
+      "version": "WzkyOSwxXQ==",
       "attributes": {
         "title": "Connections - Source - Sum of Total Bytes",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"w\":8,\"h\":44,\"x\":0,\"y\":0,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"gridData\":{\"w\":40,\"h\":40,\"x\":8,\"y\":0,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\",\"embeddableConfig\":{\"mapCenter\":[24.84656534821976,0.17578125],\"mapZoom\":2}}]",
+        "panelsJSON": "[{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":23,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":8,\"y\":0,\"w\":40,\"h\":50,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{\"mapCenter\":null,\"mapZoom\":3},\"panelRefName\":\"panel_1\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":23,\"w\":8,\"h\":15,\"i\":\"0a22cd88-c236-4994-9b27-db3f5b731d7f\"},\"panelIndex\":\"0a22cd88-c236-4994-9b27-db3f5b731d7f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.6.2\",\"gridData\":{\"x\":0,\"y\":38,\"w\":8,\"h\":12,\"i\":\"4a3f5963-08e0-4206-aede-70e943fed585\"},\"panelIndex\":\"4a3f5963-08e0-4206-aede-70e943fed585\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}}}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -28,6 +28,16 @@
           "name": "panel_1",
           "type": "visualization",
           "id": "c964c032-31ce-4397-bac3-f6b625e66548"
+        },
+        {
+          "name": "panel_2",
+          "type": "visualization",
+          "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49"
+        },
+        {
+          "name": "panel_3",
+          "type": "visualization",
+          "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5"
         }
       ],
       "migrationVersion": {
@@ -37,11 +47,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-13T14:17:04.192Z",
+      "version": "Wzc3NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -57,8 +67,8 @@
     {
       "id": "c964c032-31ce-4397-bac3-f6b625e66548",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MCwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc1OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"Connections - Source - Sum of Total Bytes\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"totBytes\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek.source_geo.location\",\"autoPrecision\":true,\"useGeocentroid\":true,\"precision\":2}}],\"listeners\":{}}",
         "description": "",
@@ -81,33 +91,91 @@
         "visualization": "7.4.2"
       }
     },
+    {
+      "id": "623ef480-4e73-11ea-b4e7-0f540ddf3a49",
+      "type": "visualization",
+      "updated_at": "2020-02-13T15:17:58.982Z",
+      "version": "Wzg5NywxXQ==",
+      "attributes": {
+        "title": "Connections - Protocol Filters",
+        "visState": "{\"title\":\"Connections - Protocol Filters\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1581606976709\",\"fieldName\":\"network.type\",\"parent\":\"\",\"label\":\"Network Layer\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_0_index_pattern\"},{\"id\":\"1581606723028\",\"fieldName\":\"zeek.proto\",\"parent\":\"\",\"label\":\"Protocol\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_1_index_pattern\"},{\"id\":\"1581606665268\",\"fieldName\":\"zeek.service\",\"parent\":\"\",\"label\":\"Service\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"},\"indexPatternRefName\":\"control_2_index_pattern\"}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [
+        {
+          "name": "control_0_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_1_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        },
+        {
+          "name": "control_2_index_pattern",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
+    {
+      "id": "4dd65202-bd19-40d6-9e0d-ff41c6d5a4b5",
+      "type": "visualization",
+      "updated_at": "2020-02-13T14:16:47.803Z",
+      "version": "WzYzMSwxXQ==",
+      "attributes": {
+        "title": "Connections - Maps",
+        "visState": "{\"title\":\"Connections - Maps\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"#### Coordinate Maps\\n[Source - Originator Bytes](/kibana/app/kibana#/dashboard/b50c8d17-6ed3-4de6-aed4-5181032810b2) ● [Destination - Responder Bytes](/kibana/app/kibana#/dashboard/d4fd6afd-15cb-42bf-8a25-03dd8e59b327) ● [Source - Sum of Total Bytes](/kibana/app/kibana#/dashboard/f394057d-1b16-4174-b994-7045f423a416) ● [Destination - Sum of Total Bytes](/kibana/app/kibana#/dashboard/60d78fbd-471c-4f59-a9e3-189b33a13644) ● [Source - Top Connection Duration](/kibana/app/kibana#/dashboard/e09a4b86-29b5-4256-bb3b-802ac9f90404) ● [Destination - Top Connection Duration](/kibana/app/kibana#/dashboard/0aed0e23-c8ac-4f2b-9f68-d04b6e7666b0)   \\n#### Region Maps\\n[Source - Originator Bytes ](/kibana/app/kibana#/dashboard/d41fe630-3f98-11e9-a58e-8bdedb0915e8) ● [Destination - Responder Bytes ](/kibana/app/kibana#/dashboard/77fc9960-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/1ce42250-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Sum of Total Bytes ](/kibana/app/kibana#/dashboard/a16110b0-3f99-11e9-a58e-8bdedb0915e8) ● [Source - Top Connection Duration ](/kibana/app/kibana#/dashboard/39abfe30-3f99-11e9-a58e-8bdedb0915e8) ● [Destination - Top Connection Duration ](/kibana/app/kibana#/dashboard/b9f247c0-3f99-11e9-a58e-8bdedb0915e8)\",\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "uiStateJSON": "{}",
+        "description": "",
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"query\":{\"query\":{\"query_string\":{\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
+        }
+      },
+      "references": [],
+      "migrationVersion": {
+        "visualization": "7.4.2"
+      }
+    },
     {
       "id": "52570870-e9d4-444f-a3df-e44c6757ed9f",
       "type": "search",
-      "updated_at": "2019-12-18T16:21:00.551Z",
-      "version": "WzU4MSwxXQ==",
+      "updated_at": "2020-02-13T14:17:02.148Z",
+      "version": "Wzc2MCwxXQ==",
       "attributes": {
+        "title": "Connections - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "zeek.proto",
+          "zeek.service",
+          "srcIp",
+          "srcPort",
+          "dstIp",
+          "dstPort",
+          "totBytes",
+          "zeek.uid"
+        ],
         "sort": [
           [
             "firstPacket",
             "desc"
           ]
         ],
-        "hits": 0,
-        "description": "",
-        "title": "Connections - Logs",
         "version": 1,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"size\":10,\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"zeek.logType:conn\",\"analyze_wildcard\":true,\"time_zone\":\"America/Denver\"}},\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
       },
       "references": [
         {
diff --git a/kibana/dashboards/f77bf097-18a8-465c-b634-eb2acc7a4f26.json b/kibana/dashboards/f77bf097-18a8-465c-b634-eb2acc7a4f26.json
index 16cad4e83..d0df9464a 100644
--- a/kibana/dashboards/f77bf097-18a8-465c-b634-eb2acc7a4f26.json
+++ b/kibana/dashboards/f77bf097-18a8-465c-b634-eb2acc7a4f26.json
@@ -1,21 +1,21 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "f77bf097-18a8-465c-b634-eb2acc7a4f26",
       "type": "dashboard",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5NywxXQ==",
+      "updated_at": "2020-02-12T18:49:35.910Z",
+      "version": "WzEwODEsMV0=",
       "attributes": {
         "title": "RFB",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"w\":8,\"h\":56,\"x\":0,\"y\":0,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"panelIndex\":\"3\",\"gridData\":{\"w\":32,\"h\":8,\"x\":16,\"y\":0,\"i\":\"3\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"panelIndex\":\"5\",\"gridData\":{\"w\":20,\"h\":12,\"x\":8,\"y\":8,\"i\":\"5\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\",\"embeddableConfig\":{}},{\"panelIndex\":\"6\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":56,\"i\":\"6\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"panelIndex\":\"7\",\"gridData\":{\"w\":20,\"h\":12,\"x\":28,\"y\":8,\"i\":\"7\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"panelIndex\":\"8\",\"gridData\":{\"w\":40,\"h\":24,\"x\":8,\"y\":32,\"i\":\"8\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"panelIndex\":\"10\",\"gridData\":{\"w\":48,\"h\":28,\"x\":0,\"y\":104,\"i\":\"10\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_6\",\"embeddableConfig\":{\"columns\":[\"srcIp\",\"srcPort\",\"dstIp\",\"dstPort\",\"zeek.uid\",\"_id\"],\"sort\":[\"firstPacket\",\"desc\"]}},{\"panelIndex\":\"11\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":56,\"i\":\"11\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"panelIndex\":\"12\",\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":56,\"i\":\"12\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"panelIndex\":\"13\",\"gridData\":{\"w\":16,\"h\":24,\"x\":0,\"y\":80,\"i\":\"13\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"panelIndex\":\"14\",\"gridData\":{\"w\":16,\"h\":24,\"x\":32,\"y\":80,\"i\":\"14\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_10\"},{\"panelIndex\":\"15\",\"gridData\":{\"w\":16,\"h\":24,\"x\":16,\"y\":80,\"i\":\"15\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_11\"},{\"panelIndex\":\"16\",\"gridData\":{\"w\":40,\"h\":12,\"x\":8,\"y\":20,\"i\":\"16\"},\"version\":\"7.3.0\",\"panelRefName\":\"panel_12\",\"embeddableConfig\":{}},{\"panelIndex\":\"17\",\"gridData\":{\"w\":8,\"h\":8,\"x\":8,\"y\":0,\"i\":\"17\"},\"version\":\"7.3.0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_13\"}]",
+        "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":27,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{\"legendOpen\":true,\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":19,\"i\":\"5\",\"w\":13,\"x\":8,\"y\":8},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"7\",\"w\":13,\"x\":21,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":21,\"i\":\"8\",\"w\":18,\"x\":0,\"y\":27},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"11\",\"w\":16,\"x\":0,\"y\":48},\"panelIndex\":\"11\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"12\",\"w\":16,\"x\":16,\"y\":48},\"panelIndex\":\"12\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":22,\"i\":\"13\",\"w\":16,\"x\":32,\"y\":48},\"panelIndex\":\"13\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":21,\"i\":\"14\",\"w\":15,\"x\":33,\"y\":27},\"panelIndex\":\"14\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_8\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":21,\"i\":\"15\",\"w\":15,\"x\":18,\"y\":27},\"panelIndex\":\"15\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_9\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"16\",\"w\":14,\"x\":34,\"y\":8},\"panelIndex\":\"16\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_10\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"17\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"17\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_11\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":38,\"i\":\"2e466042-c74a-4549-9419-847d918823ae\",\"w\":48,\"x\":0,\"y\":70},\"panelIndex\":\"2e466042-c74a-4549-9419-847d918823ae\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_12\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
         "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\",\"default_field\":\"*\"}},\"language\":\"lucene\"}}"
+          "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\",\"time_zone\":\"America/Denver\"}}}}"
         }
       },
       "references": [
@@ -37,57 +37,52 @@
         {
           "name": "panel_3",
           "type": "visualization",
-          "id": "b8b1ddc7-f115-4f44-98fb-8763a01aec3a"
+          "id": "5d961a31-c465-45eb-9e8f-2bbad058a4f8"
         },
         {
           "name": "panel_4",
           "type": "visualization",
-          "id": "5d961a31-c465-45eb-9e8f-2bbad058a4f8"
+          "id": "8efb6175-3c0d-45ac-ae17-2908b8b7ab33"
         },
         {
           "name": "panel_5",
           "type": "visualization",
-          "id": "8efb6175-3c0d-45ac-ae17-2908b8b7ab33"
+          "id": "cd575019-21e5-45be-8fb1-7b447cdf2c91"
         },
         {
           "name": "panel_6",
-          "type": "search",
-          "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
+          "type": "visualization",
+          "id": "0ac25486-a491-4797-b40f-c83d7d14ded0"
         },
         {
           "name": "panel_7",
           "type": "visualization",
-          "id": "cd575019-21e5-45be-8fb1-7b447cdf2c91"
+          "id": "5cd98bd4-370d-4d9c-afeb-0018145f6e28"
         },
         {
           "name": "panel_8",
           "type": "visualization",
-          "id": "0ac25486-a491-4797-b40f-c83d7d14ded0"
+          "id": "c4b27ea5-7188-4c09-9754-ea3c67fe44de"
         },
         {
           "name": "panel_9",
           "type": "visualization",
-          "id": "5cd98bd4-370d-4d9c-afeb-0018145f6e28"
+          "id": "c46f1254-54b6-414b-88cc-69751026b0e0"
         },
         {
           "name": "panel_10",
           "type": "visualization",
-          "id": "c4b27ea5-7188-4c09-9754-ea3c67fe44de"
+          "id": "0537ea69-4e73-4055-92a8-b90369603b5a"
         },
         {
           "name": "panel_11",
           "type": "visualization",
-          "id": "c46f1254-54b6-414b-88cc-69751026b0e0"
+          "id": "AWDHC8iGxQT5EBNmq4bs"
         },
         {
           "name": "panel_12",
-          "type": "visualization",
-          "id": "0537ea69-4e73-4055-92a8-b90369603b5a"
-        },
-        {
-          "name": "panel_13",
-          "type": "visualization",
-          "id": "AWDHC8iGxQT5EBNmq4bs"
+          "type": "search",
+          "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
         }
       ],
       "migrationVersion": {
@@ -97,11 +92,11 @@
     {
       "id": "df9e399b-efa5-4e33-b0ac-a7668a8ac2b3",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:02.636Z",
-      "version": "WzU5OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:05.290Z",
+      "version": "Wzc5NiwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
@@ -117,8 +112,8 @@
     {
       "id": "ebfb6257-cd49-4120-aefb-e3ef95624acc",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4NCwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc4MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Log Count Over Time\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"firstPacket per 12 hours\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"showCircles\":true,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"firstPacket\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}",
         "description": "",
@@ -144,40 +139,13 @@
     {
       "id": "24fb5549-3160-41fb-901f-81c03c165e8c",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4NSwxXQ==",
+      "updated_at": "2020-02-12T18:46:20.561Z",
+      "version": "WzEwNzEsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"RFB - Authentication Status\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rfb.auth\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Authentication Status\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "RFB - Authentication Status",
-        "uiStateJSON": "{}",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"filter\":[]}"
-        },
-        "savedSearchRefName": "search_0"
-      },
-      "references": [
-        {
-          "type": "search",
-          "name": "search_0",
-          "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
-        }
-      ],
-      "migrationVersion": {
-        "visualization": "7.4.2"
-      }
-    },
-    {
-      "id": "b8b1ddc7-f115-4f44-98fb-8763a01aec3a",
-      "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4NiwxXQ==",
-      "attributes": {
-        "visState": "{\"title\":\"RFB - Authentication Method\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.authentication_method\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Authentication Method\"}}],\"listeners\":{}}",
+        "visState": "{\"title\":\"RFB - Authentication Status\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Authenticated\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rfb.auth\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"F\",\"customLabel\":\"Authenticated\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
         "description": "",
-        "title": "RFB - Authentication Method",
-        "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -186,8 +154,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
         }
       ],
@@ -198,13 +166,13 @@
     {
       "id": "5d961a31-c465-45eb-9e8f-2bbad058a4f8",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4NywxXQ==",
+      "updated_at": "2020-02-12T18:40:36.801Z",
+      "version": "WzEwNjQsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"RFB - Exclusive Session\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rfb.share_flag\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "RFB - Exclusive Session",
-        "uiStateJSON": "{\"vis\":{\"legendOpen\":true}}",
+        "visState": "{\"title\":\"RFB - Exclusive Session\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"zeek_rfb.share_flag: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"zeek_rfb.share_flag\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Exclusive Session\"}}]}",
+        "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -213,8 +181,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
         }
       ],
@@ -225,8 +193,8 @@
     {
       "id": "8efb6175-3c0d-45ac-ae17-2908b8b7ab33",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4OCwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc4NiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Desktop Name\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.desktop_name\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Desktop Name\"}}],\"listeners\":{}}",
         "description": "",
@@ -249,50 +217,11 @@
         "visualization": "7.4.2"
       }
     },
-    {
-      "id": "161c6526-b634-4b79-8cb5-39b667eaa862",
-      "type": "search",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU4OSwxXQ==",
-      "attributes": {
-        "sort": [
-          [
-            "firstPacket",
-            "desc"
-          ]
-        ],
-        "hits": 0,
-        "description": "",
-        "title": "RFB - Logs",
-        "version": 1,
-        "kibanaSavedObjectMeta": {
-          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query_string\":{\"query\":\"zeek.logType:rfb\",\"analyze_wildcard\":true}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
-        },
-        "columns": [
-          "srcIp",
-          "srcPort",
-          "dstIp",
-          "dstPort",
-          "zeek.uid",
-          "_id"
-        ]
-      },
-      "references": [
-        {
-          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
-          "type": "index-pattern",
-          "id": "sessions2-*"
-        }
-      ],
-      "migrationVersion": {
-        "search": "7.4.0"
-      }
-    },
     {
       "id": "cd575019-21e5-45be-8fb1-7b447cdf2c91",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5MCwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc4OCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Source IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"srcIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -318,8 +247,8 @@
     {
       "id": "0ac25486-a491-4797-b40f-c83d7d14ded0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5MSwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc4OSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Destination IP Address\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstIp\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"IP Address\"}}],\"listeners\":{}}",
         "description": "",
@@ -345,8 +274,8 @@
     {
       "id": "5cd98bd4-370d-4d9c-afeb-0018145f6e28",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5MiwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc5MCwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Destination Port\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"dstPort\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Port\"}}],\"listeners\":{}}",
         "description": "",
@@ -372,8 +301,8 @@
     {
       "id": "c4b27ea5-7188-4c09-9754-ea3c67fe44de",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5MywxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc5MSwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Server Version\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.server_major_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Major Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.server_minor_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Minor Version\"}}],\"listeners\":{}}",
         "description": "",
@@ -399,8 +328,8 @@
     {
       "id": "c46f1254-54b6-414b-88cc-69751026b0e0",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5NCwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc5MiwxXQ==",
       "attributes": {
         "visState": "{\"title\":\"RFB - Client Version\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.client_major_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Major Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"zeek_rfb.client_minor_version\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Minor Version\"}}],\"listeners\":{}}",
         "description": "",
@@ -426,13 +355,13 @@
     {
       "id": "0537ea69-4e73-4055-92a8-b90369603b5a",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5NSwxXQ==",
+      "updated_at": "2020-02-12T18:49:14.219Z",
+      "version": "WzEwODAsMV0=",
       "attributes": {
-        "visState": "{\"title\":\"RFB - Authentication Method\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_rfb.authentication_method\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Method\"}}],\"listeners\":{}}",
-        "description": "",
         "title": "RFB - Authentication Method",
+        "visState": "{\"title\":\"RFB - Authentication Method\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\",\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Unknown\",\"parsedUrl\":{\"origin\":\"https://localhost\",\"pathname\":\"/kibana/app/kibana\",\"basePath\":\"/kibana\"}}},\"params\":{},\"label\":\"Method\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"zeek_rfb.authentication_method\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Unknown\",\"customLabel\":\"Method\"}}]}",
         "uiStateJSON": "{}",
+        "description": "",
         "version": 1,
         "kibanaSavedObjectMeta": {
           "searchSourceJSON": "{\"filter\":[]}"
@@ -441,8 +370,8 @@
       },
       "references": [
         {
-          "type": "search",
           "name": "search_0",
+          "type": "search",
           "id": "161c6526-b634-4b79-8cb5-39b667eaa862"
         }
       ],
@@ -453,8 +382,8 @@
     {
       "id": "AWDHC8iGxQT5EBNmq4bs",
       "type": "visualization",
-      "updated_at": "2019-12-18T16:21:01.608Z",
-      "version": "WzU5NiwxXQ==",
+      "updated_at": "2020-02-12T15:01:04.271Z",
+      "version": "Wzc5NCwxXQ==",
       "attributes": {
         "title": "RFB - Log Count",
         "visState": "{\"title\":\"RFB - Log Count\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"gauge\",\"gauge\":{\"verticalSplit\":false,\"autoExtend\":false,\"percentageMode\":false,\"gaugeType\":\"Metric\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"None\",\"useRange\":false,\"colorsRange\":[{\"from\":0,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":false,\"labels\":false,\"color\":\"#333\",\"width\":2},\"type\":\"simple\",\"style\":{\"fontSize\":\"30\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"bgFill\":\"#FB9E00\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}",
@@ -476,6 +405,47 @@
       "migrationVersion": {
         "visualization": "7.4.2"
       }
+    },
+    {
+      "id": "161c6526-b634-4b79-8cb5-39b667eaa862",
+      "type": "search",
+      "updated_at": "2020-02-12T18:48:16.263Z",
+      "version": "WzEwNzgsMV0=",
+      "attributes": {
+        "title": "RFB - Logs",
+        "description": "",
+        "hits": 0,
+        "columns": [
+          "srcIp",
+          "dstIp",
+          "dstPort",
+          "zeek_rfb.desktop_name",
+          "zeek_rfb.authentication_method",
+          "zeek_rfb.auth",
+          "zeek_rfb.share_flag",
+          "zeek.uid"
+        ],
+        "sort": [
+          [
+            "firstPacket",
+            "desc"
+          ]
+        ],
+        "version": 1,
+        "kibanaSavedObjectMeta": {
+          "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"zeek.logType:rfb\",\"time_zone\":\"America/Denver\"}}},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
+        }
+      },
+      "references": [
+        {
+          "name": "kibanaSavedObjectMeta.searchSourceJSON.index",
+          "type": "index-pattern",
+          "id": "sessions2-*"
+        }
+      ],
+      "migrationVersion": {
+        "search": "7.4.0"
+      }
     }
   ]
 }
\ No newline at end of file
diff --git a/kibana/dashboards/fa141950-ef89-11e9-b38a-2db3ee640e88.json b/kibana/dashboards/fa141950-ef89-11e9-b38a-2db3ee640e88.json
index 78494f26f..bb574a9ce 100644
--- a/kibana/dashboards/fa141950-ef89-11e9-b38a-2db3ee640e88.json
+++ b/kibana/dashboards/fa141950-ef89-11e9-b38a-2db3ee640e88.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "fa141950-ef89-11e9-b38a-2db3ee640e88",
@@ -10,7 +10,7 @@
         "title": "Tabular Data Stream - SQL",
         "hits": 0,
         "description": "",
-        "panelsJSON": "[{\"gridData\":{\"h\":47,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"h\":31,\"i\":\"2\",\"w\":48,\"x\":0,\"y\":47},\"panelIndex\":\"2\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"4\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"4\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"5\",\"w\":13,\"x\":8,\"y\":8},\"panelIndex\":\"5\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"6\",\"w\":11,\"x\":21,\"y\":8},\"panelIndex\":\"6\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"7\",\"w\":16,\"x\":32,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"8\",\"w\":40,\"x\":8,\"y\":27},\"panelIndex\":\"8\",\"version\":\"7.5.1\",\"panelRefName\":\"panel_7\"}]",
+        "panelsJSON": "[{\"gridData\":{\"h\":47,\"i\":\"1\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\",\"embeddableConfig\":{}},{\"embeddableConfig\":{},\"gridData\":{\"h\":31,\"i\":\"2\",\"w\":48,\"x\":0,\"y\":47},\"panelIndex\":\"2\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"3\",\"w\":8,\"x\":8,\"y\":0},\"panelIndex\":\"3\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"4\",\"w\":32,\"x\":16,\"y\":0},\"panelIndex\":\"4\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"5\",\"w\":13,\"x\":8,\"y\":8},\"panelIndex\":\"5\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"6\",\"w\":11,\"x\":21,\"y\":8},\"panelIndex\":\"6\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_5\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":19,\"i\":\"7\",\"w\":16,\"x\":32,\"y\":8},\"panelIndex\":\"7\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_6\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"8\",\"w\":40,\"x\":8,\"y\":27},\"panelIndex\":\"8\",\"version\":\"7.6.2\",\"panelRefName\":\"panel_7\"}]",
         "optionsJSON": "{\"useMargins\":true}",
         "version": 1,
         "timeRestore": false,
@@ -71,7 +71,7 @@
       "version": "WzU5OCwxXQ==",
       "attributes": {
         "title": "Zeek Logs",
-        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
+        "visState": "{\"title\":\"Zeek Logs\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### General\\n[Overview](/kibana/app/kibana#/dashboard/0ad3d7c2-3441-485e-9dfe-dbb22e84e576)  \\n[Security Overview](/kibana/app/kibana#/dashboard/95479950-41f2-11ea-88fa-7151df485405)  \\n[ICS/IoT Security Overview](/kibana/app/kibana#/dashboard/4a4bde20-4760-11ea-949c-bbb5a9feecbf)  \\n[Connections](/kibana/app/kibana#/dashboard/abdd7550-2c7c-40dc-947e-f6d186a158c4)  \\n[Files](/kibana/app/kibana#/dashboard/9ee51f94-3316-4fc5-bd89-93a52af69714)  \\n[Executables](/kibana/app/kibana#/dashboard/0a490422-0ce9-44bf-9a2d-19329ddde8c3)  \\n[Software](/kibana/app/kibana#/dashboard/87d990cc-9e0b-41e5-b8fe-b10ae1da0c85)  \\n\\n[Notices](/kibana/app/kibana#/dashboard/f1f09567-fc7f-450b-a341-19d2f2bb468b)  \\n[Weird](/kibana/app/kibana#/dashboard/1fff49f6-0199-4a0f-820b-721aff9ff1f1)  \\n[Signatures](/kibana/app/kibana#/dashboard/665d1610-523d-11e9-a30e-e3576242f3ed)  \\n[Intel Feeds](/kibana/app/kibana#/dashboard/36ed695f-edcc-47c1-b0ec-50d20c93ce0f)  \\n\\n### Common Protocols\\n[DCE/RPC](/kibana/app/kibana#/dashboard/432af556-c5c0-4cc3-8166-b274b4e3a406)   ●   [DHCP](/kibana/app/kibana#/dashboard/2d98bb8e-214c-4374-837b-20e1bcd63a5e)   ●   [DNS](/kibana/app/kibana#/dashboard/2cf94cd0-ecab-40a5-95a7-8419f3a39cd9)   ●   [FTP](/kibana/app/kibana#/dashboard/078b9aa5-9bd4-4f02-ae5e-cf80fa6f887b)   ●   [HTTP](/kibana/app/kibana#/dashboard/37041ee1-79c0-4684-a436-3173b0e89876)   ●   [IRC](/kibana/app/kibana#/dashboard/76f2f912-80da-44cd-ab66-6a73c8344cc3)   ●   [Kerberos](/kibana/app/kibana#/dashboard/82da3101-2a9c-4ae2-bb61-d447a3fbe673)   ●   [LDAP](/kibana/app/kibana#/dashboard/05e3e000-f118-11e9-acda-83a8e29e1a24)   ●   [MySQL](/kibana/app/kibana#/dashboard/50ced171-1b10-4c3f-8b67-2db9635661a6)   ●   [NTLM](/kibana/app/kibana#/dashboard/543118a9-02d7-43fe-b669-b8652177fc37)   ●   [NTP](/kibana/app/kibana#/dashboard/af5df620-eeb6-11e9-bdef-65a192b7f586)   ●   [QUIC](/kibana/app/kibana#/dashboard/11ddd980-e388-11e9-b568-cf17de8e860c)   ●   [RADIUS](/kibana/app/kibana#/dashboard/ae79b7d1-4281-4095-b2f6-fa7eafda9970)   ●   [RDP](/kibana/app/kibana#/dashboard/7f41913f-cba8-43f5-82a8-241b7ead03e0)   ●   [RFB](/kibana/app/kibana#/dashboard/f77bf097-18a8-465c-b634-eb2acc7a4f26)   ●   [SIP](/kibana/app/kibana#/dashboard/0b2354ae-0fe9-4fd9-b156-1c3870e5c7aa)   ●   [SMB](/kibana/app/kibana#/dashboard/42e831b9-41a9-4f35-8b7d-e1566d368773)   ●   [SMTP](/kibana/app/kibana#/dashboard/bb827f8e-639e-468c-93c8-9f5bc132eb8f)   ●   [SNMP](/kibana/app/kibana#/dashboard/4e5f106e-c60a-4226-8f64-d534abb912ab)   ●   [SSH](/kibana/app/kibana#/dashboard/caef3ade-d289-4d05-a511-149f3e97f238)   ●   [SSL](/kibana/app/kibana#/dashboard/7f77b58a-df3e-4cc2-b782-fd7f8bad8ffb) / [X.509 Certificates](/kibana/app/kibana#/dashboard/024062a6-48d6-498f-a91a-3bf2da3a3cd3)   ●   [Syslog](/kibana/app/kibana#/dashboard/92985909-dc29-4533-9e80-d3182a0ecf1d)   ●   [TDS](/kibana/app/kibana#/dashboard/bed185a0-ef82-11e9-b38a-2db3ee640e88) / [TDS RPC](/kibana/app/kibana#/dashboard/32587740-ef88-11e9-b38a-2db3ee640e88) / [TDS SQL](/kibana/app/kibana#/dashboard/fa141950-ef89-11e9-b38a-2db3ee640e88)   ●   [Tunnels](/kibana/app/kibana#/dashboard/11be6381-beef-40a7-bdce-88c5398392fc)\\n\\n### ICS/IoT Protocols\\n[BACnet](/kibana/app/kibana#/dashboard/2bec1490-eb94-11e9-a384-0fcf32210194)   ●   [DNP3](/kibana/app/kibana#/dashboard/870a5862-6c26-4a08-99fd-0c06cda85ba3)   ●   [EtherNet/IP](/kibana/app/kibana#/dashboard/29a1b290-eb98-11e9-a384-0fcf32210194)   ●   [Modbus](/kibana/app/kibana#/dashboard/152f29dc-51a2-4f53-93e9-6e92765567b8)   ●   [MQTT](/kibana/app/kibana#/dashboard/87a32f90-ef58-11e9-974e-9d600036d105)   ●   [PROFINET](/kibana/app/kibana#/dashboard/a7514350-eba6-11e9-a384-0fcf32210194)   ●   [S7comm](/kibana/app/kibana#/dashboard/e76d05c0-eb9f-11e9-a384-0fcf32210194)\",\"type\":\"markdown\",\"fontSize\":10,\"openLinksInNewTab\":false},\"aggs\":[]}",
         "uiStateJSON": "{}",
         "description": "",
         "version": 1,
diff --git a/kibana/elastalert-kibana-plugin/server/routes/elastalert.js b/kibana/elastalert-kibana-plugin/server/routes/elastalert.js
new file mode 100644
index 000000000..1e97abcaf
--- /dev/null
+++ b/kibana/elastalert-kibana-plugin/server/routes/elastalert.js
@@ -0,0 +1,27 @@
+export default function(server, options) {
+  const baseUri = `http${options.serverSsl ? 's' : ''}://${options.serverHost}:${options.serverPort}`;
+
+  // Route every request to the ElastAlert API
+  const handler = {
+    proxy: {
+      mapUri: request => {
+        return { uri: `${baseUri}/${request.params.path || ''}` };
+      }
+    }
+  };
+
+  ['GET', 'POST', 'DELETE'].forEach(method => {
+     server.route({
+       path: '/api/elastalert/{path*}',
+       method,
+       handler,
+       config:
+         method === 'GET'
+           ? undefined
+           : {
+               validate: { payload: null },
+               payload: { parse: false },
+             },
+      });
+  });
+}
diff --git a/kibana/kibana-offline-maps.yml b/kibana/kibana-offline-maps.yml
index 4ebc64dca..b40344f29 100644
--- a/kibana/kibana-offline-maps.yml
+++ b/kibana/kibana-offline-maps.yml
@@ -16,7 +16,7 @@ map.regionmap:
   includeElasticMapsService: false
   layers:
      - name: "World (offline)"
-       url: "http://localhost:${KIBANA_OFFLINE_REGION_MAPS_PORT}/world.geojson"
+       url: "/world.geojson"
        attribution: "https://exploratory.io/maps"
        fields:
           - name: "ISO_A2"
@@ -25,3 +25,6 @@ map.regionmap:
             description: "Country Code2"
           - name: "NAME"
             description: "Country Name"
+
+server.cors: true
+server.cors.origin: ['*']
\ No newline at end of file
diff --git a/kibana/scripts/kibana-create-moloch-sessions-index.sh b/kibana/scripts/kibana-create-moloch-sessions-index.sh
index 9b1068bf5..b9142418c 100755
--- a/kibana/scripts/kibana-create-moloch-sessions-index.sh
+++ b/kibana/scripts/kibana-create-moloch-sessions-index.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 set -euo pipefail
@@ -48,6 +48,9 @@ if [[ "$CREATE_ES_MOLOCH_SESSION_INDEX" = "true" ]] ; then
 
       # turn off telemetry
       curl -XPOST "$KIBANA_URL/api/telemetry/v2/optIn" -H 'kbn-xsrf:true' -H 'Content-type:application/json' -d '{"enabled":false}'
+
+      # pin filters by default
+      curl -XPOST "$KIBANA_URL/api/kibana/settings/filters:pinnedByDefault" -H 'kbn-xsrf:true' -H 'Content-type:application/json' -d '{"value":true}'
     fi
   fi
 fi
diff --git a/kibana/scripts/kibana.sh b/kibana/scripts/kibana.sh
index db09dcf21..978dd8560 100755
--- a/kibana/scripts/kibana.sh
+++ b/kibana/scripts/kibana.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 echo "Giving Elasticsearch time to start before starting Kibana..."
 /data/elastic_search_status.sh 2>&1 && echo "Elasticsearch is running!"
diff --git a/kibana/scripts/kibana_index_refresh.py b/kibana/scripts/kibana_index_refresh.py
index cf80af9fd..7d0d1ada6 100755
--- a/kibana/scripts/kibana_index_refresh.py
+++ b/kibana/scripts/kibana_index_refresh.py
@@ -10,7 +10,7 @@
 import sys
 
 GET_STATUS_API = 'api/status'
-GET_INDEX_PATTERN_INFO_URI = 'api/saved_objects/index-pattern'
+GET_INDEX_PATTERN_INFO_URI = 'api/saved_objects/_find'
 GET_FIELDS_URI = 'api/index_patterns/_fields_for_wildcard'
 PUT_INDEX_PATTERN_URI = 'api/saved_objects/index-pattern'
 
@@ -78,42 +78,54 @@ def main():
   if debug:
     eprint('Kibana version is {}'.format(kibanaVersion))
 
-  # get the ID of the index name (probably will be the same as the name)
-  getIndexInfoResponse = requests.get('{}/{}/{}'.format(args.url, GET_INDEX_PATTERN_INFO_URI, args.index))
+  # find the ID of the index name (probably will be the same as the name)
+  getIndexInfoResponse = requests.get(
+    '{}/{}'.format(args.url, GET_INDEX_PATTERN_INFO_URI),
+    params={
+      'type': 'index-pattern',
+      'fields': 'id',
+      'search': '"{}"'.format(args.index)
+    }
+  )
   getIndexInfoResponse.raise_for_status()
   getIndexInfo = getIndexInfoResponse.json()
-  indexId = getIndexInfo['id']
+  indexId = getIndexInfo['saved_objects'][0]['id'] if (len(getIndexInfo['saved_objects']) > 0) else None
   if debug:
     eprint('Index ID for {} is {}'.format(args.index, indexId))
 
-  # get the fields list
-  getFieldsResponse = requests.get('{}/{}'.format(args.url, GET_FIELDS_URI),
-                                   params={ 'pattern': args.index,
-                                            'meta_fields': ["_source","_id","_type","_index","_score"] })
-  getFieldsResponse.raise_for_status()
-  getFieldsList = getFieldsResponse.json()['fields']
-  if debug:
-    eprint('{} would have {} fields'.format(args.index, len(getFieldsList)))
-
-  # set the index pattern with our complete list of fields
-  if not args.dryrun:
-    putIndexInfo = {}
-    putIndexInfo['attributes'] = {}
-    putIndexInfo['attributes']['title'] = args.index
-    putIndexInfo['attributes']['fields'] = json.dumps(getFieldsList)
-
-    putResponse = requests.put('{}/{}/{}'.format(args.url, PUT_INDEX_PATTERN_URI, indexId),
-                               headers={ 'Content-Type': 'application/json',
-                                         'kbn-xsrf': 'true',
-                                         'kbn-version': kibanaVersion, },
-                               data=json.dumps(putIndexInfo))
-    putResponse.raise_for_status()
-
-  # if we got this far, it probably worked!
-  if args.dryrun:
-    print("success (dry run only, no write performed)")
+  if indexId is not None:
+
+    # get the fields list
+    getFieldsResponse = requests.get('{}/{}'.format(args.url, GET_FIELDS_URI),
+                                     params={ 'pattern': args.index,
+                                              'meta_fields': ["_source","_id","_type","_index","_score"] })
+    getFieldsResponse.raise_for_status()
+    getFieldsList = getFieldsResponse.json()['fields']
+    if debug:
+      eprint('{} would have {} fields'.format(args.index, len(getFieldsList)))
+
+    # set the index pattern with our complete list of fields
+    if not args.dryrun:
+      putIndexInfo = {}
+      putIndexInfo['attributes'] = {}
+      putIndexInfo['attributes']['title'] = args.index
+      putIndexInfo['attributes']['fields'] = json.dumps(getFieldsList)
+
+      putResponse = requests.put('{}/{}/{}'.format(args.url, PUT_INDEX_PATTERN_URI, indexId),
+                                 headers={ 'Content-Type': 'application/json',
+                                           'kbn-xsrf': 'true',
+                                           'kbn-version': kibanaVersion, },
+                                 data=json.dumps(putIndexInfo))
+      putResponse.raise_for_status()
+
+    # if we got this far, it probably worked!
+    if args.dryrun:
+      print("success (dry run only, no write performed)")
+    else:
+      print("success")
+
   else:
-    print("success")
+    print("failure (could not find Index ID for {})".format(args.index))
 
 if __name__ == '__main__':
   main()
diff --git a/kibana/supervisord.conf b/kibana/supervisord.conf
index 80efd4126..43d5be174 100644
--- a/kibana/supervisord.conf
+++ b/kibana/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
@@ -30,7 +30,7 @@ stdout_logfile_maxbytes=0
 redirect_stderr=true
 
 [program:maps]
-command=/usr/bin/http-server /opt/maps --cors='*' -p %(ENV_KIBANA_OFFLINE_REGION_MAPS_PORT)s
+command=/usr/bin/http-server /opt/maps --cors='*' -d false -i false --no-dotfiles -p %(ENV_KIBANA_OFFLINE_REGION_MAPS_PORT)s
 user=kibana
 autostart=%(ENV_KIBANA_OFFLINE_REGION_MAPS)s
 startsecs=0
diff --git a/logstash/certs/Makefile b/logstash/certs/Makefile
deleted file mode 100644
index 306b63c81..000000000
--- a/logstash/certs/Makefile
+++ /dev/null
@@ -1,24 +0,0 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-# one may wish to consider not using self-signed certificates in production
-
-all: ca server client
-
-ca:
-	openssl genrsa -out ca.key 2048
-	openssl req -x509 -new -nodes -key ca.key -sha256 -days 9999 -subj /C=US/ST=ID/O=sensor/OU=ca -out ca.crt
-
-server:
-	openssl genrsa -out server.key 2048
-	openssl req -sha512 -new -key server.key -out server.csr -config server.conf
-	openssl x509 -days 3650 -req -sha512 -in server.csr -CAcreateserial -CA ca.crt -CAkey ca.key -out server.crt -extensions v3_req -extfile server.conf
-	mv server.key server.key.pem && openssl pkcs8 -in server.key.pem -topk8 -nocrypt -out server.key
-
-client:
-	openssl genrsa -out client.key 2048
-	openssl req -sha512 -new -key client.key -out client.csr -config client.conf
-	openssl x509 -days 3650 -req -sha512 -in client.csr -CAcreateserial -CA ca.crt -CAkey ca.key -out client.crt -extensions v3_req -extensions usr_cert -extfile client.conf
-
-.PHONY: clean
-clean:
-	@rm -f *.key *.crt *.pem *.csr *.srl
diff --git a/logstash/pipelines/enrichment/11_lookups.conf b/logstash/pipelines/enrichment/11_lookups.conf
index 3f4f7c2a2..722da6cec 100644
--- a/logstash/pipelines/enrichment/11_lookups.conf
+++ b/logstash/pipelines/enrichment/11_lookups.conf
@@ -6,6 +6,7 @@ filter {
 
   # if OUI lookup is requested, enable it
   mutate {
+    id => "mutate_add_field_env_logstash_oui_lookup"
     add_field => { "[@metadata][ENV_LOGSTASH_OUI_LOOKUP]" => "${LOGSTASH_OUI_LOOKUP:false}" }
   }
   if ([@metadata][ENV_LOGSTASH_OUI_LOOKUP] == "true") {
@@ -133,6 +134,16 @@ filter {
         }
       }
     }
+    cidr {
+      id      => "cidr_detect_network_type_ipv4_source"
+      add_field => { "[network][type]" => "ipv4" }
+      address => [ "%{srcIp}" ]
+      network => [ "0.0.0.0/0" ]
+    }
+    if (![network][type]) {
+      mutate { id => "mutate_add_network_type_ipv4_source"
+               add_field => { "[network][type]" => "ipv6" } }
+    }
   } # if ([srcIp])
 
   if ([dstIp]) {
@@ -197,10 +208,56 @@ filter {
           }
         }
       }
-
+    }
+    if (![network][type]) {
+      cidr {
+        id      => "cidr_detect_network_type_ipv4_dest"
+        add_field => { "[network][type]" => "ipv4" }
+        address => [ "%{dstIp}" ]
+        network => [ "0.0.0.0/0" ]
+      }
+      if (![network][type]) {
+        mutate { id => "mutate_add_network_type_ipv4_dest"
+                 add_field => { "[network][type]" => "ipv6" } }
+      }
     }
   } # if ([dstIp])
 
+  if ([dns][host]) {
+    # if requested, look up DNS queries using freq_server.py to get entropy scores
+    # I would do this in an http filter (like zeek_ssl.server_name)
+    ruby {
+        id => "ruby_dns_freq_lookup"
+        init => "
+          require 'net/http'
+          $freqLookupEnabled = ENV['FREQ_LOOKUP'] || 'false'
+          "
+        # freq_server.py returns a string like: (2.9333, 3.6353)
+        code => "
+            if ($freqLookupEnabled == 'true') then
+              scoresv1 = Array.new
+              scoresv2 = Array.new
+              scoresTmp = Array.new
+              begin
+                event.get('[dns][host]').each { |query|
+                  if (query.length >= 4) and (query !~ /(ip6\.int|ip6\.arpa|in-addr\.arpa|b32\.i2p)$/i) then
+                    scoresTmp.clear
+                    scoresTmp.concat(Net::HTTP.get_response(URI.parse('http://freq:10004/measure/' + query)).body.gsub(/(^\(|\)$|\s+)/, '').split(',').map(&:to_f))
+                    if (scoresTmp.length == 2) then
+                      scoresv1 << scoresTmp[0]
+                      scoresv2 << scoresTmp[1]
+                    end
+                  end
+                }
+              rescue Exception => e
+                event.set('ruby_exception', 'ruby_dns_freq_lookup: ' + e.message)
+              end
+              event.set('[zeek][freq_score_v1]', scoresv1) unless (scoresv1.length == 0)
+              event.set('[zeek][freq_score_v2]', scoresv2) unless (scoresv2.length == 0)
+            end"
+    }
+  } # end if dns.ip
+
   if ([dns][ip]) and ([dns][ip][0]) {
     # if this is a DNS record with an IP, GeoIP it as well
     geoip {
@@ -284,6 +341,26 @@ filter {
 
   } # end if radius
 
+  if ([zeek_ssl][server_name]) {
+    mutate {
+      add_field => { "[@metadata][ENV_FREQ_LOOKUP]" => "${FREQ_LOOKUP:false}" }
+    }
+    if ([@metadata][ENV_FREQ_LOOKUP] == "true") {
+      # if requested, look up zeek_ssl.server_name queries using freq_server.py to get entropy scores
+      http {
+        id => "rest_zeek_ssl_server_name_freq_lookup"
+        url => "http://freq:10004/measure/%{[zeek_ssl][server_name]}"
+        target_body => "[@metadata][zeek_ssl_server_name_freq]"
+      }
+      if ([@metadata][zeek_ssl_server_name_freq]) {
+        grok {
+          id => "grok_zeek_ssl_server_name_freq_parse"
+          match => { "[@metadata][zeek_ssl_server_name_freq]" => [ "^\(%{NUMBER:[zeek][freq_score_v1]}, %{NUMBER:[zeek][freq_score_v2]}\)$" ] }
+        }
+      }
+    }
+  } # end if zeek_ssl.server_name
+
   ################################################################################################
 
   ######## JA3 community hashes lookup ###########################################################
@@ -318,12 +395,20 @@ filter {
              add_field => { "[node]" => "logs" } }
   }
 
+  if ([log][file][path]) {
+    # trim path portion of log.file.path
+    mutate { id => "mutate_gsub_field_zeek_log_file_path"
+             gsub => [ "[log][file][path]", "^.*/", "" ] }
+  }
+
   # remove some useless beats-related fields
   mutate {
     id => "mutate_remove_field_beats_useless"
     remove_field => [
       "[beat]",
+      "[agent][ephemeral_id]",
       "[log][offset]",
+      "[input][type]",
       "[prospector]",
       "[message]"
     ]
diff --git a/logstash/pipelines/enrichment/12_type_conv.conf b/logstash/pipelines/enrichment/12_type_conv.conf
index 7b880319d..7a8861a8a 100644
--- a/logstash/pipelines/enrichment/12_type_conv.conf
+++ b/logstash/pipelines/enrichment/12_type_conv.conf
@@ -71,6 +71,8 @@ filter {
       "[userCnt]" => "integer"
       "[vlan]" => "integer"
       "[vlanCnt]" => "integer"
+      "[zeek][freq_score_v1]" => "float"
+      "[zeek][freq_score_v2]" => "float"
     }
   }
 
diff --git a/logstash/pipelines/enrichment/18_tags_finalize.conf b/logstash/pipelines/enrichment/18_tags_finalize.conf
index 71c18d408..7bae05368 100644
--- a/logstash/pipelines/enrichment/18_tags_finalize.conf
+++ b/logstash/pipelines/enrichment/18_tags_finalize.conf
@@ -5,6 +5,7 @@ filter {
   mutate { id => "mutate_enrichment_tags_remove"
            remove_tag => [ "beats_input_codec_plain_applied",
                            "_grokparsefailure",
+                           "_jsonparsefailure",
                            "_dissectfailure",
                            "_ouilookupfailure",
                            "_geoip_lookup_failure" ] }
diff --git a/logstash/pipelines/zeek/11_zeek_logs.conf b/logstash/pipelines/zeek/11_zeek_logs.conf
index d0d559a88..25efdf272 100644
--- a/logstash/pipelines/zeek/11_zeek_logs.conf
+++ b/logstash/pipelines/zeek/11_zeek_logs.conf
@@ -8,7 +8,7 @@
 # this monstrosity can be used to profile:
 #   $ curl -XGET http://localhost:9600/_node/stats/pipelines | python -mjson.tool | grep -P '"(id|duration_in_millis)":' | sed "s/.*: //" | sed ':a;N;$!ba;s/",\n/ /g' | sed "s/[\",]//g" | awk -F " " '{printf("%s %s\n", $2, $1)}' | sort -n
 #
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 #######################
 
 filter {
@@ -223,10 +223,8 @@ filter {
       }
     }
 
-    mutate {
-      id => "mutate_add_field_zeek_conn_segmentCnt"
-      add_field => { "[segmentCnt]" => "1" }
-    }
+    mutate { id => "mutate_add_field_zeek_conn_segmentCnt"
+             add_field => { "[segmentCnt]" => "1" } }
 
     if ([zeek_cols][orig_ip_bytes]) and ([zeek_cols][orig_ip_bytes] != '-') and ([zeek_cols][orig_ip_bytes] != '(empty)') and ([zeek_cols][orig_ip_bytes] != '') {
       mutate { id => "mutate_add_field_zeek_srcBytes"
@@ -394,7 +392,7 @@ filter {
             id => "dissect_zeek_dhcp_1_with_all_fields"
             # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
             mapping => {
-              "[message]" => "%{[zeek_cols][ts]}	%{[zeek_cols][uids]}	%{[zeek_cols][orig_h]}	%{[zeek_cols][resp_h]}	%{[zeek_cols][orig_l2_addr]}	%{[zeek_cols][host_name]}	%{[zeek_cols][client_fqdn]}	%{[zeek_cols][domain]}	%{[zeek_cols][requested_ip]}	%{[zeek_cols][assigned_ip]}	%{[zeek_cols][lease_time]}	%{[zeek_cols][client_message]}	%{[zeek_cols][server_message]}	%{[zeek_cols][msg_types]}	%{[zeek_cols][duration]}"
+              "[message]" => "%{[zeek_cols][ts]}	%{[zeek_cols][uid]}	%{[zeek_cols][orig_h]}	%{[zeek_cols][resp_h]}	%{[zeek_cols][orig_l2_addr]}	%{[zeek_cols][host_name]}	%{[zeek_cols][client_fqdn]}	%{[zeek_cols][domain]}	%{[zeek_cols][requested_ip]}	%{[zeek_cols][assigned_ip]}	%{[zeek_cols][lease_time]}	%{[zeek_cols][client_message]}	%{[zeek_cols][server_message]}	%{[zeek_cols][msg_types]}	%{[zeek_cols][duration]}"
             }
           }
 
@@ -424,18 +422,18 @@ filter {
       }
       ruby {
         id => "ruby_zip_zeek_dhcp"
-        init => "$zeek_dhcp_field_names = [ 'ts', 'uids', 'orig_h', 'resp_h', 'orig_l2_addr', 'host_name', 'client_fqdn', 'domain', 'requested_ip', 'assigned_ip', 'lease_time', 'client_message', 'server_message', 'msg_types', 'duration' ]"
+        init => "$zeek_dhcp_field_names = [ 'ts', 'uid', 'orig_h', 'resp_h', 'orig_l2_addr', 'host_name', 'client_fqdn', 'domain', 'requested_ip', 'assigned_ip', 'lease_time', 'client_message', 'server_message', 'msg_types', 'duration' ]"
         code => "event.set('[zeek_cols]', $zeek_dhcp_field_names.zip(event.get('[message]')).to_h)"
       }
     }
 
-    if ([zeek_cols][uids]) and ([zeek_cols][uids] != '(empty)') and ([zeek_cols][uids] != '') {
+    if ([zeek_cols][uid]) and ([zeek_cols][uid] != '(empty)') and ([zeek_cols][uid] != '') {
       mutate { id => "mutate_split_zeek_dhcp_uids"
-               split => { "[zeek_cols][uids]" => "," } }
+               split => { "[zeek_cols][uid]" => "," } }
     }
-    if ([zeek_cols][uids] and [zeek_cols][uids][0]) {
+    if ([zeek_cols][uid] and [zeek_cols][uid][0]) {
       mutate { id => "mutate_add_field_zeek_dhcp_uids"
-               add_field => { "[rootId]" => "%{[zeek_cols][uids][0]}" } }
+               add_field => { "[rootId]" => "%{[zeek_cols][uid][0]}" } }
     }
 
     if ((![zeek_cols][orig_p]) and (![zeek_cols][resp_p])) {
@@ -1236,7 +1234,6 @@ filter {
       }
     }
 
-
   } else if ([source] == "mqtt_subscribe") {
     #############################################################################################################################
     # mqtt_subscribe.log
@@ -1638,6 +1635,10 @@ filter {
       add_field =>  { "[zeek_cols][service]" => "rdp" }
     }
 
+    # remove RDP prefix from client_build (version)
+    mutate { id => "mutate_gsub_field_zeek_rdp_client_build"
+             gsub => [ "[zeek_cols][client_build]", "^RDP ", "" ] }
+
   } else if ([source] == "rfb") {
     #############################################################################################################################
     # rfb.log
@@ -1755,11 +1756,53 @@ filter {
       add_field =>  { "[zeek_cols][service]" => "sip" }
     }
 
+  } else if ([source] == "smb_cmd") {
+    #############################################################################################################################
+    # smb_cmd.log
+    # https://docs.zeek.org/en/stable/scripts/base/protocols/smb/main.zeek.html#type-SMB::CmdInfo
+    #
+    # note that smb_cmd.referenced_file is exactly the same structure as the log line for smb_files. later on it will be
+    # merged up as its own top-level entity so I don't have to duplicate the parsing effort below
+
+    dissect {
+      id => "dissect_zeek_smb_cmd"
+      # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
+      mapping => {
+        "[message]" => "%{[zeek_cols][ts]}	%{[zeek_cols][uid]}	%{[zeek_cols][orig_h]}	%{[zeek_cols][orig_p]}	%{[zeek_cols][resp_h]}	%{[zeek_cols][resp_p]}	%{[zeek_cols][command]}	%{[zeek_cols][sub_command]}	%{[zeek_cols][argument]}	%{[zeek_cols][status]}	%{[zeek_cols][rtt]}	%{[zeek_cols][version]}	%{[zeek_cols][user]}	%{[zeek_cols][tree]}	%{[zeek_cols][tree_service]}	%{[zeek_cols][referenced_file][ts]}	%{[zeek_cols][referenced_file][uid]}	%{[zeek_cols][referenced_file][orig_h]}	%{[zeek_cols][referenced_file][orig_p]}	%{[zeek_cols][referenced_file][resp_h]}	%{[zeek_cols][referenced_file][resp_p]}	%{[zeek_cols][referenced_file][fuid]}	%{[zeek_cols][referenced_file][action]}	%{[zeek_cols][referenced_file][path]}	%{[zeek_cols][referenced_file][name]}	%{[zeek_cols][referenced_file][size]}	%{[zeek_cols][referenced_file][prev_name]}	%{[zeek_cols][referenced_file][times_modified]}	%{[zeek_cols][referenced_file][times_accessed]}	%{[zeek_cols][referenced_file][times_created]}	%{[zeek_cols][referenced_file][times_changed]}	%{[zeek_cols][referenced_file][data_offset_req]}	%{[zeek_cols][referenced_file][data_len_req]}	%{[zeek_cols][referenced_file][data_len_rsp]}"
+      }
+    }
+    if ("_dissectfailure" in [tags]) {
+      mutate {
+        id => "mutate_split_zeek_smb_cmd"
+        # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
+        split => { "[message]" => "	" }
+      }
+      ruby {
+        id => "ruby_zip_zeek_smb_cmd"
+        init => "$zeek_smb_cmd_field_names = [ 'ts', 'uid', 'orig_h', 'orig_p', 'resp_h', 'resp_p', 'command', 'sub_command', 'argument', 'status', 'rtt', 'version', 'user', 'tree', 'tree_service', 'referenced_file.ts', 'referenced_file.uid', 'referenced_file.orig_h', 'referenced_file.orig_p', 'referenced_file.resp_h', 'referenced_file.resp_p', 'referenced_file.fuid', 'referenced_file.action', 'referenced_file.path', 'referenced_file.name', 'referenced_file.size', 'referenced_file.prev_name', 'referenced_file.times_modified', 'referenced_file.times_accessed', 'referenced_file.times_created', 'referenced_file.times_changed', 'referenced_file.data_offset_req', 'referenced_file.data_len_req', 'referenced_file.data_len_rsp' ]"
+        code => "event.set('[zeek_cols]', $zeek_smb_cmd_field_names.zip(event.get('[message]')).to_h)"
+      }
+    }
+
+    mutate {
+      id => "mutate_add_fields_zeek_smb_cmd"
+      add_field => {
+        "[zeek_cols][proto]" => "tcp"
+        "[zeek_cols][service]" => "smb"
+      }
+    }
+
+    # remove SMB prefix from version
+    mutate { id => "mutate_gsub_field_zeek_smb_cmd_version"
+             gsub => [ "[zeek_cols][version]", "^SMB", "" ] }
+
+    mutate { id => "mutate_gsub_zeek_smb_cmd_command"
+             gsub => [ "[zeek_cols][command]", "^SMB::", "" ] }
+
   } else if ([source] == "smb_files") {
     #############################################################################################################################
     # smb_files.log
     # https://docs.zeek.org/en/stable/scripts/base/protocols/smb/main.zeek.html#type-SMB::FileInfo
-    # todo: also smb_cmd.log?
 
     if ([@metadata][zeek_fields_bitmap] and [@metadata][zeek_fields_bitmap_version]) {
 
@@ -1831,6 +1874,9 @@ filter {
       }
     }
 
+    mutate { id => "mutate_gsub_zeek_smb_files_action"
+             gsub => [ "[zeek_cols][action]", "^SMB::", "" ] }
+
   } else if ([source] == "smb_mapping") {
     #############################################################################################################################
     # smb_mapping.log
@@ -1873,7 +1919,7 @@ filter {
       id => "dissect_zeek_smtp"
       # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
       mapping => {
-        "[message]" => "%{[zeek_cols][ts]}	%{[zeek_cols][uid]}	%{[zeek_cols][orig_h]}	%{[zeek_cols][orig_p]}	%{[zeek_cols][resp_h]}	%{[zeek_cols][resp_p]}	%{[zeek_cols][trans_depth]}	%{[zeek_cols][helo]}	%{[zeek_cols][mailfrom]}	%{[zeek_cols][rcptto]}	%{[zeek_cols][date]}	%{[zeek_cols][from]}	%{[zeek_cols][to]}	%{[zeek_cols][cc]}	%{[zeek_cols][reply_to]}	%{[zeek_cols][msg_id]}	%{[zeek_cols][in_reply_to]}	%{[zeek_cols][subject]}	%{[zeek_cols][x_originating_ip]}	%{[zeek_cols][first_received]}	%{[zeek_cols][second_received]}	%{[zeek_cols][last_reply]}	%{[zeek_cols][path]}	%{[zeek_cols][user_agent]}	%{[zeek_cols][tls]}	%{[zeek_cols][fuids]}	%{[zeek_cols][is_webmail]}"
+        "[message]" => "%{[zeek_cols][ts]}	%{[zeek_cols][uid]}	%{[zeek_cols][orig_h]}	%{[zeek_cols][orig_p]}	%{[zeek_cols][resp_h]}	%{[zeek_cols][resp_p]}	%{[zeek_cols][trans_depth]}	%{[zeek_cols][helo]}	%{[zeek_cols][mailfrom]}	%{[zeek_cols][rcptto]}	%{[zeek_cols][date]}	%{[zeek_cols][from]}	%{[zeek_cols][to]}	%{[zeek_cols][cc]}	%{[zeek_cols][reply_to]}	%{[zeek_cols][msg_id]}	%{[zeek_cols][in_reply_to]}	%{[zeek_cols][subject]}	%{[zeek_cols][x_originating_ip]}	%{[zeek_cols][first_received]}	%{[zeek_cols][second_received]}	%{[zeek_cols][last_reply]}	%{[zeek_cols][path]}	%{[zeek_cols][user_agent]}	%{[zeek_cols][tls]}	%{[zeek_cols][fuid]}	%{[zeek_cols][is_webmail]}"
       }
     }
     if ("_dissectfailure" in [tags]) {
@@ -1884,7 +1930,7 @@ filter {
       }
       ruby {
         id => "ruby_zip_zeek_smtp"
-        init => "$zeek_smtp_field_names = [ 'ts', 'uid', 'orig_h', 'orig_p', 'resp_h', 'resp_p', 'trans_depth', 'helo', 'mailfrom', 'rcptto', 'date', 'from', 'to', 'cc', 'reply_to', 'msg_id', 'in_reply_to', 'subject', 'x_originating_ip', 'first_received', 'second_received', 'last_reply', 'path', 'user_agent', 'tls', 'fuids', 'is_webmail' ]"
+        init => "$zeek_smtp_field_names = [ 'ts', 'uid', 'orig_h', 'orig_p', 'resp_h', 'resp_p', 'trans_depth', 'helo', 'mailfrom', 'rcptto', 'date', 'from', 'to', 'cc', 'reply_to', 'msg_id', 'in_reply_to', 'subject', 'x_originating_ip', 'first_received', 'second_received', 'last_reply', 'path', 'user_agent', 'tls', 'fuid', 'is_webmail' ]"
         code => "event.set('[zeek_cols]', $zeek_smtp_field_names.zip(event.get('[message]')).to_h)"
       }
     }
@@ -2285,6 +2331,13 @@ filter {
       }
     }
 
+
+    mutate { id => "mutate_gsub_zeek_tunnel_action"
+             gsub => [ "[zeek_cols][action]", "Tunnel::", "" ] }
+
+    mutate { id => "mutate_gsub_zeek_tunnel_type"
+             gsub => [ "[zeek_cols][tunnel_type]", "Tunnel::", "" ] }
+
     mutate {
       id => "mutate_add_fields_zeek_tunnel"
       add_field =>  { "[zeek_cols][service]" => "%{[zeek_cols][tunnel_type]}" }
@@ -2292,8 +2345,6 @@ filter {
 
     mutate { id => "mutate_lowercase_zeek_tunnel_service"
              lowercase => [ "[zeek_cols][service]" ] }
-    mutate { id => "mutate_gsub_zeek_tunnel_service"
-             gsub => [ "[zeek_cols][service]", "tunnel::", "" ] }
 
   } else if ([source] == "weird") {
     #############################################################################################################################
@@ -2345,36 +2396,40 @@ filter {
       }
     }
 
-    mutate {
-      id => "mutate_add_fields_zeek_x509"
-      add_field => {
-        "[zeek_cols][service]" => "X.509"
-        "[certCnt]" => "1"
-      }
-    }
+    mutate { id => "mutate_add_fields_zeek_x509"
+             add_field => { "[zeek_cols][service]" => "X.509"
+                            "[certCnt]" => "1" } }
 
   } else {
-    # some other unknown zeek log file. should start with ts at least!
-    csv {
-      id => "csv_zeek_unknown"
-      columns => [
-        "ts"]
 
-      # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
-      separator => "	"
-      # there's no way to *disable* the csv quote char, so set it to something we'll never see
-      quote_char => ""
+    if ([source] =~ /\.\d{4}-\d{2}-\d{2}-\d{2}-\d{2}-\d{2}$/) {
+      # filebeat caught a file right in the middle of being renamed/moved (ie., renamed from conn.log to
+      # conn.2020-01-16-14-00-00.log). this has actually already been processed, so ignore this event.
+      drop { id => "drop_renamed_logfile" }
 
