[GitHub] metron issue #895: METRON-1394:Create Rest endpoint to add the ACL for curre...

Github user MohanDV commented on the issue: https://github.com/apache/metron/pull/895 addressed review comments to add the required ACL to current user while creating a new topic using the rest end point. ---

[GitHub] metron issue #891: METRON-1282 add the required ACL to current user while cr...

Github user MohanDV commented on the issue: https://github.com/apache/metron/pull/891 redundant ---

[GitHub] metron pull request #891: METRON-1282 add the required ACL to current user w...

Github user MohanDV closed the pull request at: https://github.com/apache/metron/pull/891 ---

[DISCUSS] community view/roadmap of threat intel

Hi All, I would like to understand Metron community view on Threat Intel aggregators as well as the roadmap of threat intelligence and threat hunting. There are some open source options available regarding threat intel aggregator such as Minemeld, Hippocampe, etc. Is there any plan to build that

Re: metron-bro-plugin kafka

Thanks Jon. I will try this out. Appreciate your response. On Wed, Feb 14, 2018, 12:08 AM zeo...@gmail.com wrote: > Okay, great. It's possible that you need to do something like the > following to get known devices: > > echo "redef Software::asset_tracking = ALL_HOSTS;"

Re: metron-bro-plugin kafka

Okay, great. It's possible that you need to do something like the following to get known devices: echo "redef Software::asset_tracking = ALL_HOSTS;" >> /usr/local/bro/share/bro/site/local.bro These snippets are from my testing instructions related to adding support for bro 2.5.2 logs (link

[GitHub] metron issue #579: METRON-941 fix PaloAltoParser

Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/579 Im +1 on this. I would like to get comment from @simonellistonball et al on the change for syslog ---

[GitHub] metron issue #916: METRON-1434 - Ability to deploy Metron full dev as a sing...

Github user as22323 commented on the issue: https://github.com/apache/metron/pull/916 Thanks. If needed here is the deployment script that worked with Metron 0.4.1.

Re: metron-bro-plugin kafka

Hi Jon, Other than Known::DEVICES_LOG rest all worked. Thanks, Bharath On Tue, Feb 13, 2018, 4:15 PM zeo...@gmail.com wrote: > Try > > redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG, Conn::LOG, DPD::LOG, > FTP::LOG, Files::LOG, Known::CERTS_LOG, SMTP::LOG, SSL::LOG,

[GitHub] metron issue #936: METRON-1450:Added documentation for random access and bat...

Github user MohanDV commented on the issue: https://github.com/apache/metron/pull/936 @JonZeolla are you referring to metron-platform/metron-indexing/README.md ? ---

[GitHub] metron issue #936: METRON-1450:Added documentation for random access and bat...

Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/936 Would you also mind updating the main README? ---

[GitHub] metron pull request #936: METRON-1450:Added documentation for random access ...

GitHub user MohanDV opened a pull request: https://github.com/apache/metron/pull/936 METRON-1450:Added documentation for random access and batch indexing topology rest endpoints ## Contributor Comments Added documentation for random access and batch indexing topology

Re: metron-bro-plugin kafka

Try redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG, Conn::LOG, DPD::LOG, FTP::LOG, Files::LOG, Known::CERTS_LOG, SMTP::LOG, SSL::LOG, Weird::LOG, Notice::LOG, DHCP::LOG, SSH::LOG, Software::LOG, RADIUS::LOG, X509::LOG, Known::DEVICES_LOG, RFB::LOG, Stats::LOG, CaptureLoss::LOG, SIP::LOG);

metron-bro-plugin kafka

Hi Team, Can some one help me out on the list of redef Kafka::logs_to_send values? I want to push all logs generated by bro to Kafka. I tried adding log file name but getting bro is crashing Ex weird::LOG, Files::LOG Thanks, Bharath

[GitHub] metron issue #895: METRON-1394:Create Rest endpoint to add the ACL for curre...

Github user MohanDV commented on the issue: https://github.com/apache/metron/pull/895 I have reopened my earlier pull request (https://github.com/apache/metron/pull/891) where I am adding the required acl's while creating the topic, without a separate endpoint. ---