nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Witt <>
Subject Re: Opinion wanted: Cyber orchestration "distro"
Date Tue, 06 Mar 2018 17:17:21 GMT

You're definitely free to do such a thing - it basically sounds like a
'cyber security focused nifi powered distro' which means largely an
assembly that pulls in cybersecurity specific/relevant extensions and
the base framework.

You just cannot call that thing 'Apache NiFi/NiFi', need to honor its
marks, and the ASLv2.  But otherwise you're pretty much good to go.  I
do think you should consider contributing components that are ASLv2
friendly and for which their might be value in the apache nifi
community directly and I think this is a great example of why we
want/need an extension registry mechanism and path to provide
extensions outside the big bang release.


On Tue, Mar 6, 2018 at 12:08 PM, Andy LoPresto <> wrote:
> Andre,
> I’m happy to contribute and review code for this distro. I think it’s a
> great idea, and hopefully will be bolstered by the Registry effort where we
> can make pre-selected NAR groups for different focuses (cybersecurity, IIoT,
> ML, etc.).
> Andy LoPresto
> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
> On Mar 6, 2018, at 12:07 AM, Andre <> wrote:
> Folks,
> I have been privately working on a number of "processors" focused on
> orchestration of cyber security related activities (eg update firewall
> rules with data provided via an HTTP endpoint) etc.
> While some of these tasks can be easily solved with generic NiFi components
> or with little (or no custom processors at all) truth is that most security
> practitioners just don't get it.
> Result is that unless you show up with a processor called UpdateCiscoAcl
> (random example), people's brains just melt.
> I have been considering spinning up a separate project, based on a cut down
> version of NiFi, that will employ the base framework towards this specific
> use case by publishing specific processors that generally do not appeal to
> the rest of the crowd.
> My base rationale is the following:
> - Reduce the need to add processors to the master tree and require people
> to review processors that are of very limited use outside specific contexts.
> - Improve overall user experience for this particular use case
> - Reduce impact to the NiFi brand by the release of code that errr, may not
> be up to the standards of my fellow committers ;-)
> Given my position as a PMC member and profound respect to all of you, I
> would like to reach out to the rest of the team for you overall thoughts
> about this?
> Looking forward to hearing from you.

View raw message