-      target => "[zeek_cols]"
-    }
+    } else {
+      # some other unknown zeek log file. should start with ts at least!
+      csv {
+        id => "csv_zeek_unknown"
+        columns => [
+          "ts"]
+
+        # zeek's default delimiter is a literal tab, MAKE SURE YOUR EDITOR DOESN'T SCREW IT UP
+        separator => "	"
+        # there's no way to *disable* the csv quote char, so set it to something we'll never see
+        quote_char => ""
+
+        target => "[zeek_cols]"
+      }
 
-    mutate { id => "mutate_add_tag_zeek_unknown"
-             add_tag => [ "_unknown_log_type" ] }
+      mutate { id => "mutate_add_tag_zeek_unknown"
+               add_tag => [ "_unknown_log_type" ] }
+    }
 
   } # if / else if for source type (conn.log, dns.log, etc.)
 
   if ([zeek_cols]) {
-    # remove unset (-) or "(empty)" field values
+    # remove unset (-) or "(empty)" top-level field values
     ruby {
       id => "ruby_zeek_remove_empty_values"
       code => "
@@ -2395,18 +2450,20 @@ filter {
   # show up in many types of logs)
   mutate {
     id => "mutate_rename_zeek_common_fields"
-    rename => { "[zeek_%{[source]}][ts]"            => "[zeek][ts]" }
-    rename => { "[zeek_%{[source]}][uid]"           => "[zeek][uid]" }
-    rename => { "[zeek_%{[source]}][orig_h]"        => "[zeek][orig_h]" }
-    rename => { "[zeek_%{[source]}][orig_p]"        => "[zeek][orig_p]" }
-    rename => { "[zeek_%{[source]}][orig_l2_addr]"  => "[zeek][orig_l2_addr]" }
-    rename => { "[zeek_%{[source]}][resp_h]"        => "[zeek][resp_h]" }
-    rename => { "[zeek_%{[source]}][resp_p]"        => "[zeek][resp_p]" }
-    rename => { "[zeek_%{[source]}][resp_l2_addr]"  => "[zeek][resp_l2_addr]" }
-    rename => { "[zeek_%{[source]}][proto]"         => "[zeek][proto]" }
-    rename => { "[zeek_%{[source]}][service]"       => "[zeek][service]" }
-    rename => { "[zeek_%{[source]}][user]"          => "[zeek][user]" }
-    rename => { "[zeek_%{[source]}][community_id]"  => "[zeek][community_id]" }
+    rename => { "[zeek_%{[source]}][ts]"              => "[zeek][ts]" }
+    rename => { "[zeek_%{[source]}][uid]"             => "[zeek][uid]" }
+    rename => { "[zeek_%{[source]}][fuid]"            => "[zeek][fuid]" }
+    rename => { "[zeek_%{[source]}][orig_h]"          => "[zeek][orig_h]" }
+    rename => { "[zeek_%{[source]}][orig_p]"          => "[zeek][orig_p]" }
+    rename => { "[zeek_%{[source]}][orig_l2_addr]"    => "[zeek][orig_l2_addr]" }
+    rename => { "[zeek_%{[source]}][resp_h]"          => "[zeek][resp_h]" }
+    rename => { "[zeek_%{[source]}][resp_p]"          => "[zeek][resp_p]" }
+    rename => { "[zeek_%{[source]}][resp_l2_addr]"    => "[zeek][resp_l2_addr]" }
+    rename => { "[zeek_%{[source]}][proto]"           => "[zeek][proto]" }
+    rename => { "[zeek_%{[source]}][service]"         => "[zeek][service]" }
+    rename => { "[zeek_%{[source]}][user]"            => "[zeek][user]" }
+    rename => { "[zeek_%{[source]}][password]"        => "[zeek][password]" }
+    rename => { "[zeek_%{[source]}][community_id]"    => "[zeek][community_id]" }
   }
 
   if ([zeek][orig_h]) { mutate { id => "mutate_add_field_zeek_srcIp"
@@ -2452,6 +2509,10 @@ filter {
              add_field => { "[zeek][uid]" => "%{[@metadata][uuid]}" } }
   }
 
+  # if present, FUIDs are always a vector (comma-separated)
+  if ([zeek][fuid]) { mutate { id => "mutate_split_zeek_fuids"
+                               split => { "[zeek][fuid]" => "," } } }
+
   if ([source] == "conn") {
     mutate { id => "mutate_add_field_zeek_conn_zeekLogDocId"
              add_field => { "[zeekLogDocId]" => "%{[zeek][uid]}" } }
@@ -2631,6 +2692,7 @@ filter {
                split => { "[zeek_bacnet][data]" => "," } }
 
       #if ([zeek_bacnet][data_dict][date]) and ([zeek_bacnet][data_dict][time]) {
+      # TODO:
       #}
     }
 
@@ -2645,10 +2707,8 @@ filter {
       }
       mutate { id => "mutate_merge_zeek_dhcp_mac"
                merge => { "[dhcp][mac]" => "[zeek][orig_l2_addr]" } }
-      ruby {
-        id => "ruby_zeek_dhcp_macCnt"
-        code => "event.set('[dhcp][macCnt]', event.get('[dhcp][mac]').length)"
-      }
+      mutate { id => "mutate_add_field_dhcp_macCnt"
+               add_field => { "[dhcp][macCnt]" => "1" } }
     }
 
     if ([zeek_dhcp][msg_types]) {
@@ -2661,10 +2721,8 @@ filter {
     if ([zeek_dhcp][trans_id]) {
       mutate { id => "mutate_merge_zeek_dhcp_id"
                merge => { "[dhcp][id]" => "[zeek_dhcp][trans_id]" } }
-      ruby {
-        id => "ruby_zeek_dhcp_idCnt"
-        code => "event.set('[dhcp][idCnt]', event.get('[dhcp][id]').length)"
-      }
+      mutate { id => "mutate_add_field_dhcp_idCnt"
+               add_field => { "[dhcp][idCnt]" => "1" } }
     }
 
     if ([zeek_dhcp][host_name]) {
@@ -2687,13 +2745,13 @@ filter {
   } else if ([source] == "dns") {
     #############################################################################################################################
     # dns.log specific logic
-    # todo: adjust this regex so it at least sort of catches IPv6 as well
 
     # this must be done because [dns][ip] only handles IPv4 or IPv6 addresses
     # but [answers] can contain hostnames as well
     if ([zeek_dns][answers]) {
       ruby {
         id => "ruby_zeek_dns_answers_ip_extract"
+        # todo: adjust this regex so it at least sort of catches IPv6 as well
         code => "event.set('[@metadata][answers_ip]', event.get('[zeek_dns][answers]').scan(/\d+\.\d+\.\d+\.\d+/).join(','))"
       }
       mutate { id => "mutate_split_zeek_dns_answers"
@@ -2712,73 +2770,41 @@ filter {
                add_field => { "[@metadata][opcode]" => "QUERY" } }
       mutate { id => "mutate_merge_zeek_opcode"
                merge => { "[dns][opcode]" => "[@metadata][opcode]" } }
-    }
-    if ([dns][host]) {
-      ruby {
-        id => "ruby_zeek_dns_hostCnt"
-        code => "event.set('[dns][hostCnt]', event.get('[dns][host]').length)"
-      }
-    }
-    if ([dns][opcode]) {
-      ruby {
-        id => "ruby_zeek_dns_opcodeCnt"
-        code => "event.set('[dns][opcodeCnt]', event.get('[dns][opcode]').length)"
-      }
+      mutate { id => "mutate_add_field_dns_hostCnt"
+               add_field => { "[dns][hostCnt]" => "1" } }
+      mutate { id => "mutate_add_field_dns_opcodeCnt"
+               add_field => { "[dns][opcodeCnt]" => "1" } }
     }
 
     if ([@metadata][answers_ip]) {
       mutate { id => "mutate_merge_zeek_dns_ip"
                merge => { "[dns][ip]" => "[@metadata][answers_ip]" } }
+      ruby {
+        id => "ruby_zeek_dns_ipCnt"
+        code => "event.set('[dns][ipCnt]', event.get('[dns][ip]').length)"
+      }
     }
 
     if ([zeek_dns][qclass_name]) {
       mutate { id => "mutate_merge_zeek_dns_qc"
                merge => { "[dns][qc]" => "[zeek_dns][qclass_name]" } }
-      ruby {
-        id => "ruby_zeek_dns_qcCnt"
-        code => "event.set('[dns][qcCnt]', event.get('[dns][qc]').length)"
-      }
+      mutate { id => "mutate_add_field_dns_qcCnt"
+               add_field => { "[dns][qcCnt]" => "1" } }
     }
 
     if ([zeek_dns][qtype_name]) {
       mutate { id => "mutate_merge_zeek_dns_qt"
                merge => { "[dns][qt]" => "[zeek_dns][qtype_name]" } }
-      ruby {
-        id => "ruby_zeek_dns_qtCnt"
-        code => "event.set('[dns][qtCnt]', event.get('[dns][qt]').length)"
-      }
+      mutate { id => "mutate_add_field_dns_qtCnt"
+               add_field => { "[dns][qtCnt]" => "1" } }
     }
 
-    if ([dns][ip]) {
-      ruby {
-        id => "ruby_zeek_dns_ipCnt"
-        code => "event.set('[dns][ipCnt]', event.get('[dns][ip]').length)"
-      }
-    } # if([dns][ip])
-
   } else if ([source] == "files") {
     #############################################################################################################################
     # files.log specific logic
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_files][fuid]) {
-      mutate { id => "mutate_split_zeek_files_fuid"
-               split => { "[zeek_files][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_files_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_files][fuid]" } }
-    }
-    if ([zeek_files][parent_fuid]) {
-      mutate { id => "mutate_split_zeek_files_parent_fuid"
-               split => { "[zeek_files][parent_fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_files_parent_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_files][parent_fuid]" } }
-    }
-    # collect all filenames under the parent [zeek][filename] array
-    if ([zeek_files][filename]) { mutate { id => "mutate_merge_zeek_files_filename"
-                                          merge => { "[zeek][filename]" => "[zeek_files][filename]" } } }
-    # collect all mime types under the parent [zeek][filetype] array
-    if ([zeek_files][mime_type]) { mutate { id => "mutate_merge_zeek_files_mime_type"
-                                           merge => { "[zeek][filetype]" => "[zeek_files][mime_type]" } } }
+    if ([zeek_files][parent_fuid]) { mutate { id => "mutate_split_zeek_files_parent_fuid"
+                                              split => { "[zeek_files][parent_fuid]" => "," } } }
 
     if ([zeek_files][total_bytes]) {
       ruby {
@@ -2807,18 +2833,6 @@ filter {
       }
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_ftp][fuid]) {
-      mutate { id => "mutate_split_zeek_ftp_fuid"
-               split => { "[zeek_ftp][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_ftp_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_ftp][fuid]" } }
-    }
-
-    # collect all mime types under the parent [zeek][filetype] array
-    if ([zeek_ftp][mime_type]) { mutate { id => "mutate_merge_zeek_ftp_filetype"
-                                         merge => { "[zeek][filetype]" => "[zeek_ftp][mime_type]" } } }
-
   } else if ([source] == "gquic") {
     #############################################################################################################################
     # gquic.log specific logic
@@ -2826,19 +2840,15 @@ filter {
     if ([zeek_gquic][user_agent]) {
       mutate { id => "mutate_merge_zeek_quic_useragent"
                merge => { "[quic][useragent]" => "[zeek_gquic][user_agent]" } }
-      mutate {
-        id => "mutate_add_field_zeek_quic_useragentCnt"
-        add_field =>  { "[quic][useragentCnt]" => "1" }
-      }
+      mutate { id => "mutate_add_field_zeek_quic_useragentCnt"
+               add_field =>  { "[quic][useragentCnt]" => "1" } }
     }
 
     if ([zeek_gquic][server_name]) {
       mutate { id => "mutate_merge_zeek_quic_host"
                merge => { "[quic][host]" => "[zeek_gquic][server_name]" } }
-      mutate {
-        id => "mutate_add_field_zeek_quic_hostCnt"
-        add_field =>  { "[quic][hostCnt]" => "1" }
-      }
+      mutate { id => "mutate_add_field_zeek_quic_hostCnt"
+               add_field =>  { "[quic][hostCnt]" => "1" } }
     }
 
     if ([zeek_gquic][version]) {
@@ -2846,10 +2856,8 @@ filter {
         id => "ruby_zeek_set_quic_version"
         code => "event.set('[quic][version]', 'Q' + event.get('[zeek_gquic][version]').rjust(3, '0'))"
       }
-      mutate {
-        id => "mutate_add_field_zeek_quic_versionCnt"
-        add_field =>  { "[quic][versionCnt]" => "1" }
-      }
+      mutate { id => "mutate_add_field_zeek_quic_versionCnt"
+               add_field =>  { "[quic][versionCnt]" => "1" } }
     }
 
 
@@ -2877,10 +2885,8 @@ filter {
     if ([zeek_http][host]) {
       mutate { id => "mutate_merge_zeek_http_host"
                merge => { "[http][host]" => "[zeek_http][host]" } }
-      ruby {
-        id => "ruby_zeek_http_hostCnt"
-        code => "event.set('[http][hostCnt]', event.get('[http][host]').length)"
-      }
+      mutate { id => "mutate_add_field_http_hostCnt"
+               add_field => { "[http][hostCnt]" => "1" } }
     }
 
     if ([zeek_http][uri]) {
@@ -2898,69 +2904,52 @@ filter {
       merge => { "[http][uri]" => "[zeek_http][referrer]" } }
     }
 
-    if ([http][uri]) {
-      ruby {
-        id => "ruby_zeek_http_uriCnt"
-        code => "event.set('[http][uriCnt]', event.get('[http][uri]').length)"
-      }
-    }
+    if ([http][uri]) { mutate { id => "mutate_add_field_http_uriCnt"
+                                add_field => { "[http][uriCnt]" => "1" } } }
 
     if ([zeek_http][user_agent]) {
       mutate { id => "mutate_merge_zeek_http_user_agent"
                merge => { "[http][useragent]" => "[zeek_http][user_agent]" } }
-      ruby {
-        id => "ruby_zeek_http_useragentCnt"
-        code => "event.set('[http][useragentCnt]', event.get('[http][useragent]').length)"
-      }
+      mutate { id => "mutate_add_field_http_useragentCnt"
+               add_field => { "[http][useragentCnt]" => "1" } }
     }
 
     if ([zeek_http][orig_mime_types]) {
       mutate { id => "mutate_merge_zeek_http_orig_mime_types"
-               merge => { "[@metadata][mime_types]" => "[zeek_http][orig_mime_types]" } }
+               merge => { "[http][bodyMagic]" => "[zeek_http][orig_mime_types]" } }
     }
 
     if ([zeek_http][resp_mime_types]) {
       mutate { id => "mutate_merge_zeek_http_resp_mime_types"
-               merge => { "[@metadata][mime_types]" => "[zeek_http][resp_mime_types]" } }
+               merge => { "[http][bodyMagic]" => "[zeek_http][resp_mime_types]" } }
     }
 
-    if ([@metadata][mime_types]) {
-      mutate { id => "mutate_merge_zeek_http_bodyMagic"
-               merge => { "[http][bodyMagic]" => "[@metadata][mime_types]" } }
+    if ([http][bodyMagic]) {
       ruby {
         id => "ruby_zeek_http_bodyMagicCnt"
-        code => "event.set('[http][bodyMagicCnt]', event.get('[@metadata][mime_types]').length)"
+        code => "event.set('[http][bodyMagicCnt]', event.get('[http][bodyMagic]').length)"
       }
-      # collect all mime types under the parent [zeek][filetype] array
-      mutate { id => "mutate_merge_zeek_http_filetype"
-               merge => { "[zeek][filetype]" => "[@metadata][mime_types]" } }
     }
 
     if ([zeek_http][version]) {
       mutate { id => "mutate_merge_zeek_http_clientVersion"
                merge => { "[http][clientVersion]" => "[zeek_http][version]" } }
-      ruby {
-        id => "ruby_zeek_http_clientVersionCnt"
-        code => "event.set('[http][clientVersionCnt]', event.get('[http][clientVersion]').length)"
-      }
+      mutate { id => "mutate_add_field_http_clientVersion"
+               add_field => { "[http][clientVersionCnt]" => "1" } }
     }
 
     if ([zeek_http][status_code]) {
       mutate { id => "mutate_merge_zeek_http_statuscode"
                merge => { "[http][statuscode]" => "[zeek_http][status_code]" } }
-      ruby {
-        id => "ruby_zeek_http_statuscodeCnt"
-        code => "event.set('[http][statuscodeCnt]', event.get('[http][statuscode]').length)"
-      }
+      mutate { id => "mutate_add_field_http_statuscodeCnt"
+               add_field => { "[http][statuscodeCnt]" => "1" } }
     }
 
     if ([zeek_http][method]) {
       mutate { id => "mutate_merge_zeek_http_method"
                merge => { "[http][method]" => "[zeek_http][method]" } }
-      ruby {
-        id => "ruby_zeek_http_methodCnt"
-        code => "event.set('[http][methodCnt]', event.get('[http][method]').length)"
-      }
+      mutate { id => "mutate_add_field_http_methodCnt"
+               add_field => { "[http][methodCnt]" => "1" } }
     }
 
     ruby {
@@ -2968,77 +2957,34 @@ filter {
       code => "event.set('[totDataBytes]', event.get('[zeek_http][response_body_len]').to_i + event.get('[zeek_http][request_body_len]').to_i)"
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_http][orig_fuids]) { mutate { id => "mutate_merge_zeek_http_orig_fuids_to_fuid"
-                                           merge => { "[zeek][fuid]" => "[zeek_http][orig_fuids]" } } }
-    if ([zeek_http][resp_fuids]) { mutate { id => "mutate_merge_zeek_resp_fuids_to_fuid"
-                                           merge => { "[zeek][fuid]" => "[zeek_http][resp_fuids]" } } }
-
-    # collect all filenames under the parent [zeek][filename] array
-    if ([zeek_http][orig_filenames]) { mutate { id => "mutate_merge_zeek_http_orig_filenames_to_filename"
-                                               merge => { "[zeek][filename]" => "[zeek_http][orig_filenames]" } } }
-    if ([zeek_http][resp_filenames]) { mutate { id => "mutate_merge_zeek_http_resp_filenames_to_filename"
-                                               merge => { "[zeek][filename]" => "[zeek_http][resp_filenames]" } } }
-
 
   } else if ([source] == "irc") {
     #############################################################################################################################
     # irc.log specific logic
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_irc][fuid]) {
-      mutate { id => "mutate_split_zeek_irc_fuid"
-               split => { "[zeek_irc][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_irc_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_irc][fuid]" } }
-    }
-
-    # collect all filenames under the parent [zeek][filename] array
-    if ([zeek_irc][dcc_file_name]) { mutate { id => "mutate_merge_zeek_irc_filename"
-                                             merge => { "[zeek][filename]" => "[zeek_irc][dcc_file_name]" } } }
-
-    # collect all mime types under the parent [zeek][filetype] array
-    if ([zeek_irc][dcc_mime_type]) { mutate { id => "mutate_merge_zeek_irc_filetype"
-                                             merge => { "[zeek][filetype]" => "[zeek_irc][dcc_mime_type]" } } }
-
     if ([zeek_irc][nick]) {
       mutate { id => "mutate_merge_zeek_irc_nick"
                merge => { "[irc][nick]" => "[zeek_irc][nick]" } }
-      ruby {
-        id => "ruby_zeek_irc_nickCnt"
-        code => "event.set('[irc][nickCnt]', event.get('[irc][nick]').length)"
-      }
+      mutate { id => "mutate_add_field_irc_nickCnt"
+               add_field => { "[irc][nickCnt]" => "1" } }
+      # store "nick" alongside "user"
+      mutate { id => "mutate_merge_irc_nick_user"
+               merge => { "[zeek][user]" => "[zeek_irc][nick]" } }
     }
 
     if ([zeek_irc][command]) and ([zeek_irc][value]) and (([zeek_irc][command] == "JOIN") or ([zeek_irc][command] == "PART")) {
       mutate { id => "mutate_merge_zeek_irc_channel"
                merge => { "[irc][channel]" => "[zeek_irc][value]" } }
-      ruby {
-        id => "ruby_zeek_irc_channelCnt"
-        code => "event.set('[irc][channelCnt]', event.get('[irc][channel]').length)"
-      }
+      mutate { id => "mutate_add_field_irc_channelCnt"
+               add_field => { "[irc][channelCnt]" => "1" } }
     }
 
   } else if ([source] == "intel") {
     #############################################################################################################################
     # intel.log specific logic
 
-    if ([zeek_intel][sources]) {
-      mutate { id => "mutate_split_zeek_intel_sources"
-               split => { "[zeek_intel][sources]" => "," } }
-    }
-
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_intel][fuid]) {
-      mutate { id => "mutate_split_zeek_intel_fuid"
-               split => { "[zeek_intel][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_intel_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_intel][fuid]" } }
-    }
-
-    # collect all mime types under the parent [zeek][filetype] array
-    if ([zeek_intel][file_mime_type]) { mutate { id => "mutate_merge_zeek_intel_filetype"
-                                                merge => { "[zeek][filetype]" => "[zeek_intel][file_mime_type]" } } }
+    if ([zeek_intel][sources]) { mutate { id => "mutate_split_zeek_intel_sources"
+                                          split => { "[zeek_intel][sources]" => "," } } }
 
 
   } else if ([source] == "kerberos") {
@@ -3048,19 +2994,15 @@ filter {
     if ([zeek_kerberos][cname]) {
       mutate { id => "mutate_merge_zeek_kerberos_cname"
                merge => { "[krb5][cname]" => "[zeek_kerberos][cname]" } }
-      ruby {
-        id => "ruby_zeek_kerberos_cnameCnt"
-        code => "event.set('[krb5][cnameCnt]', event.get('[krb5][cname]').length)"
-      }
+      mutate { id => "mutate_add_field_kerberos_cnameCnt"
+               add_field => { "[krb5][cnameCnt]" => "1" } }
     }
 
     if ([zeek_kerberos][sname]) {
       mutate { id => "mutate_merge_zeek_kerberos_sname"
                merge => { "[krb5][sname]" => "[zeek_kerberos][sname]" } }
-      ruby {
-        id => "ruby_zeek_kerberos_snameCnt"
-        code => "event.set('[krb5][snameCnt]', event.get('[krb5][sname]').length)"
-      }
+      mutate { id => "mutate_add_field_kerberos_snameCnt"
+               add_field => { "[krb5][snameCnt]" => "1" } }
     }
 
     if ([zeek_kerberos][from]) {
@@ -3070,7 +3012,7 @@ filter {
         target => "[@metadata][krb_time_from]"
       }
       if ([@metadata][krb_time_from]) { mutate { id => "mutate_replace_zeek_kerberos_from"
-                                          replace => { "[zeek_kerberos][from]" => "%{[@metadata][krb_time_from]}" } } }
+                                                 replace => { "[zeek_kerberos][from]" => "%{[@metadata][krb_time_from]}" } } }
     }
     if ([zeek_kerberos][till]) {
       date {
@@ -3082,23 +3024,11 @@ filter {
                                           replace => { "[zeek_kerberos][till]" => "%{[@metadata][krb_time_till]}" } } }
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_kerberos][client_cert_fuid]) {
-      mutate { id => "mutate_split_zeek_kerberos_client_cert_fuid"
-               split => { "[zeek_kerberos][client_cert_fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_kerberos_client_cert_fuid"
-               merge => { "[@metadata][cert_fuids]" => "[zeek_kerberos][client_cert_fuid]" } }
-    }
-    if ([zeek_kerberos][server_cert_fuid]) {
-      mutate { id => "mutate_split_zeek_kerberos_server_cert_fuid"
-               split => { "[zeek_kerberos][server_cert_fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_kerberos_server_cert_fuid"
-               merge => { "[@metadata][cert_fuids]" => "[zeek_kerberos][server_cert_fuid]" } }
-    }
-    if ([@metadata][cert_fuids]) {
-      mutate { id => "mutate_merge_zeek_kerberos_fuids_to_fuid"
-               merge => { "[zeek][fuid]" => "[@metadata][cert_fuids]" } }
-    }
+    if ([zeek_kerberos][client_cert_fuid]) { mutate { id => "mutate_split_zeek_kerberos_client_cert_fuid"
+                                                      split => { "[zeek_kerberos][client_cert_fuid]" => "," } } }
+
+    if ([zeek_kerberos][server_cert_fuid]) { mutate { id => "mutate_split_zeek_kerberos_server_cert_fuid"
+                                                      split => { "[zeek_kerberos][server_cert_fuid]" => "," } } }
 
   } else if ([source] == "ldap") {
     #############################################################################################################################
@@ -3119,39 +3049,18 @@ filter {
       }
     }
 
-    mutate {
-      id => "mutate_zeek_ldap_convert"
-      convert => {
-        "[zeek_ldap][message_id]" => "integer"
-        "[zeek_ldap][result_code]" => "integer"
-      }
-    }
-
-  } else if ([source] == "modbus_register_change") {
-    #############################################################################################################################
-    # modbus_register_change.log specific logic
-
-    mutate {
-      id => "mutate_zeek_modbus_register_change_convert"
-      convert => {
-        "[zeek_modbus_register_change][register]" => "integer"
-        "[zeek_modbus_register_change][old_val]" => "integer"
-        "[zeek_modbus_register_change][new_val]" => "integer"
-        "[zeek_modbus_register_change][delta]" => "float"
-      }
-    }
-
   } else if ([source] == "mqtt_publish") {
     #############################################################################################################################
     # mqtt_publish.log specific logic
 
-    mutate {
-      id => "mutate_zeek_mqtt_publish_convert_payload_len"
-      convert => {
-        "[zeek_mqtt_publish][payload_len]" => "integer"
-      }
+    # MQTT payload *may* be JSON, or it may not
+    json {
+      skip_on_invalid_json => true
+      source => "[zeek_mqtt_publish][payload]"
+      target => "[zeek_mqtt_publish][payload_dict]"
     }
 
+
   } else if ([source] == "mqtt_subscribe") {
     #############################################################################################################################
     # mqtt_subscribe.log specific logic
@@ -3160,30 +3069,46 @@ filter {
              split => { "[zeek_mqtt_subscribe][topics]" => ","
                         "[zeek_mqtt_subscribe][qos_levels]" => "," } }
 
-    mutate {
-      id => "mutate_zeek_mqtt_subscribe_convert_field"
-      convert => {
-        "[zeek_mqtt_subscribe][qos_levels]" => "integer"
-        "[zeek_mqtt_subscribe][granted_qos_level]" => "integer"
-      }
-    }
-
   } else if ([source] == "notice") {
     #############################################################################################################################
     # notice.log specific logic
     mutate { id => "mutate_split_zeek_notice_actions"
              split => { "[zeek_notice][actions]" => "," } }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_notice][fuid]) {
-      mutate { id => "mutate_split_zeek_notice_fuid"
-               split => { "[zeek_notice][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_notice_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_notice][fuid]" } }
+    # split "Category::Subcategory" into two different fields
+    ruby {
+      id => "ruby_zeek_notice_category_extract"
+      code => "
+        if (noticeNote = event.get('[zeek_notice][note]')) and (noticeParts = noticeNote.split('::')) then
+          if (noticeParts.length >= 2) then
+            event.set('[zeek_notice][category]', noticeParts[0])
+            event.set('[zeek_notice][sub_category]', noticeParts[1])
+          elsif (noticeParts.length == 1) then
+            event.set('[zeek_notice][category]', noticeParts[0])
+          end
+        end"
+    }
+
+    if ([zeek_notice][category] == "ATTACK") and ([zeek_notice][msg] =~ /(from|against|to)\s+host/) {
+      # ATTACK::Discovery - Detected activity from host 192.168.199.133, total attempts 5 within timeframe 5.0 mins
+      # but no IP addresses set :(
+      if (![srcIp]) {
+        grok {
+          id => "grok_zeek_notice_attack_src_hosts"
+          match => { "[zeek_notice][msg]" => [ "from%{SPACE}host%{SPACE}%{DATA:[srcIp]}%{SPACE}($|[^\d:\.\w-]+)" ] }
+        }
+        if ([srcIp]) { mutate { id => "mutate_add_field_zeek_orig_h_attack"
+                                add_field => { "[zeek][orig_h]"   => "%{[srcIp]}" } } }
+      }
+      if (![dstIp]) {
+        grok {
+          id => "grok_zeek_notice_attack_dst_hosts"
+          match => { "[zeek_notice][msg]" => [ "(against|to)%{SPACE}host%{SPACE}%{DATA:[dstIp]}%{SPACE}($|[^\d:\.\w-]+)" ] }
+        }
+        if ([dstIp]) { mutate { id => "mutate_add_field_zeek_resp_h_attack"
+                                add_field => { "[zeek][resp_h]"   => "%{[dstIp]}" } } }
+      }
     }
-    # collect all mime types under the parent [zeek][filetype] array
-    if ([zeek_notice][file_mime_type]) { mutate { id => "mutate_merge_zeek_notice_filetype"
-                                                 merge => { "[zeek][filetype]" => "[zeek_notice][file_mime_type]" } } }
 
   } else if ([source] == "ntp") {
     #############################################################################################################################
@@ -3266,20 +3191,6 @@ filter {
       }
     }
 
-    # convert various data types
-    mutate {
-      id => "mutate_convert_zeek_ntp"
-      convert => {
-        "[zeek_ntp][mode]" => "integer"
-        "[zeek_ntp][num_exts]" => "float"
-        "[zeek_ntp][poll]" => "float"
-        "[zeek_ntp][precision]" => "float"
-        "[zeek_ntp][root_delay]" => "float"
-        "[zeek_ntp][root_disp]" => "float"
-        "[zeek_ntp][version]" => "integer"
-      }
-    }
-
   } else if ([source] == "pe") {
     #############################################################################################################################
     # pe.log specific logic
@@ -3287,7 +3198,6 @@ filter {
     mutate { id => "mutate_split_zeek_pe_section_names"
              split => { "[zeek_pe][section_names]" => "," } }
 
-
     if ([zeek_pe][compile_ts]) {
      if ([zeek_pe][compile_ts] == "0.000000") {
        mutate {
@@ -3303,14 +3213,6 @@ filter {
       }
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_pe][fuid]) {
-      mutate { id => "mutate_split_zeek_pe_fuid"
-               split => { "[zeek_pe][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_pe_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_pe][fuid]" } }
-    }
-
   } else if ([source] == "radius") {
     #############################################################################################################################
     # radius.log specific logic
@@ -3321,27 +3223,25 @@ filter {
     if ([zeek_radius][framed_addr]) {
       mutate { id => "mutate_merge_zeek_radius_framed_addr"
                merge => { "[radius][framedIp]" => "[zeek_radius][framed_addr]" } }
-      ruby {
-        id => "ruby_zeek_radius_framedIpCnt"
-        code => "event.set('[radius][framedIpCnt]', event.get('[radius][framedIp]').length)"
-      }
+      mutate { id => "mutate_add_field_radius_framedIpCnt"
+               add_field => { "[radius][framedIpCnt]" => "1" } }
     }
 
     if ([zeek_radius][tunnel_client]) {
       mutate { id => "mutate_merge_zeek_radius_tunnel_client"
                merge => { "[radius][endpointIp]" => "[zeek_radius][tunnel_client]" } }
-      ruby {
-        id => "ruby_zeek_radius_endpointIpCnt"
-        code => "event.set('[radius][endpointIpCnt]', event.get('[radius][endpointIp]').length)"
-      }
+      mutate { id => "mutate_add_field_radius_endpointIpCnt"
+               add_field => { "[radius][endpointIpCnt]" => "1" } }
     }
 
     if ([zeek_radius][mac]) {
       mutate { id => "mutate_merge_zeek_radius_mac"
                merge => { "[radius][mac]" => "[zeek_radius][mac]" } }
-      ruby {
-        id => "ruby_zeek_radius_macCnt"
-        code => "event.set('[radius][macCnt]', event.get('[radius][mac]').length)"
+      mutate { id => "mutate_add_field_radius_macCnt"
+               add_field => { "[radius][macCnt]" => "1" } }
+      if (![zeek][orig_l2_addr]) {
+        mutate { id => "mutate_merge_zeek_radius_zeek_mac"
+                 merge => { "[zeek][orig_l2_addr]" => "[zeek_radius][mac]" } }
       }
     }
 
@@ -3352,6 +3252,7 @@ filter {
     mutate { id => "mutate_split_zeek_rdp_client_channels"
              split => { "[zeek_rdp][client_channels]" => "," } }
 
+
   } else if ([source] == "s7comm") {
     #############################################################################################################################
     # s7comm.log specific logic
@@ -3378,13 +3279,6 @@ filter {
                split => { "[zeek_s7comm][data_info]" => "," } }
     }
 
-    mutate {
-      id => "mutate_convert_zeek_s7comm_item_count"
-      convert => {
-        "[zeek_s7comm][item_count]" => "integer"
-      }
-    }
-
   } else if ([source] == "signatures") {
     #############################################################################################################################
     # signatures.log specific logic
@@ -3392,12 +3286,12 @@ filter {
     if ("_carved" in [tags]) {
       # Malcolm does some "special" stuff in zeek_carve_logger.py for file carving, sort of hijacking signatures.log for it
 
+      # sub_message contains fuid(s) comma-separated
       if ([zeek_signatures][sub_message]) {
-        # sub_message contains fuid(s) comma-separated
         mutate { id => "mutate_split_zeek_signatures_sub_message"
                  split => { "[zeek_signatures][sub_message]" => "," } }
-        mutate { id => "mutate_merge_zeek_signatures_fuid"
-                 merge => { "[zeek][fuid]" => "[zeek_signatures][sub_message]" } }
+        mutate { id => "mutate_rename_zeek_signatures_sub_message"
+                 rename => { "[zeek_signatures][sub_message]" => "[zeek][fuid]" } }
       }
 
       if ([zeek_signatures][event_message]) {
@@ -3426,131 +3320,155 @@ filter {
 
     } # _carved
 
-    # signature_count is the number of hits
-    if ([zeek_signatures][signature_count]) {
-      mutate {
-        id => "mutate_convert_zeek_signatures_signature_count"
-        convert => {
-          "[zeek_signatures][signature_count]" => "integer"
-        }
-      }
-    }
-
-    # signature_count is the number of engines which scanned the file
-    if ([zeek_signatures][host_count]) {
-      mutate {
-        id => "mutate_convert_zeek_signatures_host_count"
-        convert => {
-          "[zeek_signatures][host_count]" => "integer"
-        }
-      }
-    }
-
   } else if ([source] == "sip") {
     #############################################################################################################################
     # sip.log specific logic
 
+    ruby {
+      id => "ruby_zeek_field_zeek_sip_version"
+      code => '
+      versions = Array.new
+      paths = [event.get("[zeek_sip][request_path]"), event.get("[zeek_sip][response_path]")].compact.join(",")
+      paths.scan(/\bSIP:?\/([\d\.]+)/i) { |match| versions << match[0] }
+      event.set("[zeek_sip][version]", versions.uniq)'
+    }
+
     mutate { id => "mutate_split_zeek_sip_request_path"
              split => { "[zeek_sip][request_path]" => "," } }
+
     mutate { id => "mutate_split_zeek_sip_response_path"
              split => { "[zeek_sip][response_path]" => "," } }
 
-  } else if ([source] == "smb_files") {
+
+  } else if ([source] == "smb_cmd") or ([source] == "smb_files") {
     #############################################################################################################################
-    # smb_files.log specific logic
-
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_smb_files][fuid]) {
-      mutate { id => "mutate_split_zeek_smb_files_fuid"
-               split => { "[zeek_smb_files][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_smb_files_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_smb_files][fuid]" } }
-    }
-    # collect all filenames under the parent [zeek][filename] array
-    if ([zeek_smb_files][name]) { mutate { id => "mutate_merge_zeek_smb_files_name_to_filename"
-                                          merge => { "[zeek][filename]" => "[zeek_smb_files][name]" } } }
-    if ([zeek_smb_files][prev_name]) { mutate { id => "mutate_merge_zeek_smb_files_prev_name_to_filename"
-                                               merge => { "[zeek][filename]" => "[zeek_smb_files][prev_name]" } } }
-
-    if ([zeek][filename]) {
-      mutate { id => "mutate_merge_zeek_smb_files_filename"
-               merge => { "[smb][filename]" => "[zeek][filename]" } }
-      ruby {
-        id => "ruby_zeek_smb_files_filenameCnt"
-        code => "event.set('[smb][filenameCnt]', event.get('[smb][filename]').length)"
-      }
-    }
+    # smb_cmd.log and smb_files.log specific logic
+    # note that smb_cmd.referenced_file is exactly the same structure as the log line for smb_files, which is why I've combined
+    # the logic here to avoid duplication
 
-    if ([zeek_smb_files][path]) {
-      grok {
-        id => "grok_zeek_smb_files_path"
-        match => { "[zeek_smb_files][path]" => [ "^%{SPACE}[\\\/]+%{DATA:[@metadata][smb_host]}[\\\/]+%{DATA:[@metadata][smb_share]}(?:[\\\/]+%{GREEDYDATA:[@metadata][smb_path]})?$" ] }
-      }
-      if ([@metadata][smb_host]) {
-        mutate { id => "mutate_merge_zeek_smb_files_host"
-                 merge => { "[smb][host]" => "[@metadata][smb_host]" } }
+    if ([zeek_smb_cmd]) {
+
+      if ([zeek_smb_cmd][referenced_file]) {
+
+        # move "up" referenced_file to its own smb_files top-level entity
+        mutate {
+          id => "mutate_rename_zeek_zeek_smb_cmd_referenced_file"
+          rename => { "[zeek_smb_cmd][referenced_file]" => "[zeek_smb_files]" }
+        }
+
+        # remove unset (-) or "(empty)" referenced_file (now zeek_smb_files) subfield values
         ruby {
-          id => "ruby_zeek_smb_files_hostCnt"
-          code => "event.set('[smb][hostCnt]', event.get('[smb][host]').length)"
+          id => "ruby_zeek_remove_empty_smb_cmd_referenced_file_values"
+          code => "
+            fieldsHash = event.get('[zeek_smb_files]').to_hash
+            fieldsHash.delete_if{|_,v| ((v == nil) or (v == '') or (v == '-') or (v == '(empty)'))}
+            event.set('[zeek_smb_files]', fieldsHash)
+          "
         }
-      }
-      if ([@metadata][smb_share]) {
-        mutate { id => "mutate_merge_zeek_smb_files_share"
-                 merge => { "[smb][share]" => "[@metadata][smb_share]" } }
+
+        # collect referenced file FUID(s) at parent level (here rather than in 12_zeek_normalize.conf because
+        # this would have already been done as a root-level fuid array in the main "rename" above if we
+        # had not had to move it up a level just now)
+        if ([zeek_smb_files][fuid]) {
+          mutate { id => "mutate_merge_zeek_smb_files_fuid"
+                   merge => { "[zeek][fuid]" => "[zeek_smb_files][fuid]" } }
+          mutate { id => "mutate_remove_zeek_smb_files_fuid"
+                   remove_field => [ "[zeek_smb_files][fuid]" ] }
+        }
+
+        if ([zeek_smb_files][action]) { mutate { id => "mutate_gsub_zeek_smb_cmd_referenced_file_action"
+                                                 gsub => [ "[zeek_smb_files][action]", "^SMB::", "" ] } }
+
+        # this timestamp conversion would have happened originally had this been its own line from smb_files
+        if ([zeek_smb_files][ts]) {
+          # convert @timestamp to UNIX to use native kibana features
+          date {
+            id => "date_zeek_smb_files_ts"
+            match => [ "[zeek_smb_files][ts]", "UNIX" ]
+            target => "[@metadata][zeek_smb_files_ts]"
+          }
+          mutate { id => "mutate_replace_zeek_smb_files_ts"
+                   replace => { "[zeek_smb_files][ts]" => "%{[@metadata][zeek_smb_files_ts]}" } }
+        } # if ([zeek_smb_files][ts])
+
+      } # if ([zeek_smb_cmd][referenced_file])
+
+    } # if ([zeek_smb_cmd])
+
+    # this should now apply to either lines from smb_files.log or smb_cmd.referenced_file
+    if ([zeek_smb_files]) {
+
+      if ([zeek_smb_files][name]) { mutate { id => "mutate_merge_zeek_smb_files_name_to_filename"
+                                            merge => { "[smb][filename]" => "[zeek_smb_files][name]" } } }
+      if ([zeek_smb_files][prev_name]) { mutate { id => "mutate_merge_zeek_smb_files_prev_name_to_filename"
+                                                 merge => { "[smb][filename]" => "[zeek_smb_files][prev_name]" } } }
+      if ([smb][filename]) {
         ruby {
-          id => "ruby_zeek_smb_files_shareCnt"
-          code => "event.set('[smb][shareCnt]', event.get('[smb][share]').length)"
+          id => "ruby_zeek_smb_files_filenameCnt"
+          code => "event.set('[smb][filenameCnt]', event.get('[smb][filename]').length)"
         }
       }
-    }
 
-    # convert times to something more usable
-    if ([zeek_smb_files][times_modified]) {
-      date {
-        id => "date_zeek_smb_files_times_modified"
-        match => [ "[zeek_smb_files][times_modified]", "UNIX" ]
-        target => "[@metadata][smb_time_mod]"
+      if ([zeek_smb_files][path]) {
+        grok {
+          id => "grok_zeek_smb_files_path"
+          match => { "[zeek_smb_files][path]" => [ "^%{SPACE}[\\\/]+%{DATA:[@metadata][smb_host]}[\\\/]+%{DATA:[@metadata][smb_share]}(?:[\\\/]+%{GREEDYDATA:[@metadata][smb_path]})?$" ] }
+        }
+        if ([@metadata][smb_host]) {
+          mutate { id => "mutate_merge_zeek_smb_files_host"
+                   merge => { "[smb][host]" => "[@metadata][smb_host]" } }
+          mutate { id => "mutate_add_field_smb_hostCnt"
+                   add_field => { "[smb][hostCnt]" => "1" } }
+        }
+        if ([@metadata][smb_share]) {
+          mutate { id => "mutate_merge_zeek_smb_files_share"
+                   merge => { "[smb][share]" => "[@metadata][smb_share]" } }
+          ruby {
+            id => "ruby_zeek_smb_files_shareCnt"
+            code => "event.set('[smb][shareCnt]', event.get('[smb][share]').length)"
+          }
+        }
       }
-      if ([@metadata][smb_time_mod]) { mutate { id => "mutate_replace_zeek_smb_files_times_modified"
-                                         replace => { "[zeek_smb_files][times_modified]" => "%{[@metadata][smb_time_mod]}" } } }
-    }
-    if ([zeek_smb_files][times_accessed]) {
-      date {
-        id => "date_zeek_smb_files_times_accessed"
-        match => [ "[zeek_smb_files][times_accessed]", "UNIX" ]
-        target => "[@metadata][smb_time_acc]"
+
+      # convert times to something more usable
+      if ([zeek_smb_files][times_modified]) {
+        date {
+          id => "date_zeek_smb_files_times_modified"
+          match => [ "[zeek_smb_files][times_modified]", "UNIX" ]
+          target => "[@metadata][smb_time_mod]"
+        }
+        if ([@metadata][smb_time_mod]) { mutate { id => "mutate_replace_zeek_smb_files_times_modified"
+                                           replace => { "[zeek_smb_files][times_modified]" => "%{[@metadata][smb_time_mod]}" } } }
       }
-      if ([@metadata][smb_time_acc]) { mutate { id => "mutate_replace_zeek_smb_files_times_accessed"
-                                         replace => { "[zeek_smb_files][times_accessed]" => "%{[@metadata][smb_time_acc]}" } } }
-    }
-    if ([zeek_smb_files][times_created]) {
-      date {
-        id => "date_zeek_smb_files_times_created"
-        match => [ "[zeek_smb_files][times_created]", "UNIX" ]
-        target => "[@metadata][smb_time_cre]"
+      if ([zeek_smb_files][times_accessed]) {
+        date {
+          id => "date_zeek_smb_files_times_accessed"
+          match => [ "[zeek_smb_files][times_accessed]", "UNIX" ]
+          target => "[@metadata][smb_time_acc]"
+        }
+        if ([@metadata][smb_time_acc]) { mutate { id => "mutate_replace_zeek_smb_files_times_accessed"
+                                           replace => { "[zeek_smb_files][times_accessed]" => "%{[@metadata][smb_time_acc]}" } } }
       }
-      if ([@metadata][smb_time_cre]) { mutate { id => "mutate_replace_zeek_smb_files_times_created"
-                                         replace => { "[zeek_smb_files][times_created]" => "%{[@metadata][smb_time_cre]}" } } }
-    }
-    if ([zeek_smb_files][times_changed]) {
-      date {
-        id => "date_zeek_smb_files_times_changed"
-        match => [ "[zeek_smb_files][times_changed]", "UNIX" ]
-        target => "[@metadata][smb_time_cha]"
+      if ([zeek_smb_files][times_created]) {
+        date {
+          id => "date_zeek_smb_files_times_created"
+          match => [ "[zeek_smb_files][times_created]", "UNIX" ]
+          target => "[@metadata][smb_time_cre]"
+        }
+        if ([@metadata][smb_time_cre]) { mutate { id => "mutate_replace_zeek_smb_files_times_created"
+                                           replace => { "[zeek_smb_files][times_created]" => "%{[@metadata][smb_time_cre]}" } } }
       }
-      if ([@metadata][smb_time_cha]) { mutate { id => "mutate_replace_zeek_smb_files_times_changed"
-                                         replace => { "[zeek_smb_files][times_changed]" => "%{[@metadata][smb_time_cha]}" } } }
-    }
-
-    mutate {
-      id => "mutate_zeek_smb_files_convert"
-      convert => {
-        "[zeek_smb_files][data_offset_req]" => "integer"
-        "[zeek_smb_files][data_len_req]" => "integer"
-        "[zeek_smb_files][data_len_rsp]" => "integer"
-
+      if ([zeek_smb_files][times_changed]) {
+        date {
+          id => "date_zeek_smb_files_times_changed"
+          match => [ "[zeek_smb_files][times_changed]", "UNIX" ]
+          target => "[@metadata][smb_time_cha]"
+        }
+        if ([@metadata][smb_time_cha]) { mutate { id => "mutate_replace_zeek_smb_files_times_changed"
+                                           replace => { "[zeek_smb_files][times_changed]" => "%{[@metadata][smb_time_cha]}" } } }
       }
-    }
+
+    } # if ([zeek_smb_files])
 
   } else if ([source] == "smb_mapping") {
     #############################################################################################################################
@@ -3560,10 +3478,6 @@ filter {
       # todo: figure out how to replace \\ -> \
       mutate { id => "mutate_merge_zeek_smb_mapping_share"
                merge => { "[smb][share]" => "[zeek_smb_mapping][path]" } }
-      ruby {
-        id => "ruby_zeek_smb_mapping_shareCnt_orig"
-        code => "event.set('[smb][shareCnt]', event.get('[smb][share]').length)"
-      }
     }
 
     if ([zeek_smb_mapping][path]) {
@@ -3574,18 +3488,19 @@ filter {
       if ([@metadata][smb_host]) {
         mutate { id => "mutate_merge_zeek_smb_mapping_host"
                  merge => { "[smb][host]" => "[@metadata][smb_host]" } }
-        ruby {
-          id => "ruby_zeek_smb_mapping_hostCnt"
-          code => "event.set('[smb][hostCnt]', event.get('[smb][host]').length)"
-        }
+        mutate { id => "mutate_add_field_smb_mapping_hostCnt"
+                 add_field => { "[smb][hostCnt]" => "1" } }
       }
       if ([@metadata][smb_share]) {
         mutate { id => "mutate_merge_zeek_smb_mapping_share_from_path"
                  merge => { "[smb][share]" => "[@metadata][smb_share]" } }
-        ruby {
-          id => "ruby_zeek_smb_mapping_shareCnt"
-          code => "event.set('[smb][shareCnt]', event.get('[smb][share]').length)"
-        }
+      }
+    }
+
+    if ([smb][share]) {
+      ruby {
+        id => "ruby_zeek_smb_mapping_shareCnt"
+        code => "event.set('[smb][shareCnt]', event.get('[smb][share]').length)"
       }
     }
 
@@ -3602,21 +3517,11 @@ filter {
     mutate { id => "mutate_split_zeek_smtp_path"
              split => { "[zeek_smtp][path]" => "," } }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_smtp][fuids]) {
-      mutate { id => "mutate_split_zeek_smtp_fuids"
-               split => { "[zeek_smtp][fuids]" => "," } }
-      mutate { id => "mutate_merge_zeek_smtp_fuids"
-               merge => { "[zeek][fuid]" => "[zeek_smtp][fuids]" } }
-    }
-
     if ([zeek_smtp][user_agent]) {
       mutate { id => "mutate_merge_zeek_smtp_user_agent"
                merge => { "[email][useragent]" => "[zeek_smtp][user_agent]" } }
-      ruby {
-        id => "ruby_zeek_smtp_useragentCnt"
-        code => "event.set('[email][useragentCnt]', event.get('[email][useragent]').length)"
-      }
+      mutate { id => "mutate_add_field_email_useragentCnt"
+               add_field => { "[email][useragentCnt]" => "1" } }
     }
 
     if ([zeek_smtp][from]) { mutate { id => "mutate_merge_zeek_smtp_from"
@@ -3660,10 +3565,8 @@ filter {
     if ([zeek_smtp][subject]) {
       mutate { id => "mutate_merge_zeek_smtp_subject"
                merge => { "[email][subject]" => "[zeek_smtp][subject]" } }
-      ruby {
-        id => "ruby_zeek_smtp_subjectCnt"
-        code => "event.set('[email][subjectCnt]', event.get('[email][subject]').length)"
-      }
+      mutate { id => "mutate_add_field_email_subjectCnt"
+               add_field => { "[email][subjectCnt]" => "1" } }
     }
 
     if ([zeek_smtp][msg_id]) {
@@ -3704,19 +3607,16 @@ filter {
     # ssh.log specific logic
 
     if ([zeek_ssh][server]) { mutate { id => "mutate_merge_zeek_ssh_server_version"
-                                      merge => { "[ssh][version]" => "[zeek_ssh][server]" } } }
+                                       merge => { "[ssh][version]" => "[zeek_ssh][server]" } } }
+
     if ([zeek_ssh][client]) { mutate { id => "mutate_merge_zeek_client_version"
-                                      merge => { "[ssh][version]" => "[zeek_ssh][client]" } } }
-    if (![ssh][version]) and ([zeek_ssh][version]) {
-      mutate { id => "mutate_merge_zeek_ssh_version"
-               merge => { "[ssh][version]" => "[zeek_ssh][version]" } }
-    }
-    if ([ssh][version]) {
-      ruby {
-        id => "ruby_zeek_ssh_versionCnt"
-        code => "event.set('[ssh][versionCnt]', event.get('[ssh][version]').length)"
-      }
-    }
+                                       merge => { "[ssh][version]" => "[zeek_ssh][client]" } } }
+
+    if (![ssh][version]) and ([zeek_ssh][version]) { mutate { id => "mutate_merge_zeek_ssh_version"
+                                                              merge => { "[ssh][version]" => "[zeek_ssh][version]" } } }
+
+    if ([ssh][version]) { mutate { id => "mutate_add_field_ssh_versionCnt"
+                                   add_field => { "[ssh][versionCnt]" => "1" } } }
 
     if ([zeek_ssh][host_key] and [zeek_ssh][host_key_alg]) {
       # this is stupid, the %{} doesn't seem to be liked by mutate.merge
@@ -3724,38 +3624,24 @@ filter {
                add_field => { "[@metadata][ssh_key_str]" => "%{[zeek_ssh][host_key_alg]} %{[zeek_ssh][host_key]}" } }
       mutate { id => "mutate_merge_zeek_ssh_key"
                merge => { "[ssh][key]" => "[@metadata][ssh_key_str]" } }
-      ruby {
-        id => "ruby_zeek_ssh_keyCnt"
-        code => "event.set('[ssh][keyCnt]', event.get('[ssh][key]').length)"
-      }
+      mutate { id => "mutate_add_field_ssh_keyCnt"
+               add_field => { "[ssh][keyCnt]" => "1" } }
     }
 
     # HASSH stuff (see https://github.com/salesforce/hassh/tree/master/bro)
 
     if ([zeek_ssh][hassh]) {
-      mutate {
-        id => "mutate_merge_zeek_ssh_hassh"
-        merge => {
-          "[ssh][hassh]" => "[zeek_ssh][hassh]"
-        }
-      }
-      mutate {
-        id => "mutate_add_field_zeek_ssh_hasshCnt"
-        add_field =>  { "[ssh][hasshCnt]" => "1" }
-      }
+      mutate { id => "mutate_merge_zeek_ssh_hassh"
+               merge => { "[ssh][hassh]" => "[zeek_ssh][hassh]" } }
+      mutate { id => "mutate_add_field_zeek_ssh_hasshCnt"
+               add_field =>  { "[ssh][hasshCnt]" => "1" } }
     }
 
     if ([zeek_ssh][hasshServer]) {
-      mutate {
-        id => "mutate_merge_zeek_ssh_hasshServer"
-        merge => {
-          "[ssh][hasshServer]" => "[zeek_ssh][hasshServer]"
-        }
-      }
-      mutate {
-        id => "mutate_add_field_zeek_ssh_hasshServerCnt"
-        add_field =>  { "[ssh][hasshServerCnt]" => "1" }
-      }
+      mutate { id => "mutate_merge_zeek_ssh_hasshServer"
+               merge => { "[ssh][hasshServer]" => "[zeek_ssh][hasshServer]" } }
+      mutate { id => "mutate_add_field_zeek_ssh_hasshServerCnt"
+               add_field =>  { "[ssh][hasshServerCnt]" => "1" } }
     }
 
     if ([zeek_ssh][hasshAlgorithms]) { mutate { id => "mutate_split_zeek_ssh_hasshAlgorithms"
@@ -3868,19 +3754,15 @@ filter {
     if ([zeek_ssl][ssl_version]) {
       mutate { id => "mutate_merge_zeek_ssl_version"
                merge => { "[tls][version]" => "[zeek_ssl][ssl_version]" } }
-      ruby {
-        id => "ruby_zeek_ssl_versionCnt"
-        code => "event.set('[tls][versionCnt]', event.get('[tls][version]').length)"
-      }
+      mutate { id => "mutate_add_field_ssl_versionCnt"
+               add_field => { "[tls][versionCnt]" => "1" } }
     }
 
     if ([zeek_ssl][cipher]) {
       mutate { id => "mutate_merge_zeek_ssl_cipher"
                merge => { "[tls][cipher]" => "[zeek_ssl][cipher]" } }
-      ruby {
-        id => "ruby_zeek_ssl_cipherCnt"
-        code => "event.set('[tls][cipherCnt]', event.get('[tls][cipher]').length)"
-      }
+      mutate { id => "mutate_add_field_ssl_cipherCnt"
+               add_field => { "[tls][cipherCnt]" => "1" } }
     }
 
     if ([zeek_ssl][ja3]) {
@@ -3897,23 +3779,11 @@ filter {
                add_field => { "[tls][ja3sCnt]" => "1" } }
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_ssl][cert_chain_fuids]) {
-      mutate { id => "mutate_split_zeek_ssl_cert_chain_fuids"
-               split => { "[zeek_ssl][cert_chain_fuids]" => "," } }
-      mutate { id => "mutate_merge_zeek_ssl_cert_chain_fuids"
-               merge => { "[@metadata][cert_fuids]" => "[cert_chain_fuids]" } }
-    }
-    if ([zeek_ssl][client_cert_chain_fuids]) {
-      mutate { id => "mutate_split_zeek_ssl_client_cert_chain_fuids"
-               split => { "[zeek_ssl][client_cert_chain_fuids]" => "," } }
-      mutate { id => "mutate_merge_zeek_ssl_client_cert_chain_fuids"
-               merge => { "[@metadata][cert_fuids]" => "[zeek_ssl][client_cert_chain_fuids]" } }
-    }
-    if ([@metadata][cert_fuids]) {
-      mutate { id => "mutate_merge_zeek_ssl_fuids_to_fuid"
-               merge => { "[zeek][fuid]" => "[@metadata][cert_fuids]" } }
-    }
+    if ([zeek_ssl][cert_chain_fuids]) { mutate { id => "mutate_split_zeek_ssl_cert_chain_fuids"
+                                                 split => { "[zeek_ssl][cert_chain_fuids]" => "," } } }
+
+    if ([zeek_ssl][client_cert_chain_fuids]) { mutate { id => "mutate_split_zeek_ssl_client_cert_chain_fuids"
+                                                        split => { "[zeek_ssl][client_cert_chain_fuids]" => "," } } }
 
   } else if ([source] == "tds_rpc") {
     #############################################################################################################################
@@ -4055,13 +3925,6 @@ filter {
       }
     }
 
-    # collect all FUIDs under the parent [zeek][fuid] array
-    if ([zeek_x509][fuid]) {
-      mutate { id => "mutate_split_zeek_x509_fuid"
-               split => { "[zeek_x509][fuid]" => "," } }
-      mutate { id => "mutate_merge_zeek_x509_fuid"
-               merge => { "[zeek][fuid]" => "[zeek_x509][fuid]" } }
-    }
 
   } # end if/else if/else for specific log type logic
   #######################################################################################################
@@ -4070,6 +3933,15 @@ filter {
   mutate { id => "mutate_rename_zeek_logType"
            rename => { "[source]" => "[zeek][logType]" } }
 
+  # kind of a unique case, smb_cmd can also be smb_files
+  if ([zeek][logType] == "smb_cmd") and ([zeek_smb_files]) {
+    # seriously I do not get how merge works, why can't I just merge the string literal?
+    mutate { id => "mutate_add_field_zeek_tmp_logtype"
+             add_field => { "[@metadata][tmpLogType]" => "smb_files" } }
+    mutate { id => "mutate_merge_zeek_smb_cmd_and_smb_files_logType"
+             merge => { "[zeek][logType]" => "[@metadata][tmpLogType]" } }
+  }
+
   # get counts for some arrays that each log type may contribute to individually
   if ([protocol]) {
     ruby {
@@ -4084,14 +3956,4 @@ filter {
     }
   }
 
