metron-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Casey Stella (JIRA)" <j...@apache.org>
Subject [jira] [Created] (METRON-35) Implement threat intelligence message enrichment
Date Sat, 13 Feb 2016 06:43:18 GMT
Casey Stella created METRON-35:
----------------------------------

             Summary: Implement threat intelligence message enrichment
                 Key: METRON-35
                 URL: https://issues.apache.org/jira/browse/METRON-35
             Project: Metron
          Issue Type: New Feature
            Reporter: Casey Stella
            Assignee: Casey Stella


Create the infrastructure to 
* Bulk ingest threat intelligence feeds from CSV and Stix data sources into HBase
* Enrich messages who have fields which match the threat intelligence data in HBase
* Create the infrastructure to remove unused threat intelligence data
* Augment the Packet capture topology to incorporate a malicious IP threat intel tagger

The tagging infrastructure much meet the following criteria:
* They are downstream of the enrichments
* The threat intelligence bolts execute in parallel with a similar architecture as the enrichments
(i.e. split and join).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message