metron-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Casey Stella (JIRA)" <>
Subject [jira] [Created] (METRON-35) Implement threat intelligence message enrichment
Date Sat, 13 Feb 2016 06:43:18 GMT
Casey Stella created METRON-35:

             Summary: Implement threat intelligence message enrichment
                 Key: METRON-35
             Project: Metron
          Issue Type: New Feature
            Reporter: Casey Stella
            Assignee: Casey Stella

Create the infrastructure to 
* Bulk ingest threat intelligence feeds from CSV and Stix data sources into HBase
* Enrich messages who have fields which match the threat intelligence data in HBase
* Create the infrastructure to remove unused threat intelligence data
* Augment the Packet capture topology to incorporate a malicious IP threat intel tagger

The tagging infrastructure much meet the following criteria:
* They are downstream of the enrichments
* The threat intelligence bolts execute in parallel with a similar architecture as the enrichments
(i.e. split and join).

This message was sent by Atlassian JIRA

View raw message