THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Metron Consists of the following modules:
Module Name | Module Description | Current Version | Documentation Reference | Github Reference |
---|---|---|---|---|
Metron Streaming - Parser Topology | Topology for normalizing telemetry from native sensor formats to the Metron JSON | 0.1BETA | Streaming | |
Metron Streaming - Enrichment/Threat Intel Topology | Topology for enrichment of Metron JSON messages, cross referencing them against threat intel stores, and firing alerts | 0.1BETA | Streaming | |
Metron Streaming - PCAP Topology | Topology for streaming network packets into HDFS for use with the PCAP Service | 0.1BETA | PCAP Topology | |
Metron PCAP Service | Service for running analytics/filtering on the PCAP files in HDFS put there by the PCAP Topology | 0.1BETA | PCAP Service | |
Metron Sensors | Sensors feeding Metron dashboards and analytics | 0.1BETA | Sensors | |
Metron Data Loaders | Loaders for bulk loading enrichment and threat intelligence stores | 0.1BETA | Data Loads | |
Metron UI | Metron SOC Analyst UI | 0.1BETA | UI | |
Metron Deployment Scripts | Scripts for automating Metron deployments | 0.1BETA |