metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Allen <n...@nickallen.org>
Subject Re: [Discuss] Situational Awareness Zeppelin Dashboard
Date Tue, 31 Jan 2017 15:27:04 GMT
To bring this discussion thread full circle, I have completed a notebook
that is ready for all to review.  I have also attached screenshots of the
notebook to the JIRA.

* https://issues.apache.org/jira/browse/METRON-676
* https://github.com/apache/incubator-metron/pull/427

On Tue, Jan 24, 2017 at 10:27 AM, Nick Allen <nick@nickallen.org> wrote:

> I should clarify, the examples above would be for the YAF flows.  The
> other default sensors, would obviously be different.
>
> On Tue, Jan 24, 2017 at 10:09 AM, Nick Allen <nick@nickallen.org> wrote:
>
>> I would like to create a Zeppelin dashboard that provides some level of
>> situational awareness for each of the data sources.  What do you guys think
>> that should look-like?  A few thoughts on what could be included.
>>
>>    - Top external hosts with geo-location
>>    - Number of total flows per hour
>>    - Geo-location of flows
>>    - Number of internal flows per hour
>>    - Number of internal-external flows per hour
>>    - Average flow length per hour
>>    - Centrality and betweenness measures
>>
>>
>>
>
>
> --
> Nick Allen <nick@nickallen.org>
>



-- 
Nick Allen <nick@nickallen.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message