Hello, Thankyou for answering my call to help.
I am going to use it for the purpose of research at graduate level, and may scale it on a production level. I am targeting a few labs on this floor , that approximately accumulates upto 30-40 people using the network. I am open to options of using YAF, BRO, SNORT and others. Once started then I may also expand it in the future. What are your recommendations on the stated requirements. Best Regards. On Wed, Sep 6, 2017 at 3:06 PM, [email protected] <[email protected]> wrote: > There are a few questions that need to be answered first. How do you plan > to monitor the LAN? Are you going to run YAF, Bro, Snort, others? How big > is your LAN, how much traffic traverses it, what is the traffic composition > (heavily impacts the amount of logs from Bro/YAF/Snort), how much retention > of data do you want, do you plan to store PCAP? > > Jon > > On Wed, Sep 6, 2017, 01:59 Syed Hammad Tahir <[email protected]> wrote: > >> Hello, >> >> I intend to use Apache Metron framework for the analysis of our local >> area network. What is the best way to get started? Which installation is >> most suitable for me as listed in the following link: >> https://cwiki.apache.org/confluence/display/METRON/Installation >> >> Kindly help me with this. >> >> Regards. >> > -- > > Jon >
