metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Allen <n...@nickallen.org>
Subject Re: [DISCUSS] Entity Profiler
Date Fri, 05 Aug 2016 14:54:21 GMT
https://issues.apache.org/jira/browse/METRON-309



On Fri, Aug 5, 2016 at 8:58 AM, Casey Stella <cestella@gmail.com> wrote:

> I don't think the attachment came through, Nick.  Can you post the PDF on
> the JIRA?
>
> On Wed, Aug 3, 2016 at 4:22 PM, Nick Allen <nick@nickallen.org> wrote:
>
> > I have been thinking through the implementation of something that I am
> > calling the "Entity Profiler."  The idea/concept was passed on to me by
> > James Sirota and I think it would be very useful as a part of Metron.
> >
> > I have a draft design that I would love to get feedback on.  Please see
> > the attached PDF.  If anything is not clear, please let me know.
> >
> > *The Entity Profiler is a feature extraction mechanism that can capture a
> > Profile that describes any Entity on a network.  The Entity might be a
> > server, user, subnet or application.  The Profile itself is simply a time
> > series of numeric values.  *
> >
> >
> >
> > *The Entity Profiler will enable feature extraction using sliding windows
> > over streaming telemetry data.  The Entity Profiler will enable a summary
> > statistic to be applied to raw data over a given time horizon.
> Collecting
> > these values across many time horizons results in a time series that is
> > useful for analysis.*
> >
> >
> >
> > Hopefully that is enough of a tease to gain your interest.
> >
> > Thanks
> >
> >
> >
> > --
> > Nick Allen <nick@nickallen.org>
> >
>



-- 
Nick Allen <nick@nickallen.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message