You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@metron.apache.org by Geeks Girls <ge...@gmail.com> on 2020/04/04 04:43:47 UTC

Metron alerts ui

Hi,

How can I control the log entry being pushed as alerts in alertsui? I
configured bro device and using threat feed to find whether source IP is
malicious or not. Only entries with malicious ip should be sent to the ui
and now all entries are going to Metron alertsui.please help.



-Jai

Re: Metron alerts ui

Posted by Geeks Girls <ge...@gmail.com>.

Thanks a lot.

On Fri, 10 Apr, 2020, 3:36 AM Yerex, Tom, <to...@ubc.ca> wrote:

> Good afternoon Jai,
>
> I think that might be how the system currently behaves, if I am reading
> this post correctly:
>
> hxxps://
> community.cloudera.com/t5/Support-Questions/Metron-Alerts-UI/td-p/198406
>
> Cheers,
>
> Tom
>
>
>
> On 2020-04-03 21:46:29-07:00 Geeks Girls wrote:
>
> Hi,
> How can I control the log entry being pushed as alerts in alertsui? I
> configured bro device and using threat feed to find whether source IP is
> malicious or not. Only entries with malicious ip should be sent to the ui
> and now all entries are going to Metron alertsui.please help.
> -Jai
>
>

RE: Metron alerts ui

Posted by "Yerex, Tom" <to...@ubc.ca>.

Good afternoon Jai,

I think that might be how the system currently behaves, if I am reading this post correctly:

hxxps://community.cloudera.com/t5/Support-Questions/Metron-Alerts-UI/td-p/198406

Cheers,

Tom



On 2020-04-03 21:46:29-07:00 Geeks Girls wrote:

Hi,
How can I control the log entry being pushed as alerts in alertsui? I configured bro device and using threat feed to find whether source IP is malicious or not. Only entries with malicious ip should be sent to the ui and now all entries are going to Metron alertsui.please help.
-Jai