metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andre <andre-li...@fucs.org>
Subject Metron enrichment
Date Tue, 16 Aug 2016 22:11:31 GMT
Hi there,

I have been watching the project for a while and was wondering if you be
able to share what is the main motivation / rationale for having the basic
enrichment activities (whois, geoip) within Metron itself?

Couldn't that be also served at the edge during the telemetry collection?(
specially now that you are moving to a closer integration with NiFi)

Is it so that you can enrich both logs and pcaps, while telemetry would be
mostly able to process logs or certain data artfacts?

I thank you in advance

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message