-  # set data types for fields that belong to various zeek logs
-  mutate {
-    id => "mutate_convert_zeek_misc"
-    convert => {
-      "[zeek][fuidCnt]" => "integer"
-      "[zeek][filenameCnt]" => "integer"
-      "[zeek][filetypeCnt]" => "integer"
-    }
-  }
-
 } # end Filter
diff --git a/logstash/pipelines/zeek/12_zeek_normalize.conf b/logstash/pipelines/zeek/12_zeek_normalize.conf
new file mode 100644
index 000000000..0ea15f2a0
--- /dev/null
+++ b/logstash/pipelines/zeek/12_zeek_normalize.conf
@@ -0,0 +1,282 @@
+filter {
+
+  # Protocol/service version ##########################################################################################
+  # collect protocol version under the parent zeek.service_version array
+
+  if ([zeek_gquic][version])                    { mutate { id => "mutate_merge_normalize_zeek_gquic_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_gquic][version]" } } }
+
+  if ([zeek_http][version])                     { mutate { id => "mutate_merge_normalize_zeek_http_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_http][version]" } } }
+
+  if ([zeek_ntp][version])                      { mutate { id => "mutate_merge_normalize_zeek_ntp_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_ntp][version]" } } }
+
+  if ([zeek_profinet][block_version])           { mutate { id => "mutate_merge_normalize_zeek_profinet_block_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_profinet][block_version]" } } }
+
+  if ([zeek_profinet_dce_rpc][version])         { mutate { id => "mutate_merge_normalize_zeek_profinet_dce_rpc_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_profinet_dce_rpc][version]" } } }
+
+  if ([zeek_rfb]) {
+    ruby {
+      id => "ruby_zeek_field_zeek_service_version_rfb"
+      code => '
+        versions = Array.new
+        clientMajorVersion = event.get("[zeek_rfb][client_major_version]").sub!(/^0*/, "")
+        clientMinorVersion = event.get("[zeek_rfb][client_minor_version]").sub!(/^0*/, "")
+        serverMajorVersion = event.get("[zeek_rfb][server_major_version]").sub!(/^0*/, "")
+        serverMinorVersion = event.get("[zeek_rfb][server_minor_version]").sub!(/^0*/, "")
+        if clientMajorVersion then
+          versions << [clientMajorVersion, clientMinorVersion].join(".")
+        end
+        if serverMajorVersion then
+          versions << [serverMajorVersion, serverMinorVersion].join(".")
+        end
+        event.set("[zeek][service_version]", versions.uniq)'
+    }
+  }
+
+  if ([zeek_rdp][client_build])                 { mutate { id => "mutate_merge_normalize_zeek_rdp_client_build"
+                                                           merge => { "[zeek][service_version]" => "[zeek_rdp][client_build]" } } }
+
+  if ([zeek_sip][version])                      { mutate { id => "mutate_merge_normalize_zeek_sip_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_sip][version]" } } }
+
+  if ([zeek_smb_cmd][version])                  { mutate { id => "mutate_merge_normalize_zeek_smb_cmd_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_smb_cmd][version]" } } }
+
+  if ([zeek_snmp][version])                     { mutate { id => "mutate_merge_normalize_zeek_snmp_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_snmp][version]" } } }
+
+  if ([zeek_socks][version])                    { mutate { id => "mutate_merge_normalize_zeek_socks_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_socks][version]" } } }
+
+  if ([zeek_ssh][version])                      { mutate { id => "mutate_merge_normalize_zeek_ssh_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_ssh][version]" } } }
+
+  if ([zeek_ssl][ssl_version])                  { mutate { id => "mutate_merge_normalize_zeek_ssl_ssl_version"
+                                                           merge => { "[zeek][service_version]" => "[zeek_ssl][ssl_version]" } } }
+
+  if ([zeek][service_version]) {
+    ruby {
+      id => "ruby_zeek_service_version_uniq"
+      code => "event.set('[zeek][service_version]', event.get('[zeek][service_version]').uniq)"
+    }
+  }
+
+  # Action ############################################################################################################
+  # collect all actions/operations/commands under the parent [zeek][action] array
+
+  if ([zeek_bacnet][service_choice])            { mutate { id => "mutate_merge_normalize_zeek_bacnet_service_choice"
+                                                           merge => { "[zeek][action]" => "[zeek_bacnet][service_choice]" } } }
+
+  if ([zeek_cip][cip_service])                  { mutate { id => "mutate_merge_normalize_zeek_cip_cip_service"
+                                                           merge => { "[zeek][action]" => "[zeek_cip][cip_service]" } } }
+
+  if ([zeek_dce_rpc][operation])                { mutate { id => "mutate_merge_normalize_zeek_dce_rpc_operation"
+                                                           merge => { "[zeek][action]" => "[zeek_dce_rpc][operation]" } } }
+
+  if ([zeek_dnp3][fc_request])                  { mutate { id => "mutate_merge_normalize_zeek_dnp3_fc_request"
+                                                           merge => { "[zeek][action]" => "[zeek_dnp3][fc_request]" } } }
+
+  if ([zeek_enip][command])                     { mutate { id => "mutate_merge_normalize_zeek_enip_command"
+                                                           merge => { "[zeek][action]" => "[zeek_enip][command]" } } }
+
+  if ([zeek_ftp][command])                      { mutate { id => "mutate_merge_normalize_zeek_ftp_command"
+                                                           merge => { "[zeek][action]" => "[zeek_ftp][command]" } } }
+
+  if ([zeek_http][method])                      { mutate { id => "mutate_merge_normalize_zeek_http_method"
+                                                           merge => { "[zeek][action]" => "[zeek_http][method]" } } }
+
+  if ([zeek_irc][command])                      { mutate { id => "mutate_merge_normalize_zeek_irc_command"
+                                                           merge => { "[zeek][action]" => "[zeek_irc][command]" } } }
+
+  if ([zeek_iso_cotp][pdu_type])                { mutate { id => "mutate_merge_normalize_zeek_iso_cotp_pdu_type"
+                                                           merge => { "[zeek][action]" => "[zeek_iso_cotp][pdu_type]" } } }
+
+  if ([zeek_kerberos][request_type])            { mutate { id => "mutate_merge_normalize_zeek_kerberos_request_type"
+                                                           merge => { "[zeek][action]" => "[zeek_kerberos][request_type]" } } }
+
+  if ([zeek_ldap][operation])                   { mutate { id => "mutate_merge_normalize_zeek_ldap_operation"
+                                                           merge => { "[zeek][action]" => "[zeek_ldap][operation]" } } }
+
+  if ([zeek_modbus][func])                      { mutate { id => "mutate_merge_normalize_zeek_modbus_func"
+                                                           merge => { "[zeek][action]" => "[zeek_modbus][func]" } } }
+
+  if ([zeek_mqtt_publish][payload_dict][messageType]) {
+    # not sure if this is a standard or just the PCAPs I found :/
+    mutate { id => "mutate_merge_normalize_zeek_mqtt_publish_payload_dict_messageType"
+    merge => { "[zeek][action]" => "[zeek_mqtt_publish][payload_dict][messageType]" } }
+  }
+
+  if ([zeek_mqtt_subscribe][action])            { mutate { id => "mutate_merge_normalize_zeek_mqtt_subscribe_action"
+                                                           merge => { "[zeek][action]" => "[zeek_mqtt_subscribe][action]" } } }
+
+  if ([zeek_mysql][cmd])                        { mutate { id => "mutate_merge_normalize_zeek_mysql_cmd"
+                                                           merge => { "[zeek][action]" => "[zeek_mysql][cmd]" } } }
+
+  if ([zeek_ntp][mode_str])                     { mutate { id => "mutate_merge_normalize_zeek_ntp_mode_str"
+                                                           merge => { "[zeek][action]" => "[zeek_ntp][mode_str]" } } }
+
+  if ([zeek_profinet][operation_type])          { mutate { id => "mutate_merge_normalize_zeek_profinet_operation_type"
+                                                           merge => { "[zeek][action]" => "[zeek_profinet][operation_type]" } } }
+
+  if ([zeek_profinet_dce_rpc][operation])       { mutate { id => "mutate_merge_normalize_zeek_profinet_dce_rpc_operation"
+                                                           merge => { "[zeek][action]" => "[zeek_profinet_dce_rpc][operation]" } } }
+
+  if ([zeek_s7comm]) {
+    ruby {
+      # action = rosctr:mode:type:sub
+      id => "ruby_zeek_s7comm_generate_action"
+      code => "
+        actions = Array.new unless (actions = event.get('[zeek][action]'))
+        actions.append([event.get('[zeek_s7comm][rosctr]'),
+                        event.get('[zeek_s7comm][parameters][mode]'),
+                        event.get('[zeek_s7comm][parameters][type]'),
+                        event.get('[zeek_s7comm][parameters][sub]')].compact.join(':'))
+        event.set('[zeek][action]', actions)"
+    }
+  }
+
+  if ([zeek_smb_cmd]) {
+    ruby {
+      # action = command:sub_command
+      id => "ruby_zeek_smb_cmd_generate_action"
+      code => "
+        cmd = event.get('[zeek_smb_cmd][command]')
+        subCmd = event.get('[zeek_smb_cmd][sub_command]')
+        actions = Array.new unless (actions = event.get('[zeek][action]'))
+        actions.append((cmd =~ /^\s*transaction\d*\s*$/i) ? subCmd : [cmd, subCmd].compact.join(':'))
+        event.set('[zeek][action]', actions)"
+    }
+  }
+
+  if ([zeek_smb_files][action])                 { mutate { id => "mutate_merge_normalize_zeek_smb_files_action"
+                                                           merge => { "[zeek][action]" => "[zeek_smb_files][action]" } } }
+
+  if ([zeek_sip][method])                       { mutate { id => "mutate_merge_normalize_zeek_sip_method"
+                                                           merge => { "[zeek][action]" => "[zeek_sip][method]" } } }
+
+  if ([zeek_tds][command])                      { mutate { id => "mutate_merge_normalize_zeek_tds_command"
+                                                           merge => { "[zeek][action]" => "[zeek_tds][command]" } } }
+
+  if ([zeek_tds_rpc][procedure_name]) {
+
+    mutate { id => "mutate_add_field_zeek_tds_rpc_procedure_name_tmp"
+             add_field => { "[@metadata][zeek_tds_rpc_procedure_name_tmp]" => "%{[zeek_tds_rpc][procedure_name]}" } }
+
+    # remove everything after the first $
+    mutate { id => "mutate_gsub_field_zeek_tds_rpc_procedure_name_tmp"
+             gsub => [ "[@metadata][zeek_tds_rpc_procedure_name_tmp]", "\$.*", "" ] }
+
+    mutate { id => "mutate_merge_normalize_zeek_tds_rpc_procedure_name"
+             merge => { "[zeek][action]" => "[@metadata][zeek_tds_rpc_procedure_name_tmp]" } }
+  }
+
+
+  if ([zeek_tunnel][action])                    { mutate { id => "mutate_merge_normalize_zeek_tunnel_action"
+                                                           merge => { "[zeek][action]" => "[zeek_tunnel][action]" } } }
+
+  if ([zeek][action]) {
+    ruby {
+      id => "ruby_zeek_action_uniq"
+      code => "event.set('[zeek][action]', event.get('[zeek][action]').uniq)"
+    }
+  }
+
+  # FUIDs #############################################################################################################
+  # collect all other FUIDs under parent [zeek][fuid] array (some were already done at the root level in
+  # the "rename" in 11_zeek_logs.conf)
+
+  if ([zeek_files][parent_fuid])                { mutate { id => "mutate_merge_normalize_zeek_files_parent_fuid"
+                                                           merge => { "[zeek][fuid]" => "[zeek_files][parent_fuid]" } } }
+
+  if ([zeek_http][orig_fuids])                  { mutate { id => "mutate_merge_normalize_zeek_http_orig_fuids"
+                                                           merge => { "[zeek][fuid]" => "[zeek_http][orig_fuids]" } } }
+
+  if ([zeek_http][resp_fuids])                  { mutate { id => "mutate_merge_normalize_zeek_http_resp_fuids"
+                                                           merge => { "[zeek][fuid]" => "[zeek_http][resp_fuids]" } } }
+
+  if ([zeek_kerberos][client_cert_fuid])        { mutate { id => "mutate_merge_normalize_zeek_kerberos_client_cert_fuid"
+                                                           merge => { "[zeek][fuid]" => "[zeek_kerberos][client_cert_fuid]" } } }
+
+  if ([zeek_kerberos][server_cert_fuid])        { mutate { id => "mutate_merge_normalize_zeek_kerberos_server_cert_fuid"
+                                                           merge => { "[zeek][fuid]" => "[zeek_kerberos][server_cert_fuid]" } } }
+
+  if ([zeek_ssl][cert_chain_fuids])             { mutate { id => "mutate_merge_normalize_zeek_ssl_cert_chain_fuids"
+                                                           merge => { "[zeek][fuid]" => "[zeek_ssl][cert_chain_fuids]" } } }
+
+  if ([zeek_ssl][client_cert_chain_fuids])      { mutate { id => "mutate_merge_normalize_zeek_ssl_client_cert_chain_fuids"
+                                                           merge => { "[zeek][fuid]" => "[zeek_ssl][client_cert_chain_fuids]" } } }
+
+  if ([zeek][fuid]) {
+    ruby {
+      id => "ruby_zeek_fuid_uniq"
+      code => "event.set('[zeek][fuid]', event.get('[zeek][fuid]').uniq)"
+    }
+  }
+
+  # File/MIME types ###################################################################################################
+  # collect all file/MIME types under the parent [zeek][filetype] array
+
+  if ([zeek_files][mime_type])                  { mutate { id => "mutate_merge_normalize_zeek_files_mime_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_files][mime_type]" } } }
+
+  if ([zeek_ftp][mime_type])                    { mutate { id => "mutate_merge_normalize_zeek_ftp_mime_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_ftp][mime_type]" } } }
+
+  if ([zeek_http][orig_mime_types])             { mutate { id => "mutate_merge_normalize_zeek_http_orig_mime_types"
+                                                           merge => { "[zeek][filetype]" => "[zeek_http][orig_mime_types]" } } }
+
+  if ([zeek_http][resp_mime_types])             { mutate { id => "mutate_merge_normalize_zeek_http_resp_mime_types"
+                                                           merge => { "[zeek][filetype]" => "[zeek_http][resp_mime_types]" } } }
+
+  if ([zeek_irc][dcc_mime_type])                { mutate { id => "mutate_merge_normalize_zeek_irc_dcc_mime_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_irc][dcc_mime_type]" } } }
+
+  if ([zeek_intel][file_mime_type])             { mutate { id => "mutate_merge_normalize_zeek_intel_file_mime_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_intel][file_mime_type]" } } }
+
+  if ([zeek_notice][file_mime_type])            { mutate { id => "mutate_merge_normalize_zeek_notice_file_mime_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_notice][file_mime_type]" } } }
+
+  if ([zeek_sip][content_type])                 { mutate { id => "mutate_merge_normalize_zeek_sip_content_type"
+                                                           merge => { "[zeek][filetype]" => "[zeek_sip][content_type]" } } }
+
+  if ([zeek][filetype]) {
+    ruby {
+      id => "ruby_zeek_filetype_uniq"
+      code => "event.set('[zeek][filetype]', event.get('[zeek][filetype]').uniq)"
+    }
+  }
+
+  # Filenames #########################################################################################################
+  # collect all filenames under the parent [zeek][filename] array
+
+  if ([zeek_files][filename])                   { mutate { id => "mutate_merge_normalize_zeek_files_filename"
+                                                           merge => { "[zeek][filename]" => "[zeek_files][filename]" } } }
+
+  if ([zeek_http][orig_filenames])              { mutate { id => "mutate_merge_normalize_zeek_http_orig_filenames"
+                                                           merge => { "[zeek][filename]" => "[zeek_http][orig_filenames]" } } }
+
+  if ([zeek_http][resp_filenames])              { mutate { id => "mutate_merge_normalize_zeek_http_resp_filenames"
+                                                           merge => { "[zeek][filename]" => "[zeek_http][resp_filenames]" } } }
+
+  if ([zeek_irc][dcc_file_name])                { mutate { id => "mutate_merge_normalize_zeek_irc_dcc_file_name"
+                                                           merge => { "[zeek][filename]" => "[zeek_irc][dcc_file_name]" } } }
+
+  if ([zeek_smb_files][name])                   { mutate { id => "mutate_merge_normalize_zeek_smb_files_name"
+                                                           merge => { "[zeek][filename]" => "[zeek_smb_files][name]" } } }
+
+  if ([zeek_smb_files][prev_name])              { mutate { id => "mutate_merge_normalize_zeek_smb_files_prev_name"
+                                                           merge => { "[zeek][filename]" => "[zeek_smb_files][prev_name]" } } }
+
+  if ([zeek][filename]) {
+    ruby {
+      id => "ruby_zeek_filename_uniq"
+      code => "event.set('[zeek][filename]', event.get('[zeek][filename]').uniq)"
+    }
+  }
+
+}
\ No newline at end of file
diff --git a/logstash/pipelines/zeek/13_zeek_convert.conf b/logstash/pipelines/zeek/13_zeek_convert.conf
new file mode 100644
index 000000000..7b14756d8
--- /dev/null
+++ b/logstash/pipelines/zeek/13_zeek_convert.conf
@@ -0,0 +1,35 @@
+filter {
+
+  # set data types for fields that belong to various zeek logs
+  mutate {
+    id => "mutate_convert_zeek_bulk"
+    convert => {
+      "[zeek_dce_rpc][rtt]" => "float"
+      "[zeek_dns][rtt]" => "float"
+      "[zeek_ldap][message_id]" => "integer"
+      "[zeek_ldap][result_code]" => "integer"
+      "[zeek_modbus_register][delta]" => "float"
+      "[zeek_modbus_register][new_val]" => "integer"
+      "[zeek_modbus_register][old_val]" => "integer"
+      "[zeek_modbus_register][register]" => "integer"
+      "[zeek_mqtt_publish][payload_len]" => "integer"
+      "[zeek_mqtt_subscribe][granted_qos_level]" => "integer"
+      "[zeek_mqtt_subscribe][qos_levels]" => "integer"
+      "[zeek_ntp][mode]" => "integer"
+      "[zeek_ntp][num_exts]" => "float"
+      "[zeek_ntp][poll]" => "float"
+      "[zeek_ntp][precision]" => "float"
+      "[zeek_ntp][root_delay]" => "float"
+      "[zeek_ntp][root_disp]" => "float"
+      "[zeek_ntp][version]" => "integer"
+      "[zeek_s7comm][item_count]" => "integer"
+      "[zeek_signatures][host_count]" => "integer"
+      "[zeek_signatures][signature_count]" => "integer"
+      "[zeek_smb_cmd][rtt]" => "float"
+      "[zeek_smb_files][data_len_req]" => "integer"
+      "[zeek_smb_files][data_len_rsp]" => "integer"
+      "[zeek_smb_files][data_offset_req]" => "integer"
+    }
+  }
+
+}
\ No newline at end of file
diff --git a/logstash/scripts/ip-to-segment-logstash.py b/logstash/scripts/ip-to-segment-logstash.py
index eae0795f1..3fe5c9010 100755
--- a/logstash/scripts/ip-to-segment-logstash.py
+++ b/logstash/scripts/ip-to-segment-logstash.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python2
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 from __future__ import print_function
 
@@ -12,6 +12,7 @@
 import struct
 import ipaddress
 import itertools
+import json
 import pprint
 import uuid
 from collections import defaultdict
@@ -20,11 +21,31 @@
 HOST_LIST_IDX = 0
 SEGMENT_LIST_IDX = 1
 
+JSON_MAP_TYPE_SEGMENT = 'segment'
+JSON_MAP_TYPE_HOST = 'host'
+JSON_MAP_KEY_ADDR = 'address'
+JSON_MAP_KEY_NAME = 'name'
+JSON_MAP_KEY_TAG = 'tag'
+JSON_MAP_KEY_TYPE = 'type'
+
 ###################################################################################################
 # print to stderr
 def eprint(*args, **kwargs):
   print(*args, file=sys.stderr, **kwargs)
 
+###################################################################################################
+# recursively convert unicode strings to utf-8 strings
+def byteify(input):
+  if isinstance(input, dict):
+    return {byteify(key): byteify(value)
+      for key, value in input.iteritems()}
+  elif isinstance(input, list):
+    return [byteify(element) for element in input]
+  elif isinstance(input, unicode):
+    return input.encode('utf-8')
+  else:
+    return input
+
 ###################################################################################################
 # main
 def main():
@@ -32,6 +53,7 @@ def main():
   # extract arguments from the command line
   # print (sys.argv[1:]);
   parser = argparse.ArgumentParser(description='Logstash IP address to Segment Filter Creator', add_help=False, usage='ip-to-segment-logstash.py <arguments>')
+  parser.add_argument('-m', '--mixed', dest='mixedInput', metavar='<STR>', type=str, nargs='*', default='', help='Input mixed JSON mapping file(s)')
   parser.add_argument('-s', '--segment', dest='segmentInput', metavar='<STR>', type=str, nargs='*', default='', help='Input segment mapping file(s)')
   parser.add_argument('-h', '--host', dest='hostInput', metavar='<STR>', type=str, nargs='*', default='', help='Input host mapping file(s)')
   parser.add_argument('-o', '--output', dest='output', metavar='<STR>', type=str, default='-', help='Output file')
@@ -42,9 +64,10 @@ def main():
     parser.print_help()
     exit(2)
 
-  # read segment input files into a single list, and host input files into another
+  # read each input file into its own list
   segmentLines = []
   hostLines = []
+  mixedEntries = []
 
   for inFile in args.segmentInput:
     if os.path.isfile(inFile):
@@ -54,11 +77,19 @@ def main():
     if os.path.isfile(inFile):
       hostLines.extend([line.strip() for line in open(inFile)])
 
+  for inFile in args.mixedInput:
+    try:
+      tmpMixedEntries = json.load(open(inFile, 'r'))
+      if isinstance(tmpMixedEntries, list):
+        mixedEntries.extend(byteify(tmpMixedEntries));
+    except:
+      pass
+
   # remove comments
   segmentLines = list(filter(lambda x: (len(x) > 0) and (not x.startswith('#')), segmentLines))
   hostLines = list(filter(lambda x: (len(x) > 0) and (not x.startswith('#')), hostLines))
 
-  if (len(segmentLines) > 0) or (len(hostLines) > 0):
+  if (len(segmentLines) > 0) or (len(hostLines) > 0) or (len(mixedEntries) > 0):
 
     filterId = 0
     addedFields = set()
@@ -142,6 +173,50 @@ def main():
         else:
           eprint('"{}" is not formatted correctly, ignoring'.format(line))
 
+      # handle mixed entries from the JSON-formatted file
+      for entry in mixedEntries:
+
+        # the entry must at least contain type, address, name; may optionally contain tag
+        if (isinstance(entry, dict) and
+            all(key in entry for key in (JSON_MAP_KEY_TYPE, JSON_MAP_KEY_NAME, JSON_MAP_KEY_ADDR)) and
+            entry[JSON_MAP_KEY_TYPE] in (JSON_MAP_TYPE_SEGMENT, JSON_MAP_TYPE_HOST) and
+            (len(entry[JSON_MAP_KEY_NAME]) > 0) and
+            (len(entry[JSON_MAP_KEY_ADDR]) > 0)):
+
+          addressList = []
+          networkList = []
+
+          tagReq = entry[JSON_MAP_KEY_TAG] if (JSON_MAP_KEY_TAG in entry) and (len(entry[JSON_MAP_KEY_TAG]) > 0) else UNSPECIFIED_TAG
+
+          # account for comma-separated multiple addresses per 'address' value
+          for addr in ''.join(entry[JSON_MAP_KEY_ADDR].split()).split(','):
+
+            if (entry[JSON_MAP_KEY_TYPE] == JSON_MAP_TYPE_SEGMENT):
+              # potentially interpret address as a CIDR-formatted subnet
+              try:
+                networkList.append(str(ipaddress.ip_network(unicode(addr))).lower() if ('/' in addr) else str(ipaddress.ip_address(unicode(addr))).lower())
+              except ValueError:
+                eprint('"{}" is not a valid IP address, ignoring'.format(addr))
+
+            else:
+              # should be an IP or MAC address
+              try:
+                # see if it's an IP address
+                addressList.append(str(ipaddress.ip_address(unicode(addr))).lower())
+              except ValueError:
+                # see if it's a MAC address
+                if re.match(macAddrRegex, addr):
+                  # prepend _ temporarily to distinguish a mac address
+                  addressList.append("_{}".format(addr.replace('-', ':').lower()))
+                else:
+                  eprint('"{}" is not a valid IP or MAC address, ignoring'.format(ip))
+
+          if (len(networkList) > 0):
+            tagListMap[tagReq][SEGMENT_LIST_IDX][entry[JSON_MAP_KEY_NAME]].extend(networkList)
+
+          if (len(addressList) > 0):
+            tagListMap[tagReq][HOST_LIST_IDX][entry[JSON_MAP_KEY_NAME]].extend(addressList)
+
       # go through the lists of segments/hosts, which will now be organized by required tag first, then
       # segment/host name, then the list of addresses
       for tag, nameMaps in tagListMap.iteritems():
@@ -156,7 +231,7 @@ def main():
           for hostName, addrList in nameMaps[HOST_LIST_IDX].iteritems():
 
             # ip addresses mapped to hostname
-            ipList = [a for a in addrList if not a.startswith('_')]
+            ipList = list(set([a for a in addrList if not a.startswith('_')]))
             if (len(ipList) >= 1):
               for source in ['orig', 'resp']:
                 filterId += 1
@@ -171,7 +246,7 @@ def main():
                 addedFields.add("[zeek][{}]".format(newFieldName))
 
             # mac addresses mapped to hostname
-            macList = [a for a in addrList if a.startswith('_')]
+            macList = list(set([a for a in addrList if a.startswith('_')]))
             if (len(macList) >= 1):
               for source in ['orig', 'resp']:
                 filterId += 1
@@ -187,6 +262,7 @@ def main():
 
           # for the segment(s) to be checked, create two cidr filters, one for source IP and one for dest IP
           for segmentName, ipList in nameMaps[SEGMENT_LIST_IDX].iteritems():
+            ipList = list(set(ipList))
             for source in ['orig', 'resp']:
               filterId += 1
               # ip addresses/ranges mapped to network segment names
diff --git a/logstash/scripts/logstash-start.sh b/logstash/scripts/logstash-start.sh
index fb7979b80..13aae3f35 100755
--- a/logstash/scripts/logstash-start.sh
+++ b/logstash/scripts/logstash-start.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
@@ -20,6 +20,7 @@ export PIPELINE_EXTRA_CONF_FILE="00_config.conf"
 # files defining IP->host and MAC->host mapping
 INPUT_CIDR_MAP="/usr/share/logstash/config/cidr-map.txt"
 INPUT_HOST_MAP="/usr/share/logstash/config/host-map.txt"
+INPUT_MIXED_MAP="/usr/share/logstash/config/net-map.json"
 
 # the name of the enrichment pipeline subdirectory under $PIPELINES_DIR
 ENRICHMENT_PIPELINE=${LOGSTASH_ENRICHMENT_PIPELINE:-"enrichment"}
@@ -32,7 +33,7 @@ export ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL=${LOGSTASH_ELASTICSEARCH_PIPELINE
 export ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL=${LOGSTASH_ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL:-"external-es"}
 ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES=${LOGSTASH_ELASTICSEARCH_OUTPUT_PIPELINE_ADDRESSES:-"$ELASTICSEARCH_PIPELINE_ADDRESS_INTERNAL,$ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL"}
 
-# ip-to-segment-logstash.py translate $INPUT_CIDR_MAP and $INPUT_HOST_MAP into this logstash filter file
+# ip-to-segment-logstash.py translate $INPUT_CIDR_MAP, $INPUT_HOST_MAP, $INPUT_MIXED_MAP into this logstash filter file
 NETWORK_MAP_OUTPUT_FILTER="$PIPELINES_DIR"/"$ENRICHMENT_PIPELINE"/16_host_segment_filters.conf
 
 ####################################################################################################################
@@ -63,7 +64,8 @@ find "$PIPELINES_DIR" -mindepth 1 -maxdepth 1 -type d -print0 2>/dev/null | sort
 '
 
 # create filters for network segment and host mapping in the enrichment directory
-/usr/local/bin/ip-to-segment-logstash.py --segment "$INPUT_CIDR_MAP" --host "$INPUT_HOST_MAP" -o "$NETWORK_MAP_OUTPUT_FILTER"
+rm -f "$NETWORK_MAP_OUTPUT_FILTER"
+/usr/local/bin/ip-to-segment-logstash.py --mixed "$INPUT_MIXED_MAP" --segment "$INPUT_CIDR_MAP" --host "$INPUT_HOST_MAP" -o "$NETWORK_MAP_OUTPUT_FILTER"
 
 if [[ -z "$ES_EXTERNAL_HOSTS" ]]; then
   # external ES host destination is not specified, remove external destination from enrichment pipeline output
@@ -78,12 +80,8 @@ MALCOLM_ELASTICSEARCH_OUTPUT_PIPELINES=$(printf '"%s"\n' "${ELASTICSEARCH_OUTPUT
 find "$PIPELINES_DIR" -type f -name "*.conf" -exec sed -i "s/_MALCOLM_ELASTICSEARCH_OUTPUT_PIPELINES_/${MALCOLM_ELASTICSEARCH_OUTPUT_PIPELINES}/g" "{}" \; 2>/dev/null
 find "$PIPELINES_DIR" -type f -name "*.conf" -exec sed -i "s/_MALCOLM_PARSE_PIPELINE_ADDRESSES_/${MALCOLM_PARSE_PIPELINE_ADDRESSES}/g" "{}" \; 2>/dev/null
 
-# experimental java execution engine (https://www.elastic.co/blog/meet-the-new-logstash-java-execution-engine)
-if [[ "$LOGSTASH_JAVA_EXECUTION_ENGINE" == 'true' ]]; then
-  LOGSTASH_JAVA_FLAG="--java-execution"
-else
-  LOGSTASH_JAVA_FLAG=""
-fi
 
-# start logstash
-/usr/local/bin/docker-entrypoint $LOGSTASH_JAVA_FLAG
+# start logstash (adapted from docker-entrypoint)
+env2yaml /usr/share/logstash/config/logstash.yml
+export LS_JAVA_OPTS="-Dls.cgroup.cpuacct.path.override=/ -Dls.cgroup.cpu.path.override=/ $LS_JAVA_OPTS"
+exec logstash
diff --git a/logstash/scripts/set_es_external_keystore.sh b/logstash/scripts/set_es_external_keystore.sh
index 1f87f56b0..185a00079 100755
--- a/logstash/scripts/set_es_external_keystore.sh
+++ b/logstash/scripts/set_es_external_keystore.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/logstash/supervisord.conf b/logstash/supervisord.conf
new file mode 100644
index 000000000..7e23e2ee3
--- /dev/null
+++ b/logstash/supervisord.conf
@@ -0,0 +1,30 @@
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+[inet_http_server]
+port=0.0.0.0:9001
+
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+pidfile=/var/run/supervisord.pid
+childlogdir=/var/log/supervisor
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=http://127.0.0.1:9001
+
+[program:logstash]
+command=/usr/local/bin/logstash-start.sh
+user=logstash
+autostart=true
+startsecs=0
+startretries=0
+stopwaitsecs=60
+stopasgroup=true
+killasgroup=true
+stopsignal=INT
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
diff --git a/malcolm-iso/build.sh b/malcolm-iso/build.sh
index 8c0092501..479f89a09 100755
--- a/malcolm-iso/build.sh
+++ b/malcolm-iso/build.sh
@@ -50,6 +50,7 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p ./output "./work/$IMAGE_NAME-Live-Build"
   pushd "./work/$IMAGE_NAME-Live-Build" >/dev/null 2>&1
   rsync -a "$SCRIPT_PATH/config" .
+  rsync -a "$SCRIPT_PATH/../shared/vbox-guest-build" .
 
   mkdir -p ./config/hooks/live
   pushd ./config/hooks/live
@@ -80,6 +81,17 @@ if [ -d "$WORKDIR" ]; then
   echo "firmware-misc-nonfree=$(dpkg -s firmware-misc-nonfree | grep ^Version: | cut -d' ' -f2)" >> ./config/package-lists/kernel.list.chroot
   echo "firmware-amd-graphics=$(dpkg -s firmware-amd-graphics | grep ^Version: | cut -d' ' -f2)" >> ./config/package-lists/kernel.list.chroot
 
+  # virtualbox-guest .deb package(s) in its own clean environment (rather than in hooks/)
+  mkdir -p ./config/packages.chroot/
+  bash ./vbox-guest-build/build-docker-image.sh
+  docker run --rm -v "$(pwd)"/vbox-guest-build:/build vboxguest-build:latest -o /build
+  rm -f ./vbox-guest-build/*-source*.deb \
+        ./vbox-guest-build/*-dbgsym*.deb \
+        ./vbox-guest-build/virtualbox_*.deb \
+        ./vbox-guest-build/virtualbox-dkms_*.deb \
+        ./vbox-guest-build/virtualbox-qt_*.deb
+  mv ./vbox-guest-build/*.deb ./config/packages.chroot/
+
   # grab things from the Malcolm parent directory into /etc/skel so the user's got it set up in their home/Malcolm dir
   pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
   MALCOLM_DEST_DIR="$WORKDIR/work/$IMAGE_NAME-Live-Build/config/includes.chroot/etc/skel/Malcolm"
@@ -104,19 +116,23 @@ if [ -d "$WORKDIR" ]; then
   YML_IMAGE_VERSION="$(grep -P "^\s+image:\s*malcolm" ./docker-compose-standalone.yml | awk '{print $2}' | cut -d':' -f2 | uniq -c | sort -nr | awk '{print $2}' | head -n 1)"
   [[ -n $YML_IMAGE_VERSION ]] && IMAGE_VERSION="$YML_IMAGE_VERSION"
   cp ./docker-compose-standalone.yml "$MALCOLM_DEST_DIR/docker-compose.yml"
-  cp ./docker-compose-standalone-zeek-live.yml "$MALCOLM_DEST_DIR/docker-compose-zeek-live.yml"
   cp ./cidr-map.txt "$MALCOLM_DEST_DIR/"
   cp ./host-map.txt "$MALCOLM_DEST_DIR/"
-  cp ./scripts/auth_setup.sh "$MALCOLM_DEST_DIR/scripts/"
-  cp ./scripts/start.sh "$MALCOLM_DEST_DIR/scripts/"
-  cp ./scripts/stop.sh "$MALCOLM_DEST_DIR/scripts/"
-  cp ./scripts/restart.sh "$MALCOLM_DEST_DIR/scripts/"
-  cp ./scripts/wipe.sh "$MALCOLM_DEST_DIR/scripts/"
-  cp ./scripts/logs.sh "$MALCOLM_DEST_DIR/scripts/"
+  cp ./net-map.json "$MALCOLM_DEST_DIR/"
   cp ./scripts/install.py "$MALCOLM_DEST_DIR/scripts/"
+  cp ./scripts/control.py "$MALCOLM_DEST_DIR/scripts/"
+  pushd "$MALCOLM_DEST_DIR/scripts/" >/dev/null 2>&1
+  ln -s ./control.py start
+  ln -s ./control.py stop
+  ln -s ./control.py restart
+  ln -s ./control.py wipe
+  ln -s ./control.py logs
+  ln -s ./control.py auth_setup
+  sed -i 's@#!/usr/bin/env[[:space:]]*python$@#!/usr/bin/env python3@g' *.py
+  popd >/dev/null 2>&1
+  cp ./scripts/malcolm_common.py "$MALCOLM_DEST_DIR/scripts/"
   cp ./README.md "$MALCOLM_DEST_DIR/"
-  cp ./nginx/certs/*.sh "$MALCOLM_DEST_DIR/nginx/certs/"
-  cp ./logstash/certs/Makefile ./logstash/certs/*.conf "$MALCOLM_DEST_DIR/logstash/certs/"
+  cp ./logstash/certs/*.conf "$MALCOLM_DEST_DIR/logstash/certs/"
   cp ./elastalert/config/* "$MALCOLM_DEST_DIR/elastalert/config/"
   cp ./elastalert/rules/* "$MALCOLM_DEST_DIR/elastalert/rules/" 2>/dev/null || true
   cp ./elastalert/sample-rules/* "$MALCOLM_DEST_DIR/elastalert/sample-rules/" 2>/dev/null || true
@@ -156,7 +172,7 @@ if [ -d "$WORKDIR" ]; then
     --bootloaders "syslinux,grub-efi" \
     --memtest none \
     --chroot-filesystem squashfs \
-    --backports false \
+    --backports true \
     --security true \
     --updates true \
     --source false \
diff --git a/malcolm-iso/config/hooks/normal/0169-pip-installs.hook.chroot b/malcolm-iso/config/hooks/normal/0169-pip-installs.hook.chroot
index 5ee761fa7..5e39cd2e8 100755
--- a/malcolm-iso/config/hooks/normal/0169-pip-installs.hook.chroot
+++ b/malcolm-iso/config/hooks/normal/0169-pip-installs.hook.chroot
@@ -6,6 +6,7 @@ export LANG=C.UTF-8
 # python 3
 pip3 install --no-compile --no-cache-dir --force-reinstall --upgrade \
   beautifulsoup4 \
+  colorama \
   debinterface \
   docker-compose \
   netifaces \
diff --git a/malcolm-iso/config/hooks/normal/0910-agg-build.hook.chroot b/malcolm-iso/config/hooks/normal/0910-agg-build.hook.chroot
index b2b91769e..1a5544982 100755
--- a/malcolm-iso/config/hooks/normal/0910-agg-build.hook.chroot
+++ b/malcolm-iso/config/hooks/normal/0910-agg-build.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-BEATS_VER="7.5.1"
+BEATS_VER="7.6.2"
 BEATS_OSS="-oss"
 BEATS_DEB_URL_TEMPLATE_REPLACER="XXXXX"
 BEATS_DEB_URL_TEMPLATE="https://artifacts.elastic.co/downloads/beats/$BEATS_DEB_URL_TEMPLATE_REPLACER/$BEATS_DEB_URL_TEMPLATE_REPLACER$BEATS_OSS-$BEATS_VER-amd64.deb"
diff --git a/malcolm-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot b/malcolm-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
index 9f02a6be0..ab545bd53 100755
--- a/malcolm-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
+++ b/malcolm-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # clone STIG-4-Debian and harbian-audit and clean up some stuff we don't need
 mkdir -p /opt
diff --git a/malcolm-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot b/malcolm-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
index 936d054c7..42a615b15 100755
--- a/malcolm-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
+++ b/malcolm-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # remove development packages
-apt-get -y --purge remove checkinstall $(dpkg --get-selections | grep -v deinstall$ | cut -f1 | grep -P -- '-dev(:\w+)?$') || true
+apt-get -y --purge remove build-essential $(dpkg --get-selections | grep -v deinstall$ | cut -f1 | grep -P -- '-dev(:\w+)?$' | grep -Pv -- '^(dpkg|libgcc)') || true
 
 # remove unwanted packages
 apt-get -y --purge remove bluez-firmware \
@@ -10,7 +10,6 @@ apt-get -y --purge remove bluez-firmware \
                           enchant \
                           ffmpeg \
                           gnome-accessibility-themes \
-                          gnome-user-guide \
                           gucharmap \
                           libasound2-plugins \
                           libcupsfilters1 \
diff --git a/malcolm-iso/config/hooks/normal/0998-localepurge.hook.chroot b/malcolm-iso/config/hooks/normal/0998-localepurge.hook.chroot
index 37680b216..48e8ea2e3 100755
--- a/malcolm-iso/config/hooks/normal/0998-localepurge.hook.chroot
+++ b/malcolm-iso/config/hooks/normal/0998-localepurge.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # remove excess locales
 if [ -f /etc/localepurge-preseed.cfg ] ; then
diff --git a/malcolm-iso/config/includes.binary/boot/grub/grub.cfg b/malcolm-iso/config/includes.binary/boot/grub/grub.cfg
index 299529456..37131c27c 100644
--- a/malcolm-iso/config/includes.binary/boot/grub/grub.cfg
+++ b/malcolm-iso/config/includes.binary/boot/grub/grub.cfg
@@ -39,6 +39,11 @@ menuentry "Install Malcolm Base (advanced configuration)" {
   initrd  /install/initrd.gz
 }
 
+menuentry "Install Malcolm Base (virtual machine single partition quick install)" {
+  linux /install/vmlinuz auto=true priority=high vga=normal locales=en_US.UTF-8 keyboard-layouts=us preseed/file=/cdrom/install/preseed_vmware.cfg
+  initrd  /install/initrd.gz
+}
+
 menuentry "Rescue system in text mode" {
   linux /install/vmlinuz rescue/enable=true vga=normal
   initrd  /install/initrd.gz
diff --git a/malcolm-iso/config/includes.binary/install/preseed.cfg b/malcolm-iso/config/includes.binary/install/preseed.cfg
index 9d0092775..d1a4a66a7 100644
--- a/malcolm-iso/config/includes.binary/install/preseed.cfg
+++ b/malcolm-iso/config/includes.binary/install/preseed.cfg
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 d-i debian-installer/locale string en_US.UTF-8
 d-i console-setup/ask_detect boolean false
diff --git a/malcolm-iso/config/includes.binary/install/preseed_base.cfg b/malcolm-iso/config/includes.binary/install/preseed_base.cfg
index feef22f77..411f8bac2 100644
--- a/malcolm-iso/config/includes.binary/install/preseed_base.cfg
+++ b/malcolm-iso/config/includes.binary/install/preseed_base.cfg
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 d-i hw-detect/load_firmware boolean true
 d-i clock-setup/utc boolean true
@@ -18,7 +18,7 @@ d-i localepurge/remove_no note
 
 # d-i passwd/username string analyst
 # d-i passwd/user-fullname string analyst
-d-i passwd/user-default-groups string audio cdrom video netdev plugdev docker
+d-i passwd/user-default-groups string audio cdrom video netdev plugdev docker vboxsf
 d-i passwd/root-login boolean true
 
 # crypted passwords via: mkpasswd -m sha-512 -S $(pwgen -ns 16 1) <password>
@@ -34,6 +34,8 @@ d-i preseed/late_command string \
   echo 'deb http://security.debian.org/debian-security buster/updates main contrib non-free' >> /target/etc/apt/sources.list; \
   echo 'deb http://deb.debian.org/debian buster-updates main contrib non-free' >> /target/etc/apt/sources.list; \
   in-target bash /usr/local/bin/agg-init.sh; \
+  in-target bash -c "(dmidecode -s system-product-name | grep -q VMware) || apt-get purge -y open-vm-tools-desktop"; \
+  in-target bash -c "(dmidecode -s system-product-name | grep -q VirtualBox) || apt-get purge -y virtualbox-guest*"; \
   in-target sed -r -i 's@(^.+\s+/(tmp|var/tmp)\s+ext4\s+.*defaults)@\1,nosuid,nodev,noexec@g' /etc/fstab; \
   in-target sed -r -i 's@(^.+/media/cdrom[0-9]*.+)(noauto)(.*)@\1\2,nosuid,nodev,noexec\3@g' /etc/fstab; \
   in-target sed -r -i 's@(^.+\s+/(home)\s+ext4\s+.*defaults)@\1,nosuid,nodev@g' /etc/fstab; \
diff --git a/malcolm-iso/config/includes.binary/install/preseed_vmware.cfg b/malcolm-iso/config/includes.binary/install/preseed_vmware.cfg
new file mode 100644
index 000000000..ced2fc714
--- /dev/null
+++ b/malcolm-iso/config/includes.binary/install/preseed_vmware.cfg
@@ -0,0 +1,91 @@
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+d-i debian-installer/locale string en_US.UTF-8
+d-i console-setup/ask_detect boolean false
+d-i keyboard-configuration/xkb-keymap skip-config
+d-i keyboard-configuration/layout string "American English"
+
+d-i preseed/include string preseed_base.cfg
+
+###################################################################################################
+# install root filesystem on smallest non-USB disk
+
+d-i partman/early_command string \
+  ROOT_DISK=$(parted_devices | egrep "^($(find /sys/block -mindepth 1 -maxdepth 1 -type l \( -name '[hs]d*' -o -name 'nvme*' \) -exec ls -l '{}' ';' | grep -v "usb" | sed 's@^.*\([hs]d[a-z]\+\|nvme[0-9]\+\).*$@/dev/\1@' | sed -e :a -e '$!N; s/\n/|/; ta'))" | sort -k2n | head -1 | cut -f1); \
+  pvremove -ff -y "$ROOT_DISK"*; \
+  debconf-set partman-auto/disk "$ROOT_DISK"; \
+  debconf-set grub-installer/bootdev "$ROOT_DISK"; \
+  sed -i.bak 's/-f $id\/skip_erase/-d $id/g' /lib/partman/lib/crypto-base.sh;
+
+d-i grub-installer/only_debian boolean true
+d-i grub-installer/with_other_os boolean true
+
+d-i partman-auto/method string lvm
+d-i partman-auto-lvm/new_vg_name string main
+d-i partman-auto-lvm/guided_size string max
+
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+
+d-i partman-md/device_remove_md boolean true
+d-i partman-md/confirm boolean true
+d-i partman-md/confirm_nooverwrite boolean true
+
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+d-i partman-basicmethods/method_only boolean false
+d-i partman-efi/non_efi_system boolean true
+
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+
+d-i partman/mount_style select uuid
+
+d-i partman-auto/choose_recipe select custom
+d-i partman-auto/expert_recipe string          \
+  custom ::                                    \
+     1 1 1 free                                \
+       $bios_boot{ }                           \
+       method{ biosgrub }                      \
+     .                                         \
+     256 256 256 fat32                         \
+       $primary{ }                             \
+       $iflabel{ gpt }                         \
+       $reusemethod{ }                         \
+       method{ efi } format{ }                 \
+       mountpoint{ /boot/efi }                 \
+     .                                         \
+     1024 1024 1024 ext4                       \
+       $primary{ }                             \
+       $bootable{ }                            \
+       method{ format }                        \
+       format{ }                               \
+       use_filesystem{ }                       \
+       filesystem{ ext4 }                      \
+       mountpoint{ /boot }                     \
+     .                                         \
+     150% 150% 150% linux-swap                 \
+       $defaultignore{ }                       \
+       $lvmok{ }                               \
+       in_vg { main } lv_name{ swap }          \
+       method{ swap }                          \
+       format{ }                               \
+     .                                         \
+     12000 16000 1000000000  ext4              \
+       $defaultignore{ }                       \
+       $lvmok{ }                               \
+       in_vg { main } lv_name{ root }          \
+       method{ format }                        \
+       format{ }                               \
+       use_filesystem{ }                       \
+       filesystem{ ext4 }                      \
+       mountpoint{ / }                         \
+     .
+###################################################################################################
diff --git a/malcolm-iso/config/includes.chroot/etc/live/config.conf b/malcolm-iso/config/includes.chroot/etc/live/config.conf
index 14d9e9b90..5400a4626 100644
--- a/malcolm-iso/config/includes.chroot/etc/live/config.conf
+++ b/malcolm-iso/config/includes.chroot/etc/live/config.conf
@@ -2,5 +2,5 @@ LIVE_LOCALES="en_US.UTF-8"
 LIVE_HOSTNAME="malcolm-live"
 LIVE_USERNAME="analyst"
 LIVE_USER_FULLNAME="Malcolm Live Analyst"
-LIVE_USER_DEFAULT_GROUPS="adm audio cdrom disk docker netdev plugdev sudo video"
+LIVE_USER_DEFAULT_GROUPS="adm audio cdrom disk docker netdev plugdev sudo video vboxsf"
 
diff --git a/malcolm-iso/config/includes.chroot/etc/skel/.config/lxpanel/LXDE/panels/malcolm b/malcolm-iso/config/includes.chroot/etc/skel/.config/lxpanel/LXDE/panels/malcolm
index 919da157b..81c06872e 100644
--- a/malcolm-iso/config/includes.chroot/etc/skel/.config/lxpanel/LXDE/panels/malcolm
+++ b/malcolm-iso/config/includes.chroot/etc/skel/.config/lxpanel/LXDE/panels/malcolm
@@ -62,6 +62,9 @@ Plugin {
     Button {
       id=malcolm-upload.desktop
     }
+    Button {
+      id=malcolm-mapping.desktop
+    }
     Button {
       id=malcolm-users.desktop
     }
diff --git a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-logs.desktop b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-logs.desktop
index bf6244f9b..41e731b98 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-logs.desktop
+++ b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-logs.desktop
@@ -1,7 +1,7 @@
 #!/usr/bin/env xdg-open
 [Desktop Entry]
 Name=Malcolm Debug Logs
-Exec=lxterminal --command=/bin/bash\ -l\ -c\ ~/Malcolm/scripts/logs.sh
+Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --logs"
 Comment=Monitor the debug output of Malcolm containers
 Terminal=false
 Type=Application
diff --git a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-mapping.desktop b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-mapping.desktop
new file mode 100644
index 000000000..fd8e27ff3
--- /dev/null
+++ b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-mapping.desktop
@@ -0,0 +1,11 @@
+[Desktop Entry]
+Version=1.0
+Name=Malcolm - Host and Subnet Name Mapping
+Exec=/usr/bin/chromium https://localhost/name-map-ui/
+Terminal=false
+X-MultipleArgs=false
+Type=Application
+Icon=server.png
+Categories=Network;
+StartupWMClass=chromium
+StartupNotify=true
diff --git a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-restart.desktop b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-restart.desktop
index 52974d132..1329aa8ae 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-restart.desktop
+++ b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-restart.desktop
@@ -1,7 +1,7 @@
 #!/usr/bin/env xdg-open
 [Desktop Entry]
 Name=Restart Malcolm
-Exec=lxterminal --command=/bin/bash\ -l\ -c\ ~/Malcolm/scripts/restart.sh
+Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --restart"
 Comment=Restart Malcolm
 Terminal=false
 Type=Application
diff --git a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-start.desktop b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-start.desktop
index 3e1d6cac0..c4a3861a0 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-start.desktop
+++ b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-start.desktop
@@ -1,7 +1,7 @@
 #!/usr/bin/env xdg-open
 [Desktop Entry]
 Name=Start Malcolm
-Exec=lxterminal --command=/bin/bash\ -l\ -c\ ~/Malcolm/scripts/start.sh
+Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --start"
 Comment=Start Malcolm
 Terminal=false
 Type=Application
diff --git a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-stop.desktop b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-stop.desktop
index 96aaa9aed..16d8b0560 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-stop.desktop
+++ b/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-stop.desktop
@@ -1,7 +1,7 @@
 #!/usr/bin/env xdg-open
 [Desktop Entry]
 Name=Stop Malcolm
-Exec=lxterminal --command=/bin/bash\ -l\ -c\ ~/Malcolm/scripts/stop.sh
+Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --stop"
 Comment=Stop Malcolm
 Terminal=false
 Type=Application
diff --git a/malcolm-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json b/malcolm-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
index dc292c4e9..1bb9304f7 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
+++ b/malcolm-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "072befc0-ffba-11e8-a854-ad7782ef6a55",
diff --git a/malcolm-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json b/malcolm-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
index d2afbf94f..ba4da7d03 100644
--- a/malcolm-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
+++ b/malcolm-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "1ca59220-ffb0-11e8-a854-ad7782ef6a55",
diff --git a/malcolm-iso/config/package-lists/desktopmanager.list.chroot b/malcolm-iso/config/package-lists/desktopmanager.list.chroot
index b723e3c11..7a1dc55c2 100644
--- a/malcolm-iso/config/package-lists/desktopmanager.list.chroot
+++ b/malcolm-iso/config/package-lists/desktopmanager.list.chroot
@@ -1,10 +1,12 @@
 arandr
 dconf-cli
-fonts-noto-color-emoji
+fonts-symbola
+libnotify-bin
 lightdm
 lxde
 lxpanel
 lxsession
+open-vm-tools-desktop
 x11-apps
 x11-session-utils
 x11-xfs-utils
@@ -13,5 +15,6 @@ xinit
 xorg
 xscreensaver
 xserver-xorg
+xserver-xorg-core
 xserver-xorg-video-qxl
 xserver-xorg-video-vmware
diff --git a/malcolm-iso/config/package-lists/system.list.chroot b/malcolm-iso/config/package-lists/system.list.chroot
index 8de13da7c..d66ceecfc 100644
--- a/malcolm-iso/config/package-lists/system.list.chroot
+++ b/malcolm-iso/config/package-lists/system.list.chroot
@@ -26,6 +26,7 @@ cryptsetup-bin
 curl
 debsums
 dialog
+dmidecode
 dosfstools
 ebtables
 efibootmgr
diff --git a/malcolm-iso/vagrant/Vagrantfile b/malcolm-iso/vagrant/Vagrantfile
index d6a3962d8..5151aed27 100644
--- a/malcolm-iso/vagrant/Vagrantfile
+++ b/malcolm-iso/vagrant/Vagrantfile
@@ -1,7 +1,16 @@
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
 unless Vagrant.has_plugin?("vagrant-reload")
   raise 'vagrant-reload plugin is not installed!'
 end
 
+# hack: https://github.com/hashicorp/vagrant/issues/8878#issuecomment-345112810
+class VagrantPlugins::ProviderVirtualBox::Action::Network
+  def dhcp_server_matches_config?(dhcp_server, config)
+    true
+  end
+end
+
 Vagrant.configure("2") do |config|
 
   config.vm.box = "bento/debian-10"
@@ -16,7 +25,7 @@ Vagrant.configure("2") do |config|
   end
 
   config.vm.provider "virtualbox" do |vb|
-    vb.memory = "4096"
+    vb.memory = "8192"
     vb.cpus = 4
   end
 
@@ -25,6 +34,8 @@ Vagrant.configure("2") do |config|
     apt-get update
     apt-get dist-upgrade -y
     sed -i "s/main/main contrib non-free/g" /etc/apt/sources.list
+    echo "deb http://httpredir.debian.org/debian/ buster-backports main contrib non-free" >> /etc/apt/sources.list
+    echo "deb-src http://httpredir.debian.org/debian/ buster-backports main contrib non-free" >> /etc/apt/sources.list
     apt-get update
     export KERNEL_VERSION=$(apt-cache search linux-image-4 | grep -Pv -- '(-(rt|cloud)-amd64|amd64-(dbg|unsigned))' | sort -r --sort=version | awk '{print $1}' | head -n 1 | sed 's/^linux-image-//' | sed 's/-amd64$//')
     apt-get install -y \
@@ -38,6 +49,12 @@ Vagrant.configure("2") do |config|
     export DEBIAN_FRONTEND=noninteractive
     apt-get update
     apt-get install -y \
-      rsync git live-build debootstrap xorriso squashfs-tools genisoimage pandoc imagemagick
+      rsync git live-build debootstrap xorriso squashfs-tools genisoimage pandoc imagemagick \
+      apt-transport-https ca-certificates curl gnupg2 software-properties-common
+    curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
+    add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
+    apt-get update
+    sudo apt-get install -y docker-ce docker-ce-cli containerd.io
+    usermod -a -G docker vagrant
   STEP2
 end
diff --git a/moloch/etc/config.ini b/moloch/etc/config.ini
index 0daa3b34d..2f3c0c9c5 100644
--- a/moloch/etc/config.ini
+++ b/moloch/etc/config.ini
@@ -12,9 +12,9 @@ httpRealm=Moloch
 interface=eth0
 wiseHost=127.0.0.1
 wisePort=8081
-pcapDir=/data/moloch/raw
+pcapDir=/data/pcap/processed
 readTruncatedPackets=true
-maxFileSizeG=12
+maxFileSizeG=1
 tcpTimeout=600
 tcpSaveTimeout=720
 udpTimeout=30
diff --git a/moloch/moloch_regression_test_harness/Dockerfiles/moloch.Dockerfile b/moloch/moloch_regression_test_harness/Dockerfiles/moloch.Dockerfile
new file mode 100644
index 000000000..c5bdbcdfd
--- /dev/null
+++ b/moloch/moloch_regression_test_harness/Dockerfiles/moloch.Dockerfile
@@ -0,0 +1,72 @@
+FROM debian:buster-slim AS build
+
+ENV DEBIAN_FRONTEND noninteractive
+
+ENV GITHUB_URL "https://github.com/mmguero-dev/moloch/"
+ENV GITHUB_BRANCH "topic/netdiff_2.2.3"
+ENV MOLOCHDIR "/data/moloch"
+ENV MOLOCHUSER "moloch"
+
+USER root
+
+RUN apt-get -q update && \
+    apt-get install -q -y --no-install-recommends \
+        binutils \
+        bison \
+        cmake \
+        curl \
+        file \
+        flex \
+        g++ \
+        gcc \
+        gettext \
+        git \
+        groff \
+        groff-base \
+        libcap-dev \
+        libjson-perl \
+        libkrb5-dev \
+        libmaxminddb-dev \
+        libpcap0.8-dev \
+        libssl-dev \
+        libtool \
+        libwww-perl \
+        libyaml-dev \
+        make \
+        patch \
+        python \
+        python-dev \
+        rename \
+        sudo \
+        swig \
+        vim-tiny \
+        wget \
+        zlib1g-dev
+
+RUN mkdir /data && \
+    groupadd --gid 1000 $MOLOCHUSER && \
+    useradd -M --uid 1000 --gid 1000 --home $MOLOCHDIR --no-create-home $MOLOCHUSER && \
+    chown -R $MOLOCHUSER:$MOLOCHUSER /data && \
+    usermod -aG sudo $MOLOCHUSER && \
+    sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
+    sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g'
+
+USER $MOLOCHUSER
+
+RUN git clone --recursive --depth=1 --single-branch -b "$GITHUB_BRANCH" "$GITHUB_URL" "$MOLOCHDIR" && \
+    cd "$MOLOCHDIR" && \
+    bash -c 'for i in /data/patches/*; do patch -p 1 -r - --no-backup-if-mismatch < $i || true; done' && \
+    export PATH="$MOLOCHDIR/bin:${PATH}" && \
+    sudo ln -sfr $MOLOCHDIR/bin/npm /usr/local/bin/npm && \
+    sudo ln -sfr $MOLOCHDIR/bin/node /usr/local/bin/node && \
+    sudo ln -sfr $MOLOCHDIR/bin/npx /usr/local/bin/npx && \
+    ./easybutton-build.sh && \
+    (make check || true)
+
+ENV PATH="/data:$MOLOCHDIR/bin:${PATH}"
+
+EXPOSE 8000 8005 8081
+
+WORKDIR $MOLOCHDIR/tests
+
+CMD bash
diff --git a/moloch/moloch_regression_test_harness/docker-compose.yml b/moloch/moloch_regression_test_harness/docker-compose.yml
new file mode 100644
index 000000000..3e1372328
--- /dev/null
+++ b/moloch/moloch_regression_test_harness/docker-compose.yml
@@ -0,0 +1,47 @@
+version: '3.7'
+
+services:
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.6.2
+    restart: "no"
+    environment:
+      logger.level : 'INFO'
+      bootstrap.memory_lock : 'true'
+      ES_JAVA_OPTS : '-Xms4g -Xmx4g -Xss256k -Djava.security.egd=file:/dev/./urandom'
+      discovery.type : 'single-node'
+      # cluster.initial_master_nodes : 'elasticsearch'
+      cluster.routing.allocation.disk.threshold_enabled : 'false'
+      cluster.routing.allocation.node_initial_primaries_recoveries : 8
+    expose:
+      - 9200
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+    cap_add:
+      - IPC_LOCK
+    healthcheck:
+        test: ["CMD", "curl", "-f", "http://localhost:9200"]
+        interval: 30s
+        timeout: 15s
+        retries: 3
+        start_period: 30s
+    network_mode: host
+  moloch:
+    build:
+      context: .
+      dockerfile: Dockerfiles/moloch.Dockerfile
+    image: molochtest:latest
+    restart: "no"
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+    depends_on:
+      - elasticsearch
+    expose:
+      - 8000
+      - 8005
+      - 8081
+    network_mode: host
+    command: tail -F /dev/null
diff --git a/moloch/patch/remove_upload.patch b/moloch/patch/remove_upload.patch
new file mode 100644
index 000000000..8eb19d01d
--- /dev/null
+++ b/moloch/patch/remove_upload.patch
@@ -0,0 +1,24 @@
+diff --git a/viewer/vueapp/src/router/index.js b/viewer/vueapp/src/router/index.js
+index 02494926..a3c974f9 100644
+--- a/viewer/vueapp/src/router/index.js
++++ b/viewer/vueapp/src/router/index.js
+@@ -11,7 +11,6 @@ import Spiview from '@/components/spiview/Spiview';
+ import Spigraph from '@/components/spigraph/Spigraph';
+ import Connections from '@/components/connections/Connections';
+ import Settings from '@/components/settings/Settings';
+-import Upload from '@/components/upload/Upload';
+ import Hunt from '@/components/hunt/Hunt';
+ import Moloch404 from '@/components/utils/404';
+ 
+@@ -86,11 +85,6 @@ const router = new Router({
+       name: 'Settings',
+       component: Settings
+     },
+-    {
+-      path: '/upload',
+-      name: 'Upload',
+-      component: Upload
+-    },
+     {
+       path: '/hunt',
+       name: 'Hunt',
diff --git a/moloch/scripts/initmoloch.sh b/moloch/scripts/initmoloch.sh
index 28914ca78..f5af90edc 100755
--- a/moloch/scripts/initmoloch.sh
+++ b/moloch/scripts/initmoloch.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 rm -f $MOLOCHDIR/initialized $MOLOCHDIR/runwise
 
diff --git a/moloch/scripts/moloch-needs-upgrade.sh b/moloch/scripts/moloch-needs-upgrade.sh
index f79f0a3f7..d61d13497 100755
--- a/moloch/scripts/moloch-needs-upgrade.sh
+++ b/moloch/scripts/moloch-needs-upgrade.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # this script returns:
 #   0 - an UPGRADE IS NEEDED for Moloch indices
diff --git a/moloch/scripts/moloch_update_geo.sh b/moloch/scripts/moloch_update_geo.sh
index a195e9303..309ebc74d 100755
--- a/moloch/scripts/moloch_update_geo.sh
+++ b/moloch/scripts/moloch_update_geo.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 cd "/data/moloch/etc"
 
diff --git a/moloch/scripts/viewer_service.sh b/moloch/scripts/viewer_service.sh
index da6f19c3a..eea39a825 100755
--- a/moloch/scripts/viewer_service.sh
+++ b/moloch/scripts/viewer_service.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 while true; do
diff --git a/moloch/scripts/wipemoloch.sh b/moloch/scripts/wipemoloch.sh
index b1b0fec69..91d8fd94c 100755
--- a/moloch/scripts/wipemoloch.sh
+++ b/moloch/scripts/wipemoloch.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 echo "Checking Elasticsearch..."
diff --git a/moloch/scripts/wise_service.sh b/moloch/scripts/wise_service.sh
index 86d9d6fcd..ef4380dd4 100755
--- a/moloch/scripts/wise_service.sh
+++ b/moloch/scripts/wise_service.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 while true; do
diff --git a/moloch/supervisord.conf b/moloch/supervisord.conf
index 2cd500ae0..adccd3b80 100644
--- a/moloch/supervisord.conf
+++ b/moloch/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/moloch/wise/source.zeeklogs.js b/moloch/wise/source.zeeklogs.js
index 9b4e48255..ab7d12bcd 100755
--- a/moloch/wise/source.zeeklogs.js
+++ b/moloch/wise/source.zeeklogs.js
@@ -10,7 +10,7 @@ var wiseSource     = require('./wiseSource.js')
 // Data may be populated with Malcolm's Zeek Logstash filters:
 //   (particularly https://raw.githubusercontent.com/idaholab/Malcolm/master/logstash/pipeline-main/11_zeek_logs.conf)
 //
-// Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+// Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 // see https://raw.githubusercontent.com/idaholab/Malcolm/master/License.txt
 //////////////////////////////////////////////////////////////////////////////////
 function ZeekLogs (api, section) {
@@ -46,7 +46,12 @@ function ZeekLogs (api, section) {
   this.destination_geo_countryField = this.api.addField("field:zeek.destination_geo.country_name;db:zeek.destination_geo.country_name;kind:termfield;friendly:Responding GeoIP Country;help:Responding GeoIP Country");
   this.protoField = this.api.addField("field:zeek.proto;db:zeek.proto;kind:lotermfield;friendly:Protocol;help:Protocol");
   this.serviceField = this.api.addField("field:zeek.service;db:zeek.service;kind:termfield;friendly:Service;help:Service");
+  this.service_versionField = this.api.addField("field:zeek.service_version;db:zeek.service_version;kind:termfield;friendly:Service Version;help:Service Version");
+  this.actionField = this.api.addField("field:zeek.action;db:zeek.action;kind:termfield;friendly:Action;help:Action");
   this.userField = this.api.addField("field:zeek.user;db:zeek.user;kind:termfield;friendly:User;help:User");
+  this.passwordField = this.api.addField("field:zeek.password;db:zeek.password;kind:termfield;friendly:Password;help:Password");
+  this.freq_score_v1 = this.api.addField("field:zeek.freq_score_v1;db:zeek_dns.freq_score_v1;kind:termfield;friendly:Freq Score v1;help:Freq Score v1");
+  this.freq_score_v2 = this.api.addField("field:zeek.freq_score_v2;db:zeek_dns.freq_score_v2;kind:termfield;friendly:Freq Score v2;help:Freq Score v2");
 
   // file information
   this.fuidField = this.api.addField("field:zeek.fuid;db:zeek.fuid;kind:termfield;friendly:File ID;help:File ID");
@@ -162,7 +167,6 @@ function ZeekLogs (api, section) {
 
