[ https://issues.apache.org/jira/browse/METRON-11?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15106348#comment-15106348 ]
James Sirota commented on METRON-11: ------------------------------------ Can you provide what a sample telemetry message for this topology would look like? thanks > FalconHose Parser and Topology > ------------------------------ > > Key: METRON-11 > URL: https://issues.apache.org/jira/browse/METRON-11 > Project: Metron > Issue Type: Improvement > Reporter: Sean Schulte > > FalconHose events are generated by the CrowdStrike Falcon Host sensor. > Their platform does its own pre-processing, so every one of these events is > considered an "alert". > They are in JSON format, and there are a few different event types that we'll > support. > This requires: > * parser > * alert adapter > * topology definition -- This message was sent by Atlassian JIRA (v6.3.4#6332)