Casey Stella created METRON-93:
----------------------------------
Summary: Generalize the HBase threat intel infrastructure to
support enrichments
Key: METRON-93
URL: https://issues.apache.org/jira/browse/METRON-93
Project: Metron
Issue Type: Improvement
Reporter: Casey Stella
Assignee: Casey Stella
As it stands, the threat intel infrastructure is awkward. Namely, different
threat intelligence sources must be pushed into separate hbase tables
(malicious_ips separate form malicious_hosts, for instance). We'd rather have
one table where the type is brought into the rowkey. Since this infrastructure
is generalized, also add a simple hbase enrichment adapter.
Furthermore, the configuration for a new enrichment should be added to
zookeeper as part of the data load.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
