metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Leet <>
Subject Re: Cloudtrail use case
Date Fri, 06 Oct 2017 01:20:34 GMT
I know we've had discussions about migrating stuff into docs before.  It
might be worth resurrecting a more use case focused version of that,
instead of starting on the wiki.  I assume the end goal is availability in
the site-book, so even if it's not in a perfect place, I'd rather the
effort be spent on making it pretty there.

I think there's a few floating around that could use a home, so the
discussion might make life easier for multiple things.  Some from the wiki,
some from random READMEs we could relocate and link, some from
presentations and so on.

Having said all that, I know discuss threads can take a few days to
resolve, so wiki and then convert might be the lesser of two evils.

On Thu, Oct 5, 2017 at 6:54 PM, Nick Allen <> wrote:

> We don't really have a location in the source code for use cases like this
> right now.  But I think it is so important that we get use cases like this
> published somewhere.  For now, you could add this to the Wiki.  Then later
> on we can figure out how to handle that.
> On Thu, Oct 5, 2017 at 6:49 PM, Laurens Vets <> wrote:
> > On 2017-10-05 15:45, Laurens Vets wrote:
> >
> >> Hi,
> >>
> >> Would anyone be interested in adding a full AWS Cloudtrail use case to
> >> the Metron documentation? I would roughly consist of:
> >> - Apache NiFi configuration to retrieve Cloudtrail logs from S3 and
> >> send it to Metron via Kafka.
> >> - Complete Metron sensor configuration (enrichment, alerting, etc...)
> for
> >> this.
> >>
> >
> > Sent too soon :(
> >
> > If anyone would be interested in this documentation, where would add this
> > in the source?
> >

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message