metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Leet <justinjl...@gmail.com>
Subject Re: Cloudtrail use case
Date Fri, 06 Oct 2017 13:32:01 GMT
I totally forgot you added that.  100% think it belongs there.

On Fri, Oct 6, 2017 at 9:26 AM, Casey Stella <cestella@gmail.com> wrote:

> There is actually a use-cases top level directory with worked examples in
> them.  They get picked up by the doc book too!  I'd suggest putting it
> there, thoughts?
>
> On Fri, Oct 6, 2017 at 8:44 AM, Nick Allen <nick@nickallen.org> wrote:
>
> > Yes, agreed, Justin.  I guess my main point to Laurens was meant to be
> that
> > the actual destination of the use case should be the least of our
> worries.
> > However Laurens wants to write it up will work. If you type it up, throw
> it
> > in an envelope, seal it with a stamp, and physically mail it to me, I
> will
> > make sure it lands in the right place. :)
> >
> >
> >
> > On Thu, Oct 5, 2017 at 9:20 PM Justin Leet <justinjleet@gmail.com>
> wrote:
> >
> > > I know we've had discussions about migrating stuff into docs before.
> It
> > > might be worth resurrecting a more use case focused version of that,
> > > instead of starting on the wiki.  I assume the end goal is availability
> > in
> > > the site-book, so even if it's not in a perfect place, I'd rather the
> > > effort be spent on making it pretty there.
> > >
> > > I think there's a few floating around that could use a home, so the
> > > discussion might make life easier for multiple things.  Some from the
> > wiki,
> > > some from random READMEs we could relocate and link, some from
> > > presentations and so on.
> > >
> > > Having said all that, I know discuss threads can take a few days to
> > > resolve, so wiki and then convert might be the lesser of two evils.
> > >
> > >
> > > On Thu, Oct 5, 2017 at 6:54 PM, Nick Allen <nick@nickallen.org> wrote:
> > >
> > > > We don't really have a location in the source code for use cases like
> > > this
> > > > right now.  But I think it is so important that we get use cases like
> > > this
> > > > published somewhere.  For now, you could add this to the Wiki.  Then
> > > later
> > > > on we can figure out how to handle that.
> > > >
> > > > On Thu, Oct 5, 2017 at 6:49 PM, Laurens Vets <laurens@daemon.be>
> > wrote:
> > > >
> > > > > On 2017-10-05 15:45, Laurens Vets wrote:
> > > > >
> > > > >> Hi,
> > > > >>
> > > > >> Would anyone be interested in adding a full AWS Cloudtrail use
> case
> > to
> > > > >> the Metron documentation? I would roughly consist of:
> > > > >> - Apache NiFi configuration to retrieve Cloudtrail logs from
S3
> and
> > > > >> send it to Metron via Kafka.
> > > > >> - Complete Metron sensor configuration (enrichment, alerting,
> > etc...)
> > > > for
> > > > >> this.
> > > > >>
> > > > >
> > > > > Sent too soon :(
> > > > >
> > > > > If anyone would be interested in this documentation, where would
> add
> > > this
> > > > > in the source?
> > > > >
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message