   // files.log
   // https://docs.zeek.org/en/stable/scripts/base/frameworks/files/main.zeek.html#type-Files::Info
-  this.files_fuidField = this.api.addField("field:zeek_files.fuid;db:zeek_files.fuid;kind:termfield;friendly:File ID;help:File ID");
   this.files_tx_hostsField = this.api.addField("field:zeek_files.tx_hosts;db:zeek_files.tx_hosts;kind:termfield;friendly:Transmitter;help:Transmitter");
   this.files_rx_hostsField = this.api.addField("field:zeek_files.rx_hosts;db:zeek_files.rx_hosts;kind:termfield;friendly:Receiver;help:Receiver");
   this.files_conn_uidsField = this.api.addField("field:zeek_files.conn_uids;db:zeek_files.conn_uids;kind:termfield;friendly:Connection ID;help:Connection ID");
@@ -189,7 +193,6 @@ function ZeekLogs (api, section) {
 
   // ftp.log
   // https://docs.zeek.org/en/stable/scripts/base/protocols/ftp/info.zeek.html#type-FTP::Info
-  this.ftp_passwordField = this.api.addField("field:zeek_ftp.password;db:zeek_ftp.password;kind:termfield;friendly:Password;help:Password");
   this.ftp_commandField = this.api.addField("field:zeek_ftp.command;db:zeek_ftp.command;kind:termfield;friendly:Command;help:Command");
   this.ftp_argField = this.api.addField("field:zeek_ftp.arg;db:zeek_ftp.arg;kind:termfield;friendly:Argument;help:Argument");
   this.ftp_mime_typeField = this.api.addField("field:zeek_ftp.mime_type;db:zeek_ftp.mime_type;kind:termfield;friendly:File Magic;help:File Magic");
@@ -200,7 +203,6 @@ function ZeekLogs (api, section) {
   this.ftp_data_channel_orig_hField = this.api.addField("field:zeek_ftp.data_channel_orig_h;db:zeek_ftp.data_channel_orig_h;kind:termfield;friendly:Data Originating Host;help:Data Originating Host");
   this.ftp_data_channel_resp_hField = this.api.addField("field:zeek_ftp.data_channel_resp_h;db:zeek_ftp.data_channel_resp_h;kind:termfield;friendly:Data Responding Host;help:Data Responding Host");
   this.ftp_data_channel_resp_pField = this.api.addField("field:zeek_ftp.data_channel_resp_p;db:zeek_ftp.data_channel_resp_p;kind:integer;friendly:Data Responding Port;help:Data Responding Port");
-  this.ftp_fuidField = this.api.addField("field:zeek_ftp.fuid;db:zeek_ftp.fuid;kind:termfield;friendly:File ID;help:File ID");
 
   // gquic.log
   // https://github.com/salesforce/GQUIC_Protocol_Analyzer/blob/master/scripts/Salesforce/GQUIC/main.bro
@@ -228,8 +230,6 @@ function ZeekLogs (api, section) {
   this.http_info_codeField = this.api.addField("field:zeek_http.info_code;db:zeek_http.info_code;kind:integer;friendly:Informational Code;help:Informational Code");
   this.http_info_msgField = this.api.addField("field:zeek_http.info_msg;db:zeek_http.info_msg;kind:termfield;friendly:Informational Message;help:Informational Message");
   this.http_tagsField = this.api.addField("field:zeek_http.tags;db:zeek_http.tags;kind:termfield;friendly:HTTP Tag;help:HTTP Tag");
-  this.http_userField = this.api.addField("field:zeek_http.user;db:zeek_http.user;kind:termfield;friendly:User;help:User");
-  this.http_passwordField = this.api.addField("field:zeek_http.password;db:zeek_http.password;kind:termfield;friendly:Password;help:Password");
   this.http_proxiedField = this.api.addField("field:zeek_http.proxied;db:zeek_http.proxied;kind:termfield;friendly:Proxy Header;help:Proxy Header");
   this.http_orig_fuidsField = this.api.addField("field:zeek_http.orig_fuids;db:zeek_http.orig_fuids;kind:termfield;friendly:Originating File ID;help:Originating File ID");
   this.http_orig_filenamesField = this.api.addField("field:zeek_http.orig_filenames;db:zeek_http.orig_filenames;kind:termfield;friendly:Originating Filename;help:Originating Filename");
@@ -246,7 +246,6 @@ function ZeekLogs (api, section) {
   this.intel_seen_nodeField = this.api.addField("field:zeek_intel.seen_node;db:zeek_intel.seen_node;kind:termfield;friendly:Discovered Node;help:Discovered Node");
   this.intel_matchedField = this.api.addField("field:zeek_intel.matched;db:zeek_intel.matched;kind:termfield;friendly:Match Indicator;help:Match Indicator");
   this.intel_sourcesField = this.api.addField("field:zeek_intel.sources;db:zeek_intel.sources;kind:termfield;friendly:Match Source;help:Match Source");
-  this.intel_fuidField = this.api.addField("field:zeek_intel.fuid;db:zeek_intel.fuid;kind:termfield;friendly:File ID;help:File ID");
   this.intel_mimetypeField = this.api.addField("field:zeek_intel.mimetype;db:zeek_intel.mimetype;kind:termfield;friendly:File Magic;help:File Magic");
   this.intel_file_descriptionField = this.api.addField("field:zeek_intel.file_description;db:zeek_intel.file_description;kind:termfield;friendly:File Description;help:File Description");
 
@@ -259,7 +258,6 @@ function ZeekLogs (api, section) {
   this.irc_dcc_file_nameField = this.api.addField("field:zeek_irc.dcc_file_name;db:zeek_irc.dcc_file_name;kind:termfield;friendly:DCC Filename;help:DCC Filename");
   this.irc_dcc_file_sizeField = this.api.addField("field:zeek_irc.dcc_file_size;db:zeek_irc.dcc_file_size;kind:integer;friendly:DCC File Size;help:DCC File Size");
   this.irc_dcc_mime_typeField = this.api.addField("field:zeek_irc.dcc_mime_type;db:zeek_irc.dcc_mime_type;kind:termfield;friendly:DCC File Magic;help:DCC File Magic");
-  this.irc_fuidField = this.api.addField("field:zeek_irc.fuid;db:zeek_irc.fuid;kind:termfield;friendly:File ID;help:File ID");
 
   // iso_cotp.log
   // https://github.com/amzn/zeek-plugin-s7comm/blob/master/scripts/main.zeek
@@ -350,10 +348,11 @@ function ZeekLogs (api, section) {
 
   // notice.log
   // https://docs.zeek.org/en/stable/scripts/base/frameworks/notice/main.zeek.html#type-Notice::Info
-  this.notice_fuidField = this.api.addField("field:zeek_notice.fuid;db:zeek_notice.fuid;kind:termfield;friendly:File ID;help:File ID");
   this.notice_file_mime_typeField = this.api.addField("field:zeek_notice.file_mime_type;db:zeek_notice.file_mime_type;kind:termfield;friendly:File Magic;help:File Magic");
   this.notice_file_descField = this.api.addField("field:zeek_notice.file_desc;db:zeek_notice.file_desc;kind:termfield;friendly:File Description;help:File Description");
   this.notice_noteField = this.api.addField("field:zeek_notice.note;db:zeek_notice.note;kind:termfield;friendly:Notice Type;help:Notice Type");
+  this.notice_categoryField = this.api.addField("field:zeek_notice.category;db:zeek_notice.category;kind:termfield;friendly:Category;help:Category");
+  this.notice_sub_categoryField = this.api.addField("field:zeek_notice.sub_category;db:zeek_notice.sub_category;kind:termfield;friendly:Subcategory;help:Subcategory");
   this.notice_msgField = this.api.addField("field:zeek_notice.msg;db:zeek_notice.msg;kind:termfield;friendly:Message;help:Message");
   this.notice_subField = this.api.addField("field:zeek_notice.sub;db:zeek_notice.sub;kind:termfield;friendly:Submessage;help:Submessage");
   this.notice_srcField = this.api.addField("field:zeek_notice.src;db:zeek_notice.src;kind:termfield;friendly:Notice Source;help:Notice Source");
@@ -399,7 +398,6 @@ function ZeekLogs (api, section) {
 
   // pe.log
   // https://docs.zeek.org/en/stable/scripts/base/files/pe/main.zeek.html#type-PE::Info
-  this.pe_fuidField = this.api.addField("field:zeek_pe.fuid;db:zeek_pe.fuid;kind:termfield;friendly:File ID;help:File ID");
   this.pe_machineField = this.api.addField("field:zeek_pe.machine;db:zeek_pe.machine;kind:termfield;friendly:Target Machine;help:Target Machine");
   this.pe_compile_tsField = this.api.addField("field:zeek_pe.compile_ts;db:zeek_pe.compile_ts;kind:termfield;friendly:Compile Timestamp;help:Compile Timestamp");
   this.pe_osField = this.api.addField("field:zeek_pe.os;db:zeek_pe.os;kind:termfield;friendly:Target OS;help:Target Operating System");
@@ -522,10 +520,21 @@ function ZeekLogs (api, section) {
   this.sip_request_body_lenField = this.api.addField("field:zeek_sip.request_body_len;db:zeek_sip.request_body_len;kind:integer;friendly:Request Body Length;help:Request Body Length");
   this.sip_response_body_lenField = this.api.addField("field:zeek_sip.response_body_len;db:zeek_sip.response_body_len;kind:integer;friendly:Response Body Length;help:Response Body Length");
   this.sip_content_typeField = this.api.addField("field:zeek_sip.content_type;db:zeek_sip.content_type;kind:termfield;friendly:Content Type Header;help:Content Type Header");
+  this.sip_versionField = this.api.addField("field:zeek_sip.version;db:zeek_sip.version;kind:termfield;friendly:Version;help:Version");
+
+  // smb_cmd.log
+  // https://docs.zeek.org/en/stable/scripts/base/protocols/smb/main.zeek.html#type-SMB::CmdInfo
+  this.smb_cmd_commandField = this.api.addField("field:zeek_smb_cmd.command;db:zeek_smb_cmd.command;kind:termfield;friendly:Command;help:Command");
+  this.smb_cmd_sub_commandField = this.api.addField("field:zeek_smb_cmd.sub_command;db:zeek_smb_cmd.sub_command;kind:termfield;friendly:Subcommand;help:Subcommand");
+  this.smb_cmd_argumentField = this.api.addField("field:zeek_smb_cmd.argument;db:zeek_smb_cmd.argument;kind:termfield;friendly:Argument;help:Argument");
+  this.smb_cmd_statusField = this.api.addField("field:zeek_smb_cmd.status;db:zeek_smb_cmd.status;kind:termfield;friendly:Status;help:Status");
+  this.smb_cmd_rttField = this.api.addField("field:zeek_smb_cmd.rtt;db:zeek_smb_cmd.rtt;kind:termfield;friendly:Round Trip Time;help:Round Trip Time");
+  this.smb_cmd_versionField = this.api.addField("field:zeek_smb_cmd.version;db:zeek_smb_cmd.version;kind:termfield;friendly:Version;help:Version");
+  this.smb_cmd_treeField = this.api.addField("field:zeek_smb_cmd.tree;db:zeek_smb_cmd.tree;kind:termfield;friendly:Tree;help:Tree");
+  this.smb_cmd_tree_serviceField = this.api.addField("field:zeek_smb_cmd.tree_service;db:zeek_smb_cmd.tree_service;kind:termfield;friendly:Tree Service;help:Tree Service");
 
   // smb_files.log
   // https://docs.zeek.org/en/stable/scripts/base/protocols/smb/main.zeek.html#type-SMB::FileInfo
-  this.smb_files_fuidField = this.api.addField("field:zeek_smb_files.fuid;db:zeek_smb_files.fuid;kind:termfield;friendly:File ID;help:File ID");
   this.smb_files_actionField = this.api.addField("field:zeek_smb_files.action;db:zeek_smb_files.action;kind:termfield;friendly:Action;help:Action");
   this.smb_files_pathField = this.api.addField("field:zeek_smb_files.path;db:zeek_smb_files.path;kind:termfield;friendly:File Path;help:File Path");
   this.smb_files_nameField = this.api.addField("field:zeek_smb_files.name;db:zeek_smb_files.name;kind:termfield;friendly:File Name;help:File Name");
@@ -567,7 +576,6 @@ function ZeekLogs (api, section) {
   this.smtp_pathField = this.api.addField("field:zeek_smtp.path;db:zeek_smtp.path;kind:termfield;friendly:Tranmission Path;help:Tranmission Path");
   this.smtp_user_agentField = this.api.addField("field:zeek_smtp.user_agent;db:zeek_smtp.user_agent;kind:termfield;friendly:User Agent;help:User Agent");
   this.smtp_tlsField = this.api.addField("field:zeek_smtp.tls;db:zeek_smtp.tls;kind:termfield;friendly:TLS;help:TLS");
-  this.smtp_fuidsField = this.api.addField("field:zeek_smtp.fuids;db:zeek_smtp.fuids;kind:termfield;friendly:File ID;help:File ID");
   this.smtp_is_webmailField = this.api.addField("field:zeek_smtp.is_webmail;db:zeek_smtp.is_webmail;kind:termfield;friendly:Is Webmail;help:Is Webmail");
 
   // snmp.log
@@ -585,7 +593,6 @@ function ZeekLogs (api, section) {
   // socks.log
   // https://docs.zeek.org/en/stable/scripts/base/protocols/socks/main.zeek.html#type-SOCKS::Info
   this.socks_versionField = this.api.addField("field:zeek_socks.version;db:zeek_socks.version;kind:integer;friendly:Version;help:Version");
-  this.socks_passwordField = this.api.addField("field:zeek_socks.password;db:zeek_socks.password;kind:termfield;friendly:Password;help:Password");
   this.socks_server_statusField = this.api.addField("field:zeek_socks.server_status;db:zeek_socks.server_status;kind:termfield;friendly:Server Status;help:Server Status");
   this.socks_request_hostField = this.api.addField("field:zeek_socks.request_host;db:zeek_socks.request_host;kind:termfield;friendly:Client Address;help:Client Address");
   this.socks_request_nameField = this.api.addField("field:zeek_socks.request_name;db:zeek_socks.request_name;kind:termfield;friendly:Client Name;help:Client Name");
@@ -742,7 +749,6 @@ function ZeekLogs (api, section) {
 
   // x509.log
   // https://docs.zeek.org/en/stable/scripts/base/files/x509/main.zeek.html#type-X509::Info
-  this.x509_fuidField = this.api.addField("field:zeek_x509.fuid;db:zeek_x509.fuid;kind:termfield;friendly:File ID;help:fuid");
   this.x509_certificate_versionField = this.api.addField("field:zeek_x509.certificate_version;db:zeek_x509.certificate_version;kind:integer;friendly:Version;help:Version");
   this.x509_certificate_serialField = this.api.addField("field:zeek_x509.certificate_serial;db:zeek_x509.certificate_serial;kind:termfield;friendly:Serial Number;help:Serial Number");
   this.x509_certificate_subject_fullField = this.api.addField("field:zeek_x509.certificate_subject_full;db:zeek_x509.certificate_subject_full;kind:termfield;friendly:Subject;help:Subject");
@@ -795,7 +801,7 @@ function ZeekLogs (api, section) {
   // add right-clicks for pivoting into Kibana from Moloch (see nginx.conf)
   var filterLabel = "Filter %DBFIELD% in Kibana";
   var filterUrl = "idmol2kib/filter?start=%ISOSTART%&stop=%ISOSTOP%&field=%DBFIELD%&value=%TEXT%";
-  var allFieldsStr = "communityId,host.name,ip.protocol,mac.dst,mac.src,node,oui.dst,oui.src,protocols,rootId,tags,zeek.community_id,zeek.destination_geo.city_name,zeek.destination_geo.country_name,zeek.destination_ip_reverse_dns,zeek.filename,zeek.filetype,zeek.fuid,zeek.logType,zeek.orig_h,zeek.orig_hostname,zeek.orig_l2_addr,zeek.orig_l2_oui,zeek.orig_p,zeek.orig_segment,zeek.proto,zeek.resp_h,zeek.resp_hostname,zeek.resp_l2_addr,zeek.resp_l2_oui,zeek.resp_p,zeek.resp_segment,zeek.service,zeek.source_geo.city_name,zeek.source_geo.country_name,zeek.source_ip_reverse_dns,zeek.ts,zeek.uid,zeek.user,zeek_bacnet.apdu_type,zeek_bacnet.bvlc_function,zeek_bacnet.bvlc_len,zeek_bacnet.data,zeek_bacnet.data_dict.date,zeek_bacnet.data_dict.low_limit,zeek_bacnet.data_dict.high_limit,zeek_bacnet.data_dict.object,zeek_bacnet.data_dict.property,zeek_bacnet.data_dict.result,zeek_bacnet.data_dict.time,zeek_bacnet.data_dict.ttl,zeek_bacnet.service_choice,zeek_cip.cip_service,zeek_cip.cip_tags,zeek_cip.status,zeek_conn.conn_state,zeek_conn.conn_state_description,zeek_conn.duration,zeek_conn.history,zeek_conn.inner_vlan,zeek_conn.local_orig,zeek_conn.local_resp,zeek_conn.missed_bytes,zeek_conn.orig_bytes,zeek_conn.orig_ip_bytes,zeek_conn.orig_pkts,zeek_conn.resp_bytes,zeek_conn.resp_ip_bytes,zeek_conn.resp_pkts,zeek_conn.tunnel_parents,zeek_conn.vlan,zeek_dce_rpc.endpoint,zeek_dce_rpc.named_pipe,zeek_dce_rpc.operation,zeek_dce_rpc.rtt,zeek_dhcp.assigned_ip,zeek_dhcp.lease_time,zeek_dhcp.mac,zeek_dhcp.trans_id,zeek_dnp3.fc_reply,zeek_dnp3.fc_request,zeek_dnp3.iin,zeek_dns.AA,zeek_dns.answers,zeek_dns.qclass,zeek_dns.qclass_name,zeek_dns.qtype,zeek_dns.qtype_name,zeek_dns.query,zeek_dns.RA,zeek_dns.rcode,zeek_dns.rcode_name,zeek_dns.RD,zeek_dns.rejected,zeek_dns.rtt,zeek_dns.TC,zeek_dns.trans_id,zeek_dns.TTLs,zeek_dns.Z,zeek_dpd.failure_reason,zeek_dpd.service,zeek_enip.command,zeek_enip.length,zeek_enip.options,zeek_enip.sender_context,zeek_enip.session_handle,zeek_enip.status,zeek_enip_list_identity.device_ip,zeek_enip_list_identity.device_type,zeek_enip_list_identity.product_code,zeek_enip_list_identity.product_name,zeek_enip_list_identity.revision,zeek_enip_list_identity.serial_number,zeek_enip_list_identity.state,zeek_enip_list_identity.status,zeek_enip_list_identity.vendor,zeek_files.analyzers,zeek_files.conn_uids,zeek_files.depth,zeek_files.duration,zeek_files.extracted,zeek_files.extracted_cutoff,zeek_files.extracted_size,zeek_files.filename,zeek_files.fuid,zeek_files.is_orig,zeek_files.local_orig,zeek_files.md5,zeek_files.mime_type,zeek_files.missing_bytes,zeek_files.overflow_bytes,zeek_files.parent_fuid,zeek_files.rx_hosts,zeek_files.seen_bytes,zeek_files.sha1,zeek_files.sha256,zeek_files.source,zeek_files.timedout,zeek_files.total_bytes,zeek_files.tx_hosts,zeek_ftp.arg,zeek_ftp.command,zeek_ftp.data_channel_orig_h,zeek_ftp.data_channel_passive,zeek_ftp.data_channel_resp_h,zeek_ftp.data_channel_resp_p,zeek_ftp.file_size,zeek_ftp.fuid,zeek_ftp.mime_type,zeek_ftp.password,zeek_ftp.reply_code,zeek_ftp.reply_msg,zeek_gquic.cyu,zeek_gquic.cyutags,zeek_gquic.server_name,zeek_gquic.tag_count,zeek_gquic.user_agent,zeek_gquic.version,zeek_http.host,zeek_http.info_code,zeek_http.info_msg,zeek_http.method,zeek_http.orig_filenames,zeek_http.orig_fuids,zeek_http.orig_mime_types,zeek_http.origin,zeek_http.password,zeek_http.proxied,zeek_http.referrer,zeek_http.request_body_len,zeek_http.resp_filenames,zeek_http.resp_fuids,zeek_http.resp_mime_types,zeek_http.response_body_len,zeek_http.status_code,zeek_http.status_msg,zeek_http.tags,zeek_http.trans_depth,zeek_http.uri,zeek_http.user,zeek_http.user_agent,zeek_http.version,zeek_intel.file_description,zeek_intel.fuid,zeek_intel.indicator,zeek_intel.indicator_type,zeek_intel.matched,zeek_intel.mimetype,zeek_intel.seen_node,zeek_intel.seen_where,zeek_intel.sources,zeek_irc.addl,zeek_irc.command,zeek_irc.dcc_file_name,zeek_irc.dcc_file_size,zeek_irc.dcc_mime_type,zeek_irc.fuid,zeek_irc.nick,zeek_irc.value,zeek_iso_cotp.pdu_type,zeek_kerberos.cipher,zeek_kerberos.client_cert_fuid,zeek_kerberos.client_cert_subject,zeek_kerberos.cname,zeek_kerberos.error_msg,zeek_kerberos.forwardable,zeek_kerberos.from,zeek_kerberos.renewable,zeek_kerberos.server_cert_fuid,zeek_kerberos.server_cert_subject,zeek_kerberos.sname,zeek_kerberos.success,zeek_kerberos.till,zeek_known_certs.issuer_subject,zeek_known_certs.serial,zeek_known_certs.subject,zeek_known_modbus.device_type,zeek_ldap.message_id,zeek_ldap.operation,zeek_ldap.value,zeek_ldap.entry,zeek_ldap.result,zeek_ldap.result_code,zeek_ldap.error,zeek_modbus.exception,zeek_modbus.func,modbus_register_change.register,modbus_register_change.old_val,modbus_register_change.new_val,modbus_register_change.delta,zeek_mqtt_connect.client_id,zeek_mqtt_connect.connect_status,zeek_mqtt_connect.proto_name,zeek_mqtt_connect.proto_version,zeek_mqtt_connect.will_payload,zeek_mqtt_connect.will_topic,zeek_mqtt_publish.from_client,zeek_mqtt_publish.retain,zeek_mqtt_publish.qos,zeek_mqtt_publish.status,zeek_mqtt_publish.topic,zeek_mqtt_publish.payload,zeek_mqtt_publish.payload_len,zeek_mqtt_subscribe.action,zeek_mqtt_subscribe.topics,zeek_mqtt_subscribe.qos_levels,zeek_mqtt_subscribe.granted_qos_level,zeek_mqtt_subscribe.ack,zeek_mysql.arg,zeek_mysql.cmd,zeek_mysql.response,zeek_mysql.rows,zeek_mysql.success,zeek_notice.actions,zeek_notice.dropped,zeek_notice.dst,zeek_notice.file_desc,zeek_notice.file_mime_type,zeek_notice.fuid,zeek_notice.msg,zeek_notice.n,zeek_notice.note,zeek_notice.p,zeek_notice.peer_descr,zeek_notice.remote_location_city,zeek_notice.remote_location_cityremote_location_latitude,zeek_notice.remote_location_country_code,zeek_notice.remote_location_latitude,zeek_notice.remote_location_longitude,zeek_notice.remote_location_region,zeek_notice.src,zeek_notice.sub,zeek_notice.suppress_for,zeek_ntlm.domain,zeek_ntlm.host,zeek_ntlm.status,zeek_ntlm.success,zeek_ntlm.server_nb_computer,zeek_ntlm.server_dns_computer,zeek_ntlm.server_tree,zeek_ntp.mode,zeek_ntp.mode_str,zeek_ntp.num_exts,zeek_ntp.org_time,zeek_ntp.poll,zeek_ntp.precision,zeek_ntp.rec_time,zeek_ntp.ref_id,zeek_ntp.ref_time,zeek_ntp.root_delay,zeek_ntp.root_disp,zeek_ntp.stratum,zeek_ntp.version,zeek_ntp.xmt_time,zeek_pe.compile_ts,zeek_pe.fuid,zeek_pe.has_cert_table,zeek_pe.has_debug_data,zeek_pe.has_export_table,zeek_pe.has_import_table,zeek_pe.is_64bit,zeek_pe.is_exe,zeek_pe.machine,zeek_pe.os,zeek_pe.section_names,zeek_pe.subsystem,zeek_pe.uses_aslr,zeek_pe.uses_code_integrity,zeek_pe.uses_dep,zeek_pe.uses_seh,zeek_profinet.block_version,zeek_profinet.index,zeek_profinet.operation_type,zeek_profinet.slot_number,zeek_profinet.subslot_number,zeek_profinet_dce_rpc.activity_uuid,zeek_profinet_dce_rpc.interface_uuid,zeek_profinet_dce_rpc.object_uuid,zeek_profinet_dce_rpc.operation,zeek_profinet_dce_rpc.packet_type,zeek_profinet_dce_rpc.server_boot_time,zeek_profinet_dce_rpc.version,zeek_radius.connect_info,zeek_radius.framed_addr,zeek_radius.mac,zeek_radius.tunnel_client,zeek_radius.reply_msg,zeek_radius.result,zeek_radius.ttl,zeek_rdp.cert_count,zeek_rdp.cert_permanent,zeek_rdp.cert_type,zeek_rdp.client_build,zeek_rdp.client_channels,zeek_rdp.client_dig_product_id,zeek_rdp.client_name,zeek_rdp.cookie,zeek_rdp.desktop_height,zeek_rdp.desktop_width,zeek_rdp.encryption_level,zeek_rdp.encryption_method,zeek_rdp.keyboard_layout,zeek_rdp.requested_color_depth,zeek_rdp.result,zeek_rdp.security_protocol,zeek_rfb.auth,zeek_rfb.authentication_method,zeek_rfb.client_major_version,zeek_rfb.client_minor_version,zeek_rfb.desktop_name,zeek_rfb.height,zeek_rfb.server_major_version,zeek_rfb.server_minor_version,zeek_rfb.share_flag,zeek_rfb.width,zeek_s7comm.data_info,zeek_s7comm.item_count,zeek_s7comm.parameter,zeek_s7comm.parameters.class,zeek_s7comm.parameters.code,zeek_s7comm.parameters.group,zeek_s7comm.parameters.mode,zeek_s7comm.parameters.sub,zeek_s7comm.parameters.type,zeek_s7comm.rosctr,zeek_signatures.engine,zeek_signatures.event_message,zeek_signatures.hits,zeek_signatures.host_count,zeek_signatures.note,zeek_signatures.signature_count,zeek_signatures.signature_id,zeek_signatures.sub_message,zeek_sip.call_id,zeek_sip.content_type,zeek_sip.date,zeek_sip.method,zeek_sip.reply_to,zeek_sip.request_body_len,zeek_sip.request_from,zeek_sip.request_path,zeek_sip.request_to,zeek_sip.response_body_len,zeek_sip.response_from,zeek_sip.response_path,zeek_sip.response_to,zeek_sip.seq,zeek_sip.status_code,zeek_sip.status_msg,zeek_sip.subject,zeek_sip.trans_depth,zeek_sip.uri,zeek_sip.user_agent,zeek_sip.warning,zeek_smb_files.action,zeek_smb_files.fuid,zeek_smb_files.name,zeek_smb_files.path,zeek_smb_files.prev_name,zeek_smb_files.size,zeek_smb_files.times_accessed,zeek_smb_files.times_changed,zeek_smb_files.data_offset_req,zeek_smb_files.data_len_req,zeek_smb_files.data_len_rsp,zeek_smb_files.times_created,zeek_smb_files.times_modified,zeek_smb_mapping.native_file_system,zeek_smb_mapping.path,zeek_smb_mapping.resource_type,zeek_smb_mapping.share_type,zeek_smtp.cc,zeek_smtp.date,zeek_smtp.first_received,zeek_smtp.from,zeek_smtp.fuids,zeek_smtp.helo,zeek_smtp.in_reply_to,zeek_smtp.is_webmail,zeek_smtp.last_reply,zeek_smtp.mailfrom,zeek_smtp.msg_id,zeek_smtp.path,zeek_smtp.rcptto,zeek_smtp.reply_to,zeek_smtp.second_received,zeek_smtp.subject,zeek_smtp.tls,zeek_smtp.to,zeek_smtp.trans_depth,zeek_smtp.user_agent,zeek_smtp.x_originating_ip,zeek_snmp.community,zeek_snmp.display_string,zeek_snmp.duration,zeek_snmp.get_bulk_requests,zeek_snmp.get_requests,zeek_snmp.get_responses,zeek_snmp.set_requests,zeek_snmp.up_since,zeek_snmp.version,zeek_socks.bound_host,zeek_socks.bound_name,zeek_socks.bound_port,zeek_socks.password,zeek_socks.request_host,zeek_socks.request_name,zeek_socks.request_port,zeek_socks.server_status,zeek_socks.version,zeek_software.name,zeek_software.software_type,zeek_software.unparsed_version,zeek_software.version_addl,zeek_software.version_major,zeek_software.version_minor,zeek_software.version_minor2,zeek_software.version_minor3,zeek_ssh.auth_attempts,zeek_ssh.auth_success,zeek_ssh.cipher_alg,zeek_ssh.client,zeek_ssh.compression_alg,zeek_ssh.cshka,zeek_ssh.direction,zeek_ssh.hassh,zeek_ssh.hasshAlgorithms,zeek_ssh.hasshServer,zeek_ssh.hasshServerAlgorithms,zeek_ssh.hasshVersion,zeek_ssh.host_key,zeek_ssh.host_key_alg,zeek_ssh.kex_alg,zeek_ssh.mac_alg,zeek_ssh.remote_location_city,zeek_ssh.remote_location_country_code,zeek_ssh.remote_location_latitude,zeek_ssh.remote_location_longitude,zeek_ssh.remote_location_region,zeek_ssh.server,zeek_ssh.sshka,zeek_ssh.version,zeek_ssl.cert_chain_fuids,zeek_ssl.cipher,zeek_ssl.client_cert_chain_fuids,zeek_ssl.client_issuer.C,zeek_ssl.client_issuer.CN,zeek_ssl.client_issuer.DC,zeek_ssl.client_issuer.emailAddress,zeek_ssl.client_issuer.GN,zeek_ssl.client_issuer.initials,zeek_ssl.client_issuer.L,zeek_ssl.client_issuer.O,zeek_ssl.client_issuer.OU,zeek_ssl.client_issuer.pseudonym,zeek_ssl.client_issuer.serialNumber,zeek_ssl.client_issuer.SN,zeek_ssl.client_issuer.ST,zeek_ssl.client_issuer.title,zeek_ssl.client_issuer_full,zeek_ssl.client_subject.C,zeek_ssl.client_subject.CN,zeek_ssl.client_subject.emailAddress,zeek_ssl.client_subject.GN,zeek_ssl.client_subject.initials,zeek_ssl.client_subject.L,zeek_ssl.client_subject.O,zeek_ssl.client_subject.OU,zeek_ssl.client_subject.pseudonym,zeek_ssl.client_subject.serialNumber,zeek_ssl.client_subject.SN,zeek_ssl.client_subject.ST,zeek_ssl.client_subject.title,zeek_ssl.client_subject_full,zeek_ssl.curve,zeek_ssl.established,zeek_ssl.issuer.C,zeek_ssl.issuer.CN,zeek_ssl.issuer.DC,zeek_ssl.issuer.emailAddress,zeek_ssl.issuer.GN,zeek_ssl.issuer.initials,zeek_ssl.issuer.L,zeek_ssl.issuer.O,zeek_ssl.issuer.OU,zeek_ssl.issuer.pseudonym,zeek_ssl.issuer.serialNumber,zeek_ssl.issuer.SN,zeek_ssl.issuer.ST,zeek_ssl.issuer.title,zeek_ssl.issuer_full,zeek_ssl.ja3,zeek_ssl.ja3_desc,zeek_ssl.ja3s,zeek_ssl.ja3s_desc,zeek_ssl.last_alert,zeek_ssl.next_protocol,zeek_ssl.resumed,zeek_ssl.server_name,zeek_ssl.ssl_version,zeek_ssl.subject.C,zeek_ssl.subject.CN,zeek_ssl.subject.emailAddress,zeek_ssl.subject.GN,zeek_ssl.subject.initials,zeek_ssl.subject.L,zeek_ssl.subject.O,zeek_ssl.subject.OU,zeek_ssl.subject.pseudonym,zeek_ssl.subject.serialNumber,zeek_ssl.subject.SN,zeek_ssl.subject.ST,zeek_ssl.subject.title,zeek_ssl.subject_full,zeek_ssl.validation_status,zeek_syslog.facility,zeek_syslog.message,zeek_syslog.severity,zeek_tds.command,zeek_tds_rpc.parameters,zeek_tds_rpc.procedure_name,zeek_tds_sql_batch.header_type,zeek_tds_sql_batch.query,zeek_tunnel.action,zeek_tunnel.tunnel_type,zeek_weird.addl,zeek_weird.name,zeek_weird.notice,zeek_weird.peer,zeek_x509.basic_constraints_ca,zeek_x509.basic_constraints_path_len,zeek_x509.certificate_curve,zeek_x509.certificate_exponent,zeek_x509.certificate_issuer.C,zeek_x509.certificate_issuer.CN,zeek_x509.certificate_issuer.emailAddress,zeek_x509.certificate_issuer.GN,zeek_x509.certificate_issuer.initials,zeek_x509.certificate_issuer.L,zeek_x509.certificate_issuer.O,zeek_x509.certificate_issuer.OU,zeek_x509.certificate_issuer.pseudonym,zeek_x509.certificate_issuer.serialNumber,zeek_x509.certificate_issuer.SN,zeek_x509.certificate_issuer.ST,zeek_x509.certificate_issuer.title,zeek_x509.certificate_issuer_full,zeek_x509.certificate_key_alg,zeek_x509.certificate_key_length,zeek_x509.certificate_key_type,zeek_x509.certificate_not_valid_after,zeek_x509.certificate_not_valid_before,zeek_x509.certificate_serial,zeek_x509.certificate_sig_alg,zeek_x509.certificate_subject.C,zeek_x509.certificate_subject.CN,zeek_x509.certificate_subject.DC,zeek_x509.certificate_subject.emailAddress,zeek_x509.certificate_subject.GN,zeek_x509.certificate_subject.initials,zeek_x509.certificate_subject.L,zeek_x509.certificate_subject.O,zeek_x509.certificate_subject.OU,zeek_x509.certificate_subject.pseudonym,zeek_x509.certificate_subject.serialNumber,zeek_x509.certificate_subject.SN,zeek_x509.certificate_subject.ST,zeek_x509.certificate_subject.title,zeek_x509.certificate_subject_full,zeek_x509.certificate_version,zeek_x509.fuid,zeek_x509.san_dns,zeek_x509.san_email,zeek_x509.san_ip,zeek_x509.san_uri";
+  var allFieldsStr = "communityId,host.name,ip.protocol,mac.dst,mac.src,node,oui.dst,oui.src,protocols,rootId,tags,zeek.action,zeek.community_id,zeek.destination_geo.city_name,zeek.destination_geo.country_name,zeek.destination_ip_reverse_dns,zeek.filename,zeek.filetype,zeek.fuid,zeek.logType,zeek.orig_h,zeek.orig_hostname,zeek.orig_l2_addr,zeek.orig_l2_oui,zeek.orig_p,zeek.orig_segment,zeek.proto,zeek.resp_h,zeek.resp_hostname,zeek.resp_l2_addr,zeek.resp_l2_oui,zeek.resp_p,zeek.resp_segment,zeek.service,zeek.service_version,zeek.source_geo.city_name,zeek.source_geo.country_name,zeek.source_ip_reverse_dns,zeek.ts,zeek.uid,zeek.user,zeek.password,zeek.freq_score_v1,zeek.freq_score_v2,zeek_bacnet.apdu_type,zeek_bacnet.bvlc_function,zeek_bacnet.bvlc_len,zeek_bacnet.data,zeek_bacnet.data_dict.date,zeek_bacnet.data_dict.low_limit,zeek_bacnet.data_dict.high_limit,zeek_bacnet.data_dict.object,zeek_bacnet.data_dict.property,zeek_bacnet.data_dict.result,zeek_bacnet.data_dict.time,zeek_bacnet.data_dict.ttl,zeek_bacnet.service_choice,zeek_cip.cip_service,zeek_cip.cip_tags,zeek_cip.status,zeek_conn.conn_state,zeek_conn.conn_state_description,zeek_conn.duration,zeek_conn.history,zeek_conn.inner_vlan,zeek_conn.local_orig,zeek_conn.local_resp,zeek_conn.missed_bytes,zeek_conn.orig_bytes,zeek_conn.orig_ip_bytes,zeek_conn.orig_pkts,zeek_conn.resp_bytes,zeek_conn.resp_ip_bytes,zeek_conn.resp_pkts,zeek_conn.tunnel_parents,zeek_conn.vlan,zeek_dce_rpc.endpoint,zeek_dce_rpc.named_pipe,zeek_dce_rpc.operation,zeek_dce_rpc.rtt,zeek_dhcp.assigned_ip,zeek_dhcp.lease_time,zeek_dhcp.mac,zeek_dhcp.trans_id,zeek_dnp3.fc_reply,zeek_dnp3.fc_request,zeek_dnp3.iin,zeek_dns.AA,zeek_dns.answers,zeek_dns.qclass,zeek_dns.qclass_name,zeek_dns.qtype,zeek_dns.qtype_name,zeek_dns.query,zeek_dns.RA,zeek_dns.rcode,zeek_dns.rcode_name,zeek_dns.RD,zeek_dns.rejected,zeek_dns.rtt,zeek_dns.TC,zeek_dns.trans_id,zeek_dns.TTLs,zeek_dns.Z,zeek_dpd.failure_reason,zeek_dpd.service,zeek_enip.command,zeek_enip.length,zeek_enip.options,zeek_enip.sender_context,zeek_enip.session_handle,zeek_enip.status,zeek_enip_list_identity.device_ip,zeek_enip_list_identity.device_type,zeek_enip_list_identity.product_code,zeek_enip_list_identity.product_name,zeek_enip_list_identity.revision,zeek_enip_list_identity.serial_number,zeek_enip_list_identity.state,zeek_enip_list_identity.status,zeek_enip_list_identity.vendor,zeek_files.analyzers,zeek_files.conn_uids,zeek_files.depth,zeek_files.duration,zeek_files.extracted,zeek_files.extracted_cutoff,zeek_files.extracted_size,zeek_files.filename,zeek_files.is_orig,zeek_files.local_orig,zeek_files.md5,zeek_files.mime_type,zeek_files.missing_bytes,zeek_files.overflow_bytes,zeek_files.parent_fuid,zeek_files.rx_hosts,zeek_files.seen_bytes,zeek_files.sha1,zeek_files.sha256,zeek_files.source,zeek_files.timedout,zeek_files.total_bytes,zeek_files.tx_hosts,zeek_ftp.arg,zeek_ftp.command,zeek_ftp.data_channel_orig_h,zeek_ftp.data_channel_passive,zeek_ftp.data_channel_resp_h,zeek_ftp.data_channel_resp_p,zeek_ftp.file_size,zeek_ftp.mime_type,zeek_ftp.reply_code,zeek_ftp.reply_msg,zeek_gquic.cyu,zeek_gquic.cyutags,zeek_gquic.server_name,zeek_gquic.tag_count,zeek_gquic.user_agent,zeek_gquic.version,zeek_http.host,zeek_http.info_code,zeek_http.info_msg,zeek_http.method,zeek_http.orig_filenames,zeek_http.orig_fuids,zeek_http.orig_mime_types,zeek_http.origin,zeek_http.proxied,zeek_http.referrer,zeek_http.request_body_len,zeek_http.resp_filenames,zeek_http.resp_fuids,zeek_http.resp_mime_types,zeek_http.response_body_len,zeek_http.status_code,zeek_http.status_msg,zeek_http.tags,zeek_http.trans_depth,zeek_http.uri,zeek_http.user_agent,zeek_http.version,zeek_intel.file_description,zeek_intel.indicator,zeek_intel.indicator_type,zeek_intel.matched,zeek_intel.mimetype,zeek_intel.seen_node,zeek_intel.seen_where,zeek_intel.sources,zeek_irc.addl,zeek_irc.command,zeek_irc.dcc_file_name,zeek_irc.dcc_file_size,zeek_irc.dcc_mime_type,zeek_irc.nick,zeek_irc.value,zeek_iso_cotp.pdu_type,zeek_kerberos.cipher,zeek_kerberos.client_cert_fuid,zeek_kerberos.client_cert_subject,zeek_kerberos.cname,zeek_kerberos.error_msg,zeek_kerberos.forwardable,zeek_kerberos.from,zeek_kerberos.renewable,zeek_kerberos.server_cert_fuid,zeek_kerberos.server_cert_subject,zeek_kerberos.sname,zeek_kerberos.success,zeek_kerberos.till,zeek_known_certs.issuer_subject,zeek_known_certs.serial,zeek_known_certs.subject,zeek_known_modbus.device_type,zeek_ldap.message_id,zeek_ldap.operation,zeek_ldap.value,zeek_ldap.entry,zeek_ldap.result,zeek_ldap.result_code,zeek_ldap.error,zeek_modbus.exception,zeek_modbus.func,modbus_register_change.register,modbus_register_change.old_val,modbus_register_change.new_val,modbus_register_change.delta,zeek_mqtt_connect.client_id,zeek_mqtt_connect.connect_status,zeek_mqtt_connect.proto_name,zeek_mqtt_connect.proto_version,zeek_mqtt_connect.will_payload,zeek_mqtt_connect.will_topic,zeek_mqtt_publish.from_client,zeek_mqtt_publish.retain,zeek_mqtt_publish.qos,zeek_mqtt_publish.status,zeek_mqtt_publish.topic,zeek_mqtt_publish.payload,zeek_mqtt_publish.payload_len,zeek_mqtt_subscribe.action,zeek_mqtt_subscribe.topics,zeek_mqtt_subscribe.qos_levels,zeek_mqtt_subscribe.granted_qos_level,zeek_mqtt_subscribe.ack,zeek_mysql.arg,zeek_mysql.cmd,zeek_mysql.response,zeek_mysql.rows,zeek_mysql.success,zeek_notice.actions,zeek_notice.category,zeek_notice.dropped,zeek_notice.dst,zeek_notice.file_desc,zeek_notice.file_mime_type,zeek_notice.msg,zeek_notice.n,zeek_notice.note,zeek_notice.p,zeek_notice.peer_descr,zeek_notice.remote_location_city,zeek_notice.remote_location_cityremote_location_latitude,zeek_notice.remote_location_country_code,zeek_notice.remote_location_latitude,zeek_notice.remote_location_longitude,zeek_notice.remote_location_region,zeek_notice.src,zeek_notice.sub,zeek_notice.sub_category,zeek_notice.suppress_for,zeek_ntlm.domain,zeek_ntlm.host,zeek_ntlm.status,zeek_ntlm.success,zeek_ntlm.server_nb_computer,zeek_ntlm.server_dns_computer,zeek_ntlm.server_tree,zeek_ntp.mode,zeek_ntp.mode_str,zeek_ntp.num_exts,zeek_ntp.org_time,zeek_ntp.poll,zeek_ntp.precision,zeek_ntp.rec_time,zeek_ntp.ref_id,zeek_ntp.ref_time,zeek_ntp.root_delay,zeek_ntp.root_disp,zeek_ntp.stratum,zeek_ntp.version,zeek_ntp.xmt_time,zeek_pe.compile_ts,zeek_pe.has_cert_table,zeek_pe.has_debug_data,zeek_pe.has_export_table,zeek_pe.has_import_table,zeek_pe.is_64bit,zeek_pe.is_exe,zeek_pe.machine,zeek_pe.os,zeek_pe.section_names,zeek_pe.subsystem,zeek_pe.uses_aslr,zeek_pe.uses_code_integrity,zeek_pe.uses_dep,zeek_pe.uses_seh,zeek_profinet.block_version,zeek_profinet.index,zeek_profinet.operation_type,zeek_profinet.slot_number,zeek_profinet.subslot_number,zeek_profinet_dce_rpc.activity_uuid,zeek_profinet_dce_rpc.interface_uuid,zeek_profinet_dce_rpc.object_uuid,zeek_profinet_dce_rpc.operation,zeek_profinet_dce_rpc.packet_type,zeek_profinet_dce_rpc.server_boot_time,zeek_profinet_dce_rpc.version,zeek_radius.connect_info,zeek_radius.framed_addr,zeek_radius.mac,zeek_radius.tunnel_client,zeek_radius.reply_msg,zeek_radius.result,zeek_radius.ttl,zeek_rdp.cert_count,zeek_rdp.cert_permanent,zeek_rdp.cert_type,zeek_rdp.client_build,zeek_rdp.client_channels,zeek_rdp.client_dig_product_id,zeek_rdp.client_name,zeek_rdp.cookie,zeek_rdp.desktop_height,zeek_rdp.desktop_width,zeek_rdp.encryption_level,zeek_rdp.encryption_method,zeek_rdp.keyboard_layout,zeek_rdp.requested_color_depth,zeek_rdp.result,zeek_rdp.security_protocol,zeek_rfb.auth,zeek_rfb.authentication_method,zeek_rfb.client_major_version,zeek_rfb.client_minor_version,zeek_rfb.desktop_name,zeek_rfb.height,zeek_rfb.server_major_version,zeek_rfb.server_minor_version,zeek_rfb.share_flag,zeek_rfb.width,zeek_s7comm.data_info,zeek_s7comm.item_count,zeek_s7comm.parameter,zeek_s7comm.parameters.class,zeek_s7comm.parameters.code,zeek_s7comm.parameters.group,zeek_s7comm.parameters.mode,zeek_s7comm.parameters.sub,zeek_s7comm.parameters.type,zeek_s7comm.rosctr,zeek_signatures.engine,zeek_signatures.event_message,zeek_signatures.hits,zeek_signatures.host_count,zeek_signatures.note,zeek_signatures.signature_count,zeek_signatures.signature_id,zeek_signatures.sub_message,zeek_sip.call_id,zeek_sip.content_type,zeek_sip.date,zeek_sip.method,zeek_sip.reply_to,zeek_sip.request_body_len,zeek_sip.request_from,zeek_sip.request_path,zeek_sip.request_to,zeek_sip.response_body_len,zeek_sip.response_from,zeek_sip.response_path,zeek_sip.response_to,zeek_sip.seq,zeek_sip.status_code,zeek_sip.status_msg,zeek_sip.subject,zeek_sip.trans_depth,zeek_sip.uri,zeek_sip.user_agent,zeek_sip.warning,zeek_sip.version,zeek_smb_cmd.command,zeek_smb_cmd.sub_command,zeek_smb_cmd.argument,zeek_smb_cmd.status,zeek_smb_cmd.rtt,zeek_smb_cmd.version,zeek_smb_cmd.user,zeek_smb_cmd.tree,zeek_smb_cmd.tree_service,zeek_smb_files.action,zeek_smb_files.name,zeek_smb_files.path,zeek_smb_files.prev_name,zeek_smb_files.size,zeek_smb_files.times_accessed,zeek_smb_files.times_changed,zeek_smb_files.data_offset_req,zeek_smb_files.data_len_req,zeek_smb_files.data_len_rsp,zeek_smb_files.times_created,zeek_smb_files.times_modified,zeek_smb_mapping.native_file_system,zeek_smb_mapping.path,zeek_smb_mapping.resource_type,zeek_smb_mapping.share_type,zeek_smtp.cc,zeek_smtp.date,zeek_smtp.first_received,zeek_smtp.from,zeek_smtp.helo,zeek_smtp.in_reply_to,zeek_smtp.is_webmail,zeek_smtp.last_reply,zeek_smtp.mailfrom,zeek_smtp.msg_id,zeek_smtp.path,zeek_smtp.rcptto,zeek_smtp.reply_to,zeek_smtp.second_received,zeek_smtp.subject,zeek_smtp.tls,zeek_smtp.to,zeek_smtp.trans_depth,zeek_smtp.user_agent,zeek_smtp.x_originating_ip,zeek_snmp.community,zeek_snmp.display_string,zeek_snmp.duration,zeek_snmp.get_bulk_requests,zeek_snmp.get_requests,zeek_snmp.get_responses,zeek_snmp.set_requests,zeek_snmp.up_since,zeek_snmp.version,zeek_socks.bound_host,zeek_socks.bound_name,zeek_socks.bound_port,zeek_socks.request_host,zeek_socks.request_name,zeek_socks.request_port,zeek_socks.server_status,zeek_socks.version,zeek_software.name,zeek_software.software_type,zeek_software.unparsed_version,zeek_software.version_addl,zeek_software.version_major,zeek_software.version_minor,zeek_software.version_minor2,zeek_software.version_minor3,zeek_ssh.auth_attempts,zeek_ssh.auth_success,zeek_ssh.cipher_alg,zeek_ssh.client,zeek_ssh.compression_alg,zeek_ssh.cshka,zeek_ssh.direction,zeek_ssh.hassh,zeek_ssh.hasshAlgorithms,zeek_ssh.hasshServer,zeek_ssh.hasshServerAlgorithms,zeek_ssh.hasshVersion,zeek_ssh.host_key,zeek_ssh.host_key_alg,zeek_ssh.kex_alg,zeek_ssh.mac_alg,zeek_ssh.remote_location_city,zeek_ssh.remote_location_country_code,zeek_ssh.remote_location_latitude,zeek_ssh.remote_location_longitude,zeek_ssh.remote_location_region,zeek_ssh.server,zeek_ssh.sshka,zeek_ssh.version,zeek_ssl.cert_chain_fuids,zeek_ssl.cipher,zeek_ssl.client_cert_chain_fuids,zeek_ssl.client_issuer.C,zeek_ssl.client_issuer.CN,zeek_ssl.client_issuer.DC,zeek_ssl.client_issuer.emailAddress,zeek_ssl.client_issuer.GN,zeek_ssl.client_issuer.initials,zeek_ssl.client_issuer.L,zeek_ssl.client_issuer.O,zeek_ssl.client_issuer.OU,zeek_ssl.client_issuer.pseudonym,zeek_ssl.client_issuer.serialNumber,zeek_ssl.client_issuer.SN,zeek_ssl.client_issuer.ST,zeek_ssl.client_issuer.title,zeek_ssl.client_issuer_full,zeek_ssl.client_subject.C,zeek_ssl.client_subject.CN,zeek_ssl.client_subject.emailAddress,zeek_ssl.client_subject.GN,zeek_ssl.client_subject.initials,zeek_ssl.client_subject.L,zeek_ssl.client_subject.O,zeek_ssl.client_subject.OU,zeek_ssl.client_subject.pseudonym,zeek_ssl.client_subject.serialNumber,zeek_ssl.client_subject.SN,zeek_ssl.client_subject.ST,zeek_ssl.client_subject.title,zeek_ssl.client_subject_full,zeek_ssl.curve,zeek_ssl.established,zeek_ssl.issuer.C,zeek_ssl.issuer.CN,zeek_ssl.issuer.DC,zeek_ssl.issuer.emailAddress,zeek_ssl.issuer.GN,zeek_ssl.issuer.initials,zeek_ssl.issuer.L,zeek_ssl.issuer.O,zeek_ssl.issuer.OU,zeek_ssl.issuer.pseudonym,zeek_ssl.issuer.serialNumber,zeek_ssl.issuer.SN,zeek_ssl.issuer.ST,zeek_ssl.issuer.title,zeek_ssl.issuer_full,zeek_ssl.ja3,zeek_ssl.ja3_desc,zeek_ssl.ja3s,zeek_ssl.ja3s_desc,zeek_ssl.last_alert,zeek_ssl.next_protocol,zeek_ssl.resumed,zeek_ssl.server_name,zeek_ssl.ssl_version,zeek_ssl.subject.C,zeek_ssl.subject.CN,zeek_ssl.subject.emailAddress,zeek_ssl.subject.GN,zeek_ssl.subject.initials,zeek_ssl.subject.L,zeek_ssl.subject.O,zeek_ssl.subject.OU,zeek_ssl.subject.pseudonym,zeek_ssl.subject.serialNumber,zeek_ssl.subject.SN,zeek_ssl.subject.ST,zeek_ssl.subject.title,zeek_ssl.subject_full,zeek_ssl.validation_status,zeek_syslog.facility,zeek_syslog.message,zeek_syslog.severity,zeek_tds.command,zeek_tds_rpc.parameters,zeek_tds_rpc.procedure_name,zeek_tds_sql_batch.header_type,zeek_tds_sql_batch.query,zeek_tunnel.action,zeek_tunnel.tunnel_type,zeek_weird.addl,zeek_weird.name,zeek_weird.notice,zeek_weird.peer,zeek_x509.basic_constraints_ca,zeek_x509.basic_constraints_path_len,zeek_x509.certificate_curve,zeek_x509.certificate_exponent,zeek_x509.certificate_issuer.C,zeek_x509.certificate_issuer.CN,zeek_x509.certificate_issuer.emailAddress,zeek_x509.certificate_issuer.GN,zeek_x509.certificate_issuer.initials,zeek_x509.certificate_issuer.L,zeek_x509.certificate_issuer.O,zeek_x509.certificate_issuer.OU,zeek_x509.certificate_issuer.pseudonym,zeek_x509.certificate_issuer.serialNumber,zeek_x509.certificate_issuer.SN,zeek_x509.certificate_issuer.ST,zeek_x509.certificate_issuer.title,zeek_x509.certificate_issuer_full,zeek_x509.certificate_key_alg,zeek_x509.certificate_key_length,zeek_x509.certificate_key_type,zeek_x509.certificate_not_valid_after,zeek_x509.certificate_not_valid_before,zeek_x509.certificate_serial,zeek_x509.certificate_sig_alg,zeek_x509.certificate_subject.C,zeek_x509.certificate_subject.CN,zeek_x509.certificate_subject.DC,zeek_x509.certificate_subject.emailAddress,zeek_x509.certificate_subject.GN,zeek_x509.certificate_subject.initials,zeek_x509.certificate_subject.L,zeek_x509.certificate_subject.O,zeek_x509.certificate_subject.OU,zeek_x509.certificate_subject.pseudonym,zeek_x509.certificate_subject.serialNumber,zeek_x509.certificate_subject.SN,zeek_x509.certificate_subject.ST,zeek_x509.certificate_subject.title,zeek_x509.certificate_subject_full,zeek_x509.certificate_version,zeek_x509.san_dns,zeek_x509.san_email,zeek_x509.san_ip,zeek_x509.san_uri";
   this.api.addRightClick("malcolm_kibana_cat_ip",       {name:filterLabel, url:"idmol2kib/filter?start=%ISOSTART%&stop=%ISOSTOP%&field=%DBFIELD%&value=%TEXT%", category:"ip"});
   this.api.addRightClick("malcolm_kibana_cat_port",     {name:filterLabel, url:filterUrl, category:"port"});
   this.api.addRightClick("malcolm_kibana_cat_country",  {name:filterLabel, url:filterUrl, category:"country"});
@@ -820,7 +826,8 @@ function ZeekLogs (api, section) {
     // basic connection information
     "  if (session.zeek.orig_h || session.zeek.orig_p || session.zeek.orig_l2_addr || session.zeek.resp_h || " +
     "      session.zeek.resp_p || session.zeek.resp_l2_addr || session.zeek.proto || session.zeek.service || " +
-    "      session.zeek.user)\n" +
+    "      session.zeek.service_version || session.zeek.user || session.zeek.password || " +
+    "      session.zeek.action || session.zeek.freq_score_v1 || session.zeek.freq_score_v2 )\n" +
     "    dl.sessionDetailMeta(suffix=\"Basic Connection Info\")\n" +
     "      +arrayList(session.zeek, 'orig_h', 'Originating Host', 'zeek.orig_h')\n" +
     "      +arrayList(session.zeek, 'orig_l2_addr', 'Originating MAC', 'zeek.orig_l2_addr')\n" +
@@ -842,7 +849,12 @@ function ZeekLogs (api, section) {
     "      +arrayList(session.zeek, 'resp_p', 'Responding Port', 'zeek.resp_p')\n" +
     "      +arrayList(session.zeek, 'proto', 'Protocol', 'zeek.proto')\n" +
     "      +arrayList(session.zeek, 'service', 'Service', 'zeek.service')\n" +
+    "      +arrayList(session.zeek, 'service_version', 'Service Version', 'zeek.service_version')\n" +
+    "      +arrayList(session.zeek, 'action', 'Action', 'zeek.action')\n" +
     "      +arrayList(session.zeek, 'user', 'User', 'zeek.user')\n" +
+    "      +arrayList(session.zeek, 'password', 'Password', 'zeek.password')\n" +
+    "      +arrayList(session.zeek, 'freq_score_v1', 'Freq Score v1', 'zeek.freq_score_v1')\n" +
+    "      +arrayList(session.zeek, 'freq_score_v2', 'Freq Score v2', 'zeek.freq_score_v2')\n" +
 
