Re: Threat Feeds

Anomali provides a free STIX/TAXXI client called STAXX. They announced it around the same time the announcements came out that Soltra was being sold to NC4 and going commercial/fee-based. I don't believe it is open source though; just free for use. -Kyle On Thu, Mar 30, 2017 at 7:52 AM, Vladimir

Re: Journey out of the Incubator (update)

That's awesome! Thanks, Casey! -Kyle On Tue, Apr 4, 2017 at 12:07 AM, Matt Foley wrote: > Outstanding! > > From: Nick Allen > Reply-To: "user@metron.incubator.apache.org" < > user@metron.incubator.apache.org> > Date: Monday, April 3, 2017 at 3:53 PM > To:

Re: Building a customized version of ASA parser with Grok

gt; >>> On 8 Mar 2017, at 00:13, Ali Nazemian <alinazem...@gmail.com> wrote: >>> >>> Hi Kyle, >>> >>> Thank you very much. I should have asked the question earlier. We have >>> done the most of the Grok statement implementations so far

Re: Building a customized version of ASA parser with Grok

Hi Ali, There is a grok-based ASA parser included in the Metron code base that you can try out. If you find it's missing patterns or requires modifications, I'd be happy to work with you to improve on it. You should be able to test it out by creating a new Kafka topic 'asa' and pointing your raw