[ https://issues.apache.org/jira/browse/METRON-984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16100027#comment-16100027 ]
ASF GitHub Bot commented on METRON-984: --------------------------------------- Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/642 @cestella are we still OK with this? I'd like to get it in > Create STELLAR Decoding Functions > --------------------------------- > > Key: METRON-984 > URL: https://issues.apache.org/jira/browse/METRON-984 > Project: Metron > Issue Type: Improvement > Reporter: Jon Zeolla > Assignee: Otto Fowler > > It is rather commonplace for malicious actors to obfuscate exploits or data > transfers using encoding. In order to identify and prioritize responses to > (or automatically mitigate) those attacks during threat triage we should have > a method for decoding in Stellar. Some initial thoughts would be to handle > percent/URL encoding, base64, base32, base16/hex, HTML encoding, etc. > I would expect that something like DECODE(something, encoding_type, > optional_failure_mode) would return the contents of field "something" after > attempting to decode it via "encoding_type". If decoding fails, > optional_failure_mode would indicate whether or not to fail the message and > send it to the error topology, or to simply return the contents of the > original field "something" (in this example). -- This message was sent by Atlassian JIRA (v6.4.14#64029)