     // file information
     "  if (session.zeek.fuid || session.zeek.filename || session.zeek.filetype)\n" +
@@ -864,12 +876,12 @@ function ZeekLogs (api, section) {
   this.api.addView("zeek_dpd", "require:zeek_dpd;title:Zeek dpd.log;fields:zeek_dpd.service,zeek_dpd.failure_reason")
   this.api.addView("zeek_enip", "require:zeek_enip;title:Zeek enip.log;fields:zeek_enip.command,zeek_enip.length,zeek_enip.session_handle,zeek_enip.status,zeek_enip.sender_context,zeek_enip.options")
   this.api.addView("zeek_enip_list_identity", "require:zeek_enip_list_identity;title:Zeek enip_list_identity.log;fields:zeek_enip_list_identity.device_type,zeek_enip_list_identity.vendor,zeek_enip_list_identity.product_name,zeek_enip_list_identity.serial_number,zeek_enip_list_identity.product_code,zeek_enip_list_identity.revision,zeek_enip_list_identity.status,zeek_enip_list_identity.state,zeek_enip_list_identity.device_ip")
-  this.api.addView("zeek_files", "require:zeek_files;title:Zeek files.log;fields:zeek_files.fuid,zeek_files.tx_hosts,zeek_files.rx_hosts,zeek_files.conn_uids,zeek_files.source,zeek_files.depth,zeek_files.analyzers,zeek_files.mime_type,zeek_files.filename,zeek_files.duration,zeek_files.local_orig,zeek_files.is_orig,zeek_files.seen_bytes,zeek_files.total_bytes,zeek_files.missing_bytes,zeek_files.overflow_bytes,zeek_files.timedout,zeek_files.parent_fuid,zeek_files.md5,zeek_files.sha1,zeek_files.sha256,zeek_files.extracted,zeek_files.extracted_cutoff,zeek_files.extracted_size")
-  this.api.addView("zeek_ftp", "require:zeek_ftp;title:Zeek ftp.log;fields:zeek_ftp.password,zeek_ftp.command,zeek_ftp.arg,zeek_ftp.mime_type,zeek_ftp.file_size,zeek_ftp.reply_code,zeek_ftp.reply_msg,zeek_ftp.data_channel_passive,zeek_ftp.data_channel_orig_h,zeek_ftp.data_channel_resp_h,zeek_ftp.data_channel_resp_p,zeek_ftp.fuid")
+  this.api.addView("zeek_files", "require:zeek_files;title:Zeek files.log;fields:zeek_files.tx_hosts,zeek_files.rx_hosts,zeek_files.conn_uids,zeek_files.source,zeek_files.depth,zeek_files.analyzers,zeek_files.mime_type,zeek_files.filename,zeek_files.duration,zeek_files.local_orig,zeek_files.is_orig,zeek_files.seen_bytes,zeek_files.total_bytes,zeek_files.missing_bytes,zeek_files.overflow_bytes,zeek_files.timedout,zeek_files.parent_fuid,zeek_files.md5,zeek_files.sha1,zeek_files.sha256,zeek_files.extracted,zeek_files.extracted_cutoff,zeek_files.extracted_size")
+  this.api.addView("zeek_ftp", "require:zeek_ftp;title:Zeek ftp.log;fields:zeek_ftp.command,zeek_ftp.arg,zeek_ftp.mime_type,zeek_ftp.file_size,zeek_ftp.reply_code,zeek_ftp.reply_msg,zeek_ftp.data_channel_passive,zeek_ftp.data_channel_orig_h,zeek_ftp.data_channel_resp_h,zeek_ftp.data_channel_resp_p")
   this.api.addView("zeek_gquic", "require:zeek_gquic;title:Zeek gquic.log;fields:zeek_gquic.version,zeek_gquic.server_name,zeek_gquic.user_agent,zeek_gquic.tag_count,zeek_gquic.cyu,zeek_gquic.cyutags")
-  this.api.addView("zeek_http", "require:zeek_http;title:Zeek http.log;fields:zeek_http.trans_depth,zeek_http.method,zeek_http.host,zeek_http.uri,zeek_http.origin,zeek_http.referrer,zeek_http.version,zeek_http.user_agent,zeek_http.request_body_len,zeek_http.response_body_len,zeek_http.status_code,zeek_http.status_msg,zeek_http.info_code,zeek_http.info_msg,zeek_http.tags,zeek_http.user,zeek_http.password,zeek_http.proxied,zeek_http.orig_fuids,zeek_http.orig_filenames,zeek_http.orig_mime_types,zeek_http.resp_fuids,zeek_http.resp_filenames,zeek_http.resp_mime_types")
-  this.api.addView("zeek_intel", "require:zeek_intel;title:Zeek intel.log;fields:zeek_intel.indicator,zeek_intel.indicator_type,zeek_intel.seen_where,zeek_intel.seen_node,zeek_intel.matched,zeek_intel.sources,zeek_intel.fuid,zeek_intel.mimetype,zeek_intel.file_description")
-  this.api.addView("zeek_irc", "require:zeek_irc;title:Zeek irc.log;fields:zeek_irc.nick,zeek_irc.command,zeek_irc.value,zeek_irc.addl,zeek_irc.dcc_file_name,zeek_irc.dcc_file_size,zeek_irc.dcc_mime_type,zeek_irc.fuid")
+  this.api.addView("zeek_http", "require:zeek_http;title:Zeek http.log;fields:zeek_http.trans_depth,zeek_http.method,zeek_http.host,zeek_http.uri,zeek_http.origin,zeek_http.referrer,zeek_http.version,zeek_http.user_agent,zeek_http.request_body_len,zeek_http.response_body_len,zeek_http.status_code,zeek_http.status_msg,zeek_http.info_code,zeek_http.info_msg,zeek_http.tags,zeek_http.proxied,zeek_http.orig_fuids,zeek_http.orig_filenames,zeek_http.orig_mime_types,zeek_http.resp_fuids,zeek_http.resp_filenames,zeek_http.resp_mime_types")
+  this.api.addView("zeek_intel", "require:zeek_intel;title:Zeek intel.log;fields:zeek_intel.indicator,zeek_intel.indicator_type,zeek_intel.seen_where,zeek_intel.seen_node,zeek_intel.matched,zeek_intel.sources,zeek_intel.mimetype,zeek_intel.file_description")
+  this.api.addView("zeek_irc", "require:zeek_irc;title:Zeek irc.log;fields:zeek_irc.nick,zeek_irc.command,zeek_irc.value,zeek_irc.addl,zeek_irc.dcc_file_name,zeek_irc.dcc_file_size,zeek_irc.dcc_mime_type")
   this.api.addView("zeek_iso_cotp", "require:zeek_iso_cotp;title:Zeek iso_cotp.log;fields:zeek_iso_cotp.pdu_type")
   this.api.addView("zeek_kerberos", "require:zeek_kerberos;title:Zeek kerberos.log;fields:zeek_kerberos.cname,zeek_kerberos.sname,zeek_kerberos.success,zeek_kerberos.error_msg,zeek_kerberos.from,zeek_kerberos.till,zeek_kerberos.cipher,zeek_kerberos.forwardable,zeek_kerberos.renewable,zeek_kerberos.client_cert_subject,zeek_kerberos.client_cert_fuid,zeek_kerberos.server_cert_subject,zeek_kerberos.server_cert_fuid")
   this.api.addView("zeek_known_certs", "require:zeek_known_certs;title:Zeek known_certs.log;fields:zeek_known_certs.subject,zeek_known_certs.issuer_subject,zeek_known_certs.serial")
@@ -881,10 +893,10 @@ function ZeekLogs (api, section) {
   this.api.addView("zeek_mqtt_publish", "require:zeek_mqtt_publish;title:Zeek mqtt_publish.log;fields:zeek_mqtt_publish.from_client,zeek_mqtt_publish.retain,zeek_mqtt_publish.qos,zeek_mqtt_publish.status,zeek_mqtt_publish.topic,zeek_mqtt_publish.payload,zeek_mqtt_publish.payload_len")
   this.api.addView("zeek_mqtt_subscribe", "require:zeek_mqtt_subscribe;title:Zeek mqtt_subscribe.log;fields:zeek_mqtt_subscribe.action,zeek_mqtt_subscribe.topics,zeek_mqtt_subscribe.qos_levels,zeek_mqtt_subscribe.granted_qos_level,zeek_mqtt_subscribe.ack")
   this.api.addView("zeek_mysql", "require:zeek_mysql;title:Zeek mysql.log;fields:zeek_mysql.cmd,zeek_mysql.arg,zeek_mysql.success,zeek_mysql.rows,zeek_mysql.response")
-  this.api.addView("zeek_notice", "require:zeek_notice;title:Zeek notice.log;fields:zeek_notice.fuid,zeek_notice.file_mime_type,zeek_notice.file_desc,zeek_notice.note,zeek_notice.msg,zeek_notice.sub,zeek_notice.src,zeek_notice.dst,zeek_notice.p,zeek_notice.n,zeek_notice.peer_descr,zeek_notice.actions,zeek_notice.suppress_for,zeek_notice.dropped,zeek_notice.remote_location_country_code,zeek_notice.remote_location_region,zeek_notice.remote_location_cityremote_location_latitude,zeek_notice.remote_location_longitude")
+  this.api.addView("zeek_notice", "require:zeek_notice;title:Zeek notice.log;fields:zeek_notice.file_mime_type,zeek_notice.file_desc,zeek_notice.note,zeek_notice.msg,zeek_notice.sub,zeek_notice.src,zeek_notice.dst,zeek_notice.p,zeek_notice.n,zeek_notice.peer_descr,zeek_notice.actions,zeek_notice.suppress_for,zeek_notice.dropped,zeek_notice.remote_location_country_code,zeek_notice.remote_location_region,zeek_notice.remote_location_cityremote_location_latitude,zeek_notice.remote_location_longitude,zeek_notice.category,zeek_notice.sub_category")
   this.api.addView("zeek_ntlm", "require:zeek_ntlm;title:Zeek ntlm.log;fields:zeek_ntlm.host,zeek_ntlm.domain,zeek_ntlm.success,zeek_ntlm.status,zeek_ntlm.server_nb_computer,zeek_ntlm.server_dns_computer,zeek_ntlm.server_tree")
   this.api.addView("zeek_ntp", "require:zeek_ntp;title:Zeek ntp.log;fields:zeek_ntp.version,zeek_ntp.mode,zeek_ntp.mode_str,zeek_ntp.stratum,zeek_ntp.poll,zeek_ntp.precision,zeek_ntp.root_delay,zeek_ntp.root_disp,zeek_ntp.ref_id,zeek_ntp.ref_time,zeek_ntp.org_time,zeek_ntp.rec_time,zeek_ntp.xmt_time,zeek_ntp.num_exts")
-  this.api.addView("zeek_pe", "require:zeek_pe;title:Zeek pe.log;fields:zeek_pe.fuid,zeek_pe.machine,zeek_pe.compile_ts,zeek_pe.os,zeek_pe.subsystem,zeek_pe.is_exe,zeek_pe.is_64bit,zeek_pe.uses_aslr,zeek_pe.uses_dep,zeek_pe.uses_code_integrity,zeek_pe.uses_seh,zeek_pe.has_import_table,zeek_pe.has_export_table,zeek_pe.has_cert_table,zeek_pe.has_debug_data,zeek_pe.section_names")
+  this.api.addView("zeek_pe", "require:zeek_pe;title:Zeek pe.log;fields:zeek_pe.machine,zeek_pe.compile_ts,zeek_pe.os,zeek_pe.subsystem,zeek_pe.is_exe,zeek_pe.is_64bit,zeek_pe.uses_aslr,zeek_pe.uses_dep,zeek_pe.uses_code_integrity,zeek_pe.uses_seh,zeek_pe.has_import_table,zeek_pe.has_export_table,zeek_pe.has_cert_table,zeek_pe.has_debug_data,zeek_pe.section_names")
   this.api.addView("zeek_profinet", "require:zeek_profinet;title:Zeek profinet.log;fields:zeek_profinet.operation_type,zeek_profinet.block_version,zeek_profinet.slot_number,zeek_profinet.subslot_number,zeek_profinet.index")
   this.api.addView("zeek_profinet_dce_rpc", "require:zeek_profinet_dce_rpc;title:Zeek profinet_dce_rpc.log;fields:zeek_profinet_dce_rpc.version,zeek_profinet_dce_rpc.packet_type,zeek_profinet_dce_rpc.object_uuid,zeek_profinet_dce_rpc.interface_uuid,zeek_profinet_dce_rpc.activity_uuid,zeek_profinet_dce_rpc.server_boot_time,zeek_profinet_dce_rpc.operation")
   this.api.addView("zeek_radius", "require:zeek_radius;title:Zeek radius.log;fields:zeek_radius.mac,zeek_radius.framed_addr,zeek_radius.tunnel_client,zeek_radius.connect_info,zeek_radius.reply_msg,zeek_radius.result,zeek_radius.ttl")
@@ -892,12 +904,13 @@ function ZeekLogs (api, section) {
   this.api.addView("zeek_rfb", "require:zeek_rfb;title:Zeek rfb.log;fields:zeek_rfb.client_major_version,zeek_rfb.client_minor_version,zeek_rfb.server_major_version,zeek_rfb.server_minor_version,zeek_rfb.authentication_method,zeek_rfb.auth,zeek_rfb.share_flag,zeek_rfb.desktop_name,zeek_rfb.width,zeek_rfb.height")
   this.api.addView("zeek_s7comm", "require:zeek_s7comm;title:Zeek s7comm.log;fields:zeek_s7comm.rosctr,zeek_s7comm.parameter,zeek_s7comm.parameters.class,zeek_s7comm.parameters.code,zeek_s7comm.parameters.group,zeek_s7comm.parameters.mode,zeek_s7comm.parameters.sub,zeek_s7comm.parameters.type,zeek_s7comm.item_count,zeek_s7comm.data_info")
   this.api.addView("zeek_signatures", "require:zeek_signatures;title:Zeek signatures.log;fields:zeek_signatures.note,zeek_signatures.signature_id,zeek_signatures.engine,zeek_signatures.event_message,zeek_signatures.sub_message,zeek_signatures.signature_count,zeek_signatures.host_count")
-  this.api.addView("zeek_sip", "require:zeek_sip;title:Zeek sip.log;fields:zeek_sip.trans_depth,zeek_sip.method,zeek_sip.uri,zeek_sip.date,zeek_sip.request_from,zeek_sip.request_to,zeek_sip.response_from,zeek_sip.response_to,zeek_sip.reply_to,zeek_sip.call_id,zeek_sip.seq,zeek_sip.subject,zeek_sip.request_path,zeek_sip.response_path,zeek_sip.user_agent,zeek_sip.status_code,zeek_sip.status_msg,zeek_sip.warning,zeek_sip.request_body_len,zeek_sip.response_body_len,zeek_sip.content_type")
-  this.api.addView("zeek_smb_files", "require:zeek_smb_files;title:Zeek smb_files.log;fields:zeek_smb_files.fuid,zeek_smb_files.action,zeek_smb_files.path,zeek_smb_files.name,zeek_smb_files.size,zeek_smb_files.prev_name,zeek_smb_files.times_modified,zeek_smb_files.times_accessed,zeek_smb_files.times_created,zeek_smb_files.times_changed,zeek_smb_files.data_offset_req,zeek_smb_files.data_len_req,zeek_smb_files.data_len_rsp")
+  this.api.addView("zeek_sip", "require:zeek_sip;title:Zeek sip.log;fields:zeek_sip.trans_depth,zeek_sip.method,zeek_sip.uri,zeek_sip.date,zeek_sip.request_from,zeek_sip.request_to,zeek_sip.response_from,zeek_sip.response_to,zeek_sip.reply_to,zeek_sip.call_id,zeek_sip.seq,zeek_sip.subject,zeek_sip.request_path,zeek_sip.response_path,zeek_sip.user_agent,zeek_sip.status_code,zeek_sip.status_msg,zeek_sip.warning,zeek_sip.request_body_len,zeek_sip.response_body_len,zeek_sip.content_type,zeek_sip.version")
+  this.api.addView("zeek_smb_cmd", "require:zeek_smb_cmd;title:Zeek smb_cmd.log;fields:zeek_smb_cmd.command,zeek_smb_cmd.sub_command,zeek_smb_cmd.argument,zeek_smb_cmd.status,zeek_smb_cmd.rtt,zeek_smb_cmd.version,zeek_smb_cmd.user,zeek_smb_cmd.tree,zeek_smb_cmd.tree_service")
+  this.api.addView("zeek_smb_files", "require:zeek_smb_files;title:Zeek smb_files.log;fields:zeek_smb_files.action,zeek_smb_files.path,zeek_smb_files.name,zeek_smb_files.size,zeek_smb_files.prev_name,zeek_smb_files.times_modified,zeek_smb_files.times_accessed,zeek_smb_files.times_created,zeek_smb_files.times_changed,zeek_smb_files.data_offset_req,zeek_smb_files.data_len_req,zeek_smb_files.data_len_rsp")
   this.api.addView("zeek_smb_mapping", "require:zeek_smb_mapping;title:Zeek smb_mapping.log;fields:zeek_smb_mapping.path,zeek_smb_mapping.resource_type,zeek_smb_mapping.native_file_system,zeek_smb_mapping.share_type")
-  this.api.addView("zeek_smtp", "require:zeek_smtp;title:Zeek smtp.log;fields:zeek_smtp.trans_depth,zeek_smtp.helo,zeek_smtp.mailfrom,zeek_smtp.rcptto,zeek_smtp.date,zeek_smtp.from,zeek_smtp.to,zeek_smtp.cc,zeek_smtp.reply_to,zeek_smtp.msg_id,zeek_smtp.in_reply_to,zeek_smtp.subject,zeek_smtp.x_originating_ip,zeek_smtp.first_received,zeek_smtp.second_received,zeek_smtp.last_reply,zeek_smtp.path,zeek_smtp.user_agent,zeek_smtp.tls,zeek_smtp.fuids,zeek_smtp.is_webmail")
+  this.api.addView("zeek_smtp", "require:zeek_smtp;title:Zeek smtp.log;fields:zeek_smtp.trans_depth,zeek_smtp.helo,zeek_smtp.mailfrom,zeek_smtp.rcptto,zeek_smtp.date,zeek_smtp.from,zeek_smtp.to,zeek_smtp.cc,zeek_smtp.reply_to,zeek_smtp.msg_id,zeek_smtp.in_reply_to,zeek_smtp.subject,zeek_smtp.x_originating_ip,zeek_smtp.first_received,zeek_smtp.second_received,zeek_smtp.last_reply,zeek_smtp.path,zeek_smtp.user_agent,zeek_smtp.tls,zeek_smtp.is_webmail")
   this.api.addView("zeek_snmp", "require:zeek_snmp;title:Zeek snmp.log;fields:zeek_snmp.duration,zeek_snmp.version,zeek_snmp.community,zeek_snmp.get_requests,zeek_snmp.get_bulk_requests,zeek_snmp.get_responses,zeek_snmp.set_requests,zeek_snmp.display_string,zeek_snmp.up_since")
-  this.api.addView("zeek_socks", "require:zeek_socks;title:Zeek socks.log;fields:zeek_socks.version,zeek_socks.password,zeek_socks.server_status,zeek_socks.request_host,zeek_socks.request_name,zeek_socks.request_port,zeek_socks.bound_host,zeek_socks.bound_name,zeek_socks.bound_port")
+  this.api.addView("zeek_socks", "require:zeek_socks;title:Zeek socks.log;fields:zeek_socks.version,zeek_socks.server_status,zeek_socks.request_host,zeek_socks.request_name,zeek_socks.request_port,zeek_socks.bound_host,zeek_socks.bound_name,zeek_socks.bound_port")
   this.api.addView("zeek_software", "require:zeek_software;title:Zeek software.log;fields:zeek_software.software_type,zeek_software.name,zeek_software.version_major,zeek_software.version_minor,zeek_software.version_minor2,zeek_software.version_minor3,zeek_software.version_addl,zeek_software.unparsed_version")
   this.api.addView("zeek_ssh", "require:zeek_ssh;title:Zeek ssh.log;fields:zeek_ssh.version,zeek_ssh.auth_success,zeek_ssh.auth_attempts,zeek_ssh.direction,zeek_ssh.client,zeek_ssh.server,zeek_ssh.cipher_alg,zeek_ssh.mac_alg,zeek_ssh.compression_alg,zeek_ssh.kex_alg,zeek_ssh.host_key_alg,zeek_ssh.host_key,zeek_ssh.remote_location_country_code,zeek_ssh.remote_location_region,zeek_ssh.remote_location_city,zeek_ssh.remote_location_latitude,zeek_ssh.remote_location_longitude,zeek_ssh.hassh,zeek_ssh.hasshServer,zeek_ssh.hasshAlgorithms,zeek_ssh.hasshServerAlgorithms,zeek_ssh.cshka,zeek_ssh.sshka")
   this.api.addView("zeek_ssl", "require:zeek_ssl;title:Zeek ssl.log;fields:zeek_ssl.ssl_version,zeek_ssl.cipher,zeek_ssl.curve,zeek_ssl.server_name,zeek_ssl.resumed,zeek_ssl.last_alert,zeek_ssl.next_protocol,zeek_ssl.established,zeek_ssl.ja3,zeek_ssl.ja3_desc,zeek_ssl.ja3s,zeek_ssl.ja3s_desc,zeek_ssl.cert_chain_fuids,zeek_ssl.client_cert_chain_fuids,zeek_ssl.subject.CN,zeek_ssl.subject.C,zeek_ssl.subject.O,zeek_ssl.subject.OU,zeek_ssl.subject.ST,zeek_ssl.subject.SN,zeek_ssl.subject.L,zeek_ssl.subject.GN,zeek_ssl.subject.pseudonym,zeek_ssl.subject.serialNumber,zeek_ssl.subject.title,zeek_ssl.subject.initials,zeek_ssl.subject.emailAddress,zeek_ssl.client_subject.CN,zeek_ssl.client_subject.C,zeek_ssl.client_subject.O,zeek_ssl.client_subject.OU,zeek_ssl.client_subject.ST,zeek_ssl.client_subject.SN,zeek_ssl.client_subject.L,zeek_ssl.client_subject.GN,zeek_ssl.client_subject.pseudonym,zeek_ssl.client_subject.serialNumber,zeek_ssl.client_subject.title,zeek_ssl.client_subject.initials,zeek_ssl.client_subject.emailAddress,zeek_ssl.issuer.CN,zeek_ssl.issuer.C,zeek_ssl.issuer.O,zeek_ssl.issuer.OU,zeek_ssl.issuer.ST,zeek_ssl.issuer.SN,zeek_ssl.issuer.L,zeek_ssl.issuer.DC,zeek_ssl.issuer.GN,zeek_ssl.issuer.pseudonym,zeek_ssl.issuer.serialNumber,zeek_ssl.issuer.title,zeek_ssl.issuer.initials,zeek_ssl.issuer.emailAddress,zeek_ssl.client_issuer.CN,zeek_ssl.client_issuer.C,zeek_ssl.client_issuer.O,zeek_ssl.client_issuer.OU,zeek_ssl.client_issuer.ST,zeek_ssl.client_issuer.SN,zeek_ssl.client_issuer.L,zeek_ssl.client_issuer.DC,zeek_ssl.client_issuer.GN,zeek_ssl.client_issuer.pseudonym,zeek_ssl.client_issuer.serialNumber,zeek_ssl.client_issuer.title,zeek_ssl.client_issuer.initials,zeek_ssl.client_issuer.emailAddress,zeek_ssl.validation_status")
@@ -907,7 +920,7 @@ function ZeekLogs (api, section) {
   this.api.addView("zeek_tds_sql_batch", "require:zeek_tds_sql_batch;title:Zeek tds_sql_batch.log;fields:zeek_tds_sql_batch.header_type,zeek_tds_sql_batch.query")
   this.api.addView("zeek_tunnel", "require:zeek_tunnel;title:Zeek tunnel.log;fields:zeek_tunnel.tunnel_type,zeek_tunnel.action")
   this.api.addView("zeek_weird", "require:zeek_weird;title:Zeek weird.log;fields:zeek_weird.name,zeek_weird.addl,zeek_weird.notice,zeek_weird.peer")
-  this.api.addView("zeek_x509", "require:zeek_x509;title:Zeek x509.log;fields:zeek_x509.fuid,zeek_x509.certificate_version,zeek_x509.certificate_serial,zeek_x509.certificate_subject.CN,zeek_x509.certificate_subject.C,zeek_x509.certificate_subject.O,zeek_x509.certificate_subject.OU,zeek_x509.certificate_subject.ST,zeek_x509.certificate_subject.SN,zeek_x509.certificate_subject.L,zeek_x509.certificate_subject.DC,zeek_x509.certificate_subject.GN,zeek_x509.certificate_subject.pseudonym,zeek_x509.certificate_subject.serialNumber,zeek_x509.certificate_subject.title,zeek_x509.certificate_subject.initials,zeek_x509.certificate_subject.emailAddress,zeek_x509.certificate_issuer.CN,zeek_x509.certificate_issuer.C,zeek_x509.certificate_issuer.O,zeek_x509.certificate_issuer.OU,zeek_x509.certificate_issuer.ST,zeek_x509.certificate_issuer.SN,zeek_x509.certificate_issuer.L,zeek_x509.certificate_issuer.GN,zeek_x509.certificate_issuer.pseudonym,zeek_x509.certificate_issuer.serialNumber,zeek_x509.certificate_issuer.title,zeek_x509.certificate_issuer.initials,zeek_x509.certificate_issuer.emailAddress,zeek_x509.certificate_not_valid_before,zeek_x509.certificate_not_valid_after,zeek_x509.certificate_key_alg,zeek_x509.certificate_sig_alg,zeek_x509.certificate_key_type,zeek_x509.certificate_key_length,zeek_x509.certificate_exponent,zeek_x509.certificate_curve,zeek_x509.san_dns,zeek_x509.san_uri,zeek_x509.san_email,zeek_x509.san_ip,zeek_x509.basic_constraints_ca,zeek_x509.basic_constraints_path_len")
+  this.api.addView("zeek_x509", "require:zeek_x509;title:Zeek x509.log;fields:zeek_x509.certificate_version,zeek_x509.certificate_serial,zeek_x509.certificate_subject.CN,zeek_x509.certificate_subject.C,zeek_x509.certificate_subject.O,zeek_x509.certificate_subject.OU,zeek_x509.certificate_subject.ST,zeek_x509.certificate_subject.SN,zeek_x509.certificate_subject.L,zeek_x509.certificate_subject.DC,zeek_x509.certificate_subject.GN,zeek_x509.certificate_subject.pseudonym,zeek_x509.certificate_subject.serialNumber,zeek_x509.certificate_subject.title,zeek_x509.certificate_subject.initials,zeek_x509.certificate_subject.emailAddress,zeek_x509.certificate_issuer.CN,zeek_x509.certificate_issuer.C,zeek_x509.certificate_issuer.O,zeek_x509.certificate_issuer.OU,zeek_x509.certificate_issuer.ST,zeek_x509.certificate_issuer.SN,zeek_x509.certificate_issuer.L,zeek_x509.certificate_issuer.GN,zeek_x509.certificate_issuer.pseudonym,zeek_x509.certificate_issuer.serialNumber,zeek_x509.certificate_issuer.title,zeek_x509.certificate_issuer.initials,zeek_x509.certificate_issuer.emailAddress,zeek_x509.certificate_not_valid_before,zeek_x509.certificate_not_valid_after,zeek_x509.certificate_key_alg,zeek_x509.certificate_sig_alg,zeek_x509.certificate_key_type,zeek_x509.certificate_key_length,zeek_x509.certificate_exponent,zeek_x509.certificate_curve,zeek_x509.san_dns,zeek_x509.san_uri,zeek_x509.san_email,zeek_x509.san_ip,zeek_x509.basic_constraints_ca,zeek_x509.basic_constraints_path_len")
 
   // Add the source as available
   this.api.addSource("zeek", this);
diff --git a/name-map-ui/config/fpm-pool.conf b/name-map-ui/config/fpm-pool.conf
new file mode 100644
index 000000000..a3a6b288f
--- /dev/null
+++ b/name-map-ui/config/fpm-pool.conf
@@ -0,0 +1,56 @@
+[global]
+; Log to /dev/fd/1 for docker
+error_log = /dev/fd/1
+
+[www]
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = 127.0.0.1:9000
+
+; Enable status page
+pm.status_path = /fpm-status
+
+; Ondemand process manager
+pm = ondemand
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 100
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+pm.max_requests = 1000
+
+; Make sure the FPM workers can reach the environment variables for configuration
+clear_env = no
+
+; Catch output from PHP
+catch_workers_output = yes
+
+; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message
+decorate_workers_output = no
+
+; Enable ping page to use in healthcheck
+ping.path = /fpm-ping
diff --git a/name-map-ui/config/nginx.conf b/name-map-ui/config/nginx.conf
new file mode 100644
index 000000000..97b316e81
--- /dev/null
+++ b/name-map-ui/config/nginx.conf
@@ -0,0 +1,92 @@
+worker_processes 1;
+error_log stderr warn;
+pid /run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include mime.types;
+    default_type application/octet-stream;
+
+    # Define custom log format to include reponse times
+    log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
+                          '$status $body_bytes_sent "$http_referer" '
+                          '"$http_user_agent" "$http_x_forwarded_for" '
+                          '$request_time $upstream_response_time $pipe $upstream_cache_status';
+
+    access_log /dev/stdout main_timed;
+    error_log /dev/stderr notice;
+
+    keepalive_timeout 65;
+
+    # Write temporary files to /tmp so they can be created as a non-privileged user
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path /tmp/proxy_temp_path;
+    fastcgi_temp_path /tmp/fastcgi_temp;
+    uwsgi_temp_path /tmp/uwsgi_temp;
+    scgi_temp_path /tmp/scgi_temp;
+
+    # Default server definition
+    server {
+        listen 8080 default_server;
+        server_name _;
+
+        sendfile off;
+
+        root /var/www/html;
+        index index.php index.html;
+
+        location / {
+            # First attempt to serve request as file, then
+            # as directory, then fall back to index.php
+            try_files $uri $uri/ /index.php?q=$uri&$args;
+        }
+
+        location ~* maps/.+\.(txt|json)$ {
+          expires -1;
+          add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+        }
+
+        # Redirect server error pages to the static page /50x.html
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root /var/lib/nginx/html;
+        }
+
+        # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000
+        location ~ \.php$ {
+            try_files $uri =404;
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_pass 127.0.0.1:9000;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+            fastcgi_index index.php;
+            include fastcgi_params;
+        }
+
+        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
+            expires 5d;
+        }
+
+        # Deny access to . files, for security
+        location ~ /\. {
+            log_not_found off;
+            deny all;
+        }
+
+        # Allow fpm ping and status from localhost
+        location ~ ^/(fpm-status|fpm-ping)$ {
+            access_log off;
+            allow 127.0.0.1;
+            deny all;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include fastcgi_params;
+            fastcgi_pass 127.0.0.1:9000;
+        }
+    }
+
+    # Include other server configs
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/name-map-ui/config/php.ini b/name-map-ui/config/php.ini
new file mode 100644
index 000000000..d91b95891
--- /dev/null
+++ b/name-map-ui/config/php.ini
@@ -0,0 +1,7 @@
+[PHP]
+file_uploads = On
+upload_max_filesize = 64M
+max_file_uploads = 4
+
+[Date]
+date.timezone="UTC"
diff --git a/name-map-ui/config/supervisor_logstash_ctl.conf b/name-map-ui/config/supervisor_logstash_ctl.conf
new file mode 100644
index 000000000..de572adcf
--- /dev/null
+++ b/name-map-ui/config/supervisor_logstash_ctl.conf
@@ -0,0 +1,10 @@
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+pidfile=/run/supervisord.pid
+
+[supervisorctl]
+serverurl=http://logstash:9001
diff --git a/name-map-ui/config/supervisord.conf b/name-map-ui/config/supervisord.conf
new file mode 100644
index 000000000..c01f68e10
--- /dev/null
+++ b/name-map-ui/config/supervisord.conf
@@ -0,0 +1,48 @@
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+[unix_http_server]
+file=/tmp/supervisor.sock   ; (the path to the socket file)
+chmod=0700
+
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+pidfile=/run/supervisord.pid
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:php-fpm]
+command=php-fpm7 -F
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+autorestart=false
+startretries=0
+
+[program:nginx]
+command=nginx -g 'daemon off;'
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+autorestart=false
+startretries=0
+
+[program:watch-upload]
+command=/bin/bash -c "sleep 15 && /usr/local/bin/name-map-save-watch.sh"
+startsecs=20
+startretries=1
+stopasgroup=true
+killasgroup=true
+directory=/var/www/html/upload
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
diff --git a/name-map-ui/scripts/name-map-save-watch.sh b/name-map-ui/scripts/name-map-save-watch.sh
new file mode 100755
index 000000000..666bf8437
--- /dev/null
+++ b/name-map-ui/scripts/name-map-save-watch.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+PROCESS_DIR=${NAME_MAP_SAVE_DIR:-/var/www/html/upload/}
+DEST_MAP=${NAME_MAP_JSON:-/var/www/html/maps/net-map.json}
+
+inotifywait -m -e close_write --format '%w%f' "${PROCESS_DIR}" | while read NEWFILE
+do
+  sleep 0.1
+  # verify that the file is json|txt and that it is valid JSON
+  FILEMIME=$(file -b --mime-type "$NEWFILE")
+  if ( echo "$FILEMIME" | grep -q -e "\(application/json\|text/plain\)" ) && ( python3 -mjson.tool "$NEWFILE" >/dev/null 2>&1 ); then
+    # move the new net-map.json file into its final location
+    # (done like this with "tee" since we may not be able to cp overwrite a volume-mounted file)
+    (>/dev/null tee "$DEST_MAP" < "$NEWFILE") && echo "\"$NEWFILE\" -> \"$DEST_MAP\""
+    rm -f "$NEWFILE"
+  else
+    # invalud or unhandled file type uploaded, delete it
+    (>&2 rm -f "$NEWFILE") && echo "Removed \"$NEWFILE\" (\"$FILEMIME\"): invalid file type or format"
+  fi
+done
diff --git a/name-map-ui/site/index.html b/name-map-ui/site/index.html
new file mode 100644
index 000000000..cb984edcf
--- /dev/null
+++ b/name-map-ui/site/index.html
@@ -0,0 +1,523 @@
+<!doctype html>
+
+<!-- Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved. -->
+
+<!--[if lt IE 7 ]> <html lang="en" class="no-js ie6"> <![endif]-->
+<!--[if IE 7 ]>    <html lang="en" class="no-js ie7"> <![endif]-->
+<!--[if IE 8 ]>    <html lang="en" class="no-js ie8"> <![endif]-->
+<!--[if IE 9 ]>    <html lang="en" class="no-js ie9"> <![endif]-->
+<!--[if (gt IE 9)|!(IE)]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
+
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+  <link rel="stylesheet" href="name-map-ui/mapping.css">
+  <script src="name-map-ui/jquery.min.js"></script>
+  <title>Host and Network Segment Name Mapping</title>
+</head>
+
+<body>
+
+  <div id="container" class="mapping-page">
+    <div id="main">
+      <div class="c1">
+        <img class="center" src="name-map-ui/Malcolm_banner.png" alt="">
+        <h1>Host and Network Segment Name Mapping</h1>
+        <div id="mapping">
+          <table>
+            <thead>
+              <tr>
+                <th class="sort" title="Mapping type (host or network segment)" data-sort="type">Type</th>
+                <th class="sort" title="Host address (IP or MAC) or CIDR-formatted IP range" data-sort="address">Address</th>
+                <th class="sort" title="Host or network segment name" data-sort="name">Name</th>
+                <th class="sort" title="Assign name only if the event contains this tag (optional)" data-sort="tag">Tag</th>
+                <th colspan="2">
+                  <input type="text" class="search" placeholder="🔎 Search mappings" />
+                </th>
+              </tr>
+            </thead>
+            <tbody class="list"/>
+            <tfoot>
+              <tr>
+                <td class="type">
+                  <input type="hidden" id="id-field" />
+                  <select id="type-field">
+                    <option value="host">🖳 host</option>
+                    <option value="segment">🖧 segment</option>
+                  </select>
+                </td>
+                <td class="address">
+                  <input type="text" id="address-field" placeholder="Address" />
+                </td>
+                <td class="name">
+                  <input type="text" id="name-field" placeholder="Name" />
+                </td>
+                <td class="tag">
+                  <input type="text" id="tag-field" placeholder="Tag (optional)" />
+                </td>
+                <td class="add" colspan="2">
+                  <button title="Create new mapping" class="add-btn" id="add-btn">💾</button>
+                  <button title="Modify mapping" class="update-btn" id="update-btn">💾</button>
+                  <button title="Cancel changes" class="cancel-btn" id="cancel-btn">❌</button>
+                </td>
+              </tr>
+              <tr>
+                <td class="foot">
+                  <input type="file" id="import-file" name="import-file" style="display:none;"/>
+                  <button title="Import mappings from a JSON file" class="import-btn" id="import-btn">📥 Import</button>
+                </td>
+                <td class="foot">
+                  <button title="Download mappings as a JSON file" class="export-btn" id="export-btn">📤 Export</button>
+                </td>
+                <td class="foot" colspan="2">
+                  <button title="Write mappings to Malcolm's net-map.json" class="save-btn" id="save-btn">💾 Save Mappings</button>
+                  <input type="hidden" value=0 id="save-state"/>
+                </td>
+                <td class="foot" colspan="2">
+                  <button title="Restart log ingestion, parsing and enrichment" class="restart-btn" id="restart-btn">🔁 Restart Logstash</button>
+                </td>
+              </tr>
+            </tfoot>
+          </table>
+        </div>
+      </div>
+    </div>
+  </div> <!-- end of #container .mapping-page -->
+
+  <script src="name-map-ui/list.min.js"></script>
+  <script type="text/javascript">
+
+    // define value names and template for new list items
+    var options = {
+      valueNames: [ 'id', 'type', 'address', 'name', 'tag' ],
+      item: '<tr><td class="id" style="display:none;"><td class="type"></td></td><td class="address"></td><td class="name"></td><td class="tag"></td><td class="update"><button title="Modify this mapping" class="edit-item-btn">📝</button></td><td class="remove"><button title="Remove this entry" class="remove-item-btn">🚫</button></td></tr>'
+    };
+
+    // initialize list and other elements
+    var mappingList = new List('mapping', options);
+
+    var idField = $('#id-field'),
+        typeField = $('#type-field'),
+        addressField = $('#address-field'),
+        nameField = $('#name-field'),
+        tagField = $('#tag-field'),
+        addBtn = $('#add-btn'),
+        updateBtn = $('#update-btn').hide(),
+        cancelBtn = $('#cancel-btn').hide(),
+        saveBtn = $('#save-btn'),
+        saveState = $('#save-state'),
+        exportBtn = $('#export-btn'),
+        importBtn = $('#import-btn'),
+        importFile = $('#import-file'),
+        restartBtn = $('#restart-btn'),
+        removeBtns = $('.remove-item-btn'),
+        editBtns = $('.edit-item-btn');
+
+    // sets callbacks to the buttons in the list
+    refreshCallbacks();
+
+    function focusItem(itemId) {
+      // scroll back up to item that was updated
+      // todo: is there a more efficient way to do this? there's got to be with list.js
+      for (const editBtnKey in editBtns) {
+        if (editBtnKey && (editBtns[editBtnKey])) {
+          entry = (editBtns[editBtnKey].closest) ? editBtns[editBtnKey].closest('tr').firstChild : null;
+          if (entry && entry.firstChild && entry.firstChild.data && (String(entry.firstChild.data) === String(itemId))) {
+            editBtns[editBtnKey].focus();
+            break;
+          }
+        }
+      }
+    } // focusItem
+
+    // store a new value from the edit inputs into the list
+    addBtn.click(function() {
+      const type = typeField.val();
+      const address = addressField.val().trim();
+      const name = nameField.val().trim();
+      const tag = tagField.val().trim();
+      if ((file_types_valid.has(type)) &&
+          (address) && (address.length > 0) &&
+          (name) && (name.length > 0)) {
+        mappingList.add({
+          // todo: better random ID generator (if necessary)
+          id: Math.floor(Math.random()*110000),
+          type: type,
+          address: address,
+          name: name,
+          tag: tag
+        });
+        saveState.val(parseInt(saveState.val()) + 1);
+        clearFields();
+        refreshCallbacks();
+      }
+    });
+
+    // update an item being edited back into the list
+    updateBtn.click(function() {
+      const itemId = idField.val();
+      const type = typeField.val();
+      const address = addressField.val().trim();
+      const name = nameField.val().trim();
+      const tag = tagField.val().trim();
+      if ((file_types_valid.has(type)) &&
+          (address) && (address.length > 0) &&
+          (name) && (name.length > 0)) {
+        var item = mappingList.get('id', itemId)[0];
+        item.values({
+          id: itemId,
+          type: type,
+          address: addressField.val(),
+          name: nameField.val(),
+          tag: tagField.val()
+        });
+        saveState.val(parseInt(saveState.val()) + 1);
+        clearFields();
+        updateBtn.hide();
+        cancelBtn.hide();
+        addBtn.show();
+        focusItem(itemId);
+      }
+    });
+
+    // revert edits without updating
+    cancelBtn.click(function() {
+      const itemId = idField.val();
+      clearFields();
+      updateBtn.hide();
+      cancelBtn.hide();
+      addBtn.show();
+      focusItem(itemId);
+    });
+
+    function hasJsonStructure(str) {
+      if (typeof str !== 'string') return false;
+      try {
+        const result = JSON.parse(str);
+        const type = Object.prototype.toString.call(result);
+        return type === '[object Object]'
+            || type === '[object Array]';
+      } catch (err) {
+        return false;
+      }
+    }
+
+    function download(filename, text, contentType="text/plain") {
+      var element = document.createElement('a');
+      element.setAttribute('href', 'data:' + contentType + ';charset=utf-8,' + encodeURIComponent(text));
+      element.setAttribute('download', filename);
+      element.style.display = 'none';
+      document.body.appendChild(element);
+      element.click();
+      document.body.removeChild(element);
+    }
+
+    async function uploadNameMap(jsonStr) {
+      let formData = new FormData();
+      let upBlob = new Blob([jsonStr], { type: 'application/json' });
+      formData.append("upfile", upBlob);
+      try {
+        let r = await fetch('name-map-ui/upload.php', {method: "POST", body: formData});
+      } catch(e) {
+        console.log('uploadNameMap error: ', e);
+      }
+    }
+
+    async function restartLogstash() {
+      let formData = new FormData();
+      formData.append("save-state", saveState.val());
+      try {
+        let r = await fetch('name-map-ui/restart-logstash.php', {method: "POST", body: formData});
+      } catch(e) {
+        console.log('restartLogstash error: ', e);
+      }
+    }
+
+    saveBtn.click(function() {
+      if ((mappingList) && (confirm("Save name mappings?") === true )) {
+        // create list of all items (minus the random "id" index field)
+        let items = mappingList.items.map(
+          function(item) { return (({ id, ...o }) => o)(item.values()); }
+        );
+        uploadNameMap(JSON.stringify(items, null, 2));
+        saveState.val(0);
+      }
+    });
+
+    exportBtn.click(function() {
+      if (mappingList) {
+        // create list of all items (minus the random "id" index field)
+        let items = mappingList.items.map(
+          function(item) { return (({ id, ...o }) => o)(item.values()); }
+        );
+        download('net-map.json', JSON.stringify(items, null, 2), "application/json");
+      }
+    });
+
+    importFile.change(function (event) {
+      if ((event) && (event.target) && (event.target.files) && (event.target.files.length > 0)) {
+        let f = event.target.files[0];
+        if (((f.type === 'application/json') || (f.type === 'text/plain')) && (f.size <= 67108864)) {
+          let reader = new FileReader();
+          reader.onload = function(e) {
+            if (hasJsonStructure(e.target.result)) {
+              // replace current map list with that from imported file
+              populateMapList([{fileType: null,
+                                fileSrc: file_spec_in_memory,
+                                filePath: e.target.result}], -1);
+
+            } else {
+              alert('Invalid file format: ' + f.name + ', ' + f.type + ', ' + f.size + ' bytes');
+            }
+          };
+          reader.readAsText(f);
+        } else {
+          alert('Invalid file: ' + f.name + ', ' + f.type + ', ' + f.size + ' bytes');
+        }
+      }
+    });
+
+    importBtn.click(function() {
+      if ((mappingList) && (confirm("Clear and replace current name mappings with those from a file?") === true )) {
+        importFile.click();
+      }
+    });
+
+    restartBtn.click(function() {
+      let confirmMsg = '';
+      if (parseInt(saveState.val()) > 0) {
+        saveBtn.click();
+      }
+      confirmMsg = confirmMsg.concat("Apply the saved name mappings and restart Logstash?");
+      if (confirm(confirmMsg) == true ) {
+         restartLogstash();
+         alert("Logstash is restarting in the background.\nLog ingestion will be resumed in a few minutes.");
+      }
+    });
+
+    // apply callbacks for the buttons on the list items
+    function refreshCallbacks() {
+
+      removeBtns = $(removeBtns.selector);
+      editBtns = $(editBtns.selector);
+
+      // delete item
+      removeBtns.click(function() {
+        var itemId = $(this).closest('tr').find('.id').text();
+        mappingList.remove('id', itemId);
+        saveState.val(parseInt(saveState.val()) + 1);
+      });
+
+      // populate the edit inputs from the values of row where Edit was clicked
+      editBtns.click(function() {
+        var itemId = $(this).closest('tr').find('.id').text();
+        var itemValues = mappingList.get('id', itemId)[0].values();
+        idField.val(itemValues.id);
+        typeField.val(itemValues.type);
+        addressField.val(itemValues.address);
+        nameField.val(itemValues.name);
+        tagField.val(itemValues.tag);
+
+        updateBtn.show();
+        cancelBtn.show();
+        addBtn.hide();
+        window.scrollTo(0,document.body.scrollHeight);
+        // focus and scroll to editing fields
+        addressField.focus();
+        addressField.select();
+      });
+    }
+
+    // clear edit inputs
+    function clearFields() {
+      typeField.val('host');
+      addressField.val('');
+      nameField.val('');
+      tagField.val('');
+    }
+
+    const file_type_txt_cidr  = 'segment';
+    const file_type_txt_host  = 'host';
+    const file_types_valid    = new Set([file_type_txt_cidr, file_type_txt_host]);
+
+    const file_spec_on_server = 'SERVER';
+    const file_spec_in_memory = 'LOCALSTR';
+    const file_specs_valid    = new Set([file_spec_on_server, file_spec_in_memory]);
+
+
+    // given the text of a mapping file (eg., net-map.json, cidr-map.txt, host-map.txt)
+    // populate an array containing the mapping entries from that file
+    function parseMapFileText(fileTxt, mapType=null) {
+      let result;
+
+      if (hasJsonStructure(fileTxt)) {
+        // is already JSON text, should be the format we want
+        result = JSON.parse(fileTxt);
+
+      } else {
+        // parse the lines from the cidr-map.txt/host-map.txt format
+        result = [];
+        const lines = fileTxt.split(/\r?\n/);
+        for (lineIdx in lines) {
+          let line = lines[lineIdx];
+          if (!line.startsWith("#")) {
+            const vals = line.split("|");
+            const valsLen = vals.length;
+            if ((valsLen >= 2) && (valsLen < 4)) {
+              const name = vals[1].trim();
+              const tag = (valsLen > 2) ? vals[2].trim() : "";
+              const addrs = vals[0].trim().split(",");
+              for (addrIdx in addrs) {
+                result.push({
+                  type: mapType,
+                  address: addrs[addrIdx],
+                  name: name,
+                  tag: tag
+                });
+              }
+            } // line has the right number of delimited fields
+          } // line is not a # comment
+        } // for (lineIdx in lines)
+      } // if/else hasJsonStructure
+
+      if (!Array.isArray(result)) {
+        result = null;
+      }
+      return result;
+
+    } // parseMapFileText
+
+
+    // given an array of filespecs (eg.,
+    // [{fileType: file_type_txt_cidr, filePath: 'maps/cidr-map.txt'},
+    //  {fileType: file_type_txt_host, filePath: 'maps/host-map.txt'},
+    //  {fileType: null, filePath: 'maps/net-map.json'}]
+    // read and return an array of the mappings within those files
+
+    function loadMapsFromFiles(fileSpecs, cb) {
+
+      let result = []
+
+      if ((fileSpecs.length > 0) && (fileSpecs[0]) && (file_specs_valid.has(fileSpecs[0].fileSrc))) {
+
+        // if this is a delimited file (not JSON) mark the type
+        let mapType = null;
+        if (fileSpecs[0].fileType === file_type_txt_cidr) {
+          mapType = "segment";
+        } else if (fileSpecs[0].fileType === file_type_txt_host) {
+          mapType = "host";
+        }
+        // else the type is per-item in the JSON
+
+        if (fileSpecs[0].fileSrc === file_spec_in_memory) {
+          // the text of the file is already in memory
+          result = parseMapFileText(fileSpecs[0].filePath, mapType);
+          return cb(result);
+
+        } else {
+          // GET the file from the server
+          var txtFile = new XMLHttpRequest();
+          txtFile.open("GET", fileSpecs[0].filePath, true);
+          txtFile.send();
+          txtFile.onreadystatechange = function() {
+            if (txtFile.status === 200) {
+              if (txtFile.readyState === 4) {
+                result = parseMapFileText(txtFile.responseText, mapType);
+                if (fileSpecs.length > 1) {
+                  // we have processed this fileSpec, process the next
+                  loadMapsFromFiles(fileSpecs.slice(1), function(nextFileResult) {
+                    return cb(result.concat(nextFileResult));
+                  });
+                } else {
+                  // we have processed this fileSpec, and there are no more to process
+                  return cb(result);
+                }
+              } // txtFile.readyState is ready
+
+            } else if (fileSpecs.length > 1) {
+              // the GET returned an error, process the next fileSpec
+              loadMapsFromFiles(fileSpecs.slice(1), function(nextFileResult) {
+                return cb(result.concat(nextFileResult));
+              });
+
+            } else {
+              // the GET returned an error, and there are no more fileSpecs to process
+              return cb(result);
+            }
+
+          } // txtFile.onreadystatechange
+        }
+
+      } else if (fileSpecs.length > 1) {
+        // the first fileSpec is invalid, process the next
+        loadMapsFromFiles(fileSpecs.slice(1), function(nextFileResult) {
+          return cb(result.concat(nextFileResult));
+        });
+
+      } else {
+        // the first fileSpec is missing or invalid, and there are no more to process
+        return cb(result);
+      }
+
+    } // loadMapsFromFiles
+
+    function populateMapList(fileSpecs, newSaveState=0) {
+      // load old delimited plain text format
+      //   IP or MAC address to host name map:
+      //     address|host name|required tag
+      //   CIDR to network segment format:
+      //     IP(s)|segment name|required tag
+      // and JSON-formatted native format:
+      // [
+      //   {
+      //     "type": "segment",
+      //     "address": "172.16.0.0/24",
+      //     "name": "home",
+      //     "tag": ""
+      //   }, ...
+      mappingList.clear();
+      loadMapsFromFiles(fileSpecs, function (mapsArray) {
+
+        // convert to a hash to resolve any duplicates
+        var mapsHash = mapsArray.reduce(function(acc, cur) {
+          acc[cur.type + '|' + cur.address] = cur;
+          return acc;
+        }, {});
+
+        // populate the list.js List object
+        for (mapKey in mapsHash) {
+          let map = mapsHash[mapKey];
+          if ((file_types_valid.has(map.type)) &&
+              (map.address) && (map.address.length > 0) &&
+              (map.name) && (map.name.length > 0)) {
+            mappingList.add({
+              // todo: better random ID generator (if necessary)
+              id: Math.floor(Math.random()*110000),
+              type: map.type,
+              address: map.address,
+              name: map.name,
+              tag: map.tag ? map.tag : ""
+            });
+          }
+        }
+        mappingList.sort('address');
+        refreshCallbacks();
+        saveState.val((newSaveState >= 0) ? newSaveState : Math.max(Object.keys(mapsHash).length, 1));
+      });
+    } // populateMapList
+
+    // initial page load from cidr-map.txt, host-map.txt, and/or net-map.json
+    populateMapList([{fileType: file_type_txt_cidr,
+                      fileSrc: file_spec_on_server,
+                      filePath: 'name-map-ui/maps/cidr-map.txt',},
+                     {fileType: file_type_txt_host,
+                      fileSrc: file_spec_on_server,
+                      filePath: 'name-map-ui/maps/host-map.txt'},
+                     {fileType: null,
+                      fileSrc: file_spec_on_server,
+                      filePath: 'name-map-ui/maps/net-map.json'}]);
+
+  </script> <!-- end of ListJS-related scripts -->
+
+</body>
+</html>
\ No newline at end of file
diff --git a/name-map-ui/site/mapping.css b/name-map-ui/site/mapping.css
new file mode 100644
index 000000000..40b45c36e
--- /dev/null
+++ b/name-map-ui/site/mapping.css
@@ -0,0 +1,229 @@
+/* Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved. */
+
+html {
+  font-family: sans-serif;
+  line-height: 1.15;
+}
+
+body {
+  margin: 0;
+  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+  font-size: 0.9375rem;
+  font-weight: 400;
+  line-height: 1.5;
+  color: #cecece;
+  text-align: left;
+  background-color: #272B30;
+}
+
+body,
+div,
+dl,
+dt,
+dd,
+ul,
+ol,
+li,
+h1,
+h2,
+h3,
+h4,
+h5,
+h6,
+pre,
+form,
+fieldset,
+input,
+textarea,
+p,
+blockquote,
+th,
+td {
+  margin-top: 0;
+  margin-bottom: 0.5rem
+}
+
+table {
+  border-collapse: collapse;
+  border-spacing: 0;
+}
+
+fieldset,
+img {
+  border: 0;
+}
+
+img.center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+  width: 50%;
+}
+
+ol,
+ul,
+dl {
+  margin-top: 0;
+  margin-bottom: 0.5rem
+}
+
+caption,
+th {
+  text-align: left;
+}
+
+header {
+  float: left;
+  margin-bottom: 20px;
+  width: 100%;
+}
+
+address {
+  margin-bottom: 1rem;
+  line-height: inherit
+}
+
+#container {
+  width: 800px;
+  margin-top: auto;
+  margin-bottom: auto;
+  margin-right: auto;
+  margin-left: auto;
+}
+
+.c1 {
+  width: 800px;
+  float: left;
+}
+
+.c2 {
+  width: 355px;
+  float: left;
+}
+
+.c3 {
+  width: 235px;
+  float: left;
+}
+
+p {
+  margin-top: 0;
+  margin-bottom: 1rem
+}
+
+h1 {
+  letter-spacing: 1px;
+  text-align: center;
+  text-shadow: #262729 0 -1px 0;
+}
+
+h2 {
+  color: #bbb;
+  text-shadow: #262729 0 -1px 0;
+  font-weight: 300;
+  text-align: center;
+}
+
+input {
+  padding: 2px 10px;
+  border-radius: 10px;
+  border: solid 1px #555;
+  float: left;
+  margin-right: 10px;
+  margin-bottom: 15px;
+}
+
+input:focus {
+  border: none;
+  outline: none;
+  color: #007bff;
+  font-weight: bold;
+  border-top: solid 1px #aaa;
+  border-right: solid 1px #e6e6e6;
+  border-bottom: solid 1px #e6e6e6;
+  border-left: solid 1px #aaa;
+}
+
+table {
+  width: 100%;
+  margin-bottom: 10px;
+}
+
+th {
+  background-color: rgba(23, 25, 28, .8);
+  border: solid 1px rgba(255, 255, 255, .1);
+  padding: 10px 10px;
+  text-align: center;
+  font-weight: bold;
+  color: #ddd;
+  width: auto;
+}
+
+tr:hover {
+  background-color: #454c54;
+}
+
+td {
+  padding: 10px 10px;
+  border: solid 1px rgba(255, 255, 255, .1);
+  width: auto;
+}
+
+td.update,
+td.remove,
+td.type {
+  text-align: center;
+}
+
+td.address {
+  font-family: monospace;
+}
+
+button.add-btn,
+button.update-btn,
+button.cancel-btn,
+button.edit-item-btn,
+button.remove-item-btn {
+  font-size: 1.33rem;
+  border: 2px #ddd;
+  border-radius: 4px;
+}
+
+button.save-btn,
+button.export-btn,
+button.import-btn,
+button.restart-btn {
+  font-size: 0.9rem;
+}
+
+#container.mapping-page {
+  margin-top: 10px;
+}
+
+#mapping {
+  margin-bottom: 20px;
+}
+
+#mapping td.update,
+#mapping td.remove {
+  width: 130px;
+}
+
+#mapping td.add {
+  width: 300px;
+  text-align: center;
+}
+
+#mapping td.foot {
+  text-align: center;
+}
+
+#mapping input {
+  width: 130px;
+  margin: 0;
+  border-radius: 5px;
+}
+
+#mapping input.search {
+  width: 185px;
+}
\ No newline at end of file
diff --git a/name-map-ui/site/restart-logstash.php b/name-map-ui/site/restart-logstash.php
new file mode 100644
index 000000000..fe1bb405c
--- /dev/null
+++ b/name-map-ui/site/restart-logstash.php
@@ -0,0 +1,6 @@
+<?php
+if (isset($_POST['save-state'])) {
+  $output = shell_exec('/usr/bin/supervisorctl -c /etc/supervisor/logstash/supervisord.conf restart logstash');
+  echo "<pre>$output</pre>";
+}
+?>
diff --git a/name-map-ui/site/upload.html b/name-map-ui/site/upload.html
new file mode 100644
index 000000000..01bdc734a
--- /dev/null
+++ b/name-map-ui/site/upload.html
@@ -0,0 +1,8 @@
+<html>
+<body>
+  <form enctype="multipart/form-data" action="upload.php" method="post">
+    Choose a file to upload: <input name="upfile" type="file" />
+    <input type="submit" value="Upload" />
+  </form>
+</body>
+</html>
diff --git a/name-map-ui/site/upload.php b/name-map-ui/site/upload.php
new file mode 100644
index 000000000..98f85246c
--- /dev/null
+++ b/name-map-ui/site/upload.php
@@ -0,0 +1,57 @@
+<?php
+
+header('Content-Type: text/plain; charset=utf-8');
+
+try {
+
+  // invalid multiple files / $_FILES corruption attack
+  if (!isset($_FILES['upfile']['error']) ||
+      is_array($_FILES['upfile']['error'])) {
+    throw new RuntimeException('Invalid parameters');
+  }
+
+  // validate $_FILES['upfile']['error']
+  switch ($_FILES['upfile']['error']) {
+    case UPLOAD_ERR_OK:
+      break;
+    case UPLOAD_ERR_NO_FILE:
+      throw new RuntimeException('No file sent');
+    case UPLOAD_ERR_INI_SIZE:
+    case UPLOAD_ERR_FORM_SIZE:
+      throw new RuntimeException('Exceeded filesize limit');
+    default:
+      throw new RuntimeException('Unknown error');
+  }
+
+  // maximum upload filesize
+  if ($_FILES['upfile']['size'] > 67108864) {
+    throw new RuntimeException('Exceeded filesize limit');
+  }
+
+  // check upload MIME type
+  $finfo = new finfo(FILEINFO_MIME_TYPE);
+  $fmime = $finfo->file($_FILES['upfile']['tmp_name']);
+  if (false === $ext = array_search($fmime,
+                                    array('json' => 'application/json',
+                                          'txt' => 'text/plain'),
+                                    true)) {
+    throw new RuntimeException(sprintf('Invalid file format: "%s"', $fmime));
+  }
+
+  // give file unique name based on sha
+  $ftmpname = $_FILES['upfile']['tmp_name'];
+  $fdstname = sprintf('./upload/%s.%s',
+                      sha1_file($_FILES['upfile']['tmp_name']),
+                      $ext);
+  if (!move_uploaded_file($ftmpname, $fdstname)) {
+    throw new RuntimeException(sprintf('Failed to move uploaded file ("%s" -> "%s")', $ftmpname, $fdstname));
+  }
+
+  echo 'Success';
+
+} catch (RuntimeException $e) {
+  error_log ($e->getMessage());
+  echo $e->getMessage();
+}
+
+?>
\ No newline at end of file
diff --git a/net-map.json b/net-map.json
new file mode 100644
index 000000000..0637a088a
--- /dev/null
+++ b/net-map.json
@@ -0,0 +1 @@
+[]
\ No newline at end of file
diff --git a/nginx/certs/.gitignore b/nginx/certs/.gitignore
new file mode 100644
index 000000000..a5baada18
--- /dev/null
+++ b/nginx/certs/.gitignore
@@ -0,0 +1,3 @@
+*
+!.gitignore
+
diff --git a/nginx/certs/gen_self_signed_certs.sh b/nginx/certs/gen_self_signed_certs.sh
deleted file mode 100755
index 7d5988009..000000000
--- a/nginx/certs/gen_self_signed_certs.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-
-# one may wish to consider not using self-signed certificates in production
-openssl dhparam -out dhparam.pem 2048
-openssl req -subj '/CN=localhost' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 3650
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 9be5cf675..8c1c0e25f 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 daemon off;
 
@@ -10,14 +10,21 @@ http {
 
   include /etc/nginx/mime.types;
   sendfile on;
+
   client_max_body_size 20m;
-  fastcgi_buffers 16 16k;
-  fastcgi_buffer_size 32k;
-  fastcgi_read_timeout 600;
-  proxy_read_timeout 600;
-  proxy_buffer_size 128k;
-  proxy_buffers 4 256k;
-  proxy_busy_buffers_size 256k;
+
+  fastcgi_buffers 16 64k;
+  fastcgi_buffer_size 256k;
+  fastcgi_read_timeout 300s;
+  fastcgi_busy_buffers_size 384k;
+  fastcgi_request_buffering off;
+
+  proxy_connect_timeout 180s;
+  proxy_read_timeout 300s;
+  proxy_send_timeout 300s;
+  proxy_buffer_size 512k;
+  proxy_buffers 16 4m;
+  proxy_busy_buffers_size 16m;
 
   # if LDAP authentication is enabled, this will configure the ldap_server section
   include /etc/nginx/nginx_ldap_rt.conf;
@@ -58,6 +65,10 @@ http {
     server logstash:9600;
   }
 
+  upstream docker-name-map-ui {
+    server name-map-ui:8080;
+  }
+
   # htadmin (htpasswd/user management)
   server {
     listen 488 ssl;
@@ -89,9 +100,23 @@ http {
 
     # Malcolm file upload
     location /upload {
-      proxy_pass http://docker-upload;
+      proxy_http_version 1.1;
+      proxy_set_header Connection "";
+      proxy_pass http://docker-upload/;
+      proxy_redirect off;
+      proxy_set_header Host upload.malcolm.local;
+      proxy_request_buffering off;
+      proxy_buffering off;
+      client_max_body_size 20G;
+    }
+    location /server/php {
+      proxy_http_version 1.1;
+      proxy_set_header Connection "";
+      proxy_pass http://docker-upload/server/php/;
       proxy_redirect off;
       proxy_set_header Host upload.malcolm.local;
+      proxy_request_buffering off;
+      proxy_buffering off;
       client_max_body_size 20G;
     }
 
@@ -131,7 +156,6 @@ http {
       proxy_set_header Host kibana.malcolm.local;
     }
 
-
     # already prepended /kibana to match the server.basePath in kibana's YML config file
     location /kibana {
       proxy_pass http://docker-kibana;
@@ -146,6 +170,21 @@ http {
       proxy_set_header Host kibana.malcolm.local;
     }
 
+    # offline region maps for kibana
+    location /world.geojson {
+      proxy_pass http://docker-kibana-maps;
+      proxy_redirect off;
+      proxy_set_header Host kibana.malcolm.local;
+    }
+
+    # name-map-ui (UI for mapping names to network hosts and subnets)
+    location /name-map-ui {
+      proxy_pass http://docker-name-map-ui/;
+      proxy_redirect off;
+      proxy_set_header Host name-map-ui.malcolm.local;
+      proxy_cache off;
+    }
+
     location = /favicon.ico {
       alias /etc/nginx/favicon.ico;
     }
@@ -188,9 +227,13 @@ http {
     }
 
     location / {
+      proxy_http_version 1.1;
+      proxy_set_header Connection "";
       proxy_pass http://docker-upload;
       proxy_redirect off;
       proxy_set_header Host upload.malcolm.local;
+      proxy_request_buffering off;
+      proxy_buffering off;
       client_max_body_size 20G;
     }
   }
@@ -224,21 +267,6 @@ http {
     }
   }
 
-  # Kibana offline map server
-  server {
-    listen 28991;
-
-    location = /favicon.ico {
-      alias /etc/nginx/favicon.ico;
-    }
-
-    location / {
-      proxy_pass http://docker-kibana-maps;
-      proxy_redirect off;
-      proxy_set_header Host kibana.malcolm.local;
-    }
-  }
-
   # Elasticsearch API
   server {
     listen 9200 ssl;
diff --git a/nginx/supervisord.conf b/nginx/supervisord.conf
index 784ce2b32..0382d9163 100644
--- a/nginx/supervisord.conf
+++ b/nginx/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
@@ -26,15 +26,29 @@ stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 redirect_stderr=true
 
-[program:dockergen]
-command=/usr/local/bin/docker-gen -watch -notify "nginx -s reload" /etc/nginx/nginx.tmpl /etc/nginx/conf.d/default.conf
-startsecs=5
+[program:logaccess]
+command=/usr/bin/tail -F /var/log/nginx/access.log
+startsecs=10
 startretries=2000000000
 stopasgroup=true
 killasgroup=true
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
-redirect_stderr=true
+stderr_logfile=/dev/null
+stdout_logfile_maxbytes=0
+redirect_stderr=false
+
+[program:logerrors]
+command=/usr/bin/tail -F /var/log/nginx/error.log
+startsecs=10
+startretries=2000000000
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/null
+stdout_logfile_maxbytes=0
+redirect_stderr=false
 
