metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Casey Stella <ceste...@gmail.com>
Subject Re: Cloudtrail use case
Date Fri, 06 Oct 2017 13:26:04 GMT
There is actually a use-cases top level directory with worked examples in
them.  They get picked up by the doc book too!  I'd suggest putting it
there, thoughts?

On Fri, Oct 6, 2017 at 8:44 AM, Nick Allen <nick@nickallen.org> wrote:

> Yes, agreed, Justin.  I guess my main point to Laurens was meant to be that
> the actual destination of the use case should be the least of our worries.
> However Laurens wants to write it up will work. If you type it up, throw it
> in an envelope, seal it with a stamp, and physically mail it to me, I will
> make sure it lands in the right place. :)
>
>
>
> On Thu, Oct 5, 2017 at 9:20 PM Justin Leet <justinjleet@gmail.com> wrote:
>
> > I know we've had discussions about migrating stuff into docs before.  It
> > might be worth resurrecting a more use case focused version of that,
> > instead of starting on the wiki.  I assume the end goal is availability
> in
> > the site-book, so even if it's not in a perfect place, I'd rather the
> > effort be spent on making it pretty there.
> >
> > I think there's a few floating around that could use a home, so the
> > discussion might make life easier for multiple things.  Some from the
> wiki,
> > some from random READMEs we could relocate and link, some from
> > presentations and so on.
> >
> > Having said all that, I know discuss threads can take a few days to
> > resolve, so wiki and then convert might be the lesser of two evils.
> >
> >
> > On Thu, Oct 5, 2017 at 6:54 PM, Nick Allen <nick@nickallen.org> wrote:
> >
> > > We don't really have a location in the source code for use cases like
> > this
> > > right now.  But I think it is so important that we get use cases like
> > this
> > > published somewhere.  For now, you could add this to the Wiki.  Then
> > later
> > > on we can figure out how to handle that.
> > >
> > > On Thu, Oct 5, 2017 at 6:49 PM, Laurens Vets <laurens@daemon.be>
> wrote:
> > >
> > > > On 2017-10-05 15:45, Laurens Vets wrote:
> > > >
> > > >> Hi,
> > > >>
> > > >> Would anyone be interested in adding a full AWS Cloudtrail use case
> to
> > > >> the Metron documentation? I would roughly consist of:
> > > >> - Apache NiFi configuration to retrieve Cloudtrail logs from S3 and
> > > >> send it to Metron via Kafka.
> > > >> - Complete Metron sensor configuration (enrichment, alerting,
> etc...)
> > > for
> > > >> this.
> > > >>
> > > >
> > > > Sent too soon :(
> > > >
> > > > If anyone would be interested in this documentation, where would add
> > this
> > > > in the source?
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message