metron-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sean Schulte (JIRA)" <>
Subject [jira] [Created] (METRON-11) FalconHose Parser and Topology
Date Wed, 06 Jan 2016 17:20:39 GMT
Sean Schulte created METRON-11:

             Summary: FalconHose Parser and Topology
                 Key: METRON-11
             Project: Metron
          Issue Type: Improvement
            Reporter: Sean Schulte

FalconHose events are generated by the CrowdStrike Falcon Host sensor.

Their platform does its own pre-processing, so every one of these events is considered an

They are in JSON format, and there are a few different event types that we'll support.

This requires:

* parser
* alert adapter
* topology definition

This message was sent by Atlassian JIRA

View raw message