 [program:stunnel]
 command=/usr/bin/stunnel /etc/stunnel/stunnel.conf
diff --git a/pcap-capture/scripts/netsniff-roll.sh b/pcap-capture/scripts/netsniff-roll.sh
index 0290b5851..3ebd50281 100755
--- a/pcap-capture/scripts/netsniff-roll.sh
+++ b/pcap-capture/scripts/netsniff-roll.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 lastmod(){
   expr $(date +%s) - $(stat -c %X "$1")
diff --git a/pcap-capture/scripts/supervisor.sh b/pcap-capture/scripts/supervisor.sh
index 8070480c0..c17490f1e 100755
--- a/pcap-capture/scripts/supervisor.sh
+++ b/pcap-capture/scripts/supervisor.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 set -e
diff --git a/pcap-capture/supervisord.conf b/pcap-capture/supervisord.conf
index c42ea2300..e779e8b99 100644
--- a/pcap-capture/supervisord.conf
+++ b/pcap-capture/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/pcap-capture/templates/tcpdump.template b/pcap-capture/templates/tcpdump.template
index 819a5630d..aa9f7c3d3 100644
--- a/pcap-capture/templates/tcpdump.template
+++ b/pcap-capture/templates/tcpdump.template
@@ -1,5 +1,5 @@
 [program:tcpdump-$IFACE]
-command=/usr/sbin/tcpdump -i "$IFACE" -s %(ENV_PCAP_SNAPLEN)s -w "tcpdump-$IFACE_%(ENV_PCAP_TCPDUMP_FILENAME_PATTERN)s.pcap" -G %(ENV_PCAP_ROTATE_SECONDS)s -C %(ENV_PCAP_ROTATE_MEGABYTES)s -K -n "%(ENV_PCAP_FILTER)s"
+command=/usr/sbin/tcpdump -i "$IFACE" -s %(ENV_PCAP_SNAPLEN)s -w "tcpdump-$IFACE_%(ENV_PCAP_TCPDUMP_FILENAME_PATTERN)s" -G %(ENV_PCAP_ROTATE_SECONDS)s -C %(ENV_PCAP_ROTATE_MEGABYTES)s -K -n "%(ENV_PCAP_FILTER)s"
 startsecs=5
 startretries=3
 stopasgroup=true
diff --git a/pcap-monitor/scripts/watch-pcap-uploads-folder.sh b/pcap-monitor/scripts/watch-pcap-uploads-folder.sh
index f8eae211e..e751eef22 100755
--- a/pcap-monitor/scripts/watch-pcap-uploads-folder.sh
+++ b/pcap-monitor/scripts/watch-pcap-uploads-folder.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 PCAP_BASE_PATH=${PCAP_PATH:-"/pcap"}
 ZEEK_BASE_PATH=${ZEEK_PATH:-"/zeek"}
diff --git a/pcap-monitor/supervisord.conf b/pcap-monitor/supervisord.conf
index 15112edc6..50a95152c 100644
--- a/pcap-monitor/supervisord.conf
+++ b/pcap-monitor/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)
diff --git a/scripts/auth_setup b/scripts/auth_setup
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/auth_setup
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/auth_setup.sh b/scripts/auth_setup.sh
deleted file mode 100755
index a8a47d3cb..000000000
--- a/scripts/auth_setup.sh
+++ /dev/null
@@ -1,207 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-set -e
-
-if docker version >/dev/null 2>&1; then
-  DOCKER_BIN=docker
-elif grep -q Microsoft /proc/version && docker.exe version >/dev/null 2>&1; then
-  DOCKER_BIN=docker.exe
-fi
-
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-else
-  CONFIG_FILE="docker-compose.yml"
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-
-USERNAME=""
-PASSWORD=""
-PASSWORD_CONFIRM=""
-
-read -p "Administrator username: " USERNAME
-while true; do
-    read -s -p "${USERNAME} password: " PASSWORD
-    echo
-    read -s -p "${USERNAME} password (again): " PASSWORD_CONFIRM
-    echo
-    [ "$PASSWORD" = "$PASSWORD_CONFIRM" ] && break
-    echo "Passwords do not match"
-done
-PASSWORD_ENCRYPTED="$(echo $PASSWORD | openssl passwd -1 -stdin)"
-
-# get previous admin username to remove from htpasswd file if it's changed
-unset USERNAME_PREVIOUS
-[[ -r auth.env ]] && source auth.env && USERNAME_PREVIOUS="$MALCOLM_USERNAME"
-
-cat <<EOF > auth.env
-# Malcolm Administrator username and encrypted password for nginx reverse proxy (and upload server's SFTP access)
-MALCOLM_USERNAME=$USERNAME
-MALCOLM_PASSWORD=$PASSWORD_ENCRYPTED
-EOF
-chmod 600 ./auth.env
-
-pushd ./nginx/ >/dev/null 2>&1
-# create or update the htpasswd file
-[[ ! -f ./htpasswd ]] && HTPASSWD_CREATE_FLAG="-c" || HTPASSWD_CREATE_FLAG=""
-htpasswd -b $HTPASSWD_CREATE_FLAG -B ./htpasswd "$USERNAME" "$PASSWORD" >/dev/null 2>&1
-
-# if the admininstrator username has changed, remove the previous administrator username from htpasswd
-[[ -n "$USERNAME_PREVIOUS" ]] && [ "$USERNAME" != "$USERNAME_PREVIOUS" ] && sed -i "/^$USERNAME_PREVIOUS:/d" ./htpasswd
-
-source ../.ldap_config_defaults 2>/dev/null || true
-LDAP_DEFAULT_PROTO=${LDAP_PROTO:-"ldap://"}
-LDAP_DEFAULT_HOST=${LDAP_HOST:-"ds.example.com"}
-LDAP_DEFAULT_PORT=${LDAP_PORT:-"3268"}
-LDAP_DEFAULT_SERVER_TYPE=${LDAP_SERVER_TYPE:-"winldap"}
-if [[ "$LDAP_DEFAULT_SERVER_TYPE" = 'openldap' ]]; then
-  LDAP_DEFAULT_URI='DC=example,DC=com?uid?sub?(objectClass=posixAccount)'
-  LDAP_DEFAULT_GROUP_ATTR=memberuid
-else
-  LDAP_DEFAULT_URI='DC=example,DC=com?sAMAccountName?sub?(objectClass=person)'
-  LDAP_DEFAULT_GROUP_ATTR=member
-fi
-
-[[ ! -f nginx_ldap.conf ]] && cat <<EOF > nginx_ldap.conf
-# This is a sample configuration for the ldap_server section of nginx.conf.
-# Yours will vary depending on how your Active Directory/LDAP server is configured.
-# See https://github.com/kvspb/nginx-auth-ldap#available-config-parameters for options.
-
-ldap_server ad_server {
-  url "${LDAP_DEFAULT_PROTO}${LDAP_DEFAULT_HOST}:${LDAP_DEFAULT_PORT}/${LDAP_DEFAULT_URI}";
-
-  binddn "bind_dn";
-  binddn_passwd "bind_dn_password";
-
-  group_attribute ${LDAP_DEFAULT_GROUP_ATTR};
-  group_attribute_is_dn on;
-  require group "CN=malcolm,OU=groups,DC=example,DC=com";
-  require valid_user;
-  satisfy all;
-}
-
-auth_ldap_cache_enabled on;
-auth_ldap_cache_expiration_time 10000;
-auth_ldap_cache_size 1000;
-EOF
-
-popd >/dev/null 2>&1
-
-pushd ./htadmin/ >/dev/null 2>&1
-cat <<EOF > config.ini
-; HTAdmin config file.
-
-[application]
-; Change this to customize your title:
-app_title = Malcolm User Management
-
-; htpasswd file
-secure_path  = ./config/htpasswd
-; metadata file
-metadata_path  = ./config/metadata
-
-; administrator user/password (htpasswd -b -c -B ...)
-admin_user = $USERNAME
-
-; username field quality checks
-;
-min_username_len = 4
-max_username_len = 12
-
-; Password field quality checks
-;
-min_password_len = 6
-max_password_len = 20
-
-EOF
-touch metadata
-popd >/dev/null 2>&1
-
-if [[ ! -f ./elastalert/config/smtp-auth.yaml ]]; then
-  # create a sample smtp-auth.yaml for if/when we want to do elastalert email
-  pushd ./elastalert/config/ >/dev/null 2>&1
-  cat <<EOF > smtp-auth.yaml
-user: "user@gmail.com"
-password: "abcdefg1234567"
-EOF
-  chmod 600 ./smtp-auth.yaml
-  popd >/dev/null 2>&1
-fi
-
-unset CONFIRMATION
-echo ""
-read -p "(Re)generate self-signed certificates for HTTPS access [Y/n]? " CONFIRMATION
-CONFIRMATION=${CONFIRMATION:-Y}
-if [[ $CONFIRMATION =~ ^[Yy]$ ]]; then
-  pushd ./nginx/certs >/dev/null 2>&1
-  rm -f *.pem
-  /bin/bash ./gen_self_signed_certs.sh >/dev/null 2>&1
-  popd >/dev/null 2>&1
-fi
-
-unset CONFIRMATION
-echo ""
-read -p "(Re)generate self-signed certificates for a remote log forwarder [Y/n]? " CONFIRMATION
-CONFIRMATION=${CONFIRMATION:-Y}
-if [[ $CONFIRMATION =~ ^[Yy]$ ]]; then
-  pushd ./logstash/certs/ >/dev/null 2>&1
-  make clean >/dev/null 2>&1
-  make >/dev/null 2>&1
-  mkdir -p ../../filebeat/certs
-  rm -f ../../filebeat/certs/*
-  cp ca.crt ../../filebeat/certs
-  mv client.key client.crt ../../filebeat/certs
-  rm -f *.srl *.csr *.pem
-  popd >/dev/null 2>&1
-fi
-
-unset CONFIRMATION
-echo ""
-read -p "Store username/password for forwarding Logstash events to a secondary, external Elasticsearch instance [y/N]? " CONFIRMATION
-CONFIRMATION=${CONFIRMATION:-N}
-if [[ $CONFIRMATION =~ ^[Yy]$ ]]; then
-
-  EXT_USERNAME=""
-  EXT_PASSWORD=""
-  EXT_PASSWORD_CONFIRM=""
-  read -p "External Elasticsearch username: " EXT_USERNAME
-  while true; do
-      read -s -p "${EXT_USERNAME} password: " EXT_PASSWORD
-      echo
-      read -s -p "${EXT_USERNAME} password (again): " EXT_PASSWORD_CONFIRM
-      echo
-      [ "$EXT_PASSWORD" = "$EXT_PASSWORD_CONFIRM" ] && break
-      echo "Passwords do not match"
-  done
-  echo
-
-  pushd ./logstash/certs/ >/dev/null 2>&1
-  rm -f ./logstash.keystore
-  $DOCKER_BIN run --rm --entrypoint /bin/bash \
-    -v "$(pwd)":/usr/share/logstash/config:rw \
-    -w /usr/share/logstash/config \
-    -u logstash \
-    -e EXT_USERNAME="$EXT_USERNAME" \
-    -e EXT_PASSWORD="$EXT_PASSWORD" \
-    "$(grep "image: malcolmnetsec/logstash" ../../"$CONFIG_FILE" | awk '{print $2}')" \
-    /usr/local/bin/set_es_external_keystore.sh
-  popd >/dev/null 2>&1
-fi
-
-popd >/dev/null 2>&1
diff --git a/scripts/build.sh b/scripts/build.sh
index 093878601..044bc5472 100755
--- a/scripts/build.sh
+++ b/scripts/build.sh
@@ -1,16 +1,24 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 if [ -z "$BASH_VERSION" ]; then
   echo "Wrong interpreter, please run \"$0\" with bash"
   exit 1
 fi
 
+[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
+[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
+[[ "$(uname -s)" = 'Darwin' ]] && GREP=ggrep || GREP=grep
+if ! (type "$REALPATH" && type "$DIRNAME" && type "$GREP") > /dev/null; then
+  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME and $GREP"
+  exit 1
+fi
+
 if docker-compose version >/dev/null 2>&1; then
   DOCKER_COMPOSE_BIN=docker-compose
   DOCKER_BIN=docker
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
+elif $GREP -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
   DOCKER_COMPOSE_BIN=docker-compose.exe
   DOCKER_BIN=docker.exe
 fi
@@ -26,17 +34,11 @@ fi
 
 function filesize_in_image() {
   FILESPEC="$2"
-  IMAGE="$(grep -P "^\s+image:.*$1" docker-compose-standalone.yml | awk '{print $2}')"
+  IMAGE="$($GREP -P "^\s+image:.*$1" docker-compose-standalone.yml | awk '{print $2}')"
   $DOCKER_BIN run --rm --entrypoint /bin/sh "$IMAGE" -c "stat --printf='%s' \"$FILESPEC\""
 }
 
 # force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
 SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
 pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
 
@@ -59,7 +61,7 @@ read -p "Malcolm Docker images will now be built and/or pulled, force full clean
 CONFIRMATION=${CONFIRMATION:-N}
 
 BUILD_DATE="$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
-MALCOLM_VERSION="$(grep -P "^\s+image:\s*malcolm" "$CONFIG_FILE" | awk '{print $2}' | cut -d':' -f2 | uniq -c | sort -nr | awk '{print $2}' | head -n 1)"
+MALCOLM_VERSION="$($GREP -P "^\s+image:\s*malcolm" "$CONFIG_FILE" | awk '{print $2}' | cut -d':' -f2 | uniq -c | sort -nr | awk '{print $2}' | head -n 1)"
 VCS_REVISION="$(git rev-parse --short HEAD 2>/dev/null || echo unknown)"
 
 # MaxMind now requires a (free) license key to download the free versions of their GeoIP databases.
@@ -68,7 +70,7 @@ if [ ${#MAXMIND_GEOIP_DB_LICENSE_KEY} -gt 1 ]; then
   MAXMIND_API_KEY="$MAXMIND_GEOIP_DB_LICENSE_KEY"
 else
   # but default to what they have saved in the docker-compose YML file
-  MAXMIND_API_KEY="$(grep -P "^\s*MAXMIND_GEOIP_DB_LICENSE_KEY\s*:\s" "$CONFIG_FILE" | cut -d: -f2 | tr -d '[:space:]'\'\" | head -n 1)"
+  MAXMIND_API_KEY="$($GREP -P "^\s*MAXMIND_GEOIP_DB_LICENSE_KEY\s*:\s" "$CONFIG_FILE" | cut -d: -f2 | tr -d '[:space:]'\'\" | head -n 1)"
 fi
 
 if [[ $CONFIRMATION =~ ^[Yy] ]]; then
diff --git a/scripts/control.py b/scripts/control.py
new file mode 100755
index 000000000..d52eb7ce1
--- /dev/null
+++ b/scripts/control.py
@@ -0,0 +1,589 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+from __future__ import print_function
+
+import argparse
+import errno
+import glob
+import os
+import platform
+import re
+import shutil
+import stat
+import sys
+
+from malcolm_common import *
+from collections import defaultdict, namedtuple
+from subprocess import (PIPE, STDOUT, Popen, check_call, CalledProcessError)
+
+###################################################################################################
+ScriptName = os.path.basename(__file__)
+
+PY3 = (sys.version_info.major >= 3)
+pyPlatform = platform.system()
+
+args = None
+dockerBin = None
+dockerComposeBin = None
+opensslBin = None
+
+###################################################################################################
+try:
+  FileNotFoundError
+except NameError:
+  FileNotFoundError = IOError
+
+try:
+  from colorama import init as ColoramaInit, Fore, Back, Style
+  ColoramaInit()
+  coloramaImported = True
+except:
+  coloramaImported = False
+
+###################################################################################################
+def logs():
+  global args
+  global dockerBin
+  global dockerComposeBin
+
+  # noisy logs (a lot of it is NGINX logs from health checks)
+  ignoreRegEx = re.compile(r"""
+    .+(
+        deprecated
+      | elastalert-server:\s+Routes:
+      | eshealth
+      | update_mapping
+      | throttling\s+index
+      | but\s+there\s+are\s+no\s+living\s+connections
+      | saved_objects
+      | \b(d|es)?stats\.json
+      | /_ns_/nstest\.html
+      | esindices/list
+      | _cat/indices
+      | use_field_mapping
+      | reaped\s+unknown\s+pid
+      | Successfully\s+handled\s+GET\s+request\s+for\s+'/'
+      | GET\s+/(_cat/health|api/status|sessions2-).+HTTP/[\d\.].+\b200\b
+      | POST\s+/(d?stats/d?stat|_bulk|fields/field/_search).+HTTP/[\d\.].+\b20[01]\b
+      | POST\s+HTTP/[\d\.].+\b200\b
+      | POST\s+/server/php/\s+HTTP/\d+\.\d+"\s+\d+\s+\d+.*:8443/
+      | curl.+localhost.+GET\s+/api/status\s+200
+      | \b1.+GET\s+/\s+.+401.+curl
+    )
+  """, re.VERBOSE | re.IGNORECASE)
+
+  err, out = run_process([dockerComposeBin, '-f', args.composeFile, 'ps'], debug=args.debug)
+  print("\n".join(out))
+
+  process = Popen([dockerComposeBin, '-f', args.composeFile, 'logs', '-f'], stdout=PIPE)
+  while True:
+    output = process.stdout.readline()
+    if (len(output) == 0) and (process.poll() is not None):
+      break
+    if output:
+      outputStr = output.decode().strip()
+      outputStrEscaped = EscapeAnsi(outputStr)
+      if not ignoreRegEx.match(outputStrEscaped):
+        print(outputStr if coloramaImported else outputStrEscaped)
+      else:
+        pass
+        # print('!!!!!!!: {}'.format(outputStr))
+    else:
+      time.sleep(0.5)
+  process.poll()
+
+###################################################################################################
+def stop(wipe=False):
+  global args
+  global dockerBin
+  global dockerComposeBin
+
+  if wipe:
+    # attempt to DELETE _template/zeek_template in Elasticsearch
+    err, out = run_process([dockerComposeBin, '-f', args.composeFile, 'exec', 'moloch', 'bash', '-c', 'curl -fs --output /dev/null -H"Content-Type: application/json" -XDELETE "http://$ES_HOST:$ES_PORT/_template/zeek_template"'], debug=args.debug)
+
+  # if stop.sh is being called with wipe.sh (after the docker-compose file)
+  # then also remove named and anonymous volumes (not external volumes, of course)
+  err, out = run_process([dockerComposeBin, '-f', args.composeFile, 'down', '--volumes'][:5 if wipe else -1], debug=args.debug)
+  if (err == 0):
+    eprint("Stopped Malcolm\n")
+  else:
+    eprint("Malcolm failed to stop\n")
+    eprint("\n".join(out))
+    exit(err)
+
+  if wipe:
+    # delete elasticsearch database
+    shutil.rmtree(os.path.join(MalcolmPath, 'elasticsearch/nodes'), ignore_errors=True)
+
+    # delete data files (backups, zeek logs, moloch logs, PCAP files, captured PCAP files)
+    for dataDir in ['elasticsearch-backup', 'zeek-logs', 'moloch-logs', 'pcap', 'moloch-raw']:
+      for root, dirnames, filenames in os.walk(os.path.join(MalcolmPath, dataDir), topdown=True, onerror=None):
+        for file in filenames:
+          fileSpec = os.path.join(root, file)
+          if (os.path.isfile(fileSpec) or os.path.islink(fileSpec)) and (not file.startswith('.git')):
+            try:
+              os.remove(fileSpec)
+            except:
+              pass
+
+    # clean up empty directories
+    for dataDir in [os.path.join('elasticsearch-backup', 'logs'), os.path.join('zeek-logs', 'processed'), os.path.join('zeek-logs', 'current')]:
+      RemoveEmptyFolders(dataDir, removeRoot=False)
+
+    eprint("Malcolm has been stopped and its data cleared\n")
+
+###################################################################################################
+def start():
+  global args
+  global dockerBin
+  global dockerComposeBin
+
+  # make sure the auth files exist. if we are in an interactive shell and we're
+  # missing any of the auth files, prompt to create them now
+  if sys.__stdin__.isatty() and (not MalcolmAuthFilesExist()):
+    check_call(['bash', os.path.join(ScriptPath, 'auth_setup')])
+
+  # still missing? sorry charlie
+  if (not MalcolmAuthFilesExist()):
+    raise Exception('Malcolm administrator account authentication files are missing, please run ./scripts/auth_setup to generate them')
+
+  # touch the metadata file
+  open(os.path.join(MalcolmPath, os.path.join('htadmin', 'metadata')), 'a').close()
+
+  smtpAuthFile = os.path.join(MalcolmPath, os.path.join('elastalert', os.path.join('config', 'smtp-auth.yaml')))
+  if (not os.path.isfile(smtpAuthFile)):
+    # create a sample smtp-auth.yaml for if/when we want to do elastalert email
+    with open(smtpAuthFile, 'w') as f:
+      f.write('user: "user@gmail.com"\n')
+      f.write('password: "abcdefg1234567"\n')
+    os.chmod(smtpAuthFile, stat.S_IRUSR | stat.S_IWUSR)
+
+  # make sure permissions are set correctly for the nginx worker processes
+  for authFile in [os.path.join(MalcolmPath, os.path.join('nginx', 'htpasswd')),
+                   os.path.join(MalcolmPath, os.path.join('nginx', 'nginx_ldap.conf')),
+                   os.path.join(MalcolmPath, os.path.join('htadmin', 'config.ini')),
+                   os.path.join(MalcolmPath, os.path.join('htadmin', 'metadata'))]:
+    # chmod 644 authFile
+    os.chmod(authFile, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH)
+
+  # make sure some directories exist before we start
+  for path in [os.path.join(MalcolmPath, 'elasticsearch'),
+               os.path.join(MalcolmPath, 'elasticsearch-backup'),
+               os.path.join(MalcolmPath, os.path.join('pcap', 'upload')),
+               os.path.join(MalcolmPath, os.path.join('pcap', 'processed')),
+               os.path.join(MalcolmPath, os.path.join('zeek-logs', 'current')),
+               os.path.join(MalcolmPath, os.path.join('zeek-logs', 'upload')),
+               os.path.join(MalcolmPath, os.path.join('zeek-logs', 'processed')),
+               os.path.join(MalcolmPath, os.path.join('zeek-logs', 'extract_files'))]:
+    try:
+      os.makedirs(path)
+    except OSError as exc:
+      if (exc.errno == errno.EEXIST) and os.path.isdir(path):
+        pass
+      else:
+        raise
+
+  # start docker
+  err, out = run_process([dockerComposeBin, '-f', args.composeFile, 'up', '--detach'], debug=args.debug)
+  if (err == 0):
+    eprint("Started Malcolm\n\n")
+    eprint("In a few minutes, Malcolm services will be accessible via the following URLs:")
+    eprint("------------------------------------------------------------------------------")
+    eprint("  - Moloch: https://localhost/")
+    eprint("  - Kibana: https://localhost/kibana/")
+    eprint("  - PCAP upload (web): https://localhost/upload/")
+    eprint("  - PCAP upload (sftp): sftp://username@127.0.0.1:8022/files/")
+    eprint("  - Host and subnet name mapping editor: https://localhost/name-map-ui/\n")
+    eprint("  - Account management: https://localhost:488/\n")
+  else:
+    eprint("Malcolm failed to start\n")
+    eprint("\n".join(out))
+    exit(err)
+
+###################################################################################################
+def authSetup(wipe=False):
+  global args
+  global dockerBin
+  global dockerComposeBin
+  global opensslBin
+
+  # prompt usernamd and password
+  usernamePrevious = None
+  password = None
+  passwordConfirm = None
+  passwordEncrypted = ''
+  username = AskForString("Administrator username")
+
+  while True:
+    password = AskForPassword("{} password: ".format(username))
+    passwordConfirm = AskForPassword("{} password (again): ".format(username))
+    if (password == passwordConfirm):
+      break
+    eprint("Passwords do not match")
+
+  # get previous admin username to remove from htpasswd file if it's changed
+  authEnvFile = os.path.join(MalcolmPath, 'auth.env')
+  if os.path.isfile(authEnvFile):
+    prevAuthInfo = defaultdict(str)
+    with open(authEnvFile, 'r') as f:
+      for line in f:
+        try:
+          k, v = line.rstrip().split("=")
+          prevAuthInfo[k] = v.strip('"')
+        except:
+          pass
+    if (len(prevAuthInfo['MALCOLM_USERNAME']) > 0):
+      usernamePrevious = prevAuthInfo['MALCOLM_USERNAME']
+
+  # get openssl hash of password
+  err, out = run_process([opensslBin, 'passwd', '-1', '-stdin'], stdin=password, stderr=False, debug=args.debug)
+  if (err == 0) and (len(out) > 0) and (len(out[0]) > 0):
+    passwordEncrypted = out[0]
+  else:
+    raise Exception('Unable to generate password hash with openssl')
+
+  # write auth.env (used by htadmin and file-upload containers)
+  with open(authEnvFile, 'w') as f:
+    f.write("# Malcolm Administrator username and encrypted password for nginx reverse proxy (and upload server's SFTP access)\n")
+    f.write('MALCOLM_USERNAME={}\n'.format(username))
+    f.write('MALCOLM_PASSWORD={}\n'.format(passwordEncrypted))
+  os.chmod(authEnvFile, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH)
+
+  # create or update the htpasswd file
+  htpasswdFile = os.path.join(MalcolmPath, os.path.join('nginx', 'htpasswd'))
+  htpasswdCmd = ['htpasswd',
+                 '-i',
+                 '-B',
+                 htpasswdFile,
+                 username]
+  if not os.path.isfile(htpasswdFile):
+    htpasswdCmd.insert(1, '-c')
+  err, out = run_process(htpasswdCmd, stdin=password, stderr=True, debug=args.debug)
+  if (err != 0):
+    raise Exception('Unable to generate htpasswd file: {}'.format(out))
+
+  # if the admininstrator username has changed, remove the previous administrator username from htpasswd
+  if (usernamePrevious is not None) and (usernamePrevious != username):
+    htpasswdLines = list()
+    with open(htpasswdFile, 'r') as f:
+      htpasswdLines = f.readlines()
+    with open(htpasswdFile, 'w') as f:
+      for line in htpasswdLines:
+        if not line.startswith("{}:".format(usernamePrevious)):
+          f.write(line)
+
+  # configure default LDAP stuff (they'll have to edit it by hand later)
+  ldapConfFile = os.path.join(MalcolmPath, os.path.join('nginx', 'nginx_ldap.conf'))
+  if not os.path.isfile(ldapConfFile):
+    ldapDefaults = defaultdict(str)
+    if os.path.isfile(os.path.join(MalcolmPath, '.ldap_config_defaults')):
+      ldapDefaults = defaultdict(str)
+      with open(os.path.join(MalcolmPath, '.ldap_config_defaults'), 'r') as f:
+        for line in f:
+          try:
+            k, v = line.rstrip().split("=")
+            ldapDefaults[k] = v.strip('"')
+          except:
+            pass
+    ldapProto = ldapDefaults.get("LDAP_PROTO", "ldap://")
+    ldapHost = ldapDefaults.get("LDAP_HOST", "ds.example.com")
+    ldapPort = ldapDefaults.get("LDAP_PORT", "3268")
+    ldapType = ldapDefaults.get("LDAP_SERVER_TYPE", "winldap")
+    if (ldapType == "openldap"):
+      ldapUri = 'DC=example,DC=com?uid?sub?(objectClass=posixAccount)'
+      ldapGroupAttr = "memberuid"
+    else:
+      ldapUri = 'DC=example,DC=com?sAMAccountName?sub?(objectClass=person)'
+      ldapGroupAttr = "member"
+    with open(ldapConfFile, 'w') as f:
+      f.write('# This is a sample configuration for the ldap_server section of nginx.conf.\n')
+      f.write('# Yours will vary depending on how your Active Directory/LDAP server is configured.\n')
+      f.write('# See https://github.com/kvspb/nginx-auth-ldap#available-config-parameters for options.\n\n')
+      f.write('ldap_server ad_server {\n')
+      f.write('  url "{}{}:{}/{}";\n\n'.format(ldapProto, ldapHost, ldapPort, ldapUri))
+      f.write('  binddn "bind_dn";\n')
+      f.write('  binddn_passwd "bind_dn_password";\n\n')
+      f.write('  group_attribute {};\n'.format(ldapGroupAttr))
+      f.write('  group_attribute_is_dn on;\n')
+      f.write('  require group "CN=malcolm,OU=groups,DC=example,DC=com";\n')
+      f.write('  require valid_user;\n')
+      f.write('  satisfy all;\n')
+      f.write('}\n\n')
+      f.write('auth_ldap_cache_enabled on;\n')
+      f.write('auth_ldap_cache_expiration_time 10000;\n')
+      f.write('auth_ldap_cache_size 1000;\n')
+    os.chmod(ldapConfFile, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH)
+
+  # populate htadmin config file
+  with open(os.path.join(MalcolmPath, os.path.join('htadmin', 'config.ini')), 'w') as f:
+    f.write('; HTAdmin config file.\n\n')
+    f.write('[application]\n')
+    f.write('; Change this to customize your title:\n')
+    f.write('app_title = Malcolm User Management\n\n')
+    f.write('; htpasswd file\n')
+    f.write('secure_path  = ./config/htpasswd\n')
+    f.write('; metadata file\n')
+    f.write('metadata_path  = ./config/metadata\n\n')
+    f.write('; administrator user/password (htpasswd -b -c -B ...)\n')
+    f.write('admin_user = {}\n\n'.format(username))
+    f.write('; username field quality checks\n')
+    f.write(';\n')
+    f.write('min_username_len = 4\n')
+    f.write('max_username_len = 12\n\n')
+    f.write('; Password field quality checks\n')
+    f.write(';\n')
+    f.write('min_password_len = 6\n')
+    f.write('max_password_len = 20\n\n')
+
+  # touch the metadata file
+  open(os.path.join(MalcolmPath, os.path.join('htadmin', 'metadata')), 'a').close()
+
+  # create a sample smtp-auth.yaml for if/when we want to do elastalert email
+  smtpAuthFile = os.path.join(MalcolmPath, os.path.join('elastalert', os.path.join('config', 'smtp-auth.yaml')))
+  if not os.path.isfile(smtpAuthFile):
+    with open(smtpAuthFile, 'w') as f:
+      f.write('user: "user@gmail.com"\n')
+      f.write('password: "abcdefg1234567"\n')
+    os.chmod(smtpAuthFile, stat.S_IRUSR | stat.S_IWUSR)
+
+  # generate HTTPS self-signed certificates
+  if YesOrNo('(Re)generate self-signed certificates for HTTPS access', default=True):
+    os.chdir(os.path.join(MalcolmPath, os.path.join('nginx', 'certs')))
+    try:
+
+      # remove previous files
+      for oldfile in glob.glob("*.pem"):
+        os.remove(oldfile)
+
+      # generate dhparam -------------------------------
+      err, out = run_process([opensslBin, 'dhparam', '-out', 'dhparam.pem', '2048'], stderr=True, debug=args.debug)
+      if (err != 0):
+        raise Exception('Unable to generate dhparam.pem file: {}'.format(out))
+
+      # generate key/cert -------------------------------
+      err, out = run_process([opensslBin, 'req', '-subj', '/CN=localhost', '-x509', '-newkey', 'rsa:4096', '-nodes', '-keyout', 'key.pem', '-out', 'cert.pem', '-days', '3650'], stderr=True, debug=args.debug)
+      if (err != 0):
+        raise Exception('Unable to generate key.pem/cert.pem file(s): {}'.format(out))
+
+    finally:
+      os.chdir(MalcolmPath)
+
+  # generate beats/logstash self-signed certificates
+  logstashPath = os.path.join(MalcolmPath, os.path.join('logstash', 'certs'))
+  filebeatPath = os.path.join(MalcolmPath, os.path.join('filebeat', 'certs'))
+  if YesOrNo('(Re)generate self-signed certificates for a remote log forwarder', default=True):
+    os.chdir(logstashPath)
+    try:
+
+      # make clean to clean previous files
+      for pat in ['*.srl', '*.csr', '*.key', '*.crt', '*.pem']:
+        for oldfile in glob.glob(pat):
+          os.remove(oldfile)
+
+      # -----------------------------------------------
+      # generate new ca/server/client certificates/keys
+      # ca -------------------------------
+      err, out = run_process([opensslBin, 'genrsa', '-out', 'ca.key', '2048'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate ca.key: {}'.format(out))
+
+      err, out = run_process([opensslBin, 'req', '-x509', '-new', '-nodes', '-key', 'ca.key', '-sha256', '-days', '9999', '-subj', '/C=US/ST=ID/O=sensor/OU=ca', '-out', 'ca.crt'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate ca.crt: {}'.format(out))
+
+      # server -------------------------------
+      err, out = run_process([opensslBin, 'genrsa', '-out', 'server.key', '2048'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate server.key: {}'.format(out))
+
+      err, out = run_process([opensslBin, 'req', '-sha512', '-new', '-key', 'server.key', '-out', 'server.csr', '-config', 'server.conf'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate server.csr: {}'.format(out))
+
+      err, out = run_process([opensslBin, 'x509', '-days', '3650', '-req', '-sha512', '-in', 'server.csr', '-CAcreateserial', '-CA', 'ca.crt', '-CAkey', 'ca.key', '-out', 'server.crt', '-extensions', 'v3_req', '-extfile', 'server.conf'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate server.crt: {}'.format(out))
+
+      shutil.move("server.key", "server.key.pem")
+      err, out = run_process([opensslBin, 'pkcs8', '-in', 'server.key.pem', '-topk8', '-nocrypt', '-out', 'server.key'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate server.key: {}'.format(out))
+
+      # client -------------------------------
+      err, out = run_process([opensslBin, 'genrsa', '-out', 'client.key', '2048'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate client.key: {}'.format(out))
+
+      err, out = run_process([opensslBin, 'req', '-sha512', '-new', '-key', 'client.key', '-out', 'client.csr', '-config', 'client.conf'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate client.csr: {}'.format(out))
+
+      err, out = run_process([opensslBin, 'x509', '-days', '3650', '-req', '-sha512', '-in', 'client.csr', '-CAcreateserial', '-CA', 'ca.crt', '-CAkey', 'ca.key', '-out', 'client.crt', '-extensions', 'v3_req', '-extensions', 'usr_cert', '-extfile', 'client.conf'], stderr=True, debug=args.debug)
+      if (err != 0): raise Exception('Unable to generate client.crt: {}'.format(out))
+      # -----------------------------------------------
+
+      # mkdir filebeat/certs if it doesn't exist
+      try:
+        os.makedirs(filebeatPath)
+      except OSError as exc:
+        if (exc.errno == errno.EEXIST) and os.path.isdir(filebeatPath):
+          pass
+        else:
+          raise
+
+      # remove previous files in filebeat/certs
+      for oldfile in glob.glob(os.path.join(filebeatPath, "*")):
+        os.remove(oldfile)
+
+      # copy the ca so logstasn and filebeat both have it
+      shutil.copy2(os.path.join(logstashPath, "ca.crt"), filebeatPath)
+
+      # move the client certs for filebeat
+      for f in ['client.key', 'client.crt']:
+        shutil.move(os.path.join(logstashPath, f), filebeatPath)
+
+      # remove leftovers
+      for pat in ['*.srl', '*.csr', '*.pem']:
+        for oldfile in glob.glob(pat):
+          os.remove(oldfile)
+
+    finally:
+      os.chdir(MalcolmPath)
+
+  # create and populate keystore for remote
+  if YesOrNo('Store username/password for forwarding Logstash events to a secondary, external Elasticsearch instance', default=False):
+
+    # prompt usernamd and password
+    esPassword = None
+    esPasswordConfirm = None
+    esUsername = AskForString("External Elasticsearch username")
+
+    while True:
+      esPassword = AskForPassword("{} password: ".format(esUsername))
+      esPasswordConfirm = AskForPassword("{} password (again): ".format(esUsername))
+      if (esPassword == esPasswordConfirm):
+        break
+      eprint("Passwords do not match")
+
+    # use the logstash image to run set_es_external_keystore to generate the keystore
+
+    logstashImage = None
+    composeFileLines = list()
+    with open(args.composeFile, 'r') as f:
+      composeFileLines = [x for x in f.readlines() if 'image: malcolmnetsec/logstash' in x]
+    if (len(composeFileLines) > 0) and (len(composeFileLines[0]) > 0):
+      imageLineValues = composeFileLines[0].split()
+      if (len(imageLineValues) > 1):
+        logstashImage = imageLineValues[1]
+
+    if logstashImage is not None:
+      os.chdir(logstashPath)
+      try:
+        if os.path.isfile('logstash.keystore'):
+          os.remove('logstash.keystore')
+
+        dockerCmd = [dockerBin,
+                     'run',
+                     '--rm',
+                     '--entrypoint',
+                     '/bin/bash',
+                     '-v', '{}:/usr/share/logstash/config:rw'.format(logstashPath),
+                     '-w', '/usr/share/logstash/config',
+                     '-u', 'logstash',
+                     '-e', 'EXT_USERNAME={}'.format(esUsername),
+                     '-e', 'EXT_PASSWORD={}'.format(esPassword),
+                     logstashImage,
+                     '/usr/local/bin/set_es_external_keystore.sh']
+
+        err, out = run_process(dockerCmd, stderr=True, debug=args.debug)
+        if (err != 0) or not os.path.isfile('logstash.keystore'):
+          raise Exception('Unable to generate logstash keystore: {}'.format(out))
+
+      finally:
+        os.chdir(MalcolmPath)
+    else:
+      raise Exception('Failed to determine logstash image from {}'.format(args.composeFile))
+
+
+###################################################################################################
+# main
+def main():
+  global args
+  global dockerBin
+  global dockerComposeBin
+  global opensslBin
+
+  # extract arguments from the command line
+  # print (sys.argv[1:]);
+  parser = argparse.ArgumentParser(description='Malcolm control script', add_help=False, usage='{} <arguments>'.format(ScriptName))
+  parser.add_argument('-v', '--verbose', dest='debug', type=str2bool, nargs='?', const=True, default=False, help="Verbose output")
+  parser.add_argument('-f', '--file', required=False, dest='composeFile', metavar='<STR>', type=str, default='docker-compose.yml', help='docker-compose YML file')
+  parser.add_argument('-l', '--logs', dest='cmdLogs', type=str2bool, nargs='?', const=True, default=False, help="Tail Malcolm logs")
+  parser.add_argument('--start', dest='cmdStart', type=str2bool, nargs='?', const=True, default=False, help="Start Malcolm")
+  parser.add_argument('--restart', dest='cmdRestart', type=str2bool, nargs='?', const=True, default=False, help="Stop and restart Malcolm")
+  parser.add_argument('--stop', dest='cmdStop', type=str2bool, nargs='?', const=True, default=False, help="Stop Malcolm")
+  parser.add_argument('--wipe', dest='cmdWipe', type=str2bool, nargs='?', const=True, default=False, help="Stop Malcolm and delete all data")
+  parser.add_argument('--auth', dest='cmdAuthSetup', type=str2bool, nargs='?', const=True, default=False, help="Configure Malcolm authentication")
+
+  try:
+    parser.error = parser.exit
+    args = parser.parse_args()
+  except SystemExit:
+    parser.print_help()
+    exit(2)
+
+  if args.debug:
+    eprint(os.path.join(ScriptPath, ScriptName))
+    eprint("Arguments: {}".format(sys.argv[1:]))
+    eprint("Arguments: {}".format(args))
+    eprint("Malcolm path:", MalcolmPath)
+  else:
+    sys.tracebacklimit = 0
+
+  os.chdir(MalcolmPath)
+
+  # make sure docker/docker-compose is available
+  dockerBin = 'docker.exe' if ((pyPlatform == PLATFORM_WINDOWS) and Which('docker.exe')) else 'docker'
+  dockerComposeBin = 'docker-compose.exe' if ((pyPlatform == PLATFORM_WINDOWS) and Which('docker-compose.exe')) else 'docker-compose'
+  err, out = run_process([dockerBin, 'info'], debug=args.debug)
+  if (err != 0):
+    raise Exception('{} requires docker, please run install.py'.format(ScriptName))
+  err, out = run_process([dockerComposeBin, '-f', args.composeFile, 'version'], debug=args.debug)
+  if (err != 0):
+    raise Exception('{} requires docker-compose, please run install.py'.format(ScriptName))
+
+  # identify openssl binary
+  opensslBin = 'openssl.exe' if ((pyPlatform == PLATFORM_WINDOWS) and Which('openssl.exe')) else 'openssl'
+
+  # if executed via a symlink, figure out what was intended via the symlink name
+  if os.path.islink(os.path.join(ScriptPath, ScriptName)):
+    if (ScriptName == "logs"):
+      args.cmdLogs = True
+    elif (ScriptName == "start"):
+      args.cmdStart = True
+    elif (ScriptName == "restart"):
+      args.cmdRestart = True
+    elif (ScriptName == "stop"):
+      args.cmdStop = True
+    elif (ScriptName == "wipe"):
+      args.cmdWipe = True
+    elif (ScriptName.startswith("auth")):
+      args.cmdAuthSetup = True
+
+  # stop Malcolm (and wipe data if requestsed)
+  if args.cmdRestart or args.cmdStop or args.cmdWipe:
+    stop(wipe=args.cmdWipe)
+
+  # configure Malcolm authentication
+  if args.cmdAuthSetup:
+    authSetup()
+
+  # start Malcolm
+  if args.cmdStart or args.cmdRestart:
+    start()
+
+  # tail Malcolm logs
+  if args.cmdStart or args.cmdRestart or args.cmdLogs:
+    logs()
+
+if __name__ == '__main__':
+  main()
+  if coloramaImported:
+    print(Style.RESET_ALL)
+
diff --git a/scripts/install.py b/scripts/install.py
index c74deb4c1..7da37381a 100755
--- a/scripts/install.py
+++ b/scripts/install.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 from __future__ import print_function
 
@@ -22,62 +22,31 @@
 import tempfile
 import time
 
-from pwd import getpwuid
-from subprocess import (PIPE, STDOUT, Popen, CalledProcessError)
+try:
+  from pwd import getpwuid
+except ImportError:
+  getpwuid = None
 from collections import defaultdict, namedtuple
 
-###################################################################################################
-DOCKER_COMPOSE_INSTALL_VERSION="1.24.0"
+from malcolm_common import *
 
-PLATFORM_WINDOWS = "Windows"
-PLATFORM_MAC = "Darwin"
-PLATFORM_LINUX = "Linux"
-PLATFORM_LINUX_CENTOS = 'centos'
-PLATFORM_LINUX_DEBIAN = 'debian'
-PLATFORM_LINUX_FEDORA = 'fedora'
-PLATFORM_LINUX_UBUNTU = 'ubuntu'
+###################################################################################################
+DOCKER_COMPOSE_INSTALL_VERSION="1.25.1"
 
 DEB_GPG_KEY_FINGERPRINT = '0EBFCD88' # used to verify GPG key for Docker Debian repository
 
 MAC_BREW_DOCKER_PACKAGE = 'docker-edge'
 MAC_BREW_DOCKER_SETTINGS = '/Users/{}/Library/Group Containers/group.com.docker/settings.json'
 
-# URLS for figuring things out if something goes wrong
-DOCKER_INSTALL_URLS = defaultdict(lambda: 'https://docs.docker.com/install/')
-DOCKER_INSTALL_URLS[PLATFORM_WINDOWS] = ['https://stefanscherer.github.io/how-to-install-docker-the-chocolatey-way/',
-                                           'https://docs.docker.com/docker-for-windows/install/']
-DOCKER_INSTALL_URLS[PLATFORM_LINUX_UBUNTU] = 'https://docs.docker.com/install/linux/docker-ce/ubuntu/'
-DOCKER_INSTALL_URLS[PLATFORM_LINUX_DEBIAN] = 'https://docs.docker.com/install/linux/docker-ce/debian/'
-DOCKER_INSTALL_URLS[PLATFORM_LINUX_CENTOS] = 'https://docs.docker.com/install/linux/docker-ce/centos/'
-DOCKER_INSTALL_URLS[PLATFORM_LINUX_FEDORA] = 'https://docs.docker.com/install/linux/docker-ce/fedora/'
-DOCKER_INSTALL_URLS[PLATFORM_MAC] =  ['https://www.code2bits.com/how-to-install-docker-on-macos-using-homebrew/',
-                                        'https://docs.docker.com/docker-for-mac/install/']
-DOCKER_COMPOSE_INSTALL_URLS = defaultdict(lambda: 'https://docs.docker.com/compose/install/')
-HOMEBREW_INSTALL_URLS = defaultdict(lambda: 'https://brew.sh/')
-
 ###################################################################################################
-args = None
-PY3 = (sys.version_info.major >= 3)
-scriptName = os.path.basename(__file__)
-scriptPath = os.path.dirname(os.path.realpath(__file__))
+ScriptName = os.path.basename(__file__)
 origPath = os.getcwd()
 
 ###################################################################################################
-# print to stderr
-def eprint(*args, **kwargs):
-  print(*args, file=sys.stderr, **kwargs)
+args = None
+PY3 = (sys.version_info.major >= 3)
 
 ###################################################################################################
-if not PY3:
-  if hasattr(__builtins__, 'raw_input'): input = raw_input
-
-# attempt to import requests, will cover failure later
-try:
-  import requests
-  requestsImported = True
-except ImportError:
-  requestsImported = False
-
 try:
   FileNotFoundError
 except NameError:
@@ -85,210 +54,15 @@ def eprint(*args, **kwargs):
 
 ###################################################################################################
 # get interactive user response to Y/N question
-def YesOrNo(question, default=None, forceInteraction=False):
+def InstallerYesOrNo(question, default=None, forceInteraction=False):
   global args
-
-  if default == True:
-    questionStr = "\n{} (Y/n): ".format(question)
-  elif default == False:
-    questionStr = "\n{} (y/N): ".format(question)
-  else:
-    questionStr = "\n{} (y/n): ".format(question)
-
-  if args.acceptDefaults and (default is not None) and (not forceInteraction):
-    reply = ''
-  else:
-    while True:
-      reply = str(input(questionStr)).lower().strip()
-      if (len(reply) > 0) or (default is not None):
-        break
-
-  if (len(reply) == 0):
-    reply = 'y' if default else 'n'
-
-  if reply[0] == 'y':
-    return True
-  elif reply[0] == 'n':
-    return False
-  else:
-    return YesOrNo(question, default=default)
+  return YesOrNo(question, default=default, forceInteraction=forceInteraction, acceptDefault=args.acceptDefaults)
 
 ###################################################################################################
 # get interactive user response
-def AskForString(question, default=None, forceInteraction=False):
-  global args
-
-  if args.acceptDefaults and (default is not None) and (not forceInteraction):
-    reply = default
-  else:
-    reply = str(input('\n{}: '.format(question))).strip()
-
-  return reply
-
-###################################################################################################
-# convenient boolean argument parsing
-def str2bool(v):
-  if v.lower() in ('yes', 'true', 't', 'y', '1'):
-    return True
-  elif v.lower() in ('no', 'false', 'f', 'n', '0'):
-    return False
-  else:
-    raise argparse.ArgumentTypeError('Boolean value expected.')
-
-###################################################################################################
-# determine if a program/script exists and is executable in the system path
-def Which(cmd):
-  global args
-
-  result = any(os.access(os.path.join(path, cmd), os.X_OK) for path in os.environ["PATH"].split(os.pathsep))
-  if args.debug:
-    eprint("Which {} returned {}".format(cmd, result))
-  return result
-
-###################################################################################################
-# nice human-readable file sizes
-def SizeHumanFormat(num, suffix='B'):
-  for unit in ['','Ki','Mi','Gi','Ti','Pi','Ei','Zi']:
-    if abs(num) < 1024.0:
-      return "%3.1f%s%s" % (num, unit, suffix)
-    num /= 1024.0
-  return "%.1f%s%s" % (num, 'Yi', suffix)
-
-###################################################################################################
-# download to file
-def DownloadToFile(url, local_filename):
-  global args
-
-  r = requests.get(url, stream=True, allow_redirects=True)
-  with open(local_filename, 'wb') as f:
-    for chunk in r.iter_content(chunk_size=1024):
-      if chunk: f.write(chunk)
-  fExists = os.path.isfile(local_filename)
-  fSize = os.path.getsize(local_filename)
-  if args.debug:
-    eprint("Download of {} to {} {} ({})".format(url, local_filename, "succeeded" if fExists else "failed", SizeHumanFormat(fSize)))
-  return fExists and (fSize > 0)
-
-###################################################################################################
-# run command with arguments and return its exit code, stdout, and stderr
-def check_output_input(*popenargs, **kwargs):
-
-  if 'stdout' in kwargs:
-    raise ValueError('stdout argument not allowed, it will be overridden')
-
-  if 'stderr' in kwargs:
-    raise ValueError('stderr argument not allowed, it will be overridden')
-
-  if 'input' in kwargs and kwargs['input']:
-    if 'stdin' in kwargs:
-      raise ValueError('stdin and input arguments may not both be used')
-    inputdata = kwargs['input']
-    kwargs['stdin'] = PIPE
-  else:
-    inputdata = None
-  kwargs.pop('input', None)
-
-  process = Popen(*popenargs, stdout=PIPE, stderr=PIPE, **kwargs)
-  try:
-    output, errput = process.communicate(inputdata)
-  except:
-    process.kill()
-    process.wait()
-    raise
-
-  retcode = process.poll()
-
-  return retcode, output, errput
-
-#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-def run_process(command, stdout=True, stderr=True, stdin=None, retry=0, retrySleepSec=5, debug=False):
-  retcode = -1
-  output = []
-
-  try:
-    # run the command
-    retcode, cmdout, cmderr = check_output_input(command, input=stdin.encode() if (PY3 and stdin) else stdin)
-
-    # split the output on newlines to return a list
-    if PY3:
-      if stderr and (len(cmderr) > 0): output.extend(cmderr.decode(sys.getdefaultencoding()).split('\n'))
-      if stdout and (len(cmdout) > 0): output.extend(cmdout.decode(sys.getdefaultencoding()).split('\n'))
-    else:
-      if stderr and (len(cmderr) > 0): output.extend(cmderr.split('\n'))
-      if stdout and (len(cmdout) > 0): output.extend(cmdout.split('\n'))
-
-  except (FileNotFoundError, OSError, IOError) as e:
-    if stderr:
-      output.append("Command {} not found or unable to execute".format(command))
-
-  if debug:
-    eprint("{}{} returned {}: {}".format(command, "({})".format(stdin[:80] + bool(stdin[80:]) * '...' if stdin else ""), retcode, output))
-
-  if (retcode != 0) and retry and (retry > 0):
-    # sleep then retry
-    time.sleep(retrySleepSec)
-    return run_process(command, stdout, stderr, stdin, retry-1, retrySleepSec, debug)
-  else:
-    return retcode, output
-
-###################################################################################################
-# make sure we can import requests properly and take care of it automatically if possible
-def ImportRequests():
+def InstallerAskForString(question, default=None, forceInteraction=False):
   global args
-  global requestsImported
-
-  if not requestsImported:
-    # see if we can help out by installing the requests module
-
-    pyPlatform = platform.system()
-    pyExec = sys.executable
-    pipCmd = 'pip3' if PY3 else 'pip2'
-    if not Which(pipCmd): pipCmd = 'pip'
-
-    eprint('{} requires the requests module under Python {} ({})'.format(scriptName, platform.python_version(), pyExec))
-
-    if Which(pipCmd):
-      if YesOrNo('Importing the requests module failed. Attempt to install via {}?'.format(pipCmd), default=True):
-        installCmd = None
-
-        if (pyPlatform == PLATFORM_LINUX) or (pyPlatform == PLATFORM_MAC):
-          # for linux/mac, we're going to try to figure out if this python is owned by root or the script user
-          if (getpass.getuser() == getpwuid(os.stat(pyExec).st_uid).pw_name):
-            # we're running a user-owned python, regular pip should work
-            installCmd = [pipCmd, 'install', 'requests']
-          else:
-            # python is owned by system, so make sure to pass the --user flag
-            installCmd = [pipCmd, 'install', '--user', 'requests']
-        else:
-          # on windows (or whatever other platform this is) I don't know any other way other than pip
-          installCmd = [pipCmd, 'install', 'requests']
-
-        err, out = run_process(installCmd, debug=args.debug)
-        if err == 0:
-          eprint("Installation of requests module apparently succeeded")
-          try:
-            import requests
-            requestsImported = True
-          except ImportError as e:
-            eprint("Importing the requests module still failed: {}".format(e))
-        else:
-          eprint("Installation of requests module failed: {}".format(out))
-
-  if not requestsImported:
-    eprint("System-wide installation varies by platform and Python configuration. Please consult platform-specific documentation for installing Python modules.")
-    if (platform.system() == PLATFORM_MAC):
-      eprint('You *may* be able to install pip and requests manually via: sudo sh -c "easy_install pip && pip install requests"')
-    elif (pyPlatform == PLATFORM_LINUX):
-      if Which('apt-get'):
-        eprint('You *may* be able to install requests manually via: sudo apt-get install {}'.format('python3-requests' if PY3 else 'python-requests'))
-      elif Which('apt'):
-        eprint('You *may* be able to install requests manually via: sudo apt install {}'.format('python3-requests' if PY3 else 'python-requests'))
-      elif Which('dnf'):
-        eprint('You *may* be able to install requests manually via: sudo dnf install {}'.format('python3-requests' if PY3 else 'python2-requests'))
-      elif Which('yum'):
-        eprint('You *may* be able to install requests manually via: sudo yum install {}'.format('python-requests'))
-
-  return requestsImported
+  return AskForString(question, default=default, forceInteraction=forceInteraction, acceptDefault=args.acceptDefaults)
 
 ###################################################################################################
 class Installer(object):
@@ -305,7 +79,7 @@ def __init__(self, debug=False):
     self.requiredPackages = []
 
     self.pipCmd = 'pip3' if PY3 else 'pip2'
-    if not Which(self.pipCmd): self.pipCmd = 'pip'
+    if not Which(self.pipCmd, debug=self.debug): self.pipCmd = 'pip'
 
     self.tempDirName = tempfile.mkdtemp()
 
@@ -363,7 +137,7 @@ def install_required_packages(self):
   #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   def install_docker_images(self, docker_image_file):
     result = False
-    if docker_image_file and os.path.isfile(docker_image_file) and YesOrNo('Load Malcolm Docker images from {}'.format(docker_image_file), default=True, forceInteraction=True):
+    if docker_image_file and os.path.isfile(docker_image_file) and InstallerYesOrNo('Load Malcolm Docker images from {}'.format(docker_image_file), default=True, forceInteraction=True):
       ecode, out = self.run_process(['docker', 'load', '-q', '-i', docker_image_file], privileged=True)
       if (ecode == 0):
         result = True
@@ -375,12 +149,12 @@ def install_docker_images(self, docker_image_file):
   def install_malcolm_files(self, malcolm_install_file):
     result = False
     installPath = None
-    if malcolm_install_file and os.path.isfile(malcolm_install_file) and YesOrNo('Extract Malcolm runtime files from {}'.format(malcolm_install_file), default=True, forceInteraction=True):
+    if malcolm_install_file and os.path.isfile(malcolm_install_file) and InstallerYesOrNo('Extract Malcolm runtime files from {}'.format(malcolm_install_file), default=True, forceInteraction=True):
 
       # determine and create destination path for installation
       while True:
         defaultPath = os.path.join(origPath, 'malcolm')
-        installPath = AskForString('Enter installation path for Malcolm [{}]'.format(defaultPath), default=defaultPath, forceInteraction=True)
+        installPath = InstallerAskForString('Enter installation path for Malcolm [{}]'.format(defaultPath), default=defaultPath, forceInteraction=True)
         if (len(installPath) == 0): installPath = defaultPath
         if os.path.isdir(installPath):
           eprint("{} already exists, please specify a different installation path".format(installPath))
@@ -469,52 +243,52 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
       esMemory = '8g'
       lsMemory = '3g'
 
-    while not YesOrNo('Setting {} for Elasticsearch and {} for Logstash. Is this OK?'.format(esMemory, lsMemory), default=True):
-      esMemory = AskForString('Enter memory for Elasticsearch (e.g., 16g, 9500m, etc.)')
-      lsMemory = AskForString('Enter memory for LogStash (e.g., 4g, 2500m, etc.)')
+    while not InstallerYesOrNo('Setting {} for Elasticsearch and {} for Logstash. Is this OK?'.format(esMemory, lsMemory), default=True):
+      esMemory = InstallerAskForString('Enter memory for Elasticsearch (e.g., 16g, 9500m, etc.)')
+      lsMemory = InstallerAskForString('Enter memory for LogStash (e.g., 4g, 2500m, etc.)')
 
     restartMode = None
     allowedRestartModes = ('no', 'on-failure', 'always', 'unless-stopped')
-    if YesOrNo('Restart Malcolm upon system or Docker daemon restart?', default=restart_mode_default):
+    if InstallerYesOrNo('Restart Malcolm upon system or Docker daemon restart?', default=restart_mode_default):
       while restartMode not in allowedRestartModes:
-        restartMode = AskForString('Select Malcolm restart behavior {}'.format(allowedRestartModes), default='unless-stopped')
+        restartMode = InstallerAskForString('Select Malcolm restart behavior {}'.format(allowedRestartModes), default='unless-stopped')
     else:
       restartMode = 'no'
     if (restartMode == 'no'): restartMode = '"no"'
 
     ldapStartTLS = False
     ldapServerType = 'winldap'
-    useBasicAuth = not YesOrNo('Authenticate against Lightweight Directory Access Protocol (LDAP) server?', default=False)
+    useBasicAuth = not InstallerYesOrNo('Authenticate against Lightweight Directory Access Protocol (LDAP) server?', default=False)
     if not useBasicAuth:
       allowedLdapModes = ('winldap', 'openldap')
       ldapServerType = None
       while ldapServerType not in allowedLdapModes:
-        ldapServerType = AskForString('Select LDAP server compatibility type {}'.format(allowedLdapModes), default='winldap')
-      ldapStartTLS = YesOrNo('Use StartTLS for LDAP connection security?', default=True)
+        ldapServerType = InstallerAskForString('Select LDAP server compatibility type {}'.format(allowedLdapModes), default='winldap')
+      ldapStartTLS = InstallerYesOrNo('Use StartTLS for LDAP connection security?', default=True)
       try:
-        with open(os.path.join(os.path.realpath(os.path.join(scriptPath, "..")), ".ldap_config_defaults"), "w") as ldapDefaultsFile:
+        with open(os.path.join(os.path.realpath(os.path.join(ScriptPath, "..")), ".ldap_config_defaults"), "w") as ldapDefaultsFile:
           print("LDAP_SERVER_TYPE='{}'".format(ldapServerType), file=ldapDefaultsFile)
           print("LDAP_PROTO='{}'".format('ldap://' if useBasicAuth or ldapStartTLS else 'ldaps://'), file=ldapDefaultsFile)
           print("LDAP_PORT='{}'".format(3268 if ldapStartTLS else 3269), file=ldapDefaultsFile)
       except:
         pass
 
-    curatorSnapshots = YesOrNo('Create daily snapshots (backups) of Elasticsearch indices?', default=False)
+    curatorSnapshots = InstallerYesOrNo('Create daily snapshots (backups) of Elasticsearch indices?', default=False)
     curatorSnapshotDir = './elasticsearch-backup'
     if curatorSnapshots:
-      if not YesOrNo('Store snapshots locally in {}?'.format(os.path.join(malcolm_install_path, 'elasticsearch-backup')), default=True):
+      if not InstallerYesOrNo('Store snapshots locally in {}?'.format(os.path.join(malcolm_install_path, 'elasticsearch-backup')), default=True):
         while True:
-          curatorSnapshotDir = AskForString('Enter Elasticsearch index snapshot directory')
+          curatorSnapshotDir = InstallerAskForString('Enter Elasticsearch index snapshot directory')
           if (len(curatorSnapshotDir) > 1) and os.path.isdir(curatorSnapshotDir):
             curatorSnapshotDir = os.path.realpath(curatorSnapshotDir)
             break
 
     curatorCloseUnits = 'years'
     curatorCloseCount = '5'
-    if YesOrNo('Periodically close old Elasticsearch indices?', default=False):
-      while not YesOrNo('Indices older than {} {} will be periodically closed. Is this OK?'.format(curatorCloseCount, curatorCloseUnits), default=True):
+    if InstallerYesOrNo('Periodically close old Elasticsearch indices?', default=False):
+      while not InstallerYesOrNo('Indices older than {} {} will be periodically closed. Is this OK?'.format(curatorCloseCount, curatorCloseUnits), default=True):
         while True:
-          curatorPeriod = AskForString('Enter index close threshold (e.g., 90 days, 2 years, etc.)').lower().split()
+          curatorPeriod = InstallerAskForString('Enter index close threshold (e.g., 90 days, 2 years, etc.)').lower().split()
           if (len(curatorPeriod) == 2) and (not curatorPeriod[1].endswith('s')):
             curatorPeriod[1] += 's'
           if ((len(curatorPeriod) == 2) and
@@ -529,10 +303,10 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
 
     curatorDeleteUnits = 'years'
     curatorDeleteCount = '10'
-    if YesOrNo('Periodically delete old Elasticsearch indices?', default=False):
-      while not YesOrNo('Indices older than {} {} will be periodically deleted. Is this OK?'.format(curatorDeleteCount, curatorDeleteUnits), default=True):
+    if InstallerYesOrNo('Periodically delete old Elasticsearch indices?', default=False):
+      while not InstallerYesOrNo('Indices older than {} {} will be periodically deleted. Is this OK?'.format(curatorDeleteCount, curatorDeleteUnits), default=True):
         while True:
-          curatorPeriod = AskForString('Enter index delete threshold (e.g., 90 days, 2 years, etc.)').lower().split()
+          curatorPeriod = InstallerAskForString('Enter index delete threshold (e.g., 90 days, 2 years, etc.)').lower().split()
           if (len(curatorPeriod) == 2) and (not curatorPeriod[1].endswith('s')):
             curatorPeriod[1] += 's'
           if ((len(curatorPeriod) == 2) and
@@ -546,26 +320,27 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
       curatorDeleteCount = '99'
 
     curatorDeleteOverGigs = '10000'
-    if YesOrNo('Periodically delete the oldest Elasticsearch indices when the database exceeds a certain size?', default=False):
-      while not YesOrNo('Indices will be deleted when the database exceeds {} gigabytes. Is this OK?'.format(curatorDeleteOverGigs), default=True):
+    if InstallerYesOrNo('Periodically delete the oldest Elasticsearch indices when the database exceeds a certain size?', default=False):
+      while not InstallerYesOrNo('Indices will be deleted when the database exceeds {} gigabytes. Is this OK?'.format(curatorDeleteOverGigs), default=True):
         while True:
-          curatorSize = AskForString('Enter index threshold in gigabytes')
+          curatorSize = InstallerAskForString('Enter index threshold in gigabytes')
           if (len(curatorSize) > 0) and curatorSize.isdigit():
             curatorDeleteOverGigs = curatorSize
             break
     else:
       curatorDeleteOverGigs = '9000000'
 
