Re: HCP in Cloud infrastructures such as AWS , GCP, AZURE

context stored in Solr using the following techniques: 1. Only index the fields you might search on. 2. Reduce the formats you store in Solr to only those you will want to see in the Alerts UI. 3. Reduce the length of time you store data in Solr. Thanks Carolyn Duby Solutions Engineer, Northeast cd

Re: Investigator UI meta-alerts

Hi Oliver I still saw Meta alerts even when I was filtering for alerts = true but I am using an earlier version. You may want to try filtering by score instead. A meta-alert should have a non-zero score if it includes alerts. Carolyn Duby Solutions Engineer, Northeast cd...@hortonworks.com

Re: Architectural reason to split in 4 topologies / impact on the kafka ressources

choice on the sensor type whether you want to include the original string in the index not. Thanks Carolyn Duby Solutions Engineer, Northeast cd...@hortonworks.com +1.508.965.0584 Join my team! Enterprise Account Manager – Boston - http://grnh.se/wepchv1 Solutions Engineer – Boston - http

Re: Writing enrichment data directly from NiFi with PutHBaseJSON

Agreed….Streaming enrichments is the right solution for DNS data. Do we have a web service for writing enrichments? Carolyn Duby Solutions Engineer, Northeast cd...@hortonworks.com +1.508.965.0584 Join my team! Enterprise Account Manager – Boston - http://grnh.se/wepchv1 Solutions Engineer

Re: Writing enrichment data directly from NiFi with PutHBaseJSON

Carolyn Duby Solutions Engineer, Northeast cd...@hortonworks.com +1.508.965.0584 Join my team! Enterprise Account Manager – Boston - http://grnh.se/wepchv1 Solutions Engineer – Boston - http://grnh.se/8gbxy41 Need Answers? Try https://community.hortonworks.com <https://community.hortonworks.

Re: Writing enrichment data directly from NiFi with PutHBaseJSON

dhanase After the enrichment data is in Hbase, create an event and add it to the rangeradmin topic. For example if the reqUser field is set to nnolan, the enriched event will have the following fields: enrichments:hbaseEnr

Suricata parser

Is anyone working on a Suricata parser? https://suricata-ids.org/ I was not able to find an enhancement request for it. Thanks Carolyn

Re: So we graduated...

Nice! That's great news! Sent from my Verizon, Samsung Galaxy smartphone Original message From: David Lyle Date: 4/20/17 5:16 PM (GMT-05:00) To: dev@metron.apache.org Subject: Re: So we graduated... Outstanding! Great work everyone. Building a TLP worthy community is diffi