THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
| Table of Contents |
|---|
Metron Components
Metron Modules
Metron Consists of the following modules:
...
| Module Name | Module Description | Current Version | Documentation Reference | Github Reference |
|---|---|---|---|---|
| metron-platform - metron-parsers | Topology for normalizing telemetry from native sensor formats to the Metron JSON | 0.1BETA | Streaming | https://github.com/apache/incubator-metron/tree/master/metron-streaming |
| metron-platform - metron-enrichment | Topology for enrichment of Metron JSON messages, cross referencing them against threat intel stores, and firing alerts | 0.1BETA | Streaming | https://github.com/apache/incubator-metron/tree/master/metron-streaming |
| metron-platform - metron-pcap | Topology for streaming network packets into HDFS for use with the PCAP Service | 0.1BETA | PCAP Topology | https://github.com/apache/incubator-metron/tree/master/metron-streaming |
| metron-platform - metron-api | Service for running analytics/filtering on the PCAP files in HDFS put there by the PCAP Topology | 0.1BETA | PCAP Service | https://github.com/apache/incubator-metron/tree/master/metron-streaming/Metron-Pcap_Service |
| metron-sensors | Sensors feeding Metron dashboards and analytics | 0.1BETA | Sensors | https://github.com/apache/incubator-metron/tree/master/metron-streaming/Metron-MessageParsers |
| metron-platform - metron-data-management | Loaders for bulk loading enrichment and threat intelligence stores | 0.1BETA | Data Loads | https://github.com/apache/incubator-metron/tree/master/metron-streaming/Metron-DataLoads |
| metron-ui | Metron SOC Analyst UI | 0.1BETA | UI | https://github.com/apache/incubator-metron/tree/master/metron-ui |
| metron-deployment | Scripts for automating Metron deployments | 0.1BETA | Deployment Scripts | https://github.com/apache/incubator-metron/tree/master/deployment |
Domain Specific Languages
In Metron, we have two domain specific languages which are used for filtering and simple data transformation:
Logical Architecture
The below diagram depicts the logical components of the Metron Platform.
The below subsection traces an event as it flows through these different logical components.
...