-    autoZeek = YesOrNo('Automatically analyze all PCAP files with Zeek?', default=True)
-    reverseDns = YesOrNo('Perform reverse DNS lookup locally for source and destination IP addresses in Zeek logs?', default=False)
-    autoOui = YesOrNo('Perform hardware vendor OUI lookups for MAC addresses?', default=True)
-    logstashOpen = YesOrNo('Expose Logstash port to external hosts?', default=expose_logstash_default)
-    logstashSsl = logstashOpen and YesOrNo('Should Logstash require SSL for Zeek logs? (Note: This requires the forwarder to be similarly configured and a corresponding copy of the client SSL files.)', default=False)
-    externalEsForward = YesOrNo('Forward Logstash logs to external Elasticstack instance?', default=False)
+    autoZeek = InstallerYesOrNo('Automatically analyze all PCAP files with Zeek?', default=True)
+    reverseDns = InstallerYesOrNo('Perform reverse DNS lookup locally for source and destination IP addresses in Zeek logs?', default=False)
+    autoOui = InstallerYesOrNo('Perform hardware vendor OUI lookups for MAC addresses?', default=True)
+    autoFreq = InstallerYesOrNo('Perform string randomness scoring on some fields?', default=False)
+    logstashOpen = InstallerYesOrNo('Expose Logstash port to external hosts?', default=expose_logstash_default)
+    logstashSsl = logstashOpen and InstallerYesOrNo('Should Logstash require SSL for Zeek logs? (Note: This requires the forwarder to be similarly configured and a corresponding copy of the client SSL files.)', default=False)
+    externalEsForward = InstallerYesOrNo('Forward Logstash logs to external Elasticstack instance?', default=False)
     if externalEsForward:
-      externalEsHost = AskForString('Enter external Elasticstack host:port (e.g., 10.0.0.123:9200)')
-      externalEsSsl = YesOrNo('Connect to "{}" using SSL?'.format(externalEsHost), default=True)
-      externalEsSslVerify = externalEsSsl and YesOrNo('Require SSL certificate validation for communication with "{}"?'.format(externalEsHost), default=False)
+      externalEsHost = InstallerAskForString('Enter external Elasticstack host:port (e.g., 10.0.0.123:9200)')
+      externalEsSsl = InstallerYesOrNo('Connect to "{}" using SSL?'.format(externalEsHost), default=True)
+      externalEsSslVerify = externalEsSsl and InstallerYesOrNo('Require SSL certificate validation for communication with "{}"?'.format(externalEsHost), default=False)
     else:
       externalEsHost = ""
       externalEsSsl = False
@@ -582,18 +357,18 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
     clamAvScan = False
     clamAvUpdate = False
 
-    if YesOrNo('Enable file extraction with Zeek?', default=False):
+    if InstallerYesOrNo('Enable file extraction with Zeek?', default=False):
       while fileCarveMode not in allowedFileCarveModes:
-        fileCarveMode = AskForString('Select file extraction behavior {}'.format(allowedFileCarveModes), default=allowedFileCarveModes[0])
+        fileCarveMode = InstallerAskForString('Select file extraction behavior {}'.format(allowedFileCarveModes), default=allowedFileCarveModes[0])
       while filePreserveMode not in allowedFilePreserveModes:
-        filePreserveMode = AskForString('Select file preservation behavior {}'.format(allowedFilePreserveModes), default=allowedFilePreserveModes[0])
+        filePreserveMode = InstallerAskForString('Select file preservation behavior {}'.format(allowedFilePreserveModes), default=allowedFilePreserveModes[0])
       if fileCarveMode is not None:
-        if YesOrNo('Scan extracted files with ClamAV?', default=False):
+        if InstallerYesOrNo('Scan extracted files with ClamAV?', default=False):
           clamAvScan = True
-          clamAvUpdate = YesOrNo('Download updated ClamAV virus signatures periodically?', default=True)
-        elif YesOrNo('Lookup extracted file hashes with VirusTotal?', default=False):
+          clamAvUpdate = InstallerYesOrNo('Download updated ClamAV virus signatures periodically?', default=True)
+        elif InstallerYesOrNo('Lookup extracted file hashes with VirusTotal?', default=False):
           while (len(vtotApiKey) <= 1):
-            vtotApiKey = AskForString('Enter VirusTotal API key')
+            vtotApiKey = InstallerAskForString('Enter VirusTotal API key')
 
     if fileCarveMode not in allowedFileCarveModes:
       fileCarveMode = allowedFileCarveModes[0]
@@ -606,12 +381,12 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
     pcapNetSniff = False
     pcapTcpDump = False
     pcapIface = 'lo'
-    if YesOrNo('Should Malcolm capture network traffic to PCAP files?', default=False):
+    if InstallerYesOrNo('Should Malcolm capture network traffic to PCAP files?', default=False):
       pcapIface = ''
       while (len(pcapIface) <= 0):
-        pcapIface = AskForString('Specify capture interface(s) (comma-separated)')
-      pcapNetSniff = YesOrNo('Capture packets using netsniff-ng?', default=True)
-      pcapTcpDump = YesOrNo('Capture packets using tcpdump?', default=(not pcapNetSniff))
+        pcapIface = InstallerAskForString('Specify capture interface(s) (comma-separated)')
+      pcapNetSniff = InstallerYesOrNo('Capture packets using netsniff-ng?', default=True)
+      pcapTcpDump = InstallerYesOrNo('Capture packets using tcpdump?', default=(not pcapNetSniff))
 
     # modify specified values in-place in docker-compose files
     for composeFile in composeFiles:
@@ -698,6 +473,9 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
           elif 'LOGSTASH_OUI_LOOKUP' in line:
             # automatic MAC OUI lookup
             line = re.sub(r'(LOGSTASH_OUI_LOOKUP\s*:\s*)(\S+)', r'\g<1>{}'.format("'true'" if autoOui else "'false'"), line)
+          elif 'FREQ_LOOKUP' in line:
+            # freq.py string randomness calculations
+            line = re.sub(r'(FREQ_LOOKUP\s*:\s*)(\S+)', r'\g<1>{}'.format("'true'" if autoFreq else "'false'"), line)
           elif 'BEATS_SSL' in line:
             # enable/disable beats SSL
             line = re.sub(r'(BEATS_SSL\s*:\s*)(\S+)', r'\g<1>{}'.format("'true'" if logstashOpen and logstashSsl else "'false'"), line)
@@ -758,10 +536,10 @@ def tweak_malcolm_runtime(self, malcolm_install_path, expose_logstash_default=Fa
     # if the Malcolm dir is owned by root, see if they want to reassign ownership to a non-root user
     if (((self.platform == PLATFORM_LINUX) or (self.platform == PLATFORM_MAC)) and
         (self.scriptUser == "root") and (getpwuid(os.stat(malcolm_install_path).st_uid).pw_uid == self.scriptUser) and
-        YesOrNo('Set ownership of {} to an account other than {}?'.format(malcolm_install_path, self.scriptUser), default=True, forceInteraction=True)):
+        InstallerYesOrNo('Set ownership of {} to an account other than {}?'.format(malcolm_install_path, self.scriptUser), default=True, forceInteraction=True)):
       tmpUser = ''
       while (len(tmpUser) == 0):
-        tmpUser = AskForString('Enter user account').strip()
+        tmpUser = InstallerAskForString('Enter user account').strip()
       err, out = self.run_process(['id', '-g', '-n', tmpUser], stderr=True)
       if (err == 0) and (len(out) > 0) and (len(out[0]) > 0):
         tmpUser = "{}:{}".format(tmpUser, out[0])
@@ -782,28 +560,75 @@ def __init__(self, debug=False):
     else:
       super(LinuxInstaller, self).__init__(debug)
 
-    self.distro = "linux"
+    self.distro = None
     self.codename = None
+    self.release = None
 
     # determine the distro (e.g., ubuntu) and code name (e.g., bionic) if applicable
-    err, out = self.run_process(['lsb_release', '-is'], stderr=False)
-    if (err == 0) and (len(out) > 0):
-      self.distro = out[0].lower()
+
+    # check /etc/os-release values first
+    if os.path.isfile('/etc/os-release'):
+      osInfo = dict()
+
+      with open("/etc/os-release", 'r') as f:
+        for line in f:
+          try:
+            k, v = line.rstrip().split("=")
+            osInfo[k] = v.strip('"')
+          except:
+            pass
+
+      if ('NAME' in osInfo) and (len(osInfo['NAME']) > 0):
+        distro = osInfo['NAME'].lower().split()[0]
+
+      if ('VERSION_CODENAME' in osInfo) and (len(osInfo['VERSION_CODENAME']) > 0):
+        codename = osInfo['VERSION_CODENAME'].lower().split()[0]
+
+      if ('VERSION_ID' in osInfo) and (len(osInfo['VERSION_ID']) > 0):
+        release = osInfo['VERSION_ID'].lower().split()[0]
+
+    # try lsb_release next
+    if (self.distro is None):
+      err, out = self.run_process(['lsb_release', '-is'], stderr=False)
+      if (err == 0) and (len(out) > 0):
+        self.distro = out[0].lower()
+
+    if (self.codename is None):
       err, out = self.run_process(['lsb_release', '-cs'], stderr=False)
       if (err == 0) and (len(out) > 0):
         self.codename = out[0].lower()
-    else:
+
+    if (self.release is None):
+      err, out = self.run_process(['lsb_release', '-rs'], stderr=False)
+      if (err == 0) and (len(out) > 0):
+        self.release = out[0].lower()
+
+    # try release-specific files
+    if (self.distro is None):
+      if os.path.isfile('/etc/centos-release'):
+        distroFile = '/etc/centos-release'
       if os.path.isfile('/etc/redhat-release'):
         distroFile = '/etc/redhat-release'
       elif os.path.isfile('/etc/issue'):
         distroFile = '/etc/issue'
       else:
         distroFile = None
-      if distroFile:
+      if (distroFile is not None):
         with open(distroFile, 'r') as f:
-          self.distro = f.read().lower().split()[0]
+          distroVals = f.read().lower().split()
+          distroNums = [x for x in distroVals if x[0].isdigit()]
+          self.distro = distroVals[0]
+          if (self.release is None) and (len(distroNums) > 0):
+            self.release = distroNums[0]
+
+    if (self.distro is None):
+      self.distro = "linux"
+
     if self.debug:
-      eprint("distro: {}{}".format(self.distro, " {}".format(self.codename) if self.codename else ""))
+      eprint("distro: {}{}{}".format(self.distro,
+                                     " {}".format(self.codename) if self.codename else "",
+                                     " {}".format(self.release) if self.release else ""))
+
     if not self.codename: self.codename = self.distro
 
     # determine packages required by Malcolm itself (not docker, those will be done later)
@@ -820,27 +645,27 @@ def __init__(self, debug=False):
       self.sudoCmd = ["sudo", "-n"]
       err, out = self.run_process(['whoami'], privileged=True)
       if (err != 0) or (len(out) == 0) or (out[0] != 'root'):
-        raise Exception('{} must be run as root, or {} must be available'.format(scriptName, self.sudoCmd))
+        raise Exception('{} must be run as root, or {} must be available'.format(ScriptName, self.sudoCmd))
 
     # determine command to use to query if a package is installed
-    if Which('dpkg'):
+    if Which('dpkg', debug=self.debug):
       os.environ["DEBIAN_FRONTEND"] = "noninteractive"
       self.checkPackageCmds.append(['dpkg', '-s'])
-    elif Which('rpm'):
+    elif Which('rpm', debug=self.debug):
       self.checkPackageCmds.append(['rpm', '-q'])
-    elif Which('dnf'):
+    elif Which('dnf', debug=self.debug):
       self.checkPackageCmds.append(['dnf', 'list', 'installed'])
-    elif Which('yum'):
+    elif Which('yum', debug=self.debug):
       self.checkPackageCmds.append(['yum', 'list', 'installed'])
 
     # determine command to install a package from the distro's repos
-    if Which('apt-get'):
+    if Which('apt-get', debug=self.debug):
       self.installPackageCmds.append(['apt-get', 'install', '-y', '-qq'])
-    elif Which('apt'):
+    elif Which('apt', debug=self.debug):
       self.installPackageCmds.append(['apt', 'install', '-y', '-qq'])
-    elif Which('dnf'):
-      self.installPackageCmds.append(['dnf', '-y', 'install'])
-    elif Which('yum'):
+    elif Which('dnf', debug=self.debug):
+      self.installPackageCmds.append(['dnf', '-y', 'install', '--nobest'])
+    elif Which('yum', debug=self.debug):
       self.installPackageCmds.append(['yum', '-y', 'install'])
 
     # determine total system memory
@@ -879,9 +704,9 @@ def install_docker(self):
     if (err == 0):
       result = True
 
-    elif YesOrNo('"docker info" failed, attempt to install Docker?', default=True):
+    elif InstallerYesOrNo('"docker info" failed, attempt to install Docker?', default=True):
 
-      if YesOrNo('Attempt to install Docker using official repositories?', default=True):
+      if InstallerYesOrNo('Attempt to install Docker using official repositories?', default=True):
 
         # install required packages for repo-based install
         if self.distro == PLATFORM_LINUX_UBUNTU:
@@ -956,9 +781,9 @@ def install_docker(self):
 
       # the user either chose not to use the official repos, the official repo installation failed, or there are not official repos available
       # see if we want to attempt using the convenience script at https://get.docker.com (see https://github.com/docker/docker-install)
-      if not result and YesOrNo('Docker not installed via official repositories. Attempt to install Docker via convenience script (please read https://github.com/docker/docker-install)?', default=False):
+      if not result and InstallerYesOrNo('Docker not installed via official repositories. Attempt to install Docker via convenience script (please read https://github.com/docker/docker-install)?', default=False):
         tempFileName = os.path.join(self.tempDirName, 'docker-install.sh')
-        if DownloadToFile("https://get.docker.com/", tempFileName):
+        if DownloadToFile("https://get.docker.com/", tempFileName, debug=self.debug):
           os.chmod(tempFileName, 493) # 493 = 0o755
           err, out = self.run_process(([tempFileName]), privileged=True)
           if (err == 0):
@@ -988,8 +813,8 @@ def install_docker(self):
       # add non-root user to docker group if required
       usersToAdd = []
       if self.scriptUser == 'root':
-        while YesOrNo('Add {} non-root user to the "docker" group?'.format('a' if len(usersToAdd) == 0 else 'another')):
-          tmpUser = AskForString('Enter user account')
+        while InstallerYesOrNo('Add {} non-root user to the "docker" group?'.format('a' if len(usersToAdd) == 0 else 'another')):
+          tmpUser = InstallerAskForString('Enter user account')
           if (len(tmpUser) > 0): usersToAdd.append(tmpUser)
       else:
         usersToAdd.append(self.scriptUser)
@@ -1004,7 +829,7 @@ def install_docker(self):
 
     elif (err != 0):
       result = False
-      raise Exception('{} requires docker, please see {}'.format(scriptName, DOCKER_INSTALL_URLS[self.distro]))
+      raise Exception('{} requires docker, please see {}'.format(ScriptName, DOCKER_INSTALL_URLS[self.distro]))
 
     return result
 
@@ -1013,7 +838,7 @@ def install_docker_compose(self):
     result = False
 
     dockerComposeCmd = 'docker-compose'
-    if not Which(dockerComposeCmd) and os.path.isfile('/usr/local/bin/docker-compose'):
+    if not Which(dockerComposeCmd, debug=self.debug) and os.path.isfile('/usr/local/bin/docker-compose'):
       dockerComposeCmd = '/usr/local/bin/docker-compose'
 
     # first see if docker-compose is already installed and runnable (try non-root and root)
@@ -1021,9 +846,9 @@ def install_docker_compose(self):
     if (err != 0):
       err, out = self.run_process([dockerComposeCmd, 'version'], privileged=True)
 
-    if (err != 0) and YesOrNo('"docker-compose version" failed, attempt to install docker-compose?', default=True):
+    if (err != 0) and InstallerYesOrNo('"docker-compose version" failed, attempt to install docker-compose?', default=True):
 
-      if YesOrNo('Install docker-compose directly from docker github?', default=True):
+      if InstallerYesOrNo('Install docker-compose directly from docker github?', default=True):
         # download docker-compose from github and put it in /usr/local/bin
 
         # need to know some linux platform info
@@ -1036,7 +861,7 @@ def install_docker_compose(self):
           # download docker-compose from github and save it to a temporary file
           tempFileName = os.path.join(self.tempDirName, dockerComposeCmd)
           dockerComposeUrl = "https://github.com/docker/compose/releases/download/{}/docker-compose-{}-{}".format(DOCKER_COMPOSE_INSTALL_VERSION, unames[0], unames[1])
-          if DownloadToFile(dockerComposeUrl, tempFileName):
+          if DownloadToFile(dockerComposeUrl, tempFileName, debug=self.debug):
             os.chmod(tempFileName, 493) # 493 = 0o755, mark as executable
             # put docker-compose into /usr/local/bin
             err, out = self.run_process((['cp', '-f', tempFileName, '/usr/local/bin/docker-compose']), privileged=True)
@@ -1049,7 +874,7 @@ def install_docker_compose(self):
           else:
             eprint("Downloading {} to {} failed".format(dockerComposeUrl, tempFileName))
 
-      elif YesOrNo('Install docker-compose via pip (privileged)?', default=False):
+      elif InstallerYesOrNo('Install docker-compose via pip (privileged)?', default=False):
         # install docker-compose via pip (as root)
         err, out = self.run_process([self.pipCmd, 'install', dockerComposeCmd], privileged=True)
         if (err == 0):
@@ -1057,7 +882,7 @@ def install_docker_compose(self):
         else:
           eprint("Install docker-compose via pip failed with {}, {}".format(err, out))
 
-      elif YesOrNo('Install docker-compose via pip (user)?', default=True):
+      elif InstallerYesOrNo('Install docker-compose via pip (user)?', default=True):
         # install docker-compose via pip (regular user)
         err, out = self.run_process([self.pipCmd, 'install', dockerComposeCmd], privileged=False)
         if (err == 0):
@@ -1076,7 +901,7 @@ def install_docker_compose(self):
         eprint('"docker-compose version" succeeded')
 
     else:
-      raise Exception('{} requires docker-compose, please see {}'.format(scriptName, DOCKER_COMPOSE_INSTALL_URLS[self.platform]))
+      raise Exception('{} requires docker-compose, please see {}'.format(ScriptName, DOCKER_COMPOSE_INSTALL_URLS[self.platform]))
 
     return result
 
@@ -1147,14 +972,14 @@ def tweak_system_files(self):
                                     'vm.dirty_ratio defines the maximum percentage of dirty system memory before committing everything',
                                     ['# maximum % of dirty system memory before committing everything',
                                      'vm.dirty_ratio=80']),
-                        ConfigLines(['centos'],
+                        ConfigLines(['centos', 'core'],
                                     '/etc/systemd/system.conf.d/limits.conf',
                                     '',
                                     '/etc/systemd/system.conf.d/limits.conf increases the allowed maximums for file handles and memlocked segments',
                                     ['[Manager]',
                                      'DefaultLimitNOFILE=65535:65535',
                                      'DefaultLimitMEMLOCK=infinity']),
-                        ConfigLines(['bionic', 'cosmic', 'disco', 'stretch', 'buster', 'sid', 'fedora'],
+                        ConfigLines(['bionic', 'cosmic', 'disco', 'eoan', 'stretch', 'buster', 'sid', 'fedora'],
                                     '/etc/security/limits.d/limits.conf',
                                     '',
                                     '/etc/security/limits.d/limits.conf increases the allowed maximums for file handles and memlocked segments',
@@ -1166,14 +991,14 @@ def tweak_system_files(self):
     for config in configLinesToAdd:
 
       if (((len(config.distros) == 0) or (self.codename in config.distros)) and
-          (os.path.isfile(config.filename) or YesOrNo('\n{}\n{} does not exist, create it?'.format(config.description, config.filename), default=True))):
+          (os.path.isfile(config.filename) or InstallerYesOrNo('\n{}\n{} does not exist, create it?'.format(config.description, config.filename), default=True))):
 
         confFileLines = [line.rstrip('\n') for line in open(config.filename)] if os.path.isfile(config.filename) else []
 
         if ((len(confFileLines) == 0) or
             (not os.path.isfile(config.filename) and (len(config.prefix) == 0)) or
             ((len(list(filter(lambda x: x.startswith(config.prefix), confFileLines))) == 0) and
-              YesOrNo('\n{}\n{} appears to be missing from {}, append it?'.format(config.description, config.prefix, config.filename), default=True))):
+              InstallerYesOrNo('\n{}\n{} appears to be missing from {}, append it?'.format(config.description, config.prefix, config.filename), default=True))):
 
           err, out = self.run_process(['bash', '-c', "mkdir -p {} && echo -n -e '\\n{}\\n' >> '{}'".format(os.path.dirname(config.filename),
                                                                                                            "\\n".join(config.lines),
@@ -1181,10 +1006,11 @@ def tweak_system_files(self):
 
     # install haveged
     if (not self.package_is_installed('haveged') and
-        YesOrNo('The "haveged" utility may help improve Malcolm startup times by providing entropy for the Linux kernel. Install haveged?', default=False)):
+        InstallerYesOrNo('The "haveged" utility may help improve Malcolm startup times by providing entropy for the Linux kernel. Install haveged?', default=False)):
+      if (self.distro == PLATFORM_LINUX_CENTOS) and (self.release is not None):
+        eprint("Installing EPEL repo")
+        self.install_package(['https://dl.fedoraproject.org/pub/epel/epel-release-latest-{}.noarch.rpm'.format(self.release.split('.')[0])])
       havegedPackages = ['haveged']
-      if self.distro == PLATFORM_LINUX_CENTOS:
-        havegedPackages.append('https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm')
       eprint("Installing haveged packages: {}".format(havegedPackages))
       if self.install_package(havegedPackages):
         eprint("Installation of haveged packages apparently succeeded")
@@ -1214,14 +1040,14 @@ def __init__(self, debug=False):
     err, out = self.run_process(['brew', 'info'])
     brewInstalled = (err == 0)
 
-    if brewInstalled and YesOrNo('Homebrew is installed: continue with Homebrew?', default=True):
+    if brewInstalled and InstallerYesOrNo('Homebrew is installed: continue with Homebrew?', default=True):
       self.useBrew = True
 
     else:
       self.useBrew = False
       eprint('Docker can be installed and maintained with Homebrew, or manually.')
-      if (not brewInstalled) and (not YesOrNo('Homebrew is not installed: continue with manual installation?', default=False)):
-        raise Exception('Follow the steps at {} to install Homebrew, then re-run {}'.format(HOMEBREW_INSTALL_URLS[self.platform], scriptName))
+      if (not brewInstalled) and (not InstallerYesOrNo('Homebrew is not installed: continue with manual installation?', default=False)):
+        raise Exception('Follow the steps at {} to install Homebrew, then re-run {}'.format(HOMEBREW_INSTALL_URLS[self.platform], ScriptName))
 
     if self.useBrew:
       # make sure we have brew cask
@@ -1279,7 +1105,7 @@ def install_docker(self):
       # if docker is installed via brew, but not running, prompt them to start it
       eprint('{} appears to be installed via Homebrew, but "docker info" failed'.format(MAC_BREW_DOCKER_PACKAGE))
       while True:
-        response = AskForString('Starting Docker the first time may require user interaction. Please find and start Docker in the Applications folder, then return here and type YES').lower()
+        response = InstallerAskForString('Starting Docker the first time may require user interaction. Please find and start Docker in the Applications folder, then return here and type YES').lower()
         if (response == 'yes'):
           break
       err, out = self.run_process(['docker', 'info'], retry=12, retrySleepSec=5)
@@ -1288,7 +1114,7 @@ def install_docker(self):
     if (err == 0):
       result = True
 
-    elif YesOrNo('"docker info" failed, attempt to install Docker?', default=True):
+    elif InstallerYesOrNo('"docker info" failed, attempt to install Docker?', default=True):
 
       if self.useBrew:
         # install docker via brew cask (requires user interaction)
@@ -1297,7 +1123,7 @@ def install_docker(self):
         if self.install_package(dockerPackages):
           eprint("Installation of docker packages apparently succeeded")
           while True:
-            response = AskForString('Starting Docker the first time may require user interaction. Please find and start Docker in the Applications folder, then return here and type YES').lower()
+            response = InstallerAskForString('Starting Docker the first time may require user interaction. Please find and start Docker in the Applications folder, then return here and type YES').lower()
             if (response == 'yes'):
               break
         else:
@@ -1310,9 +1136,9 @@ def install_docker(self):
           tempFileName = os.path.join(dlDirName, 'Docker.dmg')
         else:
           tempFileName = os.path.join(self.tempDirName, 'Docker.dmg')
-        if DownloadToFile('https://download.docker.com/mac/edge/Docker.dmg', tempFileName):
+        if DownloadToFile('https://download.docker.com/mac/edge/Docker.dmg', tempFileName, debug=self.debug):
           while True:
-            response = AskForString('Installing and starting Docker the first time may require user interaction. Please open Finder and install {}, start Docker from the Applications folder, then return here and type YES'.format(tempFileName)).lower()
+            response = InstallerAskForString('Installing and starting Docker the first time may require user interaction. Please open Finder and install {}, start Docker from the Applications folder, then return here and type YES'.format(tempFileName)).lower()
             if (response == 'yes'):
               break
 
@@ -1324,14 +1150,14 @@ def install_docker(self):
           eprint('"docker info" succeeded')
 
       elif (err != 0):
-        raise Exception('{} requires docker edge, please see {}'.format(scriptName, DOCKER_INSTALL_URLS[self.platform]))
+        raise Exception('{} requires docker edge, please see {}'.format(ScriptName, DOCKER_INSTALL_URLS[self.platform]))
 
     elif (err != 0):
-      raise Exception('{} requires docker edge, please see {}'.format(scriptName, DOCKER_INSTALL_URLS[self.platform]))
+      raise Exception('{} requires docker edge, please see {}'.format(ScriptName, DOCKER_INSTALL_URLS[self.platform]))
 
     # tweak CPU/RAM usage for Docker in Mac
     settingsFile = MAC_BREW_DOCKER_SETTINGS.format(self.scriptUser)
-    if result and os.path.isfile(settingsFile) and YesOrNo('Configure Docker resource usage in {}?'.format(settingsFile), default=True):
+    if result and os.path.isfile(settingsFile) and InstallerYesOrNo('Configure Docker resource usage in {}?'.format(settingsFile), default=True):
 
       # adjust CPU and RAM based on system resources
       if self.totalCores >= 16:
@@ -1360,9 +1186,9 @@ def install_docker(self):
       else:
         newMemoryGiB = 2
 
-      while not YesOrNo('Setting {} for CPU cores and {} GiB for RAM. Is this OK?'.format(newCpus if newCpus else "(unchanged)", newMemoryGiB if newMemoryGiB else "(unchanged)"), default=True):
-        newCpus = AskForString('Enter Docker CPU cores (e.g., 4, 8, 16)')
-        newMemoryGiB = AskForString('Enter Docker RAM MiB (e.g., 8, 16, etc.)')
+      while not InstallerYesOrNo('Setting {} for CPU cores and {} GiB for RAM. Is this OK?'.format(newCpus if newCpus else "(unchanged)", newMemoryGiB if newMemoryGiB else "(unchanged)"), default=True):
+        newCpus = InstallerAskForString('Enter Docker CPU cores (e.g., 4, 8, 16)')
+        newMemoryGiB = InstallerAskForString('Enter Docker RAM MiB (e.g., 8, 16, etc.)')
 
       if newCpus or newMemoryMiB:
         with open(settingsFile, 'r+') as f:
@@ -1393,7 +1219,7 @@ def install_docker(self):
         else:
           eprint("Restarting Docker automatically failed: {}".format(out))
           while True:
-            response = AskForString('Please restart Docker via the system taskbar, then return here and type YES').lower()
+            response = InstallerAskForString('Please restart Docker via the system taskbar, then return here and type YES').lower()
             if (response == 'yes'):
               break
 
@@ -1406,7 +1232,7 @@ def main():
 
   # extract arguments from the command line
   # print (sys.argv[1:]);
-  parser = argparse.ArgumentParser(description='Malcolm install script', add_help=False, usage='{} <arguments>'.format(scriptName))
+  parser = argparse.ArgumentParser(description='Malcolm install script', add_help=False, usage='{} <arguments>'.format(ScriptName))
   parser.add_argument('-v', '--verbose', dest='debug', type=str2bool, nargs='?', const=True, default=False, help="Verbose output")
   parser.add_argument('-m', '--malcolm-file', required=False, dest='mfile', metavar='<STR>', type=str, default='', help='Malcolm .tar.gz file for installation')
   parser.add_argument('-i', '--image-file', required=False, dest='ifile', metavar='<STR>', type=str, default='', help='Malcolm docker images .tar.gz file for installation')
@@ -1424,13 +1250,13 @@ def main():
     exit(2)
 
   if args.debug:
-    eprint(os.path.join(scriptPath, scriptName))
+    eprint(os.path.join(ScriptPath, ScriptName))
     eprint("Arguments: {}".format(sys.argv[1:]))
     eprint("Arguments: {}".format(args))
   else:
     sys.tracebacklimit = 0
 
-  if not ImportRequests():
+  if not ImportRequests(debug=args.debug):
     exit(2)
 
   # If Malcolm and images tarballs are provided, we will use them.
@@ -1445,7 +1271,7 @@ def main():
     # find the most recent non-image tarball, first checking in the pwd then in the script path
     files = list(filter(lambda x: "_images" not in x, glob.glob(os.path.join(origPath, '*.tar.gz'))))
     if (len(files) == 0):
-      files = list(filter(lambda x: "_images" not in x, glob.glob(os.path.join(scriptPath, '*.tar.gz'))))
+      files = list(filter(lambda x: "_images" not in x, glob.glob(os.path.join(ScriptPath, '*.tar.gz'))))
     files.sort(key=lambda x: os.path.getmtime(x), reverse=True)
     if (len(files) > 0):
       malcolmFile = files[0]
@@ -1471,7 +1297,7 @@ def main():
   elif installerPlatform == PLATFORM_MAC:
     installer = MacInstaller(debug=args.debug)
   elif installerPlatform == PLATFORM_WINDOWS:
-    raise Exception('{} is not yet supported on {}'.format(scriptName, installerPlatform))
+    raise Exception('{} is not yet supported on {}'.format(ScriptName, installerPlatform))
     installer = WindowsInstaller(debug=args.debug)
 
   success = False
@@ -1483,7 +1309,7 @@ def main():
   if (not args.configOnly) and hasattr(installer, 'install_docker_images'): success = installer.install_docker_images(imageFile)
   if args.configOnly or (args.configFile and os.path.isfile(args.configFile)):
     if not args.configFile:
-      for testPath in [origPath, scriptPath, os.path.realpath(os.path.join(scriptPath, ".."))]:
+      for testPath in [origPath, ScriptPath, os.path.realpath(os.path.join(ScriptPath, ".."))]:
         if os.path.isfile(os.path.join(testPath, "docker-compose.yml")):
           installPath = testPath
     else:
diff --git a/scripts/logs b/scripts/logs
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/logs
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/logs.sh b/scripts/logs.sh
deleted file mode 100755
index 576c9b5ff..000000000
--- a/scripts/logs.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-if docker-compose version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose.exe
-fi
-
-# if the docker-compose config file was specified, use it, otherwise
-# let docker-compose figure it out
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN -f "$CONFIG_FILE""
-else
-  CONFIG_FILE="docker-compose.yml"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN"
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-BASE_PATH=`pwd`;
-
-# tail logs
-$DOCKER_COMPOSE_COMMAND ps
-echo ""
-IGNORE_LOG_TEXT="(deprecated|eshealth|update_mapping|throttling index|but no there are no living connections|saved_objects|\b(d|es)?stats\.json|esindices\/list|_cat\/indices|use_field_mapping|reaped unknown pid|Successfully handled GET request for '/'|GET /(_cat/health|api/status).+HTTP/[\d\.].+\b200\b|POST /(d?stats/d?stat|_bulk|fields/field/_search).+HTTP/[\d\.].+\b20[01]\b|POST  HTTP/[\d\.].+\b200\b|POST\s+/server/php/\s+HTTP/\d+\.\d+\"\s+\d+\s+\d+.*:8443/|kibana.+curl.+localhost.+GET /api/status 200)"
-
-$DOCKER_COMPOSE_COMMAND logs -f | grep --line-buffered -Piv "$IGNORE_LOG_TEXT"
-
-echo ""
-
-popd >/dev/null 2>&1
diff --git a/scripts/malcolm_appliance_packager.sh b/scripts/malcolm_appliance_packager.sh
index c594f516b..a9a37868a 100755
--- a/scripts/malcolm_appliance_packager.sh
+++ b/scripts/malcolm_appliance_packager.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 if [ -z "$BASH_VERSION" ]; then
   echo "Wrong interpreter, please run \"$0\" with bash"
@@ -80,26 +80,29 @@ if mkdir "$DESTDIR"; then
   mkdir $VERBOSE -p "$DESTDIR/zeek-logs/extract_files/"
   mkdir $VERBOSE -p "$DESTDIR/scripts/"
   cp $VERBOSE ./docker-compose-standalone.yml "$DESTDIR/docker-compose.yml"
-  cp $VERBOSE ./docker-compose-standalone-zeek-live.yml "$DESTDIR/docker-compose-zeek-live.yml"
   cp $VERBOSE ./auth.env "$DESTDIR/"
   cp $VERBOSE ./cidr-map.txt "$DESTDIR/"
   cp $VERBOSE ./host-map.txt "$DESTDIR/"
-  cp $VERBOSE ./scripts/auth_setup.sh "$DESTDIR/scripts/"
-  cp $VERBOSE ./scripts/start.sh "$DESTDIR/scripts/"
-  cp $VERBOSE ./scripts/stop.sh "$DESTDIR/scripts/"
-  cp $VERBOSE ./scripts/restart.sh "$DESTDIR/scripts/"
-  cp $VERBOSE ./scripts/wipe.sh "$DESTDIR/scripts/"
-  cp $VERBOSE ./scripts/logs.sh "$DESTDIR/scripts/"
+  cp $VERBOSE ./net-map.json "$DESTDIR/"
   cp $VERBOSE ./scripts/install.py "$DESTDIR/scripts/"
+  cp $VERBOSE ./scripts/control.py "$DESTDIR/scripts/"
+  cp $VERBOSE ./scripts/malcolm_common.py "$DESTDIR/scripts/"
   cp $VERBOSE ./README.md "$DESTDIR/"
-  cp $VERBOSE ./nginx/certs/*.sh "$DESTDIR/nginx/certs/"
-  cp $VERBOSE ./logstash/certs/Makefile ./logstash/certs/*.conf "$DESTDIR/logstash/certs/"
+  cp $VERBOSE ./logstash/certs/*.conf "$DESTDIR/logstash/certs/"
   cp $VERBOSE ./elastalert/config/* "$DESTDIR/elastalert/config/"
   cp $VERBOSE ./elastalert/rules/* "$DESTDIR/elastalert/rules/" 2>/dev/null || true
   cp $VERBOSE ./elastalert/sample-rules/* "$DESTDIR/elastalert/sample-rules/" 2>/dev/null || true
   pushd "$DESTDIR" >/dev/null 2>&1
+  pushd "./scripts" >/dev/null 2>&1
+  ln -s ./control.py start
+  ln -s ./control.py stop
+  ln -s ./control.py restart
+  ln -s ./control.py wipe
+  ln -s ./control.py logs
+  ln -s ./control.py auth_setup
+  popd  >/dev/null 2>&1
   echo "You must set an administrator username and password for Malcolm, and self-signed X.509 certificates will be generated"
-  ./scripts/auth_setup.sh
+  ./scripts/auth_setup
   rm -rf logstash/certs/ca.key
   pushd .. >/dev/null 2>&1
   DESTNAME="$RUN_PATH/$(basename $DESTDIR).tar.gz"
@@ -107,6 +110,7 @@ if mkdir "$DESTDIR"; then
   README_HTML="$RUN_PATH/$(basename $DESTDIR).README.html"
   docker run --rm --entrypoint /bin/bash "$(grep -E 'image: *malcolmnetsec/moloch' "$DESTDIR/docker-compose.yml" | awk '{print $2}')" -c "cat /data/moloch/doc/README.html" > "$README_HTML" || true
   cp $VERBOSE "$SCRIPT_PATH/install.py" "$RUN_PATH/"
+  cp $VERBOSE "$SCRIPT_PATH/malcolm_common.py" "$RUN_PATH/"
   tar -czf $VERBOSE "$DESTNAME" "./$(basename $DESTDIR)/"
   echo "Packaged Malcolm to \"$DESTNAME\""
   echo ""
@@ -130,18 +134,19 @@ if mkdir "$DESTDIR"; then
   echo "" | tee -a "$README"
   echo "To start, stop, restart, etc. Malcolm:" | tee -a "$README"
   echo "  Use the control scripts in the \"scripts/\" directory:" | tee -a "$README"
-  echo "   - start.sh      (start Malcolm)" | tee -a "$README"
-  echo "   - stop.sh       (stop Malcolm)" | tee -a "$README"
-  echo "   - restart.sh    (restart Malcolm)" | tee -a "$README"
-  echo "   - logs.sh       (monitor Malcolm logs)" | tee -a "$README"
-  echo "   - wipe.sh       (stop Malcolm and clear its database)" | tee -a "$README"
-  echo "   - auth_setup.sh (change authentication-related settings)" | tee -a "$README"
+  echo "   - start       (start Malcolm)" | tee -a "$README"
+  echo "   - stop        (stop Malcolm)" | tee -a "$README"
+  echo "   - restart     (restart Malcolm)" | tee -a "$README"
+  echo "   - logs        (monitor Malcolm logs)" | tee -a "$README"
+  echo "   - wipe        (stop Malcolm and clear its database)" | tee -a "$README"
+  echo "   - auth_setup  (change authentication-related settings)" | tee -a "$README"
   echo "" | tee -a "$README"
   echo "A minute or so after starting Malcolm, the following services will be accessible:" | tee -a "$README"
   echo "  - Moloch: https://localhost/" | tee -a "$README"
   echo "  - Kibana: https://localhost/kibana/" | tee -a "$README"
-  echo "  - PCAP Upload (web): https://localhost/upload/" | tee -a "$README"
-  echo "  - PCAP Upload (sftp): sftp://USERNAME@127.0.0.1:8022/files/" | tee -a "$README"
+  echo "  - PCAP upload (web): https://localhost/upload/" | tee -a "$README"
+  echo "  - PCAP upload (sftp): sftp://USERNAME@127.0.0.1:8022/files/" | tee -a "$README"
+  echo "  - Host and subnet name mapping editor: https://localhost/name-map-ui/" | tee -a "$README"
   echo "  - Account management: https://localhost:488/" | tee -a "$README"
   popd  >/dev/null 2>&1
   popd  >/dev/null 2>&1
diff --git a/scripts/malcolm_common.py b/scripts/malcolm_common.py
new file mode 100644
index 000000000..645f69bc9
--- /dev/null
+++ b/scripts/malcolm_common.py
@@ -0,0 +1,315 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+from __future__ import print_function
+
+import getpass
+import os
+import platform
+import re
+import sys
+import time
+
+from collections import defaultdict
+try:
+  from pwd import getpwuid
+except ImportError:
+  getpwuid = None
+from subprocess import (PIPE, STDOUT, Popen, CalledProcessError)
+
+###################################################################################################
+ScriptPath = os.path.dirname(os.path.realpath(__file__))
+MalcolmPath = os.path.abspath(os.path.join(ScriptPath, os.pardir))
+
+###################################################################################################
+# python 2/3 portability
+
+PY3 = (sys.version_info.major >= 3)
+
+# bind raw_input to input in older versions of python
+try:
+  input = raw_input
+except NameError:
+  pass
+
+# attempt to import requests, will cover failure later
+try:
+  import requests
+  RequestsImported = True
+except ImportError:
+  RequestsImported = False
+
+try:
+  FileNotFoundError
+except NameError:
+  FileNotFoundError = IOError
+
+###################################################################################################
+PLATFORM_WINDOWS = "Windows"
+PLATFORM_MAC = "Darwin"
+PLATFORM_LINUX = "Linux"
+PLATFORM_LINUX_CENTOS = 'centos'
+PLATFORM_LINUX_DEBIAN = 'debian'
+PLATFORM_LINUX_FEDORA = 'fedora'
+PLATFORM_LINUX_UBUNTU = 'ubuntu'
+
+# URLS for figuring things out if something goes wrong
+DOCKER_INSTALL_URLS = defaultdict(lambda: 'https://docs.docker.com/install/')
+DOCKER_INSTALL_URLS[PLATFORM_WINDOWS] = ['https://stefanscherer.github.io/how-to-install-docker-the-chocolatey-way/',
+                                           'https://docs.docker.com/docker-for-windows/install/']
+DOCKER_INSTALL_URLS[PLATFORM_LINUX_UBUNTU] = 'https://docs.docker.com/install/linux/docker-ce/ubuntu/'
+DOCKER_INSTALL_URLS[PLATFORM_LINUX_DEBIAN] = 'https://docs.docker.com/install/linux/docker-ce/debian/'
+DOCKER_INSTALL_URLS[PLATFORM_LINUX_CENTOS] = 'https://docs.docker.com/install/linux/docker-ce/centos/'
+DOCKER_INSTALL_URLS[PLATFORM_LINUX_FEDORA] = 'https://docs.docker.com/install/linux/docker-ce/fedora/'
+DOCKER_INSTALL_URLS[PLATFORM_MAC] =  ['https://www.code2bits.com/how-to-install-docker-on-macos-using-homebrew/',
+                                        'https://docs.docker.com/docker-for-mac/install/']
+DOCKER_COMPOSE_INSTALL_URLS = defaultdict(lambda: 'https://docs.docker.com/compose/install/')
+HOMEBREW_INSTALL_URLS = defaultdict(lambda: 'https://brew.sh/')
+
+###################################################################################################
+# print to stderr
+def eprint(*args, **kwargs):
+  print(*args, file=sys.stderr, **kwargs)
+
+###################################################################################################
+def EscapeAnsi(line):
+  ansiEscape = re.compile(r'(?:\x1B[@-_]|[\x80-\x9F])[0-?]*[ -/]*[@-~]')
+  return ansiEscape.sub('', line)
+
+###################################################################################################
+# get interactive user response to Y/N question
+def YesOrNo(question, default=None, forceInteraction=False, acceptDefault=False):
+
+  if default == True:
+    questionStr = "\n{} (Y/n): ".format(question)
+  elif default == False:
+    questionStr = "\n{} (y/N): ".format(question)
+  else:
+    questionStr = "\n{} (y/n): ".format(question)
+
+  if acceptDefault and (default is not None) and (not forceInteraction):
+    reply = ''
+  else:
+    while True:
+      reply = str(input(questionStr)).lower().strip()
+      if (len(reply) > 0) or (default is not None):
+        break
+
+  if (len(reply) == 0):
+    reply = 'y' if default else 'n'
+
+  if reply[0] == 'y':
+    return True
+  elif reply[0] == 'n':
+    return False
+  else:
+    return YesOrNo(question, default=default)
+
+###################################################################################################
+# get interactive user response
+def AskForString(question, default=None, forceInteraction=False, acceptDefault=False):
+
+  if acceptDefault and (default is not None) and (not forceInteraction):
+    reply = default
+  else:
+    reply = str(input('\n{}: '.format(question))).strip()
+
+  return reply
+
+###################################################################################################
+# get interactive password (without echoing)
+def AskForPassword(prompt):
+  reply = getpass.getpass(prompt=prompt)
+  return reply
+
+###################################################################################################
+# convenient boolean argument parsing
+def str2bool(v):
+  if v.lower() in ('yes', 'true', 't', 'y', '1'):
+    return True
+  elif v.lower() in ('no', 'false', 'f', 'n', '0'):
+    return False
+  else:
+    raise ValueError('Boolean value expected')
+
+###################################################################################################
+# determine if a program/script exists and is executable in the system path
+def Which(cmd, debug=False):
+  result = any(os.access(os.path.join(path, cmd), os.X_OK) for path in os.environ["PATH"].split(os.pathsep))
+  if debug:
+    eprint("Which {} returned {}".format(cmd, result))
+  return result
+
+###################################################################################################
+# nice human-readable file sizes
+def SizeHumanFormat(num, suffix='B'):
+  for unit in ['','Ki','Mi','Gi','Ti','Pi','Ei','Zi']:
+    if abs(num) < 1024.0:
+      return "%3.1f%s%s" % (num, unit, suffix)
+    num /= 1024.0
+  return "%.1f%s%s" % (num, 'Yi', suffix)
+
+###################################################################################################
+# run command with arguments and return its exit code, stdout, and stderr
+def check_output_input(*popenargs, **kwargs):
+
+  if 'stdout' in kwargs:
+    raise ValueError('stdout argument not allowed, it will be overridden')
+
+  if 'stderr' in kwargs:
+    raise ValueError('stderr argument not allowed, it will be overridden')
+
+  if 'input' in kwargs and kwargs['input']:
+    if 'stdin' in kwargs:
+      raise ValueError('stdin and input arguments may not both be used')
+    inputdata = kwargs['input']
+    kwargs['stdin'] = PIPE
+  else:
+    inputdata = None
+  kwargs.pop('input', None)
+
+  process = Popen(*popenargs, stdout=PIPE, stderr=PIPE, **kwargs)
+  try:
+    output, errput = process.communicate(inputdata)
+  except:
+    process.kill()
+    process.wait()
+    raise
+
+  retcode = process.poll()
+
+  return retcode, output, errput
+
+#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+def run_process(command, stdout=True, stderr=True, stdin=None, retry=0, retrySleepSec=5, debug=False):
+  retcode = -1
+  output = []
+
+  try:
+    # run the command
+    retcode, cmdout, cmderr = check_output_input(command, input=stdin.encode() if (PY3 and stdin) else stdin)
+
+    # split the output on newlines to return a list
+    if PY3:
+      if stderr and (len(cmderr) > 0): output.extend(cmderr.decode(sys.getdefaultencoding()).split('\n'))
+      if stdout and (len(cmdout) > 0): output.extend(cmdout.decode(sys.getdefaultencoding()).split('\n'))
+    else:
+      if stderr and (len(cmderr) > 0): output.extend(cmderr.split('\n'))
+      if stdout and (len(cmdout) > 0): output.extend(cmdout.split('\n'))
+
+  except (FileNotFoundError, OSError, IOError) as e:
+    if stderr:
+      output.append("Command {} not found or unable to execute".format(command))
+
+  if debug:
+    eprint("{}{} returned {}: {}".format(command, "({})".format(stdin[:80] + bool(stdin[80:]) * '...' if stdin else ""), retcode, output))
+
+  if (retcode != 0) and retry and (retry > 0):
+    # sleep then retry
+    time.sleep(retrySleepSec)
+    return run_process(command, stdout, stderr, stdin, retry-1, retrySleepSec, debug)
+  else:
+    return retcode, output
+
+###################################################################################################
+# make sure we can import requests properly and take care of it automatically if possible
+def ImportRequests(debug=False):
+  global RequestsImported
+
+  if not RequestsImported:
+    # see if we can help out by installing the requests module
+
+    pyPlatform = platform.system()
+    pyExec = sys.executable
+    pipCmd = 'pip3' if PY3 else 'pip2'
+    if not Which(pipCmd, debug=debug): pipCmd = 'pip'
+
+    eprint('The requests module is required under Python {} ({})'.format(platform.python_version(), pyExec))
+
+    if Which(pipCmd, debug=debug):
+      if YesOrNo('Importing the requests module failed. Attempt to install via {}?'.format(pipCmd)):
+        installCmd = None
+
+        if (pyPlatform == PLATFORM_LINUX) or (pyPlatform == PLATFORM_MAC):
+          # for linux/mac, we're going to try to figure out if this python is owned by root or the script user
+          if (getpass.getuser() == getpwuid(os.stat(pyExec).st_uid).pw_name):
+            # we're running a user-owned python, regular pip should work
+            installCmd = [pipCmd, 'install', 'requests']
+          else:
+            # python is owned by system, so make sure to pass the --user flag
+            installCmd = [pipCmd, 'install', '--user', 'requests']
+        else:
+          # on windows (or whatever other platform this is) I don't know any other way other than pip
+          installCmd = [pipCmd, 'install', 'requests']
+
+        err, out = run_process(installCmd, debug=debug)
+        if err == 0:
+          eprint("Installation of requests module apparently succeeded")
+          try:
+            import requests
+            RequestsImported = True
+          except ImportError as e:
+            eprint("Importing the requests module still failed: {}".format(e))
+        else:
+          eprint("Installation of requests module failed: {}".format(out))
+
+  if not RequestsImported:
+    eprint("System-wide installation varies by platform and Python configuration. Please consult platform-specific documentation for installing Python modules.")
+    if (platform.system() == PLATFORM_MAC):
+      eprint('You *may* be able to install pip and requests manually via: sudo sh -c "easy_install pip && pip install requests"')
+    elif (pyPlatform == PLATFORM_LINUX):
+      if Which('apt-get', debug=debug):
+        eprint('You *may* be able to install requests manually via: sudo apt-get install {}'.format('python3-requests' if PY3 else 'python-requests'))
+      elif Which('apt', debug=debug):
+        eprint('You *may* be able to install requests manually via: sudo apt install {}'.format('python3-requests' if PY3 else 'python-requests'))
+      elif Which('dnf', debug=debug):
+        eprint('You *may* be able to install requests manually via: sudo dnf install {}'.format('python3-requests' if PY3 else 'python2-requests'))
+      elif Which('yum', debug=debug):
+        eprint('You *may* be able to install requests manually via: sudo yum install {}'.format('python-requests'))
+
+  return RequestsImported
+
+###################################################################################################
+# do the required auth files for Malcolm exist?
+def MalcolmAuthFilesExist():
+  return os.path.isfile(os.path.join(MalcolmPath, os.path.join('nginx', 'htpasswd'))) and \
+         os.path.isfile(os.path.join(MalcolmPath, os.path.join('nginx', 'nginx_ldap.conf'))) and \
+         os.path.isfile(os.path.join(MalcolmPath, os.path.join('htadmin', 'config.ini'))) and \
+         os.path.isfile(os.path.join(MalcolmPath, os.path.join('nginx', os.path.join('certs', 'cert.pem')))) and \
+         os.path.isfile(os.path.join(MalcolmPath, os.path.join('nginx', os.path.join('certs', 'key.pem')))) and \
+         os.path.isfile(os.path.join(MalcolmPath, 'auth.env'))
+
+###################################################################################################
+# download to file
+def DownloadToFile(url, local_filename, debug=False):
+  r = requests.get(url, stream=True, allow_redirects=True)
+  with open(local_filename, 'wb') as f:
+    for chunk in r.iter_content(chunk_size=1024):
+      if chunk: f.write(chunk)
+  fExists = os.path.isfile(local_filename)
+  fSize = os.path.getsize(local_filename)
+  if debug:
+    eprint("Download of {} to {} {} ({})".format(url, local_filename, "succeeded" if fExists else "failed", SizeHumanFormat(fSize)))
+  return fExists and (fSize > 0)
+
+###################################################################################################
+# recursively remove empty subfolders
+def RemoveEmptyFolders(path, removeRoot=True):
+  if not os.path.isdir(path):
+    return
+
+  files = os.listdir(path)
+  if len(files):
+    for f in files:
+      fullpath = os.path.join(path, f)
+      if os.path.isdir(fullpath):
+        RemoveEmptyFolders(fullpath)
+
+  files = os.listdir(path)
+  if len(files) == 0 and removeRoot:
+    try:
+      os.rmdir(path)
+    except:
+      pass
\ No newline at end of file
diff --git a/scripts/package_zeek_logs.sh b/scripts/package_zeek_logs.sh
new file mode 100755
index 000000000..371902184
--- /dev/null
+++ b/scripts/package_zeek_logs.sh
@@ -0,0 +1,121 @@
+#!/bin/bash
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+# package up Zeek logs in a format more suitable for upload to Malcolm
+#
+# directory containing Zeek logs is a parent directory of directories/files named like smb_mapping.04/00/00-05/00/00.log.gz
+#
+
+set -e
+set -u
+set -o pipefail
+
+ENCODING="utf-8"
+
+# options
+# -v      (verbose)
+# -d dir  (base directory containing logs, e.g., the parent directory of smb_mapping.04/00/00-05/00/00.log.gz )
+
+# parse command-line options
+VERBOSE_FLAG=""
+LOG_BASE_DIR=$(pwd)
+while getopts 'vd:' OPTION; do
+  case "$OPTION" in
+    v)
+      VERBOSE_FLAG="-v"
+      ;;
+
+    d)
+      LOG_BASE_DIR="$OPTARG"
+      ;;
+
+    ?)
+      echo "script usage: $(basename $0) [-v] [-d directory]" >&2
+      exit 1
+      ;;
+  esac
+done
+shift "$(($OPTIND -1))"
+
+# fsize - display byte sizes human readable
+function fsize () {
+  echo "$1" | awk 'function human(x) {
+     s=" B   KiB MiB GiB TiB EiB PiB YiB ZiB"
+     while (x>=1024 && length(s)>1)
+           {x/=1024; s=substr(s,5)}
+     s=substr(s,1,4)
+     xf=(s==" B  ")?"%5d   ":"%0.2f"
+     return sprintf( xf"%s", x, s)
+  }
+  {gsub(/^[0-9]+/, human($1)); print}'
+}
+
+function fdir () {
+  [[ -f "$1" ]] && echo "$(dirname "$1")" || echo "$1"
+}
+
+# create a temporary directory to store our results in (make sure /tmp is big enough to extract all of these logs into!)
+WORKDIR="$(mktemp -d -t malcolm-zeek-XXXXXX)"
+
+# chdir to the base directory containing the logs
+pushd "$LOG_BASE_DIR" >/dev/null 2>&1
+FULL_PWD="$(realpath "$(pwd)")"
+
+# cleanup - on exit ensure the temporary directory is removed
+function cleanup {
+  popd >/dev/null 2>&1
+  if ! rm -rf "$WORKDIR"; then
+    echo "Failed to remove temporary directory '$WORKDIR'" >&2
+    exit 1
+  fi
+}
+
+if [ -d "$WORKDIR" ]; then
+  # ensure that if we "grabbed a lock", we release it (works for clean exit, SIGTERM, and SIGINT/Ctrl-C)
+  trap "cleanup" EXIT
+
+  #               year     month    day     type   hour.0   min.0    sec.0    hour.1   min.1    sec.1
+  PATTERN='(\./)?([0-9]+)-([0-9]+)-([0-9]+)/(.+)\.([0-9]+):([0-9]+):([0-9]+)-([0-9]+):([0-9]+):([0-9]+)\.log\.gz$'
+
+  # find and unzip the compressed zeek logs below this directory into temporary subdirectories that make sense
+  for GZ_LOG_FILE in $(find . -type f -name "*.log.gz"); do
+    GZ_LOG_FILE_SUBDIR="$(dirname "$GZ_LOG_FILE")"
+    GZ_LOG_FILE_DESTDIR="$WORKDIR"/"$GZ_LOG_FILE_SUBDIR"
+    mkdir -p "$GZ_LOG_FILE_DESTDIR"
+    if [[ $GZ_LOG_FILE =~ $PATTERN ]]; then
+      LOG_TYPE=${BASH_REMATCH[5]}
+      DIR_DATE=${BASH_REMATCH[2]}_${BASH_REMATCH[3]}_${BASH_REMATCH[4]}_${BASH_REMATCH[6]}
+      LOG_BASENAME="$(echo "$LOG_TYPE" | awk '{print tolower($0)}')".log
+      DIR_COUNT=0
+      while [[ true ]]; do
+        DEST_DIR="$WORKDIR"/$DIR_DATE.$(printf %02d $DIR_COUNT)
+        DEST_FILE="$DEST_DIR"/"$LOG_BASENAME"
+        if [[ -e "$DEST_FILE" ]]; then
+          DIR_COUNT=$((DIR_COUNT+1))
+        else
+          break
+        fi
+      done
+      mkdir -p "$DEST_DIR"/
+      gunzip --to-stdout "$GZ_LOG_FILE" > "$DEST_FILE"
+      if [[ -n $VERBOSE_FLAG ]]; then
+        FILE_TYPE="$(file -b "$DEST_FILE")"
+        FILE_SIZE="$(fsize $(stat --printf="%s" "$DEST_FILE"))"
+        echo "$DEST_FILE: $FILE_TYPE ($FILE_SIZE)"
+      fi
+    fi
+  done
+
+  # package up all of the log files in their respective directories under our temporary one
+  REPACKAGED_LOGS_TARBALL="$FULL_PWD"/zeek-logs-compressed-$(date +'%Y%m%d_%H%M%S').tar.gz
+  tar -c -z $VERBOSE_FLAG -C "$WORKDIR" -f $REPACKAGED_LOGS_TARBALL .
+  if [[ -n $VERBOSE_FLAG ]]; then
+    FILE_TYPE="$(file -b "$REPACKAGED_LOGS_TARBALL")"
+    FILE_SIZE="$(fsize $(stat --printf="%s" "$REPACKAGED_LOGS_TARBALL"))"
+    echo "$REPACKAGED_LOGS_TARBALL: $FILE_TYPE ($FILE_SIZE)"
+  else
+    echo "$REPACKAGED_LOGS_TARBALL"
+  fi
+
+fi
\ No newline at end of file
diff --git a/scripts/restart b/scripts/restart
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/restart
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/restart.sh b/scripts/restart.sh
deleted file mode 100755
index decc61162..000000000
--- a/scripts/restart.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-if docker-compose version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose.exe
-fi
-
-# if the docker-compose config file was specified, use it, otherwise
-# let docker-compose figure it out
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN -f "$CONFIG_FILE""
-else
-  CONFIG_FILE="docker-compose.yml"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN"
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-
-# stop Malcolm if needed
-$SCRIPT_PATH/stop.sh "$CONFIG_FILE"
-
-# start Malcolm
-$SCRIPT_PATH/start.sh "$CONFIG_FILE"
-
-popd >/dev/null 2>&1
diff --git a/scripts/start b/scripts/start
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/start
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/start.sh b/scripts/start.sh
deleted file mode 100755
index 7ebac3af1..000000000
--- a/scripts/start.sh
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-if docker-compose version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose.exe
-fi
-
-# if the docker-compose config file was specified, use it, otherwise
-# let docker-compose figure it out
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN -f "$CONFIG_FILE""
-else
-  CONFIG_FILE="docker-compose.yml"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN"
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-
-# if we are in an interactive shell and we're missing any of the auth files, prompt to create them now
-# ( another way to check this: [[ "${-}" =~ 'i' ]] )
-if [[ -t 1 ]] && \
-   ( [[ ! -f ./nginx/htpasswd ]] || [[ ! -f ./nginx/nginx_ldap.conf ]] || [[ ! -f ./htadmin/config.ini ]] || [[ ! -f ./nginx/certs/cert.pem ]] || [[ ! -f ./nginx/certs/key.pem ]] || [[ ! -r ./auth.env ]] )
-then
-  echo "Malcolm administrator account authentication files are missing, running ./scripts/auth_setup.sh..."
-  ./scripts/auth_setup.sh
-fi
-# still missing? sorry charlie
-if [[ ! -f ./nginx/htpasswd ]] || [[ ! -f ./nginx/nginx_ldap.conf ]] || [[ ! -f ./htadmin/config.ini ]] || [[ ! -f ./nginx/certs/cert.pem ]] || [[ ! -f ./nginx/certs/key.pem ]] || [[ ! -r ./auth.env ]]; then
-  echo "Malcolm administrator account authentication files are missing, please run ./scripts/auth_setup.sh to generate them"
-  exit 1
-fi
-
-[[ -f ./htadmin/metadata ]] || touch ./htadmin/metadata
-
-if [[ ! -f ./elastalert/config/smtp-auth.yaml ]]; then
-  # create a sample smtp-auth.yaml for if/when we want to do elastalert email
-  pushd ./elastalert/config/ >/dev/null 2>&1
-  cat <<EOF > smtp-auth.yaml
-user: "user@gmail.com"
-password: "abcdefg1234567"
-EOF
-  chmod 600 ./smtp-auth.yaml
-  popd >/dev/null 2>&1
-fi
-
-# make sure a read permission is set correctly for the nginx worker processes
-chmod 644 ./nginx/htpasswd ./nginx/nginx_ldap.conf ./htadmin/config.ini ./htadmin/metadata >/dev/null 2>&1
-
-# make sure some directories exist before we start
-mkdir -p ./elasticsearch/
-mkdir -p ./elasticsearch-backup/
-mkdir -p ./pcap/upload/
-mkdir -p ./pcap/processed/
-mkdir -p ./zeek-logs/current/
-mkdir -p ./zeek-logs/upload/
-mkdir -p ./zeek-logs/processed/
-mkdir -p ./zeek-logs/extract_files/
-
-# start docker
-if $DOCKER_COMPOSE_COMMAND up --detach ; then
-  echo ""
-  echo "In a few minutes, Malcolm services will be accessible via the following URLs:"
-  echo "------------------------------------------------------------------------------"
-  echo "  - Moloch: https://localhost/"
-  echo "  - Kibana: https://localhost/kibana/"
-  echo "  - PCAP Upload (web): https://localhost/upload/"
-  echo "  - PCAP Upload (sftp): sftp://username@127.0.0.1:8022/files/"
-  echo "  - Account management: https://localhost:488/"
-  echo ""
-
-  $SCRIPT_PATH/logs.sh "$CONFIG_FILE"
-
-else
-  DOCKER_ERROR=$?
-  echo "Malcolm failed to start"
-  exit $DOCKER_ERROR
-fi
-
-popd >/dev/null 2>&1
diff --git a/scripts/stop b/scripts/stop
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/stop
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/stop.sh b/scripts/stop.sh
deleted file mode 100755
index cc0f3037e..000000000
--- a/scripts/stop.sh
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-if docker-compose version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose.exe
-fi
-
-# if the docker-compose config file was specified, use it, otherwise
-# let docker-compose figure it out
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN -f "$CONFIG_FILE""
-else
-  CONFIG_FILE="docker-compose.yml"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN"
-fi
-
-# if stop.sh is being called with wipe.sh (after the docker-compose file)
-# then also remove named and anonymous volumes (not external volumes, of course)
-if [ "$2" == "wipe" ]; then
-  VOLUMES_FLAG="--volumes"
-else
-  VOLUMES_FLAG=""
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-
-# stop docker
-if $DOCKER_COMPOSE_COMMAND down $VOLUMES_FLAG ; then
-  echo "Stopped Malcolm"
-  echo ""
-else
-  DOCKER_ERROR=$?
-  echo "Malcolm failed to stop"
-  echo ""
-  $DOCKER_COMPOSE_COMMAND ps
-  exit $DOCKER_ERROR
-fi
-
-popd >/dev/null 2>&1
diff --git a/scripts/wipe b/scripts/wipe
new file mode 120000
index 000000000..c910cf9d6
--- /dev/null
+++ b/scripts/wipe
@@ -0,0 +1 @@
+./control.py
\ No newline at end of file
diff --git a/scripts/wipe.sh b/scripts/wipe.sh
deleted file mode 100755
index 37f832692..000000000
--- a/scripts/wipe.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
-
-if [ -z "$BASH_VERSION" ]; then
-  echo "Wrong interpreter, please run \"$0\" with bash"
-  exit 1
-fi
-
-if docker-compose version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose
-elif grep -q Microsoft /proc/version && docker-compose.exe version >/dev/null 2>&1; then
-  DOCKER_COMPOSE_BIN=docker-compose.exe
-fi
-
-# if the docker-compose config file was specified, use it, otherwise
-# let docker-compose figure it out
-if [ "$1" ]; then
-  CONFIG_FILE="$1"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN -f "$CONFIG_FILE""
-else
-  CONFIG_FILE="docker-compose.yml"
-  DOCKER_COMPOSE_COMMAND="$DOCKER_COMPOSE_BIN"
-fi
-
-# force-navigate to Malcolm base directory (parent of scripts/ directory)
-[[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
-[[ "$(uname -s)" = 'Darwin' ]] && DIRNAME=gdirname || DIRNAME=dirname
-if ! (type "$REALPATH" && type "$DIRNAME") > /dev/null; then
-  echo "$(basename "${BASH_SOURCE[0]}") requires $REALPATH and $DIRNAME"
-  exit 1
-fi
-SCRIPT_PATH="$($DIRNAME $($REALPATH -e "${BASH_SOURCE[0]}"))"
-pushd "$SCRIPT_PATH/.." >/dev/null 2>&1
-
-# attempt to DELETE _template/zeek_template in Elasticsearch
-$DOCKER_COMPOSE_COMMAND exec moloch bash -c 'curl -fs --output /dev/null -H"Content-Type: application/json" -XDELETE "http://$ES_HOST:$ES_PORT/_template/zeek_template"' >/dev/null 2>&1
-
-# stop Malcolm and remove volumes if needed
-$SCRIPT_PATH/stop.sh "$CONFIG_FILE" wipe
-
-# completely clean out elasticsearch database and local files
-rm -rf ./elasticsearch/nodes 2>/dev/null
-find ./elasticsearch-backup/ ./zeek-logs/ ./moloch-logs/ ./pcap/ ./moloch-raw/ \( \( -type f -o -type l \) -a ! -name ".gitignore" \) -delete 2>/dev/null
-find ./elasticsearch-backup/logs/ ./zeek-logs/processed/ ./zeek-logs/current/ -mindepth 1 -type d -delete 2>/dev/null
-
-echo "Malcolm has been stopped and its data cleared."
-echo ""
-
-popd >/dev/null 2>&1
diff --git a/sensor-iso/README.md b/sensor-iso/README.md
index 81a27ca73..8866ddaed 100644
--- a/sensor-iso/README.md
+++ b/sensor-iso/README.md
@@ -238,7 +238,7 @@ If **SSL** is chosen, you must choose whether to enable [SSL certificate verific
 
 ![Unencrypted vs. SSL encryption for Zeek log forwarding](./docs/images/filebeat_ssl_verify.png)
 
-The last step for SSL-encrypted Zeek log forwarding is to specify the SSL certificate authority, certificate, and key files. These files must match those used by the Logstash instance receiving the Zeek logs on the aggregator. If Malcolm's `auth_setup.sh` script was used to generate these files they would be found in the `filebeat/certs/` subdirectory of the Malcolm installation and must be manually copied to the sensor (stored under `/opt/sensor/sensor_ctl/filebeat/` or in any other path accessible to the sensor account). Specify the location of the certificate authorities file (eg., `ca.crt`), the certificate file (eg., `client.crt`), and the key file (eg., `client.key`).
+The last step for SSL-encrypted Zeek log forwarding is to specify the SSL certificate authority, certificate, and key files. These files must match those used by the Logstash instance receiving the Zeek logs on the aggregator. If Malcolm's `auth_setup` script was used to generate these files they would be found in the `filebeat/certs/` subdirectory of the Malcolm installation and must be manually copied to the sensor (stored under `/opt/sensor/sensor_ctl/filebeat/` or in any other path accessible to the sensor account). Specify the location of the certificate authorities file (eg., `ca.crt`), the certificate file (eg., `client.crt`), and the key file (eg., `client.key`).
 
