[CALL FOR TEST DATA] Request help identifying public domain or opensource test data sets for Metron testing

2016-10-07 Thread Matt Foley
Hi all, Enhanced testing of Metron, especially performance testing, would be aided by having data sets of realistic size, that exercise one or more of the various parts of Metron: * each Parser (bro, yaf, snort, squid, ...) * each Enhancer (geo, user, assets, ...) * each Threat

Re: [CALL FOR TEST DATA] Request help identifying public domain or opensource test data sets for Metron testing

2016-10-07 Thread Matt Foley
ors for BlueCoat, Unix, MS Exchange, MS Windows and we would gladly contribute them. Can you please share the procedure for submitting these peaces? Thank you. - Dima On 10/08/2016 01:49 AM, Matt Foley wrote: > Hi all, > Enhanced testing of Metron, especially performance testing, would be

Re: Getting Started / Acquring a Mentor

2016-10-19 Thread Matt Foley
Hi Tyler, If no one’s said it yet, welcome to the community! :-) Your idea of extending Security Monitoring to include physical/video inputs sounds really interesting. To contribute to Metron, you’ll want to follow the instructions at

Re: DTCC and FS-ISAC Announce Soltra Wind Down

2016-11-15 Thread Matt Foley
I would guess the majority of users aren’t specifically financial industry, and therefore not in their desired sweet spot for whom to provide services to on a non-profit basis.  Hopefully they will do a proper job of putting it into OSS.  Someone from Apache should perhaps suggest to them

Re: Offset lag for Kafka - Storm Throwing error

2017-01-11 Thread Matt Foley
Hi Tyler, HDP-2.5 uses Storm 1.0.1, not 1.1.0. Specifically, - HDP-2.5.0.0 has Storm build 1.0.1.2.5.0.0-1245 - HDP-2.5.3.0 (the December maintenance release) has Storm build 1.0.1.2.5.3.0-37 The “1.0.1” is the Apache version number, the “2.5.x.y” is the HDP version number,

Re: [ANNOUNCE] Apache Metron (incubating) 0.3.1 is released

2017-03-17 Thread Matt Foley
Bravo! Congrats to the whole team for all the work in this. I’ve also linked the “Metron User Guide” into the wiki docs, at the top of https://cwiki.apache.org/confluence/display/METRON/Documentation Thanks, --Matt From: Casey Stella Reply-To:

Re: a proper entry level documentation

2017-03-08 Thread Matt Foley
Umesh, thanks very much for writing this up.  I’d like to add it to the Metron wiki.  Is that okay with you? Also, what version of Metron was used?  Your instructions imply you built from “master” branch of github site, which means you would be on the newest post-0.3.1 code (call it

Re: a proper entry level documentation

2017-03-10 Thread Matt Foley
net> Date: Wednesday, March 8, 2017 at 5:18 PM To: Matt Foley <ma...@apache.org> Cc: "user@metron.incubator.apache.org" <user@metron.incubator.apache.org> Subject: Re: a proper entry level documentation Hi Matt, Yes I have no issues in that, in fact I would be happy if