metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nickwallen <...@git.apache.org>
Subject [GitHub] incubator-metron issue #426: METRON-675: Make Threat Triage rules able to be...
Date Tue, 31 Jan 2017 20:55:18 GMT
Github user nickwallen commented on the issue:

    https://github.com/apache/incubator-metron/pull/426
  
    +1 Works great.  Spun everything up, followed your script, created my own triage rules
and validated the scoring.  
    
    The 'RiskLevelRule' POJO certainly makes things a little cleaner.
    
    As a random side note, will be really cool when the aggregation of the scores is just
Stellar code, rather than MAX or SUM. This would allow us to plug-in a real model for scoring
the alerts.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message