[
https://issues.apache.org/jira/browse/METRON-675?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15847494#comment-15847494
]
ASF GitHub Bot commented on METRON-675:
---------------------------------------
Github user nickwallen commented on the issue:
https://github.com/apache/incubator-metron/pull/426
+1 Works great. Spun everything up, followed your script, created my own
triage rules and validated the scoring.
The 'RiskLevelRule' POJO certainly makes things a little cleaner.
As a random side note, will be really cool when the aggregation of the
scores is just Stellar code, rather than MAX or SUM. This would allow us to
plug-in a real model for scoring the alerts.
> Make Threat Triage rules able to be assigned names and comments
> ---------------------------------------------------------------
>
> Key: METRON-675
> URL: https://issues.apache.org/jira/browse/METRON-675
> Project: Metron
> Issue Type: Improvement
> Reporter: Casey Stella
> Assignee: Casey Stella
> Fix For: 0.3.1
>
>
> There may be many, many threat triage rules. To help organize these, we
> should make them slightly more complex than a simple key/value as we have it
> now. We should add optional name and optional comment fields.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
