You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@metron.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/09/19 13:59:00 UTC

[jira] [Commented] (METRON-1156) Simulate Triage Rules in the Stellar REPL

    [ https://issues.apache.org/jira/browse/METRON-1156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171741#comment-16171741 ] 

ASF GitHub Bot commented on METRON-1156:
----------------------------------------

Github user nickwallen commented on the issue:

    https://github.com/apache/metron/pull/733
  
    Bump.  
    
    This is useful for debugging your triage rules or even as a way to introduce new users to how threat triage works.  Similar in function and form to the Profile Debugger.
    



> Simulate Triage Rules in the Stellar REPL
> -----------------------------------------
>
>                 Key: METRON-1156
>                 URL: https://issues.apache.org/jira/browse/METRON-1156
>             Project: Metron
>          Issue Type: New Feature
>            Reporter: Nick Allen
>            Assignee: Nick Allen
>             Fix For: Next + 1
>
>
> Troubleshooting issues when programming against a live stream of data is difficult. It would be useful to have a means to run the entire threat triage process within the REPL before deploying your rule set on a Metron cluster.  This creates a set of functions to allow simulation of Threat Triage inside of the Stellar REPL.  This is useful for creating new triage rules, debugging existing triage rules, and to iterate quickly when testing rule sets.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)