You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@metron.apache.org by "Casey Stella (JIRA)" <ji...@apache.org> on 2016/02/13 07:43:18 UTC
[jira] [Created] (METRON-35) Implement threat intelligence message
enrichment
Casey Stella created METRON-35:
----------------------------------
Summary: Implement threat intelligence message enrichment
Key: METRON-35
URL: https://issues.apache.org/jira/browse/METRON-35
Project: Metron
Issue Type: New Feature
Reporter: Casey Stella
Assignee: Casey Stella
Create the infrastructure to
* Bulk ingest threat intelligence feeds from CSV and Stix data sources into HBase
* Enrich messages who have fields which match the threat intelligence data in HBase
* Create the infrastructure to remove unused threat intelligence data
* Augment the Packet capture topology to incorporate a malicious IP threat intel tagger
The tagging infrastructure much meet the following criteria:
* They are downstream of the enrichments
* The threat intelligence bolts execute in parallel with a similar architecture as the enrichments (i.e. split and join).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)