You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@metron.apache.org by FeiChen <c_...@163.com> on 2016/07/05 16:11:05 UTC

答复: Re:Re: where 's the ML module

It is very useful  to me,  i am looking for it . 

 

Thanks a lot

 

JJ

 

发件人: user-return-66-c_chenfei=163.com@metron.incubator.apache.org [mailto:user-return-66-c_chenfei=163.com@metron.incubator.apache.org] 代表 Nick Allen
发送时间: 2016年7月5日 23:26
收件人: user@metron.incubator.apache.org
主题: Re: Re:Re: where 's the ML module

 

We currently have a CLI (command line interface) for extracting raw network packets out of HDFS and producing a libpcap-compliant file that can be opened in tools like Wireshark.  This was part of METRON-235 [1], work completed by @mmiklavcic.  I am not sure if we have better documentation than what is linked to in the JIRA or PR.

 

[1] https://issues.apache.org/jira/browse/METRON-235

 

On Mon, Jul 4, 2016 at 11:05 PM, FeiChen <c_...@163.com> wrote:





and another question is that  how to run the PCAP Topology so that  i can use the search function in the  PCAP panel . i have tried run the pcap topology that it could save the pcap file in hdfs and hbse  and generate the 

pcap index in ES, but it could't work well in  seach pcap function. !

 


At 2016-07-05 10:09:43, "FeiChen" <c_...@163.com> wrote:

 

pleasure to do it   <http://mimg.163.com/jy3style/lib/htmlEditor/portrait/face/preview/face0.gif> 

 and now  i am planing to complete  the model of “attack scene reconstruction”  in cyber security area by using storm topology or MR framework. but i am not  have an clear  idea  about which one should be  used !  and  i am confused about it. so, i want to take a reference from the project "metron.incubator" to learn how to do this.

i have read the links you put, and is it means that in "OpenSOC" project we have not implemented the ML-module yet or other ?

 

Thanks for your help !

Best Regards

 

 

 


At 2016-07-05 04:35:14, "James Sirota" <js...@apache.org> wrote:
>Hi. We are going through the design right now.  You can participate in the design by leaving a comment on the following Jira.  https://issues.apache.org/jira/browse/METRON-265
> 
>04.07.2016, 01:45, "FeiChen" <c_...@163.com>:
>>     Hi
>>             i  had studied a long time about opensoc  project in recent days, now i know that the opensoc project have moved to “metron.incubator” ,  i what to know something about ML-module in "metron.incubator " which it appered in "opensoc" project.
>> someone can help me ?
> 
>------------------- 
>Thank you,
> 
>James Sirota
>PPMC- Apache Metron (Incubating)
>jsirota AT apache DOT org

 

 

 

 





 

-- 

Nick Allen <ni...@nickallen.org>