metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Allen <n...@nickallen.org>
Subject Re: [Discuss] Situational Awareness Zeppelin Dashboard
Date Tue, 24 Jan 2017 15:27:19 GMT
I should clarify, the examples above would be for the YAF flows.  The other
default sensors, would obviously be different.

On Tue, Jan 24, 2017 at 10:09 AM, Nick Allen <nick@nickallen.org> wrote:

> I would like to create a Zeppelin dashboard that provides some level of
> situational awareness for each of the data sources.  What do you guys think
> that should look-like?  A few thoughts on what could be included.
>
>    - Top external hosts with geo-location
>    - Number of total flows per hour
>    - Geo-location of flows
>    - Number of internal flows per hour
>    - Number of internal-external flows per hour
>    - Average flow length per hour
>    - Centrality and betweenness measures
>
>
>


-- 
Nick Allen <nick@nickallen.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message