 ![SSL certificate files](./docs/images/filebeat_certs.png)
 
@@ -398,7 +398,7 @@ Building the ISO may take 90 minutes or more depending on your system. As the bu
 
 ```
 …
-Finished, created "/sensor-build/hedgehog-1.8.1.iso"
+Finished, created "/sensor-build/hedgehog-2.0.0.iso"
 …
 ```
 
@@ -557,7 +557,7 @@ If you are interesting in developing your own network traffic capture appliance
 
 # <a name="Footer"></a>Copyright
 
-Hedgehog Linux - part of [Malcolm](https://github.com/idaholab/Malcolm) - is Copyright 2019 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
+Hedgehog Linux - part of [Malcolm](https://github.com/idaholab/Malcolm) - is Copyright 2020 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
 
 See [`License.txt`](https://raw.githubusercontent.com/idaholab/Malcolm/master/License.txt) for the terms of its release.
 
diff --git a/sensor-iso/beats/Dockerfile b/sensor-iso/beats/Dockerfile
index 0a86b16c1..8e490c04f 100644
--- a/sensor-iso/beats/Dockerfile
+++ b/sensor-iso/beats/Dockerfile
@@ -28,7 +28,7 @@ RUN apt-get update && apt-get install -y \
     bash -c "curl https://glide.sh/get | bash"
 
 ENV BEATS=metricbeat
-ENV BEATS_VERSION=7.5.1
+ENV BEATS_VERSION=7.6.2
 
 ADD ./build.sh /build.sh
 RUN [ "chmod", "+x", "/build.sh" ]
diff --git a/sensor-iso/beats/beat-build.sh b/sensor-iso/beats/beat-build.sh
index 0241c2e99..6a9532d21 100755
--- a/sensor-iso/beats/beat-build.sh
+++ b/sensor-iso/beats/beat-build.sh
@@ -2,7 +2,7 @@
 
 # Copyright (c) 2018 Battelle Energy Alliance, LLC.  All rights reserved.
 
-VERSION="7.5.1"
+VERSION="7.6.2"
 THIRD_PARTY_BRANCH="master"
 while getopts b:v:t: opts; do
    case ${opts} in
diff --git a/sensor-iso/build.sh b/sensor-iso/build.sh
index b3220fa46..0a18877f6 100755
--- a/sensor-iso/build.sh
+++ b/sensor-iso/build.sh
@@ -38,6 +38,7 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p ./output "./work/$IMAGE_NAME-Live-Build"
   pushd "./work/$IMAGE_NAME-Live-Build" >/dev/null 2>&1
   rsync -a "$SCRIPT_PATH/config" .
+  rsync -a "$SCRIPT_PATH/shared/vbox-guest-build" .
 
   mkdir -p ./config/hooks/live
   pushd ./config/hooks/live
@@ -83,6 +84,17 @@ if [ -d "$WORKDIR" ]; then
   echo "firmware-misc-nonfree=$(dpkg -s firmware-misc-nonfree | grep ^Version: | cut -d' ' -f2)" >> ./config/package-lists/kernel.list.chroot
   echo "firmware-amd-graphics=$(dpkg -s firmware-amd-graphics | grep ^Version: | cut -d' ' -f2)" >> ./config/package-lists/kernel.list.chroot
 
+  # virtualbox-guest .deb package(s) in its own clean environment (rather than in hooks/)
+  mkdir -p ./config/packages.chroot/
+  bash ./vbox-guest-build/build-docker-image.sh
+  docker run --rm -v "$(pwd)"/vbox-guest-build:/build vboxguest-build:latest -o /build
+  rm -f ./vbox-guest-build/*-source*.deb \
+        ./vbox-guest-build/*-dbgsym*.deb \
+        ./vbox-guest-build/virtualbox_*.deb \
+        ./vbox-guest-build/virtualbox-dkms_*.deb \
+        ./vbox-guest-build/virtualbox-qt_*.deb
+  mv ./vbox-guest-build/*.deb ./config/packages.chroot/
+
   # copy the interface code into place for the resultant image
   mkdir -p ./config/includes.chroot/opt
   rsync -a "$SCRIPT_PATH/interface/" ./config/includes.chroot/opt/sensor/
diff --git a/sensor-iso/config/hooks/normal/0169-pip-installs.hook.chroot b/sensor-iso/config/hooks/normal/0169-pip-installs.hook.chroot
index 74fecbf06..b643f901e 100755
--- a/sensor-iso/config/hooks/normal/0169-pip-installs.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0169-pip-installs.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export LC_ALL=C.UTF-8
 export LANG=C.UTF-8
@@ -8,6 +8,7 @@ export LANG=C.UTF-8
 # python 3
 pip3 install --no-compile --no-cache-dir --force-reinstall --upgrade \
   beautifulsoup4 \
+  colorama \
   clamd \
   debinterface \
   ipaddress \
diff --git a/sensor-iso/config/hooks/normal/0900-setup-rc-local.hook.chroot b/sensor-iso/config/hooks/normal/0900-setup-rc-local.hook.chroot
index ee7289e31..35e21e0c1 100755
--- a/sensor-iso/config/hooks/normal/0900-setup-rc-local.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0900-setup-rc-local.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 sed -i 's/^exit 0//' /etc/rc.local 2>/dev/null
 
diff --git a/sensor-iso/config/hooks/normal/0910-sensor-build.hook.chroot b/sensor-iso/config/hooks/normal/0910-sensor-build.hook.chroot
index 3c4608206..067c9ba55 100755
--- a/sensor-iso/config/hooks/normal/0910-sensor-build.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0910-sensor-build.hook.chroot
@@ -1,17 +1,17 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 NETSNIFF_VER="0.6.6"
 NETSNIFF_URL="https://github.com/netsniff-ng/netsniff-ng/archive/v$NETSNIFF_VER.tar.gz"
 
-ZEEK_VER="3.0.1"
+ZEEK_VER="3.0.3"
 ZEEK_URL="https://old.zeek.org/downloads/zeek-$ZEEK_VER.tar.gz"
 ZEEK_PATCH_URLS=(
   # nothing here for now
 )
 
-BEATS_VER="7.5.1"
+BEATS_VER="7.6.2"
 BEATS_OSS="-oss"
 BEATS_DEB_URL_TEMPLATE_REPLACER="XXXXX"
 BEATS_DEB_URL_TEMPLATE="https://artifacts.elastic.co/downloads/beats/$BEATS_DEB_URL_TEMPLATE_REPLACER/$BEATS_DEB_URL_TEMPLATE_REPLACER$BEATS_OSS-$BEATS_VER-amd64.deb"
@@ -88,12 +88,15 @@ redef SOCKS::default_capture_password = T;
 @load protocols/dhcp/software
 @load protocols/dns/detect-external-names
 @load protocols/ftp/detect
+@load protocols/ftp/detect-bruteforcing.zeek
 @load protocols/ftp/software
 @load protocols/http/detect-sqli
 @load protocols/http/detect-webapps
 @load protocols/http/software
 @load protocols/http/software-browser-plugins
 @load protocols/mysql/software
+@load protocols/ssl/weak-keys
+@load protocols/smb/log-cmds
 @load protocols/smtp/software
 @load protocols/ssh/detect-bruteforcing
 @load protocols/ssh/geo-data
diff --git a/sensor-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot b/sensor-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
index 9f02a6be0..ab545bd53 100755
--- a/sensor-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0911-get-stig-scripts.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # clone STIG-4-Debian and harbian-audit and clean up some stuff we don't need
 mkdir -p /opt
diff --git a/sensor-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot b/sensor-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
index 16774d7f4..10461f70f 100755
--- a/sensor-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0990-remove-unwanted-pkg.hook.chroot
@@ -1,10 +1,10 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # remove development packages
 apt-get -y --purge remove checkinstall cmake gdb git libc6-dbg ninja-build \
-                    $(dpkg --get-selections | grep -Pv "(^libyaml-dev|deinstall$)" | cut -f1 | grep -P -- '-dev(:\w+)?$') || true
+                    $(dpkg --get-selections | grep -Pv "(^(libyaml-dev|dpkg|libgcc)|deinstall$)" | cut -f1 | grep -P -- '-dev(:\w+)?$') || true
 
 # remove unwanted packages
 apt-get -y --purge remove bluez-firmware \
@@ -13,7 +13,6 @@ apt-get -y --purge remove bluez-firmware \
                           enchant \
                           ffmpeg \
                           gnome-accessibility-themes \
-                          gnome-user-guide \
                           gucharmap \
                           libasound2-plugins \
                           libcupsfilters1 \
diff --git a/sensor-iso/config/hooks/normal/0991-security-performance.hook.chroot b/sensor-iso/config/hooks/normal/0991-security-performance.hook.chroot
index acca9f652..a323eb0ff 100755
--- a/sensor-iso/config/hooks/normal/0991-security-performance.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0991-security-performance.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # enable firewall, disallow everything in except SSH
 /usr/sbin/ufw --force enable
diff --git a/sensor-iso/config/hooks/normal/0992-login.hook.chroot b/sensor-iso/config/hooks/normal/0992-login.hook.chroot
index fc60f37cd..45eea6439 100755
--- a/sensor-iso/config/hooks/normal/0992-login.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0992-login.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 sed -i 's/^#autologin-user=.*/autologin-user=sensor/' /etc/lightdm/lightdm.conf
 sed -i 's/^#autologin-user-timeout=.*/autologin-user-timeout=0/' /etc/lightdm/lightdm.conf
diff --git a/sensor-iso/config/hooks/normal/0998-localepurge.hook.chroot b/sensor-iso/config/hooks/normal/0998-localepurge.hook.chroot
index 37680b216..48e8ea2e3 100755
--- a/sensor-iso/config/hooks/normal/0998-localepurge.hook.chroot
+++ b/sensor-iso/config/hooks/normal/0998-localepurge.hook.chroot
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # remove excess locales
 if [ -f /etc/localepurge-preseed.cfg ] ; then
diff --git a/sensor-iso/config/includes.binary/boot/grub/grub.cfg b/sensor-iso/config/includes.binary/boot/grub/grub.cfg
index 59d92e57a..7ac7ff551 100644
--- a/sensor-iso/config/includes.binary/boot/grub/grub.cfg
+++ b/sensor-iso/config/includes.binary/boot/grub/grub.cfg
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set default=0
 set timeout=-1
@@ -46,6 +46,11 @@ menuentry "Install Hedgehog Linux (advanced configuration)" {
   initrd  /install/initrd.gz
 }
 
+menuentry "Install Hedgehog Linux (virtual machine single partition quick install)" {
+  linux /install/vmlinuz auto=true priority=critical vga=normal locales=en_US.UTF-8 keyboard-layouts=us preseed/file=/cdrom/install/preseed_vmware.cfg
+  initrd  /install/initrd.gz
+}
+
 menuentry "Rescue system in text mode" {
   linux /install/vmlinuz rescue/enable=true vga=normal
   initrd  /install/initrd.gz
diff --git a/sensor-iso/config/includes.binary/install/preseed.cfg b/sensor-iso/config/includes.binary/install/preseed.cfg
index fb66ffed4..d43f02ad3 100644
--- a/sensor-iso/config/includes.binary/install/preseed.cfg
+++ b/sensor-iso/config/includes.binary/install/preseed.cfg
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 d-i debian-installer/locale string en_US.UTF-8
 d-i console-setup/ask_detect boolean false
diff --git a/sensor-iso/config/includes.binary/install/preseed_base.cfg b/sensor-iso/config/includes.binary/install/preseed_base.cfg
index cfa125cf4..f4219cfe9 100644
--- a/sensor-iso/config/includes.binary/install/preseed_base.cfg
+++ b/sensor-iso/config/includes.binary/install/preseed_base.cfg
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 d-i netcfg/enable boolean false
 d-i netcfg/choose_interface select auto
@@ -19,7 +19,7 @@ d-i clock-setup/ntp-server string 0.debian.pool.ntp.org
 
 d-i passwd/username string sensor
 d-i passwd/user-fullname string sensor
-d-i passwd/user-default-groups string audio cdrom video netdev plugdev
+d-i passwd/user-default-groups string audio cdrom video netdev plugdev vboxsf
 d-i passwd/root-login boolean true
 
 # crypted passwords via: mkpasswd -m sha-512 -S $(pwgen -ns 16 1) <password>
@@ -37,6 +37,8 @@ d-i preseed/late_command string \
   echo 'deb http://deb.debian.org/debian buster-backports main contrib non-free' >> /target/etc/apt/sources.list; \
   in-target touch /etc/capture_storage_format; \
   in-target bash /usr/local/bin/sensor-init.sh; \
+  in-target bash -c "(dmidecode -s system-product-name | grep -q VMware) || apt-get purge -y open-vm-tools-desktop"; \
+  in-target bash -c "(dmidecode -s system-product-name | grep -q VirtualBox) || apt-get purge -y virtualbox-guest*"; \
   in-target sed -r -i 's@(^.+\s+/(tmp|var/tmp)\s+ext4\s+.*defaults)@\1,nosuid,nodev,noexec@g' /etc/fstab; \
   in-target sed -r -i 's@(^.+/media/cdrom[0-9]*.+)(noauto)(.*)@\1\2,nosuid,nodev,noexec\3@g' /etc/fstab; \
   in-target sed -r -i 's@(^.+\s+/(home)\s+ext4\s+.*defaults)@\1,nosuid,nodev@g' /etc/fstab; \
diff --git a/sensor-iso/config/includes.binary/install/preseed_vmware.cfg b/sensor-iso/config/includes.binary/install/preseed_vmware.cfg
new file mode 100644
index 000000000..0a199b98c
--- /dev/null
+++ b/sensor-iso/config/includes.binary/install/preseed_vmware.cfg
@@ -0,0 +1,90 @@
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+d-i debian-installer/locale string en_US.UTF-8
+d-i console-setup/ask_detect boolean false
+d-i keyboard-configuration/xkb-keymap skip-config
+d-i keyboard-configuration/layout string "American English"
+
+d-i preseed/include string preseed_base.cfg
+
+###################################################################################################
+# install root filesystem on smallest non-USB disk
+
+d-i partman/early_command string \
+  SENSOR_ROOT_DISK=$(parted_devices | egrep "^($(find /sys/block -mindepth 1 -maxdepth 1 -type l \( -name '[hs]d*' -o -name 'nvme*' \) -exec ls -l '{}' ';' | grep -v "usb" | sed 's@^.*\([hs]d[a-z]\+\|nvme[0-9]\+\).*$@/dev/\1@' | sed -e :a -e '$!N; s/\n/|/; ta'))" | sort -k2n | head -1 | cut -f1); \
+  pvremove -ff -y "$SENSOR_ROOT_DISK"*; \
+  debconf-set partman-auto/disk "$SENSOR_ROOT_DISK"; \
+  debconf-set grub-installer/bootdev "$SENSOR_ROOT_DISK"; \
+  sed -i.bak 's/-f $id\/skip_erase/-d $id/g' /lib/partman/lib/crypto-base.sh;
+
+d-i grub-installer/only_debian boolean true
+d-i grub-installer/with_other_os boolean true
+
+d-i partman-auto/method string lvm
+d-i partman-auto-lvm/new_vg_name string main
+
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+
+d-i partman-md/device_remove_md boolean true
+d-i partman-md/confirm boolean true
+d-i partman-md/confirm_nooverwrite boolean true
+
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+d-i partman-basicmethods/method_only boolean false
+d-i partman-efi/non_efi_system boolean true
+
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+
+d-i partman/mount_style select uuid
+
+d-i partman-auto/choose_recipe select custom
+d-i partman-auto/expert_recipe string          \
+  custom ::                                    \
+     1 1 1 free                                \
+       $bios_boot{ }                           \
+       method{ biosgrub }                      \
+     .                                         \
+     256 256 256 fat32                         \
+       $primary{ }                             \
+       $iflabel{ gpt }                         \
+       $reusemethod{ }                         \
+       method{ efi } format{ }                 \
+       mountpoint{ /boot/efi }                 \
+     .                                         \
+     1024 1024 1024 ext4                       \
+       $primary{ }                             \
+       $bootable{ }                            \
+       method{ format }                        \
+       format{ }                               \
+       use_filesystem{ }                       \
+       filesystem{ ext4 }                      \
+       mountpoint{ /boot }                     \
+     .                                         \
+     150% 150% 150% linux-swap                 \
+       $defaultignore{ }                       \
+       $lvmok{ }                               \
+       in_vg { main } lv_name{ swap }          \
+       method{ swap }                          \
+       format{ }                               \
+     .                                         \
+     12000 16000 1000000000  ext4              \
+       $defaultignore{ }                       \
+       $lvmok{ }                               \
+       in_vg { main } lv_name{ root }          \
+       method{ format }                        \
+       format{ }                               \
+       use_filesystem{ }                       \
+       filesystem{ ext4 }                      \
+       mountpoint{ / }                         \
+     .
+###################################################################################################
diff --git a/sensor-iso/config/includes.chroot/etc/live/config.conf b/sensor-iso/config/includes.chroot/etc/live/config.conf
index e6d47621d..0542d48fe 100644
--- a/sensor-iso/config/includes.chroot/etc/live/config.conf
+++ b/sensor-iso/config/includes.chroot/etc/live/config.conf
@@ -2,4 +2,4 @@ LIVE_LOCALES="en_US.UTF-8"
 LIVE_HOSTNAME="sensor-live"
 LIVE_USERNAME="sensor"
 LIVE_USER_FULLNAME="sensor"
-LIVE_USER_DEFAULT_GROUPS="adm audio cdrom disk netdev plugdev sudo video"
+LIVE_USER_DEFAULT_GROUPS="adm audio cdrom disk netdev plugdev sudo video vboxsf"
diff --git a/sensor-iso/config/includes.chroot/opt/zeek/bin/zeek.sh b/sensor-iso/config/includes.chroot/opt/zeek/bin/zeek.sh
index de064466d..507c9590c 100755
--- a/sensor-iso/config/includes.chroot/opt/zeek/bin/zeek.sh
+++ b/sensor-iso/config/includes.chroot/opt/zeek/bin/zeek.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # configuration variables may be specified in control_vars.conf rather than on the command line
 CONTROL_VARS_FILE="control_vars.conf"
diff --git a/sensor-iso/config/includes.chroot/opt/zeek/bin/zeekdeploy.sh b/sensor-iso/config/includes.chroot/opt/zeek/bin/zeekdeploy.sh
index e8c496490..1b7d9da2b 100755
--- a/sensor-iso/config/includes.chroot/opt/zeek/bin/zeekdeploy.sh
+++ b/sensor-iso/config/includes.chroot/opt/zeek/bin/zeekdeploy.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # get utilities for finding default zeek path and executable
 [[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
diff --git a/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor.zeek b/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor.zeek
index d481665c8..217e91494 100644
--- a/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor.zeek
+++ b/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 @load ./extractor_params
 
diff --git a/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor_params.zeek b/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor_params.zeek
index b1882f37c..9f5dd286f 100644
--- a/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor_params.zeek
+++ b/sensor-iso/config/includes.chroot/opt/zeek/share/zeek/site/extractor_params.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export {
   const extractor_extract_none      = "none" &redef;
diff --git a/sensor-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json b/sensor-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
index dc292c4e9..1bb9304f7 100644
--- a/sensor-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
+++ b/sensor-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "072befc0-ffba-11e8-a854-ad7782ef6a55",
diff --git a/sensor-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json b/sensor-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
index d2afbf94f..ba4da7d03 100644
--- a/sensor-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
+++ b/sensor-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json
@@ -1,5 +1,5 @@
 {
-  "version": "7.5.1",
+  "version": "7.6.2",
   "objects": [
     {
       "id": "1ca59220-ffb0-11e8-a854-ad7782ef6a55",
diff --git a/sensor-iso/config/package-lists/desktopmanager.list.chroot b/sensor-iso/config/package-lists/desktopmanager.list.chroot
index b723e3c11..7a1dc55c2 100644
--- a/sensor-iso/config/package-lists/desktopmanager.list.chroot
+++ b/sensor-iso/config/package-lists/desktopmanager.list.chroot
@@ -1,10 +1,12 @@
 arandr
 dconf-cli
-fonts-noto-color-emoji
+fonts-symbola
+libnotify-bin
 lightdm
 lxde
 lxpanel
 lxsession
+open-vm-tools-desktop
 x11-apps
 x11-session-utils
 x11-xfs-utils
@@ -13,5 +15,6 @@ xinit
 xorg
 xscreensaver
 xserver-xorg
+xserver-xorg-core
 xserver-xorg-video-qxl
 xserver-xorg-video-vmware
diff --git a/sensor-iso/config/package-lists/system.list.chroot b/sensor-iso/config/package-lists/system.list.chroot
index ca08b864b..81fc4b843 100644
--- a/sensor-iso/config/package-lists/system.list.chroot
+++ b/sensor-iso/config/package-lists/system.list.chroot
@@ -33,6 +33,7 @@ cryptsetup-bin
 curl
 debsums
 dialog
+dmidecode
 dosfstools
 ebtables
 efibootmgr
diff --git a/sensor-iso/docs/Notes.md b/sensor-iso/docs/Notes.md
index 15cb0cba9..7fd44f637 100644
--- a/sensor-iso/docs/Notes.md
+++ b/sensor-iso/docs/Notes.md
@@ -18,7 +18,7 @@ Hedgehog Linux is a trimmed-down Debian Linux with several common tools preinsta
     - [Compiling Zeek from source](#ZeekCompile)
     - [Third party plugins](#ZeekThirdParty)
         + [bash script to install third party plugins for Zeek](#ZeekThirdPartyBash)
-        + [Bro::AF_Packet configuration](#BroAfPacket)
+        + [Zeek::AF_Packet configuration](#ZeekAfPacket)
     - [`local.zeek`](#ZeekLocalPolicy)
     - [File carving](#ZeekFileCarving)
 * [Forwarding](#Forwarding)
@@ -113,12 +113,12 @@ $ /usr/sbin/tcpdump \
 
 ### <a name="molochCompile"></a>Compiling Moloch from source
 
-At the time of writing, the [current stable release](https://github.com/aol/moloch/blob/master/CHANGELOG) of Moloch is [v2.1.2](https://github.com/aol/moloch/releases/tag/v2.1.2). The following bash script was used to install Moloch's build dependencies, download Moloch, build a Debian .deb package using [fpm](https://github.com/jordansissel/fpm) and install it. In building Hedgehog Linux, the building of this .deb is done inside a Docker container dedicated to that purpose.
+At the time of writing, the [current stable release](https://github.com/aol/moloch/blob/master/CHANGELOG) of Moloch is [v2.2.3](https://github.com/aol/moloch/releases/tag/v2.2.3). The following bash script was used to install Moloch's build dependencies, download Moloch, build a Debian .deb package using [fpm](https://github.com/jordansissel/fpm) and install it. In building Hedgehog Linux, the building of this .deb is done inside a Docker container dedicated to that purpose.
 
 ```bash
 #!/bin/bash
 
-MOLOCH_VERSION="2.1.2"
+MOLOCH_VERSION="2.2.3"
 MOLOCHDIR="/opt/moloch"
 
 OUTPUT_DIR="/tmp"
@@ -137,10 +137,6 @@ if [[ -n $VERBOSE ]]; then
 fi
 
 apt-get -q update
-apt-get install -q -y --no-install-recommends \
-    curl iproute2 git python python-dev sudo ruby ruby-dev rubygems build-essential 
-
-gem install --no-ri --no-rdoc fpm
 
 mkdir -p /opt
 curl -L -o /tmp/moloch.tar.gz "https://github.com/aol/moloch/archive/v$MOLOCH_VERSION.tar.gz"
@@ -163,19 +159,17 @@ cp -r ./capture/plugins/lua/samples "$MOLOCHDIR"/lua
 
 npm install license-checker; release/notice.txt.pl $MOLOCHDIR NOTICE release/CAPTURENOTICE > $MOLOCHDIR/NOTICE.txt
 
-curl -L -o "$MOLOCHDIR"/etc/ipv4-address-space.csv "https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.csv"
-curl -L -o "$MOLOCHDIR"/etc/oui.txt "https://raw.githubusercontent.com/wireshark/wireshark/master/manuf"
-curl -L -o /tmp/GeoLite2-Country.mmdb.gz "https://updates.maxmind.com/app/update_secure?edition_id=GeoLite2-Country"
-curl -L -o /tmp/GeoLite2-ASN.mmdb.gz "https://updates.maxmind.com/app/update_secure?edition_id=GeoLite2-ASN"
-zcat /tmp/GeoLite2-Country.mmdb.gz > "$MOLOCHDIR"/etc/GeoLite2-Country.mmdb
-zcat /tmp/GeoLite2-ASN.mmdb.gz > "$MOLOCHDIR"/etc/GeoLite2-ASN.mmdb
+ETC_FILES=$(shopt -s nullglob dotglob; echo /moloch-etc/*)
+if (( ${#ETC_FILES} )) ; then
+  mkdir -p $MOLOCHDIR/etc
+  cp -r /moloch-etc/* $MOLOCHDIR/etc/
+fi
 
 fpm -s dir -t deb -n moloch -x opt/moloch/logs -x opt/moloch/raw -v $MOLOCH_VERSION --iteration 1 --template-scripts --after-install "release/afterinstall.sh" --url "http://molo.ch" --description "Moloch Full Packet System" -d libwww-perl -d libjson-perl -d ethtool -d libyaml-dev "$MOLOCHDIR"
 
 ls -l *.deb && mv -v *.deb "$OUTPUT_DIR"/
 
 cd /tmp
-rm -rf /tmp/moloch-$MOLOCH_VER.tar.gz /tmp/moloch-$MOLOCH_VER /tmp/GeoLite2-Country.mmdb.gz /tmp/GeoLite2-ASN.mmdb.gz
 
 if [[ -n $VERBOSE ]]; then
   set +x
@@ -327,7 +321,7 @@ This may require opening a firewall port to the host running Moloch viewer to al
 
 # <a name="Zeek"></a>Zeek
 
-At the time of writing, the [current stable release](https://github.com/zeek/zeek/blob/release/NEWS) of Zeek is [v3.0.1](https://github.com/zeek/zeek/releases/tag/v3.0.1). The notes in this section apply to that version, although some may apply to others as well.
+At the time of writing, the [current stable release](https://github.com/zeek/zeek/blob/release/NEWS) of Zeek is [v3.0.3](https://github.com/zeek/zeek/releases/tag/v3.0.3). The notes in this section apply to that version, although some may apply to others as well.
 
 ## <a name="ZeekCompile"></a>Compiling Zeek from source
 
@@ -336,7 +330,7 @@ The following bash script was used to download, [build and install](https://docs
 ```bash
 #!/bin/bash
 
-ZEEK_VER="3.0.1"
+ZEEK_VER="3.0.3"
 ZEEK_URL="https://old.zeek.org/downloads/zeek-$ZEEK_VER.tar.gz"
 ZEEK_PATCH_URLS=(
   # nothing here for now
@@ -375,7 +369,7 @@ Hedgehog Linux utilizest he following third party Zeek packages:
 * Amazon.com, Inc.'s [ICS protocol](https://github.com/amzn?q=zeek) analyzers
 * Corelight's [bro-xor-exe](https://github.com/corelight/bro-xor-exe-plugin) plugin
 * Corelight's [community ID](https://github.com/corelight/bro-community-id) flow hashing plugin
-* J-Gras' [Bro::AF_Packet](https://github.com/J-Gras/bro-af_packet-plugin) plugin
+* J-Gras' [Zeek::AF_Packet](https://github.com/J-Gras/zeek-af_packet-plugin) plugin
 * Lexi Brent's [EternalSafety](https://github.com/lexibrent/zeek-EternalSafety) plugin
 * MITRE Cyber Analytics Repository's [Bro/Zeek ATT&CK-Based Analytics (BZAR)](https://github.com/mitre-attack/car/tree/master/implementations) script
 * Salesforce's [gQUIC](https://github.com/salesforce/GQUIC_Protocol_Analyzer) analyzer
@@ -503,7 +497,7 @@ if [[ -d "$SRC_DIR" ]]; then
   cd "$CWD"
 fi
 
-SRC_DIR="$(clone_github_repo "https://github.com/J-Gras/bro-af_packet-plugin")"
+SRC_DIR="$(clone_github_repo "https://github.com/J-Gras/zeek-af_packet-plugin")"
 if [[ -d "$SRC_DIR" ]]; then
   CWD="$(pwd)"
   cd "$SRC_DIR" && \
@@ -524,9 +518,9 @@ if [[ -d "$SRC_DIR" ]]; then
 fi
 ```
 
-### <a name="BroAfPacket"></a>Bro::AF_Packet configuration
+### <a name="ZeekAfPacket"></a>Zeek::AF_Packet configuration
 
-Of particular mention is J-Gras' [Bro::AF_Packet](https://github.com/J-Gras/bro-af_packet-plugin) plugin to allow Zeek to use the Linux kernel's AF_PACKET capabilities natively for packet capture. To determine if your Linux distribution's kernel supports AF_PACKET:
+Of particular mention is J-Gras' [Zeek::AF_Packet](https://github.com/J-Gras/zeek-af_packet-plugin) plugin to allow Zeek to use the Linux kernel's AF_PACKET capabilities natively for packet capture. To determine if your Linux distribution's kernel supports AF_PACKET:
 
 ```bash
 $ grep -x 'CONFIG_PACKET=[ym]' "/boot/config-$(uname -r)"
@@ -1769,7 +1763,7 @@ The Elastic Stack's [Beats](https://www.elastic.co/products/beats) platform is a
 
 set -e
 
-BEATS_VER="7.5.1"
+BEATS_VER="7.6.2"
 BEATS_OSS="-oss"
 BEATS_DEB_URL_TEMPLATE_REPLACER="XXXXX"
 BEATS_DEB_URL_TEMPLATE="https://artifacts.elastic.co/downloads/beats/$BEATS_DEB_URL_TEMPLATE_REPLACER/$BEATS_DEB_URL_TEMPLATE_REPLACER$BEATS_OSS-$BEATS_VER-amd64.deb"
@@ -2181,7 +2175,7 @@ Hedgehog Linux targets the following guidelines for establishing a secure config
 
 # <a name="Footer"></a>Copyright
 
-Hedgehog Linux - part of [Malcolm](https://github.com/idaholab/Malcolm) - is Copyright 2019 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
+Hedgehog Linux - part of [Malcolm](https://github.com/idaholab/Malcolm) - is Copyright 2020 Battelle Energy Alliance, LLC, and is developed and released through the cooperation of the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security.
 
 See [`License.txt`](https://raw.githubusercontent.com/idaholab/Malcolm/master/License.txt) for the terms of its release.
 
diff --git a/sensor-iso/interface/sensor_ctl/auditbeat/sensor_auditbeat_local.sh b/sensor-iso/interface/sensor_ctl/auditbeat/sensor_auditbeat_local.sh
index c053b3540..ba8d45e29 100755
--- a/sensor-iso/interface/sensor_ctl/auditbeat/sensor_auditbeat_local.sh
+++ b/sensor-iso/interface/sensor_ctl/auditbeat/sensor_auditbeat_local.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # force-navigate to script directory (containing config file)
 [[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
diff --git a/sensor-iso/interface/sensor_ctl/clean.sh b/sensor-iso/interface/sensor_ctl/clean.sh
index 315332c55..32c495a3a 100755
--- a/sensor-iso/interface/sensor_ctl/clean.sh
+++ b/sensor-iso/interface/sensor_ctl/clean.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/sensor-iso/interface/sensor_ctl/control.sh b/sensor-iso/interface/sensor_ctl/control.sh
index 113417739..843fd834a 100755
--- a/sensor-iso/interface/sensor_ctl/control.sh
+++ b/sensor-iso/interface/sensor_ctl/control.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/sensor-iso/interface/sensor_ctl/extractor_override.interesting.zeek b/sensor-iso/interface/sensor_ctl/extractor_override.interesting.zeek
index a6a8d304b..45a92cba1 100644
--- a/sensor-iso/interface/sensor_ctl/extractor_override.interesting.zeek
+++ b/sensor-iso/interface/sensor_ctl/extractor_override.interesting.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export {
   redef extractor_always_extract_unknown = F;
diff --git a/sensor-iso/interface/sensor_ctl/filebeat-syslog/sensor_filebeat-syslog_local.sh b/sensor-iso/interface/sensor_ctl/filebeat-syslog/sensor_filebeat-syslog_local.sh
index c0bc6d066..d6f5f59e0 100755
--- a/sensor-iso/interface/sensor_ctl/filebeat-syslog/sensor_filebeat-syslog_local.sh
+++ b/sensor-iso/interface/sensor_ctl/filebeat-syslog/sensor_filebeat-syslog_local.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # force-navigate to script directory (containing config file)
 [[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
diff --git a/sensor-iso/interface/sensor_ctl/filebeat/filebeat.yml b/sensor-iso/interface/sensor_ctl/filebeat/filebeat.yml
index 3db0c1f31..f4ea38e31 100644
--- a/sensor-iso/interface/sensor_ctl/filebeat/filebeat.yml
+++ b/sensor-iso/interface/sensor_ctl/filebeat/filebeat.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 logging.metrics.enabled: false
 
diff --git a/sensor-iso/interface/sensor_ctl/filebeat/sensor_filebeat_local.sh b/sensor-iso/interface/sensor_ctl/filebeat/sensor_filebeat_local.sh
index 6f9c161e8..305df9981 100755
--- a/sensor-iso/interface/sensor_ctl/filebeat/sensor_filebeat_local.sh
+++ b/sensor-iso/interface/sensor_ctl/filebeat/sensor_filebeat_local.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 if [ -z "$CAPTURE_PATH" ]; then
   CAPTURE_PATH="$HOME/bro_logs"
diff --git a/sensor-iso/interface/sensor_ctl/heatbeat/protologbeat.template.json b/sensor-iso/interface/sensor_ctl/heatbeat/protologbeat.template.json
index 5013a1251..dacd12f90 100644
--- a/sensor-iso/interface/sensor_ctl/heatbeat/protologbeat.template.json
+++ b/sensor-iso/interface/sensor_ctl/heatbeat/protologbeat.template.json
@@ -2,7 +2,7 @@
   "index_patterns": ["protologbeat-*"],
   "mappings": {
     "_meta": {
-      "version": "7.5.1"
+      "version": "7.6.2"
     },
     "dynamic_templates": [{
       "strings_as_keyword": {
diff --git a/sensor-iso/interface/sensor_ctl/heatbeat/sensor_heatbeat_local.sh b/sensor-iso/interface/sensor_ctl/heatbeat/sensor_heatbeat_local.sh
index 6b7e1e6cd..9c5e566f8 100755
--- a/sensor-iso/interface/sensor_ctl/heatbeat/sensor_heatbeat_local.sh
+++ b/sensor-iso/interface/sensor_ctl/heatbeat/sensor_heatbeat_local.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # force-navigate to script directory (containing config file)
 [[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
diff --git a/sensor-iso/interface/sensor_ctl/metricbeat/sensor_metricbeat_local.sh b/sensor-iso/interface/sensor_ctl/metricbeat/sensor_metricbeat_local.sh
index 2dd7285c2..0255838bb 100755
--- a/sensor-iso/interface/sensor_ctl/metricbeat/sensor_metricbeat_local.sh
+++ b/sensor-iso/interface/sensor_ctl/metricbeat/sensor_metricbeat_local.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # force-navigate to script directory (containing config file)
 [[ "$(uname -s)" = 'Darwin' ]] && REALPATH=grealpath || REALPATH=realpath
diff --git a/sensor-iso/interface/sensor_ctl/scripts/log_disk_space.sh b/sensor-iso/interface/sensor_ctl/scripts/log_disk_space.sh
index 1a36ef84f..6a0e7d77b 100755
--- a/sensor-iso/interface/sensor_ctl/scripts/log_disk_space.sh
+++ b/sensor-iso/interface/sensor_ctl/scripts/log_disk_space.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 SPACE_STRING="$(/bin/df -lh --output=source,target,avail,size,pcent | tail -n +2 | grep '^/dev' |  tr -s ' ' ',' | cut -d, -f2,3,4,5 | sed 's/^/\[/' | sed 's/$/\]/' | tr '\n' '.')"
 logger "${SPACE_STRING}"
diff --git a/sensor-iso/interface/sensor_ctl/scripts/log_temperature.sh b/sensor-iso/interface/sensor_ctl/scripts/log_temperature.sh
index 9797f5c92..e5c434f98 100755
--- a/sensor-iso/interface/sensor_ctl/scripts/log_temperature.sh
+++ b/sensor-iso/interface/sensor_ctl/scripts/log_temperature.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 AVG_TEMP="$(sensors 2>/dev/null | grep '^Core\s[[:digit:]]\+:' | sed -e 's/[[:space:]]\+/,/g' | cut -d',' -f3 | sed "s/^\+//" | sed "s/°.*//" | awk '{ total += $1; count++ } END { if (count > 0) { print total/count } }')"
 HDD_TEMP="$(hddtemp /dev/sd? 2>/dev/null | grep -v "S\.M\.A\.R\.T\. not available" | sed 's/^/\[/' | sed 's/$/\]/' | tr '\n' ',' | sed 's/,$//')"
diff --git a/sensor-iso/interface/sensor_ctl/supervisor.init/moloch_config_populate.sh b/sensor-iso/interface/sensor_ctl/supervisor.init/moloch_config_populate.sh
index 10b8d6f9a..4a05a0a30 100755
--- a/sensor-iso/interface/sensor_ctl/supervisor.init/moloch_config_populate.sh
+++ b/sensor-iso/interface/sensor_ctl/supervisor.init/moloch_config_populate.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export MOLOCH_HTTPS_FLAG=""
 
diff --git a/sensor-iso/interface/sensor_ctl/supervisor.sh b/sensor-iso/interface/sensor_ctl/supervisor.sh
index a8162643e..daec446a1 100755
--- a/sensor-iso/interface/sensor_ctl/supervisor.sh
+++ b/sensor-iso/interface/sensor_ctl/supervisor.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/sensor-iso/interface/sensor_interface/routes.py b/sensor-iso/interface/sensor_interface/routes.py
index d7147a51a..dd9db6dc7 100644
--- a/sensor-iso/interface/sensor_interface/routes.py
+++ b/sensor-iso/interface/sensor_interface/routes.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import psutil, time, json, logging, os
 from .sysquery import sys_service as sys_s
diff --git a/sensor-iso/interface/sensor_interface/static/js/custom.js b/sensor-iso/interface/sensor_interface/static/js/custom.js
index ce75e1268..1f533513b 100644
--- a/sensor-iso/interface/sensor_interface/static/js/custom.js
+++ b/sensor-iso/interface/sensor_interface/static/js/custom.js
@@ -1,4 +1,4 @@
-// Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+// Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 function start_all() {
     var xhttp = new XMLHttpRequest();
diff --git a/sensor-iso/interface/sensor_interface/sysquery/sys_service.py b/sensor-iso/interface/sensor_interface/sysquery/sys_service.py
index f6484f1ec..874e43eb1 100644
--- a/sensor-iso/interface/sensor_interface/sysquery/sys_service.py
+++ b/sensor-iso/interface/sensor_interface/sysquery/sys_service.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import subprocess, json
 import os
diff --git a/sensor-iso/moloch/Dockerfile b/sensor-iso/moloch/Dockerfile
index 59ac2389b..2cdbccbb8 100644
--- a/sensor-iso/moloch/Dockerfile
+++ b/sensor-iso/moloch/Dockerfile
@@ -1,12 +1,12 @@
 FROM debian:buster-slim
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 LABEL maintainer="malcolm.netsec@gmail.com"
 
 ENV DEBIAN_FRONTEND noninteractive
 
-ENV MOLOCH_VERSION "2.1.2"
+ENV MOLOCH_VERSION "2.2.3"
 ENV MOLOCHDIR "/opt/moloch"
 
 RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list && \
diff --git a/sensor-iso/moloch/build-docker-image.sh b/sensor-iso/moloch/build-docker-image.sh
index 734efa473..1f08a41d4 100755
--- a/sensor-iso/moloch/build-docker-image.sh
+++ b/sensor-iso/moloch/build-docker-image.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # force-navigate to script directory
 SCRIPT_PATH="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
diff --git a/sensor-iso/moloch/build-moloch-deb.sh b/sensor-iso/moloch/build-moloch-deb.sh
index cde8736bd..97ceb55e8 100755
--- a/sensor-iso/moloch/build-moloch-deb.sh
+++ b/sensor-iso/moloch/build-moloch-deb.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 OUTPUT_DIR="/tmp"
 unset VERBOSE
diff --git a/sensor-iso/moloch/etc/.gitignore b/sensor-iso/moloch/etc/.gitignore
new file mode 100644
index 000000000..257e036a0
--- /dev/null
+++ b/sensor-iso/moloch/etc/.gitignore
@@ -0,0 +1,4 @@
+GeoLite2-*
+oui.txt*
+ipv4-address-space.csv*
+
diff --git a/sensor-iso/vagrant/Vagrantfile b/sensor-iso/vagrant/Vagrantfile
index c518d7623..05b5c2cb3 100644
--- a/sensor-iso/vagrant/Vagrantfile
+++ b/sensor-iso/vagrant/Vagrantfile
@@ -1,9 +1,16 @@
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 unless Vagrant.has_plugin?("vagrant-reload")
   raise 'vagrant-reload plugin is not installed!'
 end
 
+# hack: https://github.com/hashicorp/vagrant/issues/8878#issuecomment-345112810
+class VagrantPlugins::ProviderVirtualBox::Action::Network
+  def dhcp_server_matches_config?(dhcp_server, config)
+    true
+  end
+end
+
 Vagrant.configure("2") do |config|
 
   config.vm.box = "bento/debian-10"
@@ -18,7 +25,7 @@ Vagrant.configure("2") do |config|
   end
 
   config.vm.provider "virtualbox" do |vb|
-    vb.memory = "4096"
+    vb.memory = "8192"
     vb.cpus = 4
   end
 
diff --git a/shared/bin/agg-init.sh b/shared/bin/agg-init.sh
index 9d28eae31..192a7c965 100755
--- a/shared/bin/agg-init.sh
+++ b/shared/bin/agg-init.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 SCRIPT_PATH="$(dirname $(realpath -e "${BASH_SOURCE[0]}"))"
 
diff --git a/shared/bin/beat-log-temperature.py b/shared/bin/beat-log-temperature.py
index a7dc665c8..68be3e0ce 100755
--- a/shared/bin/beat-log-temperature.py
+++ b/shared/bin/beat-log-temperature.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import os
 import re
diff --git a/shared/bin/capture-format-wait.sh b/shared/bin/capture-format-wait.sh
index e98f88cff..bc0571fb6 100755
--- a/shared/bin/capture-format-wait.sh
+++ b/shared/bin/capture-format-wait.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 function finish {
   pkill -f "zenity.*Preparing Storage"
diff --git a/shared/bin/common-init.sh b/shared/bin/common-init.sh
index 56669b145..00002602a 100755
--- a/shared/bin/common-init.sh
+++ b/shared/bin/common-init.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 declare -A IFACES
 
diff --git a/shared/bin/configure-capture.py b/shared/bin/configure-capture.py
index 804c65120..04981a17d 100755
--- a/shared/bin/configure-capture.py
+++ b/shared/bin/configure-capture.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # script for configuring sensor capture and forwarding parameters
 
diff --git a/shared/bin/configure-interfaces.py b/shared/bin/configure-interfaces.py
index f3856db78..de4c87510 100755
--- a/shared/bin/configure-interfaces.py
+++ b/shared/bin/configure-interfaces.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # script for configuring sensor network interface controller(s)
 
diff --git a/shared/bin/cron_env_centos.sh b/shared/bin/cron_env_centos.sh
index 8d1f6405d..69fc7970d 100755
--- a/shared/bin/cron_env_centos.sh
+++ b/shared/bin/cron_env_centos.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 printenv | sed -r "s/'/\\\'/gm" | sed -r "s/^([^=]+=)(.*)\$/\1'\2'/gm" > /etc/environment
diff --git a/shared/bin/cron_env_deb.sh b/shared/bin/cron_env_deb.sh
index f529febfe..65423c7d5 100755
--- a/shared/bin/cron_env_deb.sh
+++ b/shared/bin/cron_env_deb.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 
 printenv | sed -r "s/'/\\\'/gm" | sed -r "s/^([^=]+=)(.*)\$/\1'\2'/gm" > /etc/environment
diff --git a/shared/bin/docker-load-wait.sh b/shared/bin/docker-load-wait.sh
index 2c9ef6efb..48e7fcc42 100755
--- a/shared/bin/docker-load-wait.sh
+++ b/shared/bin/docker-load-wait.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 function finish {
   pkill -f "zenity.*Preparing Malcolm"
diff --git a/shared/bin/elastic_search_status.sh b/shared/bin/elastic_search_status.sh
index 286077073..14d08e35c 100755
--- a/shared/bin/elastic_search_status.sh
+++ b/shared/bin/elastic_search_status.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 set -e
 
diff --git a/shared/bin/fstab.py b/shared/bin/fstab.py
index fe5c2e465..d8400caf4 100644
--- a/shared/bin/fstab.py
+++ b/shared/bin/fstab.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # fstab interpreter
 
diff --git a/shared/bin/malass_client.py b/shared/bin/malass_client.py
index bb4eca5e6..06395afc7 100644
--- a/shared/bin/malass_client.py
+++ b/shared/bin/malass_client.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3.7
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 """This script (malass_client.py) simulates the Malass 'file upload' HTML web form.
    The 'file upload' HTML form is used to 'upload a file', and several HTML form fields,
diff --git a/shared/bin/pcap_moloch_and_zeek_processor.py b/shared/bin/pcap_moloch_and_zeek_processor.py
index 678ce41b5..efab0a901 100755
--- a/shared/bin/pcap_moloch_and_zeek_processor.py
+++ b/shared/bin/pcap_moloch_and_zeek_processor.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Process queued files reported by pcap_watcher.py, using either moloch-capture or zeek to process
diff --git a/shared/bin/pcap_utils.py b/shared/bin/pcap_utils.py
index 3271657f4..abb5a949d 100644
--- a/shared/bin/pcap_utils.py
+++ b/shared/bin/pcap_utils.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import os
 import re
diff --git a/shared/bin/pcap_watcher.py b/shared/bin/pcap_watcher.py
index f7fa8b653..104a19d16 100755
--- a/shared/bin/pcap_watcher.py
+++ b/shared/bin/pcap_watcher.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Monitor a directory for PCAP files for processing (by publishing their filenames to a ZMQ socket)
diff --git a/shared/bin/preseed_late_user_config.sh b/shared/bin/preseed_late_user_config.sh
index 0edf41379..73ad4aa32 100755
--- a/shared/bin/preseed_late_user_config.sh
+++ b/shared/bin/preseed_late_user_config.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ##################################################################################
 # prompt whether to autologin or not
diff --git a/shared/bin/prune_files.sh b/shared/bin/prune_files.sh
index f84747408..31af00474 100755
--- a/shared/bin/prune_files.sh
+++ b/shared/bin/prune_files.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # recursion depth (1 = not recursive)
 DEPTH=1
diff --git a/shared/bin/sensor-capture-disk-config.py b/shared/bin/sensor-capture-disk-config.py
index 5d807ed02..34718ae8b 100755
--- a/shared/bin/sensor-capture-disk-config.py
+++ b/shared/bin/sensor-capture-disk-config.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Detect, partition, and format devices to be used for sensor packet/log captures.
diff --git a/shared/bin/sensor-init.sh b/shared/bin/sensor-init.sh
index ec1d65e61..9d2db0cca 100755
--- a/shared/bin/sensor-init.sh
+++ b/shared/bin/sensor-init.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 SCRIPT_PATH="$(dirname $(realpath -e "${BASH_SOURCE[0]}"))"
 
diff --git a/shared/bin/sensorcommon.py b/shared/bin/sensorcommon.py
index 12d4c75ac..9e15886c5 100644
--- a/shared/bin/sensorcommon.py
+++ b/shared/bin/sensorcommon.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import argparse
 import ipaddress
diff --git a/shared/bin/sensormetric.py b/shared/bin/sensormetric.py
index 0b7e0ca11..756675832 100644
--- a/shared/bin/sensormetric.py
+++ b/shared/bin/sensormetric.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3.7
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import subprocess
 import socket
diff --git a/shared/bin/ufw_allow_viewer.sh b/shared/bin/ufw_allow_viewer.sh
index 1fdd2cfa7..39832ae25 100644
--- a/shared/bin/ufw_allow_viewer.sh
+++ b/shared/bin/ufw_allow_viewer.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 # manage a UFW rule for allowing a remote Moloch viewer instance (on the same host
 # to which moloch-capture is forwarding session logs) to connect to and
diff --git a/shared/bin/zeek_carve_logger.py b/shared/bin/zeek_carve_logger.py
index 7c5950769..d306251c2 100755
--- a/shared/bin/zeek_carve_logger.py
+++ b/shared/bin/zeek_carve_logger.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Monitor a directory for files extracted by zeek for processing
diff --git a/shared/bin/zeek_carve_scanner.py b/shared/bin/zeek_carve_scanner.py
index 2a1757221..d612a81c5 100755
--- a/shared/bin/zeek_carve_scanner.py
+++ b/shared/bin/zeek_carve_scanner.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Process queued files reported by zeek_carve_watcher.py, scanning them with the specified
diff --git a/shared/bin/zeek_carve_utils.py b/shared/bin/zeek_carve_utils.py
index 73138c21b..6f39460ee 100644
--- a/shared/bin/zeek_carve_utils.py
+++ b/shared/bin/zeek_carve_utils.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 import clamd
 import hashlib
diff --git a/shared/bin/zeek_carve_watcher.py b/shared/bin/zeek_carve_watcher.py
index 5fb7a8d9a..64c729d76 100755
--- a/shared/bin/zeek_carve_watcher.py
+++ b/shared/bin/zeek_carve_watcher.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 ###################################################################################################
 # Monitor a directory for files extracted by zeek for processing
diff --git a/shared/bin/zeek_install_plugins.sh b/shared/bin/zeek_install_plugins.sh
index d2aed6f57..0c653d001 100755
--- a/shared/bin/zeek_install_plugins.sh
+++ b/shared/bin/zeek_install_plugins.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 if [ -z "$BASH_VERSION" ]; then
   echo "Wrong interpreter, please run \"$0\" with bash"
@@ -101,11 +101,11 @@ if [[ -d "$SRC_DIR" ]]; then
   cd "$CWD"
 fi
 
-SRC_DIR="$(clone_github_repo "https://github.com/J-Gras/bro-af_packet-plugin")"
+SRC_DIR="$(clone_github_repo "https://github.com/J-Gras/zeek-af_packet-plugin")"
 if [[ -d "$SRC_DIR" ]]; then
   CWD="$(pwd)"
   cd "$SRC_DIR" && \
-    ./configure --with-kernel=/usr --bro-dist="$ZEEK_DIST_DIR" --install-root="$ZEEK_PLUGIN_DIR" && \
+    ./configure --with-kernel=/usr --zeek-dist="$ZEEK_DIST_DIR" --install-root="$ZEEK_PLUGIN_DIR" && \
     make && \
     make install
   cd "$CWD"
diff --git a/shared/vbox-guest-build/Dockerfile b/shared/vbox-guest-build/Dockerfile
new file mode 100644
index 000000000..886b6b24c
--- /dev/null
+++ b/shared/vbox-guest-build/Dockerfile
@@ -0,0 +1,18 @@
+FROM debian:buster-slim
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+LABEL maintainer="malcolm.netsec@gmail.com"
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list && \
+  apt-get -q update && \
+  apt-get install -q -y --no-install-recommends \
+      curl devscripts build-essential debian-keyring equivs && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+ADD build-vboxguest-deb.sh /usr/local/bin/
+
+ENTRYPOINT ["/bin/bash", "/usr/local/bin/build-vboxguest-deb.sh"]
diff --git a/shared/vbox-guest-build/build-docker-image.sh b/shared/vbox-guest-build/build-docker-image.sh
new file mode 100755
index 000000000..f3405fe34
--- /dev/null
+++ b/shared/vbox-guest-build/build-docker-image.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+# force-navigate to script directory
+SCRIPT_PATH="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+pushd "$SCRIPT_PATH" >/dev/null 2>&1
+
+docker build -t vboxguest-build:latest .
+
+popd >/dev/null 2>&1
diff --git a/shared/vbox-guest-build/build-vboxguest-deb.sh b/shared/vbox-guest-build/build-vboxguest-deb.sh
new file mode 100755
index 000000000..c34d0749d
--- /dev/null
+++ b/shared/vbox-guest-build/build-vboxguest-deb.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
+
+OUTPUT_DIR="/tmp"
+unset VERBOSE
+
+while getopts o:v opts; do
+   case ${opts} in
+      o) OUTPUT_DIR=${OPTARG} ;;
+      v) VERBOSE=1 ;;
+   esac
+done
+
+set -e
+if [[ -n $VERBOSE ]]; then
+  set -x
+fi
+
+apt-get -y -q update
+
+mkdir -p /tmp/vbox-guest-deb
+
+cd /tmp/vbox-guest-deb
+
+dget http://deb.debian.org/debian/pool/contrib/v/virtualbox/$(curl -fsL 'http://deb.debian.org/debian/pool/contrib/v/virtualbox/' | grep -P 'href="virtualbox_[^"]*?\.dsc' | tail -n 1 | grep -Po '"virtualbox_.+?"' | tr -d '"')
+
+cd virtualbox*dfsg/
+
+mkdir -p /usr/share/man/man1
+
+mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -ir
+
+VBOX_PKG_VERSION=$(export $(grep -P '^VBOX_VERSION_(MAJOR|MINOR|BUILD)' Version.kmk | tr -d ' ') && echo "$VBOX_VERSION_MAJOR.$VBOX_VERSION_MINOR.$VBOX_VERSION_BUILD")
+
+DEBFULLNAME='Seth Grover' DEBEMAIL='malcolm.netsec@gmail.com' dch -bv $VBOX_PKG_VERSION-dfsg-2~~bpo10+1 --distribution buster-backports --force-distribution 'Unofficial backport'
+
+dpkg-buildpackage -b
+
+cd /tmp/vbox-guest-deb
+
+ls -l *.deb && mv -v *.deb "$OUTPUT_DIR"/
+
+cd /tmp
+
+if [[ -n $VERBOSE ]]; then
+  set +x
+fi
+set +e
diff --git a/zeek/config/extractor.zeek b/zeek/config/extractor.zeek
index d481665c8..217e91494 100644
--- a/zeek/config/extractor.zeek
+++ b/zeek/config/extractor.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 @load ./extractor_params
 
diff --git a/zeek/config/extractor_override.interesting.zeek b/zeek/config/extractor_override.interesting.zeek
index a6a8d304b..45a92cba1 100644
--- a/zeek/config/extractor_override.interesting.zeek
+++ b/zeek/config/extractor_override.interesting.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export {
   redef extractor_always_extract_unknown = F;
diff --git a/zeek/config/extractor_params.zeek b/zeek/config/extractor_params.zeek
index 5adfa48dc..bc367a895 100644
--- a/zeek/config/extractor_params.zeek
+++ b/zeek/config/extractor_params.zeek
@@ -1,6 +1,6 @@
 #!/usr/bin/env zeek
 
-# Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+# Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 export {
   const extractor_extract_none      = "none" &redef;
diff --git a/zeek/config/local.zeek b/zeek/config/local.zeek
index b3361c3fb..051eab2f9 100644
--- a/zeek/config/local.zeek
+++ b/zeek/config/local.zeek
@@ -21,12 +21,15 @@ redef SOCKS::default_capture_password = T;
 @load protocols/dhcp/software
 @load protocols/dns/detect-external-names
 @load protocols/ftp/detect
+@load protocols/ftp/detect-bruteforcing.zeek
 @load protocols/ftp/software
 @load protocols/http/detect-sqli
 @load protocols/http/detect-webapps
 @load protocols/http/software
 @load protocols/http/software-browser-plugins
 @load protocols/mysql/software
+@load protocols/ssl/weak-keys
+@load protocols/smb/log-cmds
 @load protocols/smtp/software
 @load protocols/ssh/detect-bruteforcing
 @load protocols/ssh/geo-data
diff --git a/zeek/supervisord.conf b/zeek/supervisord.conf
index f5349bb28..db115cde3 100644
--- a/zeek/supervisord.conf
+++ b/zeek/supervisord.conf
@@ -1,4 +1,4 @@
-; Copyright (c) 2019 Battelle Energy Alliance, LLC.  All rights reserved.
+; Copyright (c) 2020 Battelle Energy Alliance, LLC.  All rights reserved.
 
 [unix_http_server]
 file=/var/run/supervisor.sock   ; (the path to the socket file)